From gnutls-devel at lists.gnutls.org Tue Sep 1 05:25:22 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 01 Sep 2020 03:25:22 +0000 Subject: [gnutls-devel] GnuTLS | Add detection of extended instruction set on zhaoxin CPU (#1079) References: Message-ID: zzjianhui created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1079 ## Description of the feature: 1. Add detection of extended instruction set on zhaoxin cpu(cpu inherited via), e.g:ssse3,sha, aesni,pclmul,avx. 2. Modify the variable or function name that contains via. ## Applications that this feature may be relevant to: This can improve the performance of gnutls on zhaoxin cpu. ## Is this feature implemented in other libraries (and which) Will not affect other libraries -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1079 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 1 06:08:49 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 01 Sep 2020 04:08:49 +0000 Subject: [gnutls-devel] GnuTLS | Issues require labels (#1080) References: Message-ID: GnuTLS bot created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1080 The following issues require labels: - [ ] [gnutls-cli in pipes messes up the i/o stream](https://gitlab.com/gnutls/gnutls/-/issues/1037) Please take care of them. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1080 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 1 06:08:49 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 01 Sep 2020 04:08:49 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli in pipes messes up the i/o stream (#1037) In-Reply-To: References: Message-ID: GnuTLS bot commented: @bjacke This issue is unlabelled after 30 days. It needs attention. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1037#note_405062099 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 1 08:55:17 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 01 Sep 2020 06:55:17 +0000 Subject: [gnutls-devel] GnuTLS | Add detection of extended instruction set on zhaoxin CPU (#1079) In-Reply-To: References: Message-ID: Daiki Ueno commented: It would be certainly appreciated if you come up with a patch and I'm more than happy to review it. The current obstacle regarding the VIA CPU support, however, is that we don't have access to the actual platform nor emulator to check if the code is correct. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1079#note_405110322 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 1 08:56:05 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 01 Sep 2020 06:56:05 +0000 Subject: [gnutls-devel] GnuTLS | Update .gitlab-ci.yml (!1315) In-Reply-To: References: Message-ID: Merge Request !1315 was closed by Daiki Ueno Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1315 Project:Branches: alberto.sanchez2/gnutls:patch-1 to gnutls/gnutls:master Author: Alberto Sanchez Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1315 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 1 08:57:09 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 01 Sep 2020 06:57:09 +0000 Subject: [gnutls-devel] GnuTLS | Issues require labels (#1080) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno Issue #1080: https://gitlab.com/gnutls/gnutls/-/issues/1080 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1080 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 1 20:00:16 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 01 Sep 2020 18:00:16 +0000 Subject: [gnutls-devel] GnuTLS | Incorrect alert for TLS 1.3 record with content_type of 0 (#1082) References: Message-ID: Hubert Kario (@mention me if you need reply) created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1082 ## Description of problem: When gnutls receives an encrypted TLS 1.3 record with content_type of zero (the AEAD plaintext is all zero), gnutls responds with incorrect alert message: bad_record_mac instead of the unexpected_message alert ## Version of gnutls used: current master, 423a1565d280107edd92684714ee22356200b038 ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) compiled on Fedora 31 ## How reproducible: Steps to Reproduce: * compile, `cd doc/credentials` * `./gnutls-http-serv --priority NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+DHE-PSK:+PSK -p 4433 -a -d 6` * `PYTHONPATH=~/tlsfuzzer python3 ~/tlsfuzzer/scripts/test-tls13-zero-content-type.py` ## Actual results: all non sanity tests fail: ``` sanity ... OK zero content type and padding during application data ... Error encountered while processing node (child: ) with last message being: Error while processing Traceback (most recent call last): File "scripts/test-tls13-zero-content-type.py", line 427, in main runner.run() File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/runner.py", line 239, in run node.process(self.state, msg) File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/expect.py", line 1759, in process raise AssertionError(problem_desc) AssertionError: Expected alert description "unexpected_message" does not match received "bad_record_mac" zero content type during application data ... Error encountered while processing node (child: ) with last message being: Error while processing Traceback (most recent call last): File "scripts/test-tls13-zero-content-type.py", line 427, in main runner.run() File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/runner.py", line 239, in run node.process(self.state, msg) File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/expect.py", line 1759, in process raise AssertionError(problem_desc) AssertionError: Expected alert description "unexpected_message" does not match received "bad_record_mac" zero content type with padding after handshake ... Error encountered while processing node (child: ) with last message being: Error while processing Traceback (most recent call last): File "scripts/test-tls13-zero-content-type.py", line 427, in main runner.run() File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/runner.py", line 239, in run node.process(self.state, msg) File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/expect.py", line 1759, in process raise AssertionError(problem_desc) AssertionError: Expected alert description "unexpected_message" does not match received "bad_record_mac" zero content type during handshake ... Error encountered while processing node (child: ) with last message being: Error while processing Traceback (most recent call last): File "scripts/test-tls13-zero-content-type.py", line 427, in main runner.run() File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/runner.py", line 239, in run node.process(self.state, msg) File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/expect.py", line 1759, in process raise AssertionError(problem_desc) AssertionError: Expected alert description "unexpected_message" does not match received "bad_record_mac" zero content type after handshake ... Error encountered while processing node (child: ) with last message being: Error while processing Traceback (most recent call last): File "scripts/test-tls13-zero-content-type.py", line 427, in main runner.run() File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/runner.py", line 239, in run node.process(self.state, msg) File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/expect.py", line 1759, in process raise AssertionError(problem_desc) AssertionError: Expected alert description "unexpected_message" does not match received "bad_record_mac" zero content type with padding during handshake ... Error encountered while processing node (child: ) with last message being: Error while processing Traceback (most recent call last): File "scripts/test-tls13-zero-content-type.py", line 427, in main runner.run() File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/runner.py", line 239, in run node.process(self.state, msg) File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/expect.py", line 1759, in process raise AssertionError(problem_desc) AssertionError: Expected alert description "unexpected_message" does not match received "bad_record_mac" sanity ... OK TLS 1.3 zero-value content type Check if handling of records with an internal content type of zero is correct. Test end ==================== version: 1 ==================== TOTAL: 8 SKIP: 0 PASS: 2 XFAIL: 0 FAIL: 6 XPASS: 0 ==================== FAILED: 'zero content type after handshake' 'zero content type and padding during application data' 'zero content type during application data' 'zero content type during handshake' 'zero content type with padding after handshake' 'zero content type with padding during handshake' ``` ## Expected results: all tests pass -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1082 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 1 20:07:36 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 01 Sep 2020 18:07:36 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) References: Message-ID: Nikolay Sivov created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318 Project:Branches: nsivov/gnutls:rsa_privkey_import to gnutls/gnutls:master Author: Nikolay Sivov gnutls_privkey_import_rsa_raw() has 3 privkey arguments marked optional, however the function fails if all 3 of them are not specified. Potentially related to commit 176995234dfc6bbfc4a924d9cb1b32ce220b6cb5. ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 04:53:32 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 02:53:32 +0000 Subject: [gnutls-devel] GnuTLS | apparent bug in _gnutls_x509_der_encode with fix/workaround that shouldn't work (#1078) In-Reply-To: References: Message-ID: CurtisVillamizar commented: I created a patch file for lib/x509/common.c to provide more info. Here is the patch first. [patch-3-common.c](/uploads/f9534a181ff1dddeac3090a50b0745b2/patch-3-common.c) The file asn1_src_2 (part of the debugging) is next. [asn1_src_2](/uploads/be877a392ce0dae5fa7417c1be4491a2/asn1_src_2) The beginning of the files asn1_src_1 and asn1_src_2 are identical so apparently there is no inplace overwrite. The last 28 lines of asn1_src_2 indicate that asn1_der_coding when fed a NULL buffer and size=0 does not think anything but the tbsCertificate.validity is valid. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1078#note_405714520 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 05:13:30 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 03:13:30 +0000 Subject: [gnutls-devel] GnuTLS | apparent bug in _gnutls_x509_der_encode with fix/workaround that shouldn't work (#1078) In-Reply-To: References: Message-ID: CurtisVillamizar commented: I set up a FreeBSD VM with nothing on it except this test case. The prior test result with the patch can be reproduced with the commands attached (about a dozen lines). This uses the FreeBSD ports to compile gnutls which has some quirks when run as an ordinary user. Note that the options I enabled is everything except TPM. [cmds](/uploads/fea89800b6e346de230a5e4cda633253/cmds) Also needed is the patch to the FreeBSD makefile to work around options not working as an ordinary user. [patch-Makefile](/uploads/cbff2970be41b227ab16399dc2670ec5/patch-Makefile) The VM has a dueno account so if you (Daiki Ueno) would like to reproduce this yourself, please send me an email with a ssh public key that I can put in ~dueno/.ssh/ as the authorized_keys file. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1078#note_405717973 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 07:51:34 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 05:51:34 +0000 Subject: [gnutls-devel] GnuTLS | Add detection of extended instruction set on zhaoxin CPU (#1079) In-Reply-To: References: Message-ID: zzjianhui commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1079#note_405749672 I read and tested the check_phe_partial() code you wrote on KX-6840 cpu, and you are correct. Thank you for your help. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1079#note_405749672 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 08:15:05 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 06:15:05 +0000 Subject: [gnutls-devel] GnuTLS | Fix padlock partial PHE detection and sizeof usage (!1316) In-Reply-To: References: Message-ID: zzjianhui commented: I read check_phe_partial() code you wrote and test it on KX-6840 cpu. you are correct. Thank you for your help. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1316#note_405757683 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 11:34:07 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 09:34:07 +0000 Subject: [gnutls-devel] GnuTLS | Dynamic downloading of missing intermediate CAs via gnutls-cli using the option 'ca-auto-retrieve' (!1319) References: Message-ID: Sahana Prasad created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 Project:Branches: sahprasa/gnutls:gnutls-cli-aia to gnutls/gnutls:master Author: Sahana Prasad Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist * [X] Commits have `Signed-off-by:` with name/author being identical to the commit author * [X] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [X] Documentation updated / NEWS entry present (for non-trivial changes) * [X] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code This merge request adds a new option '--ca-auto-retrieve' that can be used with gnutls-cli to automatically download missing intermediate CAs in a certificate chain. This patch was submited by @dueno It also adds adds set and get APIs to get user data in the gnutls_x509_trust_list_set_getissuer_function() callback. The set and get functions are sgnutls_x509_trust_list_set_ptr() respectively. Resolves #968 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 13:03:03 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 11:03:03 +0000 Subject: [gnutls-devel] GnuTLS | AIA callback to retrieve missing chain certificates (!1262) In-Reply-To: References: Message-ID: Sahana Prasad commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1262#note_405931897 @TheRealMichaelCatanzaro the TODOs are addressed in PR #1319 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1262#note_405931897 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 17:47:05 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 15:47:05 +0000 Subject: [gnutls-devel] GnuTLS | WIP: Dynamic downloading of missing intermediate CAs via gnutls-cli using the option 'ca-auto-retrieve' (!1319) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 was reviewed by Daiki Ueno -- Daiki Ueno started a new discussion on src/cli.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319#note_406161220 > + perror("recv"); > + ret = -1; > + goto cleanup; Not your fault (the same code appears in `ocsptool-common.c`), but `socket_bye` needs to be called before goto. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 17:47:45 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 15:47:45 +0000 Subject: [gnutls-devel] GnuTLS | WIP: Dynamic downloading of missing intermediate CAs via gnutls-cli using the option 'ca-auto-retrieve' (!1319) In-Reply-To: References: Message-ID: Daiki Ueno commented: Looks good to me otherwise. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319#note_406161779 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 18:15:38 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 16:15:38 +0000 Subject: [gnutls-devel] GnuTLS | DH RFC7919 negotiation not enabled automatically (#1077) In-Reply-To: References: Message-ID: Andreas Metzler commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1077#note_406179303 On 2020-08-29 Daiki Ueno commented > But yes, I'm not the one who designed this deprecation, so the actual intention might be to make this fully automatic. I don't know. Perhaps @dkg might have an opinion on that. Yes, that is why I think it is a policy decision in the first place. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1077#note_406179303 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 18:22:56 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 16:22:56 +0000 Subject: [gnutls-devel] GnuTLS | WIP: Dynamic downloading of missing intermediate CAs via gnutls-cli using the option 'ca-auto-retrieve' (!1319) In-Reply-To: References: Message-ID: All discussions on Merge Request !1319 were resolved by Sahana Prasad https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 18:38:47 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 16:38:47 +0000 Subject: [gnutls-devel] GnuTLS | WIP: Dynamic downloading of missing intermediate CAs via gnutls-cli using the option 'ca-auto-retrieve' (!1319) In-Reply-To: References: Message-ID: Merge Request !1319 was approved by Daiki Ueno Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 Project:Branches: sahprasa/gnutls:gnutls-cli-aia to gnutls/gnutls:master Author: Sahana Prasad Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 19:04:36 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 17:04:36 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1318 was reviewed by Daiki Ueno -- Daiki Ueno started a new discussion on tests/key-import-export.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406204723 > > + /* Optional arguments */ > + ret = gnutls_privkey_import_rsa_raw(key, &_rsa_m, &_rsa_e, &_rsa_d, &_rsa_p, &_rsa_q, NULL, NULL, NULL); Can't those permutations rewritten as a loop? -- Daiki Ueno started a new discussion on lib/nettle/pk.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406204726 > > + /* marks RSA_COEF as present */ > + params->params_nr = RSA_PRIVATE_PARAMS - 2; It might be a little easier to read if this is moved right before `calc_rsa_exp`? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 19:06:33 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 17:06:33 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you; looks good to me. Could you retrigger the CI after prolonging the limit (to maybe around 2h) in "Settings" ? "CI / CD" ? "General pipelines"? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406205579 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 19:48:09 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 17:48:09 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) In-Reply-To: References: Message-ID: Nikolay Sivov commented on a discussion on tests/key-import-export.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406223123 > if (ret < 0) > fail("error\n"); > > + /* Optional arguments */ > + ret = gnutls_privkey_import_rsa_raw(key, &_rsa_m, &_rsa_e, &_rsa_d, &_rsa_p, &_rsa_q, NULL, NULL, NULL); Sure. Do you mean a loop over some static table of pointer triples or something else? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406223123 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 19:48:24 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 17:48:24 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) In-Reply-To: References: Message-ID: Nikolay Sivov commented on a discussion on lib/nettle/pk.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406223240 > TOMPZ(params->params[RSA_PRIME1])) == 0) > return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY); > > + /* marks RSA_COEF as present */ > + params->params_nr = RSA_PRIVATE_PARAMS - 2; Will do. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406223240 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 2 19:52:52 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 17:52:52 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) In-Reply-To: References: Message-ID: Nikolay Sivov commented: Certainly. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406225173 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 00:13:26 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 02 Sep 2020 22:13:26 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) In-Reply-To: References: Message-ID: Nikolay Sivov commented: Increased test run time and test fixes helped with remaining failures. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406382869 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 09:59:32 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 07:59:32 +0000 Subject: [gnutls-devel] GnuTLS | Backport bug fixes from master to gnutls_3_6_x (!1317) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317#note_406550241 I agree with you completely; dropped !1268 and !1308, and added the NEWS entries for the mentioned changes. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317#note_406550241 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 11:17:01 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 09:17:01 +0000 Subject: [gnutls-devel] GnuTLS | Backport bug fixes from master to gnutls_3_6_x (!1317) In-Reply-To: References: Message-ID: Alexander Sosedkin commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317#note_406601928 Thanks, now all my previous concerns are addressed and the only nitpick I have is `handshake: check TLS version against modified server priorities` NEWS entry lacking a reference to either !1309 or #1054. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317#note_406601928 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 11:21:19 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 09:21:19 +0000 Subject: [gnutls-devel] GnuTLS | Backport bug fixes from master to gnutls_3_6_x (!1317) In-Reply-To: References: Message-ID: Merge Request !1317 was approved by Alexander Sosedkin Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317 Branches: tmp-backport-3.6 to gnutls_3_6_x Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 13:07:07 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 11:07:07 +0000 Subject: [gnutls-devel] GnuTLS | Backport bug fixes from master to gnutls_3_6_x (!1317) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317#note_406678812 Good catch, fixed. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317#note_406678812 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 13:07:08 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 11:07:08 +0000 Subject: [gnutls-devel] GnuTLS | Backport bug fixes from master to gnutls_3_6_x (!1317) In-Reply-To: References: Message-ID: All discussions on Merge Request !1317 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1317 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 13:08:53 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 11:08:53 +0000 Subject: [gnutls-devel] GnuTLS | Backport bug fixes from master to gnutls_3_6_x (!1317) In-Reply-To: References: Message-ID: Merge Request !1317 was scheduled to merge after pipeline succeeds by Daiki Ueno Merge Request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317 Branches: tmp-backport-3.6 to gnutls_3_6_x Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 13:09:37 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 11:09:37 +0000 Subject: [gnutls-devel] GnuTLS | Backport bug fixes from master to gnutls_3_6_x (!1317) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you for the thorough review! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317#note_406681474 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 13:26:22 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 11:26:22 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete (!1320) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320 Branches: tmp-renegotiation to master Author: Daiki Ueno Fixes #1071. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 13:37:05 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 11:37:05 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete (!1320) In-Reply-To: References: Message-ID: Hubert Kario (@mention me if you need reply) started a new discussion on lib/handshake.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320#note_406699942 > _gnutls_abort_handshake(gnutls_session_t session, int ret) > { > if (((ret == GNUTLS_E_WARNING_ALERT_RECEIVED) && > - (gnutls_alert_get(session) == GNUTLS_A_NO_RENEGOTIATION)) > - || ret == GNUTLS_E_GOT_APPLICATION_DATA) > + (gnutls_alert_get(session) == GNUTLS_A_NO_RENEGOTIATION) && > + (session->internals.initial_negotiation_completed || > + !(session->internals.hsk_flags & HSK_SERVER_HELLO_RECEIVED))) || > + ret == GNUTLS_E_GOT_APPLICATION_DATA) this single `if` is really hard to follow, could you split it up and comments explaining what's happening? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320#note_406699942 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 15:57:22 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 13:57:22 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete (!1320) In-Reply-To: References: Message-ID: Merge Request !1320 was approved by Hubert Kario (@mention me if you need reply) Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320 Branches: tmp-renegotiation to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 15:59:46 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 13:59:46 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete (!1320) In-Reply-To: References: Message-ID: Hubert Kario (@mention me if you need reply) commented: ok, that's much better, r+ that being said, I'm not entirely convinced that we won't find similar issues, just with different messages -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320#note_406813326 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 16:16:10 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 14:16:10 +0000 Subject: [gnutls-devel] GnuTLS | Backport bug fixes from master to gnutls_3_6_x (!1317) In-Reply-To: References: Message-ID: Merge Request !1317 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317 Branches: tmp-backport-3.6 to gnutls_3_6_x Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1317 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 16:31:35 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 14:31:35 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete (!1320) In-Reply-To: References: Message-ID: Hubert Kario (@mention me if you need reply) commented: r+ -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320#note_406837436 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 16:55:11 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 14:55:11 +0000 Subject: [gnutls-devel] GnuTLS | Fix padlock partial PHE detection and sizeof usage (!1316) In-Reply-To: References: Message-ID: Sahana Prasad commented: LGTM -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1316#note_406853931 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 16:55:13 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 14:55:13 +0000 Subject: [gnutls-devel] GnuTLS | Fix padlock partial PHE detection and sizeof usage (!1316) In-Reply-To: References: Message-ID: Merge Request !1316 was approved by Sahana Prasad Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1316 Branches: tmp-sizeof to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1316 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 17:01:53 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 15:01:53 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete [3.6.x] (!1321) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1321 Branches: tmp-renegotiation-3_6_x to gnutls_3_6_x Author: Daiki Ueno Same as !1320, but for the gnutls_3_6_x branch. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1321 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 17:07:41 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 15:07:41 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete [3.6.x] (!1321) In-Reply-To: References: Message-ID: Merge Request !1321 was approved by Hubert Kario (@mention me if you need reply) Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1321 Branches: tmp-renegotiation-3_6_x to gnutls_3_6_x Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1321 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 17:08:29 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 15:08:29 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete [3.6.x] (!1321) In-Reply-To: References: Message-ID: Hubert Kario (@mention me if you need reply) commented: r+, looks to be the same thing as in !1320 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1321#note_406862951 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 17:56:32 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 15:56:32 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete (!1320) In-Reply-To: References: Message-ID: All discussions on Merge Request !1320 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1320 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 17:57:12 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 15:57:12 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete (!1320) In-Reply-To: References: Message-ID: Merge Request !1320 was scheduled to merge after pipeline succeeds by Daiki Ueno Merge Request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320 Branches: tmp-renegotiation to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 17:57:28 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 15:57:28 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete [3.6.x] (!1321) In-Reply-To: References: Message-ID: Merge Request !1321 was scheduled to merge after pipeline succeeds by Daiki Ueno Merge Request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1321 Branches: tmp-renegotiation-3_6_x to gnutls_3_6_x Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1321 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 17:57:08 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 15:57:08 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete (!1320) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you for the review. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320#note_406900980 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 18:26:46 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 16:26:46 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion on tests/key-import-export.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406928513 > if (ret < 0) > fail("error\n"); > > + /* Optional arguments */ > + ret = gnutls_privkey_import_rsa_raw(key, &_rsa_m, &_rsa_e, &_rsa_d, &_rsa_p, &_rsa_q, NULL, NULL, NULL); Yes, that's exactly what I was thinking. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406928513 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 18:27:13 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 16:27:13 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) In-Reply-To: References: Message-ID: All discussions on Merge Request !1318 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1318 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 18:27:58 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 16:27:58 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) In-Reply-To: References: Message-ID: Merge Request !1318 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318 Project:Branches: nsivov/gnutls:rsa_privkey_import to gnutls/gnutls:master Author: Nikolay Sivov Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 18:28:09 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 16:28:09 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318#note_406929793 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 18:27:43 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 16:27:43 +0000 Subject: [gnutls-devel] GnuTLS | Fix optional arguments handling in gnutls_privkey_import_rsa_raw() (!1318) In-Reply-To: References: Message-ID: Merge Request !1318 was approved by Daiki Ueno Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318 Project:Branches: nsivov/gnutls:rsa_privkey_import to gnutls/gnutls:master Author: Nikolay Sivov Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1318 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 18:28:36 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 16:28:36 +0000 Subject: [gnutls-devel] GnuTLS | Unintended use of sizeof() on pointer (#1076) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1316 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1316) Issue #1076: https://gitlab.com/gnutls/gnutls/-/issues/1076 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1076 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 18:28:36 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 16:28:36 +0000 Subject: [gnutls-devel] GnuTLS | Fix padlock partial PHE detection and sizeof usage (!1316) In-Reply-To: References: Message-ID: Merge Request !1316 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1316 Branches: tmp-sizeof to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1316 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 18:28:41 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 16:28:41 +0000 Subject: [gnutls-devel] GnuTLS | Fix padlock partial PHE detection and sizeof usage (!1316) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thanks for the review. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1316#note_406930324 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 3 19:20:29 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Sep 2020 17:20:29 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete (!1320) In-Reply-To: References: Message-ID: Merge Request !1320 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320 Branches: tmp-renegotiation to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1320 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 04:40:33 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 02:40:33 +0000 Subject: [gnutls-devel] GnuTLS | Why does gnutls need to judge whether it supports FMA when detecting the extended instruction set AVX (#1083) References: Message-ID: zzjianhui created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1083 In x86-common.c, Need to satisfy OSXSAVE, FMA and MOVBE are all 1 in order to use AVX. But in intel manual, only need to check OSXSAVE and AVX feature flags. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1083 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 07:02:30 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 05:02:30 +0000 Subject: [gnutls-devel] GnuTLS | handshake: reject no_renegotiation alert if handshake is incomplete [3.6.x] (!1321) In-Reply-To: References: Message-ID: Merge Request !1321 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1321 Branches: tmp-renegotiation-3_6_x to gnutls_3_6_x Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1321 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 11:57:24 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 09:57:24 +0000 Subject: [gnutls-devel] GnuTLS | cert-session: check OCSP error responses (!1308) In-Reply-To: References: Message-ID: Daiki Ueno commented: This introduces a behavior difference in the OCSP response handling (previously the errors were fatal, now it's up to the application to decide). Let's not backport this to 3.6.x. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1308#note_407420249 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 11:58:18 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 09:58:18 +0000 Subject: [gnutls-devel] GnuTLS | Fix two issues about certtool and passwords (!1268) In-Reply-To: References: Message-ID: Daiki Ueno commented: This introduces a behavior difference in those tools; let's only keep this in master for now. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1268#note_407421539 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 14:26:58 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 12:26:58 +0000 Subject: [gnutls-devel] GnuTLS | Uninitialized lock when using pkcs11 private key for signing (#1060) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno Issue #1060: https://gitlab.com/gnutls/gnutls/-/issues/1060 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1060 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 14:26:57 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 12:26:57 +0000 Subject: [gnutls-devel] GnuTLS | Uninitialized lock when using pkcs11 private key for signing (#1060) In-Reply-To: References: Message-ID: Daiki Ueno commented: Sorry for the delay, it was also blocked by test failures in Gnulib: https://lists.gnu.org/r/bug-gnulib/2020-08/msg00220.html Fedora update: https://bodhi.fedoraproject.org/updates/FEDORA-2020-d12739ca45 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1060#note_407518551 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 14:28:52 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 12:28:52 +0000 Subject: [gnutls-devel] GnuTLS | WIP: Dynamic downloading of missing intermediate CAs via gnutls-cli using the option 'ca-auto-retrieve' (!1319) In-Reply-To: References: Message-ID: Daiki Ueno commented: @sahprasa is there anything left to be done before removing "WIP:"? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319#note_407519875 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 15:19:50 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 13:19:50 +0000 Subject: [gnutls-devel] GnuTLS | Dynamic downloading of missing intermediate CAs via gnutls-cli using the option 'ca-auto-retrieve' (!1319) In-Reply-To: References: Message-ID: All discussions on Merge Request !1319 were resolved by Sahana Prasad https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 15:19:45 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 13:19:45 +0000 Subject: [gnutls-devel] GnuTLS | Dynamic downloading of missing intermediate CAs via gnutls-cli using the option 'ca-auto-retrieve' (!1319) In-Reply-To: References: Message-ID: Sahana Prasad commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319#note_407553653 Nope, there wasn't anything left, I just forgot to remove it :) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319#note_407553653 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 17:51:16 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 15:51:16 +0000 Subject: [gnutls-devel] GnuTLS | Dynamic downloading of missing intermediate CAs via gnutls-cli using the option 'ca-auto-retrieve' (!1319) In-Reply-To: References: Message-ID: Merge Request !1319 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 Project:Branches: sahprasa/gnutls:gnutls-cli-aia to gnutls/gnutls:master Author: Sahana Prasad Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 17:51:16 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 15:51:16 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli: Support AIA (downloading intermediate certs) (#968) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1319 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1319) Issue #968: https://gitlab.com/gnutls/gnutls/-/issues/968 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/968 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 4 17:51:29 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Sep 2020 15:51:29 +0000 Subject: [gnutls-devel] GnuTLS | Dynamic downloading of missing intermediate CAs via gnutls-cli using the option 'ca-auto-retrieve' (!1319) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1319#note_407647632 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 06:32:48 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 04:32:48 +0000 Subject: [gnutls-devel] =?utf-8?q?GnuTLS_=7C_What_is_the_difference_betwe?