| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
This also includes --enable-local-libopts flag to make dist
to catch future regressions.
Resolves: #867
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
| |
The status information not part of the payload data and should be
separate when using --logfile.
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
|
|
|
|
| |
Signed-off-by: Fiona Klute <fiona.klute@gmx.de>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|\
| |
| |
| |
| |
| |
| | |
gnutls_base64_decode2() succeeds decoding the empty string
Closes #834
See merge request gnutls/gnutls!1124
|
|/
|
|
|
|
|
|
|
| |
This is a behavioral change of the API but it conforms to
the RFC4648 expectations.
Resolves: #834
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
This commit was breaking CI on FreeBSD systems.
This reverts commit 1fe4f8e289d666979618fbb909983ac05aad11ac.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|\
| |
| |
| |
| |
| |
| | |
Add CRL distribution points to non-self-signed certificates
Closes #765
See merge request gnutls/gnutls!1123
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously we would omit the CRL distribution points from a non-self
signed CA certificate, even if contained in the template.
Resolves: #765
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|/
|
|
|
|
|
| |
That allows running the tests individually without make or setting
top_builddir variable.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|\
| |
| |
| |
| | |
Run tests under minimal configuration
See merge request gnutls/gnutls!1122
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|/
|
|
| |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\
| |
| |
| |
| | |
Fix cross-compilation of the Guile bindings
See merge request gnutls/gnutls!1120
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reported by Helmut Grohne <helmut@subdivi.de>
and Andreas Metzler <ametzler@bebt.de>
at <https://bugs.debian.org/943905>.
* guile/Makefile.am (%.go): Pass "GUILE_AUTO_COMPILE=0" to avoid
warnings about 'guild' needing to be compiled.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Reported by Helmut Grohne <helmut@subdivi.de>
and Andreas Metzler <ametzler@bebt.de>
at <https://bugs.debian.org/943905>.
* configure.ac: Add 'CROSS_COMPILING' conditional.
* guile/Makefile.am (CROSS_COMPILING_VARIABLE): New variable.
(%.go): Use it.
* guile/modules/gnutls.in <top level>: Do not call 'load-extension'
when "GNUTLS_GUILE_CROSS_COMPILING" is defined.
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
|
|\ \
| |/
|/|
| |
| | |
vko: fix possible unitilized scalar access
See merge request gnutls/gnutls!1118
|
|/
|
|
|
|
|
|
|
| |
Fix error path in _gnutls_gost_keytrans_decrypt. If
_asn1_strict_der_decode() fails, cleanup path will try to
gnutls_pk_params_release(&pub), which will access unitialized pub
variable. Fix by deleting asn1 sctructure directly.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\
| |
| |
| |
| | |
GOST key exchange support
See merge request gnutls/gnutls!1097
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
Two GOST groups will have two curves attached. Add function to retrieve
group by curve, rather than by group id.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
GOST VKO key derivation needs another opaque argument (called UKM).
Add an argument to _gnutls_pk_derive to accomodate that keying material.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| |
| |
| | |
GOST VKO is a variant of ECDHE algorithm.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\ \
| | |
| | |
| | |
| | | |
nettle: backport fixes to cfb8_decrypt
See merge request gnutls/gnutls!1117
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| | |
| | |
| | |
| | | |
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
cfb8: don't truncate output IV if input is shorter than block size:
https://git.lysator.liu.se/nettle/nettle/commit/f4a9c842621baf5d71aa9cc3989851f44dc46861
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
prf: don't crash when called before handshake completion
See merge request gnutls/gnutls!1116
|
| |/
| |
| |
| |
| |
| |
| | |
If a gnutls_prf*() function is called before the handshake is completed,
return GNUTLS_E_INVALID_REQUEST instead of crashing.
Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
|
|/
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|\
| |
| |
| |
| | |
tls-sig: reverse bytes in TLS signatures for GOST signatures
See merge request gnutls/gnutls!1114
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
GOST TLS suites have one peculiarity: CertificateVerify message uses
byte order opposite to the rest of GOST signature usage (BE instead of
LE). So, reverse byte order in signatures in TLS code. For now this
applies only to TLS 1.2 code. GOST TLS 1.3 ciphersuites will also follow
this approach. Legacy TLS 1.0 ciphersuites also had this peculiarity.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|\ \
| | |
| | |
| | |
| | | |
Update CI to F31
See merge request gnutls/gnutls!1113
|
| | |
| | |
| | |
| | | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
This seems to have impacted windows compilation.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| | |
| | |
| | |
| | |
| | |
| | | |
It cannot be compiled in f30.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes compilation in Fedora 30 which ships with this
version of autogen.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|