import gnutls-3.8.7-3.el10

.gitignore

@@ -0,0 +1,4 @@
+SOURCES/gmp-6.2.1.tar.xz
+SOURCES/gnutls-3.8.7.1.tar.xz
+SOURCES/gnutls-3.8.7.1.tar.xz.sig
+SOURCES/nettle-3.10-hobbled.tar.xz

.gnutls.metadata

@@ -0,0 +1,4 @@
+0578d48607ec0e272177d175fd1807c30b00fdf2 SOURCES/gmp-6.2.1.tar.xz
+d66729d963c7a5fb170e4b3afeb63702a9ccd265 SOURCES/gnutls-3.8.7.1.tar.xz
+d4c1e07e58e09279687542c10d4463c62d12e3ce SOURCES/gnutls-3.8.7.1.tar.xz.sig
+762cc3c0a8cf735353927607a147d7bb802b5aad SOURCES/nettle-3.10-hobbled.tar.xz

SOURCES/gnutls-3.2.7-rpath.patch

@@ -0,0 +1,12 @@
+diff -ur gnutls-3.2.7.orig/configure gnutls-3.2.7/configure
+--- gnutls-3.2.7.orig/configure	2013-11-23 11:09:49.000000000 +0100
++++ gnutls-3.2.7/configure	2013-11-25 16:53:05.559440656 +0100
+@@ -39652,7 +39652,7 @@
+ shlibpath_overrides_runpath=unknown
+ version_type=none
+ dynamic_linker="$host_os ld.so"
+-sys_lib_dlsearch_path_spec="/lib /usr/lib"
++sys_lib_dlsearch_path_spec="/lib /usr/lib /lib64 /usr/lib64"
+ need_lib_prefix=unknown
+ hardcode_into_libs=no
+ 

SOURCES/gnutls-3.7.2-no-explicit-init.patch

@@ -0,0 +1,33 @@
+From c7f4ce40eaecafdefbf4db0ac2d3665bc0c41b33 Mon Sep 17 00:00:00 2001
+From: rpm-build <rpm-build>
+Date: Tue, 21 Nov 2023 14:13:38 +0900
+Subject: [PATCH] gnutls-3.7.2-no-explicit-init.patch
+
+Signed-off-by: rpm-build <rpm-build>
+---
+ lib/global.c | 9 ---------
+ 1 file changed, 9 deletions(-)
+
+diff --git a/lib/global.c b/lib/global.c
+index 924ec94..3baa202 100644
+--- a/lib/global.c
++++ b/lib/global.c
+@@ -510,15 +510,6 @@ static void _CONSTRUCTOR lib_init(void)
+ 			return;
+ 	}
+ 
+-	e = secure_getenv("GNUTLS_NO_EXPLICIT_INIT");
+-	if (e != NULL) {
+-		_gnutls_debug_log(
+-			"GNUTLS_NO_EXPLICIT_INIT is deprecated; use GNUTLS_NO_IMPLICIT_INIT\n");
+-		ret = atoi(e);
+-		if (ret == 1)
+-			return;
+-	}
+-
+ 	ret = _gnutls_global_init(1);
+ 	if (ret < 0) {
+ 		fprintf(stderr, "Error in GnuTLS initialization: %s\n",
+-- 
+2.41.0
+

SOURCES/gnutls-3.7.3-disable-config-reload.patch

@@ -0,0 +1,26 @@
+diff --git a/lib/priority.c b/lib/priority.c
+index 9feec47fe2..40511710fd 100644
+--- a/lib/priority.c
++++ b/lib/priority.c
+@@ -2001,13 +2001,14 @@ char *_gnutls_resolve_priorities(const char* priorities)
+ 		additional++;
+ 	}
+ 
+-	/* Always try to refresh the cached data, to allow it to be
+-	 * updated without restarting all applications.
+-	 */
+-	ret = _gnutls_update_system_priorities(false /* defer_system_wide */);
+-	if (ret < 0) {
+-		_gnutls_debug_log("failed to update system priorities: %s\n",
+-				  gnutls_strerror(ret));
++	/* If priority string is not constructed yet, construct and finalize */
++	if (!system_wide_config.priority_string) {
++		ret = _gnutls_update_system_priorities(false
++		                                       /* defer_system_wide */);
++		if (ret < 0) {
++			_gnutls_debug_log("failed to update system priorities: "
++			                  " %s\n", gnutls_strerror(ret));
++		}
+ 	}
+ 
+ 	do {

SOURCES/gnutls-3.7.3-fips-dsa-post.patch

@@ -0,0 +1,29 @@
+From b6c6e699ec79820bc949db3c71992ce277eef141 Mon Sep 17 00:00:00 2001
+From: rpm-build <rpm-build>
+Date: Thu, 15 Aug 2024 09:37:55 +0900
+Subject: [PATCH] gnutls-3.7.3-fips-dsa-post.patch
+
+Signed-off-by: rpm-build <rpm-build>
+---
+ lib/fips.c | 5 -----
+ 1 file changed, 5 deletions(-)
+
+diff --git a/lib/fips.c b/lib/fips.c
+index 1611200..8a9824a 100644
+--- a/lib/fips.c
++++ b/lib/fips.c
+@@ -611,11 +611,6 @@ int _gnutls_fips_perform_self_checks2(void)
+ 		}
+ 	}
+ 
+-	ret = gnutls_pk_self_test(0, GNUTLS_PK_DSA);
+-	if (ret < 0) {
+-		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+-	}
+-
+ 	ret = gnutls_pk_self_test(0, GNUTLS_PK_EC);
+ 	if (ret < 0) {
+ 		return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR);
+-- 
+2.46.0
+

SOURCES/gnutls-3.7.6-drbg-reseed.patch

@@ -0,0 +1,41 @@
+From 968de8a9779788a853a4c0cd75beda779cb15f52 Mon Sep 17 00:00:00 2001
+From: rpm-build <rpm-build>
+Date: Thu, 16 Nov 2023 17:09:58 +0900
+Subject: [PATCH] gnutls-3.7.6-drbg-reseed.patch
+
+Signed-off-by: rpm-build <rpm-build>
+---
+ lib/nettle/sysrng-linux.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/lib/nettle/sysrng-linux.c b/lib/nettle/sysrng-linux.c
+index 25d74fe..8b9cc46 100644
+--- a/lib/nettle/sysrng-linux.c
++++ b/lib/nettle/sysrng-linux.c
+@@ -31,6 +31,9 @@
+ #include "num.h"
+ #include <errno.h>
+ #include "rnd-common.h"
++#include "fips.h"
++#else
++#define _gnutls_fips_mode_enabled() 0
+ #endif
+ 
+ #include <sys/types.h>
+@@ -104,7 +107,12 @@ static int force_getrandom(void *buf, size_t buflen, unsigned int flags)
+ static int _rnd_get_system_entropy_getrandom(void *_rnd, size_t size)
+ {
+ 	int ret;
+-	ret = force_getrandom(_rnd, size, 0);
++	unsigned int flags = 0;
++
++	if (_gnutls_fips_mode_enabled()) {
++		flags |= 2/*GRND_RANDOM*/;
++	}
++	ret = force_getrandom(_rnd, size, flags);
+ 	if (ret == -1) {
+ 		int e = errno;
+ 		gnutls_assert();
+-- 
+2.41.0
+

SOURCES/gnutls-3.7.6-fips-sha1-sigver.patch

@@ -0,0 +1,109 @@
+From cc7473a9ea185e072ab1bae0903c77bd7d7cf5bc Mon Sep 17 00:00:00 2001
+From: rpm-build <rpm-build>
+Date: Mon, 20 Nov 2023 07:45:42 +0900
+Subject: [PATCH] gnutls-3.7.6-fips-sha1-sigver.patch
+
+Signed-off-by: rpm-build <rpm-build>
+---
+ lib/nettle/pk.c   | 13 +++++--------
+ lib/pubkey.c      |  3 ---
+ tests/fips-test.c |  8 ++++----
+ 3 files changed, 9 insertions(+), 15 deletions(-)
+
+diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
+index 4ddfcff..36a7c24 100644
+--- a/lib/nettle/pk.c
++++ b/lib/nettle/pk.c
+@@ -1609,10 +1609,7 @@ static int _wrap_nettle_pk_verify(gnutls_pk_algorithm_t algo,
+ 		if (hash_len > vdata->size)
+ 			hash_len = vdata->size;
+ 
+-		/* SHA-1 is allowed for SigVer in FIPS 140-3 in legacy
+-			 * mode */
+ 		switch (DIG_TO_MAC(sign_params->dsa_dig)) {
+-		case GNUTLS_MAC_SHA1:
+ 		case GNUTLS_MAC_SHA256:
+ 		case GNUTLS_MAC_SHA384:
+ 		case GNUTLS_MAC_SHA512:
+@@ -1683,8 +1680,8 @@ static int _wrap_nettle_pk_verify(gnutls_pk_algorithm_t algo,
+ 			 * 2048-bit or one of the known lengths (1024, 1280,
+ 			 * 1536, 1792; i.e., multiple of 256-bits).
+ 			 *
+-			 * In addition to this, only SHA-1 and SHA-2 are allowed
+-			 * for SigVer; it is checked in _pkcs1_rsa_verify_sig in
++			 * In addition to this, only SHA-2 is allowed for
++			 * SigVer; it is checked in _pkcs1_rsa_verify_sig in
+ 			 * lib/pubkey.c.
+ 			 */
+ 		if (unlikely(bits < 2048 && bits != 1024 && bits != 1280 &&
+@@ -1730,9 +1727,9 @@ static int _wrap_nettle_pk_verify(gnutls_pk_algorithm_t algo,
+ 		}
+ 
+ 		/* RSA modulus size should be 2048-bit or larger in FIPS
+-			 * 140-3.  In addition to this, only SHA-1 and SHA-2 are
+-			 * allowed for SigVer, while Nettle only supports
+-			 * SHA256, SHA384, and SHA512 for RSA-PSS (see
++			 * 140-3.  In addition to this, only SHA-2 is allowed
++			 * for SigVer, while Nettle only supports SHA256,
++			 * SHA384, and SHA512 for RSA-PSS (see
+ 			 * _rsa_pss_verify_digest in this file for the details).
+ 			 */
+ 		if (unlikely(mpz_sizeinbase(pub.n, 2) < 2048)) {
+diff --git a/lib/pubkey.c b/lib/pubkey.c
+index 1139ad9..714806a 100644
+--- a/lib/pubkey.c
++++ b/lib/pubkey.c
+@@ -2452,10 +2452,7 @@ static int _pkcs1_rsa_verify_sig(gnutls_pk_algorithm_t pk,
+ 	d.size = digest_size;
+ 
+ 	if (pk == GNUTLS_PK_RSA) {
+-		/* SHA-1 is allowed for SigVer in FIPS 140-3 in legacy
+-		 * mode */
+ 		switch (me->id) {
+-		case GNUTLS_MAC_SHA1:
+ 		case GNUTLS_MAC_SHA256:
+ 		case GNUTLS_MAC_SHA384:
+ 		case GNUTLS_MAC_SHA512:
+diff --git a/tests/fips-test.c b/tests/fips-test.c
+index 180da05..09120c1 100644
+--- a/tests/fips-test.c
++++ b/tests/fips-test.c
+@@ -596,7 +596,7 @@ void doit(void)
+ 	}
+ 	FIPS_POP_CONTEXT(NOT_APPROVED);
+ 
+-	/* Verify a signature created with 2432-bit RSA and SHA-1; approved */
++	/* Verify a signature created with 2432-bit RSA and SHA-1; not approved */
+ 	FIPS_PUSH_CONTEXT();
+ 	ret = gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_RSA_SHA1,
+ 					 GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1,
+@@ -604,7 +604,7 @@ void doit(void)
+ 	if (ret < 0) {
+ 		fail("gnutls_pubkey_verify_data2 failed\n");
+ 	}
+-	FIPS_POP_CONTEXT(APPROVED);
++	FIPS_POP_CONTEXT(NOT_APPROVED);
+ 	gnutls_free(signature.data);
+ 	gnutls_pubkey_deinit(pubkey);
+ 	gnutls_privkey_deinit(privkey);
+@@ -708,7 +708,7 @@ void doit(void)
+ 	}
+ 	FIPS_POP_CONTEXT(NOT_APPROVED);
+ 
+-	/* Verify a signature created with ECDSA and SHA-1; approved */
++	/* Verify a signature created with ECDSA and SHA-1; not approved */
+ 	FIPS_PUSH_CONTEXT();
+ 	ret = gnutls_pubkey_verify_data2(pubkey, GNUTLS_SIGN_ECDSA_SHA1,
+ 					 GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1,
+@@ -716,7 +716,7 @@ void doit(void)
+ 	if (ret < 0) {
+ 		fail("gnutls_pubkey_verify_data2 failed\n");
+ 	}
+-	FIPS_POP_CONTEXT(APPROVED);
++	FIPS_POP_CONTEXT(NOT_APPROVED);
+ 	gnutls_free(signature.data);
+ 
+ 	/* Create a signature with ECDSA and SHA-1 (old API); not approved */
+-- 
+2.41.0
+

