summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* gnutls_transport_set_pull_timeout_function: doc update [ci skip]Nikos Mavrogiannopoulos2017-04-041-5/+9
| | | | | | | Clarified when this function should be set. Based on suggestion by Sean Greenslade. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Use NORMAL priority for SSLv23_*_method.Andreas Metzler2017-04-031-2/+2
| | | | | | | Instead of enforcing TLS1.0/SSL3.0 use gnutls NORMAL priority for SSLv23_*_methods. http://bugs.debian.org/857436
* tests: Copy template out of ${srcdir}Matt Turner2017-04-011-2/+2
| | | | | | Otherwise, out of tree builds will fail to copy the template. Signed-off-by: Matt Turner <mattst88@gmail.com>
* tests: added checks with problematic PKCS#12 filesNikos Mavrogiannopoulos2017-03-315-2/+69
| | | | | | | These check whether parsing of unsupported files (e.g., with RC2-128), will succeed. This serves as functionality check for gnutls_pkcs8_info. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_pkcs8_info: do not free oid on GNUTLS_E_UNKNOWN_CIPHER_TYPENikos Mavrogiannopoulos2017-03-311-1/+5
| | | | | | | The documented behavior of the function was to return a valid OID in that case. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc update [ci skip]Nikos Mavrogiannopoulos2017-03-301-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* .travis.yml: no longer install pkg-configNikos Mavrogiannopoulos2017-03-281-1/+1
| | | | | | | Travis build seem to fail for some reason since pkg-config is already installed. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* ocsp-test: disable under windowsNikos Mavrogiannopoulos2017-03-261-2/+2
| | | | | | This test was failing because datefudge couldn't run under win32. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Revert "ocsp-test: disable under windows"Nikos Mavrogiannopoulos2017-03-261-5/+0
| | | | This reverts commit 90d5ad5a42759957866ba1d9c96f5dccfd3ea1cc.
* ocsp-test: disable under windowsNikos Mavrogiannopoulos2017-03-261-0/+5
| | | | | | This test was failing because datefudge couldn't run under win32. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* .gitlab-ci.yml: increase time of artifact expirationNikos Mavrogiannopoulos2017-03-251-1/+1
| | | | | | | This allows to re-run failed builds on the depending stages during that time. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* gnutls.pc: Removed P11_KIT_LIBS from Libs.privateNikos Mavrogiannopoulos2017-03-251-1/+1
| | | | | | | It was already being included in Requires.private. Reported by Andreas Metzler. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* gnutls.pc: don't include zlib twice in private libsNikos Mavrogiannopoulos2017-03-232-2/+5
|
* tests: added unit test of gnutls_pubkey_verify_data2 override flagsNikos Mavrogiannopoulos2017-03-222-1/+142
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* _gnutls_check_key_cert_match: allow broken sigsNikos Mavrogiannopoulos2017-03-221-1/+1
| | | | | | | That ensures that when loading a certificate pair with SHA1, when SHA1 is disabled will not cause the server to fail to load. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Use a common function to decide acceptable signaturesNikos Mavrogiannopoulos2017-03-223-7/+6
| | | | | | | | That is, ensure that results from all verification functions, including gnutls_pubkey_verify_data2(), will be consistent with SHA1 and other algorithms deprecation. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* check_ocsp_response: utilize the same flags as in certificate verificationNikos Mavrogiannopoulos2017-03-221-5/+8
| | | | | | | That ensures that overrides like using broken algorithms are considered in OCSP validation. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc updateNikos Mavrogiannopoulos2017-03-211-0/+2
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added script to check pkg-config operationNikos Mavrogiannopoulos2017-03-212-1/+63
| | | | | | | That is, whether the generated gnutls.pc will function for compiling and linking. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* gnutls.pc: don't pass the libtool vars to Libs.privateNikos Mavrogiannopoulos2017-03-211-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* doc updateNikos Mavrogiannopoulos2017-03-211-0/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: improved tls-rehandshake testsNikos Mavrogiannopoulos2017-03-212-92/+8
| | | | | | | Used common definitions from cert-common.h for certificates, and improved error detection in tls-rehandshake-cert-2. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: check whether a rehandshake without a cert worksNikos Mavrogiannopoulos2017-03-212-1/+313
| | | | | | | | | That is, check whether if on initial handshake the server requests a certificate, but on the following rehandshake he doesn't, whether the client behaves as expected. This tests: 1f685db853db6e48c77c6dbde0cdf716a7303baa Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* handshake: reset cert request state on handshake initNikos Mavrogiannopoulos2017-03-215-16/+14
| | | | | | | | That addresses a bug which on client side on case of an initial handshake with a client certificate, we continue to send this certificate even if on rehandshake we were not requested with on. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Avoid deprecation warnings when including gnutls/abstract.hMartin Storsjo2017-03-181-1/+1
