Commits · master · gnutls / GnuTLS

10 Oct, 2018 1 commit
- Merge branch 'tmp-fix-eina-cpu-on-solaris' into 'master' · 20abfc36
  
  Nikos Mavrogiannopoulos authored Oct 10, 2018
```
Fix check for GNU C compiler in eina_cpu.c

See merge request !772
```
  20abfc36
09 Oct, 2018 3 commits
- Merge branch 'tmp-fix-gen-mech-list-on-solaris' into 'master' · fd116ba4
  
  Tim Rühsen authored Oct 09, 2018
```
Fix gen-mech-list.sh on Solaris / Bourne Shell

See merge request !771
```
  fd116ba4
- Fix check for GNU C compiler in eina_cpu.c · b433d140
  Tim Rühsen authored Oct 09, 2018
```
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
```
  b433d140
- Fix gen-mech-list.sh on Solaris / Bourne Shell · 0b278f6d
  Tim Rühsen authored Oct 09, 2018
```
`cmd` is more compatible than $(cmd).

The shell is "sh (Schily Bourne Shell) version 2013/01/14 a+ (i386-pc-solaris2.9)"
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
```
  0b278f6d
08 Oct, 2018 4 commits

Merge branch 'tmp-check-prereqs' into 'master' · 23f35e73

Nikos Mavrogiannopoulos authored Oct 08, 2018
```
Let bootstrap check for gperf, makeinfo, rsync, autopoint

Closes #582

See merge request !769
```
23f35e73

Merge branch 'tmp-fix-584' into 'master' · aa7075b4

Nikos Mavrogiannopoulos authored Oct 08, 2018

Skip tests/tls13/prf.c if visibility 'protected' doesn't work

Closes #584

See merge request !770

aa7075b4

Let bootstrap check for gperf and autopoint · eed65212
Tim Rühsen authored Oct 05, 2018
```
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
```
eed65212

Skip tests/tls13/prf.c if visibility 'protected' doesn't work · 7095d557

Tim Rühsen authored Oct 08, 2018

Overriding gnutls_rnd() with visibility 'protected' doesn't always work.
E.g. LDFLAGS="-Wl,-Bsymbolic-functions" seems to have priority on
Debian derived systems.

Fixes #584Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

7095d557

06 Oct, 2018 1 commit

tests: added unit test for gnutls_session_set_id · 42cc349f

Nikos Mavrogiannopoulos authored Oct 06, 2018

This adds a unit and a negative test which ensures that
a client will not be tricked in performing resumption when
this function is used.

Resolves #585Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

42cc349f

04 Oct, 2018 2 commits
- doc: fix use of gnutls_ext_raw_parse callback [ci skip] · b677f1f3
  
  Nikos Mavrogiannopoulos authored Oct 04, 2018
```
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
```
  b677f1f3
- Merge branch 'tmp-fix-priority-set-call' into 'master' · cfb9856a
  
  Nikos Mavrogiannopoulos authored Oct 04, 2018
```
gnutls_priority_set: do not override version on handshake

Closes #580

See merge request !765
```
  cfb9856a
03 Oct, 2018 2 commits

gnutls_priority_set: do not override version on handshake · 368c74fa

Nikos Mavrogiannopoulos authored Sep 30, 2018

When handshake is in progress, do not override the default TLS
version in the session. This allows gnutls_priority_set to be called
in the post_client_hello function without breaking the handshake.

Resolves #580Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

368c74fa

Merge branch 'tmp-check-iv-size' into 'master' · df545da1

Nikos Mavrogiannopoulos authored Oct 03, 2018
```
encrypt_packet_tls13: added explicit check on iv_size bounds

See merge request !767
```
df545da1

02 Oct, 2018 1 commit

encrypt_packet_tls13: added explicit check on iv_size bounds · 24bf16fd

Nikos Mavrogiannopoulos authored Oct 02, 2018

Although there are no ciphers defined for TLS1.3 which would overflow
the assumed bound, an explicit check is necessary to avoid that code
be a liability in future updates.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

24bf16fd

01 Oct, 2018 2 commits
- privkey_pkcs8: added reference for validation parameters OID [ci skip] · e1f442f1
  
  Nikos Mavrogiannopoulos authored Oct 01, 2018
```
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
```
  e1f442f1
- NEWS: corrected typo [ci skip] · 5d787202
  
  Nikos Mavrogiannopoulos authored Oct 01, 2018
```
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
```
  5d787202
29 Sep, 2018 2 commits
- Merge branch 'tmp-lib-c-strcase' into 'master' · 990ec00b
  
  Nikos Mavrogiannopoulos authored Sep 29, 2018
```
Use ASCII version of strcasecmp() in library code

Closes #570

See merge request !764
```
  990ec00b
- Merge branch 'tlsfuzzer-ssl3' into 'master' · 487837aa
  
  Nikos Mavrogiannopoulos authored Sep 29, 2018
```
tlsfuzzer: add missing script

See merge request !759
```
  487837aa
28 Sep, 2018 2 commits
- Merge branch 'tmp-fix-buffer-t' into 'master' · 17581637
  
  Nikos Mavrogiannopoulos authored Sep 28, 2018
```
Make tlsproxy/buffer.c compilable by gcc 4.4.7

Closes #577

See merge request !763
```
  17581637
- Merge branch 'tmp-cleanup-in-docs' into 'master' · 021688d2
  
  Tim Rühsen authored Sep 28, 2018
```
manpage generation cleanup

See merge request !760
```
  021688d2
27 Sep, 2018 2 commits

Use ASCII version of strcasecmp() in library code · 65f0988f

Tim Rühsen authored Sep 27, 2018

strcasecmp() has side effects in some locales.
What we really need is c_strcasecmp() from Gnulib for comparing
ASCII strings.