SOURCES/gnutls-3.7.8-ktls_skip_tls12_chachapoly_test.patch

@@ -0,0 +1,25 @@
+From 18c555b4d2461ad202996398609552b9c4ecd43b Mon Sep 17 00:00:00 2001
+From: rpm-build <rpm-build>
+Date: Wed, 22 Nov 2023 15:21:49 +0900
+Subject: [PATCH] gnutls-3.7.8-ktls_skip_tls12_chachapoly_test.patch
+
+Signed-off-by: rpm-build <rpm-build>
+---
+ tests/gnutls_ktls.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/tests/gnutls_ktls.c b/tests/gnutls_ktls.c
+index ccbe566..049c888 100644
+--- a/tests/gnutls_ktls.c
++++ b/tests/gnutls_ktls.c
+@@ -347,7 +347,6 @@ void doit(void)
+ {
+ 	run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+AES-128-GCM");
+ 	run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+AES-256-GCM");
+-	run("NORMAL:-VERS-ALL:+VERS-TLS1.2:-CIPHER-ALL:+CHACHA20-POLY1305");
+ 	run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-128-GCM");
+ 	run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+AES-256-GCM");
+ 	run("NORMAL:-VERS-ALL:+VERS-TLS1.3:-CIPHER-ALL:+CHACHA20-POLY1305");
+-- 
+2.41.0
+

SOURCES/gnutls-3.8.7-nettle-static.patch

@@ -0,0 +1,165 @@
+From 558cf23853f6ad0537daff4613d316265857b7fd Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Wed, 21 Aug 2024 14:50:54 +0900
+Subject: [PATCH] fips: skip HMAC checks of nettle libraries when statically
+ linked
+
+Since commit b6e9b10347ed577a9a37b7b28e1a039c5f6ccb16, it is possible
+to link Nettle libraries statically.  In that case, FIPS integrity
+checks against the Nettle shared libraries should be skipped as they
+are not used by GnuTLS.
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ lib/fips.c     | 32 ++++++++++++++++++++++++--------
+ lib/fipshmac.c | 12 ++++--------
+ 2 files changed, 28 insertions(+), 16 deletions(-)
+
+diff --git a/lib/fips.c b/lib/fips.c
+index e5fce6b1b9..dc86a44354 100644
+--- a/lib/fips.c
++++ b/lib/fips.c
+@@ -157,14 +157,6 @@ void _gnutls_fips_mode_reset_zombie(void)
+ #define GNUTLS_LIBRARY_SONAME "none"
+ #endif
+ 
+-#ifndef NETTLE_LIBRARY_SONAME
+-#define NETTLE_LIBRARY_SONAME "none"
+-#endif
+-
+-#ifndef HOGWEED_LIBRARY_SONAME
+-#define HOGWEED_LIBRARY_SONAME "none"
+-#endif
+-
+ #define HMAC_SIZE 32
+ #define HMAC_ALGO GNUTLS_MAC_SHA256
+ #define HMAC_FORMAT_VERSION 1
+@@ -177,8 +169,12 @@ struct hmac_entry {
+ struct hmac_file {
+ 	int version;
+ 	struct hmac_entry gnutls;
++#ifdef NETTLE_LIBRARY_SONAME
+ 	struct hmac_entry nettle;
++#endif
++#ifdef HOGWEED_LIBRARY_SONAME
+ 	struct hmac_entry hogweed;
++#endif
+ #ifdef GMP_LIBRARY_SONAME
+ 	struct hmac_entry gmp;
+ #endif
+@@ -186,8 +182,12 @@ struct hmac_file {
+ 
+ struct lib_paths {
+ 	char gnutls[GNUTLS_PATH_MAX];
++#ifdef NETTLE_LIBRARY_SONAME
+ 	char nettle[GNUTLS_PATH_MAX];
++#endif
++#ifdef HOGWEED_LIBRARY_SONAME
+ 	char hogweed[GNUTLS_PATH_MAX];
++#endif
+ #ifdef GMP_LIBRARY_SONAME
+ 	char gmp[GNUTLS_PATH_MAX];
+ #endif
+@@ -250,10 +250,14 @@ static int handler(void *user, const char *section, const char *name,
+ 		}
+ 	} else if (!strcmp(section, GNUTLS_LIBRARY_SONAME)) {
+ 		return lib_handler(&p->gnutls, section, name, value);
++#ifdef NETTLE_LIBRARY_SONAME
+ 	} else if (!strcmp(section, NETTLE_LIBRARY_SONAME)) {
+ 		return lib_handler(&p->nettle, section, name, value);
++#endif
++#ifdef HOGWEED_LIBRARY_SONAME
+ 	} else if (!strcmp(section, HOGWEED_LIBRARY_SONAME)) {
+ 		return lib_handler(&p->hogweed, section, name, value);
++#endif
+ #ifdef GMP_LIBRARY_SONAME
+ 	} else if (!strcmp(section, GMP_LIBRARY_SONAME)) {
+ 		return lib_handler(&p->gmp, section, name, value);
+@@ -403,10 +407,14 @@ static int callback(struct dl_phdr_info *info, size_t size, void *data)
+ 
+ 	if (!strcmp(soname, GNUTLS_LIBRARY_SONAME))
+ 		_gnutls_str_cpy(paths->gnutls, GNUTLS_PATH_MAX, path);
++#ifdef NETTLE_LIBRARY_SONAME
+ 	else if (!strcmp(soname, NETTLE_LIBRARY_SONAME))
+ 		_gnutls_str_cpy(paths->nettle, GNUTLS_PATH_MAX, path);
++#endif
++#ifdef HOGWEED_LIBRARY_SONAME
+ 	else if (!strcmp(soname, HOGWEED_LIBRARY_SONAME))
+ 		_gnutls_str_cpy(paths->hogweed, GNUTLS_PATH_MAX, path);
++#endif
+ #ifdef GMP_LIBRARY_SONAME
+ 	else if (!strcmp(soname, GMP_LIBRARY_SONAME))
+ 		_gnutls_str_cpy(paths->gmp, GNUTLS_PATH_MAX, path);
+@@ -423,14 +431,18 @@ static int load_lib_paths(struct lib_paths *paths)
+ 		_gnutls_debug_log("Gnutls library path was not found\n");
+ 		return gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+ 	}
++#ifdef NETTLE_LIBRARY_SONAME
+ 	if (paths->nettle[0] == '\0') {
+ 		_gnutls_debug_log("Nettle library path was not found\n");
+ 		return gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+ 	}
++#endif
++#ifdef HOGWEED_LIBRARY_SONAME
+ 	if (paths->hogweed[0] == '\0') {
+ 		_gnutls_debug_log("Hogweed library path was not found\n");
+ 		return gnutls_assert_val(GNUTLS_E_FILE_ERROR);
+ 	}
++#endif
+ #ifdef GMP_LIBRARY_SONAME
+ 	if (paths->gmp[0] == '\0') {
+ 		_gnutls_debug_log("Gmp library path was not found\n");
+@@ -483,12 +495,16 @@ static int check_binary_integrity(void)
+ 	ret = check_lib_hmac(&hmac.gnutls, paths.gnutls);
+ 	if (ret < 0)
+ 		return ret;
++#ifdef NETTLE_LIBRARY_SONAME
+ 	ret = check_lib_hmac(&hmac.nettle, paths.nettle);
+ 	if (ret < 0)
+ 		return ret;
++#endif
++#ifdef HOGWEED_LIBRARY_SONAME
+ 	ret = check_lib_hmac(&hmac.hogweed, paths.hogweed);
+ 	if (ret < 0)
+ 		return ret;
++#endif
+ #ifdef GMP_LIBRARY_SONAME
+ 	ret = check_lib_hmac(&hmac.gmp, paths.gmp);
+ 	if (ret < 0)
+diff --git a/lib/fipshmac.c b/lib/fipshmac.c
+index d3561b4c47..5c3202c561 100644
+--- a/lib/fipshmac.c
++++ b/lib/fipshmac.c
+@@ -40,14 +40,6 @@
+ #define GNUTLS_LIBRARY_SONAME "none"
+ #endif
+ 
+-#ifndef NETTLE_LIBRARY_SONAME
+-#define NETTLE_LIBRARY_SONAME "none"
+-#endif
+-
+-#ifndef HOGWEED_LIBRARY_SONAME
+-#define HOGWEED_LIBRARY_SONAME "none"
+-#endif
+-
+ #define HMAC_SIZE 32
+ #define HMAC_ALGO GNUTLS_MAC_SHA256
+ #define HMAC_STR_SIZE (2 * HMAC_SIZE + 1)
+@@ -117,10 +109,14 @@ static int callback(struct dl_phdr_info *info, size_t size, void *data)
+ 
+ 	if (!strcmp(soname, GNUTLS_LIBRARY_SONAME))
+ 		return print_lib(data ? data : path, soname);
++#ifdef NETTLE_LIBRARY_SONAME
+ 	if (!strcmp(soname, NETTLE_LIBRARY_SONAME))
+ 		return print_lib(path, soname);
++#endif
++#ifdef HOGWEED_LIBRARY_SONAME
+ 	if (!strcmp(soname, HOGWEED_LIBRARY_SONAME))
+ 		return print_lib(path, soname);
++#endif
+ #ifdef GMP_LIBRARY_SONAME
+ 	if (!strcmp(soname, GMP_LIBRARY_SONAME))
+ 		return print_lib(path, soname);
+-- 
+2.46.0
+

SOURCES/gnutls-3.8.7-pkgconf-dlopen.patch

@@ -0,0 +1,170 @@
+From 292f96f26d7ce80e4a165c903c4fd569b85c1c1f Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 16 Aug 2024 09:42:15 +0900
+Subject: [PATCH 1/2] build: fix setting AM_CONDITIONAL for brotli and zstd
+
+As the with_{libbrotli,libzsttd} variables are unset if configured
+with --without-{brotli,zstd}, check the unequality to "no" doesn't
+work; use explicit matching with "yes" instead.
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ configure.ac | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 95ec4c1515..a476176800 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -1158,7 +1158,7 @@ if test x$ac_brotli != xno; then
+ else
+     AC_MSG_RESULT(no)
+ fi
+-AM_CONDITIONAL(HAVE_LIBBROTLI, test "$with_libbrotlienc" != "no" && test "$with_libbrotlidec" != "no")
++AM_CONDITIONAL(HAVE_LIBBROTLI, test "$with_libbrotlienc" = yes && test "$with_libbrotlidec" = yes)
+ 
+ AS_IF([test "$ac_cv_dlopen_soname_works" = yes], [
+     save_CFLAGS=$CFLAGS
+@@ -1203,7 +1203,7 @@ if test x$ac_zstd != xno; then
+ else
+     AC_MSG_RESULT(no)
+ fi
+-AM_CONDITIONAL(HAVE_LIBZSTD, test "$with_libzstd" != "no")
++AM_CONDITIONAL(HAVE_LIBZSTD, test "$with_libzstd" = yes)
+ 
+ AS_IF([test "$ac_cv_dlopen_soname_works" = yes], [
+     save_CFLAGS=$CFLAGS
+-- 
+2.46.0
+
+
+From 546153198d2fb8fc4902f23de6254bb7988de534 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 16 Aug 2024 09:48:31 +0900
+Subject: [PATCH 2/2] build: don't emit Requires.private for dlopened libraries
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ configure.ac | 36 +++++++++++++++++++++---------------
+ 1 file changed, 21 insertions(+), 15 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index a476176800..f3e7a3aeae 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -1100,11 +1100,6 @@ if test x$ac_zlib != xno; then
+     PKG_CHECK_EXISTS(zlib, ZLIB_HAS_PKGCONFIG=y, ZLIB_HAS_PKGCONFIG=n)
+     if test "$ZLIB_HAS_PKGCONFIG" = "y" ; then
+         PKG_CHECK_MODULES(ZLIB, [zlib])
+-	if test "x$GNUTLS_REQUIRES_PRIVATE" = x; then
+-	    GNUTLS_REQUIRES_PRIVATE="Requires.private: zlib"
+-	else
+-	    GNUTLS_REQUIRES_PRIVATE="$GNUTLS_REQUIRES_PRIVATE, zlib"
+-	fi
+ 	ac_zlib=yes
+     else
+ 	AC_LIB_HAVE_LINKFLAGS(z,, [#include <zlib.h>], [compress (0, 0, 0, 0);])
+@@ -1134,6 +1129,13 @@ AS_IF([test "$ac_cv_dlopen_soname_works" = yes], [
+                    compress (0, 0, 0, 0);])])
+     LIBS="$save_LIBS"
+     CFLAGS="$save_CFLAGS"
++],
++      [test "$ZLIB_HAS_PKGCONFIG" = y && test "$ac_zlib" = yes], [
++    if test "x$GNUTLS_REQUIRES_PRIVATE" = x; then
++        GNUTLS_REQUIRES_PRIVATE="Requires.private: zlib"
++    else
++        GNUTLS_REQUIRES_PRIVATE="$GNUTLS_REQUIRES_PRIVATE, zlib"
++    fi
+ ])
+ 
+ AC_ARG_WITH(brotli,
+@@ -1146,11 +1148,6 @@ if test x$ac_brotli != xno; then
+     PKG_CHECK_MODULES(LIBBROTLIDEC, [libbrotlidec >= 1.0.0], [with_libbrotlidec=yes], [with_libbrotlidec=no])
+     if test "${with_libbrotlienc}" = "yes" && test "${with_libbrotlidec}" = "yes"; then
+ 	AC_DEFINE([HAVE_LIBBROTLI], 1, [Define if BROTLI compression is enabled.])
+-	if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then
+-	    GNUTLS_REQUIRES_PRIVATE="Requires.private: libbrotlienc, libbrotlidec"
+-	else
+-	    GNUTLS_REQUIRES_PRIVATE="${GNUTLS_REQUIRES_PRIVATE}, libbrotlienc, libbrotlidec"
+-	fi
+ 	need_ltlibdl=yes
+     else
+ 	AC_MSG_WARN(*** LIBBROTLI was not found. You will not be able to use BROTLI compression.)
+@@ -1180,6 +1177,13 @@ AS_IF([test "$ac_cv_dlopen_soname_works" = yes], [
+            BrotliDecoderVersion();])])
+     LIBS="$save_LIBS"
+     CFLAGS="$save_CFLAGS"
++],
++      [test "$with_libbrotlienc" = yes && test "$with_libbrotlidec" = yes], [
++    if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then
++        GNUTLS_REQUIRES_PRIVATE="Requires.private: libbrotlienc, libbrotlidec"
++    else
++        GNUTLS_REQUIRES_PRIVATE="${GNUTLS_REQUIRES_PRIVATE}, libbrotlienc, libbrotlidec"
++    fi
+ ])
+ 
+ AC_ARG_WITH(zstd,
+@@ -1191,11 +1195,6 @@ if test x$ac_zstd != xno; then
+     PKG_CHECK_MODULES(LIBZSTD, [libzstd >= 1.3.0], [with_libzstd=yes], [with_libzstd=no])
+     if test "${with_libzstd}" = "yes"; then
+ 	AC_DEFINE([HAVE_LIBZSTD], 1, [Define if ZSTD compression is enabled.])
+-	if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then
+-	    GNUTLS_REQUIRES_PRIVATE="Requires.private: libzstd"
+-	else
+-	    GNUTLS_REQUIRES_PRIVATE="${GNUTLS_REQUIRES_PRIVATE}, libzstd"
+-	fi
+ 	need_ltlibdl=yes
+     else
+ 	AC_MSG_WARN(*** LIBZSTD was not found. You will not be able to use ZSTD compression.)
+@@ -1215,6 +1214,13 @@ AS_IF([test "$ac_cv_dlopen_soname_works" = yes], [
+            ZSTD_versionNumber();])])
+     LIBS="$save_LIBS"
+     CFLAGS="$save_CFLAGS"
++],
++      [test "$with_libzstd" = yes], [
++    if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then
++        GNUTLS_REQUIRES_PRIVATE="Requires.private: libzstd"
++    else
++        GNUTLS_REQUIRES_PRIVATE="${GNUTLS_REQUIRES_PRIVATE}, libzstd"
++    fi
+ ])
+ 
+ AC_ARG_WITH(liboqs,
+-- 
+2.46.0
+
+From 8d0ec0ccdfeaae0d56426169d4c7b490e3b07826 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 16 Aug 2024 13:35:47 +0900
+Subject: [PATCH] build: add liboqs in Requires.private in gnutls.pc if needed
+
+When --with-liboqs is specified and liboqs cannot be dlopen'ed, it
+will be linked at build time. In that case gnutls.pc should indicate
+that through Requires.private.
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ configure.ac | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/configure.ac b/configure.ac
+index f3e7a3aeae..93ba723323 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -1256,6 +1256,13 @@ AS_IF([test "$ac_cv_dlopen_soname_works" = yes], [
+                    OQS_version ();])])
+     LIBS="$save_LIBS"
+     CFLAGS="$save_CFLAGS"
++],
++      [test "$have_liboqs" = yes], [
++    if test "x$GNUTLS_REQUIRES_PRIVATE" = x; then
++        GNUTLS_REQUIRES_PRIVATE="Requires.private: liboqs"
++    else
++        GNUTLS_REQUIRES_PRIVATE="$GNUTLS_REQUIRES_PRIVATE, liboqs"
++    fi
+ ])
+ 
+ AM_CONDITIONAL(NEED_LTLIBDL, test "$need_ltlibdl" = yes)
+-- 
+2.46.0
+

