summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* doc: removed cyclo subdirtmp-remove-doc-cycloNikos Mavrogiannopoulos2019-03-093-39/+1
| | | | | | | | | | This directory had a makefile which was intended to calculate the cyclomatic complexity, however that was not functional, and not related with gnutls' documentation. Resolves: #727 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* NEWS: fix NEWS entries [ci skip]Nikos Mavrogiannopoulos2019-03-081-8/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Merge branch 'tmp-explicit-sanity-checks' into 'master'Nikos Mavrogiannopoulos2019-03-062-4/+24
|\ | | | | | | | | cleanup: _gnutls_recv_handshake: added explicit sanity checks See merge request gnutls/gnutls!937
| * _gnutls_recv_handshake: added explicit sanity checkstmp-explicit-sanity-checksNikos Mavrogiannopoulos2019-02-232-4/+24
| | | | | | | | | | | | | | | | | | Although, this function acts on the message provided as expected and thus it should never call a message parsing function on unexpected messages, we make a more explicit sanity check. This unifies the sanity checks existing within the involved functions. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | Merge branch 'tmp-cert-req' into 'master'Daiki Ueno2019-03-0610-13/+29
|\ \ | | | | | | | | | | | | | | | | | | TLS 1.3: utilize "certificate_required" alert Closes #715 See merge request gnutls/gnutls!946
| * | tls13/certificate: utilize "certificate_required" alerttmp-cert-reqDaiki Ueno2019-03-0510-13/+25
| | | | | | | | | | | | | | | | | | | | | This could make errors more distinguishable when the client sends no certificates or a bad certificate. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | alert: recognize "certificate_required"Daiki Ueno2019-03-042-0/+4
| | | | | | | | | | | | | | | | | | This may be sent if the server received an empty Certificate message. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | | Merge branch 'tmp-fix-cli-starttls-xmpp' into 'master'Tim Rühsen2019-03-054-10/+59
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | gnutls-cli: Fix --starttls-proto=xmpp Closes #697 See merge request gnutls/gnutls!911
| * | | Add test for starttls XMPPtmp-fix-cli-starttls-xmppTim Rühsen2019-02-183-2/+51
| | | | | | | | | | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
| * | | gnutls-cli: Fix --starttls-proto=xmppTim Rühsen2019-02-181-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes two issues with gnutls-cli --starttls-proto=xmpp: 1. Print 'Timeout' on timeout instead of random errno message 2. Do not wait for linefeed when using XMPP (XML) Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | | | Merge branch 'lgtm-analysis' into 'master'Tim Rühsen2019-03-051-0/+16
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | Create .lgtm.yml for LGTM.com C/C++ analysis See merge request gnutls/gnutls!945
| * | | | Create .lgtm.yml for LGTM.com C/C++ analysislgtm-analysisBas van Schaik2019-03-021-0/+16
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Bas van Schaik <gitlab.com@s.traiectum.net>
* | | | | Merge branch 'tmp-doc-update-iv' into 'master'Nikos Mavrogiannopoulos2019-03-052-12/+16
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | Improve documentation for gnutls_cipher_get_iv_size and AEAD ciphers Closes #717 See merge request gnutls/gnutls!941
| * | | | Clarifications on AEAD cipherstmp-doc-update-ivNikos Mavrogiannopoulos2019-03-011-10/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Relates: #716 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| * | | | Improve documentation for gnutls_cipher_get_iv_sizeNikos Mavrogiannopoulos2019-03-011-2/+4
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This clarifies what is returned and what is to be expected on algorithms with variable IV sizes. Resolves: #717 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* | | | Merge branch 'fix_fips_lib_name' into 'master'Nikos Mavrogiannopoulos2019-03-042-5/+12
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | Fix FIPS integrity self tests See merge request gnutls/gnutls!873
| * | | | .gitlab-ci.yml: Test FIPS HMAC self-testAnderson Toshiyuki Sasaki2019-03-041-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This enables the integrity self-tests in FIPS140 test build. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
| * | | | fips140: Ignore newlines read at the end of HMAC fileAnderson Toshiyuki Sasaki2019-03-041-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This makes the integrity check to ignore newlines appended after the HMAC value. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
| * | | | fips140: Fix the names of files used in integrity checksAnderson Toshiyuki Sasaki2019-03-041-3/+3
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | The names of the libraries haven't been updated when the soname version were bumped. Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
* | | | Merge branch 'tmp-false-start-clarifications' into 'master'Nikos Mavrogiannopoulos2019-03-0215-151/+627
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixed operation under multiple threads Closes #713 See merge request gnutls/gnutls!935
| * | | | .gitlab-ci.yml: added thread sanitizer runtmp-false-start-clarificationsNikos Mavrogiannopoulos2019-03-023-5/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This checks for unsafe uses of variables in our included threaded tests. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| * | | | Protected _gnutls_epoch_get from _gnutls_epoch_gc on false startNikos Mavrogiannopoulos2019-03-023-7/+37
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| * | | | gnutls_record_send2: try to ensure integrity of operations on false and ↵Nikos Mavrogiannopoulos2019-03-025-10/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | early start This adds a double check in the sanity check of gnutls_record_send2() for the initial_negotiation_completed value, making sure that the check will be successful even in parallel operation of send/recv. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| * | | | mini-dtls-pthread: renamed and fixed several shortcomingsNikos Mavrogiannopoulos2019-03-022-121/+97
