| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|\
| |
| |
| |
| | |
Use inet_ntop() from gnulib
See merge request gnutls/gnutls!912
|
|/
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|\
| |
| |
| |
| | |
build: pass NETTLE_LIBS together with HOGWEED_LIBS
See merge request gnutls/gnutls!903
|
| |
| |
| |
| |
| |
| |
| | |
libhogweed might depend on exact non-system-wide nettle, so let's pass
NETTLE_LIBS flags together when using HOGWEED_LIBS.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\ \
| | |
| | |
| | |
| | | |
build: do not generate mech-list.h if p11-kit is not available
See merge request gnutls/gnutls!904
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
Compiling GnuTLS with no p11-kit installed will result in a serie of
warnings during build time because mech-list.h will be generated even if
pkcs11 tool compilation is disabled. Move mech-list.h generation to
happen only if pkcs11 is enabled, thus removing these warnings.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Amend error code when SNI name is not accepted
Closes #683
See merge request gnutls/gnutls!891
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
An illegal/disallowed SNI server name previously generated
the misleading message "An illegal parameter has been received.".
This commit changes it to
"A disallowed SNI server name has been received.".
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|\ \
| | |
| | |
| | |
| | | |
lib/nettle: replace nettle-stdint.h with just stdint.h
See merge request gnutls/gnutls!901
|
| |/
| |
| |
| |
| |
| |
| | |
Nettle library is going to drop nettle-stdint.h. Replace this include
with with just <stdint.h>.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\ \
| |/
|/|
| |
| | |
Fix 'make glimport' and update CONTRIBUTING.md
See merge request gnutls/gnutls!900
|
|/
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|\
| |
| |
| |
| | |
Fix unused var warning in guile/src/core.c
See merge request gnutls/gnutls!895
|
| |
| |
| |
| | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|\ \
| | |
| | |
| | |
| | | |
build: detect previous supported guile
See merge request gnutls/gnutls!898
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A recent change in the m4 macro of guile enforces latest guile:
---
AC_DEFUN([GUILE_PROGS],
[_guile_required_version="m4_default([$1], [$GUILE_EFFECTIVE_VERSION])"
if test -z "$_guile_required_version"; then
_guile_required_version=2.2
fi
---
The result:
---
checking for guile-snarf... /usr/bin/guile-snarf
checking for guild... /usr/bin/guild
checking for guile-2.2... no
checking for guile2.2... no
checking for guile-2... no
checking for guile2... no
checking for guile... /usr/bin/guile
checking for Guile version >= 2.2... configure: error: Guile 2.2 required, but 2.0.14 found
---
Probably best to specify the supported version explicitly when calling
GUILE_PROGS, to keep existing behavior calling the GUILE_PKG detects the
existing packages.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
|
|\ \
| |/
|/|
| |
| | |
.gitignore: add test files
See merge request gnutls/gnutls!899
|
|/
|
|
| |
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
|
|\
| |
| |
| |
| | |
Fix abi-check failure
See merge request gnutls/gnutls!896
|
|/
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
| |
This avoids errors due to files pre-existing but not being
writable.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
|
|
| |
That's because guile.m4 from previous releases has issues
with the latest version.
Resolves: #631
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
| |
This makes the behavior of this priority string option well-defined
even when TLS1.3 is enabled.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|\
| |
| |
| |
| | |
The flag %NO_EXTENSIONS is disabling extension support while being functional
See merge request gnutls/gnutls!870
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
That is, the %NO_EXTENSIONS option is the only documented way to disable
extensions completely from a session. Clarify that message, mention that
its behavior is undefined when combine with TLS1.3, and make sure that it
is functional. The latter makes sure that safe renegotiation and extended
master secret extensions remain disabled when this flag is given.
That simplifies testing certain scenarios under TLS1.0 or TLS1.1 when
no extensions must be used.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|\ \
| | |
| | |
| | |
| | | |
certtool.1: fix formatting
See merge request gnutls/gnutls!892
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
Apostroph at start of a line is a control character in manpages, avoid
it. Also drop wrong indent.
See https://bugs.debian.org/920215
Signed-off-by: Andreas Metzler <ametzler@bebt.de>
|
|\ \
| | |
| | |
| | |
| | | |
Fix record_size_limit extension handling when resuming
See merge request gnutls/gnutls!886
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In a resuming session record_size_limit is always renegotiated, and
thus the server should parse the extension always.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
.travis.yml: make macosx builds compile again
See merge request gnutls/gnutls!890
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
They are not necessary for building and testing the basic
test suite.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This replaces LTLIBUNISTRING with LIBUNISTRING in Makefile.am.
The former is no longer produced by configure.ac.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
gnutls-serv: improvements in UDP server
Closes #632
See merge request gnutls/gnutls!863
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This modifies the server to deinitialize the session after use
(avoiding leaks), and to only send the hello verify request when
a client hello is seen.
This also adds a basic unit test of gnutls-serv with the --udp option.
Resolves #632
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|\ \ \ \
| |_|/ /
|/| | |
| | | |
| | | |
| | | |
| | | | |
set_ciphersuite_list(): Use linear approach to cleanup priorities
Closes #679
See merge request gnutls/gnutls!889
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
configure.ac: check if libatomic is needed
See merge request gnutls/gnutls!878
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
gnutls source code uses the C++11 <atomic> functionality since
https://github.com/gnutls/gnutls/commit/7978a733460f92b31033affd0e487c86d66c643d,
which internally is implemented using the __atomic_*() gcc built-ins
On certain architectures, the __atomic_*() built-ins are implemented in
the libatomic library that comes with the rest of the gcc runtime. Due
to this, code using <atomic> might need to link against libatomic,
otherwise one hits build issues such as:
../lib/.libs/libgnutls.so: undefined reference to `__atomic_fetch_sub_4'
on an architecture like SPARC.
To solve this, a configure.ac check is added to know if we need to
link against libatomic or not. The library is also added to gnutls.pc.
Fixes:
- http://autobuild.buildroot.org/results/6c749bd592ceffeacadd2ab570d127936cce64b2
- http://autobuild.buildroot.org/results/30aa83d3cf3482af8a59250c196c85f4a278d343
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | |
| | | | |
| | | | |
| | | | |
| | | | | |
tests: added tests for multiple ticket reception
Closes #511
See merge request gnutls/gnutls!887
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This introduces tests for the reception (parsing) of multiple tickets
by a gnutls client. It uses the tlslite-ng server because unlike a gnutls
server, tlslite-ng does send multiple tickets in a single record. That
way we test that we can parse both ways of sending tickets.
Resolves: #511
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
gnutls_pkcs11_privkey_import_url: enable RSA-PSS only when an RSA key can sign
Closes #667
See merge request gnutls/gnutls!884
|