summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* libopts: include new files into disttmp-libopts-fixNikos Mavrogiannopoulos2019-12-022-1/+3
| | | | | | | | | This also includes --enable-local-libopts flag to make dist to catch future regressions. Resolves: #867 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* released 3.6.11gnutls_3_6_11Nikos Mavrogiannopoulos2019-12-011-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Write OCSP status request debug information to logfile, if setFiona Klute2019-12-011-1/+1
| | | | | | | The status information not part of the payload data and should be separate when using --logfile. Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
* Send log messages about loading client credentials to logfile, if setFiona Klute2019-12-011-2/+2
| | | | Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
* .travis.yml: explicitly install openssl to address build issueNikos Mavrogiannopoulos2019-11-291-3/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* NEWS: documented AES-CFB8 fix [ci skip]Nikos Mavrogiannopoulos2019-11-291-0/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* bumped versionNikos Mavrogiannopoulos2019-11-293-3/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* .travis.yml: update submodules [ci skip]Nikos Mavrogiannopoulos2019-11-291-1/+1
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* base64: minor improvements in OOM handling and test suiteNikos Mavrogiannopoulos2019-11-292-0/+8
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Merge branch 'tmp-fix-base64' into 'master'Nikos Mavrogiannopoulos2019-11-283-8/+15
|\ | | | | | | | | | | | | gnutls_base64_decode2() succeeds decoding the empty string Closes #834 See merge request gnutls/gnutls!1124
| * gnutls_base64_decode2() succeeds decoding the empty stringNikos Mavrogiannopoulos2019-11-283-8/+15
|/ | | | | | | | | This is a behavioral change of the API but it conforms to the RFC4648 expectations. Resolves: #834 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Revert "tests: ignore datefudge-check check when running on command line"Nikos Mavrogiannopoulos2019-11-271-3/+3
| | | | | | | | This commit was breaking CI on FreeBSD systems. This reverts commit 1fe4f8e289d666979618fbb909983ac05aad11ac. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Merge branch 'tmp-fix-crl-dist-points' into 'master'Nikos Mavrogiannopoulos2019-11-276-13/+60
|\ | | | | | | | | | | | | Add CRL distribution points to non-self-signed certificates Closes #765 See merge request gnutls/gnutls!1123
| * certtool: always include the CRL distribution points on CAsNikos Mavrogiannopoulos2019-11-255-10/+57
| | | | | | | | | | | | | | | | | | Previously we would omit the CRL distribution points from a non-self signed CA certificate, even if contained in the template. Resolves: #765 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * tests: ignore datefudge-check check when running on command lineNikos Mavrogiannopoulos2019-11-251-3/+3
|/ | | | | | | That allows running the tests individually without make or setting top_builddir variable. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Merge branch 'minimal-check' into 'master'Dmitry Eremin-Solenikov2019-11-235-5/+23
|\ | | | | | | | | Run tests under minimal configuration See merge request gnutls/gnutls!1122
| * tests: make tests pass with disabled GOST algorithmsDmitry Eremin-Solenikov2019-11-224-5/+22
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * gitlab-ci: enable running make check on minimal buildDmitry Eremin-Solenikov2019-11-221-0/+1
|/ | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Merge branch 'wip-cross-compilation' into 'master'Tim Rühsen2019-11-153-2/+11
|\ | | | | | | | | Fix cross-compilation of the Guile bindings See merge request gnutls/gnutls!1120
| * guile: Silence auto-compilation warning for 'guild'.Ludovic Courtès2019-11-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | Reported by Helmut Grohne <helmut@subdivi.de> and Andreas Metzler <ametzler@bebt.de> at <https://bugs.debian.org/943905>. * guile/Makefile.am (%.go): Pass "GUILE_AUTO_COMPILE=0" to avoid warnings about 'guild' needing to be compiled. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
| * guile: Do not attempt to load shared object when cross-compiling.Ludovic Courtès2019-11-113-2/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Reported by Helmut Grohne <helmut@subdivi.de> and Andreas Metzler <ametzler@bebt.de> at <https://bugs.debian.org/943905>. * configure.ac: Add 'CROSS_COMPILING' conditional. * guile/Makefile.am (CROSS_COMPILING_VARIABLE): New variable. (%.go): Use it. * guile/modules/gnutls.in <top level>: Do not call 'load-extension' when "GNUTLS_GUILE_CROSS_COMPILING" is defined. Signed-off-by: Ludovic Courtès <ludo@gnu.org>
* | Merge branch 'fix-coverity' into 'master'Nikos Mavrogiannopoulos2019-11-121-1/+3
|\ \ | |/ |/| | | | | vko: fix possible unitilized scalar access See merge request gnutls/gnutls!1118
| * vko: fix possible unitilized scalar accessDmitry Eremin-Solenikov2019-11-111-1/+3
|/ | | | | | | | | Fix error path in _gnutls_gost_keytrans_decrypt. If _asn1_strict_der_decode() fails, cleanup path will try to gnutls_pk_params_release(&pub), which will access unitialized pub variable. Fix by deleting asn1 sctructure directly. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* Merge branch 'gost-split-2' into 'master'Dmitry Eremin-Solenikov2019-11-0823-7/+1282
