- 20 Sep, 2017 3 commits
-
-
-
If there is a -R flag in p11-kit-1.pc file, pkgconfig.sh test will still reference libidn2.pc, rather than proper source of the message. Also move the test for library flags before updating PKG_CONFIG_PATH. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Dmitry Eremin-Solenikov committed -
Since abe6a12b GnuTLS does not support libidn1. Switch pkgconfig.sh test to use libidn2. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Dmitry Eremin-Solenikov committed
-
- 19 Sep, 2017 6 commits
-
-
Tim Rühsen committed
-
It seems that gnutls does not accept records carrying handshake messages that contain less bytes than necessary to recover the handshake header. The TLS protocol allows that option, and other implementations seem to accept that fragmentation. Relates #272 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Nikos Mavrogiannopoulos committed -
This makes tlsfuzzer's test-x25519 detect the right error code on empty message. Previously this issue was masked by our refusal to accept 1-byte sized fragments. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed
-
- 18 Sep, 2017 3 commits
-
-
-
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
Tim Rühsen committed -
-
- 16 Sep, 2017 1 commit
-
-
- 13 Sep, 2017 6 commits
-
-
Since GnuTLS can no longer negotiate MD5, we utilize a byte stream of a connection which advertises MD5, and we make sure we detect the right error code for the rejection of MD5 signature. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
We no longer support them. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
That is, for the MD5-using algorithms, as well as for the DSA2 signature algorithms that were never really used with TLS 1.2. Kept DSA-SHA1 in order to be used by TLS 1.2 and legacy applications. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
TLS 1.3 requires that SHA224 MUST NOT be used, and given the fact that SHA224 was never widespread used in TLS 1.2, there is no reason to keep these algorithms at all. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed
-
- 08 Sep, 2017 21 commits
-
-
-
-
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
That is, combine syntax-check with the static analyzers run. That provides more parallelism per build and reduces the overall time spent on a successful run. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
-
-
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
If not present do not attempt to utilize its value. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
After the updates of the function semantics, it is no longer needed to deprecate it. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
After the updates of the function semantics, it is no longer needed to deprecate it. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Modify the behavior of the functions to sign with an appropriate to the public key hash algorithm. That although it modifies the semantics of the functions, it allows them to be useful even after SHA1 is considered insecure. In addition to that, the functions which accept a hash algorithm, will accept a null hash, which instructs the function to select a reasonable choice. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Modify the behavior of the functions to sign with an appropriate to the public key hash algorithm. That although it modifies the semantics of the functions, it allows them to be useful even after SHA1 is considered insecure. In addition to that, the functions which accept a hash algorithm, will accept a null hash, which instructs the function to select a reasonable choice. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed -
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Nikos Mavrogiannopoulos committed
-
