summaryrefslogtreecommitdiff
path: root/bootstrap.conf
Commit message (Collapse)AuthorAgeFilesLines
* Add linkedhash-list.Andreas Metzler2023-02-241-1/+1
| | | | | | Needed by 3173805baed95e3790417ccc9e6b21c83fb38c7f Signed-off-by: Andreas Metzler <ametzler@bebt.de>
* Moved TLS interoperability tests to submodule.Stanislav Zidek2022-08-091-1/+1
| | | | Signed-off-by: Stanislav Zidek <szidek@redhat.com>
* Extend fipshmac to take a path to libgnutls.soZoltan Fridrich2022-05-051-1/+1
| | | | Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
* cligen: update git submoduleDaiki Ueno2022-04-151-6/+1
| | | | | | | This also reverts commit fd0e28a3 and changes how the cligen python files are included in the distribution. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* bootstrap.conf: use install-sh to copy cligen filesDaiki Ueno2022-04-051-1/+4
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* configure.ac: always assume GTK_DOC_CHECK macroDaiki Ueno2022-04-051-0/+1
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* Make option specification type-safeDaiki Ueno2022-03-101-1/+3
| | | | | | | This switches the CLI code and documentation generation to the external cligen module, which provides more type-safe specification. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* README.md: mention Python as requirement instead of AutoGenDaiki Ueno2022-01-151-1/+0
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* src: generate option handling code from JSONDaiki Ueno2022-01-141-1/+1
| | | | | | | | | This replaces AutoGen based command-line parser with a Python script (gen-getopt.py), which takes JSON description as the input. The included JSON files were converted one-off using the parse-autogen program: https://gitlab.com/dueno/parse-autogen. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* priority: rework config reloading logic and lockingDaiki Ueno2021-11-051-1/+1
| | | | | | | | | | | | | | | The previous reloading logic relied on the existence of [priority] section (in the initial loading) as an indicator whether the file is loaded. This didn't work well in the following cases: - when the section didn't exist initially and then is added later - when the section existed initially and then is removed later To handle these cases, this change adds a new flag system_priority_file_loaded which can be used together with the mtime check. This also adds an rwlock to protect global configuration. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* devel: move .abi files into a separate repositoryDaiki Ueno2021-10-181-1/+1
| | | | | | | | Changes to the .abi files are a bit too noisy to track in the main repository. This moves the files out of this repository and embed it as a git submodule. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* bootstrap: pull in 'xalloc-oversized' module from GnulibDaiki Ueno2021-03-291-1/+1
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* safe-memfuncs: rely on explicit_bzero implementation from gnulibDaiki Ueno2021-02-171-1/+1
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* bootstrap.conf: initialize openssl submoduleDaiki Ueno2021-02-131-1/+1
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* bootstrap.conf: refactor detection of gtk-doc and gnulib socketsDaiki Ueno2021-02-131-31/+19
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* build: hard require nettle 3.6Daiki Ueno2020-11-041-1/+0
| | | | | | | This allows us to remove several backports, including XTS, CFB8, raw-ChaCha, CMAC64, Curve448, and the GOST curves and hashes. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* psktool: encode username if it contains special characterDaiki Ueno2020-10-301-1/+1
| | | | | | | This also moves the hex encoding of key to write_key for readability and makes file stream closing robuster. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* bootstrap.conf: exercise more tests from GnulibDaiki Ueno2020-10-271-6/+8
| | | | | | | | | | | | | | | | | | | | This fixes the build failure with -Werror: configure:53786: gcc -o conftest -O0 -Wall -Werror -g3 conftest.c -lev >&5 conftest.c:412: error: "GNULIB_STRERROR" redefined [-Werror] 412 | #define GNULIB_STRERROR 1 | conftest.c:305: note: this is the location of the previous definition 305 | #define GNULIB_STRERROR IN_GNUTLS_GNULIB_TESTS | cc1: all warnings being treated as errors as well as improves code coverage. Suggested by Bruno Haible in: <https://lists.gnu.org/archive/html/bug-gnulib/2020-10/msg00148.html>. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* serv: use only async-signal-safe functions in signal handlerstmp-src-fixesDaiki Ueno2020-10-181-2/+2
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* serv: peer_print_info: add overflow check on reallocDaiki Ueno2020-10-181-1/+1
