summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* tests: check whether large packets are allowed on the handshakemax-handshake-recvNikos Mavrogiannopoulos2016-09-192-1/+286
|
* do not allow sending overflowed extensions fieldNikos Mavrogiannopoulos2016-09-191-0/+3
| | | | That is, restrict the extensions to a 2^16 total size.
* tests: minor improvements in mini-extensionNikos Mavrogiannopoulos2016-09-191-1/+10
| | | | This will improve recovery from error conditions.
* Increased the maximum size allowed for handshake messages to 96kbNikos Mavrogiannopoulos2016-09-191-1/+1
| | | | | This would allow the library to cope with larger packets, as well as TLS 1.3 hellos. Suggested by Hubert Kario.
* tests: added check for insecure keyNikos Mavrogiannopoulos2016-09-175-5/+198
| | | | | That is, a check which verified whether a connection to a server with a very small key will fail the certificate verification check.
* doc updateseparate-error-codes-for-invalid-keysNikos Mavrogiannopoulos2016-09-171-0/+2
|
* Introduced separate error codes for invalid private and public keysNikos Mavrogiannopoulos2016-09-174-19/+19
| | | | | | This allows functions like decryption and verification to report the specific issue they encountered on public key error. The new codes are GNUTLS_E_PK_INVALID_PUBKEY and GNUTLS_E_PK_INVALID_PRIVKEY
* .gitlab-ci.yml: no longer require gnutls-develno-gnutls-develNikos Mavrogiannopoulos2016-09-151-2/+2
| | | | This package is no longer needed to run abi-check.
* Makefile: abi-check no longer require gnutls headers to be installedNikos Mavrogiannopoulos2016-09-151-1/+3
| | | | | This addresses the issue of requiring gnutls-devel in the CI system to run abi-check.
* doc: remove the conditional self_test functionsnprocNikos Mavrogiannopoulos2016-09-141-5/+1
| | | | | | Also prevent them by re-entering the documented functions list by restricting the header files that contribute functions to the known list defined by $(HEADER_FILES).
* Makefile.am: introduced 'make files-update' ruleNikos Mavrogiannopoulos2016-09-143-4/+12
| | | | | | This rule updates the makefiles in doc/ and the kept symbol list. This allows for easier automation of the symbol change 'make dist' breakages.
* manpages: delete comparison temp fileNikos Mavrogiannopoulos2016-09-141-0/+1
|
* Makefile.am: symbol changes were made more elaborateNikos Mavrogiannopoulos2016-09-141-9/+26
| | | | | During make dist, the makefile will report the appropriate symbol change message with instructions and fail.
* updated doc and symbol files for ↵Nikos Mavrogiannopoulos2016-09-143-0/+4
| | | | gnutls_certificate_set_ocsp_status_request_function2
* Makefile.am: print the symbols.last diff on make distNikos Mavrogiannopoulos2016-09-141-1/+1
| | | | | This allows to manually verify the contents before overriding the old file.
* doc: allow creation of gnutls.epub without running epub-fixNikos Mavrogiannopoulos2016-09-141-1/+1
|
* .gitlab-ci.yml: use nproc as argument to 'make -j'Nikos Mavrogiannopoulos2016-09-141-17/+17
| | | | | That way, we use as many make processes, as the number of CPUs in the CI system.
* .gitlab-ci.yml: added build which runs 'make dist'Nikos Mavrogiannopoulos2016-09-141-0/+15
| | | | | | This tests whether the manpages, info, html, pdf and epub manual are properly generated, and whether any new functions were included into makefiles.
* doc: fixed the epub documentation generationNikos Mavrogiannopoulos2016-09-131-4/+6
|
* gnutls_certificate_set_ocsp_status_request_file: mention version it was enhancedNikos Mavrogiannopoulos2016-09-131-0/+3
|
* doc: corrected typoNikos Mavrogiannopoulos2016-09-131-1/+1
|
* Add ECDHE-* to the priority string docs for key exchange algorithmsAlex Monk2016-09-131-1/+1
| | | | | | | GNUTLS_KX_ECDHE_PSK was added in 2.99.3 (released 2011-06-18) The other two were added in 2.99.2 (released 2011-05-26) Signed-off-by: Alex Monk <krenair@gmail.com>
* doc updateNikos Mavrogiannopoulos2016-09-131-0/+4
|
* .gitlab-ci.yml: added check for position dependent codeNikos Mavrogiannopoulos2016-09-131-4/+9
|
* Makefile.am: added check for position dependent codeNikos Mavrogiannopoulos2016-09-131-0/+7
| | | | | This check will verify that the generated library doesn't contain position dependent code. It depends on elf utilities.
* openssl asm: reverted to AESNI-x86 code to gnutls 3.4.x codeNikos Mavrogiannopoulos2016-09-133-2193/+1283
| | | | The newer code was creating position dependent code.
* tests: added checks to verify server understanding of UTF8 hostnamesidna-serverNikos Mavrogiannopoulos2016-09-125-3/+393
| | | | | This verifies whether a server can understand and serve requests which contain UTF-8 server names.
* tests: set_key: fixed the time overrideNikos Mavrogiannopoulos2016-09-121-2/+2
|
* tests: set_key: enabled failure_mode testNikos Mavrogiannopoulos2016-09-121-1/+6
| | | | Also eliminated memory leaks related to it.
* Added IDNA support in server sideNikos Mavrogiannopoulos2016-09-121-4/+24
| | | | | | Any server names provided to server side by the gnutls_certificate_set_* functions, are converted to IDNA format for comparison with client provided values.
* doc updatecleanupsNikos Mavrogiannopoulos2016-09-121-0/+19
|
* .gitlab-ci.yml: restrict the freebsd builds to local branches onlyNikos Mavrogiannopoulos2016-09-121-0/+4
|
* Add SIGN-ECDSA-SHA* to the priority strings docsAlex Monk2016-09-121-4/+5
| | | | | | There were added in version 2.99.2, 2011-05-26 Signed-off-by: Alex Monk <krenair@gmail.com>
* gnutls_certificate_set_*key: ensure proper cleanup on key mismatch failuresNikos Mavrogiannopoulos2016-09-121-2/+11
| | | | | That is, ensure that we keep no local references that are shared with the caller, and that we properly free all initialized values.
* tests: check key mismatch on gnutls_certificate_set_*keyNikos Mavrogiannopoulos2016-09-122-4/+92
| | | | | That is, check whether these functions can successfully recover from such condition, without leaks or double freeing.
* tests: added unit testing for ↵Nikos Mavrogiannopoulos2016-09-122-1/+238
| | | | gnutls_certificate_set_ocsp_status_request_function2
* tests: added unit tests for gnutls_certificate_set_x509_key()Nikos Mavrogiannopoulos2016-09-123-109/+289
| | | | | In addition these tests verify that the expected index is returned and that can be used with gnutls_certificate_get_crt_raw() afterwards.
* tests: enhanced set_x509_key tests to include index verificationNikos Mavrogiannopoulos2016-09-121-41/+53
| | | | | That is, verify that correct indexes are returned, and these can be used with gnutls_certificate_get_crt_raw() afterwards.
* tests: enhanced set_x509_key_file tests to include index verificationNikos Mavrogiannopoulos2016-09-123-30/+123
| | | | | That is, verify that correct indexes are returned, and these can be used with gnutls_certificate_get_crt_raw() afterwards.
* tests: more checks for functionality of ↵Nikos Mavrogiannopoulos2016-09-123-4/+255
| | | | | | | | | gnutls_certificate_set_ocsp_status_request_file This introduces checks for the cases where gnutls_certificate_set_ocsp_status_request_file() is called with multiple indexes, to set an OCSP response for different certificates. The tests then verify whether the expected OCSP response is received.
* Added gnutls_certificate_set_ocsp_status_request_function2Nikos Mavrogiannopoulos2016-09-128-77/+156
| | | | | | | | | | | That introduces a new function to allow setting an OCSP status request handling function per certificate. Furthermore it repurposes the flag parameters to an index option on gnutls_certificate_set_ocsp_status_request_file. The changes above allow setting a different OCSP status response file per certificate, and a different function. The indexes they rely on to associate with existing certs are the indexes returned by the gnutls_certificate_set_key() and friends functions.
* All the key and chain set functions return an indexNikos Mavrogiannopoulos2016-09-122-20/+29
| | | | | | | When setting key and certificate material to a gnutls_certificate_credentials_t structure, the corresponding set functions will return an index. That index could be used later either on the get functions, or when setting corresponding data (e.g., an OCSP response).
* doc: clarifications in gnutls_certificate_set_ocsp_status_request_function()Nikos Mavrogiannopoulos2016-09-121-4/+3
|
* Typo fixes found by lintian.Andreas Metzler2016-09-122-2/+2
| | | | incosistent, ommited
* .gitlab-ci.yml: added code-coverage output to clang buildNikos Mavrogiannopoulos2016-09-111-1/+2
|
* .gitlab-ci.yml: the code-coverage command will always succeedNikos Mavrogiannopoulos2016-09-111-6/+12
| | | | This works around random failures while calculating the code coverage.
* .gitlab-ci.yml: moved commonly installed packages into the before_script fieldNikos Mavrogiannopoulos2016-09-111-29/+10
|
* .gitlab-ci.yml: added syntax check buildNikos Mavrogiannopoulos2016-09-111-0/+13
|
* cfg.mk: revived 'make release'Nikos Mavrogiannopoulos2016-09-111-45/+11
|
* several spacing fixes to keep syntax-check happyNikos Mavrogiannopoulos2016-09-11210-2821/+2962
|
View Lorry Controller Status