GnuTLS merge requestshttps://staging.gitlab.com/gnutls/gnutls/-/merge_requests2017-09-27T07:19:50Zhttps://staging.gitlab.com/gnutls/gnutls/-/merge_requests/526CONTRIBUTING.md: added some text on introducing new APIs [ci skip]2017-09-27T07:19:50Zusername-removed-105950CONTRIBUTING.md: added some text on introducing new APIs [ci skip]Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>GnuTLS 3.6.x bug fixesusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/5223.5.x: signature: on client side, only select a non-enabled signature if none...2017-09-24T10:26:29Zusername-removed-1059503.5.x: signature: on client side, only select a non-enabled signature if none matchGnuTLS 3.5.x bug fixeshttps://staging.gitlab.com/gnutls/gnutls/-/merge_requests/399Improve pkgconfig.sh test2017-09-20T06:35:10Zusername-removed-112173Improve pkgconfig.sh test* Don't override PKG_CONFIG_PATH variable
* Check libidn2 isntead of libidn
* Don't override PKG_CONFIG_PATH variable
* Check libidn2 isntead of libidn
GnuTLS 3.6.x bug fixesusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/494WIP: p11tool: added --spy option2017-09-18T16:07:39Zusername-removed-105950WIP: p11tool: added --spy optionThe main concern here is that the --spy can only be used when --provider is specified, limiting its usefulness.The main concern here is that the --spy can only be used when --provider is specified, limiting its usefulness.gnutls 3.6.x with TLS 1.3username-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/512extensions: introduce TLS 1.3 semantics2017-09-13T15:18:22Zusername-removed-105950extensions: introduce TLS 1.3 semanticsRelates #253Relates #253gnutls 3.6.x with TLS 1.3username-removed-1280241username-removed-1280241https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/511Remove camellia ciphersuites from default sets2017-09-12T05:52:50Zusername-removed-105950Remove camellia ciphersuites from default setsGnuTLS 3.6.x bug fixeshttps://staging.gitlab.com/gnutls/gnutls/-/merge_requests/505.gitlab-ci.yml: enhance cppcheck tests and added FreeBSD build2017-09-08T13:18:45Zusername-removed-105950.gitlab-ci.yml: enhance cppcheck tests and added FreeBSD buildSigned-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>GnuTLS 3.6.x bug fixesusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/508tests: updated tlsfuzzer to reduce rsa-pss failures2017-09-08T12:18:23Zusername-removed-105950tests: updated tlsfuzzer to reduce rsa-pss failuresSigned-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/506.gitlab-ci.yml: added freebsd build2017-09-08T07:35:13Zusername-removed-105950.gitlab-ci.yml: added freebsd buildGnuTLS 3.6.x bug fixesusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/499tlslite-ng: updated to latest version2017-09-06T12:36:25Zusername-removed-105950tlslite-ng: updated to latest versionThis addresses issues with RSA-PSS signing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>This addresses issues with RSA-PSS signing.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>GnuTLS 3.6.x bug fixesusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/495p11tool: minor improvements2017-08-29T12:28:39Zusername-removed-105950p11tool: minor improvementsGnuTLS 3.6.x bug fixesusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/496.gitlab-ci.yml: give more specific name to windows job artifacts2017-08-29T12:06:01Zusername-removed-105950.gitlab-ci.yml: give more specific name to windows job artifactsThis allows a more descriptive name to any downloaded artifacts.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>This allows a more descriptive name to any downloaded artifacts.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>GnuTLS 3.6.x bug fixesusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/492Tests2017-08-26T08:22:19Zusername-removed-174650alon.barlev@gmail.comTestsGnuTLS 3.6.x bug fixesusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/491Fixed segmentation faults caused by accessing NULL pointers during mutex…2017-08-26T06:46:17Zusername-removed-780038Fixed segmentation faults caused by accessing NULL pointers during mutex…Fixed segmentation faults caused by accessing NULL pointers during mutex operations. This bug was triggered while setting priorities.
Signed-off-by: Tom Vrancken <email@tomvrancken.nl>Fixed segmentation faults caused by accessing NULL pointers during mutex operations. This bug was triggered while setting priorities.
Signed-off-by: Tom Vrancken <email@tomvrancken.nl>GnuTLS 3.6.x bug fixesusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/488new corpora from oss-fuzz2017-08-24T14:42:00Zusername-removed-267665new corpora from oss-fuzzUpdating the corpora from oss-fuzz, adding view-coverage script, etc.Updating the corpora from oss-fuzz, adding view-coverage script, etc.GnuTLS 3.6.x bug fixesusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/487RFC7250 certificate type negotiation2017-08-24T09:21:56Zusername-removed-780038RFC7250 certificate type negotiationThis merge request contains the implementation of the certificate type negotiation mechanisms that are defined in RFC7250. It enables the possibility to negotiate a certificate type for the client and the server independently. I call thi...This merge request contains the implementation of the certificate type negotiation mechanisms that are defined in RFC7250. It enables the possibility to negotiate a certificate type for the client and the server independently. I call this asymmetric certificate types as opposed to a symmetric negotiation where both client and server negotiate the same type. Because RFC7250 and RFC6091 define overlapping functionality the implementation is made such that the library user can toggle between the two extensions by specifying an option in the priority strings. This ensures backwards compatibility with older libraries. This implementation does not contain the full raw certificate type functionality as defined in RFC7250. It only contains the certificate type negotiation mechanisms. A patch containing the rest of the RFC7250 spec, specifically dealing with raw public keys, is currently being worked on.
Basic usage of this implementation:
Explicitly enable the asymmetric certificate negotiation mechanism via the priority strings with option %ASYM_CERT_TYPES.
Specify allowed certificate types for the client and server separately by using CTYPE-CLI-* and CTYPE-SRV-* patterns in the priority strings.https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/471tests: introduced unit test of gnutls_memset()2017-08-22T06:56:23Zusername-removed-105950tests: introduced unit test of gnutls_memset()Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/484tests: verify the output size of gnutls_x509_privkey_export2017-08-21T06:37:12Zusername-removed-105950tests: verify the output size of gnutls_x509_privkey_exportThat is, make sure that gnutls_x509_privkey_export() and
gnutls_x509_privkey_export2() agrees with the strlen()
value on the data.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>That is, make sure that gnutls_x509_privkey_export() and
gnutls_x509_privkey_export2() agrees with the strlen()
value on the data.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>GnuTLS 3.6.0 releaseusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/478fuzzer: Fix fuzzer build2017-08-19T21:23:26Zusername-removed-267665fuzzer: Fix fuzzer buildFixes: #251
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>Fixes: #251
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>GnuTLS 3.6.0 releaseusername-removed-105950username-removed-105950https://staging.gitlab.com/gnutls/gnutls/-/merge_requests/479fuzzer: Fix include path in run-clang.sh [skip ci]2017-08-19T06:57:30Zusername-removed-267665fuzzer: Fix include path in run-clang.sh [skip ci]Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>GnuTLS 3.6.0 releaseusername-removed-105950username-removed-105950