diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..190b97a
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+SOURCES/gnutls-3.6.8.tar.xz
+SOURCES/gpgkey-1F42418905D8206AA754CCDC29EE58B996865171.gpg
diff --git a/.gnutls.metadata b/.gnutls.metadata
new file mode 100644
index 0000000..af466d6
--- /dev/null
+++ b/.gnutls.metadata
@@ -0,0 +1,2 @@
+e1243188791af409bca118d31faf3ec3d5f0a5ab SOURCES/gnutls-3.6.8.tar.xz
+e6f8a1400839ce7b4021cdd0f8d08d71b0693486 SOURCES/gpgkey-1F42418905D8206AA754CCDC29EE58B996865171.gpg
diff --git a/SOURCES/gnutls-3.2.7-rpath.patch b/SOURCES/gnutls-3.2.7-rpath.patch
new file mode 100644
index 0000000..4e6aed3
--- /dev/null
+++ b/SOURCES/gnutls-3.2.7-rpath.patch
@@ -0,0 +1,12 @@
+diff -ur gnutls-3.2.7.orig/configure gnutls-3.2.7/configure
+--- gnutls-3.2.7.orig/configure	2013-11-23 11:09:49.000000000 +0100
++++ gnutls-3.2.7/configure	2013-11-25 16:53:05.559440656 +0100
+@@ -39652,7 +39652,7 @@
+ shlibpath_overrides_runpath=unknown
+ version_type=none
+ dynamic_linker="$host_os ld.so"
+-sys_lib_dlsearch_path_spec="/lib /usr/lib"
++sys_lib_dlsearch_path_spec="/lib /usr/lib /lib64 /usr/lib64"
+ need_lib_prefix=unknown
+ hardcode_into_libs=no
+ 
diff --git a/SOURCES/gnutls-3.6.4-no-now-guile.patch b/SOURCES/gnutls-3.6.4-no-now-guile.patch
new file mode 100644
index 0000000..1da536b
--- /dev/null
+++ b/SOURCES/gnutls-3.6.4-no-now-guile.patch
@@ -0,0 +1,13 @@
+diff --git a/guile/src/Makefile.in b/guile/src/Makefile.in
+index 95e1e9c..1dfc88e 100644
+--- a/guile/src/Makefile.in
++++ b/guile/src/Makefile.in
+@@ -1483,7 +1483,7 @@ guileextension_LTLIBRARIES = guile-gnutls-v-2.la
+ # Use '-module' to build a "dlopenable module", in Libtool terms.
+ # Use '-undefined' to placate Libtool on Windows; see
+ # <https://lists.gnutls.org/pipermail/gnutls-devel/2014-December/007294.html>.
+-guile_gnutls_v_2_la_LDFLAGS = -module -no-undefined
++guile_gnutls_v_2_la_LDFLAGS = -module -no-undefined -Wl,-z,lazy
+ 
+ # Linking against GnuTLS.
+ GNUTLS_CORE_LIBS = $(top_builddir)/lib/libgnutls.la
diff --git a/SOURCES/gnutls-3.6.5-fix-fips-signature-post.patch b/SOURCES/gnutls-3.6.5-fix-fips-signature-post.patch
new file mode 100644
index 0000000..09092ca
--- /dev/null
+++ b/SOURCES/gnutls-3.6.5-fix-fips-signature-post.patch
@@ -0,0 +1,846 @@
+From 2c44e9f8b2e7a1ebc65caeb03f9f106d31e30822 Mon Sep 17 00:00:00 2001
+From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+Date: Wed, 3 Apr 2019 13:40:04 +0200
+Subject: [PATCH 1/7] crypto-selftests-pk.c: Move hardcoded values to the top
+
+The objective of moving these values to the top is to allow them to be
+used by other functions, in particular test_sig().
+
+Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+---
+ lib/crypto-selftests-pk.c | 224 +++++++++++++++++++-------------------
+ 1 file changed, 112 insertions(+), 112 deletions(-)
+
+diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c
+index 1aa53ea29..4fadd4161 100644
+--- a/lib/crypto-selftests-pk.c
++++ b/lib/crypto-selftests-pk.c
+@@ -107,6 +107,118 @@ static const char gost12_512_key[] =
+  "KjL7CLBERDm7Yvlv\n"
+  "-----END PRIVATE KEY-----\n";
+ 
++/* A precomputed RSA-SHA256 signature using the rsa_key2048 */
++static const char rsa_sig[] =
++    "\x7a\xb3\xf8\xb0\xf9\xf0\x52\x88\x37\x17\x97\x9f\xbe\x61\xb4\xd2\x43\x78\x9f\x79\x92\xd0\xad\x08\xdb\xbd\x3c\x72\x7a\xb5\x51\x59\x63\xd6\x7d\xf1\x9c\x1e\x10\x7b\x27\xab\xf8\xd4\x9d\xcd\xc5\xf9\xae\xf7\x09\x6b\x40\x93\xc5\xe9\x1c\x0f\xb4\x82\xa1\x47\x86\x54\x63\xd2\x4d\x40\x9a\x80\xb9\x38\x45\x69\xa2\xd6\x92\xb6\x69\x7f\x3f\xf3\x5b\xa5\x1d\xac\x06\xad\xdf\x4e\xbb\xe6\xda\x68\x0d\xe5\xab\xef\xd2\xf0\xc5\xd8\xc0\xed\x80\xe2\xd4\x76\x98\xec\x44\xa2\xfc\x3f\xce\x2e\x8b\xc4\x4b\xab\xb0\x70\x24\x52\x85\x2a\x36\xcd\x9a\xb5\x05\x00\xea\x98\x7c\x72\x06\x68\xb1\x38\x44\x16\x80\x6a\x3b\x64\x72\xbb\xfd\x4b\xc9\xdd\xda\x2a\x68\xde\x7f\x6e\x48\x28\xc1\x63\x57\x2b\xde\x83\xa3\x27\x34\xd7\xa6\x87\x18\x35\x10\xff\x31\xd9\x47\xc9\x84\x35\xe1\xaa\xe2\xf7\x98\xfa\x19\xd3\xf1\x94\x25\x2a\x96\xe4\xa8\xa7\x05\x10\x93\x87\xde\x96\x85\xe5\x68\xb8\xe5\x4e\xbf\x66\x85\x91\xbd\x52\x5b\x3d\x9f\x1b\x79\xea\xe3\x8b\xef\x62\x18\x39\x7a\x50\x01\x46\x1b\xde\x8d\x37\xbc\x90\x6c\x07\xc0\x07\xed\x60\xce\x2e\x31\xd6\x8f\xe8\x75\xdb\x45\x21\xc6\xcb";
++
++/* ECDSA key and signature */
++static const char ecdsa_secp256r1_privkey[] =
++    "-----BEGIN EC PRIVATE KEY-----\n"
++    "MHcCAQEEIPAKWV7+pZe9c5EubMNfAEKWRQtP/MvlO9HehwHmJssNoAoGCCqGSM49\n"
++    "AwEHoUQDQgAE2CNONRio3ciuXtoomJKs3MdbzLbd44VPhtzJN30VLFm5gvnfiCj2\n"
++    "zzz7pl9Cv0ECHl6yedNI8QEKdcwCDgEmkQ==\n"
++    "-----END EC PRIVATE KEY-----\n";
++
++static const char ecdsa_secp256r1_sig[] =
++    "\x30\x45\x02\x21\x00\x9b\x8f\x60\xed\x9e\x40\x8d\x74\x82\x73\xab\x20\x1a\x69\xfc\xf9\xee\x3c\x41\x80\xc0\x39\xdd\x21\x1a\x64\xfd\xbf\x7e\xaa\x43\x70\x02\x20\x44\x28\x05\xdd\x30\x47\x58\x96\x18\x39\x94\x18\xba\xe7\x7a\xf6\x1e\x2d\xba\xb1\xe0\x7d\x73\x9e\x2f\x58\xee\x0c\x2a\x89\xe8\x35";
++
++#ifdef ENABLE_NON_SUITEB_CURVES
++/* sha256 */
++static const char ecdsa_secp192r1_privkey[] =
++    "-----BEGIN EC PRIVATE KEY-----"
++    "MF8CAQEEGLjezFcbgDMeApVrdtZHvu/k1a8/tVZ41KAKBggqhkjOPQMBAaE0AzIA"
++    "BO1lciKdgxeRH8k64vxcaV1OYIK9akVrW02Dw21MXhRLP0l0wzCw6LGSr5rS6AaL"
++    "Fg==" "-----END EC PRIVATE KEY-----";
++
++static const char ecdsa_secp192r1_sig[] =
++    "\x30\x34\x02\x18\x5f\xb3\x10\x4b\x4d\x44\x48\x29\x4b\xfd\xa7\x8e\xce\x57\xac\x36\x38\x54\xab\x73\xdb\xed\xb8\x5f\x02\x18\x0b\x8b\xf3\xae\x49\x50\x0e\x47\xca\x89\x1a\x00\xca\x23\xf5\x8d\xd6\xe3\xce\x9a\xff\x2e\x4f\x5c";
++
++static const char ecdsa_secp224r1_privkey[] =
++    "-----BEGIN EC PRIVATE KEY-----"
++    "MGgCAQEEHOKWJFdWdrR/CgVrUeTeawOrJ9GozE9KKx2a8PmgBwYFK4EEACGhPAM6"
++    "AAQKQj3YpenWT7lFR41SnBvmj/+Bj+kgzQnaF65qWAtPRJsZXFlLTu3/IUNqSRu9"
++    "DqPsk8xBHAB7pA==" "-----END EC PRIVATE KEY-----";
++
++static const char ecdsa_secp224r1_sig[] =
++    "\x30\x3d\x02\x1c\x76\x03\x8d\x74\xf4\xd3\x09\x2a\xb5\xdf\x6b\x5b\xf4\x4b\x86\xb8\x62\x81\x5d\x7b\x7a\xbb\x37\xfc\xf1\x46\x1c\x2b\x02\x1d\x00\xa0\x98\x5d\x80\x43\x89\xe5\xee\x1a\xec\x46\x08\x04\x55\xbc\x50\xfa\x2a\xd5\xa6\x18\x92\x19\xdb\x68\xa0\x2a\xda";
++#endif
++
++static const char ecdsa_secp384r1_privkey[] =
++    "-----BEGIN EC PRIVATE KEY-----"
++    "MIGkAgEBBDDevshD6gb+4rZpC9vwFcIwNs4KmGzdqCxyyN40a8uOWRbyf7aHdiSS"
++    "03oAyKtc4JCgBwYFK4EEACKhZANiAARO1KkPMno2tnNXx1S9EZkp8SOpDCZ4aobH"
++    "IYv8RHnSmKf8I3OKD6TaoeR+1MwJmNJUH90Bj45WXla68/vsPiFcfVKboxsZYe/n"
++    "pv8e4ugXagVQVBXNZJ859iYPdJR24vo=" "-----END EC PRIVATE KEY-----";
++
++static const char ecdsa_secp384r1_sig[] =
++    "\x30\x66\x02\x31\x00\xbb\x4d\x25\x30\x13\x1b\x3b\x75\x60\x07\xed\x53\x8b\x52\xee\xd8\x6e\xf1\x9d\xa8\x36\x0e\x2e\x20\x31\x51\x11\x48\x78\xdd\xaf\x24\x38\x64\x81\x71\x6b\xa6\xb7\x29\x58\x28\x82\x32\xba\x29\x29\xd9\x02\x31\x00\xeb\x70\x09\x87\xac\x7b\x78\x0d\x4c\x4f\x08\x2b\x86\x27\xe2\x60\x1f\xc9\x11\x9f\x1d\xf5\x82\x4c\xc7\x3d\xb0\x27\xc8\x93\x29\xc7\xd0\x0e\x88\x02\x09\x93\xc2\x72\xce\xa5\x74\x8c\x3d\xe0\x8c\xad";
++
++static const char ecdsa_secp521r1_privkey[] =
++    "-----BEGIN EC PRIVATE KEY-----"
++    "MIHbAgEBBEGO2n7NN363qSCvJVdlQtCvudtaW4o0fEufXRjE1AsCrle+VXX0Zh0w"
++    "Y1slSeDHMndpakoiF+XkQ+bhcB867UV6aKAHBgUrgQQAI6GBiQOBhgAEAQb6jDpo"
++    "byy1tF8Zucg0TMGUzIN2DK+RZJ3QQRdWdirO25OIC3FoFi1Yird6rpoB6HlNyJ7R"
++    "0bNG9Uv34bSHMn8yAFoiqxUCdJZQbEenMoZsi6COaePe3e0QqvDMr0hEWT23Sr3t"
++    "LpEV7eZGFfFIJw5wSUp2KOcs+O9WjmoukTWtDKNV"
++    "-----END EC PRIVATE KEY-----";
++
++static const char ecdsa_secp521r1_sig[] =
