| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
This script will handle other backports except ECC as well.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, we hard-coded the sonames of linked libraries for FIPS
integrity checking. That required downstream packagers to manually
adjust the relevant code in lib/fips.c, when a new interface version
of the dependent libraries (nettle, gmp) becomes available and linked
to libgnutls.
This patch automates that process with the configure script.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
| |
As the script now imports not just Curve448, but also gost code, rename
the script, target directory and symbols to follow that.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
|
|
|
|
|
| |
This enables to use bundled ChaCha20 implementation if the system
nettle doesn't have nettle_chacha_set_counter.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
| |
These tests are not being run, and they can cause issues as
in !1208.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We previously had checks of enum values with '#if', such as below:
#define GNUTLS_EXTENSION_MAX_VALUE 31
typedef enum extensions_t {
...
GNUTLS_EXTENSION_MAX /* not real extension - used for iterators */
} extensions_t;
/* we must provide at least 16 extensions for users to register */
#if GNUTLS_EXTENSION_MAX_VALUE - GNUTLS_EXTENSION_MAX < 16
# error not enough extension types
#endif
This doesn't work as expected; because GNUTLS_EXTENSION_MAX is not
defined as a preprocessor macro, it always expands to 0. To properly
do this check, we need to use static assert as provided as the
'verify' macro in gnulib.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
According to RFC5280 a certificate must not include more than
one instance of a particular extension. We were previously printing
warnings when such extensions were found, but that is insufficient
to flag such certificates. Instead, refuse to import them.
Resolves: #887
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|\
| |
| |
| |
| | |
Change HTTP:// references to HTTPs:// (generally)
See merge request gnutls/gnutls!910
|
| |
| |
| |
| | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|/
|
|
|
|
|
|
|
| |
It's found in ws2tcpip.h which is already included in gnutls_int.h
arpa/inet.h doesn't exist on Windows, so add arpa_inet to the list of headers
replaced by gnulib if not found.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
|
|
|
|
|
|
|
| |
This was not set in all of our CI platforms, and was causing
issues in MacOSX.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|\
| |
| |
| |
| | |
Use inet_pton() from gnulib
See merge request gnutls/gnutls!913
|
| |
| |
| |
| | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|/
|
|
|
|
|
|
|
|
| |
If gnulib's network stack is brought (due to a dependency) in the library
it will make the library unusable to non-gnulib using applications. This
prevents windows applications for example to use gnutls, and so on. Even
more it is quite hard to catch that issue because our testsuite uses
gnulib as well. Instead we try to catch the these modules at import time.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
|
|
| |
Although we have few submodules they are not all required for
building and testing. This patch modified bootstrap.conf not
to update all of them, but only the necessary for building and
testing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
|
|
|
| |
strcasecmp() has side effects in some locales.
What we really need is c_strcasecmp() from Gnulib for comparing
ASCII strings.
Fixes #570
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
| |
Setting $SUBMODULE_NOFETCH to a non-empty value adds
--no-fetch to the git command (for CI speedup).
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
| |
Also included the gnulib inttype module for portability.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
|
| |
Some files in gl/tests won't build in environments without
strdup(), e.g. MinGW on Debian. The gnulib docs advise to
explicitly add the module.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
|
|
|
| |
This makes manual updating of the translations obsolete.
From now on, builds and tarballs will always have the latest translations
included.
We should not forget to inform translationproject.org to update the
translations before a release. How to do that is described at
https://translationproject.org/html/maintainers.html (6. Announcing).
|
|
|
|
|
|
|
|
|
|
|
| |
'autoreconf' created a different configure script than ./bootstrap.
The result was a broken wchar.h that failed to compile.
The work-around was 'autoreconf -I gl/m4' which is not what a developer
expects. This patch moves gl/m4/* to m4/ which is the default include dir
for autoreconf.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|