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* serv: replace our own list implementation with Gnulib's gl_listDaiki Ueno2020-10-181-1/+1
| | | | Signed-off-by: Daiki Ueno <ueno@gnu.org>
* build: use $(LIBPTHREAD) rather than non-existent $(LTLIBPTHREAD)tmp-pthreadJames Bottomley2020-06-291-2/+2
| | | | | | | | | | | | | | | | | | | | On a very recent openSUSE build, libgnutls is getting built without libpthread. This caused a thread related error when trying to load a pkcs11 module that uses threading. The reason is rather convoluted: glibc actually controls all the pthread_ function calls, but it returns success without doing anything unless -lpthread is in the link list. What's happening is that gnutls_system_mutex_init() is being called on _gnutls_pkcs11_mutex before library pthreading is initialized, so the pthread_mutex_init ends up being a nop. Then, when the pkcs11 module is loaded, pthreads get initialized and the call to pthread_mutex_lock is real, but errors out on the uninitialized mutex. The problem seems to be that nothing in the gnulib macros gnutls relies on for threading support detection actually sets LTLIBPTHREAD, they only set LIBPTHREAD. The fix is to use LIBPTHREAD in lib/Makefile.in Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
* lib: avoid file descriptor leak when application forksDaiki Ueno2020-05-301-2/+2
| | | | | | | | | | | This makes use of the "e" flag of fopen, provided by the Gnulib's fopen-gnu module. Reported by Remi Denis-Courmont in: https://gitlab.com/gnutls/gnutls/-/issues/985 and fix suggested by Tim Rühsen. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* gnulib: update git submoduleDaiki Ueno2020-05-291-2/+2
| | | | | | | | | | | This brings in the new fopen-gnu module and the RF_SENSITIVE flag for fread_file and read_file. This also adds the following changes to be consistent with the latest changes in Gnulib: - the callers of fread_file and read_file to be adjusted for the FLAGS argument - "attribute.h" needs to be used extensively Signed-off-by: Daiki Ueno <ueno@gnu.org>
* build: vendor in libtasn1 codetmp-vendor-minitasn1Dmitry Baryshkov2020-05-241-1/+2
| | | | | | | | Instead of keeping the minitasn1 source in Git, vendor in it during bootstrap as we do with Nettle code. This also upgrades included minitasn1 to latest version (4.16.0). Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* nettle: rename import-chacha-from-nettle.sh to import-from-nettle.shDaiki Ueno2020-05-041-1/+1
| | | | | | This script will handle other backports except ECC as well. Signed-off-by: Daiki Ueno <ueno@gnu.org>
* fips: check library soname during configuretmp-check-sonameDaiki Ueno2020-04-241-2/+2
| | | | | | | | | | | | Previously, we hard-coded the sonames of linked libraries for FIPS integrity checking. That required downstream packagers to manually adjust the relevant code in lib/fips.c, when a new interface version of the dependent libraries (nettle, gmp) becomes available and linked to libgnutls. This patch automates that process with the configure script. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* build: import-curve448 -> import-eccDmitry Baryshkov2020-04-141-1/+1
| | | | | | | As the script now imports not just Curve448, but also gost code, rename the script, target directory and symbols to follow that. Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
* nettle: vendor in ChaCha20 implementation from nettleDaiki Ueno2020-03-191-0/+1
| | | | | | | This enables to use bundled ChaCha20 implementation if the system nettle doesn't have nettle_chacha_set_counter. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* bootstrap.conf: do not bring tests in gnulib clones (src/unistring)Nikos Mavrogiannopoulos2020-03-161-2/+2
| | | | | | | These tests are not being run, and they can cause issues as in !1208. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* lib: use static assertion to check enum valuestmp-static-assertDaiki Ueno2020-03-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | We previously had checks of enum values with '#if', such as below: #define GNUTLS_EXTENSION_MAX_VALUE 31 typedef enum extensions_t { ... GNUTLS_EXTENSION_MAX /* not real extension - used for iterators */ } extensions_t; /* we must provide at least 16 extensions for users to register */ #if GNUTLS_EXTENSION_MAX_VALUE - GNUTLS_EXTENSION_MAX < 16 # error not enough extension types #endif This doesn't work as expected; because GNUTLS_EXTENSION_MAX is not defined as a preprocessor macro, it always expands to 0. To properly do this check, we need to use static assert as provided as the 'verify' macro in gnulib. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* Create files in gl/ licenced lgpl2+ instead of lgpl3+tmp-gl-lgpl2Tim Rühsen2020-01-251-1/+1