SOURCES/gnutls-release-keyring.gpg

@@ -0,0 +1,226 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mDMEYcRaoxYJKwYBBAHaRw8BAQdA5U8Cb4ZMYCjuAa6tqNKbRxXzycS2iLvNzWki
+bGD2fe60JVpvbHRhbiBGcmlkcmljaCA8emZyaWRyaWNAcmVkaGF0LmNvbT6ImgQT
+FgoAQgIbAwULCQgHAgMiAgEGFQoJCAsCBBYCAwECHgcCF4AWIQRdRssPdjQFpwU1
+VvR6daZIs/kiDAUCZZQM4wUJCXNMwAAKCRB6daZIs/kiDBq0AQD4kutiBvEtpeI5
+oHE5am/JgQUbUNQ8hGiHeJ+epRc5NQEA0xzJPYCIlvZ4jgf7K7RiKkqjzozOLwun
+GummhMd1vQ24OARhxFqjEgorBgEEAZdVAQUBAQdAxKg6y4A69qT7doTni8/zKuKy
+QKXEORZTCNxkcnz3dXoDAQgHiH4EGBYKACYCGwwWIQRdRssPdjQFpwU1VvR6daZI
+s/kiDAUCZZQL3wUJCXNLvAAKCRB6daZIs/kiDCtdAQC6p+B26g72CLXjq6xmaLqs
+1fi1auyPW/SnNRbbaW9UlwD/Up5lkp+r2n5d74vj4Y43nORpipb4kR3mP5g4SZak
+IQKZAg0ESmfuLgEQAKHTAV7YHndSUjFY5DfCsrdMjIembP3PIwKR0g/vHVvvhn9L
+FkDs3y46TkFCHcYsGdhOEmXcxJY4CClui7IjkSH1/7JnbsCgGRBx3wl4dyRsu9cL
+EbwY86fVypIFSy6z7q24bzosjeu50lIqwVna4fRqZF8lIEGfJuuizLl1OfnkYgnc
+FupZ1pM/u40VZEzOLoMDj2bzzSEnaq6eS4A5f+ryS8ql9G4kJ2Z72RdlzWXzwWoZ
+QSV0JVikb5KN0IU/0KZklFiEXpS5EdJlfIlPDVYyainuBiPYXdBOyh2d/V714OO7
+/JanOY8HhYAK2us7vDM+W5+x6UU0isfDHq3KS/N+VphODZuuf2imZlMAzt5heEGT
+wAS85cKDWrhReJIa0WmjAFRW2g4ZAeVILbXw6dDJowSwLsJqBvURCpk1tee9wxXM
+whxdwocVIBCuTn4h81NA6iTwUhZdabxNhUOpUilYQoOAePQ/Bw9a2mSGOWAg/TVr
+m6+u+/TDVOrY1yMumnJjKegS8RsZaiOS7iXIJRZ1YAv2fmHcgKXIEKp0fw4y10vd
+aJsYiWRs5xZd+xH4VREK/l6zAxECVkq7Mt/pjIPOllVbI6h75Bz5LgOXwn5Z5js+
+q40nAZ20uSVKLTjfpVgq6niSChPeIAdhU4G3QrTecO2CeybZTGIRH57X3RhXABEB
+AAG0HkRhaWtpIFVlbm8gPHVlbm9AdW5peHVzZXIub3JnPokCVAQTAQIAPgIbAwIe
+AQIXgAULCQgHAwUVCgkICwUWAgMBABYhBEYiJcO0bzSHn8hJbNYFhI7X5phxBQJb
+qxq7BQkaqS4NAAoJENYFhI7X5phx7qYP/R0/oCwNjM0treJEL7U1CAaPD8VMOrzl
+Fvc4Kx5pJq5VLoMTpl1ikgyk/LAbNleWdgxCEtAGf4NbI9nxyV6Jh2EwGSwLf/HV
+Kh5x6kWwRMqpSY5NcgJsQeAIojJT0ui3HANwNxvqcIHCsPlCjSbKidgEkl/PGiSJ
+j/UiP/OJ5Z0DqKg7hrd29XgVuBMIKcFQXysiHfy+N+9UQbHtb6qjkriRZAZ4Jb6Q
+LrwIzMqKOINj2NNKtxH1AaosxLQ+pcsmRA3OQPPKk5ptQE70+R+OiGbFbfkL4Uui
+gjhMAf9qmppiMnxq9gkt/lLteCpTFZZ2FeL9mSKu9eN0jewweVVcZdgm0vVmub4m
+rrkciJGl8Le3dZG3sZ1KYink6gSbYY8bJCfYo36+JqQx9KmyAQKLV8YwgQGlHyy/
+6vHZdsPRsugmR0dbZEXxr0VE/CI26Ed68u2ZxtscVdurWeNhsFnJpY8Dljah8QYn
+kObRp7DyEMUqD9cDC7Jlmgdq8fe9IIPxVNfDgHub6gh15dA7XdRWB2Fd1rtSQ0xM
+/so3rfMDrssJ25RTkbA6gLNy54NO1Pz2xpsuL3MLlVF0xFdCIf7LD95vikfcXY6R
+iaJwniDS6bm1UOkaRzgG/o5FERS7Ea9cowsxoxypybDHefH0Qn74J6B4BtgEB3cg
+fiJHjFjSzTcetBlEYWlraSBVZW5vIDx1ZW5vQGdudS5vcmc+iQJVBBMBCAA/AhsD
+BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgBYhBEYiJcO0bzSHn8hJbNYFhI7X5phx
+BQJknpE0BQkf2j2GAAoJENYFhI7X5phxAzUP/2WLxI23iiF12lVVlxj84g3F/XyE
+u7oi5nVHY9wtmw0PoM3/sHHDO4H2LXH9Beb4Nitpvzy3WkMMOiAGdoDad0CC8gD8
+TChjAd4vh5arT9PGgTHNUdp33m80j5xl0TuDEvfbXaoL2ZTyW4TApmpiPX+a024L
+mx+Xf+WBj8PlEjXSjh21mXQs+L3gZGwZFXc2VoQNg/rBGt9rmv2JcaO4q+BbVhY6
+o1PYL0C7RBWfz/sdIhWazYMa8L243a4LQU6CkILwum0yJ37ERJ2jkGc8NaHsqXCi
+zbmFFp3If6u7F7iFrIN0W76hUL69nwszGlz4OyLHJsDLDnp1fJbOBk2gZZCMoFIS
+OXqxTZPUdxbjWaVNRz1/ze5LcGF5yB52lgqOxykZCIIGs9mn11Q1kWPoB2BovoXd
+fqTgMwx68qvQXWUzHj8fVemA3kCwqK9udjFok62GVKBy7uxBes+Le74aMg17Pp3R
+siMuL4jpTppEuBpc5/gMQDJSv53niGWLyrUCa+9lDGqxpHiV+SRrEXekQlFCi+cG
+FS36mT/Vnvsnss4ioKjEPWv4OuASkC78GvGMSXZrFMHrILgRrLhErbO/g8d2/+X9
+3p02A5R9vbhdOSOAgjvvGLPzR7LidOoBOZYaTq28HB7cNmBkpAp4cM59pQwTVZYm
+ryZF066njjn5TEoVuQINBEtrT7wBEACjRnNKXpiD/tbVSiF3bicZpf4C1JFIDvvJ
+HQZEuK35SqeAe/tUpMAwbBfgW5sExUoB3Cy1lEK2Bi1kO7GU+tkdCHhi6jrcLYiM
+g7QXavYZ/ebYHVfhVY2vGhOJVz4qm0/WvQYT3OpJSqrD1jT+AbRpDxFk9h2CBPw1
+roBrh8TqYKyIOBPSswLwP05IKk9h7SwQnl/stXRchLMVaMrKL33V2bpZSI4NtYhJ
+QGzX7PHVsv4JYBCXCeFRhAJwLLySfGM3DXdAChsOjtGob/sW84Kv5YM65sHxmhit
+4NC5o5IxVQntvYaOsTafF9KOC8egostPsARxUNNihGYvJ5WL8NS2wQVMWsiRMK+/
+QsK6PEMXny4q9+lMPGBZpuGicUX68RIIJynAaHatdorA0hFSDQIVxbhDTQdrBnmt
+fSx33Yd9LlaW+oFz3oNtsUP57JQMvn7/RYMSheRqtlhSOOHQV/DdORo2B1uhd2Dl
+uZOzsVz88o/2eZ9dhO8ArNhQRpWgcx7dq+kI7FyUH0Idrw29qD3IT/PnEOTF84ro
+l0HEagP1ozVB32krJIDRQleTmdTogtT69FYLHnK9fYrk1m3Pcc3TWb/1PCcccN0D
+2RJCl2kry5wJdx6g2bi7wg4twpRJshi5jREPJAAGNy5MKA+oon6D6gbwwNP3xuz/
+/9BU0AUDYQARAQABiQJ+BBgBCAByBYJkorMiCRDWBYSO1+aYcUcUAAAAAAAeACBz
+YWx0QG5vdGF0aW9ucy5zZXF1b2lhLXBncC5vcmeZgZGsUjuRusvhjME6v0SyZCTB
+ZHc9vQ5i7qV5OPZtLgIbDBYhBEYiJcO0bzSHn8hJbNYFhI7X5phxAADssg/9G6Sj
+nPi7yLDgXwmdQnZS20afRXa+T/YrsupbcKtXz+9As/QeZjnwuWI+LMDEjQSGnbQ4
+w4Uyz5hnpRnWYDq62hsFml1eJr5xwImscJMUYkVdBVTxvrYn9Dxr+C+FkeJfBIkO
+qZpFfe03VNwNU7zm6lg2BzKzBY3MY0nm/J/fWhmIXGOvUXHmRC6NnRkiTQcLsPU5
+TrJoDXP3qI2shr77IE3TFZ60xD1mdoaZol+CQEXjoAzd+PuWBltdkMVSqtLFkyEy
+L0kup+u/JdBrZxDNKRYwvoIi+cpzefq6Cp52L4WOhKxYQxrGPaFXzuOjf5uA6YHj
+nikhvtm2W1C4FxEJ9OaDgP5EtdUmwnAOdPc+uNwpmChpFZmno26pqZfl7st6hjWK
+qc9bEGncemxqregsCZPz8S/xHtFIKG7tGu7bmXVqnlkbz40t+1dQSN7jM6/pEIKr
+2xWiZOnQ9/1cwuS84ZIQiwvOT4tGlLxnhdPjrCdgjtse2rf0Z1e29D36VKvxEQvh
+lyAkqu4/8polwDVjHA3e3wlM8oCIoV4QvWWiqwaYmcFIk67TeTFx/rADZdDk/1w6
+Ym+aOkPah1KLj7ERikSi3L3WJsrqZl7ij7fW8UrU5hz1Ncwc5cshFtdICAHA2ZpT
+vELN+aCng2VkpPsR3NGa4ihB2Rbyq2SsGJdkf1OZAg0EV+o2lwEQAKWMXF8xc4hs
+2nI+Tl6s/QTiw1X8gGJCztuEpLgVUqfL8bmQx91t1F7bpfVBN/wmrxXcWDZCTnlZ
+NFJ81F/5AyMr1d8CBCuFaBHNx5KIl0Mo96wlFlYt2ANIjs2duM70fNgQPx0NgV9U
