From gnutls-devel at lists.gnutls.org Tue Aug 1 01:17:22 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 23:17:22 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: enable use of Fedora based CI image for cross compilation (!1757) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1757#note_1494482726 CI-only change; merging without approval. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1757#note_1494482726 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 1 01:17:29 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 23:17:29 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: enable use of Fedora based CI image for cross compilation (!1757) In-Reply-To: References: Message-ID: Merge request !1757 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1757 Project:Branches: dueno/gnutls:wip/dueno/ci-cross-fedora38 to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1757 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 03:57:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 01:57:33 +0000 Subject: [gnutls-devel] GnuTLS | Refactor pkcs11_find_objects to use p11-kit iterator (!1758) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1498054174 Looks good to me. One minor question is that there are a couple of cosmetic changes, e.g., `unsigned int` ? `unsigned`, `i++` ? `++i`, comment changes adding a newline; I think the previous style is legitimate and wonder if there is any rationale behind it; otherwise I would prefer the previous style. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1498054174 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 03:57:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 01:57:45 +0000 Subject: [gnutls-devel] GnuTLS | Refactor pkcs11_find_objects to use p11-kit iterator (!1758) In-Reply-To: References: Message-ID: Merge request !1758 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 08:34:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 06:34:53 +0000 Subject: [gnutls-devel] GnuTLS | Refactor pkcs11_find_objects to use p11-kit iterator (!1758) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1498260647 I just like it that way. I can change it back. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1498260647 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 08:48:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 06:48:04 +0000 Subject: [gnutls-devel] GnuTLS | Refactor pkcs11_find_objects to use p11-kit iterator (!1758) In-Reply-To: References: Message-ID: All discussions on merge request !1758 were resolved by Zolt?n Fridrich https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 08:50:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 06:50:13 +0000 Subject: [gnutls-devel] GnuTLS | Refactor pkcs11_find_objects to use p11-kit iterator (!1758) In-Reply-To: References: Message-ID: Merge request !1758 was set to auto-merge by Zolt?n Fridrich Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 10:01:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 08:01:53 +0000 Subject: [gnutls-devel] GnuTLS | Refactor pkcs11_find_objects to use p11-kit iterator (!1758) In-Reply-To: References: Message-ID: Merge request !1758 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 10:38:01 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 08:38:01 +0000 Subject: [gnutls-devel] GnuTLS | Do not use HMAC-SHA1 for session ticket authentication algorithm (#1482) In-Reply-To: References: Message-ID: Milestone changed to Release of GnuTLS 3.8.2 (Aug 5, 2023?Oct 15, 2023) ( https://gitlab.com/gnutls/gnutls/-/milestones/40 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1482 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 11:37:57 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 09:37:57 +0000 Subject: [gnutls-devel] GnuTLS | Refactor pkcs11_find_objects to use p11-kit iterator (!1758) In-Reply-To: References: Message-ID: Daiki Ueno started a new discussion on lib/pkcs11.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1498518906 > - > - for (j = 0; j < count; j++) { > - a[0].type = CKA_ID; > - a[0].value = certid_tmp; > - a[0].value_len = sizeof certid_tmp; > - > - if (pkcs11_get_attribute_value(sinfo->module, > - sinfo->pks, ctx[j], a, > - 1) == CKR_OK) { > - id.data = a[0].value; > - id.size = a[0].value_len; > - } else { > - id.data = NULL; > - id.size = 0; > + if (find_data->current + 1 > alloc_size) { > + alloc_size = alloc_size == 0 ? 2 : alloc_size * 2; Sorry, I should have spotted this earlier, but we probably want to check overflow here. Something like: ```c alloc_size = xtimes(xsum(alloc_size, 1), 2); if (size_overflow_p(alloc_size)) { ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); goto fail; } find_data->p_list = _gnutls_reallocarray_fast(..., alloc_size, ...); ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1498518906 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 12:12:42 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 10:12:42 +0000 Subject: [gnutls-devel] abi-dump | Regenerate from 3.8.1 release (!6) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/abi-dump/-/merge_requests/6 Project:Branches: ZoltanFridrich/gnutls-abi-dump:zfridric_devel to gnutls/abi-dump:main Author: Zolt?n Fridrich Signed-off-by: Zoltan Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/abi-dump/-/merge_requests/6 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 12:13:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 10:13:17 +0000 Subject: [gnutls-devel] abi-dump | Regenerate from 3.8.1 release (!6) In-Reply-To: References: Message-ID: Merge request !6 was merged Merge request URL: https://gitlab.com/gnutls/abi-dump/-/merge_requests/6 Project:Branches: ZoltanFridrich/gnutls-abi-dump:zfridric_devel to gnutls/abi-dump:main Author: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/abi-dump/-/merge_requests/6 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 12:16:10 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 10:16:10 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.1 (!1762) In-Reply-To: References: Message-ID: Reassigned merge request 1762 https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 Assignee changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 12:16:14 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 10:16:14 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.1 (!1762) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 12:16:10 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 10:16:10 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.1 (!1762) In-Reply-To: References: Message-ID: Daiki Ueno was added as a reviewer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 12:58:40 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 10:58:40 +0000 Subject: [gnutls-devel] GnuTLS | `The certificate issuer is unknown.` despite certificate being present (#1455) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1455#note_1498635460 Yes. Both releases will be available in the upcoming days. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1455#note_1498635460 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 13:17:00 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 11:17:00 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.7.10 (!1763) In-Reply-To: References: Message-ID: Daiki Ueno was added as a reviewer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1763 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 13:17:01 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 11:17:01 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.7.10 (!1763) In-Reply-To: References: Message-ID: Reassigned merge request 1763 https://gitlab.com/gnutls/gnutls/-/merge_requests/1763 Assignee changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1763 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 13:17:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 11:17:04 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.7.10 (!1763) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1763 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:gnutls_3_7_x Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1763 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 13:43:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 11:43:28 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.7.10 (!1763) In-Reply-To: References: Message-ID: Merge request !1763 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1763 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:gnutls_3_7_x Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1763 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 14:02:35 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 12:02:35 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.7.10 (!1763) In-Reply-To: References: Message-ID: Merge request !1763 was set to auto-merge by Zolt?n Fridrich Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1763 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:gnutls_3_7_x Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1763 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 14:14:52 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 12:14:52 +0000 Subject: [gnutls-devel] GnuTLS | Safeguard against overflow inside pkcs11_find_objects (!1764) In-Reply-To: References: Message-ID: Daiki Ueno was added as a reviewer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 14:14:52 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 12:14:52 +0000 Subject: [gnutls-devel] GnuTLS | Safeguard against overflow inside pkcs11_find_objects (!1764) In-Reply-To: References: Message-ID: Reassigned merge request 1764 https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 Assignee changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 14:14:55 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 12:14:55 +0000 Subject: [gnutls-devel] GnuTLS | Safeguard against overflow inside pkcs11_find_objects (!1764) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 14:15:43 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 12:15:43 +0000 Subject: [gnutls-devel] GnuTLS | Refactor pkcs11_find_objects to use p11-kit iterator (!1758) In-Reply-To: References: Message-ID: All discussions on merge request !1758 were resolved by Zolt?n Fridrich https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 14:15:41 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 12:15:41 +0000 Subject: [gnutls-devel] GnuTLS | Refactor pkcs11_find_objects to use p11-kit iterator (!1758) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented on a discussion on lib/pkcs11.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1498753645 > - > - for (j = 0; j < count; j++) { > - a[0].type = CKA_ID; > - a[0].value = certid_tmp; > - a[0].value_len = sizeof certid_tmp; > - > - if (pkcs11_get_attribute_value(sinfo->module, > - sinfo->pks, ctx[j], a, > - 1) == CKR_OK) { > - id.data = a[0].value; > - id.size = a[0].value_len; > - } else { > - id.data = NULL; > - id.size = 0; > + if (find_data->current + 1 > alloc_size) { > + alloc_size = alloc_size == 0 ? 2 : alloc_size * 2; Opened an MR: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1498753645 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 14:32:07 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 12:32:07 +0000 Subject: [gnutls-devel] GnuTLS | Safeguard against overflow inside pkcs11_find_objects (!1764) In-Reply-To: References: Message-ID: Merge request !1764 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 14:32:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 12:32:45 +0000 Subject: [gnutls-devel] GnuTLS | Safeguard against overflow inside pkcs11_find_objects (!1764) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764#note_1498779463 Thanks for the quick update! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764#note_1498779463 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 14:36:03 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 12:36:03 +0000 Subject: [gnutls-devel] GnuTLS | Safeguard against overflow inside pkcs11_find_objects (!1764) In-Reply-To: References: Message-ID: Merge request !1764 was set to auto-merge by Zolt?n Fridrich Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 15:34:30 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 13:34:30 +0000 Subject: [gnutls-devel] GnuTLS | Safeguard against overflow inside pkcs11_find_objects (!1764) In-Reply-To: References: Message-ID: Merge request !1764 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1764 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 16:14:25 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 14:14:25 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.7.10 (!1763) In-Reply-To: References: Message-ID: Merge request !1763 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1763 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:gnutls_3_7_x Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1763 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 16:23:58 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 14:23:58 +0000 Subject: [gnutls-devel] abi-dump | Fix regenerate from 3.8.1 release (!7) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/abi-dump/-/merge_requests/7 Project:Branches: ZoltanFridrich/gnutls-abi-dump:zfridric to gnutls/abi-dump:main Author: Zolt?n Fridrich Signed-off-by: Zoltan Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/abi-dump/-/merge_requests/7 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 3 16:24:10 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 03 Aug 2023 14:24:10 +0000 Subject: [gnutls-devel] abi-dump | Fix regenerate from 3.8.1 release (!7) In-Reply-To: References: Message-ID: Merge request !7 was merged Merge request URL: https://gitlab.com/gnutls/abi-dump/-/merge_requests/7 Project:Branches: ZoltanFridrich/gnutls-abi-dump:zfridric to gnutls/abi-dump:main Author: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/abi-dump/-/merge_requests/7 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 4 04:14:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Aug 2023 02:14:17 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.1 (!1762) In-Reply-To: References: Message-ID: Daiki Ueno started a new discussion on NEWS: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762#note_1499943407 > needs to set up a callback that formats the PSK identity using > gnutls_psk_format_imported_identity(). > > +** libgnutls: Add a new priority string modifier %FORCE_SESSION_HASH, > + which requires to negotiate extended master secret and aborts the > + connection if the peer does not send the extension in hello messages. > + In FIPS mode %FORCE_SESSION_HASH is enabled by default. > + > +** libgnutls: %GNUTLS_NO_EXTENSIONS has been renamed to > + %GNUTLS_NO_DEFAULT_EXTENSIONS. > + > +** libgnutls: Add additional PBKDF limit checks in FIPS mode as > + defined in SP 800-132. Minimum salt length is 128 bits and > + minimum iterations bound is 1000 for PBKDF in FIPS mode. > + > +** libgnutls: use of non-EMS PRF is marked as non-approved in FIPS mode. I guess it makes more sense to merge into the previous one about session hash / EMS. Something like: ```text ** libgnutls: Add a mechanism to control whether to enforce extended master secret (RFC 7627). FIPS 140-3 mandates the use of TLS session hash (extended master secret, EMS) in TLS 1.2. To enforce this, a new priority keyword %FORCE_SESSION_HASH is added and if it is set and EMS is not set, the peer aborts the connection. This behavior is the default in FIPS mode, though it can be overridden through the configuration file with the "tls-session-hash" option. In either case non-EMS PRF is reported as a non-approved operation through the FIPS service indicator. ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762#note_1499943407 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 4 04:51:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Aug 2023 02:51:28 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.1 (!1762) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762#note_1499958295 Other than the NEWS entry, it looks good to me. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762#note_1499958295 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 4 04:51:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Aug 2023 02:51:33 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.1 (!1762) In-Reply-To: References: Message-ID: Merge request !1762 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 4 08:24:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Aug 2023 06:24:33 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.1 (!1762) In-Reply-To: References: Message-ID: All discussions on merge request !1762 were resolved by Zolt?n Fridrich https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 4 08:24:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Aug 2023 06:24:44 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.1 (!1762) In-Reply-To: References: Message-ID: Merge request !1762 was set to auto-merge by Zolt?n Fridrich Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 4 09:41:43 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Aug 2023 07:41:43 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.1 (!1762) In-Reply-To: References: Message-ID: Merge request !1762 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1762 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 4 12:52:34 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Aug 2023 10:52:34 +0000 Subject: [gnutls-devel] web-pages | add notes from 3.8.1 release (!7) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/web-pages/-/merge_requests/7 Project:Branches: ZoltanFridrich/gnutls-web-pages:zfridric_devel to gnutls/web-pages:master Author: Zolt?n Fridrich Signed-off-by: Zoltan Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/web-pages/-/merge_requests/7 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 4 12:53:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 04 Aug 2023 10:53:17 +0000 Subject: [gnutls-devel] web-pages | add notes from 3.8.1 release (!7) In-Reply-To: References: Message-ID: Merge request !7 was merged Merge request URL: https://gitlab.com/gnutls/web-pages/-/merge_requests/7 Project:Branches: ZoltanFridrich/gnutls-web-pages:zfridric_devel to gnutls/web-pages:master Author: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/web-pages/-/merge_requests/7 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 6 14:28:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Aug 2023 12:28:36 +0000 Subject: [gnutls-devel] Guile-GnuTLS | FTBFS against 3.8.1 (#15) References: Message-ID: Andreas Metzler created an issue: https://gitlab.com/gnutls/guile/-/issues/15 Hello, both 3.7.12 and 3.7.14 do not build successfully with gnutls 3.8.1: ~~~ make[3]: Entering directory '/dev/shm/GUILE-GNUTLS/guile-gnutls-3.7.14/b4deb/guile' Making all in src make[4]: Entering directory '/dev/shm/GUILE-GNUTLS/guile-gnutls-3.7.14/b4deb/guile/src' GUILE_AUTO_COMPILE=0 /usr/bin/guile-3.0 -L ../../../guile/modules "../../../guile/src/make-enum-map.scm" > "enum-map.i.c.tmp" mv "enum-map.i.c.tmp" "enum-map.i.c" [...] libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../../../guile/src -I../.. -I../../../lib/includes -I../../lib/includes -I../../../extra/includes -I../.. -I. -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra -Wno-strict-prototypes -Wno-unused-parameter -I/usr/include/guile/3.0 -pthread -I/usr/include/p11-kit-1 -g -O2 -ffile-prefix-map=/dev/shm/GUILE-GNUTLS/guile-gnutls-3.7.14=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -c ../../../guile/src/core.c -fPIC -DPIC -o .libs/guile_gnutls_v_2_la-core.o [...] ./enum-map.i.c: In function 'scm_gnutls_connection_flag_to_c_string': ./enum-map.i.c:333:10: error: 'GNUTLS_NO_EXTENSIONS' undeclared (first use in this function); did you mean 'GNUTLS_EXT_NONE'? 333 | { GNUTLS_NO_EXTENSIONS, "no-extensions" }, | ^~~~~~~~~~~~~~~~~~~~ | GNUTLS_EXT_NONE ./enum-map.i.c:333:10: note: each undeclared identifier is reported only once for each function it appears in In file included from /usr/include/guile/3.0/libguile/threads.h:29, from /usr/include/guile/3.0/libguile/async.h:25, from /usr/include/guile/3.0/libguile.h:35, from ../../../guile/src/core.c:32: ./enum-map.i.c: In function 'scm_gnutls_define_enums': ./enum-map.i.c:2205:78: error: 'GNUTLS_NO_EXTENSIONS' undeclared (first use in this function); did you mean 'GNUTLS_EXT_NONE'? [...] (sid)ametzler at argenau:/tmp/GUILE-GNUTLS/guile-gnutls-3.7.14$ grep -h1r GNUTLS_NO _EXTENSIONS #endif /* not NO_GNUTLS_NONBLOCK */ #ifndef NO_GNUTLS_NO_EXTENSIONS { GNUTLS_NO_EXTENSIONS, "no-extensions" }, #endif /* not NO_GNUTLS_NO_EXTENSIONS */ #ifndef NO_GNUTLS_NO_REPLAY_PROTECTION -- #endif /* not NO_GNUTLS_NONBLOCK */ #ifndef NO_GNUTLS_NO_EXTENSIONS SCM_NEWSMOB (enum_smob, scm_tc16_gnutls_connection_flag_enum, (scm_t_bits) GNUTLS_NO_EXTENSIONS); enum_values = scm_cons (enum_smob, enum_values); scm_c_define ("connection-flag/no-extensions", enum_smob); #endif /* not NO_GNUTLS_NO_EXTENSIONS */ #ifndef NO_GNUTLS_NO_REPLAY_PROTECTION ~~~ Looks like this is caused by "no-extensions" in guile/modules/gnutls/build/enums.scm. cu Andreas -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/15 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 6 20:53:58 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Aug 2023 18:53:58 +0000 Subject: [gnutls-devel] GnuTLS | Fix build on GNU/Hurd (!1765) References: Message-ID: Samuel Thibault created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1765 Project:Branches: sthibaul/gnutls:master to gnutls/gnutls:master Author: Samuel Thibault This fixes the build on the GNU/Hurd system. ## Checklist * [X] Commits have `Signed-off-by:` with name/author being identical to the commit author * [X] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1765 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 6 22:59:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 06 Aug 2023 20:59:19 +0000 Subject: [gnutls-devel] GnuTLS | Move the GNUTLS_NO_EXTENSIONS compatibility #define to gnutls.h (!1766) References: Message-ID: Adrian Bunk created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1766 Project:Branches: AdrianBunk/gnutls:master to gnutls/gnutls:master Author: Adrian Bunk @peonix @dueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1734 created a compatibility #define for GNUTLS_NO_EXTENSIONS, but it was not in the `gnutls/gnutls.h` header where applications need it. @ametzler This fixes the build of some packages (guile-gnutls, openconnect, zabbix) in Debian. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1766 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 7 02:34:59 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Aug 2023 00:34:59 +0000 Subject: [gnutls-devel] GnuTLS | Move the GNUTLS_NO_EXTENSIONS compatibility #define to gnutls.h (!1766) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1766#note_1502184028 Thank you for spotting this and providing the patch! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1766#note_1502184028 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 7 02:35:03 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Aug 2023 00:35:03 +0000 Subject: [gnutls-devel] GnuTLS | Move the GNUTLS_NO_EXTENSIONS compatibility #define to gnutls.h (!1766) In-Reply-To: References: Message-ID: Merge request !1766 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1766 Project:Branches: AdrianBunk/gnutls:master to gnutls/gnutls:master Author: Adrian Bunk Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1766 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 7 02:37:29 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Aug 2023 00:37:29 +0000 Subject: [gnutls-devel] GnuTLS | Fix build on GNU/Hurd (!1765) In-Reply-To: References: Message-ID: Merge request !1765 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1765 Project:Branches: sthibaul/gnutls:master to gnutls/gnutls:master Author: Samuel Thibault Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1765 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 7 02:37:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Aug 2023 00:37:36 +0000 Subject: [gnutls-devel] GnuTLS | Fix build on GNU/Hurd (!1765) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1765#note_1502184734 Thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1765#note_1502184734 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 7 02:37:43 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Aug 2023 00:37:43 +0000 Subject: [gnutls-devel] GnuTLS | Fix build on GNU/Hurd (!1765) In-Reply-To: References: Message-ID: Merge request !1765 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1765 Project:Branches: sthibaul/gnutls:master to gnutls/gnutls:master Author: Samuel Thibault -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1765 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 7 09:25:22 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Aug 2023 07:25:22 +0000 Subject: [gnutls-devel] GnuTLS | configure.ac: Avoid noise when faketime is not available (!1767) References: Message-ID: Sam James created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1767 Project:Branches: thesamesam/gnutls:faketime-configure to gnutls/gnutls:master Author: Sam James Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist * [X] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1767 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 7 11:47:51 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Aug 2023 09:47:51 +0000 Subject: [gnutls-devel] GnuTLS | configure.ac: Avoid noise when faketime is not available (!1767) In-Reply-To: References: Message-ID: Merge request !1767 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1767 Project:Branches: thesamesam/gnutls:faketime-configure to gnutls/gnutls:master Author: Sam James Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1767 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 7 11:47:58 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Aug 2023 09:47:58 +0000 Subject: [gnutls-devel] GnuTLS | configure.ac: Avoid noise when faketime is not available (!1767) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1767#note_1502617395 Thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1767#note_1502617395 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 7 11:48:03 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Aug 2023 09:48:03 +0000 Subject: [gnutls-devel] GnuTLS | configure.ac: Avoid noise when faketime is not available (!1767) In-Reply-To: References: Message-ID: Merge request !1767 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1767 Project:Branches: thesamesam/gnutls:faketime-configure to gnutls/gnutls:master Author: Sam James -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1767 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 7 23:02:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 07 Aug 2023 21:02:44 +0000 Subject: [gnutls-devel] GnuTLS | certtool --generate-privkey Program received signal SIGILL, Illegal instruction when needle is built with x86-sha-ni (#1496) References: Message-ID: Giuseppe Foti created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1496 ## Description of problem: I run the command `certtool --generate-privkey` on a LXD container with a gentoo image. The program fails with: `Illegal instruction (core dumped).