| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
.gitlab-ci.yml: mark all CI jobs interruptible
Closes #1390
See merge request gnutls/gnutls!1628
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
This allows previous pipelines to be cancelled if a new job is
submitted subsequently:
https://docs.gitlab.com/ee/ci/yaml/#interruptible
Suggested-by: Zoltán Fridrich <zfridric@redhat.com>
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
interoperability testing with openssl
See merge request gnutls/gnutls!1623
|
| | |
| | |
| | |
| | | |
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
GitLab CI extended to run 2way interoperability tests with openssl on
Fedora. Also prepared for adding further interoperability tests once
they are in better shape.
Signed-off-by: Stanislav Zidek <szidek@redhat.com>
|
|\ \ \
| |_|/
|/| |
| | |
| | | |
Avoid &> redirection bashism in testsuite
See merge request gnutls/gnutls!1627
|
|/ /
| |
| |
| |
| |
| | |
Broken by 7b700dbcd5907944a7dd2f74cd26ad8586cd4bac
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
|
|\ \
| |/
|/|
| |
| |
| |
| | |
_gnutls_decrypt_pbes1_des_md5_data: use public crypto API
Closes #1392
See merge request gnutls/gnutls!1626
|
|/
|
|
|
|
|
|
| |
This is a follow-up of e7f9267342bc2231149a640163c82b63c86f1dfd. In
the decryption code path with PBES1, algorithm checks for FIPS was not
applied, because it used internal functions that bypass those checks.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\
| |
| |
| |
| | |
Update doc for GNUTLS_CB_TLS_EXPORTER towards RFC9266.
See merge request gnutls/gnutls!1621
|
|/
|
|
| |
Signed-off-by: Simon Josefsson <simon@josefsson.org>
|
|\
| |
| |
| |
| | |
KTLS: hotfix
See merge request gnutls/gnutls!1620
|
|/
|
|
|
|
|
|
|
|
| |
session->internals.pull_func is set to system_read during gnutls_init()
so check for user set pull/push function added in commit mentioned
bellow will never pass.
source: 2d3cba6bb21acb40141180298f3924c73c7de8f8
Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>
|
|\
| |
| |
| |
| | |
Release 3.7.7
See merge request gnutls/gnutls!1619
|
|/
|
|
| |
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
|\
| |
| |
| |
| | |
Make gnutls-cli work with KTLS
See merge request gnutls/gnutls!1617
|
| |
| |
| |
| |
| |
| |
| | |
This allows gnutls-cli to use KTLS for the transport, unless either
--save-client-trace or --save-server-trace is used.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
If gnutls_transport_set_pull_function or
gnutls_transport_set_push_function is used, we can't assume the
underlying transport handle is an FD.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| |/
|/|
| |
| |
| |
| | |
Fix double free during gnutls_pkcs7_verify
Closes #1383
See merge request gnutls/gnutls!1615
|
|/
|
|
| |
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
|\
| |
| |
| |
| | |
guile: revert gnutls/build/tests.scm to use use-modules
See merge request gnutls/gnutls!1618
|
|/
|
|
|
|
|
|
| |
This partially reverts e727eb7901a3f1754de970c8529925ae3d591b90. For
some reason, the usage of #:use-module causes some behavioral
difference that affects reauth.scm test.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\
| |
| |
| |
| |
| |
| | |
Fix memory leak in gnutls_pkcs7_import
Closes #1387
See merge request gnutls/gnutls!1616
|
|/
|
|
| |
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
|\
| |
| |
| |
| | |
crypto-api: add block cipher API with automatic padding
See merge request gnutls/gnutls!1611
|
|/
|
|
|
|
|
|
| |
This adds a couple of functions gnutls_cipher_encrypt3 and
gnutls_cipher_decrypt3, which add or remove padding as necessary if
the length of the plaintext is not a multiple of the block size.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\
| |
| |
| |
| |
| |
| | |
Suppress compile time warnings on Fedora 36
Closes #1386
See merge request gnutls/gnutls!1606
|
| |
| |
| |
| |
| |
| |
| | |
*.dane.verisignlabs.com and fedoraproject.org are no longer
resolvable.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| |
| |
| |
| |
| | |
This silences -Wsuggest-attribute=malloc warning with GCC 12. While
we could use ATTRIBUTE_DEALLOC(fclose, 1), it is currently not
possible to use it until Gnulib is updated.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| |
| |
| | |
Spotted by gcc-analyzer 12.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| |
| |
| | |
To suppress warnings with gcc-analyzer 12.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| |
| |
| | |
Spotted by gcc-analyzer 12.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
| |
| |
| |
| | |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
guile: Allow session record ports to have a 'close' procedure
See merge request gnutls/gnutls!1610
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This addition makes it easy to close the backing file descriptor or port
of a session when its record port is closed.
* guile/src/core.c (SCM_GNUTLS_SESSION_RECORD_PORT_SESSION): Add SCM_CAR.
(SCM_GNUTLS_SESSION_RECORD_PORT_CLOSE_PROCEDURE)
(SCM_GNUTLS_SET_SESSION_RECORD_PORT_CLOSE)
(SCM_GNUTLS_SESSION_RECORD_PORT_P)
(SCM_VALIDATE_SESSION_RECORD_PORT): New macros.
(make_session_record_port): Change "stream" argument to a pair.
(close_session_record_port): New function.
(scm_gnutls_session_record_port): Add optional 'close' parameter and
honor it.
(scm_gnutls_set_session_record_port_close_x): New function.
(scm_init_gnutls_session_record_port_type): Add call to
'scm_set_port_close' and 'scm_set_port_needs_close_on_gc'.
* guile/tests/session-record-port.scm: Test it.
* NEWS: Update.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
Remove support for Guile 1.8.
See merge request gnutls/gnutls!1608
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The last Guile 1.8.x release dates back to 2010.
* configure.ac: Remove 1.8 from 'GUILE_PKG'.
* doc/gnutls-guile.texi (Guile Preparations): Remove mention of Guile 1.8.
* guile/src/core.c (mark_session_record_port)
(free_session_record_port): Remove.
(scm_init_gnutls_session_record_port_type): Remove corresponding
'scm_set_port_mark' and 'scm_set_port_free' calls.
* guile/modules/gnutls.in: Remove top-level 'cond-expand' forms for
Guile 1.8.
* guile/modules/gnutls/build/tests.scm: Likewise.
* NEWS: Update.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|/ /
| |
| |
| |
| |
| | |
* m4/guile.m4: Update from Guile 3.0.7.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
accelerated: aarch64: add OpenBSD/aarch64 support
See merge request gnutls/gnutls!1612
|
|/ /
| |
| |
| | |
Signed-off-by: Brad Smith <brad@comstyle.com>
|
|\ \
| | |
| | |
| | |
| | | |
cipher: limit plaintext length supplied to AES-GCM
See merge request gnutls/gnutls!1603
|
|/ /
| |
| |
| |
| |
| |
| | |
According to SP800-38D 5.2.1.1, input data length of AES-GCM
encryption function must be less than or equal to 2^39-256 bits.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
guile: Session record port treats premature termination as EOF.
See merge request gnutls/gnutls!1609
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* guile/src/core.c (do_fill_port) [USING_GUILE_BEFORE_2_2]: Treat
GNUTLS_E_PREMATURE_TERMINATION as EOF.
(read_from_session_record_port) [!USING_GUILE_BEFORE_2_2]: Likewise.
* guile/tests/premature-termination.scm: New file.
* guile/Makefile.am (TESTS): Add it.
* NEWS: Update.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|\ \
| | |
| | |
| | |
| | | |
Add self-test code inside a FIPS context
See merge request gnutls/gnutls!1607
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Self-test code exercise lots of different FIPS-related code with
side-effects. So, in order to prevent it from losing information when
executing inside another context, we create an appropriated one.
If the self-test fails, then the library is placed in error state, so it
doesn't matter for other contexts.
Signed-off-by: Richard Maciel Costa <richard.costa@suse.com>
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Increase the limit of TLS PSK usernames
Closes #1323
See merge request gnutls/gnutls!1581
|
|/ /
| |
| |
| |
| | |
Co-authored-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
|\ \
| |/
|/|
| |
| | |
tests/fips-test: minor extension
See merge request gnutls/gnutls!1605
|