++    "\x30\x81\x87\x02\x42\x01\xb8\xcb\x52\x9e\x10\xa8\x49\x3f\xe1\x9e\x14\x0a\xcf\x96\xed\x7e\xab\x7d\x0c\xe1\x9b\xa4\x97\xdf\x01\xf5\x35\x42\x5f\x5b\x28\x15\x24\x33\x6e\x59\x6c\xaf\x10\x8b\x98\x8e\xe9\x4c\x23\x0d\x76\x92\x03\xdd\x6d\x8d\x08\x47\x15\x5b\xf8\x66\x75\x75\x40\xe8\xf4\xa0\x52\x02\x41\x15\x27\x7c\x5f\xa6\x33\xa6\x29\x68\x3f\x55\x8d\x7f\x1d\x4f\x88\xc6\x61\x6e\xac\x21\xdf\x2b\x7b\xde\x76\x9a\xdc\xe6\x3b\x94\x3f\x03\x9c\xa2\xa6\xa3\x63\x39\x48\xbd\x79\x70\x21\xf2\x6b\xff\x58\x66\xf1\x58\xc2\x58\xad\x4f\x84\x14\x5d\x05\x12\x83\xd0\x87\xbd\xf3";
++
++/* DSA key and signature */
++static const char dsa_privkey[] =
++ "-----BEGIN DSA PRIVATE KEY-----\n"
++ "MIIDTQIBAAKCAQEAh60B6yPMRIT7udq2kKuwnQDohvT1U0w+RJcSr23C05cM/Ovn\n"
++ "UP/8Rrj6T8K+uYhMbKgLaZiJJW9q04jaPQk0cfUphbLvRjzVHwE/0Bkb+Y1Rv7ni\n"
++ "Jot2IFMq5iuNraf889PC0WREvFCcIkSFY2Ac4WT7mCcBtfx/raGFXDUjcUrJ0HwZ\n"
++ "IOhjQDfcXUsztuyYsYA75ociEY8kyDZq/ixyr5++R1VjNf30Re8AbQlXOEGxEN5t\n"
++ "t+Tvpq8K5L3prQs2KNSzyOUmedjb/ojH4T4qe/RL9EVjjeuIGHDNUT6F197yZ91y\n"
++ "qLLTf1WjnUyZcKij5rryX0LJBBWawEZjNSHZawIdAMQlyycia4NigCdiDR+QptUn\n"
++ "2xrj9o14fXkIrXcCggEAXRZm1rbPhsjSTo6cpCVrmDzO1grv83EHiBH4MvRQQnP8\n"
++ "FpAREsBA5cYju97XvLaLhioZeMjLn08kU7TUbHRUB+ULTuVvE2dQbBpGuKiLRRt9\n"
++ "6U2T0eD3xGLoM+o8EY/kpqaWGEpZv7hzM9xuo4vy55+viAZgFWULqmltwfG/7w7V\n"
++ "NXUHNv5H4Ipw//fSDLTPqzUlNqSSswDLz6pCjWEs0rWAqNAMaOiLTz4id9pL48Oe\n"
++ "oAfpcQR9tgTEnwyXfZBnrJVclHhkHKGeXvU05IgCzpKO76Z5R+By50T0i/JV7vzM\n"
++ "l2yS9aAl/cprT6U7yI3oU/blldCVNpMcFAFb+fO8DAKCAQBVMo8xptyvQOJeSvbO\n"
++ "SSYdJ3IiI/0GdkcGWXblWg9z7mrPaWEnT7OquEm/+vYtWd3GHDtyNM+jzsN4Xgjc\n"
++ "TL3AEd2hLiozJQ1BFKw25VU08UHAYTzUxZhO4Vwtmp46Kwj8YLDQ3NHRWCBxpDQR\n"
++ "fbiFvyXP+qXap6plMfrydnUD1mae/JSOWOYgdB7tFIehstLxVXx/cAnjwgFU03Df\n"
++ "grjsad92zA1Hc9wIjbsgAQdTR5DWnFRkRt3UtayBwoyqm6QceZHsv1NAGvkQ4ion\n"
++ "bEjkHkjF9YCkR9/rspR8cLghRIXMjOpypuSbaRPeeWq0gP2UOxFL/d3iWH0ETr/L\n"
++ "kTlCAhxYGpVgtfB96qmJukyl9GOGvfkwFTgEyIDoV84M\n"
++ "-----END DSA PRIVATE KEY-----\n";
++
++static const char dsa_sig[] =
++    "\x30\x3d\x02\x1c\x2e\x40\x14\xb3\x7a\x3f\xc0\x4f\x06\x74\x4f\xa6\x5f\xc2\x0a\x46\x35\x38\x88\xb4\x1a\xcf\x94\x02\x40\x42\x7c\x7f\x02\x1d\x00\x98\xfc\xf1\x08\x66\xf1\x86\x28\xc9\x73\x9e\x2b\x5d\xce\x57\xe8\xb5\xeb\xcf\xa3\xf6\x60\xf6\x63\x16\x0e\xc0\x42";
++
++static const char gost01_privkey[] =
++ "-----BEGIN PRIVATE KEY-----\n"
++ "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIgQgdNfuHGmmTdPm\n"
++ "p5dAa3ea9UYxpdYQPP9lbDwzQwG2bJM=\n"
++ "-----END PRIVATE KEY-----\n";
++
++static const char gost01_sig[] =
++    "\xc5\xc8\xf8\xdc\x22\x51\xb0\x72\xe9\xa2\xbb\x84\x6c\xe2\x24\xd5\x72\x39\x2a\x5a\x0e\x7a\x43\xfc\x9c\xc3\x5d\x32\x92\xbb\xab\xc0\x4b\x99\xbd\xc8\x47\x24\x70\x06\x7e\xa1\xc6\xe3\xa0\xdc\x42\xed\xa0\x66\xf0\xcc\x50\x97\xe9\x5a\x7d\x3f\x65\x2d\x7b\x1b\x03\xcb";
++
++static const char gost12_256_privkey[] =
++ "-----BEGIN PRIVATE KEY-----\n"
++ "MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIEIgQgKOF96tom\n"
++ "D61rhSnzKjyrmO3fv0gdlHei+6ovrc8SnBk=\n"
++ "-----END PRIVATE KEY-----\n";
++
++static const char gost12_256_sig[] =
++    "\xb2\x51\x5a\x1a\xbd\x95\x4e\x71\x55\xad\x74\x74\x81\xa6\xca\x6c\x14\x01\xe0\x18\xda\xe4\x0d\x02\x4f\x14\xd2\x39\xd6\x3c\xb5\x85\xa8\x37\xfd\x7f\x2b\xfa\xe4\xf5\xbc\xbc\x15\x20\x8b\x83\x4b\x84\x0d\x5d\x02\x21\x8c\x0d\xb9\xc4\x2b\xc0\x3e\xfd\x42\x55\x1d\xb0";
++
++static const char gost12_512_privkey[] =
++ "-----BEGIN PRIVATE KEY-----\n"
++ "MGoCAQAwIQYIKoUDBwEBAQIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRCBECjFpvp\n"
++ "B0vdc7u59b99TCNXhHiB69JJtUjvieNkGYJpoaaIvoKZTNCjpSZASsZcQZCHOTof\n"
++ "hsQ3JCCy4xnd5jWT\n"
++ "-----END PRIVATE KEY-----\n";
++
++static const char gost12_512_sig[] =
++    "\x52\x4f\xa2\x77\x51\xd2\xc5\xef\xd3\xa3\x99\x4e\xec\xff\xc6\xe9\xfc\x2f\xc0\x28\x42\x03\x95\x6c\x9a\x38\xee\xea\x89\x79\xae\x1a\xc3\x68\x5e\xe4\x15\x15\x4b\xec\x0f\xf1\x7e\x0f\xba\x01\xc7\x84\x16\xc7\xb5\xac\x9d\x0c\x22\xdd\x31\xf7\xb0\x9b\x59\x4b\xf0\x02\xa8\x7d\xfd\x6d\x02\x43\xc7\x4f\x65\xbd\x84\x5c\x54\x91\xba\x75\x9f\x5a\x61\x19\x5c\x9a\x10\x78\x34\xa0\xa6\xf6\xdc\xb6\xb0\x50\x22\x38\x5f\xb0\x16\x66\xf1\xd5\x46\x00\xd5\xe2\xa8\xe5\xd2\x11\x5f\xd1\xbe\x6e\xac\xb2\x9c\x14\x34\x96\xe7\x58\x94\xb8\xf4\x5f";
++
+ static int test_rsa_enc(gnutls_pk_algorithm_t pk,
+ 			unsigned bits, gnutls_digest_algorithm_t ign)
+ {
+@@ -302,118 +414,6 @@ static int test_sig(gnutls_pk_algorithm_t pk,
+ 	return ret;
+ }
+ 
+-/* A precomputed RSA-SHA1 signature using the rsa_key2048 */
+-static const char rsa_sig[] =
+-    "\x7a\xb3\xf8\xb0\xf9\xf0\x52\x88\x37\x17\x97\x9f\xbe\x61\xb4\xd2\x43\x78\x9f\x79\x92\xd0\xad\x08\xdb\xbd\x3c\x72\x7a\xb5\x51\x59\x63\xd6\x7d\xf1\x9c\x1e\x10\x7b\x27\xab\xf8\xd4\x9d\xcd\xc5\xf9\xae\xf7\x09\x6b\x40\x93\xc5\xe9\x1c\x0f\xb4\x82\xa1\x47\x86\x54\x63\xd2\x4d\x40\x9a\x80\xb9\x38\x45\x69\xa2\xd6\x92\xb6\x69\x7f\x3f\xf3\x5b\xa5\x1d\xac\x06\xad\xdf\x4e\xbb\xe6\xda\x68\x0d\xe5\xab\xef\xd2\xf0\xc5\xd8\xc0\xed\x80\xe2\xd4\x76\x98\xec\x44\xa2\xfc\x3f\xce\x2e\x8b\xc4\x4b\xab\xb0\x70\x24\x52\x85\x2a\x36\xcd\x9a\xb5\x05\x00\xea\x98\x7c\x72\x06\x68\xb1\x38\x44\x16\x80\x6a\x3b\x64\x72\xbb\xfd\x4b\xc9\xdd\xda\x2a\x68\xde\x7f\x6e\x48\x28\xc1\x63\x57\x2b\xde\x83\xa3\x27\x34\xd7\xa6\x87\x18\x35\x10\xff\x31\xd9\x47\xc9\x84\x35\xe1\xaa\xe2\xf7\x98\xfa\x19\xd3\xf1\x94\x25\x2a\x96\xe4\xa8\xa7\x05\x10\x93\x87\xde\x96\x85\xe5\x68\xb8\xe5\x4e\xbf\x66\x85\x91\xbd\x52\x5b\x3d\x9f\x1b\x79\xea\xe3\x8b\xef\x62\x18\x39\x7a\x50\x01\x46\x1b\xde\x8d\x37\xbc\x90\x6c\x07\xc0\x07\xed\x60\xce\x2e\x31\xd6\x8f\xe8\x75\xdb\x45\x21\xc6\xcb";
+-
+-/* ECDSA key and signature */
+-static const char ecdsa_secp256r1_privkey[] =
+-    "-----BEGIN EC PRIVATE KEY-----\n"
+-    "MHcCAQEEIPAKWV7+pZe9c5EubMNfAEKWRQtP/MvlO9HehwHmJssNoAoGCCqGSM49\n"
+-    "AwEHoUQDQgAE2CNONRio3ciuXtoomJKs3MdbzLbd44VPhtzJN30VLFm5gvnfiCj2\n"
+-    "zzz7pl9Cv0ECHl6yedNI8QEKdcwCDgEmkQ==\n"
+-    "-----END EC PRIVATE KEY-----\n";
+-
+-static const char ecdsa_secp256r1_sig[] =
+-    "\x30\x45\x02\x21\x00\x9b\x8f\x60\xed\x9e\x40\x8d\x74\x82\x73\xab\x20\x1a\x69\xfc\xf9\xee\x3c\x41\x80\xc0\x39\xdd\x21\x1a\x64\xfd\xbf\x7e\xaa\x43\x70\x02\x20\x44\x28\x05\xdd\x30\x47\x58\x96\x18\x39\x94\x18\xba\xe7\x7a\xf6\x1e\x2d\xba\xb1\xe0\x7d\x73\x9e\x2f\x58\xee\x0c\x2a\x89\xe8\x35";
+-
+-#ifdef ENABLE_NON_SUITEB_CURVES
+-/* sha256 */
+-static const char ecdsa_secp192r1_privkey[] =
+-    "-----BEGIN EC PRIVATE KEY-----"
+-    "MF8CAQEEGLjezFcbgDMeApVrdtZHvu/k1a8/tVZ41KAKBggqhkjOPQMBAaE0AzIA"
+-    "BO1lciKdgxeRH8k64vxcaV1OYIK9akVrW02Dw21MXhRLP0l0wzCw6LGSr5rS6AaL"
+-    "Fg==" "-----END EC PRIVATE KEY-----";
+-
+-static const char ecdsa_secp192r1_sig[] =
+-    "\x30\x34\x02\x18\x5f\xb3\x10\x4b\x4d\x44\x48\x29\x4b\xfd\xa7\x8e\xce\x57\xac\x36\x38\x54\xab\x73\xdb\xed\xb8\x5f\x02\x18\x0b\x8b\xf3\xae\x49\x50\x0e\x47\xca\x89\x1a\x00\xca\x23\xf5\x8d\xd6\xe3\xce\x9a\xff\x2e\x4f\x5c";
+-
+-static const char ecdsa_secp224r1_privkey[] =
+-    "-----BEGIN EC PRIVATE KEY-----"
+-    "MGgCAQEEHOKWJFdWdrR/CgVrUeTeawOrJ9GozE9KKx2a8PmgBwYFK4EEACGhPAM6"
+-    "AAQKQj3YpenWT7lFR41SnBvmj/+Bj+kgzQnaF65qWAtPRJsZXFlLTu3/IUNqSRu9"
+-    "DqPsk8xBHAB7pA==" "-----END EC PRIVATE KEY-----";
+-
+-static const char ecdsa_secp224r1_sig[] =
+-    "\x30\x3d\x02\x1c\x76\x03\x8d\x74\xf4\xd3\x09\x2a\xb5\xdf\x6b\x5b\xf4\x4b\x86\xb8\x62\x81\x5d\x7b\x7a\xbb\x37\xfc\xf1\x46\x1c\x2b\x02\x1d\x00\xa0\x98\x5d\x80\x43\x89\xe5\xee\x1a\xec\x46\x08\x04\x55\xbc\x50\xfa\x2a\xd5\xa6\x18\x92\x19\xdb\x68\xa0\x2a\xda";
+-#endif
+-
+-static const char ecdsa_secp384r1_privkey[] =
+-    "-----BEGIN EC PRIVATE KEY-----"
+-    "MIGkAgEBBDDevshD6gb+4rZpC9vwFcIwNs4KmGzdqCxyyN40a8uOWRbyf7aHdiSS"
+-    "03oAyKtc4JCgBwYFK4EEACKhZANiAARO1KkPMno2tnNXx1S9EZkp8SOpDCZ4aobH"
+-    "IYv8RHnSmKf8I3OKD6TaoeR+1MwJmNJUH90Bj45WXla68/vsPiFcfVKboxsZYe/n"
+-    "pv8e4ugXagVQVBXNZJ859iYPdJR24vo=" "-----END EC PRIVATE KEY-----";