+ZrvuXtW7hH7G+bQE83NvEjBg/OC16JaImRK9IV3FMsv4V7H5QrUwe9dAkN/EnaKk
+I6B4jTd2DBq4JPfK+0FmEj/09Fv8N9EPgUm/TQePzOedMRhON9qX7vTczHsslmqD
+d5DSXbCgYamiuI0e3Xw48i07R6Bz5h0/gm6PKzS7effIKopZJitF4/ry5m2/ryf9
+piv0koeaC+ygYTALnWmqlS2PeFUbxfqvllz0nUk2wGsHVIeBKAkMeWyvluqFPLey
+zouexNl99s86fMhvMKCUbYNN1CvwMJtXCmabaviN1sbMrWa8UdW4h5RNxs4ot/9M
+uZOtTTJNtRbESXiyB8VTQuBZAh+eUTkuSa2AC4O6M1UEnc+a5pzRVy99MF335Kat
+S42S50THIshZvCehjZNL/BHXnyd1Acqf9VBJZXJYLuvw3wlH2qYl2GGS7fR6V4ii
+94dp/EE/kOZyzx5DJSNd6evYLwgJsFQvkGGqsCy8myXfDjK5Y+gx5kxBinikAigk
+OcnwYBlAlXBs2mxmG0qiCO2ooMl8/g0rABEBAAG0J0FsZXhhbmRlciBTb3NlZGtp
+biA8bW9ua0B1bmJvaWxlZC5pbmZvPokCTgQTAQgAIQIbAwIeAQIXgAUCV+o3dAUL
+CQgHAwUVCgkICwUWAgMBAAAhCRCw6d0gsp8UMhYhBOmHq39+iWZ3dtBbO7Dp3SCy
+nxQyflAP/1o4u6QvvBqAA4SK8eDgCaDjfKltjDn52jx4JfxBWlfS/zdnz8qPDTXX
+iEh2JKpitlG+bmRnSngOqPH+sfFQvUz7czidUfF+Tlt0jO3Q/Zt5/OiGh3vgmOre
+B4I5cObNGQmT/Ma5si6NfTQU0+okvd3j6fRNswsNP26TF+m7gSd27/S1/WkGLe+D
+Ukq+fYXjCNn4qCg9KthAULJkZWiCP2rok/m2xCHmAq0ALVyDTE/IKRbDEqc04qsI
+/XqGPavLdHmG8On1g8sek7QvJKkRgN29BUzdS6KBYfZGSLJ9KLGST7BPegyFLXvD
+SMxUx4KrJRxgytMcmzI5SYTA6u6RdA1t5AY6Jw17YgP4Ba/yPPTbrTxJb7qM4NOA
+1c/xc+j3+A6bWjLUbHMESlldcZae3s9cFjmOfDW9jn0WcmV2e4W1u2kTF0um1kfV
+8kriiHKKT0RJ8iVLfpJpnJ0/7hgsyUE4O8BH1J+Pho0zVfTE1TBp1FwRZJQ3ls9X
+3f5Zpn/KZy7gjseQSPx6r7pra7U5gSv/0Y1qDRrNvtULt1+0SobAmzp84iqn3GRd
+/NybJz5jB526fm16WIE3MLoEB2yj+T+4AQ5Va1NHLqRR5oXa/anIzzFrmoUe8dRY
+le/PhIvHEjzRrMzLFrmXX6eQZH1Gle59KbCFJus0bfSE0PL0xmKsuQINBGEgbmMB
+EAC6sAEM9vo0ocfnyAlhmG+clkdNIH0J8NLzZIbnHOAfTnnLzUeWOT14JR7Q//kT
+CdorjbX0dWD/+TRIwFHdXtLQngqaqSc77+1nRkx/4R5tbzJrd/FYA/4zk+sPpDHD
+idcntJQ5chduyiuESn3L0H0OT0muck0g92BAkGATaswNWLLnu/TC1486krkG0aQx
+DDFIYggzJR6v/saCrTGtMVMOhoMcWKGGQpFCYznB+3scYucTc4o9CGY/hpYeukZZ
+72xmaYWZqIQnCm7pfLyJWNkw70EO1r1EBStuhYWEUqgTfgfu6KQHRpRiMPWf0Oss
+44DQR5fIkY/VTCBeIWOdX2TC6qVfgMKASfIyYzPMorDtAcrXhRb4aEZqh9p7AjLs
+8izfFR8/GSdoxIda3b+cfFPZ5dk05oOS3wkMQOy5ZeGv/jp8WZds7MC9+xNMhdZ9
+4hRU6dN7S6yq+btrgPLWXk96yl4VZkwRz9fxk7PqZZ8riz9VAfKE2llkC5pEXx09
+B0oUxu9DXzGZI9acOG3YAtXlezhCaS6AcvQZbQ7CXKHd/sGXrf9T+sqYX9k4FnLm
+7eoWHH0rEMC3QVPGbIs4rGZbjBBybVrgSL8ShFpmhw9F1PyD6ug2t41NBIbZr9e2
+eFaVO2LaPpZPoKFGZoILrtB/vW32BmQV20Ibr7cK2dPcbQARAQABiQI2BBgBCAAg
+FiEE6Yerf36JZnd20Fs7sOndILKfFDIFAmEgbmMCGyAACgkQsOndILKfFDKCmw/7
+BUinZ7uO+ax1hV25Emdg9qJsbtW32FLMypecexEK/CrOM+fadQe+xzPOoSlHw5tS
+1ZB4rdKUT0jIingmmgaBWFd0FQPSsxHlERvhTfgDBlzAl7CkFisOPYY/ErL+lCjM
+4t8VgsHsQZQZ7Nx7wMuIbT99n1lt79lt3YXgkZfIerDmb5mWuGP10b1/GDFv0s2R
+T2dyNfdTNFtfzpehA4ea7Qgcz1ayqeyjWqDpoIXP+KCC368vv7kukBrdSpn7RLS2
+xYeP8zB8ovfe+TzYc7ZSt9UdjbW7U7qzU49Kq5C4n/qvj7R5kcAm+UDSLVrvnbAf
+nLVWWfgo0sOmtD5/EoMhlgKtN6DrVTSgf6xW6oWsf+8Pz1NROhqLwkcDvpET6zuT
+YEWOK9vFik3XEtdaSlONvaBPN8aYfjoPze28MgEEcf3dw/+QIczw8+kXWXjmAHth
+L8RpC1fiMmdOXlB1d7gkUPQkJmc4NeRM53fgE097IbXbEFhMtDSu8yzKltG70ahO
+WoNKwdArrQhbiFKc4hoCx/caRy8jK0kFb5ZaNkljbtyQWFXm75lEDpaa2RFvE0T7
+pFrMnrOEts0tlJwEf5s/SxWpFniXW7mCov3eYFnrE8Lgq173z7NmjmMTms29bro8
+UW8eHMflRchZsrEUAQOtlA3k159Wt/2MTK9LnIz1I7a5Ag0EV+o3eQEQAL7E7DWm
+gc1YdUV35LU1JCYqu8LScbyPtnilMYjgYORLc2DqXLIBWuIdP7hQ8lkQosQmn+oj
+EfIEBpwbU+q5fsyxK31nReXxQQgDGwobjdGsZykjf6Dj1Jd9y2LDsBpZnvpFVhqp
+YAv3bmyaGpIh+9y5xyLRsCTloVL1R+JyHuOromVllR25+zFwvoFhjfq27VK9QjTF
+DYzqhdr3e0sx1LKb0DaiDHc8PT2LBjmND7KMGUKOjDwiFY6Uxd1eTB6Y+FkkwfMa
+bk1JRgF+rGA9pvy0sjJcWkbTvW8erBJhhWNN4V7rtSHMMRdzFvqzhgWeO7r3TarK
+js7pQCM8t+rnT7YFm1n0rHLfW7ECV6WBvWyk1N7a0C4Q5ekJ+fls4U+Iy20bOmhs
+3vRxNA0XaGdp/NH1ldi5KExYbTpQpNQ0XK6j1KwE+TdM24v7su6qWGgmWUJKWFfC
+ms+/zwAVGypTXa7rDi9X/+Ubb8nLLkQbf4W4/OrXBWffkbG+4J2EDRxF1UeHrHu5
+NpnFP8J7sWYKV45Vh3pK5le2zYbDPF84Ge6BY2wiYvvWnPEqg7pLPZfaRSMJkqxT
+QLSwnHf8vBvVXHAmp0WpYwOYBE+onFcZX3/t8d2uiEKuhElNfxdC1O4UolaBBEpz
+FC9hN1IXWIpTgRLo+G4ket8FlTugwe+l1HN9ABEBAAGJBFUEGAEIAAkFAlfqN3kC
+GwICQAkQsOndILKfFDLBXSAEGQEIAAYFAlfqN3kACgkQQSdIpAr8wvsH/hAAlSnz
+UTzOU+x7/P4fPxl9M7dLWcOIKaaGrjNExz9bVCGXGnHZR3f4gRl/bowRFjGi++vh
+nlCz2Hj18lFRXG3HjlSOwdzJYSa6ZMqdA2AW4167kJtQNEXpfV//C5mXhfe3U68O
+33+acvqU5cG4/+QNvun81j8SQlOyYJlsQwW6W1EH2wxfuvpid3SNn5yDZ7GFhfZh
+oxBwzITWRiWifcy8r3xufAVrFZKwAMvWrG5LRJD6pgyW/1oMsWUIH0U+QD0vgBoa
+RCAW/gqLRf2836n7PeZaLuqiHMQgYOUs41KJ9jy6rYiHLuZsZPJ4luFbFuUylJxj
+KUfnjVuAoBhm9XouywKckE3oXUf2Sa504MQlo+pNvtf4LK8RALpkTe8joq5olEnV
+NNIq+UBxK0ZEG6SaCnf4wtYcL4uUVgLj/QYm9fob3gakVlfEVZx2SnCqrB2NAtMO
+RUo1iOm//EwAnaFP4XaqPEQLZaEnKF454n05xFvt21UGgM81z2q9DrAbAolrpf3Y
+8LtC42TQTMlGmyVmxUzgqyVcDc8Pjj0VP+9twp8za31bPXs88/o3E+tYIN46pxYV
+9fWxdns+eNupVm8ZeZ+sblhkQGb2yyOPM7SEsP4MKzITPHheBxSzniYo0D6jrX4A
+lDza7Gjw4YsOxus2NlhzBsWxmTpYat1QSW8cEQgWIQTph6t/folmd3bQWzuw6d0g
+sp8UMpnkEACd4nfSJZIVX/jGtbR9kwOhnchAEkW9nwCxwgujJxvkPSqgMLbwtGhv
+KMunhOOU10JWWT2pZ6JvYTzRRPJwl8snXwNlv9HKa/XUlbo7SGuliAya0J3UKxtG
+Jd9+yOj81BznQjlZF18yqjERP1cyewmuGIUEqU1ODVE5SVajZSSOpe9EnT0TENZ3
+SJcodwtg8rd1V4pqUecx5cpG01szohDuqXJ1NbvoRIYXbxwyx9b7JK3YuoDhRylG
+rmCyP5n5Sb0J+5yfcOL33CPVK7SLladTlopCcaeieIIMSqMdUSHpLKqvOrRt3Cz7
+9A777L9MHND1yf2Mm/IQlih/1d6JblNSJ2znD7hfpo1ReYmzYtG35a3m6FZt4QT1
+5gGLQ0QC9a4s4LpqY9zPxaW9jpQPsyodoiCk/j2ZkwHLIa580V3Kh6dxjI+LwXlZ
