| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |\ \ \
| |_|/
|/| |
| | |
| | | |
nettle: Support sysctl(KERN_ARND) for random number generation on NetBSD.
See merge request gnutls/gnutls!1109
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Nia Alarie <nia@NetBSD.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This system call will never block and does not require a file
descriptor to be opened. It provides an endless stream of random
numbers from the kernel's ChaCha20-based random number generator.
Signed-off-by: Nia Alarie <nia@NetBSD.org>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
doc: describe how to make gnutls-cli quiet for pipe usage
Closes #845
See merge request gnutls/gnutls!1108
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
|
| |\ \ \
| |_|/
|/| |
| | |
| | | |
lib: simplify uint24 handling
See merge request gnutls/gnutls!1107
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Drop separate uint24 type and functions to convert between it and
uint32_t. This makes _gnutls_read/_write_uint24 simpler and easier to
understand. And with faster assembly code.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
ecc: fix curve sizes for TC26-256 gost curves
See merge request gnutls/gnutls!1110
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
Fix curve size being incorrectly set to 64 instead of 32 for several
GOST curves.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |\ \ \
| |/ /
|/| |
| | |
| | | |
serv: move closing TABLE tag after actual table end
See merge request gnutls/gnutls!1111
|
| |/ /
| |
| |
| |
| |
| | |
Move closing TABLE tag after printing information on cipher and MAC.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |\ \
| |/
| |
| |
| | |
lib: drop gnutls_uint64 usage as sequence number
See merge request gnutls/gnutls!1102
|
| |/
|
|
|
|
|
|
| |
GnuTLS is depending already on uint64_t being a properly defined type.
So there is no need to have a special byte-array type for 8-byte
integers. Use uint64_t instead, thus simplifying a code quite heavily.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |\
| |
| |
| |
| | |
Support GOST cipher suite MAC calculation
See merge request gnutls/gnutls!1098
|
| | |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
GOST ciphersuites require that MAC is calculated over _all_ packets,
rather than just current packet. Add flag to auth_cipher_hd_st
controlling this behaviour.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| | |
| |
| |
| |
| |
| | |
Replace bools in cipher_entry_st with flags field.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |\ \
| | |
| | |
| | |
| | | |
Split CertVerify code. Switch sign_entry_st to use flags
See merge request gnutls/gnutls!1103
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| | |/
| |
| |
| |
| |
| |
| | |
For the symmetry split the TLS 1.[01] CertificateVerify code, so that
main functions work as pure multiplexors.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |\ \
| |/
|/|
| |
| | |
lib: pubkey vs TLS signature compatibility for GOST algorithms
See merge request gnutls/gnutls!1101
|
| | |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |\ \
| |/
|/|
| |
| | |
src: fix noreturn-related warning
See merge request gnutls/gnutls!1100
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
Recent autogen started adding '#include <stdnoreturn.h>' into -args.h
files. However in GnuTLS tools code this results in the following
warnings, because stdnoreturn.h unconditionally redefines 'noreturn' to
_Noreturn:
warning: '_Noreturn' attribute directive ignored
Use __noreturn__ attribute instead as does Gnulib.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |\
| |
| |
| |
| | |
Allow using implicit IV for stream ciphers with TLS
See merge request gnutls/gnutls!1099
|
| | |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |\ \
| | |
| | |
| | |
| | | |
prf: add Streebog PRF support
See merge request gnutls/gnutls!1088
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add support and tests for PRF generated using both Streebog versions.
This is necessary for adding GOST TLS ciphersuites support.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |\ \ \
| |_|/
|/| |
| | |
| | | |
Fix coverity in lib/
See merge request gnutls/gnutls!1092
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fixes Coverity issue 1361513
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fixes Coverity issue 1454646
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fixes Coverity issue 1454647
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fixes Coverity issue 1454649
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fixes Coverity issue 1454670
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fixes Coverity issue 1454652
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fixes Coverity issue 1454651
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes Coverity issue 1454674
Fixes Coverity issue 1454658
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |/ /
| |
| |
| | |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |\ \
| | |
| | |
| | |
| | | |
.gitlab-ci.yml: removed coverity build [ci skip]
See merge request gnutls/gnutls!1095
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The coverity run is subject to several restrictions by the service,
and thus it is not really useful in the main CI runs as it cannot reasonably
be run on MRs or master. As such we simplify the main CI file by moving the
coverity to the coverage sub-project and running it weekly.
The new location is at:
https://gitlab.com/gnutls/coverage
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |\ \
| | |
| | |
| | |
| | |
| | |
| | | |
session tickets: parse extension during session resumption
Closes #841
See merge request gnutls/gnutls!1087
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It is possible for a server to send a new session ticket during
TLS1.2 resumption. To be able to parse it as client we need to
check the extension during resumption as well.
Resolves: #841
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
README.md: document lscpu/util-linux dependency for make check
Closes #764
See merge request gnutls/gnutls!1093
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Closes #764
Signed-off-by: Ricardo M. Correia <rcorreia@wizy.org>
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
P11tool improvements
See merge request gnutls/gnutls!1071
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Verify some of PKCS#11 mechanism flags.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Print key size range and flags in mechanisms list.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