| | | | | | | | | | | | | | | | | | | Since ac3de8f5, when all openpgp functionality was deprecated, a library user including gnutls/abstract.h gets warnings about deprecated declarations, like this: gnutls/openpgp.h:328:10: warning: ‘gnutls_openpgp_recv_key_func’ is deprecated [-Wdeprecated-declarations] gnutls_openpgp_recv_key_func func) _GNUTLS_GCC_ATTR_DEPRECATED; This warning is emitted since the gnutls_openpgp_set_recv_key_function prototype uses the deprecated typedef gnutls_openpgp_recv_key_func. By omitting the deprecation attribute from this individual typedef, we avoid the spurious warnings in calling code which just includes gnutls/abstract.h without actually using anything related to openpgp. Signed-off-by: Martin Storsjo <martin@martin.st>
* Fix a typo in a variable name in an m4 scriptMartin Storsjo2017-03-161-1/+1
| | | | Signed-off-by: Martin Storsjo <martin@martin.st>
* build: disable valgrind tests by defaultAlon Bar-Lev2017-03-154-24/+30
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* build: tests: resolve as-needed issue with seccompAlon Bar-Lev2017-03-141-4/+6
| | | | | | | | | | | Incorrect ordering of -lseccomp: <snip> -Wl,--as-needed ../lib/.libs/libgnutls.so -lseccomp ./.libs/libutils.a ./.libs/libutils.a(seccomp.o): In function seccomp_init' seccomp.c:(.text+0x2b): undefined reference to `seccomp_init' <snip> Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* gnutls_pkcs11_privkey_init: document limitation on created objectNikos Mavrogiannopoulos2017-03-142-3/+18
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* pkcs11: re-open privkey session handle on CKR_SESSION_HANDLE_INVALIDNikos Mavrogiannopoulos2017-03-141-3/+11
| | | | | | | When initializing a private key operation, attempt to re-open the key if CKR_SESSION_HANDLE_INVALID is received. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc updateNikos Mavrogiannopoulos2017-03-141-0/+4
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: introduced check for parallel operation (signatures) in PKCS#11 modeNikos Mavrogiannopoulos2017-03-142-1/+199
| | | | | | | That is, verify that parallel signatures using a single gnutls_pkcs11_privkey_t context work. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* pkcs11: re-open private key session inside a locked sectionNikos Mavrogiannopoulos2017-03-143-34/+67
| | | | | | | This prevents clashes when the same operation is carried in other threads. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* pkcs11: introduced locks to PKCS#11 private key structureNikos Mavrogiannopoulos2017-03-141-0/+24
| | | | | | | This allows to run PKCS#11 private key operations such as signing and decryption in parallel. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* ax_code_coverage.m4: updated [ci skip]Nikos Mavrogiannopoulos2017-03-131-57/+47
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* tests: cert-tests: openpgp-certs: align test redirectionAlon Bar-Lev2017-03-131-1/+1
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: suppressions.valgrind: supress fillin_rpathAlon Bar-Lev2017-03-136-0/+48
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: remove unused suppressions.valgrindAlon Bar-Lev2017-03-131-16/+0
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: scripts: suppress which errorsAlon Bar-Lev2017-03-121-2/+2
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* doc updateNikos Mavrogiannopoulos2017-03-121-1/+2
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Do not attempt to parse a 32-bit integer if a packet is not 4 bytes.Alex Gaynor2017-03-123-2/+2
| | | | | | | This addresses: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=824 Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
* doc updateNikos Mavrogiannopoulos2017-03-091-0/+11
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Do not attempt to parse a 32-bit integer if a packet is not 4 bytes.Alex Gaynor2017-03-093-2/+2
| | | | | | | This addresses: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=737 Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
* Makefile.am: Added missing filegnutls_3_5_10Nikos Mavrogiannopoulos2017-03-061-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* doc updateNikos Mavrogiannopoulos2017-03-061-0/+1
|
* .gitlab-ci.yml: execute initialization stage unconditionallyNikos Mavrogiannopoulos2017-03-061-6/+4
| | | | | | This step is required both in tags and commit runs. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* bumped versionNikos Mavrogiannopoulos2017-03-063-3/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* _gnutls_set_strdatum: always return an allocated string on successNikos Mavrogiannopoulos2017-03-051-2/+4
| | | | | | That prevents returning NULL to functions which require a string. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* doc updateNikos Mavrogiannopoulos2017-03-051-0/+5
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Enforce the max packet length for OpenPGP subpackets as wellAlex Gaynor2017-03-053-3/+9
| | | | | | | This addresses: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=392 Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>
View Lorry Controller Status