= =?utf-8?q?en_SHA512_=28partial=29_accelerator_and_Original_padlock_PHE?= =?utf-8?b?77yfICgjMTA3NSk=?= In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno Issue #1075: https://gitlab.com/gnutls/gnutls/-/issues/1075 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1075 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 06:38:48 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 04:38:48 +0000 Subject: [gnutls-devel] GnuTLS | GnuTLS connection get slow and fragmented (#1072) In-Reply-To: References: Message-ID: An0nl!br3 commented: ![gnutlsissue](/uploads/9e54d0b5d77ab9a2c1bcc9a45aa1e425/gnutlsissue.png) Does these 2 messages add something new? (This is from Debian Stretch) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1072#note_407807211 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 07:35:41 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 05:35:41 +0000 Subject: [gnutls-devel] GnuTLS | CVE-2020-24659: read-heap-buffer-overflow found by fuzz (#1071) In-Reply-To: References: Message-ID: Milestone changed to Release of GnuTLS 3.7.0 (Jun 3, 2020?Sep 3, 2020) ( https://gitlab.com/gnutls/gnutls/-/milestones/20 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1071 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 07:35:57 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 05:35:57 +0000 Subject: [gnutls-devel] GnuTLS | Unintended use of sizeof() on pointer (#1076) In-Reply-To: References: Message-ID: Milestone changed to Release of GnuTLS 3.7.0 (Jun 3, 2020?Sep 3, 2020) ( https://gitlab.com/gnutls/gnutls/-/milestones/20 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1076 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 07:36:14 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 05:36:14 +0000 Subject: [gnutls-devel] GnuTLS | DTLS priority enables TLS1.2 (#1054) In-Reply-To: References: Message-ID: Milestone changed to Release of GnuTLS 3.7.0 (Jun 3, 2020?Sep 3, 2020) ( https://gitlab.com/gnutls/gnutls/-/milestones/20 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1054 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 07:35:08 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 05:35:08 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli: Support AIA (downloading intermediate certs) (#968) In-Reply-To: References: Message-ID: Milestone changed to Release of GnuTLS 3.7.0 (Jun 3, 2020?Sep 3, 2020) ( https://gitlab.com/gnutls/gnutls/-/milestones/20 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/968 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 12:08:24 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 10:08:24 +0000 Subject: [gnutls-devel] libtasn1 | Errors when cloning the repository. (#29) In-Reply-To: References: Message-ID: Daiki Ueno commented: I can't reproduce it on my machine: ```console $ git clone https://gitlab.com/gnutls/libtasn1.git Cloning into 'libtasn1'... remote: Enumerating objects: 1113, done. remote: Counting objects: 100% (1113/1113), done. remote: Compressing objects: 100% (184/184), done. remote: Total 12288 (delta 873), reused 1050 (delta 826), pack-reused 11175 Receiving objects: 100% (12288/12288), 3.44 MiB | 15.10 MiB/s, done. Resolving deltas: 100% (8208/8208), done. ``` If it still persists on your environment, I would suggest contacting the gitlab.com admin. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/29#note_407839223 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 12:20:14 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 10:20:14 +0000 Subject: [gnutls-devel] libtasn1 | Cross compilation issue (#28) In-Reply-To: References: Message-ID: Daiki Ueno commented: Yes, before the commit, `src/` only had header-only dependencies on gnulib (if `strverscmp` is available in libc). We need to link the tools to `libgnu.la`. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/28#note_407840122 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 13:58:37 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 11:58:37 +0000 Subject: [gnutls-devel] libtasn1 | src: link against libgnu.la for "c-ctype.h" symbols (!69) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/libtasn1/-/merge_requests/69 Branches: tmp-gnulib to master Author: Daiki Ueno libtasn1.la now uses functions from "c-ctype.h", which needs the tools to be linked with libgnu.la. Fixes #28. ## Checklist * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated ## Reviewer's checklist: * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent with other code * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/69 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 20:05:36 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 18:05:36 +0000 Subject: [gnutls-devel] GnuTLS | Why does gnutls need to judge whether it supports FMA when detecting the extended instruction set AVX (#1083) In-Reply-To: References: Message-ID: Daiki Ueno commented: Indeed a good catch; I don't think GnuTLS (nor the copied assembly code from cryptogams) uses FMA. Let's remove it from the check. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1083#note_407923332 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 20:08:55 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 18:08:55 +0000 Subject: [gnutls-devel] GnuTLS | GnuTLS connection get slow and fragmented (#1072) In-Reply-To: References: Message-ID: Daiki Ueno commented: That's interesting (especially the first one). Perhaps you could try with `%NO_EXTENSIONS` so the client doesn't send any limit, though I don't know how to force that on Debian. @ametzler any idea? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1072#note_407924011 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 22:22:59 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 20:22:59 +0000 Subject: [gnutls-devel] GnuTLS | GnuTLS connection get slow and fragmented (#1072) In-Reply-To: References: Message-ID: Julian Andres Klode commented: FWIW, "NORMAL:%NO_EXTENSIONS" fails with - in gnutls-cli - "Status: The certificate is NOT trusted. The name in the certificate does not match the expected.", but for checking using wget --ciphers="NORMAL:%NO_EXTENSIONS" --no-check-certificate works. Unfortunately I did not add code to apt to override priority string, and `SYSTEM=...` or `NORMAL=...` in `/etc/default/gnutls-priorities` does nothing (I wonder why I had a file doing nothing, I think I was trying to disable all non-TLS-1.3/1.2 things)... -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1072#note_407950365 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 5 22:38:24 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 20:38:24 +0000 Subject: [gnutls-devel] GnuTLS | GnuTLS connection get slow and fragmented (#1072) In-Reply-To: References: Message-ID: Julian Andres Klode commented: I also suggested doing the same test over a VPN, so that it is routed differently, so that you can see how this looks normally. Because I have not heard any issues from other people. Not sure if useful, but I'm at a loss here. Kind of looking forward to the day when I can dump gnutls for openssl in apt. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1072#note_407952704 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 00:06:41 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 22:06:41 +0000 Subject: [gnutls-devel] GnuTLS | Mailing list not working? (#1085) References: Message-ID: Thomas Deutschmann created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1085 Hi, is gnutls-devel at gnu.org not working? I was able to subscribe but posting to that mailing list fails with ``` Reporting-MTA: dns; smtp.gentoo.org X-Postfix-Queue-ID: A447B335D3C X-Postfix-Sender: rfc822; @gentoo.org Arrival-Date: Sat, 5 Sep 2020 21:55:45 +0000 (UTC) Final-Recipient: rfc822; gnutls-devel at gnu.org Original-Recipient: rfc822;gnutls-devel at gnu.org Action: failed Status: 5.0.0 Remote-MTA: dns; eggs.gnu.org Diagnostic-Code: smtp; 550-Callout verification failed: 550 550 Unrouteable address ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1085 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 00:15:51 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 05 Sep 2020 22:15:51 +0000 Subject: [gnutls-devel] GnuTLS | dtls-with-seccomp and dtls-client-with-seccomp tests are failing (#1086) References: Message-ID: Thomas Deutschmann created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1086 Hi, [for quite some time](https://lists.gnutls.org/pipermail/gnutls-devel/2018-May/008558.html), dtls tests with seccomp are failing on Gentoo Linux: ``` FAIL: dtls-with-seccomp ======================= trying: dtls1.0 client:113: client: Handshake failed FAIL dtls-with-seccomp (exit status: 1) FAIL: dtls-client-with-seccomp ============================== testing seccomp with dtls1.2 server:225: server: Handshake has failed (The TLS connection was non-properly terminated.) FAIL dtls-client-with-seccomp (exit status: 1) ``` Full [build.log](/uploads/873f28c3791b6fe2f6927905c98d1dea/build.log) Any idea? In case it does matter, system's kernel has SECCOMP support: ``` # zgrep SECC /proc/config.gz CONFIG_SECCOMP=y CONFIG_HAVE_ARCH_SECCOMP_FILTER=y CONFIG_SECCOMP_FILTER=y ``` System details: ``` Portage 3.0.4 (python 3.8.5-final-0, default/linux/amd64/17.1, gcc-10.2.0, glibc-2.32-r1, 5.8.5-gentoo-x86_64 x86_64) ================================================================= System uname: Linux-5.8.5-gentoo-x86_64-x86_64-AMD_Ryzen_Threadripper_3970X_32-Core_Processor-with-glibc2.2.5 KiB Mem: 38432224 total, 4667120 free KiB Swap: 8388604 total, 8219220 free Timestamp of repository gentoo: Sat, 05 Sep 2020 12:15:01 +0000 Head commit of repository gentoo: fc6cbdcca3e9d9506c4ab74ad86818883bbe4155 sh bash 5.0_p18 ld GNU ld (Gentoo 2.34 p6) 2.34.0 distcc 3.3.3 x86_64-pc-linux-gnu [disabled] ccache version 3.7.11 [enabled] app-shells/bash: 5.0_p18::gentoo dev-lang/perl: 5.30.3-r1::gentoo dev-lang/python: 2.7.18-r1::gentoo, 3.6.12::gentoo, 3.7.9::gentoo, 3.8.5::gentoo, 3.9.0_rc1::gentoo dev-util/ccache: 3.7.11::gentoo dev-util/cmake: 3.18.1::gentoo sys-apps/baselayout: 2.7::gentoo sys-apps/openrc: 0.42.1::gentoo sys-apps/sandbox: 2.20::gentoo sys-devel/autoconf: 2.13-r1::gentoo, 2.69-r5::gentoo sys-devel/automake: 1.14.1-r2::gentoo, 1.15.1-r2::gentoo, 1.16.2::gentoo sys-devel/binutils: 2.34-r2::gentoo sys-devel/gcc: 9.3.0-r1::gentoo, 10.2.0-r1::gentoo sys-devel/gcc-config: 2.3.1::gentoo sys-devel/libtool: 2.4.6-r6::gentoo sys-devel/make: 4.3::gentoo sys-kernel/linux-headers: 5.8::gentoo (virtual/os-headers) sys-libs/glibc: 2.32-r1::gentoo ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1086 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 07:36:43 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 05:36:43 +0000 Subject: [gnutls-devel] GnuTLS | Mailing list not working? (#1085) In-Reply-To: References: Message-ID: Issue was closed by Andreas Metzler Issue #1085: https://gitlab.com/gnutls/gnutls/-/issues/1085 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1085 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 07:36:43 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 05:36:43 +0000 Subject: [gnutls-devel] GnuTLS | Mailing list not working? (#1085) In-Reply-To: References: Message-ID: Andreas Metzler commented: https://www.gnutls.org/support.html says ~~~ | gnutls-devel@[...] | Read-only Mailing list which receives the traffic from gitlab.com/gnutls. | ~~~ and mails from the list have "Read-only notification of GnuTLS library development activities From gnutls-devel at lists.gnutls.org Sun Sep 6 07:43:11 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 05:43:11 +0000 Subject: [gnutls-devel] GnuTLS | Mailing list not working? (#1085) In-Reply-To: References: Message-ID: Andreas Metzler commented: Sorry, missed the fact that you were talking about @gnu.org instead of @gnutls.org. The former should be "@lists.gnu.org", shouldn't it? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1085#note_408003065 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 07:43:12 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 05:43:12 +0000 Subject: [gnutls-devel] GnuTLS | Mailing list not working? (#1085) In-Reply-To: References: Message-ID: Issue was reopened by Andreas Metzler Issue 1085: https://gitlab.com/gnutls/gnutls/-/issues/1085 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1085 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 08:54:23 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 06:54:23 +0000 Subject: [gnutls-devel] GnuTLS | Mailing list not working? (#1085) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1085#note_408012308 In any case we no longer use the @gnu.org mailing lists, and gnutls-devel mailing list was made read-only a while ago in favor of gitlab issues: https://lists.gnupg.org/pipermail/gnutls-devel/2018-July/008578.html Let's use the gnutls-help mailing list for general discussions including development topics: https://lists.gnupg.org/mailman/listinfo/gnutls-help -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1085#note_408012308 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 08:58:58 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 06:58:58 +0000 Subject: [gnutls-devel] GnuTLS | build: hard require nettle 3.6 (!1322) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1322 Branches: tmp-nettle-3.6 to master Author: Daiki Ueno This allows us to remove several backports, including XTS, CFB8, raw-ChaCha, CMAC, Curve448, and the GOST curves and hashes. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1322 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 09:47:36 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 07:47:36 +0000 Subject: [gnutls-devel] GnuTLS | WIP: build: hard require nettle 3.6 (!1322) In-Reply-To: References: Message-ID: Daiki Ueno commented: OK, we need to wait a bit until nettle 3.6 is widely available. The current downstream situations are: - Debian: only testing/unstable has 3.6 - Fedora: only Fedora 33 (unreleased) has 3.6 - Alpine: only edge has 3.6 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1322#note_408031678 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 16:33:41 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 14:33:41 +0000 Subject: [gnutls-devel] GnuTLS | dtls-with-seccomp and dtls-client-with-seccomp tests are failing (#1086) In-Reply-To: References: Message-ID: Daiki Ueno commented: Could you perhaps try to run those tests under strace and figure out which syscall is offending, after removing the [seccomp installation](https://gitlab.com/gnutls/gnutls/-/blob/master/tests/dtls-with-seccomp.c#L193)? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1086#note_408083453 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 16:44:45 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 14:44:45 +0000 Subject: [gnutls-devel] GnuTLS | Mailing list not working? (#1085) In-Reply-To: References: Message-ID: Thomas Deutschmann commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1085#note_408084482 Any chance to get this displayed on lists.gnupg.org? Like I just did a simple search for 'gnutls mailing list' which brought me to https://lists.gnu.org/mailman/listinfo/gnutls-devel. And if possible disable subscription, like I was able to subscribe but just posting to list failed. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1085#note_408084482 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 16:56:45 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 14:56:45 +0000 Subject: [gnutls-devel] GnuTLS | dtls-with-seccomp and dtls-client-with-seccomp tests are failing (#1086) In-Reply-To: References: Message-ID: Thomas Deutschmann commented: Looks like ```__NR_clock_nanosleep```. [dtls-client-with-seccomp.strace.log](/uploads/bf3ac4e5044f4dab8862bbcbc2d7123d/dtls-client-with-seccomp.strace.log) [dtls-wo-seccomp.strace.log](/uploads/d3425f01ca80d44acc21fb5187d7356d/dtls-wo-seccomp.strace.log) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1086#note_408085656 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 18:14:12 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 16:14:12 +0000 Subject: [gnutls-devel] GnuTLS | dtls-with-seccomp and dtls-client-with-seccomp tests are failing (#1086) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1086#note_408096329 Thank you; indeed it's missing while `nanosleep` is allowed. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1086#note_408096329 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 6 22:52:10 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Sep 2020 20:52:10 +0000 Subject: [gnutls-devel] GnuTLS | Make private exponent optional in gnutls_privkey_import_rsa_raw() (!1323) References: Message-ID: Nikolay Sivov created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1323 Project:Branches: nsivov/gnutls:rsa_privkey_prive to gnutls/gnutls:master Author: Nikolay Sivov The intent is to make porting from Windows code using bcrypt easier, and to simplify alternative implementations following bcrypt API. BCryptImportKeyPair(BCRYPT_RSAPRIVATE_BLOB) takes modulus, encryption exponent, and primes on input. Once imported it's possible to export with same reduced set of parameters or with full set, including E1/E2 exponents and a coefficient. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1323 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 7 05:15:44 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Sep 2020 03:15:44 +0000 Subject: [gnutls-devel] GnuTLS | padlock: fix exception in wrap_padlock_hmac_fast (!1324) References: Message-ID: zzjianhui created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1324 Project:Branches: zzjianhui/gnutls:master to gnutls/gnutls:master Author: zzjianhui In function wrap_padlock_hmac_fast(), Try to free local variable ctx by call wrap_padlock_hmac_deinit(). Remove a call to deinit() to fix a crash. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1324 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 7 10:54:19 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Sep 2020 08:54:19 +0000 Subject: [gnutls-devel] GnuTLS | tests: allow clock_nanosleep in seccomp tests (!1325) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 Branches: tmp-clock_nanosleep to master Author: Daiki Ueno The nanosleep wrapper in glibc has changed the implementation using the clock_nanosleep syscall: https://sourceware.org/git/?p=glibc.git;a=commit;h=3537ecb49cf7177274607004c562d6f9ecc99474 This should have been caught if we used the latest distro images in the CI, which is now bumped to Fedora 32. Fixes #1086. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 10 11:09:56 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Sep 2020 09:09:56 +0000 Subject: [gnutls-devel] libtasn1 | src: link against libgnu.la for "c-ctype.h" symbols (!69) In-Reply-To: References: Message-ID: Daiki Ueno commented: Since this is trivial, I'm merging this without approval. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/69#note_410388289 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 10 11:10:02 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Sep 2020 09:10:02 +0000 Subject: [gnutls-devel] libtasn1 | src: link against libgnu.la for "c-ctype.h" symbols (!69) In-Reply-To: References: Message-ID: Merge Request !69 was merged Merge Request URL: https://gitlab.com/gnutls/libtasn1/-/merge_requests/69 Branches: tmp-gnulib to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/69 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 10 11:10:02 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Sep 2020 09:10:02 +0000 Subject: [gnutls-devel] libtasn1 | Cross compilation issue (#28) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !69 (https://gitlab.com/gnutls/libtasn1/-/merge_requests/69) Issue #28: https://gitlab.com/gnutls/libtasn1/-/issues/28 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/28 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 11 08:41:35 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 11 Sep 2020 06:41:35 +0000 Subject: [gnutls-devel] GnuTLS | Service Desk (from robert.merget@rub.de): Raccoon Attack: A new cryptographic Attack on TLS (#1005) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno Issue #1005: https://gitlab.com/gnutls/gnutls/-/issues/1005 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1005 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 12 17:37:54 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 12 Sep 2020 15:37:54 +0000 Subject: [gnutls-devel] GnuTLS | [MSVC] lib/algorithms/protocols.c (#267) In-Reply-To: References: Message-ID: Daiki Ueno commented: I would rather rewrite those loop macros with inline functions; recent compilers emit mostly equivalent code even if there is an extra pointer indirection. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/267#note_411668029 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 12 18:55:57 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 12 Sep 2020 16:55:57 +0000 Subject: [gnutls-devel] GnuTLS | [OSX, GnuTLS 3.6.15] "sed -i" requires null-length arg. if in-place editing doesn't require a backup file (#1088) References: Message-ID: christian wagner created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1088 ** Summary: On Mac OSX, at least, a null-length arg. is to be given to sed's "-i" option if one does not require that sed creates a backup file whilst in-place editing. ** Steps to reproduce: >From the directory where GnuTLS 3.6.15 is extracted: 1) issue the command: make -C doc install-info 2) the processing stumble on: pkcs11-api.texi abstract-api.texi compat-api.texi dtls-api.texi crypto-api.texi ocsp-api.texi dane-api.texi pkcs7-api.texi; do \ ./scripts/split-texi.pl functions < $i; \ done /usr/bin/sed -i 's/\@anchor{.*//g' functions/* sed: 1: "functions/dane_cert_typ ...": invalid command code f ** Reason of failure: The reason is that, at least on Max OSX Yosemite, the "-i" option of sed is meant to call for an in-place editing and to define the extension to use for the backup file. If no backup file is desired, the parameter to the "-i" option is to be of length 0. The current Makefile specifies extension at all which, on OSX (at least), does _not_ equate to an 0-length extension. ** Possible solution: This diff output shows a possible solution: $ diff -c Makefile.in Makefile.in.orig *** Makefile.in 2020-09-10 11:53:09.000000000 +0100 --- Makefile.in.orig 2020-09-10 11:51:27.000000000 +0100 *************** *** 5095,5102 **** for i in $^; do \ $(srcdir)/scripts/split-texi.pl functions < $$i; \ done ! $(SED) -i "" 's/\@anchor{.*//g' functions/* ! $(SED) -i "" 's/\@subheading.*//g' functions/* cd functions && for i in *;do grep ^"@deftypefun" $$i | $(SED) 's/@deftypefun/@item/g;s/ {/ @var{/;s/ {/ @ref{/' > ../functions/$$i.short;done echo $@ > $@ --- 5095,5102 ---- for i in $^; do \ $(srcdir)/scripts/split-texi.pl functions < $$i; \ done ! $(SED) -i 's/\@anchor{.*//g' functions/* ! $(SED) -i 's/\@subheading.*//g' functions/* cd functions && for i in *;do grep ^"@deftypefun" $$i | $(SED) 's/@deftypefun/@item/g;s/ {/ @var{/;s/ {/ @ref{/' > ../functions/$$i.short;done echo $@ > $@ ** Platform: Macboook running Yosemite (10.10.5) $ uname -a Darwin ... 14.5.0 Darwin Kernel Version 14.5.0: Sun Jun 4 21:40:08 PDT 2017; root:xnu-2782.70.3~1/RELEASE_X86_64 x86_64 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1088 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 12 22:37:38 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 12 Sep 2020 20:37:38 +0000 Subject: [gnutls-devel] GnuTLS | Error: ARM register expected -- `ldr x16, .L_gnutls_arm_cpuid_s'in sha1-armv8 (#1089) References: Message-ID: Sab24 created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1089 ## Description of problem: Cross compilation fails for specific arm assembly instructions in sha1-armv8 ## Version of gnutls used: HEAD ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) Archlinux, building from source, cross-compiling for armv7 ## How reproducible: ``` git clone https://gitlab.com/gnutls/gnutls.git cd gnutls ./bootstrap ./configure --host=armv8-rpi3-linux-gnueabihf --prefix=/home/buildbot/x-tools/armv8-rpi3-linux-gnueabihf/armv8-rpi3-linux-gnueabihf/sysroot/usr --with-included-unistring make ``` ## Actual results: ``` configure: summary of build options: version: 3.6.14 shared 58:0:28 Host/Target system: armv8-rpi3-linux-gnueabihf Build system: x86_64-pc-linux-gnu Install prefix: /home/bartsmink/x-tools/armv8-rpi3-linux-gnueabihf/armv8-rpi3-linux-gnueabihf/sysroot/usr Compiler: armv8-rpi3-linux-gnueabihf-gcc Valgrind: no CFlags: -g -O2 Library types: Shared=yes, Static=no Local libopts: no Local libtasn1: no Local unistring: yes Use nettle-mini: no Documentation: yes (manpages: yes) configure: External hardware support: /dev/crypto: no Hardware accel: aarch64 Padlock accel: no Random gen. variant: getrandom PKCS#11 support: yes TPM support: no configure: Optional features: (note that included applications might not compile properly if features are disabled) SSL3.0 support: no SSL2.0 client hello: yes Allow SHA1 sign: no DTLS-SRTP support: yes ALPN support: yes OCSP support: yes SRP support: yes PSK support: yes DHE support: yes ECDHE support: yes GOST support: yes Anon auth support: yes Heartbeat support: yes IDNA support: IDNA 2008 (libidn2) Non-SuiteB curves: yes FIPS140 mode: no Strict DER time: yes configure: Optional libraries: Guile wrappers: no C++ library: yes DANE library: no OpenSSL compat: no configure: System files: Trust store pkcs11: Trust store dir: Trust store file: Blacklist file: CRL file: Configuration file: /etc/gnutls/config DNSSEC root key file: /etc/unbound/root.key configure: WARNING: *** *** The DNSSEC root key file in /etc/unbound/root.key was not found. *** This file is needed for the verification of DNSSEC responses. *** Use the command: unbound-anchor -a "/etc/unbound/root.key" *** to generate or update it. *** ``` ``` CC aes-ccm-aarch64.lo CCAS elf/sha1-armv8.lo lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S: Assembler messages: lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:13: Error: ARM register expected -- `ldr x16,.L_gnutls_arm_cpuid_s' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:15: Error: ARM register expected -- `adr x17,.L_gnutls_arm_cpuid_s' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:16: Error: ARM register expected -- `add x16,x16,x17' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:17: Error: ARM register expected -- `ldr w16,[x16]' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:18: Error: ARM register expected -- `tst w16,#(1<<3)' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:19: Error: unexpected character `n' in type specifier lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:19: Error: bad instruction `b.ne .Lv8_entry' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:21: Error: bad instruction `stp x29,x30,[sp,#-96]!' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:22: Error: ARM register expected -- `add x29,sp,#0' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:23: Error: bad instruction `stp x19,x20,[sp,#16]' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:24: Error: bad instruction `stp x21,x22,[sp,#32]' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:25: Error: bad instruction `stp x23,x24,[sp,#48]' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:26: Error: bad instruction `stp x25,x26,[sp,#64]' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:27: Error: bad instruction `stp x27,x28,[sp,#80]' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:29: Error: bad instruction `ldp w20,w21,[x0]' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:30: Error: bad instruction `ldp w22,w23,[x0,#8]' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:31: Error: ARM register expected -- `ldr w24,[x0,#16]' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:34: Error: ARM register expected -- `ldr x3,[x1],#64' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:35: Error: bad instruction `movz w28,#0x7999' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:36: Error: ARM register expected -- `sub x2,x2,#1' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:37: Error: bad instruction `movk w28,#0x5a82,lsl#16' lib/accelerated/aarch64/elf/sha1-armv8.s.tmp.S:41: Error: bad instruction `rev32 x3,x3' ``` ## Expected results: Compilation of the project -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1089 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 13 06:46:13 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 13 Sep 2020 04:46:13 +0000 Subject: [gnutls-devel] GnuTLS | testsuite - inconsistent usage of SERV causing problems when using for CI (#1090) References: Message-ID: Andreas Metzler created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1090 Hello, big parts of the gnutls-testsuite can be used for testing the installed version of GnuTLS by setting $CLI, $SERV et al. However _some_ tests use a different convention, they use $GNUTLS_SERV/$GNUTLS_CLI. These often rely on a *unset* $SERV since they use the helper function ```launch_bare_server``` (which invokes $SERV is set) like this > launch_bare_server $$ "${GNUTLS_SERV}" --options [...] instead of > SERV="${SERV:-../src/gnutls-serv${EXEEXT}}" > launch_bare_server $$ --options [...] or use ```launch_bare_server``` to start s_server. Can we unify this? Either by using ${GNUTLS_SERV} everywhere or by using $SERV everyhere and explicitely unsetting SERV when using ```launch_bare_server``` to start s_server. I can try to come up with a patch if you agree. cu Andreas -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1090 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 13 06:56:23 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 13 Sep 2020 04:56:23 +0000 Subject: [gnutls-devel] GnuTLS | Dead code in tests/gnutls-cli-debug.sh - GOST (#1091) References: Message-ID: Andreas Metzler created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1091 Hello, in 3.6.15 some parts of tests/gnutls-cli-debug.sh are conditional on ```sh if test "${ENABLE_GOST}" = "1" && test "${GNUTLS_FORCE_FIPS_MODE}" != 1 ; then ``` but this code is never run since tests/Makefile.am lacks ```make if ENABLE_GOST TESTS_ENVIRONMENT += ENABLE_GOST=1 ``` like tests/cert-tests/Makefile.am does. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1091 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 13 09:59:12 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 13 Sep 2020 07:59:12 +0000 Subject: [gnutls-devel] GnuTLS | testsuite - inconsistent usage of SERV causing problems when using for CI (#1090) In-Reply-To: References: Message-ID: Daiki Ueno commented: I'd say it would be better not to rely on any implicit shell-variable (`$SERV` in this case; if we do we should document it). Also it would be safer to use `"$@"` rather than `$*` in the function. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1090#note_411751419 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 13 10:04:23 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 13 Sep 2020 08:04:23 +0000 Subject: [gnutls-devel] GnuTLS | Dead code in tests/gnutls-cli-debug.sh - GOST (#1091) In-Reply-To: References: Message-ID: Daiki Ueno commented: Indeed a good catch; would you like to submit an MR? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1091#note_411751758 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 13 10:19:00 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 13 Sep 2020 08:19:00 +0000 Subject: [gnutls-devel] GnuTLS | [OSX, GnuTLS 3.6.15] "sed -i" requires null-length arg. if in-place editing doesn't require a backup file (#1088) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you for the report. That part (the `stamp_functions` rule) is designed to be run by the maintainers to produce a distribution tarball, rather than by the users to install from the tarball, which should contain all the necessary files including the generated ones. Thus my question is how you encounter the issue. If you build from git or do bootstrapping for some reason, then you would nevertheless need a GNU compatible sed; it can be specified with `SED=gsed ./configure ...` or something like that. If you see the error when building from a release tarball, then I suspect something is going wrong in the tarball itself or on your environment (e.g., clock skew). -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1088#note_411752843 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 13 18:23:25 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 13 Sep 2020 16:23:25 +0000 Subject: [gnutls-devel] GnuTLS | [OSX, GnuTLS 3.6.15] "sed -i" requires null-length arg. if in-place editing doesn't require a backup file (#1088) In-Reply-To: References: Message-ID: christian wagner commented: @dueno. Thanks for looking into this. To answer your question: I used one of the tarballs (gnutls-3.6.15.tar.xz, more precisely) and you encounter the problem when you execute "make". One thing which did surprise me is that, despite the ".info" files being already in the "doc" directory, "make" (or "make install") still seems to try to re-create them. A note on your comment re. a gnu-compatible sed: First, if such is the case, it should be mentioned ion the i[config.log](/uploads/739362d53a0e97ae5511510a44b40711/config.log)nstallation guidelines. Second, sed on Mac OSX seems to behave similarly to sed on the UNIX versions from the BSD family (OpenBSD, FreeBSD, etc). I would suggest that asking to install the GNU version of sed to compile GnuTLS's is a bit far-fetched. Assuming that the ".info" files do have to be recreated on the spot, there are other ways to figure out whether the "-i" option can be used as per GNU's sed or as per BSD's sed, I think. (I attached my "config.log" in case this should prove useful to you.) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1088#note_411807718 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 13 23:40:34 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 13 Sep 2020 21:40:34 +0000 Subject: [gnutls-devel] GnuTLS | gcc 4.8: does not contain __get_cpuid_count() (#812) In-Reply-To: References: Message-ID: S?rgio Basto commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/812#note_411845313 This issue talks about 3 different problems but all related with Centos 7 1 - "does not contain get_cpuid_count" is fixed 2 - "error: storage size of 'rsa_pss_params' isn't known" we may disable p11-kit or maybe update p11-kit 3 - "undefined reference to `mpn_zero_p'" seems we may need gmp-6.1.0 base on commit https://github.com/gnutls/nettle/commit/4489fd6fec38deadf58058c1ca8a16f8c597be95 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/812#note_411845313 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 15 04:41:21 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Sep 2020 02:41:21 +0000 Subject: [gnutls-devel] GnuTLS | avx:fix avx detection (!1326) References: Message-ID: zzjianhui created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1326 Project:Branches: zzjianhui/gnutls:fix-avx-detection to gnutls/gnutls:master Author: zzjianhui Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1326 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 15 06:08:52 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Sep 2020 04:08:52 +0000 Subject: [gnutls-devel] GnuTLS | Cannot connect to github.com, download.mono-project.com (#990) In-Reply-To: References: Message-ID: GnuTLS bot commented: @boekhold This issue is unlabelled after 30 days. It needs attention. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/990#note_412618833 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 15 06:08:49 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Sep 2020 04:08:49 +0000 Subject: [gnutls-devel] GnuTLS | Issues require labels (#1093) References: Message-ID: GnuTLS bot created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1093 The following issues require labels: - [ ] [Service Desk (from han at yundianr.cn): gnutls](https://gitlab.com/gnutls/gnutls/-/issues/1059) - [ ] [How can I lock gnutls_record_get_state or pending when receiving data? (Maybe bug?)](https://gitlab.com/gnutls/gnutls/-/issues/1052) - [ ] [Timing sidechannel in RSA decryption](https://gitlab.com/gnutls/gnutls/-/issues/1050) - [ ] [Cannot connect to github.com, download.mono-project.com](https://gitlab.com/gnutls/gnutls/-/issues/990) Please take care of them. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1093 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 15 06:08:51 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Sep 2020 04:08:51 +0000 Subject: [gnutls-devel] GnuTLS | How can I lock gnutls_record_get_state or pending when receiving data? (Maybe bug?) (#1052) In-Reply-To: References: Message-ID: GnuTLS bot commented: @MXWXZ This issue is unlabelled after 30 days. It needs attention. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1052#note_412618827 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 15 07:17:24 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Sep 2020 05:17:24 +0000 Subject: [gnutls-devel] GnuTLS | Issues require labels (#1093) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno Issue #1093: https://gitlab.com/gnutls/gnutls/-/issues/1093 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1093 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 15 08:40:25 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Sep 2020 06:40:25 +0000 Subject: [gnutls-devel] GnuTLS | Why does gnutls need to judge whether it supports FMA when detecting the extended instruction set AVX (#1083) In-Reply-To: References: Message-ID: zzjianhui commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1083#note_412666450 Hi?i remove FMA in x86-common.c, and modified the code about AVX detection. Why is there a redefinition error on i686. And in file ../../lib/nettle/backport/cmac64.h. Thank very much. !1326 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1083#note_412666450 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 15 10:01:02 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Sep 2020 08:01:02 +0000 Subject: [gnutls-devel] GnuTLS | Fix avx detection (!1326) In-Reply-To: References: Message-ID: Merge Request !1326 was closed by zzjianhui Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1326 Project:Branches: zzjianhui/gnutls:fix-avx-detection to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1326 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 15 10:45:21 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Sep 2020 08:45:21 +0000 Subject: [gnutls-devel] GnuTLS | padlock: fix exception in wrap_padlock_hmac_fast (!1324) In-Reply-To: References: Message-ID: Merge Request !1324 was closed by zzjianhui Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1324 Project:Branches: zzjianhui/gnutls:master to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1324 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 15 13:08:13 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Sep 2020 11:08:13 +0000 Subject: [gnutls-devel] GnuTLS | [OSX, GnuTLS 3.6.15] "sed -i" requires null-length arg. if in-place editing doesn't require a backup file (#1088) In-Reply-To: References: Message-ID: christian wagner commented: Hi. You were surprised that trying to install the ".info" files led "make" to process the ".texi" files in the "doc" directory. Processing these files is automatically added to the build targets after one has executed "make clean". I did indeed run "make clean" at some point. (I run "make clean" when I tried to figure out why 2 tests were failing when executing "make check", a target I always run when installing a software from sources, when the target exists. The issue reporting the 2 failing tests is 1087.) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1088#note_412846304 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 16 05:26:40 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 16 Sep 2020 03:26:40 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) References: Message-ID: zzjianhui created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 Project:Branches: zzjianhui/gnutls:fix-padlock to gnutls/gnutls:master Author: zzjianhui In function wrap_padlock_hmac_fast, use free to release local variables ctx. Remove a call to wrap_padlock_hmac_deinit() to fix a crash. In Zhaoxin machine, it will call padlock. So when we execute the make check, it will show Segmentation fault. The following is the result of executing the command make check before and after adding the patch On Zhaoxin machine. [test-suite.log](/uploads/6938c756c34765b5e9c2efc2079627fe/test-suite.log) [test-suite1.log](/uploads/4c891c673fca60d7a568006475d57bb5/test-suite1.log) ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 16 07:09:08 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 16 Sep 2020 05:09:08 +0000 Subject: [gnutls-devel] GnuTLS | Dead code in tests/gnutls-cli-debug.sh - GOST (#1091) In-Reply-To: References: Message-ID: Andreas Metzler commented: Daiki Ueno @dueno wrote > Indeed a good catch; would you like to submit an MR? Yes, will do. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1091#note_413357217 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 16 11:06:03 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 16 Sep 2020 09:06:03 +0000 Subject: [gnutls-devel] GnuTLS | Fix and enable GOST test in tests/gnutls-cli-debug.sh (!1328) References: Message-ID: Andreas Metzler created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328 Project:Branches: ametzler/gnutls:tmp-ametzler-1091-gost to gnutls/gnutls:master Author: Andreas Metzler See #1091 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [x] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 16 11:15:49 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 16 Sep 2020 09:15:49 +0000 Subject: [gnutls-devel] GnuTLS | Fix and enable GOST test in tests/gnutls-cli-debug.sh (!1328) In-Reply-To: References: Message-ID: Andreas Metzler commented: CI error seems to be a generic one, unrelated to the change ~~~ make[2]: Entering directory '/builds/ametzler/gnutls/build/src/gl' [...] GEN netdb.h YACC parse-datetime.c GEN signal.h [...] make all-recursive make[3]: Entering directory '/builds/ametzler/gnutls/build/src/gl' make[4]: Entering directory '/builds/ametzler/gnutls/build/src/gl' [...] CC parse-datetime.lo parse-datetime.tab.c:646:10: fatal error: parse-datetime.tab.h: No such file or directory compilation terminated. ~~~ -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328#note_413489593 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 16 12:26:35 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 16 Sep 2020 10:26:35 +0000 Subject: [gnutls-devel] GnuTLS | Fix and enable GOST test in tests/gnutls-cli-debug.sh (!1328) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328#note_413547718 Yes, that should be fixed after updating gnulib, which is currently sitting in !1325. Perhaps we should file a separate MR for that. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328#note_413547718 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 16 22:42:59 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 16 Sep 2020 20:42:59 +0000 Subject: [gnutls-devel] GnuTLS | Modifies P_hash() to hash the seed and label separately for TLS1.2 (!1329) References: Message-ID: Sahana Prasad created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 Project:Branches: sahprasa/gnutls:max_seed to gnutls/gnutls:master Author: Sahana Prasad Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist * [X] Commits have `Signed-off-by:` with name/author being identical to the commit author * [X] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [X] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code This merge request fixes #1013 This merge request modifies P_hash() to hash the seed and label separately for TLS1.2 Thereby not restricting the implementation of prf to MAX_SEED_SIZE -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 16 22:44:23 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 16 Sep 2020 20:44:23 +0000 Subject: [gnutls-devel] GnuTLS | Too small MAX_SEED_SIZE for PRF functions (#1013) In-Reply-To: References: Message-ID: Sahana Prasad commented: @rufferson , could you kindly check if this fix !1329 works for you? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1013#note_413911383 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 08:04:27 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 06:04:27 +0000 Subject: [gnutls-devel] GnuTLS | Modifies P_hash() to hash the seed and label separately for TLS1.2 (!1329) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 was reviewed by Daiki Ueno -- Daiki Ueno started a new discussion on lib/nettle/int/tls1-prf.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329#note_414066853 > - uint8_t *dst) > + uint8_t *dst, > + bool flag) I don't get the purpose of this flag (and why you feed label only in TLS 1.2), is it really needed? -- Daiki Ueno started a new discussion on lib/nettle/int/tls1-prf.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329#note_414066857 > struct hmac_sha1_ctx sha1_ctx; > uint8_t o1[MAX_PRF_BYTES]; > uint8_t cseed[MAX_SEED_SIZE]; Let's remove `cseed` entirely. -- Daiki Ueno started a new discussion on tests/tls12-prf.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329#note_414066860 > { \ > - char tmp[512]; \ > + char tmp[1024]; \ Why this? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 08:10:58 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 06:10:58 +0000 Subject: [gnutls-devel] GnuTLS | x86/padlock: Use free() on local variables (#1094) References: Message-ID: zzjianhui created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1094 ## Description of problem: In hmac-padlock.c, Call wrap_padlock_hmac_deinit() in function wrap_padlock_hmac_fast() to release local variable ctx. We must remove the call to denit() to fix the crash. I create merge request.!1327 ## Version of gnutls used: current version ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) Ubuntu20.4 ## How reproducible: When we use padlock sha512. ## Actual results: On Zhaoxin CPU, run the make check command, a segmentation error will be displayed.[test-suite.log](/uploads/cc40265950b8e5d97f8c83ef23dfbe62/test-suite.log) ## Expected results: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1094 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 08:41:00 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 06:41:00 +0000 Subject: [gnutls-devel] GnuTLS | Modifies P_hash() to hash the seed and label separately. (!1329) In-Reply-To: References: Message-ID: Sahana Prasad commented on a discussion on lib/nettle/int/tls1-prf.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329#note_414080279 > nettle_hash_digest_func *digest, > size_t digest_size, > size_t seed_size, const uint8_t *seed, > + size_t label_size, const char *label, > size_t dst_length, > - uint8_t *dst) > + uint8_t *dst, > + bool flag) Initially I thought we agreed on not making any changes in tls10 as its mechanism was different from that of tls12. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329#note_414080279 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 08:43:29 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 06:43:29 +0000 Subject: [gnutls-devel] GnuTLS | Modifies P_hash() to hash the seed and label separately. (!1329) In-Reply-To: References: Message-ID: All discussions on Merge Request !1329 were resolved by Sahana Prasad https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 08:59:54 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 06:59:54 +0000 Subject: [gnutls-devel] GnuTLS | Modifies P_hash() to hash the seed and label separately. (!1329) In-Reply-To: References: Message-ID: Daiki Ueno commented: Looks good to me, thanks! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329#note_414089632 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 08:59:57 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 06:59:57 +0000 Subject: [gnutls-devel] GnuTLS | Modifies P_hash() to hash the seed and label separately. (!1329) In-Reply-To: References: Message-ID: Merge Request !1329 was approved by Daiki Ueno Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 Project:Branches: sahprasa/gnutls:max_seed to gnutls/gnutls:master Author: Sahana Prasad Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 09:40:06 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 07:40:06 +0000 Subject: [gnutls-devel] GnuTLS | gnulib: update git submodule (!1330) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1330 Branches: tmp-gnulib to master Author: Daiki Ueno This should fix the issue compiling `parse-datetime.*` as reported in https://gitlab.com/gnutls/gnutls/-/merge_requests/1328#note_413489593. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1330 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 10:14:18 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 08:14:18 +0000 Subject: [gnutls-devel] GnuTLS | gnulib: update git submodule (!1330) In-Reply-To: References: Message-ID: Sahana Prasad commented: @dueno there are some pipeline failures -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1330#note_414138967 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 12:58:58 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 10:58:58 +0000 Subject: [gnutls-devel] GnuTLS | gnulib: update git submodule (!1330) In-Reply-To: References: Message-ID: Merge Request !1330 was approved by Sahana Prasad Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1330 Branches: tmp-gnulib to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1330 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 12:59:22 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 10:59:22 +0000 Subject: [gnutls-devel] GnuTLS | gnulib: update git submodule (!1330) In-Reply-To: References: Message-ID: Sahana Prasad commented: LGTM, Thanks! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1330#note_414276086 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 13:26:23 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 11:26:23 +0000 Subject: [gnutls-devel] GnuTLS | gnulib: update git submodule (!1330) In-Reply-To: References: Message-ID: Merge Request !1330 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1330 Branches: tmp-gnulib to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1330 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 13:27:56 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 11:27:56 +0000 Subject: [gnutls-devel] GnuTLS | Fix and enable GOST test in tests/gnutls-cli-debug.sh (!1328) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328#note_414294238 I guess the failure should now be fixed if you rebase against the master. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328#note_414294238 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 15:06:46 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 13:06:46 +0000 Subject: [gnutls-devel] GnuTLS | Fix and enable GOST test in tests/gnutls-cli-debug.sh (!1328) In-Reply-To: References: Message-ID: Merge Request !1328 was approved by Daiki Ueno Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328 Project:Branches: ametzler/gnutls:tmp-ametzler-1091-gost to gnutls/gnutls:master Author: Andreas Metzler Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 15:06:59 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 13:06:59 +0000 Subject: [gnutls-devel] GnuTLS | Fix and enable GOST test in tests/gnutls-cli-debug.sh (!1328) In-Reply-To: References: Message-ID: All discussions on Merge Request !1328 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1328 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 15:08:51 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 13:08:51 +0000 Subject: [gnutls-devel] GnuTLS | Fix and enable GOST test in tests/gnutls-cli-debug.sh (!1328) In-Reply-To: References: Message-ID: Merge Request !1328 was scheduled to merge after pipeline succeeds by Daiki Ueno Merge Request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328 Project:Branches: ametzler/gnutls:tmp-ametzler-1091-gost to gnutls/gnutls:master Author: Andreas Metzler Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 15:08:59 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 13:08:59 +0000 Subject: [gnutls-devel] GnuTLS | Fix and enable GOST test in tests/gnutls-cli-debug.sh (!1328) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328#note_414369716 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 15:37:55 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 13:37:55 +0000 Subject: [gnutls-devel] GnuTLS | Fix and enable GOST test in tests/gnutls-cli-debug.sh (!1328) In-Reply-To: References: Message-ID: Merge Request !1328 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328 Project:Branches: ametzler/gnutls:tmp-ametzler-1091-gost to gnutls/gnutls:master Author: Andreas Metzler Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1328 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 16:14:47 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 14:14:47 +0000 Subject: [gnutls-devel] GnuTLS | Modifies P_hash() to hash the seed and label separately. (!1329) In-Reply-To: References: Message-ID: Merge Request !1329 was scheduled to merge after pipeline succeeds by Daiki Ueno Merge Request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 Project:Branches: sahprasa/gnutls:max_seed to gnutls/gnutls:master Author: Sahana Prasad Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 21:37:25 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 19:37:25 +0000 Subject: [gnutls-devel] GnuTLS | Modifies P_hash() to hash the seed and label separately. (!1329) In-Reply-To: References: Message-ID: Merge Request !1329 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 Project:Branches: sahprasa/gnutls:max_seed to gnutls/gnutls:master Author: Sahana Prasad Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1329 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 17 21:37:25 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Sep 2020 19:37:25 +0000 Subject: [gnutls-devel] GnuTLS | Too small MAX_SEED_SIZE for PRF functions (#1013) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1329 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1329) Issue #1013: https://gitlab.com/gnutls/gnutls/-/issues/1013 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1013 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 18 19:54:40 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 18 Sep 2020 17:54:40 +0000 Subject: [gnutls-devel] GnuTLS | tests: allow clock_nanosleep in seccomp tests (!1325) In-Reply-To: References: Message-ID: Daiki Ueno commented: Finally the CI failures are gone; @ansasaki could you take a look? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325#note_415226094 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 19 11:49:58 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 19 Sep 2020 09:49:58 +0000 Subject: [gnutls-devel] GnuTLS | Fix inconsistent handling of $SERV environment variable in testsuite (!1331) References: Message-ID: Andreas Metzler created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1331 Project:Branches: ametzler/gnutls:tmp-ametzler-1090-testsuite to gnutls/gnutls:master Author: Andreas Metzler Fix tests which did not allow setting SERV to run testsuite against e.g. /usr/bin/gnutls-serv. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [x] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1331 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 20 17:33:41 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 20 Sep 2020 15:33:41 +0000 Subject: [gnutls-devel] GnuTLS | Make private exponent optional in gnutls_privkey_import_rsa_raw() (!1323) In-Reply-To: References: Message-ID: Merge Request !1323 was approved by Daiki Ueno Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1323 Project:Branches: nsivov/gnutls:rsa_privkey_prive to gnutls/gnutls:master Author: Nikolay Sivov Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1323 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 20 17:34:27 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 20 Sep 2020 15:34:27 +0000 Subject: [gnutls-devel] GnuTLS | Make private exponent optional in gnutls_privkey_import_rsa_raw() (!1323) In-Reply-To: References: Message-ID: Merge Request !1323 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1323 Project:Branches: nsivov/gnutls:rsa_privkey_prive to gnutls/gnutls:master Author: Nikolay Sivov Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1323 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 20 17:34:19 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 20 Sep 2020 15:34:19 +0000 Subject: [gnutls-devel] GnuTLS | Make private exponent optional in gnutls_privkey_import_rsa_raw() (!1323) In-Reply-To: References: Message-ID: Daiki Ueno commented: Looks good to me, thanks! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1323#note_415509807 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 20 17:40:09 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 20 Sep 2020 15:40:09 +0000 Subject: [gnutls-devel] GnuTLS | Fix inconsistent handling of $SERV environment variable in testsuite (!1331) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thanks; although I still see several places that can be rewritten/simplified (as I mentioned in #1090; to add it, I also hate the `FOO="${FOO:-DEF}"` idiom - it can be simply written as `: ${FOO=DEF}`), if this is a minimal change to fix your build, then that's fine. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1331#note_415512571 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 20 17:40:45 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 20 Sep 2020 15:40:45 +0000 Subject: [gnutls-devel] GnuTLS | Fix inconsistent handling of $SERV environment variable in testsuite (!1331) In-Reply-To: References: Message-ID: Merge Request !1331 was approved by Daiki Ueno Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1331 Project:Branches: ametzler/gnutls:tmp-ametzler-1090-testsuite to gnutls/gnutls:master Author: Andreas Metzler Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1331 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 07:25:25 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 05:25:25 +0000 Subject: [gnutls-devel] GnuTLS | Fix inconsistent handling of $SERV environment variable in testsuite (!1331) In-Reply-To: References: Message-ID: Merge Request !1331 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1331 Project:Branches: ametzler/gnutls:tmp-ametzler-1090-testsuite to gnutls/gnutls:master Author: Andreas Metzler Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1331 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 07:25:24 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 05:25:24 +0000 Subject: [gnutls-devel] GnuTLS | testsuite - inconsistent usage of SERV causing problems when using for CI (#1090) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1331 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1331) Issue #1090: https://gitlab.com/gnutls/gnutls/-/issues/1090 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1090 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 07:25:04 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 05:25:04 +0000 Subject: [gnutls-devel] GnuTLS | priority: add Ed448 to SECURE192 signing algorithms (!1332) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1332 Branches: tmp-default-prio to master Author: Daiki Ueno Reported Vladim?r ?un?t in: https://gitlab.com/gnutls/gnutls/-/merge_requests/984#note_349374656 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1332 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 09:02:58 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 07:02:58 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) In-Reply-To: References: Message-ID: zzjianhui commented: The error reported on i686 seems to have nothing to do with the content we modified. `parse-datetime.tab.c:646:10: fatal error: parse-datetime.tab.h: No such file or directory` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327#note_415659998 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 09:40:25 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 07:40:25 +0000 Subject: [gnutls-devel] GnuTLS | Add detection of extended instruction set on zhaoxin CPU (#1079) In-Reply-To: References: Message-ID: zzjianhui commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1079#note_415679467 Hi, I have completed the patch to detect the extended instruction set on Zhaoxin CPU. During the development process, I found two bugs. These are #1094 and #1083. I currently have three patches, I send them directly to your mailbox, and attach my test-suit.log on Zhaoxin CPU. This is my first time to participate in an open source project, thank you for your advice. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1079#note_415679467 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 11:20:17 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 09:20:17 +0000 Subject: [gnutls-devel] GnuTLS | tests: allow clock_nanosleep in seccomp tests (!1325) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 was reviewed by Anderson Sasaki -- Anderson Sasaki started a new discussion on lib/inih/ini.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325#note_415748059 > #define MAX_NAME 50 > > +#if 0 I guess this code is kept for when the false positive is fixed, right? Would it be beneficial to have a comment to give context on why is it kept? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 11:22:45 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 09:22:45 +0000 Subject: [gnutls-devel] GnuTLS | tests: allow clock_nanosleep in seccomp tests (!1325) In-Reply-To: References: Message-ID: Anderson Sasaki commented: LGTM, the only comment I added is optional for me. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325#note_415749744 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 11:23:17 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 09:23:17 +0000 Subject: [gnutls-devel] GnuTLS | tests: allow clock_nanosleep in seccomp tests (!1325) In-Reply-To: References: Message-ID: Merge Request !1325 was approved by Anderson Sasaki Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 Branches: tmp-clock_nanosleep to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 11:42:21 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 09:42:21 +0000 Subject: [gnutls-devel] GnuTLS | tests: allow clock_nanosleep in seccomp tests (!1325) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion on lib/inih/ini.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325#note_415763237 > #define MAX_SECTION 50 > #define MAX_NAME 50 > > +#if 0 That was my intention, but it's a bit hard to track so let's remove the unused code entirely. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325#note_415763237 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 11:42:21 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 09:42:21 +0000 Subject: [gnutls-devel] GnuTLS | tests: allow clock_nanosleep in seccomp tests (!1325) In-Reply-To: References: Message-ID: All discussions on Merge Request !1325 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 11:43:33 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 09:43:33 +0000 Subject: [gnutls-devel] GnuTLS | tests: allow clock_nanosleep in seccomp tests (!1325) In-Reply-To: References: Message-ID: All discussions on Merge Request !1325 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 11:43:41 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 09:43:41 +0000 Subject: [gnutls-devel] GnuTLS | tests: allow clock_nanosleep in seccomp tests (!1325) In-Reply-To: References: Message-ID: Merge Request !1325 was scheduled to merge after pipeline succeeds by Daiki Ueno Merge Request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 Branches: tmp-clock_nanosleep to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 11:43:31 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 09:43:31 +0000 Subject: [gnutls-devel] GnuTLS | tests: allow clock_nanosleep in seccomp tests (!1325) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325#note_415764345 Thank you for the review! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325#note_415764345 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 11:58:48 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 09:58:48 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327#note_415778209 The failure should be fixed if you rebase against the git master. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327#note_415778209 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 11:59:13 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 09:59:13 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) In-Reply-To: References: Message-ID: Merge Request !1327 was approved by Daiki Ueno Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 Project:Branches: zzjianhui/gnutls:fix-padlock to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 11:59:08 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 09:59:08 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you; this is really a good catch. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327#note_415778479 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 13:26:01 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 11:26:01 +0000 Subject: [gnutls-devel] GnuTLS | dtls-with-seccomp and dtls-client-with-seccomp tests are failing (#1086) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1325 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1325) Issue #1086: https://gitlab.com/gnutls/gnutls/-/issues/1086 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1086 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 21 13:26:01 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Sep 2020 11:26:01 +0000 Subject: [gnutls-devel] GnuTLS | tests: allow clock_nanosleep in seccomp tests (!1325) In-Reply-To: References: Message-ID: Merge Request !1325 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 Branches: tmp-clock_nanosleep to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1325 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 03:28:34 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 01:28:34 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) In-Reply-To: References: Message-ID: Merge Request !1327 was closed by zzjianhui Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 Project:Branches: zzjianhui/gnutls:fix-padlock to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 03:29:04 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 01:29:04 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) In-Reply-To: References: Message-ID: Merge Request !1327 was reopened by zzjianhui Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 Project:Branches: zzjianhui/gnutls:fix-padlock to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 03:33:26 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 01:33:26 +0000 Subject: [gnutls-devel] GnuTLS | Fix avx detection (!1333) References: Message-ID: zzjianhui created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1333 Project:Branches: zzjianhui/gnutls:fix-avx-detection to gnutls/gnutls:master Author: zzjianhui In the case of setting environment variables, AVX cannot be detected correctly. Because only MOVBE is added to variable _gnutls_x86_cpuid_s, there is no OSXSAVE. And according to the intel manual, using AVX does not need to detect FMA. Fixes #1083. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [x] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1333 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 03:54:37 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 01:54:37 +0000 Subject: [gnutls-devel] GnuTLS | Fix avx detection (!1333) In-Reply-To: References: Message-ID: Merge Request !1333 was closed by zzjianhui Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1333 Project:Branches: zzjianhui/gnutls:fix-avx-detection to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1333 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 04:02:25 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 02:02:25 +0000 Subject: [gnutls-devel] GnuTLS | Fix avx detection (!1333) In-Reply-To: References: Message-ID: Merge Request !1333 was reopened by zzjianhui Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1333 Project:Branches: zzjianhui/gnutls:fix-avx-detection to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1333 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 04:02:39 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 02:02:39 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) In-Reply-To: References: Message-ID: Merge Request !1327 was reopened by zzjianhui Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 Project:Branches: zzjianhui/gnutls:fix-padlock to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 04:00:52 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 02:00:52 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) In-Reply-To: References: Message-ID: Merge Request !1327 was closed by zzjianhui Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 Project:Branches: zzjianhui/gnutls:fix-padlock to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 07:38:43 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 05:38:43 +0000 Subject: [gnutls-devel] GnuTLS | Fix avx detection (!1333) In-Reply-To: References: Message-ID: Merge Request !1333 was closed by zzjianhui Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1333 Project:Branches: zzjianhui/gnutls:fix-avx-detection to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1333 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 07:42:01 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 05:42:01 +0000 Subject: [gnutls-devel] GnuTLS | x86/avx: fix avx detection (!1334) References: Message-ID: zzjianhui created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1334 Project:Branches: zzjianhui/gnutls:fix-avx-detection to gnutls/gnutls:master Author: zzjianhui In the case of setting environment variables, AVX cannot be detected correctly. Because only MOVBE is added to variable _gnutls_x86_cpuid_s, there is no OSXSAVE. And according to the intel manual, using AVX does not need to detect FMA. fixes #1083 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [x] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1334 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 08:10:18 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 06:10:18 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) In-Reply-To: References: Message-ID: Merge Request !1327 was closed by zzjianhui Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 Project:Branches: zzjianhui/gnutls:fix-padlock to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 08:16:18 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 06:16:18 +0000 Subject: [gnutls-devel] GnuTLS | x86:add detection of instruction set on Zhaoxin CPU (!1335) References: Message-ID: zzjianhui created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335 Project:Branches: zzjianhui/gnutls:fix-padlock to gnutls/gnutls:master Author: zzjianhui Add detection of extended instruction set on Zhaoxin cpu,e.g:ssse3,sha,avx,etc. Set the priority of the algorithm according to the benchmark test result on Zhaoxin cpu. In hmac-padlock.c, use free to release local variables ctx. Remove a call to wrap_padlock_hmac_deinit() to fix a crash. This is the previous test situation[test-suite.log](/uploads/b8f0305e2051b3eee16b0a04bf1e22c3/test-suite.log). This is the test situation after adding these codes[test-suite1.log](/uploads/53ac0885f5f2dba7f0f1ac79ca887355/test-suite1.log). fixes #1094 ,#1079 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 08:57:19 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 06:57:19 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) In-Reply-To: References: Message-ID: Daiki Ueno commented: @zzjianhui FYI, to rebase an MR on GitLab, usual practice is doing something like `git push --force-with-lease origin `: https://estl.tech/a-gentler-force-push-on-git-force-with-lease-fb15701218df -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327#note_416385078 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 15:09:47 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 13:09:47 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1327) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 was reviewed by zzjianhui -- zzjianhui commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327#note_416644969 Thank you! But i create new merge request. !1335 !1334 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1327 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 18:08:16 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 16:08:16 +0000 Subject: [gnutls-devel] GnuTLS | x86:add detection of instruction set on Zhaoxin CPU (!1335) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1335 was reviewed by Daiki Ueno -- Daiki Ueno started a new discussion on lib/accelerated/x86/sha-padlock.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_416789266 > > -const gnutls_crypto_digest_st _gnutls_sha_padlock_nano = { > +const gnutls_crypto_digest_st _gnutls_sha_padlock_enhance = { Although this is a matter of taste, I would give those variants a self-describing names, something like: - `_gnutls_sha_padlock` ? `_gnutls_sha_padlock_oneshot` - `_gnutls_sha_padlock_nano` ? `_gnutls_sha_padlock` -- Daiki Ueno started a new discussion on lib/accelerated/x86/x86-common.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_416789270 > - memcmp(&d, "aurH", 4) == 0 && memcmp(&c, "auls", 4) == 0)) { > + memcmp(&d, "aurH", 4) == 0 && > + memcmp(&c, "auls", 4) == 0) || Would be nice to add comments saying which CPU model this code is detecting. -- Daiki Ueno started a new discussion on lib/accelerated/x86/x86-common.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_416789273 > - if (capabilities == 0) > + if (capabilities == 0){ > + if(!read_cpuid_vals(_gnutls_x86_cpuid_s)) The indentation looks strange. -- Daiki Ueno started a new discussion on lib/accelerated/x86/x86-common.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_416789275 > +{ > + unsigned int a,b,c,d; > + a = b = c = d = 0; I'd remove this initialization, as we don't have it in other functions calling `__get_cpuid` and I assume all arguments are set upon a successful call. -- Daiki Ueno started a new discussion on lib/accelerated/x86/x86-common.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_416789282 > + > + unsigned int family = ((a >> 8) & 0x0F); > + unsigned int model = ((a >> 4) & 0x0F) + ((a >> 12) & 0xF0); Afaik we still support pre-C99 compilers; please move the variable declaration to the top. -- Daiki Ueno started a new discussion on lib/accelerated/x86/x86-common.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_416789283 > unsigned a,b,c,t; > > - memset(_gnutls_x86_cpuid_s, 0, sizeof(_gnutls_x86_cpuid_s)); Why is this `memset` no longer necessary? -- Daiki Ueno started a new discussion on lib/accelerated/x86/x86-common.