` Running certtool on gdb the error received is: ``` Program received signal SIGILL, Illegal instruction. 0x00007ffff784a8dd in _nettle_sha256_compress_n () from /usr/lib64/libnettle.so.8 ``` libnettle.so.8 was built on the same container that built version 3.9.1 of dev-libs/nettle using this ebuild: https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/nettle/nettle-3.9.1.ebuild and with those CPU_FLAGS_X86 enabled: aes pclmul sha (read here for hints about what CPU_FLAGS_ are in gentoo: https://wiki.gentoo.org/wiki/CPU_FLAGS_*) After rebuilding dev-libs/nettle-3.9.1 disabling the "sha" CPU_FLAGS_X86 certtool works as expected **The cpu_flags_x86_sha passes the x86-sha-ni arg to the compiler** ## Version of gnutls used: 3.8.0 https://packages.gentoo.org/packages/net-libs/gnutls https://gitweb.gentoo.org/repo/gentoo.git/tree/net-libs/gnutls/gnutls-3.8.0.ebuild ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) Gentoo ## How reproducible: Steps to Reproduce: * build https://git.lysator.liu.se/nettle/nettle/-/tags/nettle_3.9.1_release_20230601 with x86-sha-ni ARG on configure * build gnutls-3.8.0 * run `certtool --generate-privkey` ## Actual results: The program fails with Illegal instruction (core dumped). ## Expected results: Private Key generated -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1496 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 8 03:27:32 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Aug 2023 01:27:32 +0000 Subject: [gnutls-devel] GnuTLS | Move the GNUTLS_NO_EXTENSIONS compatibility #define to gnutls.h (!1766) In-Reply-To: References: Message-ID: Merge request !1766 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1766 Project:Branches: AdrianBunk/gnutls:master to gnutls/gnutls:master Author: Adrian Bunk -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1766 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 8 08:30:40 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Aug 2023 06:30:40 +0000 Subject: [gnutls-devel] GnuTLS | certtool --generate-privkey Program received signal SIGILL, Illegal instruction when needle is built with x86-sha-ni (#1496) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1503853760 Thank you for the report; that sounds like an issue (possibly in the CPU feature detection code) in Nettle. I'm not familiar with LXD but are you using a VM on it? If yes, the output of lscpu or (cat /proc/cpuinfo) might be helpful. Cc: @nielsmoller. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1503853760 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 8 09:03:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Aug 2023 07:03:21 +0000 Subject: [gnutls-devel] GnuTLS | certtool --generate-privkey Program received signal SIGILL, Illegal instruction when needle is built with x86-sha-ni (#1496) In-Reply-To: References: Message-ID: Niels M?ller commented: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1503888537 Hi, I see from the linked ebuild that you configure nettle with --disable-fat, so there should be *no* run-time detection. To figure out where it goes wrong, I'd like to know: 1. Do you expect the sha_ni instructions to be supported in the environment where you run certtool? 2. What was the nettle configure command (I don't quite understand the effect of the ebuild file), and configure output? 3. Can you check in gdb precisely which instruction it crashes on? I'd expect it's the first sha256rnds2 instruction, but would be good to confirm. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1503888537 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 8 11:04:52 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Aug 2023 09:04:52 +0000 Subject: [gnutls-devel] GnuTLS | certtool --generate-privkey Program received signal SIGILL, Illegal instruction when needle is built with x86-sha-ni (#1496) In-Reply-To: References: Message-ID: Giuseppe Foti commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1504114611 It is not a VM but a container. So the CPU is the same of the host processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 60 model name : Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz stepping : 3 microcode : 0x25 cpu MHz : 2394.250 cache size : 6144 KB physical id : 0 siblings : 8 core id : 0 cpu cores : 4 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid xsaveopt dtherm ida arat pln pts flush_l1d vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit srbds mmio_unknown bogomips : 4788.88 clflush size : 64 cache_alignment : 64 address sizes : 39 bits physical, 48 bits virtual power management: (and 7 cores more like this) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1504114611 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 8 11:42:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 08 Aug 2023 09:42:15 +0000 Subject: [gnutls-devel] GnuTLS | certtool --generate-privkey Program received signal SIGILL, Illegal instruction when needle is built with x86-sha-ni (#1496) In-Reply-To: References: Message-ID: Giuseppe Foti commented: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1504227771 1: I don't know 2a: when configuring for x86_64 (amd64) CC_FOR_BUILD=x86_64-pc-linux-gnu-gcc --disable-arm-neon --disable-arm64-crypto --disable-power-altivec --disable-power-crypto-ext --disable-power9 --enable-x86-aesni --disable-x86-sha-ni --disable-x86-pclmul --disable-s390x-vf --disable-s390x-msa --enable-assembler --disable-documentation --enable-public-key --disable-static --disable-fat --disable-openssl 2b: when configuring for x86_32 (x86) CC_FOR_BUILD=x86_64-pc-linux-gnu-gcc -m32 -mfpmath=sse --disable-arm-neon --disable-arm64-crypto --disable-power-altivec --disable-power-crypto-ext --disable-power9 --enable-x86-aesni --disable-x86-sha-ni --disable-x86-pclmul --disable-s390x-vf --disable-s390x-msa --enable-assembler --disable-documentation --enable-public-key --disable-static --disable-fat --disable-openssl 3: not sure, but I hope this will help: ``` (gdb) bt #0 0x00007ffff784a85d in _nettle_sha256_compress_n () from /usr/lib64/libnettle.so.8 #1 0x00007ffff784a57e in ?? () from /usr/lib64/libnettle.so.8 #2 0x00007ffff784a799 in nettle_sha256_digest () from /usr/lib64/libnettle.so.8 #3 0x00007ffff7d3f0f1 in ?? () from /usr/lib64/libgnutls.so.30 #4 0x00007ffff7c5bbd2 in ?? () from /usr/lib64/libgnutls.so.30 #5 0x00007ffff7cf5fb0 in ?? () from /usr/lib64/libgnutls.so.30 #6 0x00007ffff7ce7905 in gnutls_x509_privkey_get_key_id () from /usr/lib64/libgnutls.so.30 #7 0x0000555555569633 in ?? () #8 0x000055555556a40e in ?? () #9 0x0000555555566607 in ?? () #10 0x000055555555f879 in ?? () #11 0x00007ffff7a4f68a in ?? () from /lib64/libc.so.6 #12 0x00007ffff7a4f745 in __libc_start_main () from /lib64/libc.so.6 #13 0x000055555555f8b1 in ?? () ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1504227771 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 10 11:00:42 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Aug 2023 09:00:42 +0000 Subject: [gnutls-devel] GnuTLS | Modifier GNUTLS_NO_EXTENSIONS renamed to GNUTLS_NO_DEFAULT_EXTENSIONS (!1734) In-Reply-To: References: Message-ID: Vladim?r ?un?t commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1734#note_1507426647 I think you didn't manage to keep the API compatibility by accident? We see a package regressing ``` gnutls-dtls.c: In function 'start_dtls_handshake': gnutls-dtls.c:413:84: error: 'GNUTLS_NO_EXTENSIONS' undeclared (first use in this function); did you mean 'GNUTLS_EXT_NONE'? 413 | err = gnutls_init(&dtls_ssl, GNUTLS_CLIENT|GNUTLS_DATAGRAM|GNUTLS_NONBLOCK|GNUTLS_NO_EXTENSIONS); | ^~~~~~~~~~~~~~~~~~~~ | GNUTLS_EXT_NONE gnutls-dtls.c:413:84: note: each undeclared identifier is reported only once for each function it appears in ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1734#note_1507426647 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 10 11:42:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Aug 2023 09:42:53 +0000 Subject: [gnutls-devel] GnuTLS | Modifier GNUTLS_NO_EXTENSIONS renamed to GNUTLS_NO_DEFAULT_EXTENSIONS (!1734) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1734 was reviewed by Adrian Bunk -- Adrian Bunk commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1734#note_1507491381 @vcunat https://gitlab.com/gnutls/gnutls/-/merge_requests/1766 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1734 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 10 15:33:40 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 10 Aug 2023 13:33:40 +0000 Subject: [gnutls-devel] GnuTLS | Modifier GNUTLS_NO_EXTENSIONS renamed to GNUTLS_NO_DEFAULT_EXTENSIONS (!1734) In-Reply-To: References: Message-ID: Ajit Singh commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1734#note_1507833150 @vcunat thanks!! for cleaning up the previous mess. which gnutls version(or last commit) you're getting this error? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1734#note_1507833150 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 11 07:27:32 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 11 Aug 2023 05:27:32 +0000 Subject: [gnutls-devel] GnuTLS | Move the GNUTLS_NO_EXTENSIONS compatibility #define to gnutls.h (!1766) In-Reply-To: References: Message-ID: Milestone changed to Release of GnuTLS 3.8.2 (Aug 5, 2023?Oct 15, 2023) ( https://gitlab.com/gnutls/gnutls/-/milestones/40 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1766 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 13 03:01:25 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 13 Aug 2023 01:01:25 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Example Echo Client/Server Contains Removed Functions (#16) References: Message-ID: Skyler Ferris created an issue: https://gitlab.com/gnutls/guile/-/issues/16 Hello, I am just starting to look at gnutls and the guile bindings and tried to use the echo server provided as examples. It contains calls to `set-session-certificate-type-priority!` and `set-session-kx-priority!` which no longer exist in the `(gnutls)` module. I replaced them with `(set-session-priorities! x "NORMAL:-KX-ALL:+ANON-DH")` and it seemed to work. But maybe there is a better way to call it, I just started looking at it today. The below diff updates both sites to use this call if you want it, it's not clear to me how to open a pull request here. In the doc (https://docs.gitlab.com/ee/user/project/merge_requests/creating_merge_requests.html) it says that trying to push should give me a link for opening a pull request, but that gave me an error. Thanks, Skyler ```diff diff --git a/doc/gnutls-guile.texi b/doc/gnutls-guile.texi index f48c766..13d4a03 100644 --- a/doc/gnutls-guile.texi +++ b/doc/gnutls-guile.texi @@ -487,11 +487,12 @@ is bound to an open socket port): ;; Use the default settings. (set-session-default-priority! client) - ;; Don't use certificate-based authentication. - (set-session-certificate-type-priority! client '()) - - ;; Request the "anonymous Diffie-Hellman" key exchange method. - (set-session-kx-priority! client (list kx/anon-dh)) + ;; Set the priorities for the session. See "Priority Strings" in the GNUTLS manual for + ;; further details. The options used here are as follows: + ;; NORMAL: Start with the default settings. + ;; -KX-ALL: Don't use certificate-based authentication. + ;; +ANON-DH: Request the "anonymous Diffie-Hellman" key exchange method. + (set-session-priorities! client "NORMAL:-KX-ALL:+ANON-DH") ;; Specify the underlying socket. (set-session-transport-fd! client (fileno some-socket)) @@ -520,8 +521,7 @@ The corresponding server would look like this (again, assuming (let ((server (make-session connection-end/server))) (set-session-default-priority! server) - (set-session-certificate-type-priority! server '()) - (set-session-kx-priority! server (list kx/anon-dh)) + (set-session-priorities! server "NORMAL:-KX-ALL:+ANON-DH") ;; Specify the underlying transport socket. (set-session-transport-fd! server (fileno some-socket)) ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/16 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 15 10:38:43 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Aug 2023 08:38:43 +0000 Subject: [gnutls-devel] GnuTLS | Fails to build with clang on Windows (gettime conflict) (#1497) References: Message-ID: Christoph Reiter created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1497 Building 3.8.1 I get: ```c In file included from ../../gnutls-3.8.1/src/cli.c:65: ../../gnutls-3.8.1/src/benchmark.h:38:20: error: static declaration of 'gettime' follows non-static declaration inline static void gettime(struct timespec *ts) ^ ../../gnutls-3.8.1/src/gl/timespec.h:93:6: note: previous declaration is here void gettime (struct timespec *) _GL_ARG_NONNULL ((1)); ^ ``` 3.8.0 builds fine; gcc also works (it seems to provide a clock_gettime() somehow..) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1497 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 15 13:58:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 15 Aug 2023 11:58:05 +0000 Subject: [gnutls-devel] GnuTLS | Fails to build with clang on Windows (gettime conflict) (#1497) In-Reply-To: References: Message-ID: Christoph Reiter commented: https://gitlab.com/gnutls/gnutls/-/issues/1497#note_1513866196 I've worked this around now downstream, by just dropping that conflicting declaration: ```diff --- gnutls-3.8.1/src/benchmark.h.orig 2023-08-15 12:08:01.059509200 +0200 +++ gnutls-3.8.1/src/benchmark.h 2023-08-15 12:10:19.840993900 +0200 @@ -31,19 +31,6 @@ #include #include "timespec.h" -#if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_PROCESS_CPUTIME_ID) -#undef gettime -#define gettime(x) clock_gettime(CLOCK_PROCESS_CPUTIME_ID, x) -#else -inline static void gettime(struct timespec *ts) -{ - struct timeval tv; - gettimeofday(&tv, NULL); - ts->tv_sec = tv.tv_sec; - ts->tv_nsec = tv.tv_usec * 1000; -} -#endif - typedef void (*sighandler_t)(int); void benchmark_cipher(int debug_level); ``` though the gnulib variant doesn't use CLOCK_PROCESS_CPUTIME_ID, so it's not 100% equivalent. https://git.savannah.gnu.org/cgit/gnulib.git/tree/lib/gettime.c -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1497#note_1513866196 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 16 21:29:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 16 Aug 2023 19:29:05 +0000 Subject: [gnutls-devel] GnuTLS | Missing DLL in windows binaries (#1498) References: Message-ID: Roukanken created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1498 ## Description of problem: `certtool.exe` in latest distribution of Windows binaries is unable to start due to missing dll. Similar issue to #1441, just another dll. ## Version of gnutls used: 3.8.1, 3.7.8, 3.7.5 Version 3.6.0 seems to work ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) w64 binaries from gnupg.org ## How reproducible: Launch `certtool.exe` ## Actual results: Pop-ups reports missing dll `libssp-0.dll` ## Expected results: Prints short help and exits successfully ## Note If it is not reproducible, check if dll isn't already at PATH elsewhere, as it was on my initial environment. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1498 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 17 07:27:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 05:27:17 +0000 Subject: [gnutls-devel] GnuTLS | Experiment post-quantum key agreement in TLS (#1499) References: Message-ID: Daiki Ueno created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1499 Similar to #1460, there is an ongoing [effort](https://www.ietf.org/id/draft-tls-westerbaan-xyber768d00-02.html) to enable post-quantum cryptography in TLS key agreement. It would be nice to check how feasible it is to implement such algorithms in GnuTLS. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1499 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 17 11:12:07 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 09:12:07 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Example Echo Client/Server Contains Removed Functions (#16) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/16#note_1516700633 Thanks for the report -- I think the best way to resolve this in a future-safe way is to move this code (and maybe other code) into guile/examples/ and add some code to build and (when possible) execute the example code during 'make check'. Would you like to work on that? To create a merge request, you first Fork this project into your own namespace gitlab.com/skyvine/guile (or use 'guile-gnutls' as name when you fork it) and then push into a separate branch in your own fork, then a link to create the merge request will be shown. I guess you tried to push to the upstream project, which you don't (yet :)) have write access to. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/16#note_1516700633 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 17 11:17:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 09:17:47 +0000 Subject: [gnutls-devel] Guile-GnuTLS | FTBFS against 3.8.1 (#15) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/15#note_1516710993 Seems to be fixed in gnutls by this: https://gitlab.com/gnutls/gnutls/-/merge_requests/1766 https://gitlab.com/gnutls/gnutls/-/commit/cd46d367160f8b324283ee7554f907c665d632b8 As this seems to be a GnuTLS bug that was fairly quickly resolved, I'm not sure introducing a workaround in guile-gnutls is worth it. If someone proposes a merge request to fix it, let's consider it, but if patching GnuTLS solves this easily for everyone, then maybe let's not. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/15#note_1516710993 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 17 11:21:35 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 09:21:35 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Release as stable 4.0.0 (#17) References: Message-ID: Simon Josefsson created an issue: https://gitlab.com/gnutls/guile/-/issues/17 To get the APIs out of beta-phase, and to uncouple our versioning scheme from GnuTLS, let's release 4.0.0 as stable. It is a bit confusing that the versions look similar to GnuTLS versions but are no longer related in any meaningful way. Bumping it to 4.0.0 makes this clearer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/17 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 17 11:47:55 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 09:47:55 +0000 Subject: [gnutls-devel] Guile-GnuTLS | FTBFS against 3.8.1 (#15) In-Reply-To: References: Message-ID: Andreas Metzler commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/15#note_1516757451 I agree. - I am wondering though whether the guile bindings really should continue to use the compat GNUTLS_NO_EXTENSIONS. But this can be thought as extension of #6. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/15#note_1516757451 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 17 12:33:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 10:33:47 +0000 Subject: [gnutls-devel] Guile-GnuTLS | FTBFS against 3.8.1 (#15) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/15#note_1516835669 OTOH, seems like ArchLinux already picked up GnuTLS 3.8.1 and it causes our pipeline to fail. Maybe a workaround is the right way forward anyway... Indeed, guile-gnutls uses a lot of deprecated functionality from GnuTLS, and fixing it wasn't completely trivial last time I looked at it. Let's punt fixing that aspect to #6 for now. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/15#note_1516835669 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 17 14:31:34 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 12:31:34 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Handle missing GNUTLS_NO_EXTENSIONS. Closes: #15. (!17) References: Message-ID: Simon Josefsson created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/17 Branches: jas/fix-ftbfs to master Author: Simon Josefsson The GNUTLS_NO_EXTENSIONS #define is missing from GnuTLS 3.8.1. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/17 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 17 14:31:42 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 12:31:42 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Handle missing GNUTLS_NO_EXTENSIONS. Closes: #15. (!17) In-Reply-To: References: Message-ID: Merge request !17 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/17 Branches: jas/fix-ftbfs to master Author: Simon Josefsson -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/17 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 17 14:31:43 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 12:31:43 +0000 Subject: [gnutls-devel] Guile-GnuTLS | FTBFS against 3.8.1 (#15) In-Reply-To: References: Message-ID: Issue was closed by Simon Josefsson via commit 394383035edf9ce6100418e0e8c0ceb49f774fbc Issue #15: https://gitlab.com/gnutls/guile/-/issues/15 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/15 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 18 00:14:37 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 22:14:37 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Jas/indent (!18) References: Message-ID: Simon Josefsson created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/18 Branches: jas/indent to master Author: Simon Josefsson -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/18 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 18 00:14:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 22:14:45 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Indent Guile code (#5) In-Reply-To: References: Message-ID: Issue was closed by Simon Josefsson via commit 052d78b94a60d6e9012c5b70ab40c3b214cfdd8b Issue #5: https://gitlab.com/gnutls/guile/-/issues/5 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/5 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 18 00:14:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 17 Aug 2023 22:14:45 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Jas/indent (!18) In-Reply-To: References: Message-ID: Merge request !18 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/18 Branches: jas/indent to master Author: Simon Josefsson -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/18 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 21 04:33:32 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Aug 2023 02:33:32 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Missing zeros in digest/sha* output (#18) References: Message-ID: Marius Bakke created an issue: https://gitlab.com/gnutls/guile/-/issues/18 Hi! I wrote a simple sha256sum procedure: ``` (define (digest-sha256 str) (string-join (map (cut format #f "~x" <>) (bytevector->u8-list (hash-direct digest/sha256 (string->utf8 str)))) "")) ``` But: ``` (digest-sha256 "test") 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2bb822cd15d6c15b0f0a8 # echo -n test | sha256sum - 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08 ``` It seems there should be a 0 between `f0` and `a` at the end. Is this a bug or am I doing something wrong? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/18 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 21 16:51:09 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Aug 2023 14:51:09 +0000 Subject: [gnutls-devel] libtasn1 | BIT STRING input to asn1_der_coding producing incorrect result (#47) References: Message-ID: marquitos0119 created an issue: https://gitlab.com/gnutls/libtasn1/-/issues/47 ## Description of problem: BIT STRING encoding producing incorrect result ## Version of libtasn1 used: 4.19.0.12-3f7a ## Distributor of libtasn1 (e.g., Ubuntu, Fedora, RHEL) - built from source ## How reproducible: Steps to Reproduce: * Using the asn1Coding executable which makes calls to asn1_der_coding, I attempt to encode a single element SEQUENCE with a BIT STRING element. * definition file: ```plaintext MYEXAMPLE { } DEFINITIONS IMPLICIT TAGS ::= BEGIN mySeq ::= SEQUENCE { myBit BIT STRING } END ``` * assignment file: ```plaintext dp MYEXAMPLE.mySeq myBit abc123 ``` ## Actual results: ```plaintext 30 04 03 02 02 60 ``` When I set the input characters to multiples of 8, it will encode the first char in the set per 8 input chars. e.g. if the input for myBit is `a1234567`, the output encode `a` as the bit string: ```plaintext 30 04 03 02 00 61 ``` where 61 is the ascii encoding of `a`. However, less than 8 characters (like the above example `abc123`) ends up with different results. ## Expected results: ```plaintext 30 09 03 07 00 61 62 63 31 32 33 ``` I expected the same results as with an OCTET STRING, with the additional "unused bits" prefix byte. OCTET STRING encoding is below: ```plaintext 30 08 04 06 61 62 63 31 32 33 ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/47 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 21 17:57:35 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Aug 2023 15:57:35 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Example Echo Client/Server Contains Removed Functions (#16) In-Reply-To: References: Message-ID: Skyler Ferris commented: https://gitlab.com/gnutls/guile/-/issues/16#note_1521480551 I started working on this. It's very "rough draft" right now, but [it shows my intentions](https://gitlab.com/skyvine/guile-gnutls/-/commit/c27a24ed36f6a681616a5250b8d95c923b86a0a8). I haven't used autotools before so I might need some help understanding how to modify those scripts. In the meantime, I added a phase to `guix.scm` so I could try it. I want to be able to split this change across multiple commits without breaking the build on any individual commit. This is why the build phase checks if `main` is defined before calling it. Unfortunately, this does not work with the examples as-is, because some of them expect interactive input. There are 2 competing concerns here. On one hand, we want the examples to be testable to make sure that people have accurate information. On the other hand, we want the examples to be easily understood by people who are unfamiliar with the GNUTLS API, and possibly new to TLS itself. This means that the examples should not only be readable, but also easy to modify for the purpose of exploring the library. I assume that the latter concern is the reason that some of the examples have interactive input. The convention demonstrated in the WIP commit is for each example to define a `main` function which takes an `#:automated?