+-
+-static const char ecdsa_secp384r1_sig[] =
+-    "\x30\x66\x02\x31\x00\xbb\x4d\x25\x30\x13\x1b\x3b\x75\x60\x07\xed\x53\x8b\x52\xee\xd8\x6e\xf1\x9d\xa8\x36\x0e\x2e\x20\x31\x51\x11\x48\x78\xdd\xaf\x24\x38\x64\x81\x71\x6b\xa6\xb7\x29\x58\x28\x82\x32\xba\x29\x29\xd9\x02\x31\x00\xeb\x70\x09\x87\xac\x7b\x78\x0d\x4c\x4f\x08\x2b\x86\x27\xe2\x60\x1f\xc9\x11\x9f\x1d\xf5\x82\x4c\xc7\x3d\xb0\x27\xc8\x93\x29\xc7\xd0\x0e\x88\x02\x09\x93\xc2\x72\xce\xa5\x74\x8c\x3d\xe0\x8c\xad";
+-
+-static const char ecdsa_secp521r1_privkey[] =
+-    "-----BEGIN EC PRIVATE KEY-----"
+-    "MIHbAgEBBEGO2n7NN363qSCvJVdlQtCvudtaW4o0fEufXRjE1AsCrle+VXX0Zh0w"
+-    "Y1slSeDHMndpakoiF+XkQ+bhcB867UV6aKAHBgUrgQQAI6GBiQOBhgAEAQb6jDpo"
+-    "byy1tF8Zucg0TMGUzIN2DK+RZJ3QQRdWdirO25OIC3FoFi1Yird6rpoB6HlNyJ7R"
+-    "0bNG9Uv34bSHMn8yAFoiqxUCdJZQbEenMoZsi6COaePe3e0QqvDMr0hEWT23Sr3t"
+-    "LpEV7eZGFfFIJw5wSUp2KOcs+O9WjmoukTWtDKNV"
+-    "-----END EC PRIVATE KEY-----";
+-
+-static const char ecdsa_secp521r1_sig[] =
+-    "\x30\x81\x87\x02\x42\x01\xb8\xcb\x52\x9e\x10\xa8\x49\x3f\xe1\x9e\x14\x0a\xcf\x96\xed\x7e\xab\x7d\x0c\xe1\x9b\xa4\x97\xdf\x01\xf5\x35\x42\x5f\x5b\x28\x15\x24\x33\x6e\x59\x6c\xaf\x10\x8b\x98\x8e\xe9\x4c\x23\x0d\x76\x92\x03\xdd\x6d\x8d\x08\x47\x15\x5b\xf8\x66\x75\x75\x40\xe8\xf4\xa0\x52\x02\x41\x15\x27\x7c\x5f\xa6\x33\xa6\x29\x68\x3f\x55\x8d\x7f\x1d\x4f\x88\xc6\x61\x6e\xac\x21\xdf\x2b\x7b\xde\x76\x9a\xdc\xe6\x3b\x94\x3f\x03\x9c\xa2\xa6\xa3\x63\x39\x48\xbd\x79\x70\x21\xf2\x6b\xff\x58\x66\xf1\x58\xc2\x58\xad\x4f\x84\x14\x5d\x05\x12\x83\xd0\x87\xbd\xf3";
+-
+-/* DSA key and signature */
+-static const char dsa_privkey[] =
+- "-----BEGIN DSA PRIVATE KEY-----\n"
+- "MIIDTQIBAAKCAQEAh60B6yPMRIT7udq2kKuwnQDohvT1U0w+RJcSr23C05cM/Ovn\n"
+- "UP/8Rrj6T8K+uYhMbKgLaZiJJW9q04jaPQk0cfUphbLvRjzVHwE/0Bkb+Y1Rv7ni\n"
+- "Jot2IFMq5iuNraf889PC0WREvFCcIkSFY2Ac4WT7mCcBtfx/raGFXDUjcUrJ0HwZ\n"
+- "IOhjQDfcXUsztuyYsYA75ociEY8kyDZq/ixyr5++R1VjNf30Re8AbQlXOEGxEN5t\n"
+- "t+Tvpq8K5L3prQs2KNSzyOUmedjb/ojH4T4qe/RL9EVjjeuIGHDNUT6F197yZ91y\n"
+- "qLLTf1WjnUyZcKij5rryX0LJBBWawEZjNSHZawIdAMQlyycia4NigCdiDR+QptUn\n"
+- "2xrj9o14fXkIrXcCggEAXRZm1rbPhsjSTo6cpCVrmDzO1grv83EHiBH4MvRQQnP8\n"
+- "FpAREsBA5cYju97XvLaLhioZeMjLn08kU7TUbHRUB+ULTuVvE2dQbBpGuKiLRRt9\n"
+- "6U2T0eD3xGLoM+o8EY/kpqaWGEpZv7hzM9xuo4vy55+viAZgFWULqmltwfG/7w7V\n"
+- "NXUHNv5H4Ipw//fSDLTPqzUlNqSSswDLz6pCjWEs0rWAqNAMaOiLTz4id9pL48Oe\n"
+- "oAfpcQR9tgTEnwyXfZBnrJVclHhkHKGeXvU05IgCzpKO76Z5R+By50T0i/JV7vzM\n"
+- "l2yS9aAl/cprT6U7yI3oU/blldCVNpMcFAFb+fO8DAKCAQBVMo8xptyvQOJeSvbO\n"
+- "SSYdJ3IiI/0GdkcGWXblWg9z7mrPaWEnT7OquEm/+vYtWd3GHDtyNM+jzsN4Xgjc\n"
+- "TL3AEd2hLiozJQ1BFKw25VU08UHAYTzUxZhO4Vwtmp46Kwj8YLDQ3NHRWCBxpDQR\n"
+- "fbiFvyXP+qXap6plMfrydnUD1mae/JSOWOYgdB7tFIehstLxVXx/cAnjwgFU03Df\n"
+- "grjsad92zA1Hc9wIjbsgAQdTR5DWnFRkRt3UtayBwoyqm6QceZHsv1NAGvkQ4ion\n"
+- "bEjkHkjF9YCkR9/rspR8cLghRIXMjOpypuSbaRPeeWq0gP2UOxFL/d3iWH0ETr/L\n"
+- "kTlCAhxYGpVgtfB96qmJukyl9GOGvfkwFTgEyIDoV84M\n"
+- "-----END DSA PRIVATE KEY-----\n";
+-
+-static const char dsa_sig[] =
+-    "\x30\x3d\x02\x1c\x2e\x40\x14\xb3\x7a\x3f\xc0\x4f\x06\x74\x4f\xa6\x5f\xc2\x0a\x46\x35\x38\x88\xb4\x1a\xcf\x94\x02\x40\x42\x7c\x7f\x02\x1d\x00\x98\xfc\xf1\x08\x66\xf1\x86\x28\xc9\x73\x9e\x2b\x5d\xce\x57\xe8\xb5\xeb\xcf\xa3\xf6\x60\xf6\x63\x16\x0e\xc0\x42";
+-
+-static const char gost01_privkey[] =
+- "-----BEGIN PRIVATE KEY-----\n"
+- "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIgQgdNfuHGmmTdPm\n"
+- "p5dAa3ea9UYxpdYQPP9lbDwzQwG2bJM=\n"
+- "-----END PRIVATE KEY-----\n";
+-
+-static const char gost01_sig[] =
+-    "\xc5\xc8\xf8\xdc\x22\x51\xb0\x72\xe9\xa2\xbb\x84\x6c\xe2\x24\xd5\x72\x39\x2a\x5a\x0e\x7a\x43\xfc\x9c\xc3\x5d\x32\x92\xbb\xab\xc0\x4b\x99\xbd\xc8\x47\x24\x70\x06\x7e\xa1\xc6\xe3\xa0\xdc\x42\xed\xa0\x66\xf0\xcc\x50\x97\xe9\x5a\x7d\x3f\x65\x2d\x7b\x1b\x03\xcb";
+-
+-static const char gost12_256_privkey[] =
+- "-----BEGIN PRIVATE KEY-----\n"
+- "MEgCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIEIgQgKOF96tom\n"
+- "D61rhSnzKjyrmO3fv0gdlHei+6ovrc8SnBk=\n"
+- "-----END PRIVATE KEY-----\n";
+-
+-static const char gost12_256_sig[] =
+-    "\xb2\x51\x5a\x1a\xbd\x95\x4e\x71\x55\xad\x74\x74\x81\xa6\xca\x6c\x14\x01\xe0\x18\xda\xe4\x0d\x02\x4f\x14\xd2\x39\xd6\x3c\xb5\x85\xa8\x37\xfd\x7f\x2b\xfa\xe4\xf5\xbc\xbc\x15\x20\x8b\x83\x4b\x84\x0d\x5d\x02\x21\x8c\x0d\xb9\xc4\x2b\xc0\x3e\xfd\x42\x55\x1d\xb0";
+-
+-static const char gost12_512_privkey[] =
+- "-----BEGIN PRIVATE KEY-----\n"
+- "MGoCAQAwIQYIKoUDBwEBAQIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRCBECjFpvp\n"
+- "B0vdc7u59b99TCNXhHiB69JJtUjvieNkGYJpoaaIvoKZTNCjpSZASsZcQZCHOTof\n"
+- "hsQ3JCCy4xnd5jWT\n"
+- "-----END PRIVATE KEY-----\n";
+-
+-static const char gost12_512_sig[] =
+-    "\x52\x4f\xa2\x77\x51\xd2\xc5\xef\xd3\xa3\x99\x4e\xec\xff\xc6\xe9\xfc\x2f\xc0\x28\x42\x03\x95\x6c\x9a\x38\xee\xea\x89\x79\xae\x1a\xc3\x68\x5e\xe4\x15\x15\x4b\xec\x0f\xf1\x7e\x0f\xba\x01\xc7\x84\x16\xc7\xb5\xac\x9d\x0c\x22\xdd\x31\xf7\xb0\x9b\x59\x4b\xf0\x02\xa8\x7d\xfd\x6d\x02\x43\xc7\x4f\x65\xbd\x84\x5c\x54\x91\xba\x75\x9f\x5a\x61\x19\x5c\x9a\x10\x78\x34\xa0\xa6\xf6\xdc\xb6\xb0\x50\x22\x38\x5f\xb0\x16\x66\xf1\xd5\x46\x00\xd5\xe2\xa8\xe5\xd2\x11\x5f\xd1\xbe\x6e\xac\xb2\x9c\x14\x34\x96\xe7\x58\x94\xb8\xf4\x5f";
+-
+ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,
+ 			  gnutls_digest_algorithm_t dig,
+ 			  const void *privkey, size_t privkey_size,
+-- 
+2.20.1
+
+
+From 4b04d899849ea566ae33862289276d9b297cd493 Mon Sep 17 00:00:00 2001
+From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+Date: Wed, 3 Apr 2019 13:44:56 +0200
+Subject: [PATCH 2/7] crypto-selftests-pk.c: Add a comparison with a known
+ signature
+
+For RSA, compare the generated signature with a stored known value in
+test_sig().
+
+Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+---
+ lib/crypto-selftests-pk.c | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c
+index 4fadd4161..0233e6b9f 100644
+--- a/lib/crypto-selftests-pk.c
++++ b/lib/crypto-selftests-pk.c
+@@ -313,6 +313,7 @@ static int test_sig(gnutls_pk_algorithm_t pk,
+ {
+ 	int ret;
+ 	gnutls_datum_t sig = { NULL, 0 };
++	gnutls_datum_t known_sig = { NULL, 0 };
+ 	gnutls_datum_t raw_rsa_key = { (void*)rsa_key2048, sizeof(rsa_key2048)-1 };
+ 	gnutls_datum_t raw_dsa_key = { (void*)dsa_key, sizeof(dsa_key)-1 };
+ 	gnutls_datum_t raw_ecc_key = { (void*)ecc_key, sizeof(ecc_key)-1 };
+@@ -343,6 +344,8 @@ static int test_sig(gnutls_pk_algorithm_t pk,
+ 	}
+ 
+ 	if (pk == GNUTLS_PK_RSA) {
++		known_sig.data = (void *)rsa_sig;
++		known_sig.size = sizeof(rsa_sig) - 1;
+ 		ret = gnutls_privkey_import_x509_raw(key, &raw_rsa_key, GNUTLS_X509_FMT_PEM, NULL, 0);
+ 	} else if (pk == GNUTLS_PK_RSA_PSS) {
+ 		ret = gnutls_privkey_import_x509_raw(key, &raw_rsa_key, GNUTLS_X509_FMT_PEM, NULL, 0);
+@@ -378,6 +381,16 @@ static int test_sig(gnutls_pk_algorithm_t pk,
+ 		goto cleanup;
+ 	}
+ 
++	/* Compare with a stored known signature */
++	if (known_sig.data != NULL) {
++		if (sig.size != known_sig.size
++			|| memcmp(sig.data, known_sig.data, sig.size) != 0) {
++			ret = GNUTLS_E_SELF_TEST_ERROR;
++			gnutls_assert();
++			goto cleanup;
++		}
++	}
++
+ 	ret =
+ 	    gnutls_pubkey_verify_data2(pub, sigalgo, 0,
+ 				       &signed_data, &sig);
+-- 
+2.20.1
+
+
+From 2123049ab9b963ef0ba108ed1cb180016bd672ab Mon Sep 17 00:00:00 2001
+From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+Date: Wed, 17 Apr 2019 17:22:40 +0200
+Subject: [PATCH 3/7] nettle/pk.c: Do not call gnutls_rnd() during self tests
+
+When the library state is LIB_STATE_SELFTEST, use constant data instead
+of calling gnutls_rnd().  This prevents the library to block if there is
+insufficient entropy during FIPS self tests.
