- Sep 18, 2018
-
-
Nikos Mavrogiannopoulos authored
There are gnulib tests which fail on travis systems but are not necessary for gnutls. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
- Sep 17, 2018
-
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Tim Rühsen authored
Fixes #531 Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
-
- Sep 14, 2018
-
-
Tim Rühsen authored
This backports the cleanups in gnutls_x509_trust_list_add_crls() from 3.6.x, and addresses a use-after-free. Resolves #554 Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
-
- Jul 18, 2018
-
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
- Jul 17, 2018
-
-
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
Nettle switched prototypes for base64_encode_raw() as follows: -base64_encode_raw(uint8_t *dst, size_t length, const uint8_t *src); +base64_encode_raw(char *dst, size_t length, const uint8_t *src); That means we need to cast fist param to void if we want to avoid warnings on different platforms. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
- Jul 16, 2018
-
-
Nikos Mavrogiannopoulos authored
This avoids any incompatibilities between abi-compliance-checker and abi-dumper. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
Update gtk-doc.make, m4/gtk-doc.m4 and doc/reference/Makefile.am from gtk-doc git head (that is 1.26 + c08cc78562c59082fc83b55b58747177510b7a70). Disable gtkdoc-check. Signed-off-by: Andreas Metzler <ametzler@bebt.de>
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
- Jul 15, 2018
-
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
- Jul 07, 2018
-
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
- Jun 21, 2018
-
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
- Jun 15, 2018
-
-
Nikos Mavrogiannopoulos authored
3.5.x: backport fixes in record layer decoding See merge request !663
-
- Jun 13, 2018
-
-
Nikos Mavrogiannopoulos authored
We don't support SHA512 in the 3.5.x branch. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Nikos Mavrogiannopoulos authored
These ciphersuites are deprecated since the introduction of AEAD ciphersuites, and are only necessary for compatibility with older servers. Since older servers already support hmac-sha1 there is no reason to keep these ciphersuites enabled by default, as they increase our attack surface. Relates #456 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Nikos Mavrogiannopoulos authored
This improves protection against lucky13-type of attacks when encrypt-then-mac is not in use. Resolves #456 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
- Jun 12, 2018
-
-
Nikos Mavrogiannopoulos authored
The existing lucky13 attack count-measures did not work correctly for SHA384 HMAC. The overall impact of that should not be significant as SHA384 is prioritized lower than SHA256 or SHA1 and thus it is not typically negotiated, unless a client prioritizes a SHA384 MAC, or a server only supports SHA384, and in both cases the vulnerability is only present if Encrypt-then-MAC (RFC7366) is unsupported by the peer. Relates #455 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
- May 26, 2018
-
-
We now use the ${ac_cv_sizeof_unsigned_long_int} variable which gives the numbers used in the host system, not the build one. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Nikos Mavrogiannopoulos authored
gcc7 is more verbose on fallthrough warnings, and this patch set cleans up the current state by making use of the attribute when necessary. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
Nikos Mavrogiannopoulos authored
The warnings it produces have little value in our use of string functions. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
That is, combine syntax-check with the static analyzers run. That provides more parallelism per build and reduces the overall time spent on a successful run. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Nikos Mavrogiannopoulos authored
This allows a more descriptive name to any downloaded artifacts. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
- Apr 25, 2018
-
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
Nikos Mavrogiannopoulos authored
That is, prevent re-using a static PIN if it has already been known to be wrong. Introduced tests of that behavior. Resolves #425 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
- Mar 27, 2018
-
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
- Mar 20, 2018
-
-
Nikos Mavrogiannopoulos authored
That enables the nettle version macros to operate. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-
- Mar 08, 2018
-
-
Nikos Mavrogiannopoulos authored
Resolves #406 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-
- Mar 07, 2018
-
-
Nikos Mavrogiannopoulos authored
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-