summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
| * | Add GNUTLS_E_RECEIVED_DISALLOWED_NAME for illegal SNI namesTim Rühsen2019-01-318-10/+18
|/ / | | | | | | | | | | | | | | | | | | An illegal/disallowed SNI server name previously generated the misleading message "An illegal parameter has been received.". This commit changes it to "A disallowed SNI server name has been received.". Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | Merge branch 'nettle-stdint' into 'master'Tim Rühsen2019-01-301-1/+1
|\ \ | | | | | | | | | | | | lib/nettle: replace nettle-stdint.h with just stdint.h See merge request gnutls/gnutls!901
| * | lib/nettle: replace nettle-stdint.h with just stdint.hDmitry Eremin-Solenikov2019-01-301-1/+1
| |/ | | | | | | | | | | | | Nettle library is going to drop nettle-stdint.h. Replace this include with with just <stdint.h>. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* | Merge branch 'tmp-update-glimport-and-docs' into 'master'Tim Rühsen2019-01-302-21/+10
|\ \ | |/ |/| | | | | Fix 'make glimport' and update CONTRIBUTING.md See merge request gnutls/gnutls!900
| * Fix 'make glimport' and update CONTRIBUTING.mdtmp-update-glimport-and-docsTim Rühsen2019-01-282-21/+10
|/ | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Merge branch 'tmp-fix-guile-unused-var' into 'master'Dmitry Eremin-Solenikov2019-01-281-4/+4
|\ | | | | | | | | Fix unused var warning in guile/src/core.c See merge request gnutls/gnutls!895
| * Fix unused var warning in guile/src/core.ctmp-fix-guile-unused-varTim Rühsen2019-01-251-4/+4
| | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | Merge branch 'guile' into 'master'Tim Rühsen2019-01-271-0/+1
|\ \ | | | | | | | | | | | | build: detect previous supported guile See merge request gnutls/gnutls!898
| * | build: detect previous supported guileAlon Bar-Lev2019-01-271-0/+1
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A recent change in the m4 macro of guile enforces latest guile: --- AC_DEFUN([GUILE_PROGS], [_guile_required_version="m4_default([$1], [$GUILE_EFFECTIVE_VERSION])" if test -z "$_guile_required_version"; then _guile_required_version=2.2 fi --- The result: --- checking for guile-snarf... /usr/bin/guile-snarf checking for guild... /usr/bin/guild checking for guile-2.2... no checking for guile2.2... no checking for guile-2... no checking for guile2... no checking for guile... /usr/bin/guile checking for Guile version >= 2.2... configure: error: Guile 2.2 required, but 2.0.14 found --- Probably best to specify the supported version explicitly when calling GUILE_PROGS, to keep existing behavior calling the GUILE_PKG detects the existing packages. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* | Merge branch 'gitignore' into 'master'Tim Rühsen2019-01-271-2/+5
|\ \ | |/ |/| | | | | .gitignore: add test files See merge request gnutls/gnutls!899
| * .gitignore: add test filesAlon Bar-Lev2019-01-271-2/+5
|/ | | | Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
* Merge branch 'tmp-fix-abi-check' into 'master'Nikos Mavrogiannopoulos2019-01-251-1/+1
|\ | | | | | | | | Fix abi-check failure See merge request gnutls/gnutls!896
| * Fix abi-check failuretmp-fix-abi-checkTim Rühsen2019-01-251-1/+1
|/ | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* NEWS: updatedgnutls_3_6_6Nikos Mavrogiannopoulos2019-01-251-3/+4
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* src/Makefile.am: remove .bak files before autogeneratingNikos Mavrogiannopoulos2019-01-251-0/+2
| | | | | | | This avoids errors due to files pre-existing but not being writable. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* bumped versionsNikos Mavrogiannopoulos2019-01-253-3/+5
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Makefile.am: require guile-2.2 for releaseNikos Mavrogiannopoulos2019-01-251-0/+1
| | | | | | | | | That's because guile.m4 from previous releases has issues with the latest version. Resolves: #631 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* priorities: when %NO_EXTENSIONS is specified disable TLS1.3Nikos Mavrogiannopoulos2019-01-254-6/+13
| | | | | | | This makes the behavior of this priority string option well-defined even when TLS1.3 is enabled. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Merge branch 'tmp-fix-no-extensions' into 'master'Nikos Mavrogiannopoulos2019-01-244-5/+11
|\ | | | | | | | | The flag %NO_EXTENSIONS is disabling extension support while being functional See merge request gnutls/gnutls!870
