1. 25 Jan, 2021 2 commits
  2. 22 Jan, 2021 1 commit
    • Daiki Ueno's avatar
      fips: avoid memleak in (EC)DH internal APIs · b053f06c
      Daiki Ueno authored
      There were some confusions of gnutls_pk_params_clear and
      gnutls_pk_params_release, as well as the number of parameters to scan
      in the gnutls_pk_params_st structure.
      
      Flagged by address sanitizer:
        ==354688==ERROR: LeakSanitizer: detected memory leaks
      
        Direct leak of 192 byte(s) in 12 object(s) allocated from:
            #0 0x7f13506163cf in __interceptor_malloc (/lib64/libasan.so.6+0xab3cf)
            #1 0x7f13503b94de in wrap_nettle_mpi_init /home/ueno/devel/gnutls/lib/nettle/mpi.c:79
            #2 0x7ffcb8495f07  ([stack]+0x1ef07)
      
        Direct leak of 160 byte(s) in 10 object(s) allocated from:
            #0 0x7f13506163cf in __interceptor_malloc (/lib64/libasan.so.6+0xab3cf)
            #1
      
       0x7f13503b94de in wrap_nettle_mpi_init /home/ueno/devel/gnutls/lib/nettle/mpi.c:79
      Signed-off-by: Daiki Ueno's avatarDaiki Ueno <ueno@gnu.org>
      b053f06c
  3. 11 Jan, 2021 1 commit
  4. 09 Jan, 2021 1 commit
  5. 08 Jan, 2021 4 commits
  6. 07 Jan, 2021 1 commit
  7. 02 Jan, 2021 3 commits
  8. 30 Dec, 2020 1 commit
  9. 29 Dec, 2020 7 commits
  10. 08 Dec, 2020 2 commits
  11. 02 Dec, 2020 2 commits
  12. 01 Dec, 2020 5 commits
  13. 30 Nov, 2020 1 commit
    • Michael Catanzaro's avatar
      x509: Improve documentation of new set_getissuer_function · 7cb08a84
      Michael Catanzaro authored
      
      
      Since gnutls!1354, some of this information is now obsolete. The caller
      is no longer responsible for verifying the certificate or adding it to
      the trust list. GnuTLS will now handle that. Instead, the callback
      should always import the missing certificate and return success if the
      certificate was imported, or failure otherwise.
      
      Also, let's point to gnutls_x509_crt_get_authority_info_access(), since
      it is useful in combination with this function.
      
      Finally, since this callback is emitted once for each missing
      intermediate certificate, it's probably less confusing if we talk about
      only a single missing intermediate here. Yes, there could be multiple
      missing certificates, but a single invocation of this callback can only
      deal with one.
      Signed-off-by: Michael Catanzaro's avatarMichael Catanzaro <mcatanzaro@gnome.org>
      7cb08a84
  14. 29 Nov, 2020 3 commits
  15. 26 Nov, 2020 1 commit
  16. 25 Nov, 2020 1 commit
  17. 24 Nov, 2020 3 commits
  18. 21 Nov, 2020 1 commit