| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
Relates #158
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
Relates #158
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This prevents buggy applications from receiving non-authenticated data
that may have arrived during the handshake.
Relates #158
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
| |
That prevents buggy applications from transmitting sensitive data during
handshake.
Resolves #158
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
This mostly affects virtual systems. Reported by Frank Chen.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
| |
This amends 49be4f7b82eba2363bb8d4090950dad976a77a3a
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
| |
Also added section explaining why OpenPGP is being deprecated.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is to prevent new applications using that functionality.
As the OpenPGP certificate for HTTPS (or TLS in general) never got
any traction, GnuTLS is the only implementation supporting it,
and the quality of the OpenPGP supporting code is questionable,
we deprecate that code with the intention to drop it completely
when an opportunity is given.
Relates #102
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
|
|
|
|
| |
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
|
|
|
|
|
|
| |
building with --disable-tools should not cause test failure.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
|
|
|
|
| |
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
|
|
|
|
| |
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
|
|
|
|
|
|
|
| |
This addresses an out of memory error. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=337
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
This triggers an out of memory error. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=337
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=340
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
This triggers a memory error. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=340
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
This triggers a memory error. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=346
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
That addresses heap read overflows found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=338
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=346
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
This triggers a memory error. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=338
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
This allows to reproduce issues found on server side, by adding
a transcript in server-interesting. Currently it contains values
found using oss-fuzz.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
| |
successful read
That will allow proper deinitialization of the parameters even if
the structure fill up doesn't succeed.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=371
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
building with --disable-tools should not cause test failure.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
|
|
|
|
|
|
| |
sync with other tests
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
|
|
|
|
|
|
| |
similar to other tests
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
This triggers a memory leak. Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=294
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=300
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=269
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=272
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This allows to reproduce issues found on client handling, by adding
a transcript in client-interesting. Currently it contains values
found using oss-fuzz.
The client3.disabled transcript is disabled because it depends
on a fix in nettle.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
| |
The reason is that we cannot distinguish between a memory leak on
application failure (which is followed by exit- thus should be ignored)
and an address sanitizer issue (which should never be ignored).
As such we disable leak detection with asan and rely on valgrind.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
| |
The initial (problematic) structures have been obtained from oss-fuzz
project.
|