+/9T+Q/C3L5Has5yBijtCdekyrsD6XVfEn5gg+yFkDc6TKYCGhsro0yA9J+BOGRD2
+HDxVbH3njCiP5wDvxIgOQLN06LQLDX+Qq++MRnJe4e0i1CQA+ow7ROSGUEPX7k3p
+qoxJcQ2i2SCKz1PooV/ii/iN1PfU/IK3GAJEO2ktpQM9APKP//tvc00CAbarnlc9
+G22yWAxW3R5JN7SfeX+lqC+Mok1cS7WGCQOOOC+B0EelTaj6Zcb7wbkCDQRX6jaX
+ARAAxAQjAzi2kzXnWnX6yAkijTQk0j5raWb7+2Qprqr+I4ZbjEFiQFodw7Ei8eFt
+sY5LSSvFWe8WXl0Ahvmfi+/9TPFwgEtLWTOqguCjJQN0VkOfjhEDWLuAFHoa3IzV
+ySoZhDgIDQ/LY7cRg+Ryi0AaInesYx0cxdYkt93X1tPtcV4q7KiTIWZWBsWlBZF3
+qHgneIfq6lBObjd/QfKhaFGleXi4UhJfcwnVj01h6dCKWUSNPRr6/sbdQztsnDYn
+ghka+pdUAmVqpj+Cpb0ppUuzO78tW0lImybRUGOomhivQbw2/TcYcgwQmdUi7+Ie
+Td/8H9Msff2P9u54vFbhUt1XlNk4KWyOi2Xu9CvidXqNcg6wpdAPthIjeZ3tRT3H
+nFt9N5cPlhaQwV7SuGx9eaiMk2Oj2dBPvV4M18guwfA98iyNJ4tBmmiFLagfaDuN
+aMgyt5cQA0tORt5d8AUoF3OrYQ/wdiToa6IJ7RO2WaSlFaYOHFJzMUDLNSUzKbVI
+OR7No7QIOvKYJR4njnHBgIK5AeQNu5ucBxbFDOqnmu0E75pHOrVn8l5OOuHN/EiO
+SGzRTdSh/iVftUgZC3vj+XnIlen1RBU63DRkFn97knlQGtmJgi6yIJhWHYk9LvDG
+rUAdtPgrIr4844O3E5ZNTDW0YTmWtkfqnmfgEVBUdMWjj1sAEQEAAYkCNgQYAQgA
+CQUCV+o2lwIbDAAhCRCw6d0gsp8UMhYhBOmHq39+iWZ3dtBbO7Dp3SCynxQy0eUP
+/RLpSjdHZzZxJ0gorRbNkUZ+hJL4eCZC+V+JGBvTgLd58lN8ah/vqQafn3vUXwB4
+3tW/if/Oz9ZRrLhfPtfROEQjxroo4xNRY9PPrEO1yQ5O6i81CcZGRKpZ391Q2fPl
+2+lWT4VKXpn+XbF33FXAox9Rdfc/H5bXF+EiT00EnuxKWv6yyC48lNgKGBmSdhRE
+iXTzzRzGxBxN3GWQV+2rIrHMy3Bp2DgKb2kHLhA2sLg8oCoszhWcW1+le34ioqNB
+Yt/HLvM+nVzxgrD6RMQg0aiFQJvIw68Z48g5oD44xIjJT6YWXLbZA0XaXLn+m1CR
+6xqxSeXsXSCnvbF5KQs6MsxKFs07T2GDEMuHJO35IfEfg1JWWgzqJfGe8bKBeQ2U
+wFaZrYlmOYpq4VIdWwgDHlzuXynb/7MLe6NyxJPun57Ex7NsS//sfrR5nPunk43e
+0W0lqmT50WJxRhBHhxXmkQ0fH6tzra8GJxo99+MJzaSfENvdRz39BQXM56nv0/1w
+lRdfqJJcqYqVav/gKvKaB5eH3dXHKGZK5YSiQbtvqKBOwsOhHxtvsE18lu5LwiYd
+nTaI0DmUcl2o4iC0+cpSFSesGSGd2XIIid0E4yre89Cf4kfuCQhvUkBrgYwU3mFM
+/MhgH9hH7MKAmRVfm+pwNOk3owA/vBcSuRRLeeVGDGeqmQINBFOsE5ABEADD/k0t
+8to+R0kPhr2k7d0P/p1SYgxkwSaYgdv4/MgO/yEbQDMsqs1mw88mWnFKKdbH4QUS
+qCj21SiiJVrcoY7dNNapkKNiaMNCylAxkLtDw9/up0AVdkJ/7iHvrKlwIb3SBQV1
+oJYBrXF9rzFBtkW9NhLc+DzloeHfPtABCIi0XoIOGSDn+RQvppe/13phBj+2fd5I
+LNWiHfKIrr6228TynSPqy7H4z5DYcnYIJ7f7FO+MgaZjj28GFCyCFz7DMJsR/JX8
+CDsaOHvBsBRtBIKSQ7ce9KtAnemsmyGVkaHpGvxo3gaWj8pROIiQRbDYfXXvMbpT
+Yh/OTxbbx3SgBNjk3fH6ZjYZXuz+1kjJ9aajRKWvhZbMCjKEGjm3n+PrYdd2o9W6
+j5+aOhSWDs54z7froPmt291NdykF4kHb3W3SwGaIACV3/ZorrwG8wHhnV8dEwqTr
+E6xcTIwr2+C07yFDKrSgTbZsjEb6RbZA9SKsj6+ct8TrAxVPAigj7eMdWcF8yxxQ
+CCZci8UIx9hyHAfr4fKCYl0KlG3SoZ8kTKiB0AvjsK+QowE7gKuHeKOvEn8cb2Di
+BWjDfJoTO19xhzm51jxcDneIkVoeSg5QJqtiQZybyhf7vP9vl1fS9O8I9y1uR2lC
+x7UkWAGTTVTtzs+O47125jsj/BjLMECT/Ub33QARAQABtCBUaW0gUsO8aHNlbiA8
+dGltLnJ1ZWhzZW5AZ214LmRlPokCTgQTAQoAOAIbAwULCQgHAwUVCgkICwUWAgMB
+AAIeAQIXgBYhBByyfbyYYUstWEFkbQgwLbaiZwQoBQJgRRE9AAoJEAgwLbaiZwQo
+1nQP/igf0pGcHlUqHSGmaapDoqRJfHcwUMfC3FjK4fmV94D3KUVU9txWbb02qX5n
+1yQXcpweHEAQEY7YVUbZLND2kMqq/unyi6TqdXK6wtz1t6tO2IsPXceAzI5pC6hX
+QbN/sQIBD+ytdUVpvuOGDLUfbn95PYqNx/2t3GzW2hSglt6MUFDHVvQpglkQnCGI
+1C2ulqPOarKcxggH4pTWQ2PR9JOJMS4iUGEyZeVUA8m21V+KZS3CZjaEuq+/3dLW
+WzC1vtl7WMa3JahCGaJHL7kauVa0qgEkG1FENDxNhjb9m7nXh7+DRSOQM8oT4EbC
+kSt5mLAwPl6JoAiRa3l+oVy6SldpdkMl6ycCnYEWki5K5xTUeJugw95Hm5mkD6Dt
+li7tTtIlqcQ8i2kQB+BmtD2HSKBWrFONE4DQaBv8GcqzoDMFmw72sOStbnbAGEtz
+IU41pmOaV6AnfN/hVqNNH3P8vzrSJifU0WCR9TEZoZoN0Rxbt4vYbLrArgiGE94K
+rUEJ08c7Q4VOAdbQcENgzu+MnQC7jWk471eJ05hWMtqvW2PKh/2bF/LgIYJuBcNX
+CKFBkDNTBNibJ8MnVn0uBZ3X9G6Kx9wU5e89Qvj7V6MM4SoTiOmhlbxH8GxXXSYf
+AWosuWUSOFyXzG5yhurvUmYW+OIFPRZ6Wb5gKSgoLdgB+DhfuQINBFOsE5ABEADr
+LQL3bP7+M6PTCjuVbqqHBDhBAKEEuxKffwDz1AJKfRhvqTYIKQqgZwaIzXdbOkmP
+rTEgWHJKbwssaRmdBVRSYkE2DXLEcnuxqAgNyc5RMoVHWIE4jFNkxmrN6ZcVWel2
+OwCo9A6bzUftKKYJRPAYou4nmv87+CdKT16JV40dMG/phLyPINByy9wThIodpJQX
+/H1O6OCsMM/ZQJQ8zJCXbCCCe/c5gcg6+RJLsNa1CjIjQH0F1XZuncxz3nvKLxXL
+uQG8HCcU5GxW/z2byjEkoJrlakmcwUzuih7IuFrvSaexb8so2N6u5H8vm+SBkCwU
+c28lBsKECOJUeH28CBcMmFuRKFgF/fBpRiXDKI8Fl3IRm5vFIfL6oIBJBSDfunfZ
+5FPXup5fVGT9k0dhBlD48zDQ22kVVmRkpctxGwd3yE4BM9/sQ3nK4HwrB9+9X2Rq
+xbAzwz8LGvRE7/rusBg9HaO8kIOO/7NjutCvJkHGPfJSF7i9XvBcoQpkTIJFPaxu
+pk7TCFOVDAzUYh82MzNq89SVe49017/nuXzKJ3SAtok7xDYVsXXriYgnmouL7f+c
+DXdXmLIxPZN6LKkwKb9/rU0/9xPuvxS25zCSgjig8/SFEdSt6wvs94npSn6RcmVx
+i5VN1Ni4IMRgQn7hXpGKATlM6CQ32V7QBJN24mFECQARAQABiQI2BBgBCgAgAhsM
+FiEEHLJ9vJhhSy1YQWRtCDAttqJnBCgFAmBFEU0ACgkQCDAttqJnBCh3ahAAo9lG
+UYfbbuQd6XRb7bkXWsoPoTI+o2S9wQOvZQLb/sANCkK0HqwAWdNeBKWF3o9NUG5y
+/gQ3wNJv7WBGzCBL/N87K0doq6s9MiwXFIykr/yIlN7la3lCQvOUDn1OmO9zHGq4
+t4arfCiInm5Hc6NhStV3aKtgIJoGWDMu9aIcy9canuAO+oO8l1ayV1kPDKWskVEX
+ZsdvnxY0rhInvUfgw27uY2ziPLO3iTfPJLJ8wx2V3cyxkVWgk+08DHKQz0gwObJA
+iAFtWJXSd8kO7mzcNVPgDAgje/7Lf2wlP4GQYO6Ht5RnhzbzIcgHxcK6pJeIS5oA
+vDySWASwD66dkdYQUAjYHE2OQnwTjxU907uf1Foaa6yiOFBcQku4NQNdoUDfv+HW
+0C5TR2XVcO9UBPTlEGMjMeqhTHs3E3HXKGiFWT7WYtdG9fBhVNoLvZ39eYnWEM8N
+svcRUmOKzvoAJbmbZAlH3necl20MeJnfkTx9Nu3D9afYnaw9IJ9BetTON3gXzTtG
+wAJjMZ346k9MLvnSLFpD8of15R/jl+RbZ732stOJkbcM5cUj2Lgi7DE44y7BeBT5
+XD5LAUwop30sm4Kxwv9oEyVjzoQPkB24l9YGeEOEIqESZLszZ44Jsh703+9n3Dq9
+wNTn8cXhFYi0Of02Vt4nNiXryBL/zneXgb37qiI=
+=8Avy
+-----END PGP PUBLIC KEY BLOCK-----