+
+Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+---
+ lib/nettle/pk.c | 41 ++++++++++++++++++++++++++++++++++-------
+ 1 file changed, 34 insertions(+), 7 deletions(-)
+
+diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
+index 08117c2d8..64633cc73 100644
+--- a/lib/nettle/pk.c
++++ b/lib/nettle/pk.c
+@@ -60,6 +60,33 @@
+ static inline const struct ecc_curve *get_supported_nist_curve(int curve);
+ static inline const struct ecc_curve *get_supported_gost_curve(int curve);
+ 
++/* Fill the buffer with data for testing purposes.
++ * This should be called only during self tests.
++ */
++static int _pk_fill_buffer(void *buffer, size_t length)
++{
++	if (_gnutls_get_lib_state() != LIB_STATE_SELFTEST) {
++		return gnutls_assert_val(GNUTLS_E_RANDOM_FAILED);
++	}
++
++	memset(buffer, 0xAA, length);
++
++	return 0;
++}
++
++static int _pk_rnd(gnutls_rnd_level_t level, void *data, size_t len)
++{
++	int ret;
++
++	if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST) {
++		ret = _pk_fill_buffer(data, len);
++	} else {
++		ret = gnutls_rnd(level, data, len);
++	}
++
++	return ret;
++}
++
+ /* When these callbacks are used for a nettle operation, the
+  * caller must check the macro HAVE_LIB_ERROR() after the operation
+  * is complete. If the macro is true, the operation is to be considered
+@@ -67,21 +94,21 @@ static inline const struct ecc_curve *get_supported_gost_curve(int curve);
+  */
+ static void rnd_key_func(void *_ctx, size_t length, uint8_t * data)
+ {
+-	if (gnutls_rnd(GNUTLS_RND_KEY, data, length) < 0) {
++	if (_pk_rnd(GNUTLS_RND_KEY, data, length) < 0) {
+ 		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+ 	}
+ }
+ 
+ static void rnd_tmpkey_func(void *_ctx, size_t length, uint8_t * data)
+ {
+-	if (gnutls_rnd(GNUTLS_RND_RANDOM, data, length) < 0) {
++	if (_pk_rnd(GNUTLS_RND_RANDOM, data, length) < 0) {
+ 		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+ 	}
+ }
+ 
+ static void rnd_nonce_func(void *_ctx, size_t length, uint8_t * data)
+ {
+-	if (gnutls_rnd(GNUTLS_RND_NONCE, data, length) < 0) {
++	if (_pk_rnd(GNUTLS_RND_NONCE, data, length) < 0) {
+ 		_gnutls_switch_lib_state(LIB_STATE_ERROR);
+ 	}
+ }
+@@ -650,7 +677,7 @@ _rsa_pss_sign_digest_tr(gnutls_digest_algorithm_t dig,
+ 		if (salt == NULL)
+ 			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+ 
+-		ret = gnutls_rnd(GNUTLS_RND_NONCE, salt, salt_size);
++		ret = _pk_rnd(GNUTLS_RND_NONCE, salt, salt_size);
+ 		if (ret < 0) {
+ 			gnutls_assert();
+ 			goto cleanup;
+@@ -1732,7 +1759,7 @@ gnutls_x509_spki_st spki;
+ 
+ 		_gnutls_dsa_q_to_hash(params, &hash_len);
+ 		gen_data = gnutls_malloc(hash_len);
+-		gnutls_rnd(GNUTLS_RND_NONCE, gen_data, hash_len);
++		_pk_rnd(GNUTLS_RND_NONCE, gen_data, hash_len);
+ 
+ 		ddata.data = (void*)gen_data;
+ 		ddata.size = hash_len;
+@@ -2101,7 +2128,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,
+ 				goto fail;
+ 			}
+ 
+-			ret = gnutls_rnd(rnd_level, params->raw_priv.data, size);
++			ret = _pk_rnd(rnd_level, params->raw_priv.data, size);
+ 			if (ret < 0) {
+ 				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+ 				goto fail;
+@@ -2240,7 +2267,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo,
+ 				goto fail;
+ 			}
+ 
+-			ret = gnutls_rnd(rnd_level, params->raw_priv.data, size);
++			ret = _pk_rnd(rnd_level, params->raw_priv.data, size);
+ 			if (ret < 0) {
+ 				ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
+ 				goto fail;
+-- 
+2.20.1
+
+
+From db2b308fdbe98420b722eaf678c1a911bc51b0a5 Mon Sep 17 00:00:00 2001
+From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+Date: Thu, 18 Apr 2019 17:22:18 +0200
+Subject: [PATCH 4/7] tests: Run rng-no-onload test in FIPS mode
+
+This changes the function used in the test to override gnutls_rnd() to
+fill the given buffer with a different value each time it is called.
+This allows the test to run when FIPS mode is enabled.
+
+Previously the rng-no-onload test could get stuck if FIPS mode was
+enabled.  This happened if gnutls_rnd() function was called during
+global_init() in a loop that checks the generated value (e.g. if ECDSA
+signature generation is called during self tests).
+
+Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+---
+ tests/rng-no-onload.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/tests/rng-no-onload.c b/tests/rng-no-onload.c
+index ac01be214..a485a440d 100644
+--- a/tests/rng-no-onload.c
++++ b/tests/rng-no-onload.c
+@@ -50,18 +50,20 @@ static int _rnd_called = 0;
+ int __attribute__ ((visibility ("protected")))
+ gnutls_rnd(gnutls_rnd_level_t level, void *data, size_t len)
+ {
++	static unsigned int value = 0;
++
+ 	_rnd_called = 1;
+ 
+-	memset(data, 0xff, len);
++	/* Increment 'value' in each call up to 255, then start again from 0 */
++	value = (value + 1) & 0xFF;
++
++	memset(data, value, len);
++
+ 	return 0;
+ }
+ 
+ void doit(void)
+ {
+-	if (gnutls_fips140_mode_enabled()) {
+-		exit(77);
+-	}
+-
+ 	global_init();
+ 
+ 	if (_rnd_called != 0)
+-- 
+2.20.1
+
+
+From fc926cd65f1de06f359315c6693c1a9c9899ba8c Mon Sep 17 00:00:00 2001
+From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+Date: Thu, 4 Apr 2019 15:45:02 +0200
+Subject: [PATCH 5/7] crypto-selftests-pk.c: Fix test_known_sig
+
+Previously a new signature was generated only for deterministic
+algorithms (i.e. only RSA).  With this, a new signature is always
+generated (and compared with a stored signature for deterministic
+algorithms).  The signature verification is tested for both generated
+and stored signatures.
+
+Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+---
+ lib/crypto-selftests-pk.c | 31 ++++++++++++++++++++-----------
+ 1 file changed, 20 insertions(+), 11 deletions(-)
+
+diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c
+index 0233e6b9f..ba8f5e376 100644
+--- a/lib/crypto-selftests-pk.c
++++ b/lib/crypto-selftests-pk.c
+@@ -475,19 +475,17 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,
+ 		goto cleanup;
+ 	}
+ 
+-	/* Test if the signature we generate matches the stored */
++	ret = gnutls_privkey_sign_data(key, dig, 0, &signed_data, &sig);
++	if (ret < 0) {
++		gnutls_assert();
++		goto cleanup;
++	}
++
++	/* Test if the generated signature matches the stored */
+ 	ssig.data = (void *) stored_sig;
+ 	ssig.size = stored_sig_size;
+ 
+ 	if (deterministic_sigs != 0) {	/* do not compare against stored signature if not provided */
+-		ret =
+-		    gnutls_privkey_sign_data(key, dig, 0, &signed_data,
+-					     &sig);
+-		if (ret < 0) {
+-			gnutls_assert();
+-			goto cleanup;
+-		}
+-
+ 		if (sig.size != ssig.size
+ 		    || memcmp(sig.data, ssig.data, sig.size) != 0) {
+ 			ret = GNUTLS_E_SELF_TEST_ERROR;
+@@ -507,7 +505,7 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,
+ 		}
+ 	}
+ 
+-	/* Test if we can verify the signature */
++	/* Test if we can verify the generated signature */
+ 
+ 	ret = gnutls_pubkey_import_privkey(pub, key, 0, 0);
+ 	if (ret < 0) {
+@@ -515,6 +513,17 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,
+ 		goto cleanup;
+ 	}
+ 
++	ret =
++	    gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0,
++				       &signed_data, &sig);
++	if (ret < 0) {
++		ret = GNUTLS_E_SELF_TEST_ERROR;
++		gnutls_assert();
++		goto cleanup;
++	}
++
++	/* Test if we can verify the stored signature */
++
+ 	ret =
+ 	    gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0,
+ 				       &signed_data, &ssig);
+@@ -528,7 +537,7 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,
+ 
+ 	ret =
+ 	    gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0,
+-				       &bad_data, &ssig);
++				       &bad_data, &sig);
+ 
+ 	if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) {
+ 		ret = GNUTLS_E_SELF_TEST_ERROR;
+-- 
+2.20.1
+
+
+From 7e49999db264556ac73ff498bd8f7edce401cdd1 Mon Sep 17 00:00:00 2001
+From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+Date: Thu, 4 Apr 2019 17:22:04 +0200
+Subject: [PATCH 6/7] crypto-selftests-pk.c: Fix PK_KNOWN_TEST and PK_TEST
+
+Remove the flag check from the end of the macros.  This change allows
+more than one test to run in sequence when GNUTLS_SELF_TEST_FLAG_ALL is
+not set.  Move the flags checks to run the minimal set of tests required
+for FIPS and keep the previous behaviour for GOST (run the first test
+for each algorithm).
+
+Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+---
+ lib/crypto-selftests-pk.c | 37 ++++++++++++++++++++-----------------
+ 1 file changed, 20 insertions(+), 17 deletions(-)
+
+diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c
+index ba8f5e376..fc8ee2525 100644
+--- a/lib/crypto-selftests-pk.c
++++ b/lib/crypto-selftests-pk.c
+@@ -568,18 +568,14 @@ static int test_known_sig(gnutls_pk_algorithm_t pk, unsigned bits,
+ 			if (ret < 0) { \
+ 				gnutls_assert(); \
+ 				goto cleanup; \
+-			} \
+-			if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) \
+-				return 0
++			}
+ 
+ #define PK_KNOWN_TEST(pk, det, bits, dig, pkey, sig) \
+ 			ret = test_known_sig(pk, bits, dig, pkey, sizeof(pkey)-1, sig, sizeof(sig)-1, det); \
+ 			if (ret < 0) { \
+ 				gnutls_assert(); \
+ 				goto cleanup; \
+-			} \
+-			if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL)) \
+-				return 0
++			}
+ 
+ 
+ /* This file is also included by the test app in tests/slow/cipher-test, so in that
+@@ -812,11 +808,12 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
+ 		PK_KNOWN_TEST(GNUTLS_PK_RSA, 1, 2048, GNUTLS_DIG_SHA256,
+ 			      rsa_key2048, rsa_sig);
+ 		PK_TEST(GNUTLS_PK_RSA, test_rsa_enc, 2048, 0);
+-		PK_TEST(GNUTLS_PK_RSA, test_sig, 3072, GNUTLS_SIGN_RSA_SHA256);
+ 
+ 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+ 			return 0;
+ 
++		PK_TEST(GNUTLS_PK_RSA, test_sig, 3072, GNUTLS_SIGN_RSA_SHA256);
++
+ 		FALLTHROUGH;
+ 	case GNUTLS_PK_RSA_PSS:
+ 		PK_TEST(GNUTLS_PK_RSA_PSS, test_sig, 2048, GNUTLS_SIGN_RSA_PSS_RSAE_SHA256);
+@@ -828,11 +825,12 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
+ 	case GNUTLS_PK_DSA:
+ 		PK_KNOWN_TEST(GNUTLS_PK_DSA, 0, 2048, GNUTLS_DIG_SHA256,
+ 			      dsa_privkey, dsa_sig);
+-		PK_TEST(GNUTLS_PK_DSA, test_sig, 3072, GNUTLS_SIGN_DSA_SHA256);
+ 
+ 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+ 			return 0;
+ 
++		PK_TEST(GNUTLS_PK_DSA, test_sig, 3072, GNUTLS_SIGN_DSA_SHA256);
++
+ 		FALLTHROUGH;
+ 	case GNUTLS_PK_EC:
+ 		/* Test ECDH and ECDSA */
+@@ -850,13 +848,14 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
+ 			      (GNUTLS_ECC_CURVE_SECP256R1),
+ 			      GNUTLS_DIG_SHA256, ecdsa_secp256r1_privkey,
+ 			      ecdsa_secp256r1_sig);
+-		PK_TEST(GNUTLS_PK_EC, test_sig,
+-			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1),
+-			GNUTLS_SIGN_ECDSA_SHA256);
+ 
+ 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+ 			return 0;
+ 
++		PK_TEST(GNUTLS_PK_EC, test_sig,
++			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1),
++			GNUTLS_SIGN_ECDSA_SHA256);
++
+ 		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
+ 			      GNUTLS_CURVE_TO_BITS
+ 			      (GNUTLS_ECC_CURVE_SECP384R1),
+@@ -900,31 +899,35 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
+ 	case GNUTLS_PK_GOST_01:
+ 		PK_KNOWN_TEST(GNUTLS_PK_GOST_01, 0, GNUTLS_ECC_CURVE_GOST256CPA, GNUTLS_DIG_GOSTR_94,
+ 			      gost01_privkey, gost01_sig);
+-		PK_TEST(GNUTLS_PK_GOST_01, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA),
+-			GNUTLS_SIGN_GOST_94);
+ 
+ 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+ 			return 0;
+ 
++		PK_TEST(GNUTLS_PK_GOST_01, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA),
++			GNUTLS_SIGN_GOST_94);
++
+ 		FALLTHROUGH;
+ 	case GNUTLS_PK_GOST_12_256:
+ 		PK_KNOWN_TEST(GNUTLS_PK_GOST_12_256, 0, GNUTLS_ECC_CURVE_GOST256CPA, GNUTLS_DIG_STREEBOG_256,
+ 			      gost12_256_privkey, gost12_256_sig);
+-		PK_TEST(GNUTLS_PK_GOST_12_256, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA),
+-			GNUTLS_SIGN_GOST_256);
+ 
+ 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+ 			return 0;
+ 
++		PK_TEST(GNUTLS_PK_GOST_12_256, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST256CPA),
++			GNUTLS_SIGN_GOST_256);
++
+ 		FALLTHROUGH;
+ 	case GNUTLS_PK_GOST_12_512:
+ 		PK_KNOWN_TEST(GNUTLS_PK_GOST_12_512, 0, GNUTLS_ECC_CURVE_GOST512A, GNUTLS_DIG_STREEBOG_512,
+ 			      gost12_512_privkey, gost12_512_sig);
+-		PK_TEST(GNUTLS_PK_GOST_12_512, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST512A),
+-			GNUTLS_SIGN_GOST_512);
+ 
+ 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+ 			return 0;
++
++		PK_TEST(GNUTLS_PK_GOST_12_512, test_sig, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_GOST512A),
++			GNUTLS_SIGN_GOST_512);
++
+ #endif
+ 
+ 		break;
+-- 
+2.20.1
+
+
+From c2e83d2110b98d93588f1b6187bc932feb958ca4 Mon Sep 17 00:00:00 2001
+From: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+Date: Mon, 8 Apr 2019 14:21:57 +0200
+Subject: [PATCH 7/7] crypto-selftests-pk.c: Cleanup self tests
+
+test_sig() always uses the same key for RSA, DSA, and ECDSA regardless
+of the value provided in the "bits" parameter.  Therefore, avoid
+printing specific information (number of bits or name of the curve).