|\ | | | | | | | | GOST key exchange support See merge request gnutls/gnutls!1097
| * Add support for VKO GOST key exchangeDmitry Eremin-Solenikov2019-11-086-2/+336
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * groups: add function to return group by curveDmitry Eremin-Solenikov2019-11-072-0/+22
| | | | | | | | | | | | | | Two GOST groups will have two curves attached. Add function to retrieve group by curve, rather than by group id. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * ecc: define curve->group relationshipDmitry Eremin-Solenikov2019-11-072-0/+19
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Declare groups corresponding to GOST curvesDmitry Eremin-Solenikov2019-11-073-0/+74
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * Add GOST key transport supportDmitry Eremin-Solenikov2019-11-078-1/+522
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * nettle: add support for GOST key derivationDmitry Eremin-Solenikov2019-11-071-0/+51
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * _gnutls_pk_derive: add argument for nonceDmitry Eremin-Solenikov2019-11-073-2/+14
| | | | | | | | | | | | | | GOST VKO key derivation needs another opaque argument (called UKM). Add an argument to _gnutls_pk_derive to accomodate that keying material. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * nettle/gost: add support for GOST VKO algorithmDmitry Eremin-Solenikov2019-11-073-1/+86
| | | | | | | | | | | | GOST VKO is a variant of ECDHE algorithm. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * nettle/gost: provide GOST keywrapping supportDmitry Eremin-Solenikov2019-11-073-1/+158
| | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* | Merge branch 'tmp-cfb8-fixes' into 'master'Daiki Ueno2019-11-085-11/+136
|\ \ | | | | | | | | | | | | nettle: backport fixes to cfb8_decrypt See merge request gnutls/gnutls!1117
| * | .gitlab-ci.yml: bump configure cache versiontmp-cfb8-fixesDaiki Ueno2019-11-081-1/+1
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | crypto-selftests: test CFB8 ciphers with different chunksizesGünther Deschner2019-11-081-6/+118
| | | | | | | | | | | | | | | Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | nettle: use included CFB8 implementation if nettle is 3.5Daiki Ueno2019-11-082-0/+11
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | nettle: backport fixes to cfb8_decryptDaiki Ueno2019-11-061-4/+6
| | | | | | | | | | | | | | | | | | | | | cfb8: don't truncate output IV if input is shorter than block size: https://git.lysator.liu.se/nettle/nettle/commit/f4a9c842621baf5d71aa9cc3989851f44dc46861 Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | | Merge branch 'prf-crash' into 'master'Dmitry Eremin-Solenikov2019-11-072-0/+17
|\ \ \ | |/ / |/| | | | | | | | prf: don't crash when called before handshake completion See merge request gnutls/gnutls!1116
| * | prf: don't crash when called before handshake completionMiroslav Lichvar2019-11-062-0/+17
| |/ | | | | | | | | | | | | If a gnutls_prf*() function is called before the handshake is completed, return GNUTLS_E_INVALID_REQUEST instead of crashing. Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
* | gnutls_privkey_sign_data2: removed unnecessary text [ci skip]Nikos Mavrogiannopoulos2019-11-051-13/+9
|/ | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Merge branch 'crt-vrfy-final' into 'master'Dmitry Eremin-Solenikov2019-11-023-1/+50
|\ | | | | | | | | tls-sig: reverse bytes in TLS signatures for GOST signatures See merge request gnutls/gnutls!1114
| * tls-sig: reverse bytes in TLS signatures for GOST signaturesDmitry Eremin-Solenikov2019-10-313-1/+50
| | | | | | | | | | | | | | | | | | | | GOST TLS suites have one peculiarity: CertificateVerify message uses byte order opposite to the rest of GOST signature usage (BE instead of LE). So, reverse byte order in signatures in TLS code. For now this applies only to TLS 1.2 code. GOST TLS 1.3 ciphersuites will also follow this approach. Legacy TLS 1.0 ciphersuites also had this peculiarity. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* | Merge branch 'tmp-update-ci-to-f31' into 'master'Nikos Mavrogiannopoulos2019-11-0258-1536/+2335
|\ \ | | | | | | | | | | | | Update CI to F31 See merge request gnutls/gnutls!1113
| * | .gitlab-ci.yml: do not inline strcmp in valgrind buildNikos Mavrogiannopoulos2019-11-011-2/+3
| | | | | | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| * | .gitlab-ci.yml: removed unnecessary use of --enable-valgrind-testsNikos Mavrogiannopoulos2019-11-011-2/+2
| | | | | | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| * | .gitlab-ci.yml: updated CI environment to F31Nikos Mavrogiannopoulos2019-10-301-1/+1
| | | | | | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| * | tests: include config.h in rawpk-api.cNikos Mavrogiannopoulos2019-10-301-0/+4
| | | | | | | | | | | | | | | | | | This seems to have impacted windows compilation. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * | tests: global-init-override do not run in windowsNikos Mavrogiannopoulos2019-10-301-2/+3
| | | | | | | | | | | | | | | | | | It cannot be compiled in f30. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| * | updated to libopts 5.18.16Nikos Mavrogiannopoulos2019-10-3055-1529/+2322
| | | | | | | | | | | | | | | | | | | | | This fixes compilation in Fedora 30 which ships with this version of autogen. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
View Lorry Controller Status