| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Simon Josefsson <simon@josefsson.org>
|
|
|
|
| |
Signed-off-by: Dimitris Apostolou <dimitris.apostolou@icloud.com>
|
|
|
|
|
|
|
| |
This prevented fuzzer programs being linked in Ubuntu 20.03, used in
oss-fuzz.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
| |
"it's" is for contractions like "it is" or "it has". "its" is a
possessive pronoun, like "his" or "hers" or "theirs", none of which
have an apostrophe in them either.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
| |
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the initial handshake is incomplete and the server sends a
no_renegotiation alert, the client should treat it as a fatal error
even if its level is warning. Otherwise the same handshake
state (e.g., DHE parameters) are reused in the next gnutls_handshake
call, if it is called in the loop idiom:
do {
ret = gnutls_handshake(session);
} while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
Signed-off-by: Daiki Ueno <ueno@gnu.org>
|
|
|
|
|
|
|
| |
Instead of silently ignoring build errors and running fewer fuzzers,
exit on the first build error.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
clang++ will choke on several fuzzer sources because C++ is stricter
than C wrt. type conversion:
gnutls_base64_decoder_fuzzer.c:26:63: error: non-constant-expression
cannot be narrowed from type 'size_t' (aka 'unsigned long') to 'unsigned
int' in initializer list [-Wc++11-narrowing]
gnutls_datum_t raw = {.data = (unsigned char *)data, .size = size};
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
|
|
|
| |
OSS Fuzzer noted an issue in parsing (incorrect) CRL files with
zero-length version field. Certificate parser does not have this issue,
while CRL and OCSP Request and Response parsers shows this problem. To
remove code duplication extract common function and use it from all four
parsers.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|\
| |
| |
| |
| | |
x509: drop endless loop in print_extensions
See merge request gnutls/gnutls!1205
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If crq is malformed in extensions part, print_extensions() might loop
endlessly because gnutls_x509_crq_get_extension_info would return
unhandled GNUTLS_ASN1_DER_ERROR looping over extension index, rather
than bailing out. Fix this by handling this error code properly. Found
thanks to oss-fuzz.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|\ \
| |/
|/|
| |
| | |
lib/x509/output.c: remove occasioinal memory leak in print_issuer_sign_tool()
See merge request gnutls/gnutls!1203
|
| |
| |
| |
| |
| |
| |
| | |
Remove memory leak in error handling in print_issuer_sign_tool() by
moving asn1_delete_structure to the end of the function.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|/
|
|
|
|
|
|
|
| |
Add x509 certificate requests and certificate revocation lists fuzzers.
Use data from tests/cert-tests as a starting seed for the corpora.
Fixes #903
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
|
|
|
|
|
| |
Nettle will abort on a call to pbkdf2 if iterations is 0. Add check to
GnuTLS PKCS12 GOST code to check that iter is not 0.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|
|
|
|
|
|
|
|
| |
The fuzzer files for ed448 were the reverse for client and server.
Enhanced the fuzzer tools to run a single fuzzer, and added more
clear documentation on how to generate and manually test the fuzzer
outputs.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|\
| |
| |
| |
| | |
algorithms: implement X448 key exchange and Ed448 signature scheme
See merge request gnutls/gnutls!984
|
| |
| |
| |
| | |
Signed-off-by: Daiki Ueno <dueno@redhat.com>
|
|/
|
|
|
|
|
| |
Add several examples of PKCS#7/#8/#12 files using GOST keys, ciphers and
digest functions.
Signed-off-by: Dmitry Baryshkov <dbaryshkov@gmail.com>
|
|\
| |
| |
| |
| |
| |
| | |
x509: reject certificates having duplicate extensions
Closes #887
See merge request gnutls/gnutls!1145
|
| |
| |
| |
| | |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|/
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
| |
Only lots of corpora removed (by merge step). Not sure why.
But there are several new UBs detected.
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
|
|
|
|
| |
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
|
|
|
|
| |
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
|
|
|
|
|
|
|
| |
Issue found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15665
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
| |
Added a larger set of corpus (generated with afl-fuzz), and made
sure that the fuzzer application crashes if verification succeeds.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
|
| |
This also adds a reproducer for CVE-2019-3829.
Resolves: #694
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
| |
This checks for unsafe uses of variables in our included threaded
tests.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
| |
Resolves #359
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
| |
Relates #359
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|