+
+Changes test_sig() to use 2048 bits key for DSA; deleted hardcoded 512
+bits DSA key;
+
+Avoid calling test_sig() multiple times for ECDSA: the same key is
+used regardless of the curve provided in the parameters.
+
+Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
+---
+ lib/crypto-selftests-pk.c | 42 +++++++++------------------------------
+ 1 file changed, 9 insertions(+), 33 deletions(-)
+
+diff --git a/lib/crypto-selftests-pk.c b/lib/crypto-selftests-pk.c
+index fc8ee2525..3d665b723 100644
+--- a/lib/crypto-selftests-pk.c
++++ b/lib/crypto-selftests-pk.c
+@@ -78,16 +78,6 @@ static const char ecc_key[] =
+  "MSHpe5vd0TQz+/GAa1zxle8mB/Cdh0JaTrA=\n"
+  "-----END EC PRIVATE KEY-----\n";
+ 
+-static const char dsa_key[] =
+- "-----BEGIN DSA PRIVATE KEY-----\n"
+- "MIH4AgEAAkEA6KUOSXfFNcInFLPdOlLlKNCe79zJrkxnsQN+lllxuk1ifZrE07r2\n"
+- "3edTrc4riQNnZ2nZ372tYUAMJg+5jM6IIwIVAOa58exwZ+42Tl+p3b4Kbpyu2Ron\n"
+- "AkBocj7gkiBYHtv6HMIIzooaxn4vpGR0Ns6wBfroBUGvrnSAgfT3WyiNaHkIF28e\n"
+- "quWcEeOJjUgFvatcM8gcY288AkEAyKWlgzBurIYST8TM3j4PuQJDTvdHDaGoAUAa\n"
+- "EfjmOw2UXKwqTmwPiT5BYKgCo2ILS87ttlTpd8vndH37pmnmVQIUQIVuKpZ8y9Bw\n"
+- "VzO8qcrLCFvTOXY=\n"
+- "-----END DSA PRIVATE KEY-----\n";
+-
+ static const char gost01_key[] =
+  "-----BEGIN PRIVATE KEY-----\n"
+  "MEUCAQAwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEEIgQgR1lBLIr4WBpn\n"
+@@ -315,22 +305,20 @@ static int test_sig(gnutls_pk_algorithm_t pk,
+ 	gnutls_datum_t sig = { NULL, 0 };
+ 	gnutls_datum_t known_sig = { NULL, 0 };
+ 	gnutls_datum_t raw_rsa_key = { (void*)rsa_key2048, sizeof(rsa_key2048)-1 };
+-	gnutls_datum_t raw_dsa_key = { (void*)dsa_key, sizeof(dsa_key)-1 };
++	gnutls_datum_t raw_dsa_key = { (void*)dsa_privkey, sizeof(dsa_privkey)-1 };
+ 	gnutls_datum_t raw_ecc_key = { (void*)ecc_key, sizeof(ecc_key)-1 };
+ 	gnutls_datum_t raw_gost01_key = { (void*)gost01_key, sizeof(gost01_key)-1 };
+ 	gnutls_datum_t raw_gost12_256_key = { (void*)gost12_256_key, sizeof(gost12_256_key)-1 };
+ 	gnutls_datum_t raw_gost12_512_key = { (void*)gost12_512_key, sizeof(gost12_512_key)-1 };
+ 	gnutls_privkey_t key;
+ 	gnutls_pubkey_t pub = NULL;
+-	char param_name[32];
++	char param_name[32] = "";
+ 
+-	if (pk == GNUTLS_PK_EC || pk == GNUTLS_PK_GOST_01 ||
+-	    pk == GNUTLS_PK_GOST_12_256 || pk == GNUTLS_PK_GOST_12_512) {
+-		snprintf(param_name, sizeof(param_name), "%s",
++	if (pk == GNUTLS_PK_GOST_01 || pk == GNUTLS_PK_GOST_12_256 ||
++	    pk == GNUTLS_PK_GOST_12_512) {
++		snprintf(param_name, sizeof(param_name), "-%s",
+ 			 gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE
+ 						   (bits)));
+-	} else {
+-		snprintf(param_name, sizeof(param_name), "%u", bits);
+ 	}
+ 
+ 	ret = gnutls_privkey_init(&key);
+@@ -418,10 +406,10 @@ static int test_sig(gnutls_pk_algorithm_t pk,
+ 	gnutls_free(sig.data);
+ 
+ 	if (ret == 0)
+-		_gnutls_debug_log("%s-%s-sig self test succeeded\n",
++		_gnutls_debug_log("%s%s-sig self test succeeded\n",
+ 				  gnutls_pk_get_name(pk), param_name);
+ 	else
+-		_gnutls_debug_log("%s-%s-sig self test failed\n",
++		_gnutls_debug_log("%s%s-sig self test failed\n",
+ 				  gnutls_pk_get_name(pk), param_name);
+ 
+ 	return ret;
+@@ -812,7 +800,7 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
+ 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+ 			return 0;
+ 
+-		PK_TEST(GNUTLS_PK_RSA, test_sig, 3072, GNUTLS_SIGN_RSA_SHA256);
++		PK_TEST(GNUTLS_PK_RSA, test_sig, 2048, GNUTLS_SIGN_RSA_SHA256);
+ 
+ 		FALLTHROUGH;
+ 	case GNUTLS_PK_RSA_PSS:
+@@ -829,7 +817,7 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
+ 		if (!(flags & GNUTLS_SELF_TEST_FLAG_ALL))
+ 			return 0;
+ 
+-		PK_TEST(GNUTLS_PK_DSA, test_sig, 3072, GNUTLS_SIGN_DSA_SHA256);
++		PK_TEST(GNUTLS_PK_DSA, test_sig, 2048, GNUTLS_SIGN_DSA_SHA256);
+ 
+ 		FALLTHROUGH;
+ 	case GNUTLS_PK_EC:
+@@ -861,18 +849,12 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
+ 			      (GNUTLS_ECC_CURVE_SECP384R1),
+ 			      GNUTLS_DIG_SHA256, ecdsa_secp384r1_privkey,
+ 			      ecdsa_secp384r1_sig);
+-		PK_TEST(GNUTLS_PK_EC, test_sig,
+-			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP384R1),
+-			GNUTLS_SIGN_ECDSA_SHA384);
+ 
+ 		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
+ 			      GNUTLS_CURVE_TO_BITS
+ 			      (GNUTLS_ECC_CURVE_SECP521R1),
+ 			      GNUTLS_DIG_SHA512, ecdsa_secp521r1_privkey,
+ 			      ecdsa_secp521r1_sig);
+-		PK_TEST(GNUTLS_PK_EC, test_sig,
+-			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP521R1),
+-			GNUTLS_SIGN_ECDSA_SHA512);
+ 
+ #ifdef ENABLE_NON_SUITEB_CURVES
+ 		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
+@@ -880,18 +862,12 @@ int gnutls_pk_self_test(unsigned flags, gnutls_pk_algorithm_t pk)
+ 			      (GNUTLS_ECC_CURVE_SECP192R1),
+ 			      GNUTLS_DIG_SHA256, ecdsa_secp192r1_privkey,
+ 			      ecdsa_secp192r1_sig);
+-		PK_TEST(GNUTLS_PK_EC, test_sig,
+-			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP192R1),
+-			GNUTLS_SIGN_ECDSA_SHA256);
+ 
+ 		PK_KNOWN_TEST(GNUTLS_PK_EC, 0,
+ 			      GNUTLS_CURVE_TO_BITS
+ 			      (GNUTLS_ECC_CURVE_SECP224R1),
+ 			      GNUTLS_DIG_SHA256, ecdsa_secp224r1_privkey,
+ 			      ecdsa_secp224r1_sig);
+-		PK_TEST(GNUTLS_PK_EC, test_sig,
+-			GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP224R1),
+-			GNUTLS_SIGN_ECDSA_SHA256);
+ #endif
+ 
+ #if ENABLE_GOST
+-- 
+2.20.1
+
diff --git a/SOURCES/gnutls-3.6.8-fips-aes-cbc-kat.patch b/SOURCES/gnutls-3.6.8-fips-aes-cbc-kat.patch
new file mode 100644
index 0000000..016a6bf
--- /dev/null
+++ b/SOURCES/gnutls-3.6.8-fips-aes-cbc-kat.patch
@@ -0,0 +1,36 @@
+From facea2b7659e11efce7014bda8800574d35dd05d Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <dueno@redhat.com>
+Date: Wed, 12 Jun 2019 14:02:05 +0200
+Subject: [PATCH] fips: run selftests over overridden AES-CBC algorithm
+
+Previously, we only tested nettle's AES-CBC in
+_gnutls_fips_perform_self_checks1(), which is called before the
+implementation is overridden.  This adds an AES-CBC self-test in
+_gnutls_fips_perform_self_checks2() so it can test the actual
+implementation.
+
+Signed-off-by: Daiki Ueno <dueno@redhat.com>
+---
+ lib/fips.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/lib/fips.c b/lib/fips.c
+index b92edbbd7..902af5674 100644
+--- a/lib/fips.c
++++ b/lib/fips.c
+@@ -317,6 +317,12 @@ int _gnutls_fips_perform_self_checks2(void)
+ 		goto error;
+ 	}
+ 
++	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_CBC);
++	if (ret < 0) {
++		gnutls_assert();
++		goto error;
++	}
++
+ 	ret = gnutls_cipher_self_test(0, GNUTLS_CIPHER_AES_256_GCM);
+ 	if (ret < 0) {
+ 		gnutls_assert();
+-- 
+2.20.1
+
diff --git a/SOURCES/gnutls-3.6.8-multiple-key-updates.patch b/SOURCES/gnutls-3.6.8-multiple-key-updates.patch
new file mode 100644
index 0000000..720ada3
--- /dev/null
+++ b/SOURCES/gnutls-3.6.8-multiple-key-updates.patch
@@ -0,0 +1,286 @@
+From 6023c69c616d866e19ab1c0bb87931e5143c79d3 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <dueno@redhat.com>
+Date: Wed, 5 Jun 2019 16:48:39 +0200
+Subject: [PATCH] tls13/key_update: ignore multiple key updates instead of
+ error
+
+This fixes the multiple KeyUpdate messages handling in commit
+65e2aa80d114d4bef095d129c2eda475e473244a, where illegal_parameter is
+sent even if the limit doesn't exceed.
+
+Signed-off-by: Daiki Ueno <dueno@redhat.com>
+---
+ .gitignore                        |   1 +
+ lib/tls13/key_update.c            |   2 -
+ tests/Makefile.am                 |   2 +
+ tests/tls13/key_update_multiple.c | 232 ++++++++++++++++++++++++++++++
+ 4 files changed, 235 insertions(+), 2 deletions(-)
+ create mode 100644 tests/tls13/key_update_multiple.c
+
+diff --git a/lib/tls13/key_update.c b/lib/tls13/key_update.c
+index d542a214b..c6f6e0aa1 100644
+--- a/lib/tls13/key_update.c
++++ b/lib/tls13/key_update.c
+@@ -117,8 +117,6 @@ int _gnutls13_recv_key_update(gnutls_session_t session, gnutls_buffer_st *buf)
+ 			session->internals.rsend_state = RECORD_SEND_KEY_UPDATE_1;
+ 		else if (session->internals.rsend_state == RECORD_SEND_CORKED)
+ 			session->internals.rsend_state = RECORD_SEND_CORKED_TO_KU;
+-		else
+-			return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER);
+ 
+ 		break;
+ 	default:
+diff --git a/tests/Makefile.am b/tests/Makefile.am
+index ca0481879..4ffa69825 100644
+--- a/tests/Makefile.am
++++ b/tests/Makefile.am
+@@ -119,6 +119,8 @@ ctests += tls13/psk-ext
+ 
+ ctests += tls13/key_update
+ 
++ctests += tls13/key_update_multiple
++
+ ctests += tls13/key_limits
+ 
+ ctests += tls13/multi-ocsp
+diff --git a/tests/tls13/key_update_multiple.c b/tests/tls13/key_update_multiple.c
+new file mode 100644
+index 000000000..8b2c2db4b
+--- /dev/null
++++ b/tests/tls13/key_update_multiple.c
+@@ -0,0 +1,232 @@
++/*
++ * Copyright (C) 2017-2019 Red Hat, Inc.