` argument that defaults to false. This way if a person runs it without reading it fully (I know, but the reality is that people do that, particularly when testing an unfamiliar project for usability) then it will behave in the way that is most useful to them. The build system will pass `#:automated? #t`. Accounting for both of these concerns does degrade the quality of the code in terms of maintainability and explorability. However, I think that if the code is written with these concerns in mind the impact can be minimized. In general, I would prefer additional cognitive load for testing rather than exploring. The tester is presumably better equipped to manage it than the explorer, who is in an unfamiliar environment. I propose the following series of commits: 1. A set of commits which updates each example currently in `guile/examples` to use the `main #:automated?` convention. 2. A commit which updates autotools to run something equivalent to the build phase in the WIP commit. 3. A set of commits which moves each example from the manual into `guile/examples`. 4. Possibly, commits to add examples currently in `guile/examples` to the manual. If this sounds good to you, I could send commits as I complete them or open a single merge request once everything is done, whatever works better on your end. I am working on this in my spare time, so it might take a while to complete it all. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/16#note_1521480551 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 21 18:33:27 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 21 Aug 2023 16:33:27 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) References: Message-ID: Yongye Zhu created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 Project:Branches: zyongye/gnutls:ktls-freebsd to gnutls/gnutls:master Author: Yongye Zhu #1417 ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 03:44:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 01:44:36 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: bundle libssp-0.dll in the Windows archive (!1769) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1769 Project:Branches: dueno/gnutls:wip/dueno/libssp-windows to gnutls/gnutls:master Author: Daiki Ueno Fixes: #1498 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1769 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 09:18:27 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 07:18:27 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Example Echo Client/Server Contains Removed Functions (#16) In-Reply-To: References: Message-ID: Marius Bakke commented: https://gitlab.com/gnutls/guile/-/issues/16#note_1522296303 Hey, those changes look great. For testing with Autotools, adding something like this in `Makefile.am` should be a good start: ``` TESTS = \ tests/examples.sh TEST_EXTENSIONS = .sh SH_LOG_COMPILER = $(SHELL) AM_SH_LOG_FLAGS = -x -e ``` Then `make check` should "just work". `examples.sh` could be a series of steps like: ``` #!/bin/sh echo -e "foo\nbar\n" | guile $exampledir/test-hmac.scm > tests/hmac.out if [ "$?" != "0" ]; then exit 1; fi if [ -n $(diff -u tests/hmac.{out,expected}) ]; then exit 1; fi ``` Of course this can be further streamlined with a `for test in hmac echo ...; do run_test $test`, etc. Hope this helps & thanks for working on this! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/16#note_1522296303 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 09:32:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 07:32:39 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Update gnulib files. (!19) References: Message-ID: Simon Josefsson created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/19 Project:Branches: jas/guile-gnutls:jas/update-gnulib to gnutls/guile:master Author: Simon Josefsson Signed-off-by: Simon Josefsson -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/19 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 09:33:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 07:33:36 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Update gnulib files. (!19) In-Reply-To: References: Message-ID: Merge request !19 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/19 Project:Branches: jas/guile-gnutls:jas/update-gnulib to gnutls/guile:master Author: Simon Josefsson -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/19 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 09:37:24 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 07:37:24 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Missing zeros in digest/sha* output (#18) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/18#note_1522322889 Indeed you are right, and I suspect the code is skipping NUL bytes for some reason. What do you think @vivien\_ ? Maybe we can add this self-test to the regression check, it is nice to have some test vectors with NULs in the output. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/18#note_1522322889 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 09:40:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 07:40:33 +0000 Subject: [gnutls-devel] Guile-GnuTLS | SRP build option (#4) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/4#note_1522327141 GnuTLS 3.8.0 disables it by default: ``` ** libgnutls: SRP authentication is now disabled by default. It is disabled because the SRP authentication in TLS is not up to date with the latest TLS standards and its ciphersuites are based on the CBC mode and SHA-1. To enable it back, supply --enable-srp-authentication option to configure script. ``` I'm inclined to disable or even remove this code from guile-gnutls, the odds that anyone is using this should be pretty slim?! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/4#note_1522327141 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 09:51:12 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 07:51:12 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Missing zeros in digest/sha* output (#18) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/18#note_1522341505 Hello! This is just an issue with the format strings: it removes leading zeros for each individual byte. The Guile manual for format has a few examples with the format options, and I think this format is what you want, to have 2-character hex numbers padded with 0: ```scheme (use-modules (rnrs bytevectors) (srfi srfi-26)) (string-join (map (cut format #f "~2,'0x" <>) (bytevector->u8-list (hash-direct digest/sha256 (string->utf8 "test")))) "") ``` I get `"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/18#note_1522341505 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 09:52:11 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 07:52:11 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Example Echo Client/Server Contains Removed Functions (#16) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/16#note_1522342831 Thanks for working on this! On principle, I think examples should be just that -- example code intended for human readers, and suitable for the manual. Isn't the only reason you added the automated tag to allow comparison of the strings? I think it is perfectly fine for an example to also log both strings and finish with a string comparison. So just remove the automated tag and the conditional if? I don't think the example code has to be USEFUL as a self-test, the point of running it during the self-test is to make sure that it at least doesn't throw errors or uses unknown functions. Maybe the conflicting goals is that you are trying to make the example code relevant as a self-test? It doesn't have to be. All this said, if you propose a merge request that does something sensible here, I'm happy to merge it even if it results in examples becoming a bit less readable -- that can be fixed later on if anyone agrees with me. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/16#note_1522342831 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 10:18:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 08:18:45 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Example Echo Client/Server Contains Removed Functions (#16) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/16#note_1522383489 Hello! In case this helps, the examples for the "Using GnuTLS as a cryptography library" section are constructed like this: In the manual, add: ```texinfo @example @verbatiminclude @value{abs_top_srcdir}/guile/examples/?your example?.scm @end example ``` In the guile/examples directory, create the ?your example?.scm file and paste the code in. In guile/Makefile.am, add examples/?your example?.scm file to EXTRA_DIST, at the end of the file. Add a test to run the example with a managed environment. Create guile/tests/?test to run your example?.scm, and add tests/?test to run your example?.scm to the TESTS variable in the same guile/Makefile.am, slightly above. The test script should run the example like this: ```guile (load-from-path "?your example?.scm") ``` You can control the stdin and stdout interactions used by your example, and surely other environment things, around the load-from-path invocation. The easiest example is guile/examples/random-example.scm, run by guile/tests/random.scm. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/16#note_1522383489 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 10:20:03 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 08:20:03 +0000 Subject: [gnutls-devel] Guile-GnuTLS | SRP build option (#4) In-Reply-To: References: Message-ID: Andreas Metzler commented: https://gitlab.com/gnutls/guile/-/issues/4#note_1522385356 Good idea, I ended up configuring guile-gnutls with --disable-srp-authentication for Debian. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/4#note_1522385356 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 10:55:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 08:55:05 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Explain how to make testable examples (!20) References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/20 Branches: testable-examples to master Author: Vivien Kraus Would Rather Not Be On Gitlab_com It may be used for https://gitlab.com/gnutls/guile/-/issues/16 I am not sure about the Markdown syntax. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/20 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 10:59:32 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 08:59:32 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Draft: Explain how to make testable examples (!20) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com marked merge request !20 as draft -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/20 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 11:11:03 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 09:11:03 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Explain how to make testable examples (!20) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com marked merge request !20 as ready -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/20 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 11:48:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 09:48:15 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Draft: Resolve "warning: AM_V_GUILEC_$(V: non-POSIX recursive variable expansion" (!21) References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/21 Branches: fix-issue-8 to master Author: Vivien Kraus Would Rather Not Be On Gitlab_com Closes #8 by using the example in the Automake manual: https://www.gnu.org/software/automake/manual/html_node/Automake-Silent-Rules.html -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/21 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 11:56:58 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 09:56:58 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Resolve "warning: AM_V_GUILEC_$(V: non-POSIX recursive variable expansion" (!21) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com marked merge request !21 as ready -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/21 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 12:38:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 10:38:19 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Missing zeros in digest/sha* output (#18) In-Reply-To: References: Message-ID: Marius Bakke commented: https://gitlab.com/gnutls/guile/-/issues/18#note_1522615543 Derp :face_palm: Classic PEBKAC. Thank you so much for helping me with this problem. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/18#note_1522615543 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 12:38:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 10:38:19 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Missing zeros in digest/sha* output (#18) In-Reply-To: References: Message-ID: Issue was closed by Marius Bakke Issue #18: https://gitlab.com/gnutls/guile/-/issues/18 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/18 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 16:29:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 14:29:21 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Franti?ek Kren?elok commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1523019672 Looking good, just a couple of nits -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1523019672 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 16:29:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 14:29:21 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 was reviewed by Franti?ek Kren?elok -- Franti?ek Kren?elok started a new discussion on lib/system/ktls.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1523019646 > + assert(offset != NULL); > + > + gnutls_transport_get_int2(session, &sockin, &sockout); Lets go even further and use `#define` only for the calling of senfile() and the: ``` *offset += sbytes; /* follow linux sendfile behavior */ return sbytes; ``` -- Franti?ek Kren?elok started a new discussion on tests/ktls.sh: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1523019661 You might have made some unintentional space changes here, let's revert those. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 22 18:01:22 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 22 Aug 2023 16:01:22 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 was reviewed by Franti?ek Kren?elok -- Franti?ek Kren?elok started a new discussion on lib/system/ktls.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1523197344 > { > #if defined(__FreeBSD__) Let's do this to get rid of one of the `if def..` ``` ... ssize_t ret; int sockin, sockout; #if defined(__FreeBSD__) off_t sbytes = 0; assert(offset != NULL); #endif assert(session != NULL); ... ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 23 03:37:34 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Aug 2023 01:37:34 +0000 Subject: [gnutls-devel] GnuTLS | Missing DLL in windows binaries (#1498) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1769 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1769) Issue #1498: https://gitlab.com/gnutls/gnutls/-/issues/1498 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1498 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 23 03:37:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Aug 2023 01:37:33 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: bundle libssp-0.dll in the Windows archive (!1769) In-Reply-To: References: Message-ID: Merge request !1769 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1769 Project:Branches: dueno/gnutls:wip/dueno/libssp-windows to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1769 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 23 03:47:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Aug 2023 01:47:28 +0000 Subject: [gnutls-devel] GnuTLS | benchmark: use fallback gettime provided by Gnulib's timespec module (!1770) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770 Project:Branches: dueno/gnutls:wip/dueno/benchmark-gettime to gnutls/gnutls:master Author: Daiki Ueno If CLOCK_PROCESS_CPUTIME_ID is not defined, a fallback gettime function was defined as an inline function. Given that "timespec.h" from Gnulib already defines such a fallback function with the same name, it's not necessary to redefine it. This should fix the build issue with Clang: In file included from ../../gnutls-3.8.1/src/cli.c:65: ../../gnutls-3.8.1/src/benchmark.h:38:20: error: static declaration of 'gettime' follows non-static declaration inline static void gettime(struct timespec *ts) ^ ../../gnutls-3.8.1/src/gl/timespec.h:93:6: note: previous declaration is here void gettime (struct timespec *) _GL_ARG_NONNULL ((1)); ^ Fixes: #1497 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 23 03:49:10 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Aug 2023 01:49:10 +0000 Subject: [gnutls-devel] GnuTLS | Fails to build with clang on Windows (gettime conflict) (#1497) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1497#note_1523868485 Yeah, maybe we could remove the fallback definition only. Could you check !1770? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1497#note_1523868485 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 23 08:30:23 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Aug 2023 06:30:23 +0000 Subject: [gnutls-devel] GnuTLS | index should check before use (!1771) References: Message-ID: xuraoqing created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1771 Project:Branches: xuraoqing/gnutls:master to gnutls/gnutls:master Author: xuraoqing Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist [*] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1771 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 23 09:00:40 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Aug 2023 07:00:40 +0000 Subject: [gnutls-devel] GnuTLS | index should check before use (!1771) In-Reply-To: References: Message-ID: Daiki Ueno started a new discussion on src/srptool.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1771#note_1524082559 > while (fgets(line, sizeof(line), fp) != NULL) { > /* move to first ':' */ > i = 0; > - while ((line[i] != ':') && (line[i] != '\0') && > - (i < sizeof(line))) { > + while ((i < sizeof(line)) && (line[i] != ':') && (line[i] != '\0')) { > i++; > } I wonder why the original code is written this way; isn't it equivalent to: ```c /* parse a line in the form: :...: */ size_t len = strlen(username); if (strncmp(username, line, len) == 0 && line[len] == ':') { ... } ``` ? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1771#note_1524082559 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 23 15:23:58 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Aug 2023 13:23:58 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Yongye Zhu commented on a discussion on lib/system/ktls.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1524750740 > { > #if defined(__FreeBSD__) fixed -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1524750740 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 23 21:50:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Aug 2023 19:50:33 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Explain how to make testable examples (!20) In-Reply-To: References: Message-ID: Merge request !20 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/20 Branches: testable-examples to master Author: Vivien Kraus Would Rather Not Be On Gitlab_com -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/20 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 23 21:51:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Aug 2023 19:51:39 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Resolve "warning: AM_V_GUILEC_$(V: non-POSIX recursive variable expansion" (!21) In-Reply-To: References: Message-ID: Merge request !21 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/21 Branches: fix-issue-8 to master Author: Vivien Kraus Would Rather Not Be On Gitlab_com -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/21 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 23 21:51:41 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 23 Aug 2023 19:51:41 +0000 Subject: [gnutls-devel] Guile-GnuTLS | warning: AM_V_GUILEC_$(V: non-POSIX recursive variable expansion (#8) In-Reply-To: References: Message-ID: Issue was closed by Simon Josefsson via merge request !21 (https://gitlab.com/gnutls/guile/-/merge_requests/21) Issue #8: https://gitlab.com/gnutls/guile/-/issues/8 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/8 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 11:09:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 09:09:17 +0000 Subject: [gnutls-devel] GnuTLS | benchmark: use fallback gettime provided by Gnulib's timespec module (!1770) In-Reply-To: References: Message-ID: Zolt?n Fridrich was added as a reviewer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 11:09:25 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 09:09:25 +0000 Subject: [gnutls-devel] GnuTLS | benchmark: use fallback gettime provided by Gnulib's timespec module (!1770) In-Reply-To: References: Message-ID: All reviewers were removed. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 11:10:43 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 09:10:43 +0000 Subject: [gnutls-devel] GnuTLS | benchmark: use fallback gettime provided by Gnulib's timespec module (!1770) In-Reply-To: References: Message-ID: Merge request !1770 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770 Project:Branches: dueno/gnutls:wip/dueno/benchmark-gettime to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 11:10:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 09:10:39 +0000 Subject: [gnutls-devel] GnuTLS | benchmark: use fallback gettime provided by Gnulib's timespec module (!1770) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770#note_1526323943 Looks good. One test is failing but it seems unrelated. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770#note_1526323943 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 15:34:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 13:34:04 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Release as stable 4.0.0 (#17) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/17#note_1526859612 Now released. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/17#note_1526859612 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 15:34:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 13:34:05 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Release as stable 4.0.0 (#17) In-Reply-To: References: Message-ID: Issue was closed by Simon Josefsson Issue #17: https://gitlab.com/gnutls/guile/-/issues/17 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/17 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 15:38:08 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 13:38:08 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Guix builds fail in pipeline on tags (#19) References: Message-ID: Simon Josefsson created an issue: https://gitlab.com/gnutls/guile/-/issues/19 Job "Guix-git-indent" fail on tags: ``` $ git checkout $CI_COMMIT_BRANCH $ guix build -f guix.scm updating checkout of '/builds/gnutls/guile'... guix build: error: Git failure while fetching /builds/gnutls/guile: reference 'refs/remotes/origin/HEAD' not found ``` Ways to resolve: 1) Some build command change so it doesn't mess with git repository? 2) Don't run on tags -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/19 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 15:52:26 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 13:52:26 +0000 Subject: [gnutls-devel] GnuTLS | `The certificate issuer is unknown.` despite certificate being present (#1455) In-Reply-To: References: Message-ID: Paul Menzel commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1455#note_1526902023 [Version 3.7.10 was tagged](https://gitlab.com/gnutls/gnutls/-/tags/3.7.10) two weeks ago on August 3rd. 2024. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1455#note_1526902023 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 20:38:49 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 18:38:49 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Guix build system: build from a local checkout, not the full repository (!22) References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/22 Branches: local-snapshot-guix to master Author: Vivien Kraus Would Rather Not Be On Gitlab_com Using local-file instead of git-checkout ensures that the git repository can stay in GitLab?s favorite state. This could solve https://gitlab.com/gnutls/guile/-/issues/19, but we would have to check on a dummy tag... What do you think? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/22 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 20:40:26 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 18:40:26 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Guix builds fail in pipeline on tags (#19) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/19#note_1527537218 In !22 I propose to build the current directory without the .git so that there is no need to manipulate the git repository. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/19#note_1527537218 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 20:41:24 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 18:41:24 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Draft: Guix build system: build from a local checkout, not the full repository (!22) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com marked merge request !22 as draft -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/22 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 20:41:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 18:41:53 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Draft: Guix build system: build from a local checkout, not the full repository (!22) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/merge_requests/22#note_1527538721 Should we allocate a tag and try to build it? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/22#note_1527538721 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 21:45:32 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 19:45:32 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Check the anonymous hello-world client/server example (!23) References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/23 Branches: anonymous-encryption-checked to master Author: Vivien Kraus Would Rather Not Be On Gitlab_com See https://gitlab.com/gnutls/guile/-/issues/16 There is already a test for anonymous client/server, but slightly different. I believe it?s best to keep both. I added @skyvine as an author for the fixing of the example, using author information from other commits. Is it correct? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/23 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 21:49:24 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 19:49:24 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Example Echo Client/Server Contains Removed Functions (#16) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/16#note_1527604398 Hi, as stated elsewhere, we already have a similar test and a way to check manual examples. I did not take the time to document that when I deployed it for the cryptography API, but now it is in CONTRIBUTING.md. I?m sorry you had to try re-implement it because of me not documenting that. I did add the example to a test in !23, crediting you for this patch, using the author information from your WIP commit. Is it OK? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/16#note_1527604398 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 24 21:50:57 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 24 Aug 2023 19:50:57 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Draft: Check the anonymous hello-world client/server example (!23) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com marked merge request !23 as draft -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/23 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 25 04:48:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Aug 2023 02:48:21 +0000 Subject: [gnutls-devel] GnuTLS | benchmark: use fallback gettime provided by Gnulib's timespec module (!1770) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770#note_1528313031 Let's wait for the confirmation from @lazka. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770#note_1528313031 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 25 13:36:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Aug 2023 11:36:39 +0000 Subject: [gnutls-devel] GnuTLS | benchmark: use fallback gettime provided by Gnulib's timespec module (!1770) In-Reply-To: References: Message-ID: Christoph Reiter commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770#note_1529829873 I can confirm that things build with this patch: https://github.com/msys2/MINGW-packages/pull/18258 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770#note_1529829873 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 25 20:34:24 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Aug 2023 18:34:24 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add hex-encode and hex-decode with manual examples. (!24) References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/24 Branches: base16-base64-base64url to master Author: Vivien Kraus Would Rather Not Be On Gitlab_com In https://gitlab.com/gnutls/guile/-/issues/18, it appears that the Guile way to print hexadecimal values is counterintuitive. Gnutls provides base16 encoding and decoding. We bind them too. I added an example in the manual to convert from base64 to base64url and back, because gnutls does not provide a function for this. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/24 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 25 22:47:49 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Aug 2023 20:47:49 +0000 Subject: [gnutls-devel] GnuTLS | benchmark: use fallback gettime provided by Gnulib's timespec module (!1770) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770#note_1530677463 Thank you for confirming! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770#note_1530677463 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 25 22:47:56 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Aug 2023 20:47:56 +0000 Subject: [gnutls-devel] GnuTLS | benchmark: use fallback gettime provided by Gnulib's timespec module (!1770) In-Reply-To: References: Message-ID: Merge request !1770 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770 Project:Branches: dueno/gnutls:wip/dueno/benchmark-gettime to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1770 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Aug 25 22:47:56 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Aug 2023 20:47:56 +0000 Subject: [gnutls-devel] GnuTLS | Fails to build with clang on Windows (gettime conflict) (#1497) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1770 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1770) Issue #1497: https://gitlab.com/gnutls/gnutls/-/issues/1497 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1497 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Aug 26 00:24:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 25 Aug 2023 22:24:36 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Example Echo Client/Server Contains Removed Functions (#16) In-Reply-To: References: Message-ID: Skyler Ferris commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/16#note_1530749878 Yeah, the author information is correct. And it looks like you added a some code to check the output of the server, so that resolves the concern about the semantics as well. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/16#note_1530749878 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Aug 26 08:50:10 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 26 Aug 2023 06:50:10 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Check the anonymous hello-world client/server example (!23) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com marked merge request !23 as ready -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/23 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Aug 26 12:28:55 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 26 Aug 2023 10:28:55 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add hex-encode and hex-decode with manual examples. (!24) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/merge_requests/24#note_1530949453 With this commit, I can replace gcrypt with gnutls in guile-goblins: https://gitlab.com/spritely/guile-goblins/-/merge_requests/181 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/24#note_1530949453 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:17:48 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:17:48 +0000 Subject: [gnutls-devel] Guile-GnuTLS | no 4.0.0 release notes (#20) References: Message-ID: Rui Chen created an issue: https://gitlab.com/gnutls/guile/-/issues/20 :wave: it looks like currently there is 4.0.0 release notes, raise this issue for awareness. Thanks! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/20 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:20:42 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:20:42 +0000 Subject: [gnutls-devel] Guile-GnuTLS | tests: do not use hostname for SNI server name (!25) References: Message-ID: Simon Josefsson created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/25 Project:Branches: jas/guile-gnutls:jas/sni-hostname to gnutls/guile:master Author: Simon Josefsson Some host names (e.g. those containing a "-" character) are not valid SNI server names. For this reason, the tests will fail on such hosts. To workaround that, simple use a hardcoded name for SNI. Signed-off-by: Simon Josefsson -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/25 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:22:55 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:22:55 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add hex-encode and hex-decode with manual examples. (!24) In-Reply-To: References: Message-ID: Merge request !24 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/24 Branches: base16-base64-base64url to master Author: Vivien Kraus Would Rather Not Be On Gitlab_com -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/24 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:26:25 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:26:25 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Check the anonymous hello-world client/server example (!23) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/merge_requests/23#note_1531191751 As always, thank you! I don't think we should "fake" commit authorship unless there was actual authorship, which I can't really tell here. What do you think, @skyvine? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/23#note_1531191751 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:26:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:26:28 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Check the anonymous hello-world client/server example (!23) In-Reply-To: References: Message-ID: Merge request !23 was approved by Simon Josefsson Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/23 Branches: anonymous-encryption-checked to master Author: Vivien Kraus Would Rather Not Be On Gitlab_com Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/23 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:27:55 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:27:55 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Draft: Guix build system: build from a local checkout, not the full repository (!22) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/merge_requests/22#note_1531192295 Thank you! This also solves the hard-coded version number in guix.scm. Can't you just push a tag to your repository, to see if the pipeline succeeds? Happy to merge this once that has been tested. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/22#note_1531192295 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:29:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:29:39 +0000 Subject: [gnutls-devel] Guile-GnuTLS | New release: Guile-GnuTLS 4.0.0 - v4.0.0 Message-ID: A new Release v4.0.0 for Guile-GnuTLS was published. Visit the Releases page to read more about it: https://gitlab.com/gnutls/guile/-/releases Assets: - Download zip: https://gitlab.com/gnutls/guile/-/archive/v4.0.0/guile-v4.0.0.zip - Download tar.gz: https://gitlab.com/gnutls/guile/-/archive/v4.0.0/guile-v4.0.0.tar.gz - Download tar.bz2: https://gitlab.com/gnutls/guile/-/archive/v4.0.0/guile-v4.0.0.tar.bz2 - Download tar: https://gitlab.com/gnutls/guile/-/archive/v4.0.0/guile-v4.0.0.tar Release notes: https://gitlab.com/gnutls/guile/-/blob/v4.0.0/NEWS [guile-gnutls-4.0.0.tar.gz](/uploads/9060bc55069cedb40ab46cea49b439c0/guile-gnutls-4.0.0.tar.gz) [guile-gnutls-4.0.0.tar.gz.sig](/uploads/a3c53a85b8dfafc23fb6ccc65de7b545/guile-gnutls-4.0.0.tar.gz.sig) -- View it on GitLab: https://gitlab.com/gnutls/guile/-/releases You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:31:51 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:31:51 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Automate release page? (#21) References: Message-ID: Simon Josefsson created an issue: https://gitlab.com/gnutls/guile/-/issues/21 Is it possible to automate the gitlab release page somehow? The tar/sig is difficult to automate, but maybe at least CLI-script it is feasible. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/21 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:32:31 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:32:31 +0000 Subject: [gnutls-devel] Guile-GnuTLS | no 4.0.0 release notes (#20) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/20#note_1531193561 Thank you! Do you mean a gitlab release? I forgot, but have added now: https://gitlab.com/gnutls/guile/-/releases/v4.0.0 I wonder if we can automate this more, or at least CLI-script it -- I opened #21 for that. The step is covered in README-release, but I didn't follow it carefully. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/20#note_1531193561 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:35:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:35:47 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Draft: Guix build system: build from a local checkout, not the full repository (!22) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/merge_requests/22#note_1531194022 My runner doesn?t work: `guix build: error: cloning builder process: Operation not permitted` https://gitlab.com/vivien_/guile/-/jobs/4961154515 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/22#note_1531194022 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:36:32 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:36:32 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Draft: Guix build system: build from a local checkout, not the full repository (!22) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/merge_requests/22#note_1531194161 I think that may be because I run gitlab-runner in a docker container already? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/22#note_1531194161 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:46:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:46:13 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Job Failed #4961146774 (#22) References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com created an issue: https://gitlab.com/gnutls/guile/-/issues/22 Job [#4961146774](https://gitlab.com/gnutls/guile/-/jobs/4961146774) failed for 2e2d0d744fa37b664191d27271092022d062b05f: This failure is intermittent. Maybe set-certificate-credentials-x509-trust-file! modifies the file while another test is reading it, or something like that? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/22 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 15:52:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 13:52:33 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Job Failed #4961146774 (#22) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/22#note_1531197613 This is not the first time I saw this error, but it?s easy to pretend it does not exist by clicking the "retry" button. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/22#note_1531197613 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Aug 27 16:06:38 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 27 Aug 2023 14:06:38 +0000 Subject: [gnutls-devel] Guile-GnuTLS | no 4.0.0 release notes (#20) In-Reply-To: References: Message-ID: Rui Chen commented: https://gitlab.com/gnutls/guile/-/issues/20#note_1531200356 yes, that is what I was looking for. Thanks! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/20#note_1531200356 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 28 08:54:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Aug 2023 06:54:28 +0000 Subject: [gnutls-devel] GnuTLS | tests: ignore SIGPIPE in forking tests if the parent is TLS client (!1772) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1772 Project:Branches: dueno/gnutls:wip/dueno/sigpipe to gnutls/gnutls:master Author: Daiki Ueno If the tests are forking and the parent process is a client, care must be taken to handle SIGPIPE reported by the child process (server) when the client closes the connection. This hadn't been exposed until commit dd79ac9bcf90012e090726adf7c1940bcce8333f, thanks to the fact that the parent process kept the other pipe end which effectively prevented a "broken pipe". ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1772 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 28 09:42:43 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Aug 2023 07:42:43 +0000 Subject: [gnutls-devel] GnuTLS | tests: ignore SIGPIPE in forking tests if the parent is TLS client (!1772) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1772#note_1531610077 I can confirm that this patch works and fixes srp test. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1772#note_1531610077 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 28 09:42:43 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Aug 2023 07:42:43 +0000 Subject: [gnutls-devel] GnuTLS | tests: ignore SIGPIPE in forking tests if the parent is TLS client (!1772) In-Reply-To: References: Message-ID: Merge request !1772 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1772 Project:Branches: dueno/gnutls:wip/dueno/sigpipe to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1772 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 28 10:14:29 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Aug 2023 08:14:29 +0000 Subject: [gnutls-devel] GnuTLS | tests: ignore SIGPIPE in forking tests if the parent is TLS client (!1772) In-Reply-To: References: Message-ID: Merge request !1772 was set to auto-merge by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1772 Project:Branches: dueno/gnutls:wip/dueno/sigpipe to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1772 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 28 13:05:51 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Aug 2023 11:05:51 +0000 Subject: [gnutls-devel] GnuTLS | certtool --generate-privkey Program received signal SIGILL, Illegal instruction when needle is built with x86-sha-ni (#1496) In-Reply-To: References: Message-ID: Kirixetamine commented: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1531998063 Hi, I'm not sure if this should be reported here. I found this issue as I have the same problem with `_nettle_sha256_compress_n` on a different program ([Gradience](https://github.com/GradienceTeam/Gradience)). I am also using Gentoo, where nettle is by default compiled with the `cpu_flags_x86_sha` useflag on capable CPUs. Disabling it resolves the error like in your case with gnutls, so this does not seem to be gnutls-specific. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1531998063 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 28 14:19:01 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Aug 2023 12:19:01 +0000 Subject: [gnutls-devel] GnuTLS | tests: ignore SIGPIPE in forking tests if the parent is TLS client (!1772) In-Reply-To: References: Message-ID: Merge request !1772 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1772 Project:Branches: dueno/gnutls:wip/dueno/sigpipe to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1772 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Aug 28 20:24:58 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 28 Aug 2023 18:24:58 +0000 Subject: [gnutls-devel] GnuTLS | certtool --generate-privkey Program received signal SIGILL, Illegal instruction when needle is built with x86-sha-ni (#1496) In-Reply-To: References: Message-ID: Niels M?ller commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1532610347 Thanks for your answers. I'm looking at the x86_64 build. >From your configure command line, it looks like you disable fat builds (i.e., no runtime auto detection). The only special x86 instructions enabled are for aes (--enable-x86-aesni), and you explicitly disable sha_ni (--disable-x86-sha-ni). I'm a bit confused by that, since your initial report seems to say that sha instructions *are* enabled, via gentoo CPU_FLAGS? First, can you double check that each gentoo build uses a clean build directory, i.e., either create a fresh build directory for each configuration, or with a make distclean before rerunning configure with different arguments? If there's some configure bug enabling the wrong code, can you share the configure output, of particular interest are the "Assembly files:" line in the summary, and the list of created symlinks? Your gdb backtrace could benefit from having debug symbols, but it looks clear that it crashes in _nettle_sha256_compress_n. If you try the gdb "disassemble" command, it should show you which instruction it is running. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1496#note_1532610347 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 29 11:02:46 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Aug 2023 09:02:46 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Segfault in `scm_gnutls_session_record_port` (#23) References: Message-ID: Christopher Baines created an issue: https://gitlab.com/gnutls/guile/-/issues/23 Hi, I've got a core dump which seems to suggest that there's a segfault happening in `scm_gnutls_session_record_port`. I'm not sure it gives any more information than that, as I don't think Guix builds guile-gnutls with debug info, and I can't seem to work out how to do that. Maybe this could be another problem that only arises when the garbage collector runs at a very specific time? Similar to that in guile-squee [1], maybe the problem here is that callers of `scm_gnutls_session_record_port` (e.g. Guile in (web client)) need to ensure that session isn't GC'd prior to `session-record-port` finishing? 1: https://notabug.org/cwebber/guile-squee/commit/31d9b957780ad22164173b23c3843fb2f5373ac1 Thanks, Chris -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/23 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 29 12:20:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Aug 2023 10:20:53 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Segfault in `scm_gnutls_session_record_port` (#23) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/23#note_1533488589 I don?t think guile can GC the session if you are to call session-record-port later. If you were to use the port after the session has been garbage collected, I don?t think you would get a crash, but I?m not sure. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/23#note_1533488589 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 29 12:41:29 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Aug 2023 10:41:29 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 was reviewed by Franti?ek Kren?elok -- Franti?ek Kren?elok started a new discussion on lib/system/ktls.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1533518116 > #ifdef ENABLE_KTLS > > +#if defined(__FreeBSD__) Let's move the headers included for both linux and freeBSD out of the `#if def` construct. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 29 12:46:08 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Aug 2023 10:46:08 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Segfault in `scm_gnutls_session_record_port` (#23) In-Reply-To: References: Message-ID: Christopher Baines commented: https://gitlab.com/gnutls/guile/-/issues/23#note_1533524519 The point I'm trying to make is that there's no use of `session` after the start of the `session-record-port` call here [1]. 1: https://git.savannah.gnu.org/cgit/guile.git/tree/module/web/client.scm#n290 So just like happened in guile-squee, the Guile GC can garbage collect `session` before the internals of `session-record-port` use it. I don't think `session` is protected for garbage collection for the duration of the `session-record-port` function just because it's an argument. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/23#note_1533524519 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 29 12:53:48 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Aug 2023 10:53:48 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Segfault in `scm_gnutls_session_record_port` (#23) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/23#note_1533536306 I see that gnutls-guile is defining its own port type, and the port of such type points to the session. So, the session should not be able to get garbage collected before the port is. However, the code for the port implementation depends on the guile version. Which version were you using? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/23#note_1533536306 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Aug 29 13:57:02 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 29 Aug 2023 11:57:02 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Segfault in `scm_gnutls_session_record_port` (#23) In-Reply-To: References: Message-ID: Christopher Baines commented: https://gitlab.com/gnutls/guile/-/issues/23#note_1533623906 > I see that gnutls-guile is defining its own port type, and the port of such type points to the session. So, the session should not be able to get garbage collected before the port is. I think there's still a region in `scm_gnutls_session_record_port` where the port hasn't been created yet so the session is available to be GC'ed. > However, the code for the port implementation depends on the guile version. Which version were you using? The latest release (3.0.9). -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/23#note_1533623906 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Aug 30 06:58:50 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 30 Aug 2023 04:58:50 +0000 Subject: [gnutls-devel] GnuTLS | Draft: gnutls_privkey_derive_secret: new function (!1773) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1773 Project:Branches: dueno/gnutls:wip/dueno/ecdh-api to gnutls/gnutls:master Author: Daiki Ueno This adds a new function gnutls_privkey_derive_secret, which can be used in conjunction with the other key import or key generation API to calculate shared secret. Key import could be done with gnutls_{pubkey,privkey}_import_ecc_raw for ECDH and gnutls_{pubkey,privkey}_import_dsa_raw for FFDH, while key generation could be done with gnutls_{pubkey,privkey}_generate2 with respective algorithms (e.g., GNUTLS_PK_ECDH_X25519). ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1773 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 31 07:30:29 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 31 Aug 2023 05:30:29 +0000 Subject: [gnutls-devel] GnuTLS | gnutls_privkey_derive_secret: new function (!1773) In-Reply-To: References: Message-ID: Daiki Ueno marked merge request !1773 as ready -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1773 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Aug 31 15:18:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 31 Aug 2023 13:18:53 +0000 Subject: [gnutls-devel] GnuTLS | gnutls_privkey_derive_secret: new function (!1773) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1773#note_1537248644 A missing functionality which can be done afterwards is to support generating FFDH keys with certtool and export them in a PKCS#8 format. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1773#note_1537248644 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: