summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* win32: removed no longer used subdirNikos Mavrogiannopoulos2017-09-083-218/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* .gitlab-ci.yml: added warning cppcheck checksNikos Mavrogiannopoulos2017-09-081-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* .gitlab-ci.yml: removed initialization stepNikos Mavrogiannopoulos2017-09-081-21/+1
| | | | | | | | That is, combine syntax-check with the static analyzers run. That provides more parallelism per build and reduces the overall time spent on a successful run. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc: added README on FreeBSD CI setupNikos Mavrogiannopoulos2017-09-081-0/+70
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* .gitlab-ci.yml: added FreeBSD buildNikos Mavrogiannopoulos2017-09-081-21/+21
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: ip-utils: added include for FreeBSD compilationNikos Mavrogiannopoulos2017-09-081-0/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* .gitlab-ci.yml: enable more cppcheck testsNikos Mavrogiannopoulos2017-09-082-2/+6
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: updated tlsfuzzer to reduce rsa-pss failuresNikos Mavrogiannopoulos2017-09-081-0/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* crq: doc updatetmp-sign-with-default-algoNikos Mavrogiannopoulos2017-09-081-2/+16
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added unit test for gnutls_x509_crq_signNikos Mavrogiannopoulos2017-09-082-1/+165
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added verification checks into crl_apisNikos Mavrogiannopoulos2017-09-081-46/+80
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_x509_crl_verify: check next update field for presenceNikos Mavrogiannopoulos2017-09-081-1/+3
| | | | | | If not present do not attempt to utilize its value. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added verification check into crt_apisNikos Mavrogiannopoulos2017-09-081-0/+11
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added unit test for gnutls_x509_crt_signNikos Mavrogiannopoulos2017-09-082-0/+266
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc updateNikos Mavrogiannopoulos2017-09-081-0/+9
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_x509_crq_sign: undeprecateNikos Mavrogiannopoulos2017-09-083-8/+2
| | | | | | | After the updates of the function semantics, it is no longer needed to deprecate it. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_x509_crl_sign: undeprecateNikos Mavrogiannopoulos2017-09-083-9/+4
| | | | | | | After the updates of the function semantics, it is no longer needed to deprecate it. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_x509_crq_sign: no longer sign with SHA1Nikos Mavrogiannopoulos2017-09-081-1/+28
| | | | | | | | | | | | | Modify the behavior of the functions to sign with an appropriate to the public key hash algorithm. That although it modifies the semantics of the functions, it allows them to be useful even after SHA1 is considered insecure. In addition to that, the functions which accept a hash algorithm, will accept a null hash, which instructs the function to select a reasonable choice. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_x509_*_sign: no longer sign with SHA1Nikos Mavrogiannopoulos2017-09-083-7/+35
| | | | | | | | | | | | | Modify the behavior of the functions to sign with an appropriate to the public key hash algorithm. That although it modifies the semantics of the functions, it allows them to be useful even after SHA1 is considered insecure. In addition to that, the functions which accept a hash algorithm, will accept a null hash, which instructs the function to select a reasonable choice. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc: document the change of gnutls_x509_crt_signNikos Mavrogiannopoulos2017-09-081-3/+6
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: tolerate leaks in opensc-pkcs11 when presenttmp-fix-safe-renego-with-opensslNikos Mavrogiannopoulos2017-09-081-0/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc updateNikos Mavrogiannopoulos2017-09-071-0/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: added reproducer for safe renegotiation failure with opensslNikos Mavrogiannopoulos2017-09-071-1/+13
| | | | | | Relates #259 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* handshake: check SCSVs prior to resuming a sessionNikos Mavrogiannopoulos2017-09-073-7/+22
| | | | | | | | | | | This ensures that extensions which are also available as SCSVs are parsed prior to resuming a session. This resolves an issue with openssl sending SCSV instead of an extension for the safe renegotiation. Relates #259 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Use $(LIBDL) instead of hardcoding -ldl.Thomas Klausner2017-09-062-2/+2
|
* cmocka: require 1.0.1Nikos Mavrogiannopoulos2017-09-061-1/+1
| | | | | | | | | This prevents failures in test suite due to insufficient cmocka library version. Resolves #268 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tlslite-ng: updated to latest versionNikos Mavrogiannopoulos2017-09-061-0/+0
| | | | | | This addresses issues with RSA-PSS signing. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* cli-debug-args.def: Fix typoAvinash Sonawane2017-08-311-1/+1
| | | | Signed-off-by: Avinash Sonawane <rootkea@gmail.com>
* latex: handle the deprecated function mark [ci skip]Nikos Mavrogiannopoulos2017-08-291-0/+4
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* .gitlab-ci.yml: give more specific name to windows job artifacts [ci skip]Nikos Mavrogiannopoulos2017-08-291-0/+2
| | | | | | This allows a more descriptive name to any downloaded artifacts. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* tools: removed re-using PIN message when in non-verbose modeNikos Mavrogiannopoulos2017-08-291-3/+5
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* p11tool: print public or private key algorithmNikos Mavrogiannopoulos2017-08-291-3/+111
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls_pkcs11_privkey_generate3: doc update [ci skip]Nikos Mavrogiannopoulos2017-08-281-0/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: check whether generated private keys are marked privatetmp-p11tool-sign-with-rsa-pssNikos Mavrogiannopoulos2017-08-271-0/+8
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* tests: added unit test of p11tool with --set-pinNikos Mavrogiannopoulos2017-08-271-0/+20
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* tests: check whether generated or copied keys are marked as sensitiveNikos Mavrogiannopoulos2017-08-271-0/+15
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* updated auto-generated filesNikos Mavrogiannopoulos2017-08-272-137/+203
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* p11tool: allow obtaining PIN from command line on operationsNikos Mavrogiannopoulos2017-08-272-4/+10
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* certtool: eliminate global use of default_digNikos Mavrogiannopoulos2017-08-271-32/+32
| | | | | | | Use instead the cinfo->hash field which is already used by p11tool. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: krb5-test: disable valgrind mem leak checks for negative checksNikos Mavrogiannopoulos2017-08-271-0/+8
| | | | | | Resolves #192 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* doc updateNikos Mavrogiannopoulos2017-08-271-0/+9
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: check whether p11tool signing with RSA-PSS worksNikos Mavrogiannopoulos2017-08-271-0/+14
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* p11tool: allow signing with RSA-PSS and specifying an explicit hashNikos Mavrogiannopoulos2017-08-273-6/+59
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* sign_params_to_flags: moved to certtool-common.cNikos Mavrogiannopoulos2017-08-273-27/+29
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* certtool: hash_to_id moved to certtool-common.cNikos Mavrogiannopoulos2017-08-273-30/+37
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Fix some typos [ci skip]Andreas Metzler2017-08-272-5/+5
| | | | | | | occurence -> occurrence sucessful -> successful Signed-off-by: Andreas Metzler <ametzler@bebt.de>
* Fixed segmentation faults caused by accessing NULL pointers during mutex ↵Tom Vrancken2017-08-261-6/+6
| | | | | | operations. This bug was triggered while setting priorities. Signed-off-by: Tom Vrancken <email@tomvrancken.nl>
* p11tool: explicitly mark generated keys as sensitiveNikos Mavrogiannopoulos2017-08-261-1/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* tests: windows: warning: function declaration isn't a prototypeAlon Bar-Lev2017-08-261-1/+1
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* tests: warning: implicit declaration of functionAlon Bar-Lev2017-08-262-0/+2
| | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
View Lorry Controller Status