| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| |
| |
| | |
build: remove autogen .bak files from repository
See merge request gnutls/gnutls!801
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
While the .bak files are necessary for not requiring autogen on
deployment environment, they are not needed for development and may
cause conflict when other developers use different version of
autogen. This removes those files from the repository and require
autogen at make dist time.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
That makes error message more friendly when autogen is not installed
on developing environment.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
| |
Since 4b567871 there is no `ac_enable_session_tickets` variable, so
let's drop obsolete remnants.
Closes #616
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Noted-by: Dilyan Palauzov
|
| |\
| |
| |
| |
| |
| |
| | |
.gitlab-ci.yml: move to fedora29 for CI
Closes #607
See merge request gnutls/gnutls!794
|
| | |
| |
| |
| | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| | |
| |
| |
| |
| |
| |
| | |
Move handling of autogen/libopts to a single place. Enforce usage of
local libopts if autogen is not found.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |/
|
|
|
|
|
|
|
| |
Use standard way (configure script) to substiture variables in
args-std.def file, instead of manually replacing them in dist-hook.
Fixes #567
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
|
|
|
|
| |
If nettle's CMAC is not available, use a vendored in version from master.
This is necessary as long as we need to link against 3.4 for ABI
compatibility reasons.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
| |
If nettle's CFB8 is not available, use a vendored in version from master.
This is necessary as long as we need to link against 3.4 for ABI
compatibility reasons.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Makes the comparisons of the URI scheme to use c_strcasecmp
from gnulib. It also replaces various straw strcasecmp with
the gnulib variant. This ensures that comparison will be
reliable irrespective of the locale.
Resolves #590
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
That is, use the glibc function when available and the second
parameter is zero.
Resolves #230
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
Fixes #531
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
|
|
| |
Previously we were disabling the 2038 tests on 32-bit systems,
but there can be 32-bit systems with a 64-bit time_t. Ensure
that we run the right tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
|
|
| |
This improves CPU detection by avoiding the parsing of
of a human-readable file and allows operation under debian
multilib qemu setup.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
| |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
'autoreconf' created a different configure script than ./bootstrap.
The result was a broken wchar.h that failed to compile.
The work-around was 'autoreconf -I gl/m4' which is not what a developer
expects. This patch moves gl/m4/* to m4/ which is the default include dir
for autoreconf.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't use AC_CHECK_FUNCS for these functions, but actually test by
including the real header that defines the functions. This allows
the macOS version selection work as intended, making the references
to these functions weak if targeting a version of macOS where these
functions aren't available. Thanks to -no_weak_imports, these weak
references end up in failed linker tests, marking the functions as
unavailable.
This fixes issue #142.
Signed-off-by: Martin Storsjo <martin@martin.st>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This function is available since macOS 10.12, but it's in
sys/random.h on macOS, contrary to the other platforms supporting
it where it is present in unistd.h.
If we don't include the right header that declares the function
and its availability, the configure check would succeed even if
targeting older versions of macOS that lacks the function.
Also include the same header in the source file that actually
uses getentropy.
Signed-off-by: Martin Storsjo <martin@martin.st>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This avoids linking to functions that aren't available in the
lowest targeted macOS version.
If the proper header declaring a function is included, and
gnutls is built with -mmacosx-version-min or the
MACOSX_DEPLOYMENT_TARGET environment variable is set, each
reference to a function that doesn't exist in the minimum
targeted version will be made a weak reference, so that loading
the binary still works, but the function pointer will resolve
to NULL if running on a version of the platform that lacks it.
Since this project doesn't do such runtime checks for functions
it expects to have available, we should instead add this linker
option to fail on the weak references. This allows autoconf to
work as intended, detecting that these functions aren't usable.
This flag appeared in Xcode 8, so check for its availability
before using it. (Xcode 8 and the 10.12 SDK is coincidentally
the release where most relevant new functions appeared, so with
older Xcode versions, the modern platform functions we might want
to avoid don't exist.)
See issue #142.
Signed-off-by: Martin Storsjo <martin@martin.st>
|
| |
|
|
|
|
|
| |
The duplicate was added in 5bb8a18b without any specific reasoning
as to why.
Signed-off-by: Martin Storsjo <martin@martin.st>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |
|
|
|
|
|
|
| |
Nettle version 3.4 was released more than a half year ago, require it to
compile GnuTLS library. It allows us to remove bundled code that was
merged into that release.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
| |
|
|
|
|
| |
That adds a dependency to p11-kit 0.23.10 for the test suite.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
Relates #401
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
This will simplify handling of the x25519 key exchange.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
| |
Resolves #376
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This checks:
1. Whether all modules are loaded from p11-kit when
no explicit gnutls_pkcs11_init() is called and
pkcs11 calls are accessed.
2. Whether only the trusted modules are loaded from
p11-kit and no other PKCS#11 calls than PKCS#11
cert validation is performed.
3. Whether the trusted modules are loaded when
gnutls_pkcs11_init() is called with manual
flag.
Resolves #315
Resolves #316
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
This prevents failures in test suite due to insufficient cmocka
library version.
Resolves #268
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Our included assembly code for aarch64 is not suitable for that
data mode.
Resolves #252
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
|
|
| |
Instead rely only on the definition, to make fuzzying mode to be
enabled even if --enable-fuzzer-target is not specified, but defined
b the compiler.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
| |
|
|
|
|
|
|
| |
This allows to compile the library with flags which will add predictable
random generation and eliminate some crypto checks, in order for the
library to be used for testing (fuzzying).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
| |
We now use the ${ac_cv_sizeof_unsigned_long_int} variable which
gives the numbers used in the host system, not the build one.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
The warnings it produces have little value in our use of string functions.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
|
|
|
|
| |
They are not required for TLS 1.3, and are deprecated for TLS 1.2.
We eliminate them in order to reduce the complexity in the record
packet handling.
Resolves #212
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
Resolves #178
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
| |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
| |
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
| |
The getrandom() call is defined in sys/random.h.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
| |
This simplifies the update of files generated by autogen.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
|
|
|
|
|
|
|
| |
Currently we support both IDNA2003 and IDNA2008. However, IDNA2003
is already obsolete by registrars and NICs, thus there is no reason
to continue supporting it. We switch to IDNA2008 exclusively using libidn2.
Resolves #194
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