SOURCES/nettle-3.8-zeroize-stack.patch

@@ -0,0 +1,334 @@
+From 24a4cb910a51f35dff89842e8cce27f88e8e78c3 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <dueno@redhat.com>
+Date: Wed, 24 Aug 2022 17:19:57 +0900
+Subject: [PATCH] Clear any intermediate data allocate on stack
+
+Signed-off-by: Daiki Ueno <dueno@redhat.com>
+---
+ cbc.c                 |  3 +++
+ cfb.c                 | 13 +++++++++++++
+ ctr.c                 |  4 ++++
+ ctr16.c               |  2 ++
+ ecc-random.c          |  3 +++
+ ecdsa-keygen.c        |  2 ++
+ ecdsa-sign.c          |  2 ++
+ ed25519-sha512-sign.c |  2 ++
+ ed448-shake256-sign.c |  2 ++
+ gostdsa-sign.c        |  2 ++
+ hmac.c                | 10 +++++++---
+ nettle-internal.h     |  5 +++++
+ pbkdf2.c              |  5 ++++-
+ pss-mgf1.c            |  5 ++++-
+ pss.c                 |  4 ++++
+ 15 files changed, 59 insertions(+), 5 deletions(-)
+
+diff --git a/cbc.c b/cbc.c
+index 76b6492d..b9da3aa0 100644
+--- a/cbc.c
++++ b/cbc.c
+@@ -128,6 +128,9 @@ cbc_decrypt(const void *ctx, nettle_cipher_func *f,
+ 	      length - block_size);
+       /* Writes first block. */
+       memxor3(dst, buffer, initial_iv, block_size);
++
++      TMP_CLEAR(buffer, buffer_size);
++      TMP_CLEAR(initial_iv, block_size);
+     }
+ }
+ 
+diff --git a/cfb.c b/cfb.c
+index b9da3159..b1b01b9e 100644
+--- a/cfb.c
++++ b/cfb.c
+@@ -83,6 +83,8 @@ cfb_encrypt(const void *ctx, nettle_cipher_func *f,
+       /* We do not care about updating IV here. This is the last call in
+        * message sequence and one has to set IV afterwards anyway */
+     }
++
++  TMP_CLEAR(buffer, block_size);
+ }
+ 
+ /* Don't allocate any more space than this on the stack */
+@@ -115,6 +117,8 @@ cfb_decrypt(const void *ctx, nettle_cipher_func *f,
+ 
+ 	  f(ctx, block_size, buffer, iv);
+ 	  memxor3(dst + length, src + length, buffer, left);
++
++	  TMP_CLEAR(buffer, block_size);
+ 	}
+     }
+   else
+@@ -160,6 +164,9 @@ cfb_decrypt(const void *ctx, nettle_cipher_func *f,
+ 	  f(ctx, block_size, buffer, iv);
+ 	  memxor(dst, buffer, left);
+ 	}
++
++      TMP_CLEAR(buffer, buffer_size);
++      TMP_CLEAR(initial_iv, block_size);
+     }
+ }
+ 
+@@ -196,6 +203,9 @@ cfb8_encrypt(const void *ctx, nettle_cipher_func *f,
+       pos ++;
+     }
+   memcpy(iv, buffer + pos, block_size);
++
++  TMP_CLEAR(buffer, block_size * 2);
++  TMP_CLEAR(outbuf, block_size);
+ }
+ 
+ void
+@@ -235,4 +245,7 @@ cfb8_decrypt(const void *ctx, nettle_cipher_func *f,
+     }
+ 
+   memcpy(iv, buffer + i, block_size);
++
++  TMP_CLEAR(buffer, block_size * 2);
++  TMP_CLEAR(outbuf, block_size * 2);
+ }
+diff --git a/ctr.c b/ctr.c
+index 8c6b4626..217d1abb 100644
+--- a/ctr.c
++++ b/ctr.c
+@@ -137,6 +137,8 @@ ctr_crypt(const void *ctx, nettle_cipher_func *f,
+ 	  f(ctx, block_size, block, ctr);
+ 	  INCREMENT(block_size, ctr);
+ 	  memxor3(dst + filled, src + filled, block, length - filled);
++
++	  TMP_CLEAR(block, block_size);
+ 	}
+     }
+   else
+@@ -173,5 +175,7 @@ ctr_crypt(const void *ctx, nettle_cipher_func *f,
+ 	  INCREMENT(block_size, ctr);
+ 	  memxor(dst, buffer, length);
+ 	}
++
++      TMP_CLEAR(buffer, buffer_size);
+     }
+ }
+diff --git a/ctr16.c b/ctr16.c
+index d744d2a9..ec0abd72 100644
+--- a/ctr16.c
++++ b/ctr16.c
+@@ -102,5 +102,7 @@ _nettle_ctr_crypt16(const void *ctx, nettle_cipher_func *f,
+ 	done:
+ 	  memxor3 (dst + i, src + i, buffer->b, length - i);
+ 	}
++
++      TMP_CLEAR(buffer, MIN(blocks, CTR_BUFFER_LIMIT / 16));
+     }
+ }
+diff --git a/ecc-random.c b/ecc-random.c
+index a7b48d6a..676f5933 100644
+--- a/ecc-random.c
++++ b/ecc-random.c
+@@ -36,6 +36,7 @@
+ #endif
+ 
+ #include <assert.h>
++#include <string.h>
+ 
+ #include "ecc.h"
+ #include "ecc-internal.h"
+@@ -79,4 +80,6 @@ ecc_scalar_random (struct ecc_scalar *x,
+   TMP_ALLOC (scratch, ECC_MOD_RANDOM_ITCH (x->ecc->q.size));
+ 
+   ecc_mod_random (&x->ecc->q, x->p, random_ctx, random, scratch);
++
++  TMP_CLEAR (scratch, ECC_MOD_RANDOM_ITCH (x->ecc->q.size));
+ }
+diff --git a/ecdsa-keygen.c b/ecdsa-keygen.c
+index 870282b0..05dd827a 100644
+--- a/ecdsa-keygen.c
++++ b/ecdsa-keygen.c
+@@ -59,4 +59,6 @@ ecdsa_generate_keypair (struct ecc_point *pub,
+   ecc_mod_random (&ecc->q, key->p, random_ctx, random, p);
+   ecc->mul_g (ecc, p, key->p, p + 3*ecc->p.size);
+   ecc->h_to_a (ecc, 0, pub->p, p, p + 3*ecc->p.size);
++
++  TMP_CLEAR (p, itch);
+ }
+diff --git a/ecdsa-sign.c b/ecdsa-sign.c
+index e6fb3287..e6b960bf 100644
+--- a/ecdsa-sign.c
++++ b/ecdsa-sign.c
+@@ -68,4 +68,6 @@ ecdsa_sign (const struct ecc_scalar *key,
+       mpz_limbs_finish (signature->s, size);
+     }
+   while (mpz_sgn (signature->r) == 0 || mpz_sgn (signature->s) == 0);
++
++  TMP_CLEAR (k, size + ECC_ECDSA_SIGN_ITCH (size));
+ }
+diff --git a/ed25519-sha512-sign.c b/ed25519-sha512-sign.c
+index 389a157e..52a46ea5 100644
+--- a/ed25519-sha512-sign.c
++++ b/ed25519-sha512-sign.c
+@@ -38,6 +38,7 @@
+ 
+ #include "ecc-internal.h"
+ #include "sha2.h"
++#include <string.h>
+ 
+ void
+ ed25519_sha512_sign (const uint8_t *pub,
+@@ -61,6 +62,7 @@ ed25519_sha512_sign (const uint8_t *pub,
+ 	       length, msg, signature, scratch_out);
+ 
+   gmp_free_limbs (scratch, itch);
++  explicit_bzero (digest, sizeof(digest));
+ #undef k1
+ #undef k2
+ #undef scratch_out
+diff --git a/ed448-shake256-sign.c b/ed448-shake256-sign.c
+index c524593d..01abf457 100644
+--- a/ed448-shake256-sign.c
++++ b/ed448-shake256-sign.c
+@@ -39,6 +39,7 @@
+ #include "ecc-internal.h"
+ #include "eddsa-internal.h"
+ #include "sha3.h"
++#include <string.h>
+ 
+ void
+ ed448_shake256_sign (const uint8_t *pub,
+@@ -63,6 +64,7 @@ ed448_shake256_sign (const uint8_t *pub,
+ 	       length, msg, signature, scratch_out);
+ 
+   gmp_free_limbs (scratch, itch);
++  explicit_bzero (digest, sizeof(digest));
+ #undef k1
+ #undef k2
+ #undef scratch_out
+diff --git a/gostdsa-sign.c b/gostdsa-sign.c
+index 892c0742..a7e0c21d 100644
+--- a/gostdsa-sign.c
++++ b/gostdsa-sign.c
+@@ -71,4 +71,6 @@ gostdsa_sign (const struct ecc_scalar *key,
+       mpz_limbs_finish (signature->s, size);
+     }
+   while (mpz_sgn (signature->r) == 0 || mpz_sgn (signature->s) == 0);
++
++  TMP_CLEAR (k, size + ECC_GOSTDSA_SIGN_ITCH (size));
+ }
+diff --git a/hmac.c b/hmac.c
+index ea356970..6a55551b 100644
+--- a/hmac.c
++++ b/hmac.c
+@@ -53,6 +53,8 @@ hmac_set_key(void *outer, void *inner, void *state,
+ {
+   TMP_DECL(pad, uint8_t, NETTLE_MAX_HASH_BLOCK_SIZE);
+   TMP_ALLOC(pad, hash->block_size);
++  TMP_DECL(digest, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE);
++  TMP_ALLOC(digest, hash->digest_size);
+   
+   hash->init(outer);
+   hash->init(inner);
+@@ -62,9 +64,6 @@ hmac_set_key(void *outer, void *inner, void *state,
+       /* Reduce key to the algorithm's hash size. Use the area pointed
+        * to by state for the temporary state. */
+ 
+-      TMP_DECL(digest, uint8_t, NETTLE_MAX_HASH_DIGEST_SIZE);
+-      TMP_ALLOC(digest, hash->digest_size);
+-
+       hash->init(state);
+       hash->update(state, key_length, key);
+       hash->digest(state, hash->digest_size, digest);
+@@ -86,6 +85,9 @@ hmac_set_key(void *outer, void *inner, void *state,
+   hash->update(inner, hash->block_size, pad);
+ 
+   memcpy(state, inner, hash->context_size);
++
++  TMP_CLEAR(pad, hash->block_size);
++  TMP_CLEAR(digest, hash->digest_size);
+ }
+ 
+ void
+@@ -112,4 +114,6 @@ hmac_digest(const void *outer, const void *inner, void *state,
+   hash->digest(state, length, dst);
+ 
+   memcpy(state, inner, hash->context_size);
++
++  TMP_CLEAR(digest, hash->digest_size);
+ }
+diff --git a/nettle-internal.h b/nettle-internal.h
+index c41f3ee0..62b89e11 100644
+--- a/nettle-internal.h
++++ b/nettle-internal.h
+@@ -76,6 +76,11 @@
+   do { assert((size_t)(size) <= (sizeof(name))); } while (0)
+ #endif 
+ 
++#include <string.h>		/* explicit_bzero */
++
++#define TMP_CLEAR(name, size) (explicit_bzero (name, sizeof (*name) * (size)))
++#define TMP_CLEAR_ALIGN(name, size) (explicit_bzero (name, size))
++
+ /* Limits that apply to systems that don't have alloca */
+ #define NETTLE_MAX_HASH_BLOCK_SIZE 144  /* For sha3_224*/
+ #define NETTLE_MAX_HASH_DIGEST_SIZE 64
+diff --git a/pbkdf2.c b/pbkdf2.c
+index 291d138a..a8ecba5b 100644
+--- a/pbkdf2.c
++++ b/pbkdf2.c
+@@ -92,8 +92,11 @@ pbkdf2 (void *mac_ctx,
+       if (length <= digest_size)
+ 	{
+ 	  memcpy (dst, T, length);
+-	  return;
++	  break;
+ 	}
+       memcpy (dst, T, digest_size);
+     }
++
++  TMP_CLEAR (U, digest_size);
++  TMP_CLEAR (T, digest_size);
+ }
+diff --git a/pss-mgf1.c b/pss-mgf1.c
+index 3f5e204b..3644c642 100644
+--- a/pss-mgf1.c
++++ b/pss-mgf1.c
+@@ -66,8 +66,11 @@ pss_mgf1(const void *seed, const struct nettle_hash *hash,
+       if (length <= hash->digest_size)
+ 	{
+ 	  hash->digest(state, length, mask);
+-	  return;
++	  break;
+ 	}
+       hash->digest(state, hash->digest_size, mask);
+     }
++
++  TMP_CLEAR(h, hash->digest_size);
++  TMP_CLEAR_ALIGN(state, hash->context_size);
+ }
+diff --git a/pss.c b/pss.c
+index d28e7b13..8106ebf2 100644
+--- a/pss.c
++++ b/pss.c
+@@ -77,6 +77,7 @@ pss_encode_mgf1(mpz_t m, size_t bits,
+   if (key_size < hash->digest_size + salt_length + 2)
+     {
+       TMP_GMP_FREE(em);
++      TMP_CLEAR_ALIGN(state, hash->context_size);
+       return 0;
+     }
+ 
+@@ -111,6 +112,7 @@ pss_encode_mgf1(mpz_t m, size_t bits,
+ 
+   nettle_mpz_set_str_256_u(m, key_size, em);
+   TMP_GMP_FREE(em);
++  TMP_CLEAR_ALIGN(state, hash->context_size);
+   return 1;
+ }
+ 
+@@ -194,5 +196,7 @@ pss_verify_mgf1(const mpz_t m, size_t bits,
+   ret = 1;
+  cleanup:
+   TMP_GMP_FREE(em);
++  TMP_CLEAR(h2, hash->digest_size);
++  TMP_CLEAR_ALIGN(state, hash->context_size);
+   return ret;
+ }
+-- 
+2.41.0
+