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * | | | Make false start and early start multi-thread recv/send safeNikos Mavrogiannopoulos2019-03-024-4/+397
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | An application that is sending and receiving from different threads after handshake is complete cannot take advantage of false start because gnutls_record_send2() detects operations during the handshake process as invalid. Because in early start and false start the remaining handshake process needs only to receive data, and the sending side is already set-up, this error detection is bogus. With this patch we remove it. Resolves: #713 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * | | | doc: added more information on operation under multiple threadsNikos Mavrogiannopoulos2019-03-023-6/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Relates: #713 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | | | | Merge branch 'update-bootstrap' into 'master'Nikos Mavrogiannopoulos2019-03-021-27/+70
|\ \ \ \ \ | |_|/ / / |/| | | | | | | | | | | | | | Update ./bootstrap from latest gnulib See merge request gnutls/gnutls!943
| * | | | Update ./bootstrap from latest gnulibupdate-bootstrapTim Rühsen2019-03-011-27/+70
|/ / / / | | | | | | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | | | Merge branch 'tmp-token-modname-clarifications' into 'master'Nikos Mavrogiannopoulos2019-02-281-1/+2
|\ \ \ \ | |/ / / |/| | | | | | | | | | | | | | | | | | | pkcs11: clarify GNUTLS_PKCS11_TOKEN_MODNAME presence [ci skip] Closes #633 See merge request gnutls/gnutls!938
| * | | pkcs11: clarify GNUTLS_PKCS11_TOKEN_MODNAME presence [ci skip]tmp-token-modname-clarificationsNikos Mavrogiannopoulos2019-02-261-1/+2
|/ / / | | | | | | | | | | | | | | | Resolves: #633 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* | | cppcheck: suppress warning on nettle code [ci skip]Nikos Mavrogiannopoulos2019-02-261-0/+1
| | | | | | | | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* | | Merge branch 'tmp-ametzler-gnutls-cli-benchmark-overflow' into 'master'Tim Rühsen2019-02-242-2/+5
|\ \ \ | | | | | | | | | | | | | | | | gnutls-cli: fix --benchmark-ciphers type overflow See merge request gnutls/gnutls!934
| * | | gnutls-cli: fix --benchmark-ciphers type overflowAndreas Metzler2019-02-242-2/+5
|/ / / | | | | | | | | | Signed-off-by: Andreas Metzler <ametzler@bebt.de>
* | | Merge branch 'tmp-fetch-fuzz-corpora-faster' into 'master'Tim Rühsen2019-02-233-9/+35
|\ \ \ | | | | | | | | | | | | | | | | Fetch OSS-Fuzz corpora much faster [skip ci] See merge request gnutls/gnutls!883
| * | | Fetch OSS-Fuzz corpora much faster [skip ci]tmp-fetch-fuzz-corpora-fasterTim Rühsen2019-02-053-9/+35
| | | | | | | | | | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | | | Merge branch 'tmp-update-ax-code-coverage' into 'master'Tim Rühsen2019-02-2310-152/+420
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | Update m4/ax_code_coverage.m4 See merge request gnutls/gnutls!905
| * | | | Update ax_code_coverage.m4 to latest release of autoconf-archivetmp-update-ax-code-coverageTim Rühsen2019-02-2210-152/+420
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | | | | Merge branch 'tmp-reset-after-free' into 'master'Tim Rühsen2019-02-2349-97/+28
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | Automatically NULLify after gnutls_free() See merge request gnutls/gnutls!923
| * | | | | gnutls_x509_crt_init: Fix dereference of NULL pointertmp-reset-after-freeTim Rühsen2019-02-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
| * | | | | Remove redundant resets of variables after free()Tim Rühsen2019-02-2247-96/+10
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
| * | | | | Automatically NULLify after gnutls_free()Tim Rühsen2019-02-222-0/+17
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This method prevents direct use-after-free and double-free issues. Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | | | | Merge branch 'tmp-cleanup-cert' into 'master'Tim Rühsen2019-02-231-26/+12
|\ \ \ \ \ | |_|_|_|/ |/| | | | | | | | | | | | | | Cleanup lib/auth/cert.c as suggested by cppcheck See merge request gnutls/gnutls!924
| * | | | Cleanup lib/auth/cert.c as suggested by cppchecktmp-cleanup-certTim Rühsen2019-02-131-26/+12
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | | | | Merge branch 'tmp-downgrade-sentinel' into 'master'Daiki Ueno2019-02-227-6/+91
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | handshake: defer setting downgrade sentinel until version is selected Closes #689 See merge request gnutls/gnutls!918
| * | | | | tlsfuzzer: update to the latest upstream for downgrade protection teststmp-downgrade-sentinelDaiki Ueno2019-02-224-4/+17
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | | | | ext/supported_versions: regenerate server randomDaiki Ueno2019-02-223-2/+74
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds a call to _gnutls_gen_server_random() in handling the "supported_versions" extension, so that the TLS 1.3 downgrade sentinel is set only when the earlier versions are selected. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | | | | Merge branch 'use_topendir_fixed' into 'master'Tim Rühsen2019-02-225-16/+59
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | | | | | | Re-introduce topendir on Windows with Unicode support See merge request gnutls/gnutls!932
| * | | | lib: x509: Minor directory browsing simplificationHugo Beauzée-Luyssen2019-02-211-6/+3
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
| * | | | Revert "Revert "verify-high2: Fix cert dir iteration on Win32""Hugo Beauzée-Luyssen2019-02-211-2/+49
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 681330882da19099eea360fab141cab937c45677. Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr> This revert also contains the fix to the original commit (invalid utf8->utf16 conversion) and a minor simplification of the _treaddir loop.
| * | | | iconv: Allow _gnutls_utf8_to_ucs2 to output little endianHugo Beauzée-Luyssen2019-02-214-8/+7
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
View Lorry Controller Status