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* nettle: vendor in Curve448 and Ed448 implementationDaiki Ueno2020-01-231-1/+3
| | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
* x509: reject certificates having duplicate extensionsNikos Mavrogiannopoulos2020-01-031-1/+1
| | | | | | | | | | | According to RFC5280 a certificate must not include more than one instance of a particular extension. We were previously printing warnings when such extensions were found, but that is insufficient to flag such certificates. Instead, refuse to import them. Resolves: #887 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Merge branch 'tmp-use-https' into 'master'Tim Rühsen2019-03-131-1/+1
|\ | | | | | | | | Change HTTP:// references to HTTPs:// (generally) See merge request gnutls/gnutls!910
| * Use https:// for www.gnu.org and www.example.comTim Rühsen2019-03-131-1/+1
| | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | inet_ntop is available in Windows but not via arpa/inet.hSteve Lhomme2019-03-131-2/+2
|/ | | | | | | | | It's found in ws2tcpip.h which is already included in gnutls_int.h arpa/inet.h doesn't exist on Windows, so add arpa_inet to the list of headers replaced by gnulib if not found. Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
* bootstrap.conf: do not override GNULIB_SRCDIRtmp-macosx-fixNikos Mavrogiannopoulos2019-02-141-10/+12
| | | | | | | This was not set in all of our CI platforms, and was causing issues in MacOSX. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Merge branch 'tmp-gnulib-pton' into 'master'Tim Rühsen2019-02-101-1/+1
|\ | | | | | | | | Use inet_pton() from gnulib See merge request gnutls/gnutls!913
| * Use inet_pton() from gnulibtmp-gnulib-ptonTim Rühsen2019-02-101-1/+1
| | | | | | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* | bootstrap: refuse to bootstrap if any dependencies bring gnulib's network stacktmp-enforce-gnulib-rules-for-libNikos Mavrogiannopoulos2019-02-091-1/+11
|/ | | | | | | | | | If gnulib's network stack is brought (due to a dependency) in the library it will make the library unusable to non-gnulib using applications. This prevents windows applications for example to use gnutls, and so on. Even more it is quite hard to catch that issue because our testsuite uses gnulib as well. Instead we try to catch the these modules at import time. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Use inet_ntop() from gnulibtmp-gnulib-ntopTim Rühsen2019-02-071-1/+1
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* bootstrap: only update the required submodules for buildingtmp-submodulesNikos Mavrogiannopoulos2018-12-051-1/+6
| | | | | | | | | Although we have few submodules they are not all required for building and testing. This patch modified bootstrap.conf not to update all of them, but only the necessary for building and testing. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* bootstrap.conf: add "autogen" to buildreqTim Rühsen2018-11-241-0/+1
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Let bootstrap check for gperf and autopointTim Rühsen2018-10-081-0/+2
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Use ASCII version of strcasecmp() in library codetmp-lib-c-strcaseTim Rühsen2018-09-271-1/+1
| | | | | | | | | | strcasecmp() has side effects in some locales. What we really need is c_strcasecmp() from Gnulib for comparing ASCII strings. Fixes #570 Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Update git submodules via ./bootstrapTim Rühsen2018-09-171-0/+7
| | | | | | | Setting $SUBMODULE_NOFETCH to a non-empty value adds --no-fetch to the git command (for CI speedup). Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* certtool: properly print an int64_t valueNikos Mavrogiannopoulos2018-07-021-1/+1
| | | | | | Also included the gnulib inttype module for portability. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Add strdup-posix gnulib moduleTim Rühsen2018-06-271-1/+1
| | | | | | | | Some files in gl/tests won't build in environments without strdup(), e.g. MinGW on Debian. The gnulib docs advise to explicitly add the module. Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* Let ./bootstrap sync from translationproject.orgTim Rühsen2018-06-261-2/+1
| | | | | | | | | | This makes manual updating of the translations obsolete. From now on, builds and tarballs will always have the latest translations included. We should not forget to inform translationproject.org to update the translations before a release. How to do that is described at https://translationproject.org/html/maintainers.html (6. Announcing).
View Lorry Controller Status