| * The flag %NO_EXTENSIONS is disabling extension support while being functionaltmp-fix-no-extensionsNikos Mavrogiannopoulos2019-01-104-5/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | That is, the %NO_EXTENSIONS option is the only documented way to disable extensions completely from a session. Clarify that message, mention that its behavior is undefined when combine with TLS1.3, and make sure that it is functional. The latter makes sure that safe renegotiation and extended master secret extensions remain disabled when this flag is given. That simplifies testing certain scenarios under TLS1.0 or TLS1.1 when no extensions must be used. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | Merge branch 'tmp-ametzler-certtool-manpage-formatting' into 'master'Tim Rühsen2019-01-241-5/+4
|\ \ | | | | | | | | | | | | certtool.1: fix formatting See merge request gnutls/gnutls!892
| * | certtool.1: fix formattingAndreas Metzler2019-01-241-5/+4
|/ / | | | | | | | | | | | | | | Apostroph at start of a line is a control character in manpages, avoid it. Also drop wrong indent. See https://bugs.debian.org/920215 Signed-off-by: Andreas Metzler <ametzler@bebt.de>
* | Merge branch 'tmp-record-size-limit-fixes' into 'master'Daiki Ueno2019-01-248-6/+461
|\ \ | | | | | | | | | | | | Fix record_size_limit extension handling when resuming See merge request gnutls/gnutls!886
| * | tlsfuzzer: update to the latest upstream for record_size_limit testsDaiki Ueno2019-01-244-1/+23
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | tests: check record_size_limit is reset after resumptionDaiki Ueno2019-01-233-1/+427
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | constate: don't restore max_record_recv_size from resumed dataDaiki Ueno2019-01-231-3/+8
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | ext/record_size_limit: mark it as mandatory extensionDaiki Ueno2019-01-231-1/+1
| | | | | | | | | | | | | | | | | | | | | In a resuming session record_size_limit is always renegotiated, and thus the server should parse the extension always. Signed-off-by: Daiki Ueno <dueno@redhat.com>
| * | ext/record_size_limit: reject too large extension payloadDaiki Ueno2019-01-231-0/+2
| | | | | | | | | | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
* | | Merge branch 'tmp-fix-macosx' into 'master'Nikos Mavrogiannopoulos2019-01-243-3/+5
|\ \ \ | | | | | | | | | | | | | | | | .travis.yml: make macosx builds compile again See merge request gnutls/gnutls!890
| * | | configure.ac: fix substitution for libatomictmp-fix-macosxDmitry Eremin-Solenikov2019-01-241-1/+4
| | | | | | | | | | | | | | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
| * | | .travis.yml: avoid installing submodulesNikos Mavrogiannopoulos2019-01-231-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | They are not necessary for building and testing the basic test suite. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * | | update on "Fix gnutls.pc for multiarch builds"Nikos Mavrogiannopoulos2019-01-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This replaces LTLIBUNISTRING with LIBUNISTRING in Makefile.am. The former is no longer produced by configure.ac. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | | | Merge branch 'tmp-fix-udp-serv' into 'master'Dmitry Eremin-Solenikov2019-01-233-3/+88
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | gnutls-serv: improvements in UDP server Closes #632 See merge request gnutls/gnutls!863
| * | | | gnutls-serv: improvements in UDP servertmp-fix-udp-servNikos Mavrogiannopoulos2019-01-233-3/+88
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This modifies the server to deinitialize the session after use (avoiding leaks), and to only send the hello verify request when a client hello is seen. This also adds a basic unit test of gnutls-serv with the --udp option. Resolves #632 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | | | Merge branch 'tmp-priority-linear' into 'master'Tim Rühsen2019-01-231-20/+15
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | | | | | | | | | set_ciphersuite_list(): Use linear approach to cleanup priorities Closes #679 See merge request gnutls/gnutls!889
| * | | set_ciphersuite_list(): Use linear approach to cleanup prioritiestmp-priority-linearTim Rühsen2019-01-231-20/+15
| | | | | | | | | | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | | | Merge branch 'master' into 'master'Nikos Mavrogiannopoulos2019-01-232-1/+4
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | configure.ac: check if libatomic is needed See merge request gnutls/gnutls!878
| * | | | configure.ac: add comment for -latomicFabrice Fontaine2019-01-231-0/+1