Fixes #570Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

65f0988f

.gitlab-ci.yml: reenable SSLv2 hello support for SSL-3.0.Fedora.x86_64 · c6b5e291

Dmitry Eremin-Solenikov authored Sep 27, 2018

Reenable SSLv2 hello support to let several SSL-3.0 tls-fuzzer tests
pass.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

c6b5e291

26 Sep, 2018 16 commits

tlsfuzzer: disable SSL3.0 in export-ciphers-rejected test · 8ec89fc6

Dmitry Eremin-Solenikov authored Sep 26, 2018

These tests will fail with SSL3.0-enabled gnutls-serv unless --ssl3
option was passed. We will run these tests anyway from
gnutls-nocert-ssl3.json, so disable them here.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

8ec89fc6

tlsfuzzer: support running from separate build dir · d5a3e18f

Dmitry Eremin-Solenikov authored Sep 26, 2018

Adapt tls-fuzzer-common.sh script to be able to run tests in case
srcdir != builddir.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

d5a3e18f

.gitlab-ci.yml: reenable full test suite in SSL-3.0/SHA-1 case · 4eb09b0b

Dmitry Eremin-Solenikov authored Sep 25, 2018

Reenable full test suite run in SSL-3.0/SHA-1 CI test case to let us
catch issues in legacy code.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

4eb09b0b

tlsfuzzer: add missing script · 9165a739

Dmitry Eremin-Solenikov authored Sep 24, 2018

Makefile.am refers tls-fuzzer-nocert-ssl3.sh script, which is missing
in the source tree. Add it back.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

9165a739

tlsfuzzer: move common code to separate file · f16277c2

Dmitry Eremin-Solenikov authored Sep 26, 2018

Move common code to tls-fuzzer-common.sh to ease further adjustments.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

f16277c2

tlsfuzzer: use random port for tls-fuzzer-nocert test · 10364924

Dmitry Eremin-Solenikov authored Sep 26, 2018

Like the rest of tls-fuzzer tests, pass "-p PORT" to subtests, allowing
usage of random port for server.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

10364924

tlsfuzzer: use random port for tls-fuzzer-cert test · 444c729e

Dmitry Eremin-Solenikov authored Sep 26, 2018

Like the rest of tls-fuzzer tests, pass "-p PORT" to subtests, allowing
usage of random port for server.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

444c729e

Merge branch 'tmp-eliminate-dead-code' into 'master' · c9c4523e

Nikos Mavrogiannopoulos authored Sep 26, 2018
```
_gnutls_check_key_purpose: eliminated dead code

Closes #573

See merge request !762
```
c9c4523e
Make tlsproxy/buffer.c compilable by gcc 4.4.7 · 706b1811
Tim Rühsen authored Sep 26, 2018
```
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
```
706b1811
_gnutls_check_key_purpose: eliminated dead code · 8518dea5
Nikos Mavrogiannopoulos authored Sep 26, 2018
```
Resolves #573Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
```
8518dea5

manpages: do not generate any manpages for openpgp.h · 0d0e0bd8

Nikos Mavrogiannopoulos authored Sep 25, 2018

This API is no longer functional and is only available as stubs
for backwards binary compatibility.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

0d0e0bd8

manpage generation: cleanup · b5273533

Nikos Mavrogiannopoulos authored Sep 25, 2018

Recognize parameters of the form unsigned char name[8], and
do not print obscure warnings. Furthermore gdoc will fail
when a function parameter is not described or when no
function is found. This addresses the generation of undetected
errors in generated manpages.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

b5273533

doc: fixed missing function and enumeration parameters · 7a2f81e1
Nikos Mavrogiannopoulos authored Sep 25, 2018
```
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
```
7a2f81e1
tests: removed unused file · 69b2acc4
Nikos Mavrogiannopoulos authored Sep 25, 2018
```
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
```
69b2acc4
Merge branch 'tmp-fix-mech-list-generation' into 'master' · 815c17ed

Dmitry Eremin-Solenikov authored Sep 26, 2018
```
mech-list.h: generate unique entries

See merge request !761
```
815c17ed
mech-list.h: generate unique entries · 1cc4a632
Nikos Mavrogiannopoulos authored Sep 25, 2018
```
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
```
1cc4a632

24 Sep, 2018 2 commits

released 3.6.4 · 1c0b4baa

Nikos Mavrogiannopoulos authored Sep 24, 2018
```
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
```
1c0b4baa

tests: pkcs12-utf8 depend on bash · fefb3b43

Nikos Mavrogiannopoulos authored Sep 21, 2018

The NetBSD default shell cannot handle the UTF-8 strings we use
in that script.

Resolves #544Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

fefb3b43