| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
qemu is currently causing segmentation fault:
cipher: aes-128-gcm
cipher: aes-192-gcm
cipher: aes-256-gcm
cipher: chacha20-poly1305
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Segmentation fault (core dumped)
default cipher tests failed
FAIL test-ciphers-openssl.sh (exit status: 139)
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
| |
https://sourceforge.net/p/mingw-w64/bugs/818/
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
| |
The new fipshmac command provided by libkcapi requires NETLINK_CRYPTO,
which is not enabled on gitlab CI.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
| |
Also remove Debian.cross.mips-linux-gnu, as it is no longer supported.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the build failure with -Werror:
configure:53786: gcc -o conftest -O0 -Wall -Werror -g3 conftest.c -lev >&5
conftest.c:412: error: "GNULIB_STRERROR" redefined [-Werror]
412 | #define GNULIB_STRERROR 1
|
conftest.c:305: note: this is the location of the previous definition
305 | #define GNULIB_STRERROR IN_GNUTLS_GNULIB_TESTS
|
cc1: all warnings being treated as errors
as well as improves code coverage.
Suggested by Bruno Haible in:
<https://lists.gnu.org/archive/html/bug-gnulib/2020-10/msg00148.html>.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\
| |
| |
| |
| | |
.gitlab-ci: disable config.cache for nettle-master builds
See merge request gnutls/gnutls!1291
|
| |
| |
| |
| |
| |
| |
| |
| | |
Disable usage of config.cache for nettle-master builds. Such
config.cache files can easily become stale, thus resulting in build
failures.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|/
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
| |
This resulted in the MinGW64.Vista+ target doing the same thing as the MinGW64
target.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If _WIN32_WINNT is higher or equal to 0x0600, Vista API's are allowed during
the build. We can assume that the minimum platform the code will run on is
Vista [1]
In that case there's no need to call API's (ncrypt) dynamically when it can be
done statically.
[1] https://docs.microsoft.com/en-us/cpp/porting/modifying-winver-and-win32-winnt
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
|
|
|
|
|
|
|
| |
Wget/Wget2 OSS-Fuzz builders use mini-gmp version of nettle. Check that
we do not break them occasionally.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
|
|
|
|
| |
lib/nettle/curve448
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
|
|
|
|
| |
Check that GnuTLS does not depend on Nettle/Hogweed internal symbols.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
|
|
|
|
|
| |
This speeds up the Gitlab CI runners. E.g. measured timings of the
Debian.x86_64 runner show ~40% speedup (down from 38 to 23 minutes).
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
| |
Remove --disable-gost switch from the test using Nettle's master branch
as GnuTLS is now compatible again with nettle/master.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
|
|
|
|
|
| |
There are shared windows runners in gitlab, that will fail
running our jobs.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
| |
Otherwise the build process wouldn't be able to find -lgmp.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
|
| |
This is similar to the build/gnutls target in nettle's own gitlab CI.
The only difference is that this will build/test all branches of
GnuTLS against the master branch of nettle.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
|
| |
Some distributions might enable --enable-fips140-mode, without actually
enabling/enforcing FIPS at runtime. Catch issues in such configurations
(reported by Daiki Ueno).
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
As it turns out, `set -e` doesn't work if one of the commands fail,
maybe except the last command.
Seen, tested and reproduced on Fedora28 image.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
| |
This in addition to merging the two CI runs, it also attempts
to run the fuzz code under SHANI for CI.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
Suppressions are in devel/ubsan.supp.
Suppressions only work on recoverable checks.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
|
|
| |
That removes a lot of code that was not necessary in the gnutls test
suite.
Resolves: #884
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
This should result to faster image loading for CI builds.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
|
|
|
|
| |
This effectively reverts !400 and ensures that we no longer tolerate
invalid DER time. This complements the previous commit by Lili Quan
and ensures we provide the --disable-strict-der-time backwards compatibility
option.
Resolves: #207
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
|
|
| |
This also includes --enable-local-libopts flag to make dist
to catch future regressions.
Resolves: #867
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The coverity run is subject to several restrictions by the service,
and thus it is not really useful in the main CI runs as it cannot reasonably
be run on MRs or master. As such we simplify the main CI file by moving the
coverity to the coverage sub-project and running it weekly.
The new location is at:
https://gitlab.com/gnutls/coverage
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|\
| |
| |
| |
| | |
maint: Include Guile's M4 macros.
See merge request gnutls/gnutls!1061
|
| |
| |
| |
| | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
| |
| |
| |
| |
| | |
as well.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
| |
| |
| |
| |
| |
| | |
'configure'.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|/
|
|
|
|
| |
This enables this test in debian build.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows the system administrator or the distributor to use
the gnutls configuration file to mark hashes, signature algorithms,
TLS versions, curves, groups, ciphers KX, and MAC algorithms as
insecure (the last four only in the context of a TLS session).
It also allows to set a minimum profile which the applications
cannot fall below.
The options intentionally do not allow marking algorithms as
secure so that the configuration file cannot be used as an attack
vector. This change also makes sure that unsupported and disabled protocols
during compile time (e.g., SSL3.0), do not get listed by gnutls-cli.
The configuration file feature can be disabled at compile time
with an empty --with-system-priority-file.
This patch it introduces the function gnutls_get_system_config_file()
allowing applications to check whether a configuration file
was used.
Resolves: #587
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|