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
| * | | | configure.ac: check if libatomic is neededFabrice Fontaine2019-01-172-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | gnutls source code uses the C++11 <atomic> functionality since https://github.com/gnutls/gnutls/commit/7978a733460f92b31033affd0e487c86d66c643d, which internally is implemented using the __atomic_*() gcc built-ins On certain architectures, the __atomic_*() built-ins are implemented in the libatomic library that comes with the rest of the gcc runtime. Due to this, code using <atomic> might need to link against libatomic, otherwise one hits build issues such as: ../lib/.libs/libgnutls.so: undefined reference to `__atomic_fetch_sub_4' on an architecture like SPARC. To solve this, a configure.ac check is added to know if we need to link against libatomic or not. The library is also added to gnutls.pc. Fixes: - http://autobuild.buildroot.org/results/6c749bd592ceffeacadd2ab570d127936cce64b2 - http://autobuild.buildroot.org/results/30aa83d3cf3482af8a59250c196c85f4a278d343 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
* | | | | Merge branch 'tmp-test-tickets' into 'master'Nikos Mavrogiannopoulos2019-01-233-1/+101
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | tests: added tests for multiple ticket reception Closes #511 See merge request gnutls/gnutls!887
| * | | | tests: added tests for multiple ticket receptiontmp-test-ticketsNikos Mavrogiannopoulos2019-01-233-1/+101
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This introduces tests for the reception (parsing) of multiple tickets by a gnutls client. It uses the tlslite-ng server because unlike a gnutls server, tlslite-ng does send multiple tickets in a single record. That way we test that we can parse both ways of sending tickets. Resolves: #511 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* | | | | Merge branch 'tmp-key-rsa-pss' into 'master'Dmitry Eremin-Solenikov2019-01-233-2/+21
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | gnutls_pkcs11_privkey_import_url: enable RSA-PSS only when an RSA key can sign Closes #667 See merge request gnutls/gnutls!884
| * | | | | gnutls_pkcs11_privkey_import_url: enable RSA-PSS only when an RSA key can signtmp-key-rsa-pssNikos Mavrogiannopoulos2019-01-223-2/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In gnutls_pkcs11_privkey_import_url() we only enabled RSA-PSS functionality to the key if the CKM_RSA_PKCS_PSS mechanism is available to the token. However, if the specific key is not marked for use with digital signatures (CKA_SIGN set), then we may have still ended-up using it and fail when using it. We now test whether CKA_SIGN is set prior to enabling such keys for PSS. Resolves: #667 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | | | | | Merge branch 'tmp-update-gnulib' into 'master'Nikos Mavrogiannopoulos2019-01-231-0/+0
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update gnulib Closes #653 See merge request gnutls/gnutls!888
| * | | | | Update gnulibTim Rühsen2019-01-231-0/+0
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | Closes #653 (printf %n crashes on Android) Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | | | | Merge branch 'tmp-alerts-fix' into 'master'Nikos Mavrogiannopoulos2019-01-231-7/+13
|\ \ \ \ \ | |/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | Various alert-related fixes Closes #672 See merge request gnutls/gnutls!885
| * | | | gnutls_alert_send_appropriate: do not send alert to peer on all errorstmp-alerts-fixNikos Mavrogiannopoulos2019-01-231-7/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | That is, do not send alerts for success, or for errors indicating that an alert has been received. This changes the documented function behavior but does not break any existing caller expectations. Relates: #672 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
| * | | | alert: associate unsupported curve alerts with handshake failureNikos Mavrogiannopoulos2019-01-221-0/+2
| |/ / / | | | | | | | | | | | | | | | | | | | | Resolves: #672 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* | | | Merge branch 'tmp-fix-libs-private' into 'master'Tim Rühsen2019-01-221-7/+7
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix libs.private in gnutls.pc for multiarch builds Closes #675 See merge request gnutls/gnutls!877
| * | | | Fix gnutls.pc for multiarch buildstmp-fix-libs-privateTim Rühsen2019-01-171-7/+7
| | |/ / | |/| | | | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
View Lorry Controller Status