++ *
++ * Author: Daiki Ueno
++ *
++ * This file is part of GnuTLS.
++ *
++ * GnuTLS is free software; you can redistribute it and/or modify it
++ * under the terms of the GNU General Public License as published by
++ * the Free Software Foundation; either version 3 of the License, or
++ * (at your option) any later version.
++ *
++ * GnuTLS is distributed in the hope that it will be useful, but
++ * WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++ * General Public License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public License
++ * along with this program.  If not, see <https://www.gnu.org/licenses/>
++ */
++
++#ifdef HAVE_CONFIG_H
++#include <config.h>
++#endif
++
++#include <stdbool.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <string.h>
++#include <errno.h>
++#include <gnutls/gnutls.h>
++#include <gnutls/crypto.h>
++#include <assert.h>
++#include "cert-common.h"
++
++#include "utils.h"
++#include "virt-time.h"
++#define RANDOMIZE
++#include "eagain-common.h"
++
++const char *side = "";
++
++/* This program tests whether multiple key update messages are handled
++ * properly with rate-limit. */
++
++static void tls_log_func(int level, const char *str)
++{
++	fprintf(stderr, "%s|<%d>| %s", side, level, str);
++}
++
++#define MAX_BUF 1024
++#define MSG "Hello TLS, and hi and how are you and more data here... and more... and even more and even more more data..."
++
++/* These must match the definitions in lib/tls13/key_update.c. */
++#define KEY_UPDATES_WINDOW 1000
++#define KEY_UPDATES_PER_WINDOW 8
++
++static unsigned key_update_msg_inc = 0;
++static unsigned key_update_msg_out = 0;
++
++static int hsk_callback(gnutls_session_t session, unsigned int htype,
++			unsigned post, unsigned int incoming, const gnutls_datum_t *msg)
++{
++	assert(post == GNUTLS_HOOK_PRE);
++
++	assert(msg->size == 1);
++
++	if (htype == GNUTLS_HANDSHAKE_KEY_UPDATE) {
++		if (incoming)
++			key_update_msg_inc++;
++		else
++			key_update_msg_out++;
++	}
++
++	return 0;
++}
++
++static void run(const char *name, bool exceed_limit)
++{
++	/* Server stuff. */
++	gnutls_certificate_credentials_t ccred;
++	gnutls_certificate_credentials_t scred;
++	gnutls_session_t server;
++	int sret, cret;
++	/* Client stuff. */
++	gnutls_session_t client;
++	/* Need to enable anonymous KX specifically. */
++	char buffer[MAX_BUF + 1];
++	int ret, transferred = 0;
++	size_t i;
++
++	success("%s\n", name);
++
++	/* General init. */
++	global_init();
++	gnutls_global_set_log_function(tls_log_func);
++	if (debug)
++		gnutls_global_set_log_level(9);
++
++	/* Init server */
++	assert(gnutls_certificate_allocate_credentials(&scred) >= 0);
++	assert(gnutls_certificate_set_x509_key_mem(scred,
++						   &server_ca3_localhost_cert,
++						   &server_ca3_key,
++						   GNUTLS_X509_FMT_PEM) >= 0);
++
++	assert(gnutls_init(&server, GNUTLS_SERVER) >= 0);
++	ret =
++	    gnutls_priority_set_direct(server,
++				       "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3",
++				       NULL);
++	if (ret < 0)
++		exit(1);
++
++	gnutls_credentials_set(server, GNUTLS_CRD_CERTIFICATE, scred);
++	gnutls_transport_set_push_function(server, server_push);
++	gnutls_transport_set_pull_function(server, server_pull);
++	gnutls_transport_set_ptr(server, server);
++
++	/* Init client */
++	assert(gnutls_certificate_allocate_credentials(&ccred) >= 0);
++	assert(gnutls_certificate_set_x509_trust_mem
++	       (ccred, &ca3_cert, GNUTLS_X509_FMT_PEM) >= 0);
++
++	gnutls_init(&client, GNUTLS_CLIENT);
++	ret =
++	    gnutls_priority_set_direct(client,
++				       "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.3",
++				       NULL);
++	assert(ret >= 0);
++
++	ret = gnutls_credentials_set(client, GNUTLS_CRD_CERTIFICATE, ccred);
++	if (ret < 0)
++		exit(1);
++
++	gnutls_transport_set_push_function(client, client_push);
++	gnutls_transport_set_pull_function(client, client_pull);
++	gnutls_transport_set_ptr(client, client);
++
++
++	HANDSHAKE(client, server);
++	if (debug)
++		success("Handshake established\n");
++
++	key_update_msg_inc = 0;
++	key_update_msg_out = 0;
++
++	gnutls_handshake_set_hook_function(client, -1, GNUTLS_HOOK_PRE, hsk_callback);
++
++	/* schedule multiple key updates */
++	for (i = 0; i < KEY_UPDATES_PER_WINDOW; i++) {
++		do {
++			ret = gnutls_session_key_update(client, 1);
++		} while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
++		if (ret < 0)
++			fail("error in key update: %s\n", gnutls_strerror(ret));
++	}
++
++	/* server receives the client key update and sends data */
++	TRANSFER(client, server, MSG, strlen(MSG), buffer, MAX_BUF);
++	TRANSFER(server, client, MSG, strlen(MSG), buffer, MAX_BUF);
++	EMPTY_BUF(server, client, buffer, MAX_BUF);
++
++	if (key_update_msg_out != KEY_UPDATES_PER_WINDOW)
++		fail("unexpected number of key updates are sent: %d\n",
++			key_update_msg_out);
++	else {
++		if (debug)
++			success("successfully sent %d key updates\n",
++				KEY_UPDATES_PER_WINDOW);
++	}
++	if (key_update_msg_inc != 1)
++		fail("unexpected number of key updates received: %d\n",
++			key_update_msg_inc);
++	else {
++		if (debug)
++			success("successfully received 1 key update\n");
++	}
++
++	if (exceed_limit) {
++		/* excessive key update in the same time window should
++		 * be rejected by the peer */
++		do {
++			ret = gnutls_session_key_update(client, 1);
++		} while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
++
++		/* server receives the client key update and sends data */
++		ret = record_send_loop(client, MSG, strlen(MSG), 0);
++		assert(ret == strlen(MSG));
++		ret = gnutls_record_recv(server, buffer, MAX_BUF);
++		if (ret != GNUTLS_E_TOO_MANY_HANDSHAKE_PACKETS)
++			fail("server didn't reject excessive number of key updates\n");
++		else {
++			if (debug)
++				success("server rejected excessive number of key updates\n");
++		}
++	} else {
++		virt_sec_sleep(KEY_UPDATES_WINDOW / 1000 + 1);
++
++		/* the time window should be rolled over now */
++		do {
++			ret = gnutls_session_key_update(client, 1);
++		} while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
++		if (ret < 0)
++			fail("error in key update: %s\n", gnutls_strerror(ret));
++
++		/* server receives the client key update and sends data */
++		TRANSFER(client, server, MSG, strlen(MSG), buffer, MAX_BUF);
++		TRANSFER(server, client, MSG, strlen(MSG), buffer, MAX_BUF);
++		EMPTY_BUF(server, client, buffer, MAX_BUF);
++	}
++
++	gnutls_bye(client, GNUTLS_SHUT_WR);
++	gnutls_bye(server, GNUTLS_SHUT_WR);
++
++	gnutls_deinit(client);
++	gnutls_deinit(server);
++
++	gnutls_certificate_free_credentials(scred);
++	gnutls_certificate_free_credentials(ccred);
++
++	gnutls_global_deinit();
++	reset_buffers();
++}
++
++void doit(void)
++{
++	virt_time_init();
++
++	run("not exceeding limit", 0);
++	run("exceeding limit", 1);
++}
+-- 
+2.20.1
+
diff --git a/SOURCES/gnutls-3.6.8.tar.xz.sig b/SOURCES/gnutls-3.6.8.tar.xz.sig
new file mode 100644
index 0000000..d2f3862
Binary files /dev/null and b/SOURCES/gnutls-3.6.8.tar.xz.sig differ
diff --git a/SPECS/gnutls.spec b/SPECS/gnutls.spec
new file mode 100644
index 0000000..025eae0
--- /dev/null
+++ b/SPECS/gnutls.spec
@@ -0,0 +1,978 @@
+Version:	3.6.8
+Release: 3%{?dist}
+Patch1:	gnutls-3.2.7-rpath.patch
+Patch2:	gnutls-3.6.4-no-now-guile.patch
+Patch3:	gnutls-3.6.5-fix-fips-signature-post.patch
+Patch4: gnutls-3.6.8-fips-aes-cbc-kat.patch
+Patch5: gnutls-3.6.8-multiple-key-updates.patch
+%bcond_without dane
+%if 0%{?rhel}
+%bcond_with guile
+%bcond_without fips
+%else
+%bcond_without guile
+%bcond_without fips
+%endif
+
+Summary: A TLS protocol implementation
+Name: gnutls
+# The libraries are LGPLv2.1+, utilities are GPLv3+
+License: GPLv3+ and LGPLv2+
+Group: System Environment/Libraries
+BuildRequires: p11-kit-devel >= 0.21.3, gettext-devel
+BuildRequires: zlib-devel, readline-devel, libtasn1-devel >= 4.3
+BuildRequires: libtool, automake, autoconf, texinfo
+BuildRequires: autogen-libopts-devel >= 5.18 autogen
+BuildRequires: nettle-devel >= 3.4.1
+BuildRequires: trousers-devel >= 0.3.11.2
+BuildRequires: libidn2-devel
+BuildRequires: libunistring-devel
+BuildRequires: gperf, net-tools, datefudge, softhsm, gcc, gcc-c++
+BuildRequires: gnupg2
+%if %{with fips}
+BuildRequires: fipscheck
+%endif
+
+# for a sanity check on cert loading
+BuildRequires: p11-kit-trust, ca-certificates
+Requires: crypto-policies
+Requires: p11-kit-trust
+Requires: libtasn1 >= 4.3
+Requires: nettle >= 3.4.1
+Recommends: trousers >= 0.3.11.2
+
+%if %{with dane}
+BuildRequires: unbound-devel unbound-libs
+%endif
+%if %{with guile}
+BuildRequires: guile-devel
+%endif
+URL: http://www.gnutls.org/
+Source0: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.6/%{name}-%{version}.tar.xz
+Source1: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.6/%{name}-%{version}.tar.xz.sig
+Source2: gpgkey-1F42418905D8206AA754CCDC29EE58B996865171.gpg
+
+# Wildcard bundling exception https://fedorahosted.org/fpc/ticket/174
+Provides: bundled(gnulib) = 20130424
+
+%package c++
+Summary: The C++ interface to GnuTLS
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%package devel
+Summary: Development files for the %{name} package
+Group: Development/Libraries
+Requires: %{name}%{?_isa} = %{version}-%{release}
+Requires: %{name}-c++%{?_isa} = %{version}-%{release}
+%if %{with dane}
+Requires: %{name}-dane%{?_isa} = %{version}-%{release}
+%endif
+Requires: pkgconfig
+Requires(post): /sbin/install-info
+Requires(preun): /sbin/install-info
+
+%package utils
+License: GPLv3+
+Summary: Command line tools for TLS protocol
+Group: Applications/System
+Requires: %{name}%{?_isa} = %{version}-%{release}
+%if %{with dane}
+Requires: %{name}-dane%{?_isa} = %{version}-%{release}
+%endif
+
+%if %{with dane}
+%package dane
+Summary: A DANE protocol implementation for GnuTLS
+Requires: %{name}%{?_isa} = %{version}-%{release}
+%endif
+
+%if %{with guile}
+%package guile
+Summary: Guile bindings for the GNUTLS library
+Group: Development/Libraries
+Requires: %{name}%{?_isa} = %{version}-%{release}
+Requires: guile
+%endif
+
+%description
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures. 
+
+%description c++
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures. 
+
+%description devel
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures. 
+This package contains files needed for developing applications with
+the GnuTLS library.
+
+%description utils
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures. 
+This package contains command line TLS client and server and certificate
+manipulation tools.
+
+%if %{with dane}
+%description dane
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures. 
+This package contains library that implements the DANE protocol for verifying
+TLS certificates through DNSSEC.
+%endif
+
+%if %{with guile}
+%description guile
+GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
+protocols and technologies around them. It provides a simple C language 
+application programming interface (API) to access the secure communications 
+protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
+other required structures. 
+This package contains Guile bindings for the library.
+%endif
+
+%prep
+gpgv2 --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0}
+
+%autosetup -p1
+
+sed -i -e 's|sys_lib_dlsearch_path_spec="/lib /usr/lib|sys_lib_dlsearch_path_spec="/lib /usr/lib %{_libdir}|g' configure
+rm -f lib/minitasn1/*.c lib/minitasn1/*.h
+rm -f src/libopts/*.c src/libopts/*.h src/libopts/compat/*.c src/libopts/compat/*.h 
+
+echo "SYSTEM=NORMAL" >> tests/system.prio
+
+# Note that we explicitly enable SHA1, as SHA1 deprecation is handled
+# via the crypto policies
+
+%build
+CCASFLAGS="$CCASFLAGS -Wa,--generate-missing-build-notes=yes"
+export CCASFLAGS
+%configure --with-libtasn1-prefix=%{_prefix} \
+%if %{with fips}
+           --enable-fips140-mode \
+%endif
+	   --enable-tls13-support \
+	   --enable-sha1-support \
+           --disable-static \
+           --disable-openssl-compatibility \
+           --disable-non-suiteb-curves \
+           --with-system-priority-file=%{_sysconfdir}/crypto-policies/back-ends/gnutls.config \
+           --with-default-trust-store-pkcs11="pkcs11:" \
+           --with-trousers-lib=%{_libdir}/libtspi.so.1 \
+           --htmldir=%{_docdir}/manual \
+%if %{with guile}
+           --enable-guile \
+%else
+           --disable-guile \
+%endif
+%if %{with dane}
+           --with-unbound-root-key-file=/var/lib/unbound/root.key \
+           --enable-dane \
+%else
+           --disable-dane \
+%endif
+           --disable-rpath \
+           --with-default-priority-string="@SYSTEM"
+
+make %{?_smp_mflags} V=1
+
+%if %{with fips}
+%define __spec_install_post \
+	%{?__debug_package:%{__debug_install_post}} \
+	%{__arch_install_post} \
+	%{__os_install_post} \
+	fipshmac -d $RPM_BUILD_ROOT%{_libdir} $RPM_BUILD_ROOT%{_libdir}/libgnutls.so.30.*.* \
+	file=`basename $RPM_BUILD_ROOT%{_libdir}/libgnutls.so.30.*.hmac` && mv $RPM_BUILD_ROOT%{_libdir}/$file $RPM_BUILD_ROOT%{_libdir}/.$file && ln -s .$file $RPM_BUILD_ROOT%{_libdir}/.libgnutls.so.30.hmac \
+%{nil}
+%endif
+
+%install
+make install DESTDIR=$RPM_BUILD_ROOT
+make -C doc install-html DESTDIR=$RPM_BUILD_ROOT
+rm -f $RPM_BUILD_ROOT%{_infodir}/dir
+rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
+rm -f $RPM_BUILD_ROOT%{_libdir}/guile/2.0/guile-gnutls*.a
+rm -f $RPM_BUILD_ROOT%{_libdir}/guile/2.0/guile-gnutls*.la
+rm -f $RPM_BUILD_ROOT%{_libdir}/gnutls/libpkcs11mock1.*
+%if %{without dane}
+rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/gnutls-dane.pc
+%endif
+
+%find_lang gnutls
+
+%check
+make check %{?_smp_mflags}
+
+%post devel
+if [ -f %{_infodir}/gnutls.info.gz ]; then
+    /sbin/install-info %{_infodir}/gnutls.info.gz %{_infodir}/dir || :
+fi
+
+%preun devel
+if [ $1 = 0 -a -f %{_infodir}/gnutls.info.gz ]; then
+   /sbin/install-info --delete %{_infodir}/gnutls.info.gz %{_infodir}/dir || :
+fi
+
+%files -f gnutls.lang
+%defattr(-,root,root,-)
+%{_libdir}/libgnutls.so.30*
+%if %{with fips}
+%{_libdir}/.libgnutls.so.30*.hmac
+%endif
+%doc README.md AUTHORS NEWS THANKS
+%license LICENSE doc/COPYING doc/COPYING.LESSER
+
+%files c++
+%{_libdir}/libgnutlsxx.so.*
+
+%files devel
+%defattr(-,root,root,-)
+%{_includedir}/*
+%{_libdir}/libgnutls*.so
+%if %{with fips}
+%{_libdir}/.libgnutls.so.*.hmac
+%endif
+
+%{_libdir}/pkgconfig/*.pc
+%{_mandir}/man3/*
+%{_infodir}/gnutls*
+%{_infodir}/pkcs11-vision*
+%{_docdir}/manual/*
+
+%files utils
+%defattr(-,root,root,-)
+%{_bindir}/certtool
+%{_bindir}/tpmtool
+%{_bindir}/ocsptool
+%{_bindir}/psktool
+%{_bindir}/p11tool
+%{_bindir}/srptool
+%if %{with dane}
+%{_bindir}/danetool
+%endif
+%{_bindir}/gnutls*
+%{_mandir}/man1/*
+%doc doc/certtool.cfg
+
+%if %{with dane}
+%files dane
+%defattr(-,root,root,-)
+%{_libdir}/libgnutls-dane.so.*
+%endif
+
+%if %{with guile}
+%files guile
+%defattr(-,root,root,-)
+%{_libdir}/guile/2.0/guile-gnutls*.so*
+%{_libdir}/guile/2.0/site-ccache/gnutls.go
+%{_libdir}/guile/2.0/site-ccache/gnutls/extra.go
+%{_datadir}/guile/site/2.0/gnutls.scm
+%{_datadir}/guile/site/2.0/gnutls/extra.scm
+%endif
+
+%changelog
+* Fri Jun 14 2019 Daiki Ueno <dueno@redhat.com> - 3.6.8-3
+- Follow-up fix on multiple key updates handling (#1673975)
+
+* Thu Jun 13 2019 Daiki Ueno <dueno@redhat.com> - 3.6.8-2
+- Run FIPS AES self-tests over overridden algorithms
+
+* Wed May 29 2019 Daiki Ueno <dueno@redhat.com> - 3.6.8-1
+- Update to upstream 3.6.8 release
+
+* Fri May 24 2019 Anderson Sasaki <ansasaki@redhat.com> - 3.6.5-4
+- Fixed FIPS signatures self tests (#1680509)
+
+* Wed Mar 27 2019 Anderson Sasaki <ansasaki@redhat.com> - 3.6.5-3
+- Fixed CVE-2019-3829 (#1693285)
+- Fixed CVE-2019-3836 (#1693288)
+- Added explicit BuildRequires for nettle-devel >= 3.4.1
+
+* Fri Jan 11 2019 Anderson Sasaki <ansasaki@redhat.com> - 3.6.5-2
+- Fixed FIPS integrity self tests (#1665061)
+
+* Mon Dec 17 2018 Anderson Sasaki <ansasaki@redhat.com> - 3.6.5-1
+- Update to upstream 3.6.5 release
+- Fixes CVE-2018-16868 (#1655395)
+- Removed ldconfig scriptlet
+- Added explicit Requires for nettle >= 3.4.1
+
+* Mon Nov 26 2018 Anderson Sasaki <ansasaki@redhat.com> - 3.6.4-7
+- Fix incorrect certificate type returned in TLS1.3 resumption (#1649786)
+
+* Mon Nov 12 2018 Anderson Sasaki <ansasaki@redhat.com> - 3.6.4-6
+- Add support for record_size_limit extension in TLS1.2 (#1644850)
+
+* Tue Oct 30 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.4-5
+- Fix issue with GOST ciphers (#1644193)
+- Made gnutls-serv use the default priorities if none is specified (#1644243)
+
+* Wed Oct 24 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.4-3
+- Fix issue with rehandshake affecting glib-networking (#1641072)
+
+* Tue Oct 16 2018 Tomáš Mráz <tmraz@redhat.com> - 3.6.4-2
+- Add missing annobin notes for assembler sources
+
+* Tue Sep 25 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.4-1
+- Updated to upstream 3.6.4 release
+- Added support for the latest version of the TLS1.3 protocol
+
+* Thu Aug 16 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-4
+- Fixed support for ECDSA public keys (backported from Fedora)
+- Ensure that we do not cause issues with version rollback detection
+  and TLS1.3.
+
+* Thu Jul 26 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-4
+- Updated to upstream 3.6.3 release
+
+* Wed Jun 06 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.2-3
+- Include FIPS mode
+- Add missing BuildRequires: gnupg2 for gpgv2 in %%prep
+
+* Fri Feb 16 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.2-1
+- Updated to upstream 3.6.2 release
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.1-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Fri Feb  2 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-4
+- Rebuilt to address incompatibility with new nettle
+
+* Thu Nov 30 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-3
+- Corrected regression from 3.6.1-2 which prevented the loading of
+  arbitrary p11-kit modules (#1507402)
+
+* Mon Nov  6 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-2
+- Prevent the loading of all PKCS#11 modules on certificate verification
+  but only restrict to p11-kit trust module (#1507402)
+
+* Sat Oct 21 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-1
+- Update to upstream 3.6.1 release
+
+* Mon Aug 21 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.0-1
+- Update to upstream 3.6.0 release
+
+* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.14-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.14-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Tue Jul 04 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.14-1
+- Update to upstream 3.5.14 release
+
+* Wed Jun 07 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.13-1
+- Update to upstream 3.5.13 release
+
+* Thu May 11 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.12-2
+- Fix issue with p11-kit-trust arch dependency
+
+* Thu May 11 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.12-1
+- Update to upstream 3.5.12 release
+
+* Fri Apr 07 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.11-1
+- Update to upstream 3.5.11 release
+
+* Mon Mar 06 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.10-1
+- Update to upstream 3.5.10 release
+
+* Wed Feb 15 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.9-2
+- Work around missing pkg-config file (#1422256)
+
+* Tue Feb 14 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.9-1
+- Update to upstream 3.5.9 release
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.8-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Sat Feb  4 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.8-2
+- Added patch fix initialization issue in gnutls_pkcs11_obj_list_import_url4
+
+* Mon Jan  9 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.8-1
+- New upstream release
+
+* Tue Dec 13 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.7-3
+- Fix PKCS#8 file loading (#1404084)
+
+* Thu Dec  8 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.7-1
+- New upstream release
+
+* Fri Nov  4 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.6-1
+- New upstream release
+
+* Tue Oct 11 2016 walters@redhat.com - 3.5.5-2
+- Apply patch to fix compatibility with ostree (#1383708)
+
+* Mon Oct 10 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.5-1
+- New upstream release
+
+* Thu Sep  8 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.4-1
+- New upstream release
+
+* Mon Aug 29 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.3-2
+- Work around #1371082 for x86
+- Fixed issue with DTLS sliding window implementation (#1370881)
+
+* Tue Aug  9 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.3-1
+- New upstream release
+
+* Wed Jul  6 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.2-1
+- New upstream release
+
+* Wed Jun 15 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.1-1
+- New upstream release
+
+* Tue Jun  7 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.13-1
+- New upstream release (#1343258)
+- Addresses issue with setuid programs introduced in 3.4.12 (#1343342)
+
+* Fri May 20 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.12-1
+- New upstream release
+
+* Mon Apr 11 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.11-1
+- New upstream release
+
+* Fri Mar  4 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.10-1
+- New upstream release (#1314576)
+
+* Wed Feb  3 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.9-1
+- Fix broken key usage flags introduced in 3.4.8 (#1303355)
+
+* Mon Jan 11 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.8-1
+- New upstream release (#1297079)
+
+* Mon Nov 23 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.7-1
+- New upstream release (#1284300)
+- Documentation updates (#1282864)
+- Adds interface to set unique IDs in certificates (#1281343)
+- Allow arbitrary key sizes with ARCFOUR (#1284401)
+
+* Wed Oct 21 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.6-1
+- New upstream release (#1273672)
+- Enhances p11tool to write CKA_ISSUER and CKA_SERIAL_NUMBER (#1272178)
+
+* Tue Oct 20 2015 Adam Williamson <awilliam@redhat.com> - 3.4.5-2
+- fix interaction with Chrome 45+ (master secret extension) (#1273102)
+
+* Mon Sep 14 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.5-1
+- New upstream release (#1252192)
+- Eliminates hard limits on CRL parsing of certtool.
+
+* Mon Aug 10 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.4-1
+- new upstream release
+- no longer requires trousers patch
+- fixes issue in gnutls_x509_privkey_import (#1250020)
+
+* Mon Jul 13 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.3-2
+- Don't link against trousers but rather dlopen() it when available.
+  That avoids a dependency on openssl by the main library.
+
+* Mon Jul 13 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.3-1
+- new upstream release
+
+* Thu Jul 02 2015 Adam Jackson <ajax@redhat.com> 3.4.2-3
+- Only disable -z now for the guile modules
+
+* Thu Jun 18 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.2-2
+- rename the symbol version for internal symbols to avoid clashes
+  with 3.3.x.
+
+* Wed Jun 17 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.2-1
+- new upstream release
+
+* Tue May  5 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.1-2
+- Provide missing GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA definition
+
+* Mon May  4 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.1-1
+- new upstream release
+
+* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 3.3.14-2
+- Rebuilt for GCC 5 C++11 ABI change
+
+* Mon Mar 30 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.14-1
+- new upstream release
+- improved BER decoding of PKCS #12 structures (#1131461)
+
+* Fri Mar  6 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.13-3
+- Build with hardened flags
+- Removed -Wl,--no-add-needed linker flag
+
+* Fri Feb 27 2015 Till Maas <opensource@till.name> - 3.3.13-2
+- Do not build with hardened flags
+
+* Thu Feb 26 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.13-1
+- new upstream release
+
+* Sat Feb 21 2015 Till Maas <opensource@till.name> - 3.3.12-3
+- Make build verbose
+- Use %%license
+
+* Sat Feb 21 2015 Till Maas <opensource@till.name> - 3.3.12-2
+- Rebuilt for Fedora 23 Change
+  https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
+
+* Mon Jan 19 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.12-1
+- new upstream release
+
+* Mon Jan  5 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.11-2
+- enabled guile bindings (#1177847)
+
+* Thu Dec 11 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.11-1
+- new upstream release
+
+* Mon Nov 10 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.10-1
+- new upstream release
+
+* Thu Oct 23 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.9-2
+- applied fix for issue in get-issuer (#1155901)
+
+* Mon Oct 13 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.9-1
+- new upstream release
+
+* Fri Sep 19 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-2
+- strip rpath from library
+
+* Thu Sep 18 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-1
+- new upstream release
+
+* Mon Aug 25 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.7-1
+- new upstream release
+
+* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.3.6-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Wed Jul 23 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.6-1
+- new upstream release
+
+* Tue Jul 01 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.5-2
+- Added work-around for s390 builds with gcc 4.9 (#1102324)
+
+* Mon Jun 30 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.5-1
+- new upstream release
+
+* Tue Jun 17 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.4-3
+- explicitly depend on p11-kit-trust
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.3.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Mon Jun 02 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.4-1
+- new upstream release
+
+* Fri May 30 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.3-1
+- new upstream release
+
+* Wed May 21 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.2-2
+- Require crypto-policies
+
+* Fri May 09 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.2-1
+- new upstream release
+
+* Mon May 05 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-4
+- Replaced /etc/crypto-profiles/apps with /etc/crypto-policies/back-ends.
+- Added support for "very weak" profile.