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_416789290 > +#define PADLOCK (1<<20) > +#define PADLOCK_PHE (1<<21) > +#define PADLOCK_PHE_SHA512 (1<<22) I'm not quite sure about the relationship between VIA and Zhaoxin, but is there any specific (strong) reason behind removing "VIA" term? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 18:09:35 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 16:09:35 +0000 Subject: [gnutls-devel] GnuTLS | x86:add detection of instruction set on Zhaoxin CPU (!1335) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you. This is a big change; perhaps you might want to split the first commit ("padlock:fix exception in wrap_padlock_hmac_fast") out from the MR so it can land sooner? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_416790087 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 22 20:41:41 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Sep 2020 18:41:41 +0000 Subject: [gnutls-devel] GnuTLS | Support ECH (#595) In-Reply-To: References: Message-ID: Michael Catanzaro commented: ESNI has nowadays evolved into ECH (Encrypted Client Hello). [OpenSSL issue](https://github.com/openssl/openssl/issues/7482) > Draft RFC: https://tools.ietf.org/html/draft-ietf-tls-esni The spec still begins with a warning not to use it in production: > DISCLAIMER: This is very early a work-in-progress design and has not > yet seen significant (or really any) security analysis. It should > not be used as a basis for building production systems. Hopefully that will change eventually. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/595#note_416894277 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 03:58:09 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 01:58:09 +0000 Subject: [gnutls-devel] GnuTLS | fastopen.sh test failure (#1095) References: Message-ID: Maxim Cournoyer created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1095 ## Description of problem: The test suite fails the fastopen.sh test, with the following output: ``` FAIL: fastopen.sh ================= Checking Fast open Echo Server listening on IPv4 0.0.0.0 port 57564...done Echo Server listening on IPv6 :: port 57564...done *** Fatal error: Error in the push function. Could not connect to 127.0.0.1:57564: Transport endpoint is already connected Processed 1 CA certificate(s). Resolving 'localhost:57564'... Connecting to '127.0.0.1:57564' (TFO)... - Certificate type: X.509 - Got a certificate list of 1 certificates. - Certificate[0] info: - subject `CN=GnuTLS Test Server (RSA certificate)', issuer `CN=GnuTLS Test CA', serial 0x4de0b4ca, RSA key 2432 bits, signed using RSA-SHA256, activated `2011-05-28 08:39:39 UTC', expires `2038-10-12 08:39:40 UTC', pin-sha256="ZCnc2x+EUztg6ShnEvwtcHxusyXqJ5RJLNCDLc+lVNE=" Public Key ID: sha1:482334530a8931384a5aeacab6d2a6dece1d2b18 sha256:6429dcdb1f84533b60e9286712fc2d707c6eb325ea2794492cd0832dcfa554d1 Public Key PIN: pin-sha256:ZCnc2x+EUztg6ShnEvwtcHxusyXqJ5RJLNCDLc+lVNE= - Status: The certificate is trusted. - Successfully sent 0 certificate(s) to server. Failure: 1. TLS1.2 handshake should have succeeded! Exiting via signal 15 FAIL fastopen.sh (exit status: 1) ``` ## Version of gnutls used: 3.6.15 ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) GNU Guix ## How reproducible: Checkout the sources of 3.6.15. Run './configure' then 'make check -j24'. ## Actual results: The test suite fails. ## Expected results: The test suite succeeds. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1095 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 04:44:54 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 02:44:54 +0000 Subject: [gnutls-devel] GnuTLS | x86:add detection of instruction set on Zhaoxin CPU (!1335) In-Reply-To: References: Message-ID: zzjianhui commented on a discussion on lib/accelerated/x86/x86-common.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_417068872 > #endif > > #ifdef ENABLE_PADLOCK > -static unsigned capabilities_to_via_edx(unsigned capabilities) > +static unsigned capabilities_to_zhaoxin_edx(unsigned capabilities) > { > unsigned a,b,c,t; > > - memset(_gnutls_x86_cpuid_s, 0, sizeof(_gnutls_x86_cpuid_s)); I moved it to the beginning of register_x86_padlock_crypto(), because read_cpuid_vals() will use _gnutls_x86_cpuid_s. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_417068872 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 05:10:54 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 03:10:54 +0000 Subject: [gnutls-devel] GnuTLS | x86:add detection of instruction set on Zhaoxin CPU (!1335) In-Reply-To: References: Message-ID: zzjianhui commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_417074212 Hi, can I use the version rollback, delete the previous bug, re-add the patch of Zhaoxin ID, and then push? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_417074212 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 06:53:54 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 04:53:54 +0000 Subject: [gnutls-devel] GnuTLS | fastopen.sh test failure (#1095) In-Reply-To: References: Message-ID: Maxim Cournoyer commented: It probably will be a challenge to reproduce this. It only occurs on the core-updates branch of Guix (where the core dependencies such as glibc are more bleeding edges), is not specific to version 3.6.15 (it also occurs for 3.6.14, 3.6.13). -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1095#note_417095045 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 08:22:57 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 06:22:57 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1336) References: Message-ID: zzjianhui created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1336 Project:Branches: zzjianhui/gnutls:fix-x86-padlock to gnutls/gnutls:master Author: zzjianhui In function wrap_padlock_hmac_fast, use free to release local variables ctx. Remove a call to wrap_padlock_hmac_deinit() to fix a crash. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [x] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1336 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 08:23:08 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 06:23:08 +0000 Subject: [gnutls-devel] GnuTLS | priority: add Ed448 to SECURE192 signing algorithms (!1332) In-Reply-To: References: Message-ID: Merge Request !1332 was approved by Sahana Prasad Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1332 Branches: tmp-default-prio to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1332 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 08:55:55 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 06:55:55 +0000 Subject: [gnutls-devel] GnuTLS | priority: add Ed448 to SECURE192 signing algorithms (!1332) In-Reply-To: References: Message-ID: Merge Request !1332 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1332 Branches: tmp-default-prio to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1332 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 08:57:18 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 06:57:18 +0000 Subject: [gnutls-devel] GnuTLS | algorithms: implement X448 key exchange and Ed448 signature scheme (!984) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/984#note_417135552 @vcunat sorry for the delay. Yes, it was an oversight; should be fixed now with !1332. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/984#note_417135552 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 08:57:47 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 06:57:47 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1336) In-Reply-To: References: Message-ID: Merge Request !1336 was approved by Daiki Ueno Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1336 Project:Branches: zzjianhui/gnutls:fix-x86-padlock to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1336 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 08:57:50 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 06:57:50 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1336) In-Reply-To: References: Message-ID: Merge Request !1336 was scheduled to merge after pipeline succeeds by Daiki Ueno Merge Request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1336 Project:Branches: zzjianhui/gnutls:fix-x86-padlock to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1336 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 09:30:42 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 07:30:42 +0000 Subject: [gnutls-devel] GnuTLS | padlock:fix exception in wrap_padlock_hmac_fast (!1336) In-Reply-To: References: Message-ID: Merge Request !1336 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1336 Project:Branches: zzjianhui/gnutls:fix-x86-padlock to gnutls/gnutls:master Author: zzjianhui Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1336 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 09:51:08 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 07:51:08 +0000 Subject: [gnutls-devel] GnuTLS | Add detection of extended instruction set on zhaoxin CPU (#1079) In-Reply-To: References: Message-ID: Issue was closed by zzjianhui Issue #1079: https://gitlab.com/gnutls/gnutls/-/issues/1079 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1079 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 09:54:36 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 07:54:36 +0000 Subject: [gnutls-devel] GnuTLS | Add detection of extended instruction set on zhaoxin CPU (#1079) In-Reply-To: References: Message-ID: Issue was reopened by zzjianhui Issue 1079: https://gitlab.com/gnutls/gnutls/-/issues/1079 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1079 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 23 13:36:05 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Sep 2020 11:36:05 +0000 Subject: [gnutls-devel] GnuTLS | x86:add detection of instruction set on Zhaoxin CPU (!1335) In-Reply-To: References: Message-ID: zzjianhui commented on a discussion on lib/accelerated/x86/x86-common.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_417343982 > #define INTEL_PCLMUL (1<<3) > #define INTEL_AVX (1<<4) > #define INTEL_SHA (1<<5) > -#define VIA_PADLOCK (1<<20) > -#define VIA_PADLOCK_PHE (1<<21) > -#define VIA_PADLOCK_PHE_SHA512 (1<<22) > +#define PADLOCK (1<<20) > +#define PADLOCK_PHE (1<<21) > +#define PADLOCK_PHE_SHA512 (1<<22) This part of the code not only supports the old VIA CPU, but also supports the Zhaoxin CPU. But VIA CPU will not have new products, and Zhaoxin CPU will continue to upgrade and iterate. Currently this part of the code is maintained and upgraded by Zhaoxin. In order to prevent this part of the code from misunderstanding that it only supports VIA CPU, we delete the VIA prefix. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_417343982 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 24 05:39:57 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Sep 2020 03:39:57 +0000 Subject: [gnutls-devel] GnuTLS | x86:add detection of instruction set on Zhaoxin CPU (!1335) In-Reply-To: References: Message-ID: All discussions on Merge Request !1335 were resolved by zzjianhui https://gitlab.com/gnutls/gnutls/-/merge_requests/1335 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 24 18:06:12 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Sep 2020 16:06:12 +0000 Subject: [gnutls-devel] GnuTLS | tests: simplify shell-script usage (!1337) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337 Branches: tmp-sh-tests to master Author: Daiki Ueno Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 24 18:29:15 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Sep 2020 16:29:15 +0000 Subject: [gnutls-devel] GnuTLS | tests: simplify shell-script usage (!1337) In-Reply-To: References: Message-ID: Daiki Ueno commented: @ametzler FYI. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337#note_418285337 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Sep 24 22:54:57 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Sep 2020 20:54:57 +0000 Subject: [gnutls-devel] GnuTLS | fastopen.sh test failure (#1095) In-Reply-To: References: Message-ID: civodul commented: What happens in the client is this: ``` socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) = 5 getrandom("\x88\x33\x62\xd9\xd7\xd7\xe3\x1f\x36\xc1\x3e\x28\x01\xd8\x96\xbd\xca\xa2\xaf\x4c\xa3\xc1\x16\x4a\x16\x4a\x73\x9a\xc6\x60\xcb\x5f"..., 64, 0) = 64 setsockopt(5, SOL_TCP, TCP_FASTOPEN, [1], 4) = 0 sendmsg(5, {msg_name={sa_family=AF_INET, sin_port=htons(5257), sin_addr=inet_addr("127.0.0.1")}, msg_namelen=16, msg_iov=[{iov_base="\26\3\3\0\327\1\0\0\323\3\38 \27y\331\374\277\365\225\345*\224\306R1rn\3466\371\262"..., iov_len=220}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_FASTOPEN) = 220 poll([{fd=5, events=POLLIN}], 1, 39999) = 1 ([{fd=5, revents=POLLIN}]) recvfrom(5, "\26\3\3\0e", 5, 0, NULL, NULL) = 5 poll([{fd=5, events=POLLIN}], 1, 39999) = 1 ([{fd=5, revents=POLLIN}]) recvfrom(5, "\2\0\0a\3\3~\\?\275\2737'\341y\2606|s\207Q\340\226\326\305`\314\275\255tDO"..., 101, 0, NULL, NULL) = 101 poll([{fd=5, events=POLLIN}], 1, 39988) = 1 ([{fd=5, revents=POLLIN}]) recvfrom(5, "\26\3\3\3\302", 5, 0, NULL, NULL) = 5 poll([{fd=5, events=POLLIN}], 1, 39988) = 1 ([{fd=5, revents=POLLIN}]) recvfrom(5, "\v\0\3\276\0\3\273\0\3\2700\202\3\2640\202\2l\240\3\2\1\2\2\4M\340\264\3120\r\6"..., 962, 0, NULL, NULL) = 962 openat(AT_FDCWD, "/gnu/store/cb6fakglpk69j8mz0g13rggp99l8v3x8-glibc-2.32/share/zoneinfo/UTC", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) poll([{fd=5, events=POLLIN}], 1, 39986) = 1 ([{fd=5, revents=POLLIN}]) recvfrom(5, "\26\3\3\1}", 5, 0, NULL, NULL) = 5 poll([{fd=5, events=POLLIN}], 1, 39986) = 1 ([{fd=5, revents=POLLIN}]) recvfrom(5, "\f\0\1y\3\0\27A\4\365\275`\304\373\344\373\366\224\267\337\273\234\254<0\224/\302\201\ro\213"..., 381, 0, NULL, NULL) = 381 poll([{fd=5, events=POLLIN}], 1, 39986) = 1 ([{fd=5, revents=POLLIN}]) recvfrom(5, "\26\3\3\0,", 5, 0, NULL, NULL) = 5 poll([{fd=5, events=POLLIN}], 1, 39986) = 1 ([{fd=5, revents=POLLIN}]) recvfrom(5, "\r\0\0(\3\1\2@\0 \4\1\10\t\10\4\4\3\10\7\5\1\10\n\10\5\5\3\10\10\6\1"..., 44, 0, NULL, NULL) = 44 poll([{fd=5, events=POLLIN}], 1, 39985) = 1 ([{fd=5, revents=POLLIN}]) recvfrom(5, "\26\3\3\0\4", 5, 0, NULL, NULL) = 5 poll([{fd=5, events=POLLIN}], 1, 39985) = 1 ([{fd=5, revents=POLLIN}]) recvfrom(5, "\16\0\0\0", 4, 0, NULL, NULL) = 4 brk(0x508000) = 0x508000 setsockopt(5, SOL_TCP, TCP_FASTOPEN, [1], 4) = -1 EINVAL (Invalid argument) sendmsg(5, {msg_name={sa_family=AF_INET, sin_port=htons(5257), sin_addr=inet_addr("127.0.0.1")}, msg_namelen=16, msg_iov=[{iov_base="\26\3\3\0\7\v\0\0\3\0\0\0", iov_len=12}, {iov_base="\26\3\3\0F\20\0\0BA\4H\274\337\210$a\206\36m\375\334\34M_\230\35\4\v\336\37\334"..., iov_len=75}, {iov_base="\24\3\3\0\1\1", iov_len=6}, {iov_base="\26\3\3\0(\0\0\0\0\0\0\0\0\330l\362y\320\260\227-\6\222W\tDe5\337\355F)"..., iov_len=45}], msg_iovlen=4, msg_controllen=0, msg_flags=0}, MSG_FASTOPEN) = -1 EISCONN (Transport endpoint is already connected) write(2, "*** Fatal error: Error in the pu"..., 45*** Fatal error: Error in the push function. ) = 45 sendmsg(5, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\26\3\3\0\7\v\0\0\3\0\0\0", iov_len=12}, {iov_base="\26\3\3\0F\20\0\0BA\4H\274\337\210$a\206\36m\375\334\34M_\230\35\4\v\336\37\334"..., iov_len=75}, {iov_base="\24\3\3\0\1\1", iov_len=6}, {iov_base="\26\3\3\0(\0\0\0\0\0\0\0\0\330l\362y\320\260\227-\6\222W\tDe5\337\355F)"..., iov_len=45}], msg_iovlen=4, msg_controllen=0, msg_flags=0}, 0) = 138 brk(0x4f7000) = 0x4f7000 shutdown(5, SHUT_RDWR) = 0 write(2, "Could not connect to 127.0.0.1:5"..., 77Could not connect to 127.0.0.1:5257: Transport endpoint is already connected ) = 77 ``` So the second `setsockopt` call fails with `EINVAL` (even though the first one succeeded, on the same file descriptor), and the `sendmsg` `MSG_FASTOPEN` call that immediately follows fails with `EISCONN`. Thoughts? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1095#note_418390681 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 25 06:44:28 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Sep 2020 04:44:28 +0000 Subject: [gnutls-devel] GnuTLS | tests: simplify shell-script usage (!1337) In-Reply-To: References: Message-ID: Andreas Metzler commented: Hello, there is some usage of the FOO="${FOO:-defaultvalue} idiom left ~~~ ametzler at argenau:~/GIT/gnutls$ grep -Er '^[A-Za-z_][A-Za-z_]*="?\${[A-Za-z_][A-Za-z_]*:-' * | wc 28 48 2003 ~~~ Regex is imperfect, there are some false positives. cu Andreas -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337#note_418491140 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 25 09:06:29 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Sep 2020 07:06:29 +0000 Subject: [gnutls-devel] GnuTLS | tests: simplify shell-script usage (!1337) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337#note_418534537 It's better to use `git grep` as we don't care submodules etc: ```sh $ git grep -E '^[A-Za-z_][A-Za-z_]*="?\$\{[A-Za-z_][A-Za-z_]*:-' fuzz/run-afl.sh:srcdir="${srcdir:-.}" tests/cert-tests/reject-invalid-time:PKGCONFIG="${PKG_CONFIG:-$(which pkg-config)}" tests/cert-tests/tolerate-invalid-time:PKGCONFIG="${PKG_CONFIG:-$(which pkg-config)}" tests/nist-pkits/pkits_smime:CERTTOOL=${CERTTOOL:-../../src/certtool} tests/p11-kit-load.sh:PKGCONFIG="${PKG_CONFIG:-$(which pkg-config)}" tests/pkgconfig.sh:PKGCONFIG="${PKG_CONFIG:-$(which pkg-config)}" tests/pkgconfig.sh:CC=${CC:-cc} tests/system-override-default-priority-string.sh:STOCK_PRIORITY="${GNUTLS_SYSTEM_PRIORITY_FILE:-./system.prio}" ``` I'll fix them as well. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337#note_418534537 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 25 09:16:08 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Sep 2020 07:16:08 +0000 Subject: [gnutls-devel] GnuTLS | tests: simplify shell-script usage (!1337) In-Reply-To: References: Message-ID: Andreas Metzler commented: 7bdba15b changes launch_server() to use $VALGRIND. I guess that found some issues that now show up in CI. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337#note_418539117 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 25 09:49:59 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Sep 2020 07:49:59 +0000 Subject: [gnutls-devel] GnuTLS | tests: simplify shell-script usage (!1337) In-Reply-To: References: Message-ID: Andreas Metzler commented: I simply do not know whether 8f2c9437acd205c4b2e1f02bde0b14a58e4b4127 (using type instead of which) is a good idea. "type" is a XSI extension and therefore not required by POSIX, otoh afaict "which" is not mentioned in POSIX at all. There is also "command -v". ;-) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337#note_418564053 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 25 10:22:29 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Sep 2020 08:22:29 +0000 Subject: [gnutls-devel] GnuTLS | tests: simplify shell-script usage (!1337) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337#note_418584546 On the other hand, `which` does not take into account of aliases (e.g., `dash -f -c 'alias a=ls; which a'`). I suppose that's the reason why gnulib-tool avoids using it. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337#note_418584546 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Sep 25 14:45:30 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Sep 2020 12:45:30 +0000 Subject: [gnutls-devel] GnuTLS | fastopen.sh test failure (#1095) In-Reply-To: References: Message-ID: civodul commented: My reading of https://github.com/multipath-tcp/mptcp/commit/cf60af03ca4e71134206809ea892e49b92a88896 is that `MSG_FASTOPEN` must only be used on the first `sendmsg` call for a given host. Passing it on subsequent calls leads to `EISCONN`, just a `connect` call on an already-connected socket. This is confirmed by [this reproducer](/uploads/e94f2265ed9b94c7599447270617b9dc/tcp-fastopen.c) (tested with Linux-libre 5.8.7). So the bug would be that GnuTLS passes `MSG_FASTOPEN` twice. Now, why does it happen? Outside Guix' isolated build environment, we get successful runs with this trace: ``` socket(AF_INET, SOCK_STREAM, IPPROTO_TCP) = 3 getrandom("\xf1\xa7\x5d\xb1\x18\xb8\x4a\xd2\x77\x39\x36\x79\xba\x3e\xb6\x6f\x90\xcd\xdb\x0f\x35\x18\x03\x74\x92\xeb\xf0 \xa3\xf8\x14\x38\xb0"..., 64, 0) = 64 setsockopt(3, SOL_TCP, TCP_FASTOPEN, [1], 4) = 0 sendmsg(3, {msg_name={sa_family=AF_INET, sin_port=htons(2137), sin_addr=inet_addr("127.0.0.1")}, msg_namelen=16, msg_iov=[{iov_base="\26\3\1\1b\1\0\1^\3\3\37\257as\245\1\33n\2202\240k\261|\275\177a\206-\274\320"..., iov_len=359}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, MSG_FASTOPEN) = 359 poll([{fd=3, events=POLLIN}], 1, 40000) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\26\3\3\0{", 5, 0, NULL, NULL) = 5 poll([{fd=3, events=POLLIN}], 1, 40000) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\2\0\0w\3\3m2>x\340\25(\341[m\233ji;uXyidgd\367?s\233\252"..., 123, 0, NULL, NULL) = 123 sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\24\3\3\0\1\1", iov_len=6}], msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 6 poll([{fd=3, events=POLLIN}], 1, 39997) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\24\3\3\0\1", 5, 0, NULL, NULL) = 5 poll([{fd=3, events=POLLIN}], 1, 39997) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\1", 1, 0, NULL, NULL) = 1 poll([{fd=3, events=POLLIN}], 1, 39997) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\27\3\3\0\35", 5, 0, NULL, NULL) = 5 poll([{fd=3, events=POLLIN}], 1, 39997) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "E\202UmH\20\37>Z\244R\214#.u\222<\260\303\210\350\260y\210\33\323YV\374", 29, 0, NULL, NULL) = 29 poll([{fd=3, events=POLLIN}], 1, 39988) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\27\3\3\0B", 5, 0, NULL, NULL) = 5 poll([{fd=3, events=POLLIN}], 1, 39988) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\221JO\26\256\341\303\274)Xa\277\1\253\223c\355[\267\341\5\22\2158\27\200}q\244\372\21\315"..., 66, 0, NULL, NULL) = 66 poll([{fd=3, events=POLLIN}], 1, 39988) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\27\3\3\3\326", 5, 0, NULL, NULL) = 5 poll([{fd=3, events=POLLIN}], 1, 39988) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\262\242~C\0242\244\316\263r\32\ny\23bb\220\226\216\277\276\323QSp\24\vU\336\246\241\22"..., 982, 0, NULL, NULL) = 982 poll([{fd=3, events=POLLIN}], 1, 39987) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\27\3\3\1I", 5, 0, NULL, NULL) = 5 poll([{fd=3, events=POLLIN}], 1, 39987) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\257!\233]m\260\276\342\236\266\304\270=Cb\223\317\364L\3030#j\372U\315bk\35\\\364\302"..., 329, 0, NULL, NULL) = 329 openat(AT_FDCWD, "/gnu/store/cb6fakglpk69j8mz0g13rggp99l8v3x8-glibc-2.32/share/zoneinfo/UTC", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory) poll([{fd=3, events=POLLIN}], 1, 39986) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\27\3\3\0E", 5, 0, NULL, NULL) = 5 poll([{fd=3, events=POLLIN}], 1, 39986) = 1 ([{fd=3, revents=POLLIN}]) recvfrom(3, "\177,\342&\26\212&r|\310Ipm\371\213\21o\243}2\21hI\340\367\314\6+\374a\350\203"..., 69, 0, NULL, NULL) = 69 sendmsg(3, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base="\27\3\3\0\31U\322\7\371/\341kconnect_addrlen = 0` in `tfo_writev` wasn't executed, leading to the second `setsockopt` and `MSG_FASTOPEN`, which in turn leads to `EISCONN`. Thoughts? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1095#note_418757425 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Sep 26 14:41:25 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 26 Sep 2020 12:41:25 +0000 Subject: [gnutls-devel] GnuTLS | tests: simplify shell-script usage (!1337) In-Reply-To: References: Message-ID: Andreas Metzler commented: Latest version af73fac0273d1af0c6411235148b7c5b079ab75a looks good, except for: ```sh ocsp-tests/ocsp-tls-connection [...] : ${CLI=../src/gnutls-cli${EXEEXT}} [...] if ! test -x "${GNUTLS_CLI}"; then exit 77 fi ``` Is there a reason that we have tests using ```: ${CERTTOOL=../src/certtool}``` and other tests using ```: ${CERTTOOL=../src/certtool${EXEEXT}}```. (not only for certtool but also for other commands, too? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337#note_419125185 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 27 03:24:42 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Sep 2020 01:24:42 +0000 Subject: [gnutls-devel] GnuTLS | x86:add detection of instruction set on Zhaoxin CPU (!1335) In-Reply-To: References: Message-ID: zzjianhui commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_419196431 Hi, According to your suggestion, I have completed the modification. I also submitted another patch to fix the avx detection, in!1334. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1335#note_419196431 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 27 16:09:45 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Sep 2020 14:09:45 +0000 Subject: [gnutls-devel] GnuTLS | Dead code in tests/gnutls-cli-debug.sh - GOST (#1091) In-Reply-To: References: Message-ID: Daiki Ueno commented: This has been fixed with !1328. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1091#note_419255384 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 27 16:14:59 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Sep 2020 14:14:59 +0000 Subject: [gnutls-devel] GnuTLS | x509: correct argument of gnutls_verify_output_function (!1338) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1338 Branches: tmp-verify-output to master Author: Daiki Ueno This is a leftover of 52e78f1e. We need to call `gnutls_verify_output_function` with the replaced CA cert instead of the original cert. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1338 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 27 16:15:25 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Sep 2020 14:15:25 +0000 Subject: [gnutls-devel] GnuTLS | Dead code in tests/gnutls-cli-debug.sh - GOST (#1091) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno Issue #1091: https://gitlab.com/gnutls/gnutls/-/issues/1091 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1091 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 27 16:29:01 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Sep 2020 14:29:01 +0000 Subject: [gnutls-devel] GnuTLS | Getting actual certificate path to a trusted CA (#1012) In-Reply-To: References: Message-ID: Daiki Ueno commented: @sahprasa @codesquid let me clarify the scope of this bug. > The output of certtool unfortunately is not very helpful either when given the certificates sent by this server: I think this is simply a leftover bug of (!1271), which should be fixed with !1338: the issuer of the second cert should be "COMODO RSA Certification Authority" instead of "AddTrust External CA Root". Other than that, I don't see anything wrong in the output. As noted in https://gitlab.com/gnutls/gnutls/-/issues/1008#note_352394245, GnuTLS can only process "linear" certificate chains. Therefore we don't need to care about the cases like the peer sends multiple intermediate CAs for the same subject. The replaced certificate is only at the root of the trust. > I suggest adding a function that returns the full path to the trusted root as was used in gnutls_certificate_verify_peers. Yes, this is the actual request; that is, the TLS applications should have a way to pass the `gnutls_verify_output_function` as a callback. I think the best way to do that is adding a function, say: ```c void gnutls_session_set_verify_output_function(gnutls_session_t session, gnutls_verify_output_function *func); ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1012#note_419258883 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Sep 27 19:35:29 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Sep 2020 17:35:29 +0000 Subject: [gnutls-devel] GnuTLS | x509: correct argument of gnutls_verify_output_function (!1338) In-Reply-To: References: Message-ID: Merge Request !1338 was approved by Sahana Prasad Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1338 Branches: tmp-verify-output to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1338 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 28 11:22:03 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Sep 2020 09:22:03 +0000 Subject: [gnutls-devel] GnuTLS | x509: correct argument of gnutls_verify_output_function (!1338) In-Reply-To: References: Message-ID: Merge Request !1338 was merged Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1338 Branches: tmp-verify-output to master Author: Daiki Ueno Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1338 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 28 12:09:42 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Sep 2020 10:09:42 +0000 Subject: [gnutls-devel] GnuTLS | WIP Adds a new API gnutls_session_set_verify_output_function() that allows TLS applications (!1339) References: Message-ID: Sahana Prasad created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339 Project:Branches: sahprasa/gnutls:cert_validation to gnutls/gnutls:master Author: Sahana Prasad Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [x] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [x] Documentation updated / NEWS entry present (for non-trivial changes) * [x] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code Adds a new API gnutls_session_set_verify_output_function() that allows TLS applications to have a way to pass the `gnutls_verify_output_function` as a callback so that the full path of the certificate chain to the trusted root can be available as output. Fixes #1012 I will add the test once this API is approved by @dueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 28 12:11:44 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Sep 2020 10:11:44 +0000 Subject: [gnutls-devel] GnuTLS | Getting actual certificate path to a trusted CA (#1012) In-Reply-To: References: Message-ID: Sahana Prasad commented: @dueno could you kindly have a look at !1339 If this meets your expectation of what you explained in the previous comment, I will add a test case (same as the example in this issue) for this. Thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1012#note_419570940 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 28 15:06:37 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Sep 2020 13:06:37 +0000 Subject: [gnutls-devel] GnuTLS | Getting actual certificate path to a trusted CA (#1012) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1012#note_419693305 Yes, that looks fine; maybe good to use that API in gnutls-cli as well. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1012#note_419693305 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Sep 28 16:57:15 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Sep 2020 14:57:15 +0000 Subject: [gnutls-devel] GnuTLS | tests: simplify shell-script usage (!1337) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337#note_419791566 Looks like this is caused by an inherent race condition in the scripts. If I change the concurrency to 1, it doesn't happen. The problem is that, between the timings when a free port is detected and when the port is actually used, other scripts can use the detected port if tests are run in parallel. One idea to solve it is to create a temporary file as a lock, and synchronize the logic. Another idea is to extend gnutls-serv to use ephemeral port something like [NSS bug](https://bugzilla.mozilla.org/show_bug.cgi?id=1555554), though that would require more effort. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1337#note_419791566 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 29 08:58:03 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Sep 2020 06:58:03 +0000 Subject: [gnutls-devel] GnuTLS | Getting actual certificate path to a trusted CA (#1012) In-Reply-To: References: Message-ID: Sahana Prasad commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1012#note_420230398 @dueno , I have added its usage in gnutls-cli now. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1012#note_420230398 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 29 09:29:58 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Sep 2020 07:29:58 +0000 Subject: [gnutls-devel] GnuTLS | Adds a new API gnutls_session_set_verify_output_function() that allows TLS applications (!1339) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1339 was reviewed by Daiki Ueno -- Daiki Ueno started a new discussion on gnulib: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_420261528 > -Subproject commit 46bdd627ff522193134d31bdfd3ac4e4fddb5975 > +Subproject commit fb64a78174042189f4d012cbd748d565f021cd69 I suppose this was mistakenly added (unless you rely on some new stuff in gnulib): try `git submodule update`. -- Daiki Ueno started a new discussion on src/cli.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_420261532 > > > +FILE *outfile; static? -- Daiki Ueno started a new discussion on src/cli.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_420261533 > gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred); > > + gnutls_session_set_verify_output_function(session, cert_out_callback); I would replace the invocation of `print_cert_info` with this callback, but if it's too much burden, it would be fine to postpone the gnutls-cli change. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 29 10:09:56 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Sep 2020 08:09:56 +0000 Subject: [gnutls-devel] GnuTLS | Signing with imported DSS key fails intermittently (#1023) In-Reply-To: References: Message-ID: Issue was closed by Hans Leidekker Issue #1023: https://gitlab.com/gnutls/gnutls/-/issues/1023 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1023 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 29 10:13:55 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Sep 2020 08:13:55 +0000 Subject: [gnutls-devel] GnuTLS | WIP Adds a new API gnutls_session_set_verify_output_function() that allows TLS applications (!1339) In-Reply-To: References: Message-ID: Sahana Prasad commented on a discussion on gnulib: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_420294344 > -Subproject commit 46bdd627ff522193134d31bdfd3ac4e4fddb5975 > +Subproject commit fb64a78174042189f4d012cbd748d565f021cd69 yeah that was mistakenly added. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_420294344 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 29 10:15:16 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Sep 2020 08:15:16 +0000 Subject: [gnutls-devel] GnuTLS | WIP Adds a new API gnutls_session_set_verify_output_function() that allows TLS applications (!1339) In-Reply-To: References: Message-ID: Sahana Prasad commented on a discussion on src/cli.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_420295310 > static gnutls_privkey_t rawpk_key = NULL; > > > +FILE *outfile; I realized we don't need outfile anymore. I followed the logging style in src/cli.c (Maybe we need to add logs only if 'verbose' is set, for now I left it like this to test it.) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_420295310 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 29 11:23:50 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Sep 2020 09:23:50 +0000 Subject: [gnutls-devel] GnuTLS | Adds a new API gnutls_session_set_verify_output_function() that allows TLS applications (!1339) In-Reply-To: References: Message-ID: Sahana Prasad commented on a discussion on src/cli.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_420353877 > gnutls_credentials_set(session, GNUTLS_CRD_PSK, psk_cred); > gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred); > > + gnutls_session_set_verify_output_function(session, cert_out_callback); Yeah, I would postpone this and do it in a few days with a different PR. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_420353877 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Sep 29 11:23:52 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Sep 2020 09:23:52 +0000 Subject: [gnutls-devel] GnuTLS | Adds a new API gnutls_session_set_verify_output_function() that allows TLS applications (!1339) In-Reply-To: References: Message-ID: All discussions on Merge Request !1339 were resolved by Sahana Prasad https://gitlab.com/gnutls/gnutls/-/merge_requests/1339 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 30 16:49:09 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 30 Sep 2020 14:49:09 +0000 Subject: [gnutls-devel] GnuTLS | Adds a new API gnutls_session_set_verify_output_function() that allows TLS applications (!1339) In-Reply-To: References: Message-ID: Daiki Ueno started a new discussion on tests/auto-verify.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_421425479 > if (ret < 0) > exit(1); > > + gnutls_session_set_verify_output_function(client, cert_out_callback); It would be nice to check that `cert_out_callback` is actually called. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_421425479 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 30 16:49:34 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 30 Sep 2020 14:49:34 +0000 Subject: [gnutls-devel] GnuTLS | Adds a new API gnutls_session_set_verify_output_function() that allows TLS applications (!1339) In-Reply-To: References: Message-ID: Merge Request !1339 was approved by Daiki Ueno Merge Request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339 Project:Branches: sahprasa/gnutls:cert_validation to gnutls/gnutls:master Author: Sahana Prasad Assignees: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Sep 30 16:50:10 2020 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 30 Sep 2020 14:50:10 +0000 Subject: [gnutls-devel] GnuTLS | Adds a new API gnutls_session_set_verify_output_function() that allows TLS applications (!1339) In-Reply-To: References: Message-ID: Daiki Ueno commented: Other than the comment, this looks good to me. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1339#note_421426590 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: