Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | gnutls-serv: sending alerts on mismatched SNI namestomato42/gnutls-sni-alerts | Hubert Kario | 2016-05-06 | 2 | -0/+102 |
| | | | | | Extend serv utility to be able to send alerts when the name advertised by client does not match the name expected by server. | ||||
* | Add support for sending unrecognized name alerts | Hubert Kario | 2016-05-06 | 3 | -0/+8 |
| | | | | | | To better test support for server_name extension in TLS, it's necessary to be able to differentiate between name being rejected because it is unknown to the server and it being malformed. | ||||
* | tests: use the 'b' modifier for writing binary data in set_x509_key_file_der | Nikos Mavrogiannopoulos | 2016-05-04 | 1 | -1/+1 |
| | | | | This allows the test to operate properly on windows systems. | ||||
* | tests: avoid the usage of tmpnam() | Nikos Mavrogiannopoulos | 2016-05-04 | 6 | -66/+78 |
| | | | | | Use a simpler version which is confined within the testsuite build directories. | ||||
* | tests: disable checks with tmpnam() on windows | Nikos Mavrogiannopoulos | 2016-05-04 | 2 | -0/+23 |
| | |||||
* | tests: fixed 64-bit check for time_t in mini-x509 | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -1/+1 |
| | |||||
* | tests: added check for gnutls_certificate_set_x509_simple_pkcs12_file | Nikos Mavrogiannopoulos | 2016-05-03 | 3 | -1/+203 |
| | |||||
* | .gitignore: more files to ignore | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -0/+3 |
| | |||||
* | tests: added check of gnutls_certificate_set_x509_key_file2 with DER input | Nikos Mavrogiannopoulos | 2016-05-03 | 2 | -1/+119 |
| | |||||
* | tests: enhanced set_x509_key_file check | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -4/+64 |
| | | | | | That now verifies that the input is the same as the data stored in the credentials as well checks for valid operation. | ||||
* | tests: mini-x509: include the legacy verification functions into the check | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -108/+72 |
| | |||||
* | tests: added check for gnutls_certificate_set_key() | Nikos Mavrogiannopoulos | 2016-05-03 | 2 | -1/+127 |
| | |||||
* | gnutls_certificate_set_key: duplicate the provided memory | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -2/+11 |
| | | | | That is, do not assume that a heap allocated value is provided. | ||||
* | .gitlab-ci.yml: enabled coverage run in the x86 build | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -3/+4 |
| | |||||
* | tests: do not block server errors in testdsa from being printed out | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -5/+7 |
| | | | | Also added a delay prior to launching next server instance. | ||||
* | .gitignore: more test files to ignore | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -0/+18 |
| | |||||
* | pkcs11: find_ext_cb: eliminated memory leak | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -0/+1 |
| | |||||
* | pkcs11: find_cert_cb: do not use C_FindObjectsInit() when another is already ↵ | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -35/+37 |
| | | | | | | | running While some modules implicitly terminated the previous run, this is not something that PKCS#11 modules are expected to typically do. | ||||
* | pkcs11: the flag GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT will be ↵ | Nikos Mavrogiannopoulos | 2016-05-03 | 1 | -0/+18 |
| | | | | | | | | | respected by imported certificates That is, certificates imported with gnutls_pkcs11_obj_import_url() or gnutls_x509_crt_import_url() will be able to be extracted with their extensions overriden. Previously that was available only on gnutls_pkcs11_get_raw_issuer() and friends. | ||||
* | tests: added a basic PKCS#11 mock module | Nikos Mavrogiannopoulos | 2016-05-03 | 6 | -0/+3193 |
| | | | | | | This is used to test gnutls_pkcs11_obj_get_exts(), gnutls_x509_crt_import_url(), and gnutls_pkcs11_get_raw_issuer() with the GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. | ||||
* | doc update | Nikos Mavrogiannopoulos | 2016-05-02 | 1 | -1/+3 |
| | |||||
* | _gnutls_x509_crt_cpy: optimized and simplified | Nikos Mavrogiannopoulos | 2016-05-02 | 4 | -35/+26 |
| | |||||
* | exported gnutls_x509_crt_equals() and gnutls_x509_crt_equals2() | Nikos Mavrogiannopoulos | 2016-05-02 | 8 | -52/+73 |
| | | | | | These functions provide a way to compare parsed certificates. They were used internally and they are quite useful to be made available. | ||||
* | gnutls_pkcs11_obj_get_exts: updated documentation | Nikos Mavrogiannopoulos | 2016-05-02 | 1 | -3/+6 |
| | |||||
* | gnutls_x509_crt_import_url: updated documentation for new function name | Nikos Mavrogiannopoulos | 2016-05-02 | 1 | -7/+5 |
| | |||||
* | gnutls_pkcs11_add_provider: clarified params description | Nikos Mavrogiannopoulos | 2016-05-02 | 1 | -1/+1 |
| | |||||
* | tests: added checks on PKCS#1 digest info encoding/decoding | Nikos Mavrogiannopoulos | 2016-05-02 | 2 | -1/+209 |
| | |||||
* | gnutls_decode_ber_digest_info: return more precise error code on unknown hash | Nikos Mavrogiannopoulos | 2016-05-02 | 1 | -1/+1 |
| | | | | | That is instead of returning GNUTLS_E_UNKNOWN_ALGORITHM on unknown hash, return GNUTLS_E_UNKNOWN_HASH_ALGORITHM. | ||||
* | errors.h: removed terminating colon on gnutls_assert() output | Nikos Mavrogiannopoulos | 2016-05-02 | 1 | -1/+1 |
| | |||||
* | doc: updated PKCS #11 documentation | Nikos Mavrogiannopoulos | 2016-05-01 | 2 | -18/+54 |
| | |||||
* | gnutls_certificate_get_crt_raw: doc update | Nikos Mavrogiannopoulos | 2016-04-30 | 1 | -2/+2 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2016-04-30 | 1 | -0/+2 |
| | |||||
* | doc: mention the version after which gnutls_pem_base64_en/decode2() are ↵ | Nikos Mavrogiannopoulos | 2016-04-30 | 1 | -0/+12 |
| | | | | available | ||||
* | tests: use one-time files in crlcoverage | Nikos Mavrogiannopoulos | 2016-04-30 | 1 | -3/+3 |
| | |||||
* | tests: check whether the randomly generate port is used | Nikos Mavrogiannopoulos | 2016-04-30 | 1 | -1/+7 |
| | |||||
* | .gitlab-ci.yml: enabled the code coverage checks in the valgrind and ubsan ↵ | Nikos Mavrogiannopoulos | 2016-04-30 | 1 | -3/+5 |
| | | | | targets | ||||
* | tests: enhanced the key-import-export tests | Nikos Mavrogiannopoulos | 2016-04-29 | 1 | -49/+246 |
| | | | | This check now includes the abstract privkey import/export interfaces. | ||||
* | corrected import issue in gnutls_privkey_import_ecc_raw | Nikos Mavrogiannopoulos | 2016-04-29 | 1 | -1/+1 |
| | |||||
* | x509/privkey: in raw import functions set the parameter's algorithm type | Nikos Mavrogiannopoulos | 2016-04-29 | 1 | -0/+3 |
| | |||||
* | srp base64: return proper gnutls errors codes on error rather than -1 | Nikos Mavrogiannopoulos | 2016-04-29 | 1 | -4/+4 |
| | |||||
* | tests: added checks for base64 functions | Nikos Mavrogiannopoulos | 2016-04-29 | 3 | -1/+389 |
| | |||||
* | .gitlab-ci.yml: added code coverage run | Nikos Mavrogiannopoulos | 2016-04-29 | 2 | -4/+8 |
| | | | | | This enhances a test to print the code coverage of the test suite, which in turn is being used/reported by gitlab CI interface. | ||||
* | ax_code_coverage.m4: updated to latest version | Nikos Mavrogiannopoulos | 2016-04-29 | 1 | -30/+85 |
| | |||||
* | libtasn1: updated to latest version | Nikos Mavrogiannopoulos | 2016-04-29 | 3 | -6/+12 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2016-04-29 | 1 | -5/+9 |
| | |||||
* | errors.h: gnutls_assert() will log the function name in addition to ↵ | Nikos Mavrogiannopoulos | 2016-04-29 | 1 | -1/+1 |
| | | | | | | | filename/line This is quite necessary after the filenames were simplified and we have filenames with identical names in the directory structure. | ||||
* | tests: added check for SRP ID change during rehandshake | Nikos Mavrogiannopoulos | 2016-04-29 | 2 | -1/+275 |
| | | | | | The tests make sure that username changes are allowed if the flag GNUTLS_ALLOW_ID_CHANGE is specified, and prohibited otherwise. | ||||
* | tests: added check for PSK ID change during rehandshake | Nikos Mavrogiannopoulos | 2016-04-29 | 2 | -1/+192 |
| | | | | | The tests make sure that username changes are allowed if the flag GNUTLS_ALLOW_ID_CHANGE is specified, and prohibited otherwise. | ||||
* | handshake: enhance same certificate checks to apply to PSK/SRP username | Nikos Mavrogiannopoulos | 2016-04-29 | 13 | -47/+141 |
| | | | | | | That is, unless GNUTLS_ALLOW_ID_CHANGE is specified, during a rehandshake clients will not be allowed to present another certificate than the original, or change their username for PSK or SRP ciphersuites. | ||||
* | tests: added 'PFS' and 'SUITEB128' into the list of checked priority strings | Nikos Mavrogiannopoulos | 2016-04-29 | 1 | -0/+2 |
| |