+
+* Mon Apr 28 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-2
+- gnutls_global_deinit() will not do anything if the previous 
+  initialization has failed (#1091053)
+
+* Mon Apr 28 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-1
+- new upstream release
+
+* Mon Apr 14 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.0-1
+- new upstream release
+
+* Tue Apr 08 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.13-1
+- new upstream release
+
+* Wed Mar 05 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.12.1-1
+- new upstream release
+
+* Mon Mar 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.12-1
+- new upstream release
+
+* Mon Feb 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.10-2
+- use p11-kit trust store for certificate verification
+
+* Mon Feb 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.10-1
+- new upstream release
+
+* Tue Jan 14 2014 Tomáš Mráz <tmraz@redhat.com> 3.2.8-2
+- build the crywrap tool
+
+* Mon Dec 23 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.8-1
+- new upstream release
+
+* Wed Dec  4 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.7-2
+- Use the correct root key for unbound /var/lib/unbound/root.key (#1012494)
+- Pull asm fixes from upstream (#973210)
+
+* Mon Nov 25 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.7-1
+- new upstream release
+- added dependency to autogen-libopts-devel to use the system's
+  libopts library
+- added dependency to trousers-devel to enable TPM support
+
+* Mon Nov  4 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.16-1
+- new upstream release
+- fixes CVE-2013-4466 off-by-one in dane_query_tlsa()
+
+* Fri Oct 25 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.15-1
+- new upstream release
+- fixes CVE-2013-4466 buffer overflow in handling DANE entries
+
+* Wed Oct 16 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.13-3
+- enable ECC NIST Suite B curves
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.1.13-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Mon Jul 15 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.13-1
+- new upstream release
+
+* Mon May 13 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.11-1
+- new upstream release
+
+* Mon Mar 25 2013 Tomas Mraz <tmraz@redhat.com> 3.1.10-1
+- new upstream release
+- license of the library is back to LGPLv2.1+
+
+* Fri Mar 15 2013 Tomas Mraz <tmraz@redhat.com> 3.1.9-1
+- new upstream release
+
+* Thu Mar  7 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-3
+- drop the temporary old library
+
+* Tue Feb 26 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-2
+- don't send ECC algos as supported (#913797)
+
+* Thu Feb 21 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-1
+- new upstream version
+
+* Wed Feb  6 2013 Tomas Mraz <tmraz@redhat.com> 3.1.7-1
+- new upstream version, requires rebuild of dependencies
+- this release temporarily includes old compatibility .so
+
+* Tue Feb  5 2013 Tomas Mraz <tmraz@redhat.com> 2.12.22-2
+- rebuilt with new libtasn1
+- make guile bindings optional - breaks i686 build and there is
+  no dependent package
+
+* Tue Jan  8 2013 Tomas Mraz <tmraz@redhat.com> 2.12.22-1
+- new upstream version
+
+* Wed Nov 28 2012 Tomas Mraz <tmraz@redhat.com> 2.12.21-2
+- use RSA bit sizes supported by libgcrypt in FIPS mode for security
+  levels (#879643)
+
+* Fri Nov  9 2012 Tomas Mraz <tmraz@redhat.com> 2.12.21-1
+- new upstream version
+
+* Thu Nov  1 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-4
+- negotiate only FIPS approved algorithms in the FIPS mode (#871826)
+
+* Wed Aug  8 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-3
+- fix the gnutls-cli-debug manpage - patch by Peter Schiffer
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12.20-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Mon Jun 18 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-1
+- new upstream version
+
+* Fri May 18 2012 Tomas Mraz <tmraz@redhat.com> 2.12.19-1
+- new upstream version
+
+* Thu Mar 29 2012 Tomas Mraz <tmraz@redhat.com> 2.12.18-1
+- new upstream version
+
+* Thu Mar  8 2012 Tomas Mraz <tmraz@redhat.com> 2.12.17-1
+- new upstream version
+- fix leaks in key generation (#796302)
+
+* Fri Feb 03 2012 Kevin Fenzi <kevin@scrye.com> - 2.12.14-3
+- Disable largefile on arm arch. (#787287)
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12.14-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Tue Nov  8 2011 Tomas Mraz <tmraz@redhat.com> 2.12.14-1
+- new upstream version
+
+* Mon Oct 24 2011 Tomas Mraz <tmraz@redhat.com> 2.12.12-1
+- new upstream version
+
+* Thu Sep 29 2011 Tomas Mraz <tmraz@redhat.com> 2.12.11-1
+- new upstream version
+
+* Fri Aug 26 2011 Tomas Mraz <tmraz@redhat.com> 2.12.9-1
+- new upstream version
+
+* Tue Aug 16 2011 Tomas Mraz <tmraz@redhat.com> 2.12.8-1
+- new upstream version
+
+* Mon Jul 25 2011 Tomas Mraz <tmraz@redhat.com> 2.12.7-2
+- fix problem when using new libgcrypt
+- split libgnutlsxx to a subpackage (#455146)
+- drop libgnutls-openssl (#460310)
+
+* Tue Jun 21 2011 Tomas Mraz <tmraz@redhat.com> 2.12.7-1
+- new upstream version
+
+* Mon May  9 2011 Tomas Mraz <tmraz@redhat.com> 2.12.4-1
+- new upstream version
+
+* Tue Apr 26 2011 Tomas Mraz <tmraz@redhat.com> 2.12.3-1
+- new upstream version
+
+* Mon Apr 18 2011 Tomas Mraz <tmraz@redhat.com> 2.12.2-1
+- new upstream version
+
+* Thu Mar  3 2011 Tomas Mraz <tmraz@redhat.com> 2.10.5-1
+- new upstream version
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.10.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Wed Dec  8 2010 Tomas Mraz <tmraz@redhat.com> 2.10.4-1
+- new upstream version
+
+* Thu Dec  2 2010 Tomas Mraz <tmraz@redhat.com> 2.10.3-2
+- fix buffer overflow in gnutls-serv (#659259)
+
+* Fri Nov 19 2010 Tomas Mraz <tmraz@redhat.com> 2.10.3-1
+- new upstream version
+
+* Thu Sep 30 2010 Tomas Mraz <tmraz@redhat.com> 2.10.2-1
+- new upstream version
+
+* Wed Sep 29 2010 jkeating - 2.10.1-4
+- Rebuilt for gcc bug 634757
+
+* Thu Sep 23 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-3
+- more patching for internal errors regression (#629858)
+  patch by Vivek Dasmohapatra
+
+* Tue Sep 21 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-2
+- backported patch from upstream git hopefully fixing internal errors
+  (#629858)
+
+* Wed Aug  4 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-1
+- new upstream version
+
+* Wed Jun  2 2010 Tomas Mraz <tmraz@redhat.com> 2.8.6-2
+- add support for safe renegotiation CVE-2009-3555 (#533125)
+
+* Wed May 12 2010 Tomas Mraz <tmraz@redhat.com> 2.8.6-1
+- upgrade to a new upstream version
+
+* Mon Feb 15 2010 Rex Dieter <rdieter@fedoraproject.org> 2.8.5-4
+- FTBFS gnutls-2.8.5-3.fc13: ImplicitDSOLinking (#564624)
+
+* Thu Jan 28 2010 Tomas Mraz <tmraz@redhat.com> 2.8.5-3
+- drop superfluous rpath from binaries
+- do not call autoreconf during build
+- specify the license on utils subpackage
+
+* Mon Jan 18 2010 Tomas Mraz <tmraz@redhat.com> 2.8.5-2
+- do not create static libraries (#556052)
+
+* Mon Nov  2 2009 Tomas Mraz <tmraz@redhat.com> 2.8.5-1
+- upgrade to a new upstream version
+
+* Wed Sep 23 2009 Tomas Mraz <tmraz@redhat.com> 2.8.4-1
+- upgrade to a new upstream version
+
+* Fri Aug 14 2009 Tomas Mraz <tmraz@redhat.com> 2.8.3-1
+- upgrade to a new upstream version
+
+* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Wed Jun 10 2009 Tomas Mraz <tmraz@redhat.com> 2.8.1-1
+- upgrade to a new upstream version
+
+* Wed Jun  3 2009 Tomas Mraz <tmraz@redhat.com> 2.8.0-1
+- upgrade to a new upstream version
+
+* Mon May  4 2009 Tomas Mraz <tmraz@redhat.com> 2.6.6-1
+- upgrade to a new upstream version - security fixes
+
+* Tue Apr 14 2009 Tomas Mraz <tmraz@redhat.com> 2.6.5-1
+- upgrade to a new upstream version, minor bugfixes only
+
+* Fri Mar  6 2009 Tomas Mraz <tmraz@redhat.com> 2.6.4-1
+- upgrade to a new upstream version
+
+* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Mon Dec 15 2008 Tomas Mraz <tmraz@redhat.com> 2.6.3-1
+- upgrade to a new upstream version
+
+* Thu Dec  4 2008 Tomas Mraz <tmraz@redhat.com> 2.6.2-1
+- upgrade to a new upstream version
+
+* Tue Nov 11 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-3
+- fix chain verification issue CVE-2008-4989 (#470079)
+
+* Thu Sep 25 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-2
+- add guile subpackage (#463735)
+- force new libtool through autoreconf to drop unnecessary rpaths
+
+* Tue Sep 23 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-1
+- new upstream version
+
+* Tue Jul  1 2008 Tomas Mraz <tmraz@redhat.com> 2.4.1-1
+- new upstream version
+- correct the license tag
+- explicit --with-included-opencdk not needed
+- use external lzo library, internal not included anymore
+
+* Tue Jun 24 2008 Tomas Mraz <tmraz@redhat.com> 2.4.0-1
+- upgrade to latest upstream
+
+* Tue May 20 2008 Tomas Mraz <tmraz@redhat.com> 2.0.4-3
+- fix three security issues in gnutls handshake - GNUTLS-SA-2008-1
+  (#447461, #447462, #447463)
+
+* Mon Feb  4 2008 Joe Orton <jorton@redhat.com> 2.0.4-2
+- use system libtasn1
+
+* Tue Dec  4 2007 Tomas Mraz <tmraz@redhat.com> 2.0.4-1
+- upgrade to latest upstream
+
+* Tue Aug 21 2007 Tomas Mraz <tmraz@redhat.com> 1.6.3-2
+- license tag fix
+
+* Wed Jun  6 2007 Tomas Mraz <tmraz@redhat.com> 1.6.3-1
+- upgrade to latest upstream (#232445)
+
+* Tue Apr 10 2007 Tomas Mraz <tmraz@redhat.com> 1.4.5-2
+- properly require install-info (patch by Ville Skyttä)
+- standard buildroot and use dist tag
+- add COPYING and README to doc
+
+* Wed Feb  7 2007 Tomas Mraz <tmraz@redhat.com> 1.4.5-1
+- new upstream version
+- drop libtermcap-devel from buildrequires
+
+* Thu Sep 14 2006 Tomas Mraz <tmraz@redhat.com> 1.4.1-2
+- detect forged signatures - CVE-2006-4790 (#206411), patch
+  from upstream
+
+* Tue Jul 18 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.1-1
+- upgrade to new upstream version, only minor changes
+
+* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.4.0-1.1
+- rebuild
+
+* Wed Jun 14 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.0-1
+- upgrade to new upstream version (#192070), rebuild
+  of dependent packages required
+
+* Tue May 16 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-2
+- added missing buildrequires
+
+* Mon Feb 13 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-1
+- updated to new version (fixes CVE-2006-0645)
+
+* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.2
+- bump again for double-long bug on ppc(64)
+
+* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.1
+- rebuilt for new gcc4.1 snapshot and glibc changes
+
+* Tue Jan  3 2006 Jesse Keating <jkeating@redhat.com> 1.2.9-3
+- rebuilt
+
+* Fri Dec  9 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-2
+- replaced *-config scripts with calls to pkg-config to
+  solve multilib conflicts
+
+* Wed Nov 23 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-1
+- upgrade to newest upstream
+- removed .la files (#172635)
+
+* Sun Aug  7 2005 Tomas Mraz <tmraz@redhat.com> 1.2.6-1
+- upgrade to newest upstream (rebuild of dependencies necessary)
+
+* Mon Jul  4 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-2
+- split the command line tools to utils subpackage
+
+* Sat Apr 30 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-1
+- new upstream version fixes potential DOS attack
+
+* Sat Apr 23 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-2
+- readd the version script dropped by upstream
+
+* Fri Apr 22 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-1
+- update to the latest upstream version on the 1.0 branch
+
+* Wed Mar  2 2005 Warren Togami <wtogami@redhat.com> 1.0.20-6
+- gcc4 rebuild
+
+* Tue Jan  4 2005 Ivana Varekova <varekova@redhat.com> 1.0.20-5
+- add gnutls Requires zlib-devel (#144069)
+
+* Mon Nov 08 2004 Colin Walters <walters@redhat.com> 1.0.20-4
+- Make gnutls-devel Require libgcrypt-devel
+
+* Tue Sep 21 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-3
+- rebuild with release++, otherwise unchanged.
+
+* Tue Sep  7 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-2
+- patent tainted SRP code removed.
+
+* Sun Sep  5 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-1
+- update to 1.0.20.
+- add --with-included-opencdk --with-included-libtasn1
+- add --with-included-libcfg --with-included-lzo
+- add --disable-srp-authentication.
+- do "make check" after build.
+
+* Fri Mar 21 2003 Jeff Johnson <jbj@redhat.com> 0.9.2-1
+- upgrade to 0.9.2
+
+* Tue Jun 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.4-1
+- update to 0.4.4.
+
+* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
+- automated rebuild
+
+* Sat May 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.3-1
+- update to 0.4.3.
+
+* Tue May 21 2002 Jeff Johnson <jbj@redhat.com> 0.4.2-1
+- update to 0.4.2.
+- change license to LGPL.
+- include splint annotations patch.
+
+* Tue Apr  2 2002 Nalin Dahyabhai <nalin@redhat.com> 0.4.0-1
+- update to 0.4.0
+
+* Thu Jan 17 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.2-1
+- update to 0.3.2
+
+* Thu Jan 10 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.0-1
+- add a URL
+
+* Thu Dec 20 2001 Nalin Dahyabhai <nalin@redhat.com>
+- initial package