SPECS/gnutls.spec

@@ -0,0 +1,785 @@
+## START: Set by rpmautospec
+## (rpmautospec version 0.6.5)
+## RPMAUTOSPEC: autorelease, autochangelog
+%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
+    release_number = 3;
+    base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
+    print(release_number + base_release_number - 1);
+}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
+## END: Set by rpmautospec
+
+%define srpmhash() %{lua:
+local files = rpm.expand("%_specdir/gnutls.spec")
+for i, p in ipairs(patches) do
+   files = files.." "..p
+end
+for i, p in ipairs(sources) do
+   files = files.." "..p
+end
+local sha256sum = assert(io.popen("cat "..files.."| sha256sum"))
+local hash = sha256sum:read("*a")
+sha256sum:close()
+print(string.sub(hash, 0, 16))
+}
+
+Version: 3.8.7
+Release: %{?autorelease}%{!?autorelease:1%{?dist}}
+# not upstreamed: can we drop this as configure is regenerated when bootstrappign?
+Patch: gnutls-3.2.7-rpath.patch
+# not upstreamed: modifies the generated code
+Patch: gnutls-3.7.2-enable-intel-cet.patch
+# not upstreamed: to ignore GNUTLS_NO_EXPLICIT_INIT, for long-term support purposes
+Patch: gnutls-3.7.2-no-explicit-init.patch
+# not upstreamed: to avoid any inconsistency between algorithms enabled through API vs the ones enabled through config file, for long-term support purposes
+Patch: gnutls-3.7.3-disable-config-reload.patch
+# not upstreamed: should be removed once --disable-dsa is ported
+Patch: gnutls-3.7.3-fips-dsa-post.patch
+# not upstreamed, reseed source DRBG for prediction resistance
+Patch: gnutls-3.7.6-drbg-reseed.patch
+# not upstreamed, hard blocking SHA-1 signature verification, for long-term support purposes
+Patch: gnutls-3.7.6-fips-sha1-sigver.patch
+# not upstreamed: see https://gitlab.com/gnutls/gnutls/-/issues/1443
+Patch: gnutls-3.7.8-ktls_skip_tls12_chachapoly_test.patch
+# upstreamed: https://gitlab.com/gnutls/gnutls/-/merge_requests/1867
+Patch: gnutls-3.8.7-pkgconf-dlopen.patch
+# upstreamed: https://gitlab.com/gnutls/gnutls/-/merge_requests/1868
+Patch: gnutls-3.8.7-nettle-static.patch
+
+%bcond_without bootstrap
+%bcond_without dane
+%bcond_without fips
+%bcond_with tpm12
+%bcond_without tpm2
+%bcond_without gost
+%bcond_without certificate_compression
+%bcond_without liboqs
+%bcond_without tests
+
+%if 0%{?fedora} && 0%{?fedora} < 38
+%bcond_without srp
+%else
+%bcond_with srp
+%endif
+
+%if 0%{?fedora}
+%bcond_without mingw
+%else
+%bcond_with mingw
+%endif
+
+%if 0%{?rhel} >= 9 && %{with fips}
+%bcond_without bundled_gmp
+%else
+%bcond_with bundled_gmp
+%endif
+
+%if 0%{?rhel} >= 10 && %{with fips}
+%bcond_without bundled_nettle
+%else
+%bcond_with bundled_nettle
+%endif
+
+
+%define fips_requires() %{lua:
+local f = assert(io.popen("rpm -q --queryformat '%{EVR}' --whatprovides "..rpm.expand("'%1%{?_isa}'")))
+local v = f:read("*all")
+f:close()
+print("Requires: "..rpm.expand("%1%{?_isa}").." = "..v.."\\n")
+}
+
+Summary: A TLS protocol implementation
+Name: gnutls
+# The libraries are LGPLv2.1+, utilities are GPLv3+
+License: GPL-3.0-or-later AND LGPL-2.1-or-later
+BuildRequires: p11-kit-devel >= 0.21.3, gettext-devel
+BuildRequires: readline-devel, libtasn1-devel >= 4.3
+%if %{with certificate_compression}
+BuildRequires: zlib-devel, brotli-devel, libzstd-devel
+%endif
+%if %{with liboqs}
+BuildRequires: liboqs-devel
+%endif
+%if %{with bootstrap}
+BuildRequires: automake, autoconf, gperf, libtool, texinfo
+%endif
+%if !%{with bundled_nettle}
+BuildRequires: nettle-devel >= 3.9.1
+%endif
+%if %{with tpm12}
+BuildRequires: trousers-devel >= 0.3.11.2
+%endif
+%if %{with tpm2}
+BuildRequires: tpm2-tss-devel >= 3.0.3
+%endif
+BuildRequires: libidn2-devel
+BuildRequires: libunistring-devel
+BuildRequires: net-tools, softhsm, gcc, gcc-c++
+BuildRequires: gnupg2
+BuildRequires: git-core
+
+# for a sanity check on cert loading
+BuildRequires: p11-kit-trust, ca-certificates
+Requires: crypto-policies
+Requires: p11-kit-trust
+Requires: libtasn1 >= 4.3
+%if !%{with bundled_nettle}
+# always bump when a nettle release is packaged
+Requires: nettle >= 3.9.1
+%endif
+%if %{with tpm12}
+Recommends: trousers >= 0.3.11.2
+%endif
+
+%if %{with dane}
+BuildRequires: unbound-devel unbound-libs
+%endif
+BuildRequires: make gtk-doc
+
+%if %{with mingw}
+BuildRequires:  mingw32-filesystem >= 95
+BuildRequires:  mingw32-gcc
+BuildRequires:  mingw32-gcc-c++
+BuildRequires:  mingw32-libtasn1 >= 4.3
+BuildRequires:  mingw32-readline
+BuildRequires:  mingw32-zlib
+BuildRequires:  mingw32-p11-kit >= 0.23.1
+BuildRequires:  mingw32-nettle >= 3.6
+BuildRequires:  mingw64-filesystem >= 95
+BuildRequires:  mingw64-gcc
+BuildRequires:  mingw64-gcc-c++
+BuildRequires:  mingw64-libtasn1 >= 4.3
+BuildRequires:  mingw64-readline
+BuildRequires:  mingw64-zlib
+BuildRequires:  mingw64-p11-kit >= 0.23.1
+BuildRequires:  mingw64-nettle >= 3.6
+%endif
+
+URL: http://www.gnutls.org/
+%define short_version %(echo %{version} | grep -m1 -o "[0-9]*\.[0-9]*" | head -1)
+Source0: https://www.gnupg.org/ftp/gcrypt/gnutls/v%{short_version}/%{name}-%{version}.1.tar.xz
+Source1: https://www.gnupg.org/ftp/gcrypt/gnutls/v%{short_version}/%{name}-%{version}.1.tar.xz.sig
+Source2: https://gnutls.org/gnutls-release-keyring.gpg
+
+%if %{with bundled_gmp}
+Source100:	gmp-6.2.1.tar.xz
+# Taken from the main gmp package
+Source101:	gmp-6.2.1-intel-cet.patch
+%endif
+
+%if %{with bundled_nettle}
+Source200:      nettle-3.10-hobbled.tar.xz
+# Taken from the main nettle package
+Source201:	nettle-3.8-zeroize-stack.patch
+%endif
+
+# Wildcard bundling exception https://fedorahosted.org/fpc/ticket/174
+Provides: bundled(gnulib) = 20130424
+
+%package c++
+Summary: The C++ interface to GnuTLS
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%package devel
+Summary: Development files for the %{name} package
+Requires: %{name}%{?_isa} = %{version}-%{release}
+Requires: %{name}-c++%{?_isa} = %{version}-%{release}
+%if %{with dane}
+Requires: %{name}-dane%{?_isa} = %{version}-%{release}
+%endif
+Requires: pkgconfig
+
+%package utils
+License: GPL-3.0-or-later
+Summary: Command line tools for TLS protocol
+Requires: %{name}%{?_isa} = %{version}-%{release}
+%if %{with dane}
+Requires: %{name}-dane%{?_isa} = %{version}-%{release}
+%endif
+
+%if %{with dane}
+%package dane
+Summary: A DANE protocol implementation for GnuTLS
+Requires: %{name}%{?_isa} = %{version}-%{release}
+%endif
+
+%if %{with fips}
+%package fips
+Summary: Virtual package to install packages required to use %{name} under FIPS mode
+Requires: %{name}%{?_isa} = %{version}-%{release}
+%if !%{with bundled_nettle}
+%{fips_requires nettle}
+%endif
+%if !%{with bundled_gmp}
+%{fips_requires gmp}
+%endif
+%endif
+
+%description
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures. 
+
+%description c++
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures. 
+
+%description devel
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures. 
+This package contains files needed for developing applications with
+the GnuTLS library.
+
+%description utils
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures. 
+This package contains command line TLS client and server and certificate
+manipulation tools.
+
+%if %{with dane}
+%description dane
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures. 
+This package contains library that implements the DANE protocol for verifying
+TLS certificates through DNSSEC.
+%endif
+
+%if %{with fips}
+%description fips
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures.
+This package does not contain any file, but installs required packages
+to use GnuTLS under FIPS mode.
+%endif
+
+%if %{with mingw}
+%package -n mingw32-%{name}
+Summary:        MinGW GnuTLS TLS/SSL encryption library
+Requires:       pkgconfig
+Requires:       mingw32-libtasn1 >= 4.3
+BuildArch:      noarch
+
+%description -n mingw32-gnutls
+GnuTLS TLS/SSL encryption library.  This library is cross-compiled
+for MinGW.
+
+%package -n mingw64-%{name}
+Summary:        MinGW GnuTLS TLS/SSL encryption library
+Requires:       pkgconfig
+Requires:       mingw64-libtasn1 >= 4.3
+BuildArch:      noarch
+
+%description -n mingw64-gnutls
+GnuTLS TLS/SSL encryption library.  This library is cross-compiled
+for MinGW.
+
+%{?mingw_debug_package}
+%endif
+
+%prep
+%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
+
+%autosetup -p1 -S git
+
+%if %{with bundled_gmp}
+mkdir -p bundled_gmp
+pushd bundled_gmp
+tar --strip-components=1 -xf %{SOURCE100}
+patch -p1 < %{SOURCE101}
+popd
+%endif
+
+%if %{with bundled_nettle}
+mkdir -p bundled_nettle
+pushd bundled_nettle
+tar --strip-components=1 -xf %{SOURCE200}
+patch -p1 < %{SOURCE201}
+popd
+%endif
+
+%if %{with bundled_gmp}
+sed -i 's/@GMP_LIBS@//' lib/gnutls.pc.in
+%endif
+
+%build
+%define _lto_cflags %{nil}
+
+%if %{with bundled_gmp}
+pushd bundled_gmp
+autoreconf -ifv
+%configure --disable-cxx --disable-shared --enable-fat --with-pic
+%make_build
+popd
+
+export GMP_DIR="$PWD/bundled_gmp"
+export GMP_CFLAGS="-I$GMP_DIR"
+export GMP_LIBS="$GMP_DIR/.libs/libgmp.a"
+%endif
+
+%if %{with bundled_nettle}
+pushd bundled_nettle
+./.bootstrap
+
+# Disable -ggdb3 which makes debugedit unhappy
+sed s/ggdb3/g/ -i configure
+sed 's/ecc-secp192r1.c//g' -i Makefile.in
+sed 's/ecc-secp224r1.c//g' -i Makefile.in
+
+autoreconf -ifv
+# For annocheck
+export ASM_FLAGS="-Wa,--generate-missing-build-notes=yes"
+%configure --disable-shared --enable-fat --disable-documentation \
+	   --with-include-path="$GMP_DIR" \
+	   --with-lib-path="$GMP_DIR/.libs" \
+	   %{nil}
+%make_build
+ln -s . nettle
+popd
+
+export NETTLE_DIR="$PWD/bundled_nettle"
+
+export NETTLE_CFLAGS="-I$NETTLE_DIR"
+export NETTLE_LIBS="$NETTLE_DIR/libnettle.a"
+
+export HOGWEED_CFLAGS="-I$NETTLE_DIR"
+export HOGWEED_LIBS="$NETTLE_DIR/libhogweed.a"
+%endif
+
+%if %{with bootstrap}
+autoreconf -fi
+%endif
+
+sed -i -e 's|sys_lib_dlsearch_path_spec="/lib /usr/lib|sys_lib_dlsearch_path_spec="/lib /usr/lib %{_libdir}|g' configure
+rm -f lib/minitasn1/*.c lib/minitasn1/*.h
+
+echo "SYSTEM=NORMAL" >> tests/system.prio
+
+CCASFLAGS="$CCASFLAGS -Wa,--generate-missing-build-notes=yes"
+export CCASFLAGS
+
+%if %{with fips}
+eval $(sed -n 's/^\(\(NAME\|VERSION_ID\)=.*\)/OS_\1/p' /etc/os-release)
+export FIPS_MODULE_NAME="$OS_NAME ${OS_VERSION_ID%%.*} %name"
+%endif
+
+mkdir native_build
+pushd native_build
+%global _configure ../configure
+%configure \
+%if %{with fips}
+           --enable-fips140-mode \
+           --with-fips140-module-name="$FIPS_MODULE_NAME" \
+           --with-fips140-module-version=%{version}-%{srpmhash} \
+%endif
+%if %{with gost}
+    	   --enable-gost \
+%else
+	   --disable-gost \
+%endif
+%if %{with srp}
+           --enable-srp-authentication \
+%endif
+%ifarch %{ix86}
+           --disable-year2038 \
+%endif
+	   --enable-sha1-support \
+           --disable-static \
+           --disable-openssl-compatibility \
+           --disable-non-suiteb-curves \
+           --with-system-priority-file=%{_sysconfdir}/crypto-policies/back-ends/gnutls.config \
+           --with-default-trust-store-pkcs11="pkcs11:" \
+%if %{with tpm12}
+           --with-trousers-lib=%{_libdir}/libtspi.so.1 \
+%else
+           --without-tpm \
+%endif
+%if %{with tpm2}
+           --with-tpm2 \
+%else
+           --without-tpm2 \
+%endif
+           --enable-ktls \
+           --htmldir=%{_docdir}/manual \
+%if %{with dane}
+           --with-unbound-root-key-file=/var/lib/unbound/root.key \
+           --enable-libdane \
+%else
+           --disable-libdane \
+%endif
+%if %{with certificate_compression}
+	   --with-zlib --with-brotli --with-zstd \
+%else
+	   --without-zlib --without-brotli --without-zstd \
+%endif
+%if %{with liboqs}
+           --with-liboqs \
+%else
+           --without-liboqs \
+%endif
+           --disable-rpath \
+           --with-default-priority-string="@SYSTEM"
+
+%make_build
+
+%if %{with bundled_nettle}
+sed -i '/^Requires.private:/s/\(nettle\|hogweed\)[ ,]*//g' lib/gnutls.pc
+%endif
+
+popd
+
+%if %{with mingw}
+# MinGW does not support CCASFLAGS
+export CCASFLAGS=""
+%mingw_configure \
+%if %{with srp}
+    --enable-srp-authentication \
+%endif
+    --enable-sha1-support \
+    --disable-static \
+    --disable-openssl-compatibility \
+    --disable-non-suiteb-curves \
+    --disable-libdane \
+    --disable-rpath \
+    --disable-nls \
+    --disable-cxx \
+    --enable-local-libopts \
+    --enable-shared \
+    --without-tpm \
+    --with-included-unistring \
+    --disable-doc \
+    --with-default-priority-string="@SYSTEM"
+%mingw_make %{?_smp_mflags}
+%endif
+
+%install
+%make_install -C native_build
+pushd native_build
+make -C doc install-html DESTDIR=$RPM_BUILD_ROOT
+rm -f $RPM_BUILD_ROOT%{_infodir}/dir
+rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
+%if %{without dane}
+rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/gnutls-dane.pc
+%endif
+
+%if %{with fips}
+# doing it twice should be a no-op the second time,
+# and this way we avoid redefining it and missing a future change
+%global __debug_package 1
+%{__spec_install_post}
+fname=`basename $RPM_BUILD_ROOT%{_libdir}/libgnutls.so.30.*.*`
+./lib/fipshmac "$RPM_BUILD_ROOT%{_libdir}/libgnutls.so.30" > "$RPM_BUILD_ROOT%{_libdir}/.$fname.hmac"
+sed -i "s^$RPM_BUILD_ROOT/usr^^" "$RPM_BUILD_ROOT%{_libdir}/.$fname.hmac"
+ln -s ".$fname.hmac" "$RPM_BUILD_ROOT%{_libdir}/.libgnutls.so.30.hmac"
+%endif
+
+%if %{with fips}
+%define __spec_install_post \
+	%{?__debug_package:%{__debug_install_post}} \
+	%{__arch_install_post} \
+	%{__os_install_post} \
+%{nil}
+%endif
+
+%find_lang gnutls
+popd
+
+%if %{with mingw}
+%mingw_make_install
+
+# Remove .la files
+rm -f $RPM_BUILD_ROOT%{mingw32_libdir}/*.la
+rm -f $RPM_BUILD_ROOT%{mingw64_libdir}/*.la
+
+# The .def files aren't interesting for other binaries
+rm -f $RPM_BUILD_ROOT%{mingw32_bindir}/*.def
+rm -f $RPM_BUILD_ROOT%{mingw64_bindir}/*.def
+
+# Remove info and man pages which duplicate stuff in Fedora already.
+rm -rf $RPM_BUILD_ROOT%{mingw32_infodir}
+rm -rf $RPM_BUILD_ROOT%{mingw32_mandir}
+rm -rf $RPM_BUILD_ROOT%{mingw32_docdir}/gnutls
+
+rm -rf $RPM_BUILD_ROOT%{mingw64_infodir}
+rm -rf $RPM_BUILD_ROOT%{mingw64_mandir}
+rm -rf $RPM_BUILD_ROOT%{mingw64_docdir}/gnutls
+
+# Remove test libraries
+rm -f $RPM_BUILD_ROOT%{mingw32_libdir}/crypt32.dll*
+rm -f $RPM_BUILD_ROOT%{mingw32_libdir}/ncrypt.dll*
+rm -f $RPM_BUILD_ROOT%{mingw64_libdir}/crypt32.dll*
+rm -f $RPM_BUILD_ROOT%{mingw64_libdir}/ncrypt.dll*
+
+%mingw_debug_install_post
+%endif
+
+%check
+%if %{with tests}
+pushd native_build
+
+# KeyUpdate is not yet supported in the kernel.
+xfail_tests=ktls_keyupdate.sh
+
+# The ktls.sh test currently only supports kernel 5.11+.  This needs to
+# be checked at run time, as the koji builder might be using a different
+# version of kernel on the host than the one indicated by the
+# kernel-devel package.
+
+case "$(uname -r)" in
+  4.* | 5.[0-9].* | 5.10.* )
+    xfail_tests="$xfail_tests ktls.sh"
+    ;;
+esac
+
+make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null XFAIL_TESTS="$xfail_tests"
+popd
+%endif
+
+%files -f native_build/gnutls.lang
+%{_libdir}/libgnutls.so.30*
+%if %{with fips}
+%{_libdir}/.libgnutls.so.30*.hmac
+%endif
+%doc README.md AUTHORS NEWS THANKS
+%license LICENSE doc/COPYING doc/COPYING.LESSER
+
+%files c++
+%{_libdir}/libgnutlsxx.so.*
+
+%files devel
+%{_includedir}/*
+%{_libdir}/libgnutls*.so
+
+%{_libdir}/pkgconfig/*.pc
+%{_mandir}/man3/*
+%{_infodir}/gnutls*
+%{_infodir}/pkcs11-vision*
+%{_docdir}/manual/*
+
+%files utils
+%{_bindir}/certtool
+%if %{with tpm12}
+%{_bindir}/tpmtool
+%endif
+%{_bindir}/ocsptool
+%{_bindir}/psktool
+%{_bindir}/p11tool
+%if %{with srp}
+%{_bindir}/srptool
+%endif
+%if %{with dane}
+%{_bindir}/danetool
+%endif
+%{_bindir}/gnutls*
+%{_mandir}/man1/*
+%doc doc/certtool.cfg
+
+%if %{with dane}
+%files dane
+%{_libdir}/libgnutls-dane.so.*
+%endif
+
+%if %{with fips}
+%files fips
+%endif
+
+%if %{with mingw}
+%files -n mingw32-%{name}
+%license LICENSE doc/COPYING doc/COPYING.LESSER
+%{mingw32_bindir}/certtool.exe
+%{mingw32_bindir}/gnutls-cli-debug.exe
+%{mingw32_bindir}/gnutls-cli.exe
+%{mingw32_bindir}/gnutls-serv.exe
+%{mingw32_bindir}/libgnutls-30.dll
+%{mingw32_bindir}/ocsptool.exe
+%{mingw32_bindir}/p11tool.exe
+%{mingw32_bindir}/psktool.exe
+%if %{with srp}
+%{mingw32_bindir}/srptool.exe
+%endif
+%{mingw32_libdir}/libgnutls.dll.a
+%{mingw32_libdir}/libgnutls-30.def
+%{mingw32_libdir}/pkgconfig/gnutls.pc
+%{mingw32_includedir}/gnutls/
+
+%files -n mingw64-%{name}
+%license LICENSE doc/COPYING doc/COPYING.LESSER
+%{mingw64_bindir}/certtool.exe
+%{mingw64_bindir}/gnutls-cli-debug.exe
+%{mingw64_bindir}/gnutls-cli.exe
+%{mingw64_bindir}/gnutls-serv.exe
+%{mingw64_bindir}/libgnutls-30.dll
+%{mingw64_bindir}/ocsptool.exe
+%{mingw64_bindir}/p11tool.exe
+%{mingw64_bindir}/psktool.exe
+%if %{with srp}
+%{mingw64_bindir}/srptool.exe
+%endif
+%{mingw64_libdir}/libgnutls.dll.a
+%{mingw64_libdir}/libgnutls-30.def
+%{mingw64_libdir}/pkgconfig/gnutls.pc
+%{mingw64_includedir}/gnutls/
+%endif
+
+%changelog
+* Fri Oct 25 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 3.8.7-3
+- Rebuilt for MSVSphere 10
+
+## START: Generated by rpmautospec
+* Wed Aug 21 2024 Daiki Ueno <dueno@redhat.com> - 3.8.7-3
+- Fix issues in bundling nettle
+
+* Tue Aug 20 2024 Daiki Ueno <dueno@redhat.com> - 3.8.7-2
+- Statically link to Nettle libraries
+
+* Fri Aug 16 2024 Daiki Ueno <dueno@redhat.com> - 3.8.7-1
+- Update to 3.8.7 upstream release
+
+* Thu Aug 15 2024 Daiki Ueno <dueno@redhat.com> - 3.8.6-7
+- Forward port downstream patches from c9s
+
+* Mon Jul 29 2024 Daiki Ueno <dueno@redhat.com> - 3.8.6-6
+- liboqs: check whether Kyber768 is compiled in
+
+* Sat Jul 27 2024 Daiki Ueno <dueno@redhat.com> - 3.8.6-5
+- Fix configure check on nettle_rsa_oaep_* functions
+
+* Sat Jul 27 2024 Daiki Ueno <dueno@redhat.com> - 3.8.6-4
+- Enable X25519Kyber768Draft00 key exchange in TLS
+
+* Sat Jul 27 2024 Daiki Ueno <dueno@redhat.com> - 3.8.6-3
+- Switch to using dlwrap for loading compression libraries
+
+* Sat Jul 27 2024 Yaakov Selkowitz <yselkowi@redhat.com> - 3.8.6-2
+- Fix FIPS build with RPM 4.20
+
+* Sat Jul 27 2024 Zoltan Fridrich <zfridric@redhat.com> - 3.8.6-1
+- Update to 3.8.6 upstream release
+
+* Tue Jul 02 2024 Alexander Sosedkin <asosedkin@redhat.com> - 3.8.5-7
+- Rebuild against nettle-3.9.1-11.el10
+
+* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 3.8.5-6
+- Bump release for June 2024 mass rebuild
+
+* Mon Jun 17 2024 Zoltan Fridrich <zfridric@redhat.com> - 3.8.5-5
+- Build with certificate compression enabled
+
+* Thu May 16 2024 Alexander Sosedkin <asosedkin@redhat.com> - 3.8.5-4
+- Add gmp tarball to sources file, add gmp patch
+
+* Thu May 16 2024 Daiki Ueno <dueno@redhat.com> - 3.8.5-3
+- Add bcond to statically link to GMP
+
+* Thu May 16 2024 Daiki Ueno <dueno@redhat.com> - 3.8.5-2
+- Add virtual package to pull in nettle/gmp dependencies for FIPS
+
+* Thu May 16 2024 Zoltan Fridrich <zfridric@redhat.com> - 3.8.5-1
+- 3.8.5 upstream release
+
+* Thu May 16 2024 Zoltan Fridrich <zfridric@redhat.com> - 3.8.4-1
+- 3.8.4 upstream release
+
+* Thu May 16 2024 Zoltan Fridrich <zfridric@redhat.com> - 3.8.3-3
+- Fix mingw build failure
+
+* Wed Jan 24 2024 Zoltan Fridrich <zfridric@redhat.com> - 3.8.3-2
+- Update keyring
+
+* Tue Jan 23 2024 Zoltan Fridrich <zfridric@redhat.com> - 3.8.3-1
+- [packit] 3.8.3 upstream release
+
+* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.8.2-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Tue Dec 12 2023 Simon de Vlieger <cmdr@supakeen.com> - 3.8.2-3
+- Bump Nettle dependency.
+
+* Fri Dec 01 2023 Daiki Ueno <dueno@redhat.com> - 3.8.2-2
+- Tentatively revert newly added Ed448 keys support in PKCS#11
+
+* Wed Nov 22 2023 Daiki Ueno <dueno@redhat.com> - 3.8.2-1
+- [packit] 3.8.2 upstream release
+
+* Wed Nov 22 2023 Daiki Ueno <dueno@redhat.com> - 3.8.1-4
+- Remove patches no longer needed in 3.8.2
+
+* Thu Nov 09 2023 Daiki Ueno <dueno@redhat.com> - 3.8.1-3
+- Skip KTLS test if the host kernel is older than 5.11
+
+* Tue Aug 29 2023 Stephen Gallagher <sgallagh@redhat.com> - 3.8.1-2
+- Don't build with SRP on RHEL
+
+* Fri Aug 25 2023 Zoltan Fridrich <zfridric@redhat.com> - 3.8.1-1
+- [packit] 3.8.1 upstream release
+
+* Thu Aug 24 2023 Daiki Ueno <dueno@redhat.com> - 3.8.0-8
+- Migrate License field to SPDX license identifier
+
+* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.8.0-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Tue May 23 2023 Peter Leitmann <peto.leitmann@gmail.com> - 3.8.0-6
+- Add TMT interop tests
+
+* Thu Apr 13 2023 Daiki Ueno <dueno@redhat.com> - 3.8.0-5
+- Fix leftover of the previous %%bcond change
+
+* Tue Apr 11 2023 Daiki Ueno <dueno@redhat.com>
+- Use %%bcond instead of %%global for srp and mingw support
+
+* Sat Mar 11 2023 Richard W.M. Jones <rjones@redhat.com> - 3.8.0-3
+- Fix desychronisation with kTLS:
+  https://gitlab.com/gnutls/gnutls/-/issues/1470
+
+* Thu Mar 02 2023 Daniel P. Berrangé <berrange@redhat.com> - 3.8.0-2
+- Disable GNULIB's year2038 support for 64-bit time_t
+
+* Thu Feb 16 2023 Zoltan Fridrich <zfridric@redhat.com> - 3.8.0-1
+- [packit] 3.8.0 upstream release
+
+* Tue Feb 14 2023 Zoltan Fridrich <zfridric@redhat.com> - 3.7.8-14
+- Prepare for release
+
+* Fri Jan 20 2023 Frantisek Krenzelok <krenzelok.frantisek@gmail.com> - 3.7.8-13
+- KTLS: disable ktls_keyupdate & tls1.2 chachapoly tests
+
+* Fri Jan 20 2023 Frantisek Krenzelok <krenzelok.frantisek@gmail.com> - 3.7.8-12
+- KTLS additional ciphersuites
+
+* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.7.8-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Wed Dec 14 2022 Frantisek Krenzelok <krenzelok.frantisek@gmail.com> - 3.7.8-10
+- gcc-analyzer: suppress warnings
+
+* Thu Oct 27 2022 Daniel P. Berrangé <berrange@redhat.com> - 3.7.8-9
+- Cross-compiled mingw sub-RPMs should be 'noarch'
+
+* Wed Oct 19 2022 Zoltan Fridrich <zfridric@redhat.com> - 3.7.8-8
+- Add conditions for mingw
+
+* Tue Oct 18 2022 Michael Cronenworth <mike@cchtml.com> - 3.7.8-6
+- Initial MinGW package support
+
+* Tue Oct 18 2022 Zoltan Fridrich <zfridric@redhat.com> - 3.7.8-5
+- Use make macros
+
+* Tue Oct 18 2022 Zoltan Fridrich <zfridric@redhat.com> - 3.7.8-4
+- RPMAUTOSPEC: unresolvable merge
+## END: Generated by rpmautospec