| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
Previously this flag was ignored, although documented not to.
This patch also enables the tests sign-verify-newapi and sign-verify-data-newapi
which were supposed to test this interface, but were never enabled.
This was caught by Andreas Metzler.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |\
| |
| |
| |
| |
| |
| | |
Remove unbounded uses of alloca in the Guile bindings
Closes #684
See merge request gnutls/gnutls!1022
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* guile/src/core.c (ALLOCA_MAX_SIZE, FAST_ALLOC): New macros.
(set_certificate_file):
(scm_gnutls_set_certificate_credentials_x509_key_files_x)
(scm_gnutls_set_srp_server_credentials_files_x)
(scm_gnutls_set_srp_client_credentials_x)
(scm_gnutls_srp_base64_encode, scm_gnutls_srp_base64_decode)
(scm_gnutls_set_psk_server_credentials_file_x)
(scm_gnutls_pkcs8_import_x509_private_key)
(scm_gnutls_x509_certificate_matches_hostname_p)
(scm_gnutls_import_openpgp_private_key): Use 'FAST_ALLOC' instead of
'alloca'.
* guile/src/utils.c: Remove unneeded <alloca.h> include.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* guile/src/core.c (scm_gc_malloc_pointerless)
[!HAVE_SCM_GC_MALLOC_POINTERLESS]: New macro.
(make_session_record_port): Remove #ifdef HAVE_SCM_GC_MALLOC_POINTERLESS.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
| |\ \
| | |
| | |
| | |
| | | |
tls13/key_update: ignore multiple key updates instead of error
See merge request gnutls/gnutls!1019
|
| |/ /
| |
| |
| |
| |
| |
| |
| | |
This fixes the multiple KeyUpdate messages handling in commit
65e2aa80d114d4bef095d129c2eda475e473244a, where illegal_parameter is
sent even if the limit doesn't exceed.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |\ \
| | |
| | |
| | |
| | | |
Prefix gcc attributes with 'attr_'
See merge request gnutls/gnutls!1017
|
| |/ /
| |
| |
| | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | |
| |
| |
| | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |\ \
| | |
| | |
| | |
| | | |
Fix warn_unused_result for clang < 4
See merge request gnutls/gnutls!1016
|
| |/ /
| |
| |
| | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |\ \
| |/
|/|
| |
| | |
.gitlab-ci.yml: switched fedora to latest version
See merge request gnutls/gnutls!1015
|
| |/
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |\
| |
| |
| |
| | |
RELEASES.md: document the releases policy
See merge request gnutls/gnutls!1011
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds a file to document the policy on releases based on
the discussions taken place in the last face to face meeting.
https://gitlab.com/gnutls/gnutls/wikis/face2face-meeting-fosdem2019
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Do not regenerate autogen files if --enable-local-libopts is given
Closes #772
See merge request gnutls/gnutls!1010
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This addresses issue on installed systems which have autogen but
use --enable-local-libopts. In these systems if the installed autogen
would not match the local libopts library version compilation would
fail because the auto-generated files depend on the corresponding to
autogen version libopts internals.
Resolves: #772
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
Makefile.am: do not create files when it shouldn't
See merge request gnutls/gnutls!1014
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If a pdf or html file is not distributed, previously `make dist`
would create a file called '*.pdf' which did not make sense. This
addresses this problem.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |\ \ \
| |/ /
|/| |
| | |
| | | |
Datum.c cleanup
See merge request gnutls/gnutls!1002
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
_gnutls_set_datum(): Do not change output 'dat' on error
_gnutls_set_strdatum: Likewise, cleanup code
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |/ /
| |
| |
| | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | |
| |
| |
| |
| |
| |
| | |
It compicates the 'make dist' phase and does not add much
value as the files are available from the web site.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| | |
| |
| |
| | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| | |
| |
| |
| | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |/
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |\
| |
| |
| |
| |
| |
| | |
Do not add libraries in the global LIBS in configure
Closes #735
See merge request gnutls/gnutls!1008
|
| | |
| |
| |
| |
| |
| |
| |
| | |
We do not use this variable as it is global and applies to all of
tests, applications and library, and when it is set it is usually due to
bugs in configure.ac.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
This ensures that libraries are linked with the programs
requiring them.
Resolves: #735
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |\
| |
| |
| |
| | |
tests: prf-early fixes the global version
See merge request gnutls/gnutls!1009
|
| | |
| |
| |
| | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |/
|
|
|
|
|
|
| |
This allows having fixed data in the hello message involved.
That required exposing the variable holding the global gnutls
version number for testing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
|
|
|
| |
In order to make the CI functional again. The version number update
seems to conflict with tests/tls13/prf-early.sh
This reverts commit d34d93b8713cf10235ce7016fd69b6932b0752c0.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
| |
This eliminates unexpected failures of the test in slower systems.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
These are mersenne primes so q = (p - 1) / 2
We check that p = (q * 2) + 1
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
In FIPS mode do an extra check that we did have Q, but it is always
passed into the tls13 derive function from the callers.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
This test ensures that public keys are properly tested for validity
before a ECDH exchange is computed.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
This test ensures that public keys are properly tested for validity
before a DH exchange is computed.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
| |
This is for NIST SP800-56A requirements and FIPS CAVS testing.
GnuTLS never passes in a non-empty Q for normal operations, but tests will
and if Q is passed in it needs to be checked.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
