From gnutls-devel at lists.gnutls.org Sun Jul 2 08:24:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 02 Jul 2023 06:24:36 +0000 Subject: [gnutls-devel] build-images | Add LICENSE file (!32) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/build-images/-/merge_requests/32 Branches: wip/add-license to master Author: Daiki Ueno Under the permission from the original authors, this adds a LICENSE file. As for docker-debian-cross images, I wasn't able to contact the author in a timely manner and those images are (temporarily) removed. We may either resurrect it later if possible, or switch to a new image based on Fedora. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/build-images/-/merge_requests/32 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jul 2 08:41:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 02 Jul 2023 06:41:44 +0000 Subject: [gnutls-devel] build-images | Add LICENSE file (!32) In-Reply-To: References: Message-ID: Merge request !32 was merged Merge request URL: https://gitlab.com/gnutls/build-images/-/merge_requests/32 Branches: wip/add-license to master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/build-images/-/merge_requests/32 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jul 2 12:59:58 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 02 Jul 2023 10:59:58 +0000 Subject: [gnutls-devel] build-images | docker-debian-cross: freeze like the others (!31) In-Reply-To: References: Message-ID: Andreas Metzler commented on a discussion: https://gitlab.com/gnutls/build-images/-/merge_requests/31#note_1454052775 Alexander Sosedkinl @asosedkin wrote > I know. I've tried switching to bookworm for at least half an hour, gave up and linked to the closest bug report I've found. Fair enough. I have take a short peek: It is a mess. 3 out of 4 other Dockerfiles are refering to bullseye = oldstable (notably including those named -testing which I assume should be refering to trixie nowadays), docker-debian is buster = oldoldstable. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/build-images/-/merge_requests/31#note_1454052775 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 3 09:18:26 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jul 2023 07:18:26 +0000 Subject: [gnutls-devel] GnuTLS | tls1-prf: mark use of non-EMS PRF non-approved in FIPS (!1752) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1454471746 I had some off-line discussion on what would be the ideal behavior about extended master secret enforcement. There are 3 levels: (1) client doesn't send EMS extension, server doesn't accept EMS extension (= `%NO_SESSION_HASH`), (2) client sends EMS extension, server accepts EMS extension (= default), and (3) client sends EMS extension, server accepts EMS extension, both require EMS is negotiated (= `%FORCE_SESSION_HASH`). This look analogous to client auth option (1 = nothing, 2 = request, 3 = require), except that (2) is the default in non-FIPS mode, while we probably want (3) as the default in FIPS mode. In the latter case, we probably also want to provide a way to revert it back to (2), for interoperability. I would propose: - keep the current modifier keywords (`%NO_SESSION_HASH` and `%FORCE_SESSION_HASH`) - add a new configuration option to select (2) or (3), e.g., `session-hash = request` and `session-hash = require` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1454471746 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 3 14:17:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jul 2023 12:17:05 +0000 Subject: [gnutls-devel] GnuTLS | tls1-prf: mark use of non-EMS PRF non-approved in FIPS (!1752) In-Reply-To: References: Message-ID: Hubert Kario (@mention me if you need reply) commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1455070322 r+ -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1455070322 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 3 17:11:37 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jul 2023 15:11:37 +0000 Subject: [gnutls-devel] GnuTLS | p11tool --list-all "" does not find any items on Thales ProtectServer HSMs. (#1491) References: Message-ID: Tristan created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1491 ## Description of problem: Performing `p11tool --login --list-all ""` on ProtectServer 2 and 3 HSMs (Safenet/Gemalto/Thales, depending on when bought) using the hardware tokens will not display any objects on listing a token. ## Version of gnutls used: Mainline (git) and 3.7.1 (debian) ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) Debian and git ## How reproducible: 1. Enable the thales/safenet pkcs11 library 2. Enable the module in pkcs11 config files 3. Perform `p11tool --login --list-all ""` 4. Enter PIN Note: the emulation libraries will work and do not have this problem and are not a good test case. ## Actual results: Result is `No matching objects found` ## Expected results: List of objects, confirmed to work with solution at 512 objects below. Problem/Solution: The problem is the `#define OBJECTS_A_TIME 8 * 1024` for the `find_multi_objs_cb` callback. The HSMs do not support this many objects. The maximum is 512 (for what I've tested, exact number unknown) and changing the macro to 512 will result in displaying objects. The `pkcs11_find_objects` function reports error `0x80001001` (Vendor defined, host error, bad request) when the default value of 8192 is used. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1491 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 3 19:04:25 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jul 2023 17:04:25 +0000 Subject: [gnutls-devel] GnuTLS | The GNUTLS Release 3.6.16 has a bug in the DTLS Non-Blocking logic, bug located at gnutls-3.6.16/lib/record.c in function _gnutls_recv_in_buffers at lines 1307 and 1322 (#1413) In-Reply-To: References: Message-ID: Andy Zhang commented: https://gitlab.com/gnutls/gnutls/-/issues/1413#note_1455530691 Are there any updates on this bug? It seems that it impacts all releases since 3.3.16 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1413#note_1455530691 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 5 05:31:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 05 Jul 2023 03:31:21 +0000 Subject: [gnutls-devel] GnuTLS | Fix DTLS handshake when first fragment is 1 byte (!1753) References: Message-ID: Stephen Paul Weber created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1753 Project:Branches: singpolyma/gnutls:fix-dtls-handshake-1-byte-first-fragment to gnutls/gnutls:master Author: Stephen Paul Weber Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [x] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1753 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 5 17:38:23 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 05 Jul 2023 15:38:23 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754 Project:Branches: dueno/gnutls:wip/dueno/faketime to gnutls/gnutls:master Author: Daiki Ueno This MR does a couple of things: - Move checks of `faketime` and `datefudge` into configure - Use `--attime` option of `certtool` and `ocsptool`, contributed by @FreaxMATE and @praveksharma, where possible ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 5 17:49:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 05 Jul 2023 15:49:44 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Andreas Metzler was added as a reviewer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 5 18:27:25 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 05 Jul 2023 16:27:25 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Andreas Metzler commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1458558077 I had some related changes in pending on https://gitlab.com/ametzler/gnutls/-/commits/tmp-ametzler-2023-orphaned-process The current status is broken (thanks to my changes), it left orphaned processes since some testsuite scripts expect ```sh gnutls-timewrapper gnutls-serv .... & wrapped_pid=$! ... kill ${wrapped_pid} ``` to work. This does not work when gnutls-timewrapper() is a shell function instead of an external script and it does not work at all with faketime instead of datefudge since faketime forks the timewrappped process (datefudge uses exec) and `kill ${wrapped_pid}` would hit the faketime process instead of the server process. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1458558077 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 6 08:37:40 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 06 Jul 2023 06:37:40 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1459562281 Yeah, I see the similar issue even with datefudge with the current git master, with `make check TESTS=TESTS=ocsp-tests/ocsp-must-staple-connection.sh`. Then `pgrep gnutls-serv` reports 10 processes are still running. In this MR, I changed to call the datefudge command line with exec, but it might not work with faketime. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1459562281 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 7 11:07:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jul 2023 09:07:04 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to Fedora 38 images (!1747) In-Reply-To: References: Message-ID: Merge request !1747 was set to auto-merge by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1747 Project:Branches: dueno/gnutls:wip/dueno/ci-fedora38 to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1747 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 7 13:33:37 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jul 2023 11:33:37 +0000 Subject: [gnutls-devel] GnuTLS | make check FAIL: testcompat-openssl-tls13-serv.sh (#1489) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1489#note_1461663281 Thank you for the report. The test is known to be flaky for a long time and I finally found time to investigate it. In the log there is a line like `Checking TLS 1.3 with 0...` with a mysterious number, which is 1000 on my environment. Looks like it's a Unix group ID maintained by the [GROUPS](https://www.gnu.org/software/bash/manual/html_node/Bash-Variables.html#index-GROUPS) envvar, specially treated by Bash, but we also use it for a different purpose. So I suppose this [patch](https://gitlab.com/gnutls/gnutls/-/merge_requests/1747/diffs?commit_id=cd70528485e64ee10c1dcbfe8f6517c3bd05948c) should fix it. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1489#note_1461663281 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 7 13:34:07 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jul 2023 11:34:07 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to Fedora 38 images (!1747) In-Reply-To: References: Message-ID: Merge request !1747 was set to auto-merge by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1747 Project:Branches: dueno/gnutls:wip/dueno/ci-fedora38 to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1747 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 7 14:38:14 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jul 2023 12:38:14 +0000 Subject: [gnutls-devel] GnuTLS | make check FAIL: testcompat-openssl-tls13-serv.sh (#1489) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1747 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1747) Issue #1489: https://gitlab.com/gnutls/gnutls/-/issues/1489 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1489 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 7 14:38:14 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jul 2023 12:38:14 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to Fedora 38 images (!1747) In-Reply-To: References: Message-ID: Merge request !1747 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1747 Project:Branches: dueno/gnutls:wip/dueno/ci-fedora38 to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1747 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 7 14:47:50 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jul 2023 12:47:50 +0000 Subject: [gnutls-devel] GnuTLS | Bump manpage copyright year (!1746) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1746#note_1461805461 Sorry for the delay; could you rebase now that the CI is updated? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1746#note_1461805461 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 7 15:54:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jul 2023 13:54:17 +0000 Subject: [gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752) In-Reply-To: References: Message-ID: Reassigned merge request 1752 https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 Assignee changed to Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 7 16:27:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jul 2023 14:27:19 +0000 Subject: [gnutls-devel] libtasn1 | fuzz: fix build failure on oss-fuzz (!90) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/libtasn1/-/merge_requests/90 Project:Branches: dueno/libtasn1:wip/dueno/fuzz to gnutls/libtasn1:master Author: Daiki Ueno The build in oss-fuzz uses the latest git version of gnulib, whic produces the following error: ```console make[2]: Entering directory '/src/libtasn1/fuzz' CC corpus2array.o In file included from corpus2array.c:34: ../lib/gl/string.h:51:3: error: Please include config.h first." #error "Please include config.h first." ``` ## Checklist * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated ## Reviewer's checklist: * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent with other code * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/90 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 7 20:26:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jul 2023 18:26:19 +0000 Subject: [gnutls-devel] GnuTLS | tests: update tests/suite/ciphersuite after a96b04ff (!1745) In-Reply-To: References: Message-ID: Merge request !1745 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1745 Project:Branches: dueno/gnutls:wip/dueno/test-ciphersuites to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1745 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 7 20:28:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jul 2023 18:28:47 +0000 Subject: [gnutls-devel] GnuTLS | tests: update tests/suite/ciphersuite after a96b04ff (!1745) In-Reply-To: References: Message-ID: All discussions on merge request !1745 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1745 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1745 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 7 20:29:16 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jul 2023 18:29:16 +0000 Subject: [gnutls-devel] GnuTLS | tests: update tests/suite/ciphersuite after a96b04ff (!1745) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1745#note_1462136070 Merging without formal approval, as it's previously approved by @asosedkin. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1745#note_1462136070 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 8 07:30:51 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 08 Jul 2023 05:30:51 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1462379701 I also added --attime to gnutls-serv, gnutls-cli, and gnutls-cli-debug. The count of skip_if_no_datefudge uses lowers from 63 to 15 (remaining are for mbedtls and old openssl). -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1462379701 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 8 09:06:07 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 08 Jul 2023 07:06:07 +0000 Subject: [gnutls-devel] libtasn1 | CI fails with old Debian images (#46) References: Message-ID: Daiki Ueno created an issue: https://gitlab.com/gnutls/libtasn1/-/issues/46 Debian9-distcheck and Debian8-distcheck are currently failing with: ```console $ apt-get update -qq W: The repository 'http://deb.debian.org/debian stretch Release' does not have a Release file. W: The repository 'http://deb.debian.org/debian stretch-updates Release' does not have a Release file. W: The repository 'http://security.debian.org/debian-security stretch/updates Release' does not have a Release file. E: Failed to fetch http://deb.debian.org/debian/dists/stretch/main/binary-amd64/Packages 404 Not Found [IP: 146.75.38.132 80] E: Failed to fetch http://deb.debian.org/debian/dists/stretch-updates/main/binary-amd64/Packages 404 Not Found [IP: 146.75.38.132 80] E: Failed to fetch http://security.debian.org/debian-security/dists/stretch/updates/main/binary-amd64/Packages 404 Not Found [IP: 151.101.66.132 80] E: Some index files failed to download. They have been ignored, or old ones used instead. ``` Given the base releases are archived, can we remove those targets, or stop running `apt-get update -qq`? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/46 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 8 09:53:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 08 Jul 2023 07:53:13 +0000 Subject: [gnutls-devel] libtasn1 | CI fails with old Debian images (#46) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !90 (https://gitlab.com/gnutls/libtasn1/-/merge_requests/90) Issue #46: https://gitlab.com/gnutls/libtasn1/-/issues/46 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/46 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 8 09:53:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 08 Jul 2023 07:53:13 +0000 Subject: [gnutls-devel] libtasn1 | fuzz: fix build failure on oss-fuzz (!90) In-Reply-To: References: Message-ID: Merge request !90 was merged Merge request URL: https://gitlab.com/gnutls/libtasn1/-/merge_requests/90 Project:Branches: dueno/libtasn1:wip/dueno/fuzz to gnutls/libtasn1:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/90 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 8 13:43:52 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 08 Jul 2023 11:43:52 +0000 Subject: [gnutls-devel] GnuTLS | Bump manpage copyright year (!1746) In-Reply-To: References: Message-ID: All discussions on merge request !1746 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1746 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1746 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 8 13:44:01 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 08 Jul 2023 11:44:01 +0000 Subject: [gnutls-devel] GnuTLS | Bump manpage copyright year (!1746) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1746#note_1462437329 Thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1746#note_1462437329 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 8 13:44:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 08 Jul 2023 11:44:06 +0000 Subject: [gnutls-devel] GnuTLS | Bump manpage copyright year (!1746) In-Reply-To: References: Message-ID: Merge request !1746 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1746 Project:Branches: ametzler/gnutls:tmp-ametzler-2023-manpage-copyright-year to gnutls/gnutls:master Author: Andreas Metzler -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1746 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jul 9 05:29:46 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 09 Jul 2023 03:29:46 +0000 Subject: [gnutls-devel] GnuTLS | Fail to compile gnutls with custom llvm pass (#1492) References: Message-ID: Jiamin Yu created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1492 I'm trying to compile gnutls with my custom llvm pass by setting `CFLAGS` to `Xclang -load -Xclang /path/to/pass.so`. But during the `make` process, when it comes to `CCLD libgnutls.la` error occurs: `/usr/bin/ld: cannot find -load: No such file or directory` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1492 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jul 9 10:01:48 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 09 Jul 2023 08:01:48 +0000 Subject: [gnutls-devel] GnuTLS | Fail to compile gnutls with custom llvm pass (#1492) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1492#note_1462648560 This sounds like a libtool matter, but: - do you set `CC` to clang? - could you run `make V=1` to see what commands are actually used behind `CCLD libgnutls.la`? - isn't `-` missing in CFLAGS (`Xclang -load -Xclang /path/to/pass.so`)? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1492#note_1462648560 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jul 9 11:29:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 09 Jul 2023 09:29:13 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Andreas Metzler commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1462662293 Daiki Ueno @dueno wrote > Yeah, I see the similar issue even with datefudge with the current git master, with make check TESTS=TESTS=ocsp-tests/ocsp-must-staple-connection.sh. Then pgrep gnutls-serv reports 10 processes are still running. > In this MR, I changed to call the datefudge command line with exec, but it might not work with faketime. tests/ocsp-tests/ocsp-must-staple-connection.sh in this changed version aborts during "Test 5: Server with valid certificate - expired staple", code after https://gitlab.com/dueno/gnutls/-/blob/wip/dueno/faketime/tests/ocsp-tests/ocsp-must-staple-connection.sh#L311 ```sh gnutls_timewrapper_standalone static "${EXP_OCSP_DATE}" \ ${OPENSSL} ocsp -index "${INDEXFILE}" -rsigner "${srcdir}/ocsp-tests/certs/ocsp-server.pem" -rkey "${srcdir}/ocsp-tests/certs/ocsp-server.key" -CA "${srcdir}/ocsp-tests/certs/ca.pem" -reqin "${OCSP_REQ_FILE}" -respout "${OCSP_RESPONSE_FILE}" -ndays 2 ``` is not executed. Afaui at this point the shell execs datefudge, replacing tests/ocsp-tests/ocsp-must-staple-connection.sh (and wrongly returns SUCCESS). At this point I am fairly convinced we need to either use a wrapper script or 1. instead of defining FAKETIME_F have FAKETIME_F_OPT (as either "-s" or "-f"), 2. completely dropping gnutls_timewrapper_standalone() and 3. having the actual test scipts run `$FAKETIME` (instead of `gnutls_timewrapper_standalone`) and `$FAKETIME ${FAKETIME_F_OPT}` (instead of `gnutls_timewrapper_standalone static`) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1462662293 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jul 9 11:50:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 09 Jul 2023 09:50:19 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Andreas Metzler commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1462665370 Andreas Metzler @ametzler wrote > I am fairly convinced we need to [...] > have the actual test scipts run `$FAKETIME` [...] and `$FAKETIME ${FAKETIME_F_OPT}` Like this: [noshell-func.diff](/uploads/d35d0ad6465d7b9892908caadbbe27f1/noshell-func.diff) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1462665370 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jul 9 15:37:18 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 09 Jul 2023 13:37:18 +0000 Subject: [gnutls-devel] GnuTLS | Fail to compile gnutls with custom llvm pass (#1492) In-Reply-To: References: Message-ID: Jiamin Yu commented: https://gitlab.com/gnutls/gnutls/-/issues/1492#note_1462701662 Thanks for your reply. 1. Yes, I set ``CC`` to ``clang-12``, ``CFLAGS`` to ``-Xclang -load -Xclang /path/to/pass.so`` and there is no missing ``-``. 2. Commands behind ``CCLD libgnutls.la`` are: ``libtool: link: clang-12 -shared -fPIC -DPIC .libs/range.o .libs/record.o .libs/compress.o .libs/debug.o .libs/cipher.o .libs/handshake-tls13.o .libs/mbuffers.o .libs/buffers.o .libs/handshake.o .libs/errors.o .libs/dh.o .libs/kx.o .libs/cipher-cbc.o .libs/priority.o .libs/hash_int.o .libs/cipher_int.o .libs/session.o .libs/db.o .libs/x509_b64.o .libs/hello_ext.o .libs/auth.o .libs/sslv2_compat.o .libs/datum.o .libs/session_pack.o .libs/mpi.o .libs/pk.o .libs/cert-cred.o .libs/global.o .libs/constate.o .libs/anon_cred.o .libs/pkix_asn1_tab.o .libs/gnutls_asn1_tab.o .libs/mem.o .libs/fingerprint.o .libs/tls-sig.o .libs/ecc.o .libs/alert.o .libs/privkey_raw.o system/.libs/certs.o system/.libs/threads.o system/.libs/fastopen.o system/.libs/sockets.o .libs/str-iconv.o .libs/system.o .libs/profiles.o inih/.libs/ini.o .libs/str.o .libs/str-unicode.o .libs/str-idna.o .libs/state.o .libs/cert-cred-x509.o .libs/file.o .libs/supplemental.o .libs/random.o .libs/crypto-api.o .libs/privkey.o .libs/pcert.o .libs/pubkey.o .libs/locks.o .libs/dtls.o .libs/system_override.o .libs/crypto-backend.o .libs/verify-tofu.o .libs/pin.o .libs/tpm.o .libs/fips.o .libs/safe-memfuncs.o .libs/atfork.o .libs/randomart.o .libs/urls.o .libs/prf.o .libs/auto-verify.o .libs/dh-session.o .libs/cert-session.o .libs/handshake-checks.o .libs/dtls-sw.o .libs/dh-primes.o .libs/openpgp_compat.o .libs/crypto-selftests.o .libs/crypto-selftests-pk.o .libs/secrets.o .libs/extv.o .libs/hello_ext_lib.o .libs/ocsp-api.o .libs/stek.o .libs/cert-cred-rawpk.o .libs/iov.o system/.libs/ktls.o .libs/pathbuf.o .libs/vko.o system/.libs/keys-dummy.o tls13/.libs/encrypted_extensions.o tls13/.libs/certificate_request.o tls13/.libs/certificate_verify.o .libs/tls13-sig.o tls13/.libs/finished.o tls13/.libs/key_update.o tls13/.libs/hello_retry.o tls13/.libs/session_ticket.o tls13/.libs/certificate.o tls13/.libs/early_data.o tls13/.libs/post_handshake.o tls13/.libs/psk_ext_parser.o tls13/.libs/anti_replay.o .libs/pkcs11.o .libs/pkcs11x.o .libs/pkcs11_privkey.o .libs/pkcs11_write.o .libs/pkcs11_secret.o .libs/pkcs11_int.o .libs/srp.o .libs/psk.o -Wl,--whole-archive ../gl/.libs/libgnu.a x509/.libs/libgnutls_x509.a ext/.libs/libgnutls_ext.a auth/.libs/libgnutls_auth.a algorithms/.libs/libgnutls_alg.a extras/.libs/libgnutls_extras.a unistring/.libs/libunistring.a accelerated/.libs/libaccelerated.a nettle/.libs/libcrypto.a -Wl,--no-whole-archive -load -lz -lp11-kit /usr/lib/libidn2.so /usr/lib/libtasn1.so -lnettle -lhogweed -lgmp -Wl,--version-script=./libgnutls.map -Wl,-soname -Wl,libgnutls.so.30 -o .libs/libgnutls.so.30.35.0`` which have a ``-load`` at ``-Wl,--no-whole-archive -load -lz -lp11-kit``, while no loaded plugin after it, so it may cause the error. In ``Makefile``, there are only two variables contain ``-load``: ``CFLAGS`` and ``CCASFLAGS``, which are both ``-Xclang -load -Xclang /path/to/pass.so``. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1492#note_1462701662 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 08:35:16 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 06:35:16 +0000 Subject: [gnutls-devel] build-images | docker-debian-cross: freeze like the others (!31) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/build-images/-/merge_requests/31#note_1463016391 I'm afraid this needs to be on hold, as we [removed](https://gitlab.com/gnutls/build-images/-/merge_requests/32) docker-debian-cross images for licensing concern. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/build-images/-/merge_requests/31#note_1463016391 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 13:56:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 11:56:28 +0000 Subject: [gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752) In-Reply-To: References: Message-ID: Hubert Kario (@mention me if you need reply) commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1463580666 LGTM -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1463580666 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 14:03:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 12:03:39 +0000 Subject: [gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752) In-Reply-To: References: Message-ID: Clemens Lang commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1463591709 Looks good to me, one minor stylistic nitpick. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1463591709 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 14:03:38 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 12:03:38 +0000 Subject: [gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 was reviewed by Clemens Lang -- Clemens Lang started a new discussion on tests/tls-force-ems.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1463591698 > + */ > + FIPS_PUSH_CONTEXT(); > + try("default", AES_GCM "", AES_GCM "", 0, 0); ```suggestion:-0+0 try("default", AES_GCM, AES_GCM, 0, 0); ``` Isn't this equivalent? (Not familiar enough with GnuTLS coding guidelines, maybe you have the same construction in other tests, too, and want to keep it for consistency reasons, though.) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 14:18:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 12:18:19 +0000 Subject: [gnutls-devel] GnuTLS | Custom gnutls-serv (#1493) References: Message-ID: Jiamin Yu created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1493 I'm trying to customize `gnutls-serv` by updating codes in `/src/serv.c`. But the update does not appear after rebuild. I've tried to modify some strings like "Error while receiving data" in line 1763 to something else, but it still prints "Error while receiving data" after rebuild. If I should modify `/src/serv.c` to change the behavior of `gnutls-serv`? Or there are other operations I should do to make this happen. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1493 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 14:24:09 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 12:24:09 +0000 Subject: [gnutls-devel] GnuTLS | Fail to compile gnutls with custom llvm pass (#1492) In-Reply-To: References: Message-ID: Issue was closed by Jiamin Yu Issue #1492: https://gitlab.com/gnutls/gnutls/-/issues/1492 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1492 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 14:58:38 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 12:58:38 +0000 Subject: [gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion on tests/tls-force-ems.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1463690761 > if (debug) > gnutls_global_set_log_level(2); > > - try("default", AES_GCM ":%FORCE_SESSION_HASH", > - AES_GCM ":%FORCE_SESSION_HASH", 0, 0); > + assert(gnutls_fips140_context_init(&fips_context) >= 0); > + > + /* Default: EMS is requested in non-FIPS mode, while it is > + * required in FIPS mode. > + */ > + FIPS_PUSH_CONTEXT(); > + try("default", AES_GCM "", AES_GCM "", 0, 0); Yes, thanks for spotting this. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1463690761 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 14:58:38 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 12:58:38 +0000 Subject: [gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752) In-Reply-To: References: Message-ID: All discussions on merge request !1752 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 15:02:40 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 13:02:40 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1463699336 Thank you, applied! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1463699336 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 15:02:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 13:02:45 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: All discussions on merge request !1754 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1754 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 15:15:55 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 13:15:55 +0000 Subject: [gnutls-devel] GnuTLS | Custom gnutls-serv (#1493) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1493#note_1463722932 I think that should work (in particular, if you only modify the application code); if it doesn't, providing the exact steps would be helpful. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1493#note_1463722932 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 15:58:02 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 13:58:02 +0000 Subject: [gnutls-devel] GnuTLS | Custom gnutls-serv (#1493) In-Reply-To: References: Message-ID: Jiamin Yu commented: https://gitlab.com/gnutls/gnutls/-/issues/1493#note_1463807660 Sorry, I've made a ridiculous mistake that running the ``gnutls-serv`` installed on my system instead of which downloaded source code. Anyway, thanks for your reply and aologize for wasting your valuable time! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1493#note_1463807660 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 15:58:03 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 13:58:03 +0000 Subject: [gnutls-devel] GnuTLS | Custom gnutls-serv (#1493) In-Reply-To: References: Message-ID: Issue was closed by Jiamin Yu Issue #1493: https://gitlab.com/gnutls/gnutls/-/issues/1493 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1493 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 16:13:12 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 14:13:12 +0000 Subject: [gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752) In-Reply-To: References: Message-ID: Merge request !1752 was approved by Hubert Kario (@mention me if you need reply) Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 Project:Branches: dueno/gnutls:wip/dueno/ems-followup to gnutls/gnutls:master Author: Daiki Ueno Assignee: Daiki Ueno Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 16:17:42 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 14:17:42 +0000 Subject: [gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752) In-Reply-To: References: Message-ID: Merge request !1752 was set to auto-merge by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 Project:Branches: dueno/gnutls:wip/dueno/ems-followup to gnutls/gnutls:master Author: Daiki Ueno Assignee: Daiki Ueno Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 16:17:55 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 14:17:55 +0000 Subject: [gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1463863835 Thank you for the reviews! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1463863835 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 16:27:22 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 14:27:22 +0000 Subject: [gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752) In-Reply-To: References: Message-ID: Merge request !1752 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 Project:Branches: dueno/gnutls:wip/dueno/ems-followup to gnutls/gnutls:master Author: Daiki Ueno Assignee: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 18:05:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 16:05:17 +0000 Subject: [gnutls-devel] GnuTLS | Porting HPKE (!1749) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1749 was reviewed by Norbert Pocs -- Norbert Pocs started a new discussion on lib/nettle/hpke/hpke-gmp.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1749#note_1464078203 > + not, see http://www.gnu.org/licenses/. > +*/ > + Just a recommendation: state where the original implementation can be found, so it's easier to look it back -- Norbert Pocs started a new discussion on lib/nettle/hpke/nettle-alloca.h: https://gitlab.com/gnutls/gnutls/-/merge_requests/1749#note_1464078225 > +*/ > + > +#ifndef GNUTLS_LIB_NETTLE_GOST_NETTLE_INTERNAL_H don't use `NETTLE_INTERNAL_H` here, but the real name of the file here -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1749 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 10 18:05:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jul 2023 16:05:17 +0000 Subject: [gnutls-devel] GnuTLS | Porting HPKE (!1749) In-Reply-To: References: Message-ID: Norbert Pocs commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1749#note_1464078240 Adding a few comments. Please squash the commits, to add only the feature instead of having 'fixup commits'. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1749#note_1464078240 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 11 07:59:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 11 Jul 2023 05:59:17 +0000 Subject: [gnutls-devel] GnuTLS | Porting HPKE (!1749) In-Reply-To: References: Message-ID: Norbert Pocs commented on a discussion on lib/nettle/hpke/hpke-gmp.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1749#note_1464656623 > + * the GNU General Public License as published by the Free > + Software Foundation; either version 2 of the License, or (at your > + option) any later version. > + > + or both in parallel, as here. > + > + GNU Nettle is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + General Public License for more details. > + > + You should have received copies of the GNU General Public License and > + the GNU Lesser General Public License along with this program. If > + not, see http://www.gnu.org/licenses/. > +*/ > + The first line should indicate the name of the file and know there is a miss match (even in the contents). Leave the original name on the first line and just add a comment somewhere below that the functions where taken from gmp-glue.c @peonix -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1749#note_1464656623 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 11 11:25:09 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 11 Jul 2023 09:25:09 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1464962823 @ametzler I think this is ready now; could you check? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1464962823 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 11 15:53:58 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 11 Jul 2023 13:53:58 +0000 Subject: [gnutls-devel] GnuTLS | Follow-up changes to extended master secret enforcement (!1752) In-Reply-To: References: Message-ID: Stephan Mueller commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1465430855 The changes look good to me. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1752#note_1465430855 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 12 18:37:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jul 2023 16:37:33 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Andreas Metzler commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1467317930 Looks good, thank you. BTW I googled on vain for any documention on SH_LOG_COMPILER, where does this come from? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1467317930 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 12 18:38:11 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jul 2023 16:38:11 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Andreas Metzler commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1467318786 Looks good, thank you. BTW I googled on vain for any documention on SH_LOG_COMPILER, where does this come from? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1467318786 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 12 18:38:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jul 2023 16:38:21 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: All discussions on merge request !1754 were resolved by Andreas Metzler https://gitlab.com/gnutls/gnutls/-/merge_requests/1754 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 12 18:38:37 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jul 2023 16:38:37 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Merge request !1754 was approved by Andreas Metzler Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754 Project:Branches: dueno/gnutls:wip/dueno/faketime to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewer: Andreas Metzler -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 12 20:13:55 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jul 2023 18:13:55 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1467436526 It's documented in [15.2.3 Parallel Test Harness](https://www.gnu.org/software/automake/manual/html_node/Parallel-Test-Harness.html) in the automake manual, as `ext_LOG_COMPILER`. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1467436526 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 12 20:14:18 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jul 2023 18:14:18 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1467436881 Thank you for the review! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754#note_1467436881 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 12 20:14:25 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jul 2023 18:14:25 +0000 Subject: [gnutls-devel] GnuTLS | Improve time adjustment logic in tests (!1754) In-Reply-To: References: Message-ID: Merge request !1754 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754 Project:Branches: dueno/gnutls:wip/dueno/faketime to gnutls/gnutls:master Author: Daiki Ueno Reviewer: Andreas Metzler -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1754 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 12 20:14:54 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jul 2023 18:14:54 +0000 Subject: [gnutls-devel] GnuTLS | ocsptool: add `--attime` option (!1724) In-Reply-To: References: Message-ID: Merge request !1724 was closed by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1724 Project:Branches: praveksharma/gnutls:feat/ocsp_attime to gnutls/gnutls:master Author: Pravek Sharma Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1724 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 12 20:14:54 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jul 2023 18:14:54 +0000 Subject: [gnutls-devel] GnuTLS | ocsptool: add `--attime` option (!1724) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1724#note_1467437412 Included in !1754. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1724#note_1467437412 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 12 20:15:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jul 2023 18:15:13 +0000 Subject: [gnutls-devel] GnuTLS | certtool: Add `--attime` option (!1732) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1732#note_1467437669 Included in !1754. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1732#note_1467437669 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 12 20:15:14 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jul 2023 18:15:14 +0000 Subject: [gnutls-devel] GnuTLS | certtool: Add `--attime` option (!1732) In-Reply-To: References: Message-ID: Merge request !1732 was closed by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1732 Project:Branches: FreaxMATE/gnutls:attimecerttool to gnutls/gnutls:master Author: Wilbur Wetterquarz Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1732 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 13 09:05:02 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 13 Jul 2023 07:05:02 +0000 Subject: [gnutls-devel] GnuTLS | certtool: reject negative serial numbers (!1755) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1755 Project:Branches: dueno/gnutls:wip/dueno/certtool-negative-serial to gnutls/gnutls:master Author: Daiki Ueno This is a copy of !1739 by @Eligus, to pacify the CI errors so we can merge it. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1755 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 13 10:14:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 13 Jul 2023 08:14:04 +0000 Subject: [gnutls-devel] Guile-GnuTLS | CI: Fix tests/srp-base64.scm alpine failure. (!14) In-Reply-To: References: Message-ID: Merge request !14 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/14 Project:Branches: vivien_/guile:silence-alpine-failure to gnutls/guile:master Author: Vivien Kraus Would Rather Not Be On Gitlab_com -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/14 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 13 10:15:26 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 13 Jul 2023 08:15:26 +0000 Subject: [gnutls-devel] Guile-GnuTLS | CI: Fix tests/srp-base64.scm alpine failure. (!14) In-Reply-To: References: Message-ID: civodul commented: https://gitlab.com/gnutls/guile/-/merge_requests/14#note_1468006072 Applied, thank you @vivien\_ ! @jas, how do you feel about cutting a release, especially now that there are those extra X.509 bindings from !13? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/14#note_1468006072 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 13 10:57:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 13 Jul 2023 08:57:13 +0000 Subject: [gnutls-devel] GnuTLS | certtool: reject negative serial numbers (!1755) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1755#note_1468077422 Merging without a formal approval, as the changes have already been reviewed in the original MR. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1755#note_1468077422 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 13 10:57:18 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 13 Jul 2023 08:57:18 +0000 Subject: [gnutls-devel] GnuTLS | certtool: reject negative serial numbers (!1755) In-Reply-To: References: Message-ID: Merge request !1755 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1755 Project:Branches: dueno/gnutls:wip/dueno/certtool-negative-serial to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1755 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 13 10:57:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 13 Jul 2023 08:57:33 +0000 Subject: [gnutls-devel] GnuTLS | certtool: reject negative serial numbers (!1739) In-Reply-To: References: Message-ID: Merge request !1739 was closed by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1739 Project:Branches: Eligus/gnutls:certtool-negative-serial to gnutls/gnutls:master Author: Elias Gustafsson Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1739 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 13 10:57:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 13 Jul 2023 08:57:33 +0000 Subject: [gnutls-devel] GnuTLS | certtool: reject negative serial numbers (!1739) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1739#note_1468078105 Merged as !1755. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1739#note_1468078105 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 14 07:05:11 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 14 Jul 2023 05:05:11 +0000 Subject: [gnutls-devel] GnuTLS | Add `--attime` option to tools that perform certificate verification (#1463) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1463#note_1469303697 This has been addressed by !1754. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1463#note_1469303697 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 14 07:05:12 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 14 Jul 2023 05:05:12 +0000 Subject: [gnutls-devel] GnuTLS | Add `--attime` option to tools that perform certificate verification (#1463) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno Issue #1463: https://gitlab.com/gnutls/gnutls/-/issues/1463 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1463 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 14 07:06:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 14 Jul 2023 05:06:05 +0000 Subject: [gnutls-devel] GnuTLS | `certtool` permits creation of certificates with "negative" serial numbers (#1237) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1237#note_1469304074 This should be fixed now through !1739 (!1755). -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1237#note_1469304074 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jul 14 07:06:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 14 Jul 2023 05:06:06 +0000 Subject: [gnutls-devel] GnuTLS | `certtool` permits creation of certificates with "negative" serial numbers (#1237) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno Issue #1237: https://gitlab.com/gnutls/gnutls/-/issues/1237 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1237 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jul 16 07:41:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 16 Jul 2023 05:41:36 +0000 Subject: [gnutls-devel] Guile-GnuTLS | CI: Fix tests/srp-base64.scm alpine failure. (!14) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/merge_requests/14#note_1471131610 Thank you! I still have a few extra code to merge, can you look at it? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/14#note_1471131610 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 17 22:31:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 17 Jul 2023 20:31:06 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Cross-compilation of the Guile bindings (#11) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/11#note_1473188405 Hi. I have merged this patch now. However, can you describe how I could easily (preferably on a debian-like distribution for CI/CD) reproduce this problem? How do I even build guile-gnutls for cross compilation? Once we figure out, we should test this during the pipeline to avoid regressions. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/11#note_1473188405 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 17 22:35:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 17 Jul 2023 20:35:28 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add a copyright notice for the guile examples. (!12) In-Reply-To: References: Message-ID: Merge request !12 was set to auto-merge by Simon Josefsson Merge request url: https://gitlab.com/gnutls/guile/-/merge_requests/12 Project:Branches: vivien_/guile:add-copyright-notices-to-examples to gnutls/guile:master Author: Vivien Kraus Would Rather Not Be On Gitlab_com Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/12 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 17 23:03:50 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 17 Jul 2023 21:03:50 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Cross-compilation of the Guile bindings (#11) In-Reply-To: References: Message-ID: janneke commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/11#note_1473258863 Simon Josefsson (@jas) writes: Hi! > Simon Josefsson commented: > > Hi. I have merged this patch now. Great, thanks! > However, can you describe how I could easily (preferably on a > debian-like distribution for CI/CD) reproduce this problem? How do I > even build guile-gnutls for cross compilation? Once we figure out, we > should test this during the pipeline to avoid regressions. On Guix, you would do --8<---------------cut here---------------start------------->8--- guix build --target=i586-pc-gnu guile-gnutls --8<---------------cut here---------------end--------------->8--- On Debian, if you're lucky, it could just be something like --8<---------------cut here---------------start------------->8--- # ... setup cross build environment ... ./configure CC_FOR_BUILD=gcc LD_FOR_BUILD=ld \ --prefix=/your/cross/prefix \ --build=x86_64-unknown-linux-gnu --host=i586-pc-gnu make --8<---------------cut here---------------end--------------->8--- Greetings, Janneke
... -- Janneke Nieuwenhuizen | GNU LilyPond https://LilyPond.org Freelance IT https://www.JoyOfSource.com | Avatar? https://AvatarAcademy.com
-- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/11#note_1473258863 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 17 23:07:50 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 17 Jul 2023 21:07:50 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add a copyright notice for the guile examples. (!12) In-Reply-To: References: Message-ID: Merge request !12 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/12 Project:Branches: vivien_/guile:add-copyright-notices-to-examples to gnutls/guile:master Author: Vivien Kraus Would Rather Not Be On Gitlab_com -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/12 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 17 23:45:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 17 Jul 2023 21:45:44 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add the symmetric encryption algorithms (!7) In-Reply-To: References: Message-ID: Merge request !7 was set to auto-merge by Simon Josefsson Merge request url: https://gitlab.com/gnutls/guile/-/merge_requests/7 Project:Branches: vivien_/guile:symmetric-algorithms to gnutls/guile:master Author: Vivien Kraus Would Rather Not Be On Gitlab_com Assignee: civodul Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/7 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 00:12:34 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 17 Jul 2023 22:12:34 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add the symmetric encryption algorithms (!7) In-Reply-To: References: Message-ID: Merge request !7 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/7 Project:Branches: vivien_/guile:symmetric-algorithms to gnutls/guile:master Author: Vivien Kraus Would Rather Not Be On Gitlab_com Assignee: civodul -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/7 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 00:47:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 17 Jul 2023 22:47:45 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Bind the random number generator (!8) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/merge_requests/8#note_1473427354 Hi and sorry for the delay. Reviewing guile contributions isn't really something I'm good at, and I haven't felt comfortable touching too much of guile-gnutls. However, I've realized that if the CI/CD pipeline passes, we should start to merge things. I merged one of your patches, but in doing so I messed up the two others (presumably because I merged them out of order), so would you be so kind to refresh these and I'll merge? My goal is to get a release out within the next few days that would contain your two remaining merge requests and all other stuff already committed. Again, sorry for the delay, and you did nothing wrong except got caught up in my own maintainer uncertainty in reviewing larger patches. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/8#note_1473427354 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 07:57:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 05:57:45 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Bind the public key cryptography, and then the random number generator (!8) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/merge_requests/8#note_1473752911 Hello, and thank you! There were no particular orders for the merge requests, so they all conflict with each other (and since git isn?t particularly good at detecting function boundaries, it can lead to a lot of editing). I rebased !9, and this one on top of !9, so there should not be any more conflict if you merge !9 and then this. I?m not very happy that the patch is large either. Most of it is just applying the same tricks to get interoperability between C and guile. The examples and tests check that there are no stupid errors like an argument being forgotten in the conversion. I guess the ultimate solution would be to rewrite gnutls in guile! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/8#note_1473752911 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 08:42:38 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 06:42:38 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Public key cryptography (!9) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473792357 I get one or two test failures on trisquel 10, not this code. I?m checking whether this is a problem with my runner or not, by checking if my runner can build the origin master branch. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473792357 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 09:28:00 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 07:28:00 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Public key cryptography (!9) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473849040 Thank you! I pushed your branch to jas/public-key-cryptography to see if our builders accept it: https://gitlab.com/gnutls/guile/-/pipelines/934932000 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473849040 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 09:38:37 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 07:38:37 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Public key cryptography (!9) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473868867 Master builds fine: https://gitlab.com/gnutls/guile/-/pipelines/934940024 However your branch stalls on the x509-auth test, it has been running for 10 minutes now: https://gitlab.com/gnutls/guile/-/jobs/4675670030 So I think it must be something in your patch that triggers this... hm. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473868867 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 09:46:59 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 07:46:59 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Public key cryptography (!9) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473880435 Note that 'Trisquel10-git' succeeds without problem, and the trouble hits 'Trisquel10-tarball'.... -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473880435 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 09:50:50 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 07:50:50 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Public key cryptography (!9) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473887666 If I disable my own tests, then it still fails. If I disable the tests and remove my code from core.c, it passes. So, I guess there?s one function I wrote that confuses the compiler. I?m now bisecting my functions to find the one that starts the problem. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473887666 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 09:56:09 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 07:56:09 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Public key cryptography (!9) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473901778 Thanks for debugging! I'll come back later today to see if you found the problem. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1473901778 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 13:45:31 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 11:45:31 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Public key cryptography (!9) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1474451118 It appears that gnutls on trisquel 10 mishandles a set of signature algorithms. I don?t know which ones, so I think the best thing for now is to only enable the most useful ones. This is explained in https://gitlab.com/gnutls/guile/-/merge_requests/9/diffs?commit_id=e7ba70f6dd8d3fe96e90845cb5c25eb99bee0175 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1474451118 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 14:07:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 12:07:06 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Public key cryptography (!9) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1474490115 Thanks -- any thoughts why it works in Trisquel10-git but not Trisquel10-tarball? I wonder if there is any difference compared to Ubuntu20.04 here. Maybe GnuTLS is using kernel-based crypto acceleration that mess things up? Still doesn't explain why Trisquel10-git works but not Trisquel10-tarball though. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1474490115 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 14:29:40 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 12:29:40 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Public key cryptography (!9) In-Reply-To: References: Message-ID: Merge request !9 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/9 Project:Branches: vivien_/guile:public-key-cryptography to gnutls/guile:master Author: Vivien Kraus Would Rather Not Be On Gitlab_com Assignee: civodul -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/9 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 14:37:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 12:37:28 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Bind the public key cryptography, and then the random number generator (!8) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/merge_requests/8#note_1474564946 I've merged !9 now and the pipeline for this one looks good too, I'll merge it within an hour or so if your branch looks the same and you haven't objected. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/8#note_1474564946 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 14:39:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 12:39:53 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Public key cryptography (!9) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1474569597 I have no idea. The config.log from two successful trisquel jobs (the -git and associated -tarball) is identical. I found on a couple occasions that the -git job would hang as well, but it is much more rare. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/9#note_1474569597 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 14:53:51 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 12:53:51 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Bind the public key cryptography, and then the random number generator (!8) In-Reply-To: References: Message-ID: Merge request !8 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/8 Project:Branches: vivien_/guile:random-number-generator to gnutls/guile:master Author: Vivien Kraus Would Rather Not Be On Gitlab_com Assignee: civodul -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/8 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 15:16:35 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 13:16:35 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Internationalization (#12) References: Message-ID: Simon Josefsson created an issue: https://gitlab.com/gnutls/guile/-/issues/12 GNU policies suggest user-visible strings should be translated. I don't even know if we have any, or how to translate them in guile, but let's keep this issue to track any discussion/progress/decision about this. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/12 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 16:09:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 14:09:15 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) References: Message-ID: Simon Josefsson created an issue: https://gitlab.com/gnutls/guile/-/issues/13 I tried to build 65ebe54dfd68758b47108c94a514443634674068, and it fails like this: ``` FAIL: tests/aead.scm ==================== throw to `gnutls-error' with args (# aead-cipher-decrypt) [PID 88468] FAIL tests/aead.scm (exit status: 1) ``` Any ideas? I'll try to narrow it down. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 16:22:40 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 14:22:40 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Cross-compilation of the Guile bindings (#11) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/11#note_1474810431 Thank you! I was able to reproduce this like this: ``` ./configure --build=x86_64-unknown-linux-gnu --host=i586-pc-gnu make # works git revert 53a91994106f9b7bbf244e8af9c5f852d478752c make # fails with the error in this bug report ``` I'll try to add a pipeline job to catch regressions here. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/11#note_1474810431 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 16:24:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 14:24:39 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Cross-compilation of the Guile bindings (#11) In-Reply-To: References: Message-ID: Issue was closed by Simon Josefsson via commit 5d206fa683d11fbbc3021828434877dee1ec588c Issue #11: https://gitlab.com/gnutls/guile/-/issues/11 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/11 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 16:34:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 14:34:36 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/13#note_1474839205 There should be a file named "./aead-manual-example-data.encrypted", is it present? Can you upload it? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474839205 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:09:52 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:09:52 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/13#note_1474908810 Does this help? ``` fika:guile-gnutls jas$ base64 < ./guile/aead-manual-example-data.encrypted SeOCioFZy4/ZBq1qlY0d/Zj8MU9d1MV2poHVyst/inWAYQ== fika:guile-gnutls jas$ ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474908810 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:18:48 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:18:48 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/13#note_1474923725 A bit more data: ``` jas at kaka:~/src/guile-gnutls$ echo SeOCioFZy4/ZBq1qlY0d/Zj8MU9d1MV2poHVyst/inWAYQ== | base64 -d > foo jas at kaka:~/src/guile-gnutls$ GNUTLS_GUILE_EXTENSION_DIR=$PWD/guile/src guile -L $PWD/guile/modules -s guile/examples/aead-decrypt-example.scm ;;; note: source file /home/jas/src/guile-gnutls/guile/modules/gnutls.scm ;;; newer than compiled /usr/lib/x86_64-linux-gnu/guile/3.0/site-ccache/gnutls.go ;;; found fresh local cache at /home/jas/.cache/guile/ccache/3.0-LE-8-4.5/home/jas/src/guile-gnutls/guile/modules/gnutls.scm.go What is the secret? the secret key is 32 bytes long. Which file do you want to decrypt? foo Backtrace: In ice-9/boot-9.scm: 1752:10 10 (with-exception-handler _ _ #:unwind? _ # _) In unknown file: 9 (apply-smob/0 #) In ice-9/boot-9.scm: 724:2 8 (call-with-prompt _ _ #) In ice-9/eval.scm: 619:8 7 (_ #(#(#))) In ice-9/boot-9.scm: 2835:4 6 (save-module-excursion _) 4380:12 5 (_) In /home/jas/src/guile-gnutls/guile/examples/aead-decrypt-example.scm: 36:6 4 (_) In ice-9/ports.scm: 433:17 3 (call-with-output-file _ _ #:binary _ #:encoding _) 433:17 2 (call-with-input-file _ _ #:binary _ #:encoding _ # _) In /home/jas/src/guile-gnutls/guile/examples/aead-decrypt-example.scm: 45:27 1 (_ #) In unknown file: 0 (aead-cipher-decrypt # # # 0 #) ERROR: In procedure aead-cipher-decrypt: Throw to key `gnutls-error' with args `(# aead-cipher-decrypt)'. jas at kaka:~/src/guile-gnutls$ ``` This is on my trisquel machine, but the output looks the same on Mac. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474923725 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:19:37 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:19:37 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1474925167 If you delete the file and run the tests again, do you get the same content? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474925167 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:22:25 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:22:25 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/13#note_1474930390 Is the gnutls version on macos one that we checked in the CI? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474930390 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:34:11 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:34:11 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1474950564 Yes, every time - this time actually on the Mac: ``` fika:guile-gnutls jas$ sha1sum ./guile/aead-manual-example-data.encrypted 1ce0af7b2c24d5280b6325b46d553620894000ac ./guile/aead-manual-example-data.encrypted fika:guile-gnutls jas$ rm ./guile/aead-manual-example-data.encrypted fika:guile-gnutls jas$ make check ... fika:guile-gnutls jas$ sha1sum ./guile/aead-manual-example-data.encrypted 1ce0af7b2c24d5280b6325b46d553620894000ac ./guile/aead-manual-example-data.encrypted fika:guile-gnutls jas$ ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474950564 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:35:07 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:35:07 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1474952401 It is using GnuTLS 3.8.0 via up to date Brew: https://brew.sh -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474952401 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:36:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:36:36 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1474955403 The first bytes of the output seem to only depend on the key; thus maybe the problem is early, during make-aead-cipher. Can you edit guile/examples/aead-encrypt-example.scm to leak the private key? At line 28, add: ```scheme (error (format #f "Secret key: ~s" secret)) ``` to abort and leak the key. You should get: ``` throw to `misc-error' with args (#f "~A" ("Secret key: #vu8(116 104 101 32 115 101 99 114 101 116 32 107 101 121 32 105 115 32 51 50 32 98 121 116 101 115 32 108 111 110 103 46)") #f) [PID 10356] FAIL tests/aead.scm (exit status: 1) ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474955403 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:38:29 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:38:29 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1474958546 I got this: ``` throw to `misc-error' with args (#f "~A" ("Secret key: #vu8(116 104 101 32 115 101 99 114 101 116 32 107 101 121 32 105 115 32 51 50 32 98 121 116 101 115 32 108 111 110 103 46)") #f) [PID 20568] ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474958546 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:42:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:42:04 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1474964443 So the exact same. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474964443 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:48:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:48:44 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1474979251 Do you have access to the GCC compile farm? https://cfarm.tetaneutral.net They have a Mac for porting. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474979251 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:50:50 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:50:50 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1474983554 I'm happy to try more things, but I'm a little lost exactly what to try. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474983554 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:51:40 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:51:40 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/13#note_1474985343 If you are willing to have your hands dirty, it may be useful to check in core.c that `scm_gnutls_make_aead_cipher` always receives the `GNUTLS_CIPHER_AES_256_GCM` value (should be 11) for `c_algorithm`, and `"the secret key is 32 bytes long."` as datum_key.data. Can you add a couple of asserts, right before line 4465, so when datum_key and c_algorithm have their final value? ```c assert (memcmp (datum_key.data, "the secret key is 32 bytes long.", 32) == 0); assert (c_algorithm == GNUTLS_CIPHER_AES_256_GCM); ``` Then run the tests. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474985343 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:57:22 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:57:22 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1474997289 This worked -- I changed the == into =! and then it crashed. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474997289 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:57:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:57:53 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1474998536 So, the key and algorithms are correct. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474998536 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 17:58:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 15:58:39 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1474999752 I checked length too... ``` assert (datum_key.size == 32); ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1474999752 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 18:09:46 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 16:09:46 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1475022800 Thanks for pointers to C code. I'm playing around comparing Trisquel vs Mac to find where it differs.... all input lengths are the same, haven't printed the data buffers yet. We do test gnutls 3.8.0-rc on Alpine, but it MAY be some strange gnutls change somehow. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475022800 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 18:24:46 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 16:24:46 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/13#note_1475068372 In guile/examples/aead-encrypt-example.scm, can you leak the data just before it is written to file? At line 51: ```scheme (error (format #f "About to write: ~s" encrypted)) ``` I get: ``` throw to `misc-error' with args (#f "~A" ("About to write: #vu8(165 52 134 59 68 146 31 63 95 165 252 50 143 103 65 69 178 102 137 109 28 40 133 192 217 52 248 171 76 157 133 84 116 19)") #f) [PID 22293] FAIL tests/aead.scm (exit status: 1) ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475068372 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 18:36:01 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 16:36:01 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/13#note_1475104454 So, line 4508 of guile/src/core.c, right before the call to `gnutls_aead_cipher_encrypt`, you should be able to add these asserts: ```c assert (c_nonce_len == strlen ("Never encrypt more data with this nonce")); assert (memcmp (c_nonce, "Never encrypt more data with this nonce", c_nonce_len) == 0); assert (c_auth_len == strlen ("Additional secret data")); assert (memcmp (c_auth, "Additional secret data", c_auth_len) == 0); assert (c_tag_size == 16); assert (c_data_len == strlen ("Confidential data.")); assert (memcmp (c_data, "Confidential data.", c_data_len) == 0); ``` And just before returning, these: ```c assert (used_size == output_size); assert (scm_c_bytevector_length (ret) == 34); assert ((char) (SCM_BYTEVECTOR_CONTENTS (ret)[0]) == (char) 165); ``` And it should work. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475104454 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 18:43:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 16:43:06 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1475129759 Thanks for pointers. Everything but the last works: ``` Assertion failed: ((char) (SCM_BYTEVECTOR_CONTENTS (ret)[0]) == (char) 165), function scm_gnutls_aead_cipher_encrypt, file core.c, line 4527. ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475129759 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 18:46:59 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 16:46:59 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1475139631 Print the output buffer: ``` for (int i= 0; i < 34; i++) fprintf (stderr, "%x ", 0xFF & SCM_BYTEVECTOR_CONTENTS (ret)[i]); fprintf (stderr, "\n"); ``` results in ``` 49 e3 82 8a 81 59 cb 8f d9 6 ad 6a 95 8d 1d fd 98 fc 31 4f 5d d4 c5 76 a6 81 d5 ca cb 7f 8a 75 80 61 ``` which matches the contents of `./guile/aead-manual-example-data.encrypted`. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475139631 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 19:03:26 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 17:03:26 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/13#note_1475182161 Can you compile this sample code and run it? It should output "OK": ```c #include #include #include #include int main () { static const gnutls_cipher_algorithm_t algo = GNUTLS_CIPHER_AES_256_GCM; static const char *key = "the secret key is 32 bytes long."; gnutls_datum_t datum_key; datum_key.data = (unsigned char *) key; datum_key.size = strlen (key); gnutls_aead_cipher_hd_t handle; if (gnutls_aead_cipher_init (&handle, algo, &datum_key)) { return EXIT_FAILURE; } static const char *nonce = "Never encrypt more data with this nonce"; static const char *auth = "Additional secret data"; static const int tag_size = 16; static const char *data = "Confidential data."; size_t used_size = tag_size + strlen (data); char output[used_size]; if (gnutls_aead_cipher_encrypt (handle, nonce, strlen (nonce), auth, strlen (auth), tag_size, data, strlen (data), output, &used_size)) { return EXIT_FAILURE; } if (used_size != 34) { return EXIT_FAILURE; } if (output[0] != (char) 165) { return EXIT_FAILURE; } gnutls_aead_cipher_deinit (handle); fprintf (stderr, "OK\n"); return EXIT_SUCCESS; } ``` ```shell gcc main.c $(pkg-config --cflags gnutls) $(pkg-config --libs gnutls) && ./a.out ``` I get: ``` OK ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475182161 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 19:17:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 17:17:15 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/13#note_1475206001 Thank you! Modifying it to also print output buffer, I get the same as before on Mac: ``` 49 e3 82 8a 81 59 cb 8f d9 6 ad 6a 95 8d 1d fd 98 fc 31 4f 5d d4 c5 76 a6 81 d5 ca cb 7f 8a 75 80 61 ``` Time to report to GnuTLS folks?! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475206001 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 19:21:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 17:21:47 +0000 Subject: [gnutls-devel] GnuTLS | AEAD output difference on Mac (#1494) References: Message-ID: Simon Josefsson created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1494 Hi. This came from https://gitlab.com/gnutls/guile/-/issues/13 but Vivien resolved it to a GnuTLS concern. The code snippet below prints the following on my MacBook Pro (M1) with GnuTLS 3.8.0 via homebrew. Is this reproducible on other Mac's? ``` 49 e3 82 8a 81 59 cb 8f d9 6 ad 6a 95 8d 1d fd 98 fc 31 4f 5d d4 c5 76 a6 81 d5 ca cb 7f 8a 75 80 61 ``` Compile main.c below as this: `gcc main.c $(pkg-config --cflags gnutls) $(pkg-config --libs gnutls) && ./a.out` ``` #include #include #include #include int main () { static const gnutls_cipher_algorithm_t algo = GNUTLS_CIPHER_AES_256_GCM; static const char *key = "the secret key is 32 bytes long."; gnutls_datum_t datum_key; datum_key.data = (unsigned char *) key; datum_key.size = strlen (key); gnutls_aead_cipher_hd_t handle; if (gnutls_aead_cipher_init (&handle, algo, &datum_key)) { return EXIT_FAILURE; } static const char *nonce = "Never encrypt more data with this nonce"; static const char *auth = "Additional secret data"; static const int tag_size = 16; static const char *data = "Confidential data."; size_t used_size = tag_size + strlen (data); char output[used_size]; if (gnutls_aead_cipher_encrypt (handle, nonce, strlen (nonce), auth, strlen (auth), tag_size, data, strlen (data), output, &used_size)) { return EXIT_FAILURE; } if (used_size != 34) { return EXIT_FAILURE; } for (int i= 0; i < 34; i++) fprintf (stderr, "%x ", 0xFF & output[i]); fprintf (stderr, "\n"); if (output[0] != (char) 165) { return EXIT_FAILURE; } gnutls_aead_cipher_deinit (handle); fprintf (stderr, "OK\n"); return EXIT_SUCCESS; } ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1494 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 19:22:57 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 17:22:57 +0000 Subject: [gnutls-devel] GnuTLS | AEAD output difference on Mac (#1494) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1475211607 Expected output from GNU/Linux hosts: ``` a5 34 86 3b 44 92 1f 3f 5f a5 fc 32 8f 67 41 45 b2 66 89 6d 1c 28 85 c0 d9 34 f8 ab 4c 9d 85 54 74 13 OK ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1475211607 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 19:23:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 17:23:28 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1475212385 I checked the manual and RFC5116 for possible gotchas with the arguments, but I could not find any? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475212385 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 19:46:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 17:46:53 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1475235765 Could you compare with Nettle behavior for example? It has GCM self testing code. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475235765 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 20:01:08 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 18:01:08 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1475253182 >From the online manual, it seems that AES-GCM encryption does not support the additional data. I?m not very familiar with this though. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475253182 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 20:03:14 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 18:03:14 +0000 Subject: [gnutls-devel] Guile-GnuTLS | New release: Guile-GnuTLS 3.7.13 - v3.7.13 Message-ID: A new Release v3.7.13 for Guile-GnuTLS was published. Visit the Releases page to read more about it: https://gitlab.com/gnutls/guile/-/releases Assets: - Download zip: https://gitlab.com/gnutls/guile/-/archive/v3.7.13/guile-v3.7.13.zip - Download tar.gz: https://gitlab.com/gnutls/guile/-/archive/v3.7.13/guile-v3.7.13.tar.gz - Download tar.bz2: https://gitlab.com/gnutls/guile/-/archive/v3.7.13/guile-v3.7.13.tar.bz2 - Download tar: https://gitlab.com/gnutls/guile/-/archive/v3.7.13/guile-v3.7.13.tar Release notes: https://gitlab.com/gnutls/guile/-/blob/v3.7.13/NEWS [guile-gnutls-3.7.13.tar.gz](/uploads/21cfbd0d55627751a902333d2c592fd7/guile-gnutls-3.7.13.tar.gz) [guile-gnutls-3.7.13.tar.gz.sig](/uploads/b660cf95c133c3856e5fb0c80e876178/guile-gnutls-3.7.13.tar.gz.sig) -- View it on GitLab: https://gitlab.com/gnutls/guile/-/releases You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 20:33:20 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 18:33:20 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1475344062 I?m not sure how it works, I tried to concatenate the "digest" with the "encrypt" result (after an "update") but it does not give the correct result. I must be missing something. I guess the nonce value should not be used as an initialization vector? ```c #include #include #include #include int main () { static const char *key = "the secret key is 32 bytes long."; static const char *auth = "Additional secret data"; static const char *nonce = "Never encrypt more data with this nonce"; static const char *data = "Confidential data."; struct gcm_aes256_ctx context; gcm_aes256_set_key (&context, key); gcm_aes256_set_iv (&context, strlen (nonce), nonce); static const size_t tag_size = 16; size_t used_size = tag_size + strlen (data); char output[used_size]; gcm_aes256_update (&context, strlen (auth), auth); gcm_aes256_encrypt (&context, strlen (data), & (output[tag_size]), data); gcm_aes256_digest (&context, tag_size, output); for (int i= 0; i < used_size; i++) fprintf (stderr, "%x ", 0xFF & output[i]); if (output[0] != (char) 165) { return EXIT_FAILURE; } fprintf (stderr, "OK\n"); return EXIT_SUCCESS; } ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475344062 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 21:11:12 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 19:11:12 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/issues/13#note_1475425504 OK I get it. The nonce size must be 12, but gnutls does not enforce it. The old implementation must have done something sensible, like take the first 12 bytes, but the new implementation must be doing something destructive, which means the authentication data for decryption is different from the authentication data at encryption. The solution is to stay with the standard and only use 12 bytes for the nonce, I guess. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475425504 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 21:12:00 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 19:12:00 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Draft: Resolve "aead.scm fails on Mac OS" (!15) References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/15 Branches: 13-aead-scm-fails-on-mac-os to master Author: Vivien Kraus Would Rather Not Be On Gitlab_com Closes #13 by using a 12-bytes nonce in the example, and informing the reader about that limit. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/15 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 21:19:55 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 19:19:55 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Draft: Resolve "aead.scm fails on Mac OS" (!15) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/guile/-/merge_requests/15#note_1475440477 @jas does it solve the macos issue? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/15#note_1475440477 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 21:23:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 19:23:45 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Resolve "aead.scm fails on Mac OS" (!15) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com marked merge request !15 as ready -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/15 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 21:27:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 19:27:19 +0000 Subject: [gnutls-devel] GnuTLS | AEAD output difference on Mac (#1494) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1475454426 The issue here turns out to be that the nonce length is not 12. The macos version of gnutls seems to be doing what this equivalent code in Nettle is doing: ```c #include #include #include #include int main () { static const char *key = "the secret key is 32 bytes long."; static const char *auth = "Additional secret data"; static const char *nonce = "Never encrypt more data with this nonce"; static const char *data = "Confidential data."; struct gcm_aes256_ctx context; gcm_aes256_set_key (&context, key); gcm_aes256_set_iv (&context, strlen (nonce), nonce); static const size_t tag_size = 16; size_t used_size = tag_size + strlen (data); char output[used_size]; gcm_aes256_update (&context, strlen (auth), auth); gcm_aes256_encrypt (&context, strlen (data), output, data); gcm_aes256_digest (&context, tag_size, & (output[strlen (data)])); for (int i= 0; i < used_size; i++) fprintf (stderr, "%x ", 0xFF & output[i]); if (output[0] != (char) 165) { return EXIT_FAILURE; } fprintf (stderr, "OK\n"); return EXIT_SUCCESS; } ``` While the other versions are doing something different. The question is thus about decryption: why can?t the macos version of gnutls decrypt the encrypted data with the non-standard nonce length, while the other versions can? I guess it is safer to refuse to decrypt, but it is surprising. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1475454426 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 21:39:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 19:39:06 +0000 Subject: [gnutls-devel] GnuTLS | AEAD output difference on Mac (#1494) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1475467677 @jas can you try this with gnutls: ```c #include #include #include #include int main () { static const gnutls_cipher_algorithm_t algo = GNUTLS_CIPHER_AES_256_GCM; static const char *key = "the secret key is 32 bytes long."; gnutls_datum_t datum_key; datum_key.data = (unsigned char *) key; datum_key.size = strlen (key); gnutls_aead_cipher_hd_t handle; if (gnutls_aead_cipher_init (&handle, algo, &datum_key)) { return EXIT_FAILURE; } static const char *nonce = "Never encrypt more data with this nonce"; static const char *auth = "Additional secret data"; static const int tag_size = 16; static const char *data = "Confidential data."; size_t used_size = tag_size + strlen (data); char output[used_size]; if (gnutls_aead_cipher_encrypt (handle, nonce, strlen (nonce), auth, strlen (auth), tag_size, data, strlen (data), output, &used_size)) { return EXIT_FAILURE; } if (used_size != 34) { return EXIT_FAILURE; } gnutls_aead_cipher_deinit (handle); /* Decryption */ size_t decryption_used_size = strlen (data); char decrypted_output[decryption_used_size]; if (gnutls_aead_cipher_init (&handle, algo, &datum_key)) { return EXIT_FAILURE; } if (gnutls_aead_cipher_decrypt (handle, nonce, strlen (nonce), auth, strlen (auth), tag_size, output, used_size, decrypted_output, &decryption_used_size)) { fprintf (stderr, "Gnutls cannot decrypt, even if we have the exact same nonce.\n"); return EXIT_FAILURE; } fprintf (stderr, "Gnutls can decrypt if we have the same nonce.\n"); return EXIT_SUCCESS; } ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1475467677 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 21:49:02 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 19:49:02 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Issue was closed by Simon Josefsson via merge request !15 (https://gitlab.com/gnutls/guile/-/merge_requests/15) Issue #13: https://gitlab.com/gnutls/guile/-/issues/13 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 21:49:02 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 19:49:02 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Resolve "aead.scm fails on Mac OS" (!15) In-Reply-To: References: Message-ID: Merge request !15 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/15 Branches: 13-aead-scm-fails-on-mac-os to master Author: Vivien Kraus Would Rather Not Be On Gitlab_com -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/15 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 21:53:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 19:53:06 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/13#note_1475480919 It resolves this, many thanks @vivien\_ for tracking this down! I wish we had a platform in CI/CD that triggered this problem, it may be some GnuTLS compilation option somehow, but the brew build files looks simple: https://github.com/Homebrew/homebrew-core/blob/master/Formula/gnutls.rb -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475480919 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 22:01:22 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 20:01:22 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1475489080 That issue taught me a few interesting things about AEAD, I did not lose my time here! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475489080 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 22:02:32 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 20:02:32 +0000 Subject: [gnutls-devel] GnuTLS | AEAD output difference on Mac (#1494) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1475491064 It works. I looked at Nettle's GCM, and it has an arm-specific version in it. Maybe this behavior can be traced back to Nettle's different code for different architectures, and it has nothing to do with Mac per se. ``` fika:~ jas$ gcc main.c $(pkg-config --cflags gnutls) $(pkg-config --libs gnutls) && ./a.out Gnutls can decrypt if we have the same nonce. fika:~ jas$ ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1475491064 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 18 22:57:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 18 Jul 2023 20:57:47 +0000 Subject: [gnutls-devel] Guile-GnuTLS | aead.scm fails on Mac OS (#13) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/13#note_1475558247 Thank you! I realized gitlab does offer Mac CI/CD pipelines, so I have added this now: https://gitlab.com/gnutls/guile/-/commit/02ab13dc239f9c60d2d811119f74ac1b9f293365 With pipeline runs like this: https://gitlab.com/gnutls/guile/-/jobs/4682167987 I reverting your fix on a test branch, which promptly triggered the problem I was seeing: https://gitlab.com/gnutls/guile/-/jobs/4682169671 So this seems to be easily reproducible. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/13#note_1475558247 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 19 08:42:07 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 19 Jul 2023 06:42:07 +0000 Subject: [gnutls-devel] GnuTLS | Porting HPKE (!1749) In-Reply-To: References: Message-ID: Norbert Pocs commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1749#note_1475984156 LGTM! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1749#note_1475984156 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 19 14:36:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 19 Jul 2023 12:36:47 +0000 Subject: [gnutls-devel] GnuTLS | AEAD output difference on Mac (#1494) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1476681070 GnuTLS incorporates AArch64 acceleration from CRYPTOGAMS, and if it is used, Nettle's AArch64 acceleration code will not be used. Maybe you could try with `GNUTLS_CPUID_OVERRIDE=0x1` to isolate the issue? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1476681070 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 19 15:31:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 19 Jul 2023 13:31:47 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Support for non-blocking use (#14) References: Message-ID: Christopher Baines created an issue: https://gitlab.com/gnutls/guile/-/issues/14 I've been testing doing HTTP requests in Guile with non blocking sockets, and it can be made to work. One issue I came up against is that Guile/guile-gnutls don't use the handshake operation in a way that works with non-blocking sockets. handshake can return eagain in this situation, but this isn't handled appropriately. It's not obvious to me where this should be handled, but maybe if a binding is added for `gnutls_record_get_direction`, then `tls-wrap` in Guile can be changed to use this to call the appropriate waiter on the socket. Note that you can workaround this above issue by marking the socket as non blocking once the handshake has been completed, but this is probably not ideal since things will block during the handshake. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/14 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 19 17:34:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 19 Jul 2023 15:34:53 +0000 Subject: [gnutls-devel] GnuTLS | `The certificate issuer is unknown.` despite certificate being present (#1455) In-Reply-To: References: Message-ID: Paul Menzel commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1455#note_1477042014 Ping. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1455#note_1477042014 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 20 08:07:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 20 Jul 2023 06:07:45 +0000 Subject: [gnutls-devel] GnuTLS | AEAD output difference on Mac (#1494) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1478809888 OK, I tried that by myself and could reproduce the original issue even on x86_64: ```console $ gcc main.c `pkg-config --cflags --libs gnutls` $ ./a.out a5 34 86 3b 44 92 1f 3f 5f a5 fc 32 8f 67 41 45 b2 66 89 6d 1c 28 85 c0 d9 34 f8 ab 4c 9d 85 54 74 13 OK $ GNUTLS_CPUID_OVERRIDE=0x1 ./a.out 49 e3 82 8a 81 59 cb 8f d9 6 ad 6a 95 8d 1d fd 98 fc 31 4f 5d d4 c5 76 a6 81 d5 ca cb 7f 8a 75 80 61 ``` So the issue is in our plumbing around Nettle. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1478809888 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 20 09:01:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 20 Jul 2023 07:01:47 +0000 Subject: [gnutls-devel] GnuTLS | Check nonce length more strictly in aead_{encrypt, decrypt} (!1756) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1756 Project:Branches: dueno/gnutls:wip/dueno/aead-nonce-length to gnutls/gnutls:master Author: Daiki Ueno Fixes: #1494 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1756 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 20 09:04:31 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 20 Jul 2023 07:04:31 +0000 Subject: [gnutls-devel] GnuTLS | AEAD output difference on Mac (#1494) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1478904086 As already pointed out by @vivien\_, this is rather a usage error (i.e., supplying a nonce with incorrect length). GnuTLS is supposed to report the error and stop processing, though it was swallowed because of missing error propagation. I'm fixing it in !1756. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1494#note_1478904086 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 20 16:46:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 20 Jul 2023 14:46:05 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add binding for gnutls_record_get_direction (!16) References: Message-ID: Christopher Baines created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/16 Project:Branches: cbaines/guile:add-record-get-direction to gnutls/guile:master Author: Christopher Baines As this is needed when performing the handshake on a non blocking socket. Fixes issue #14 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/16 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 20 17:54:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 20 Jul 2023 15:54:47 +0000 Subject: [gnutls-devel] GnuTLS | p11tool --list-all "" does not find any items on Thales ProtectServer HSMs. (#1491) In-Reply-To: References: Message-ID: Reassigned Issue 1491 https://gitlab.com/gnutls/gnutls/-/issues/1491 Assignee changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1491 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 22 00:57:41 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 21 Jul 2023 22:57:41 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Support for non-blocking use (#14) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/issues/14#note_1482701572 Thank you. I agree it isn't clear where this should be fixed, and at what layer the guile bindings attempt to map gnutls, but I reckon binding this API at least makes it possible to fix things. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/14#note_1482701572 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 22 00:59:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 21 Jul 2023 22:59:36 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add binding for gnutls_record_get_direction (!16) In-Reply-To: References: Message-ID: Merge request !16 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/16 Project:Branches: cbaines/guile:add-record-get-direction to gnutls/guile:master Author: Christopher Baines -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/16 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 22 00:59:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 21 Jul 2023 22:59:44 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add binding for gnutls_record_get_direction (!16) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/guile/-/merge_requests/16#note_1482704295 Thank you -- next time please check pipeline and fix issues, here a 'make indent' would have indented your code so it would pass syntax-check's. I'll fix this after merging this. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/16#note_1482704295 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 22 00:59:37 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 21 Jul 2023 22:59:37 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Support for non-blocking use (#14) In-Reply-To: References: Message-ID: Issue was closed by Simon Josefsson via merge request !16 (https://gitlab.com/gnutls/guile/-/merge_requests/16) Issue #14: https://gitlab.com/gnutls/guile/-/issues/14 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/14 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 22 09:45:00 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 22 Jul 2023 07:45:00 +0000 Subject: [gnutls-devel] Guile-GnuTLS | New release: Guile-GnuTLS 3.7.14 - v3.7.14 Message-ID: A new Release v3.7.14 for Guile-GnuTLS was published. Visit the Releases page to read more about it: https://gitlab.com/gnutls/guile/-/releases Assets: - Download zip: https://gitlab.com/gnutls/guile/-/archive/v3.7.14/guile-v3.7.14.zip - Download tar.gz: https://gitlab.com/gnutls/guile/-/archive/v3.7.14/guile-v3.7.14.tar.gz - Download tar.bz2: https://gitlab.com/gnutls/guile/-/archive/v3.7.14/guile-v3.7.14.tar.bz2 - Download tar: https://gitlab.com/gnutls/guile/-/archive/v3.7.14/guile-v3.7.14.tar Release notes: https://gitlab.com/gnutls/guile/-/blob/v3.7.14/NEWS [guile-gnutls-3.7.14.tar.gz](/uploads/1fdc941351d54cd7affda1bb912b9ca5/guile-gnutls-3.7.14.tar.gz) [guile-gnutls-3.7.14.tar.gz.sig](/uploads/cd8c95b4908f0d95864b6441155bbec9/guile-gnutls-3.7.14.tar.gz.sig) -- View it on GitLab: https://gitlab.com/gnutls/guile/-/releases You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jul 23 13:00:08 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 23 Jul 2023 11:00:08 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: use Fedora cross toolchain for AArch64, PPC64LE, and s390x build (!1757) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1757 Project:Branches: dueno/gnutls:wip/dueno/ci-cross-fedora38 to gnutls/gnutls:master Author: Daiki Ueno As we had to remove our Debian-based cross CI images for licensing reasons, this is an attempt to use the cross toolchain provided in Fedora. The main advantage of doing this is that the toolchain version is in sync with the current Fedora builds. On the other hand, a drawback is that we can't support old architectures, such as 32-bit Arm. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1757 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 25 16:14:08 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 25 Jul 2023 14:14:08 +0000 Subject: [gnutls-devel] GnuTLS | Support ECH (#595) In-Reply-To: References: Message-ID: Ajit Singh commented: https://gitlab.com/gnutls/gnutls/-/issues/595#note_1487269614 @eighthave Hi there! I'm trying connect to cloudflare(defo.ie) using ECH but it just sends back the retry_configs with no alert although clientHello consists inner variant. Since I'm not getting any alert, what cab be the possible cause to this? decryption error? ....? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/595#note_1487269614 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 25 16:37:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 25 Jul 2023 14:37:13 +0000 Subject: [gnutls-devel] GnuTLS | Reduce the number of objects received per iteration in pkcs11_find_objects (!1758) In-Reply-To: References: Message-ID: Daiki Ueno was added as a reviewer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 25 16:37:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 25 Jul 2023 14:37:17 +0000 Subject: [gnutls-devel] GnuTLS | Reduce the number of objects received per iteration in pkcs11_find_objects (!1758) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno Reduce the amount of objects requested per iteration inside `pkcs11_find_objects` to 512 so HSMs like Safenet/Gemalto/Thales wont fail when `C_FindObjects` is called. Closes #1491 ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 25 16:37:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 25 Jul 2023 14:37:15 +0000 Subject: [gnutls-devel] GnuTLS | Reduce the number of objects received per iteration in pkcs11_find_objects (!1758) In-Reply-To: References: Message-ID: Reassigned merge request 1758 https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 Assignee changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 25 16:37:16 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 25 Jul 2023 14:37:16 +0000 Subject: [gnutls-devel] GnuTLS | Support ECH (#595) In-Reply-To: References: Message-ID: Hans-Christoph Steiner commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/595#note_1487326877 Getting retry configs means the client encrypted to a key that the server does not have. It might have had it in the past, and forgotten it. Are you using a fresh DNS resolve each time you make an ECH connection? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/595#note_1487326877 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 25 16:38:07 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 25 Jul 2023 14:38:07 +0000 Subject: [gnutls-devel] GnuTLS | Support ECH (#595) In-Reply-To: References: Message-ID: Hans-Christoph Steiner commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/595#note_1487329716 I guess "decryption error" would be more accurate, retry configs generally are the sign that the server could not decrypt the ECH message from the client. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/595#note_1487329716 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jul 25 17:09:46 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 25 Jul 2023 15:09:46 +0000 Subject: [gnutls-devel] GnuTLS | Support ECH (#595) In-Reply-To: References: Message-ID: Ajit Singh commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/595#note_1487405356 okay, Thanks!!
yeah I'm using fresh DNS resolve. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/595#note_1487405356 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 26 08:36:40 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 26 Jul 2023 06:36:40 +0000 Subject: [gnutls-devel] GnuTLS | Reduce the number of objects received per iteration in pkcs11_find_objects (!1758) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1488237700 This looks like the simplest fix, but I wonder if we could use the p11_kit_iter interface instead, which would make the logic a little simpler? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1488237700 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 26 09:39:34 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 26 Jul 2023 07:39:34 +0000 Subject: [gnutls-devel] GnuTLS | Reduce the number of objects received per iteration in pkcs11_find_objects (!1758) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1488333697 I should work when I construct the URI with `p11_kit_uri_format` and use it to filter the objects. I can try that. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758#note_1488333697 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jul 26 10:00:58 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 26 Jul 2023 08:00:58 +0000 Subject: [gnutls-devel] GnuTLS | updated thanks file (23fd87e6) In-Reply-To: References: Message-ID: Oumil Eren commented: https://gitlab.com/gnutls/gnutls/-/commit/23fd87e612d876759315611c536f8df4f91f1ef9#note_1488373069 [Why_are_Foreign_Remittances_Important.pdf](/uploads/e8fc3a28ec46c1c65ad61bd83f46036b/Why_are_Foreign_Remittances_Important.pdf) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/commit/23fd87e612d876759315611c536f8df4f91f1ef9#note_1488373069 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 27 10:20:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 27 Jul 2023 08:20:45 +0000 Subject: [gnutls-devel] GnuTLS | Reduce the number of objects received per iteration in pkcs11_find_objects (!1758) In-Reply-To: References: Message-ID: All discussions on merge request !1758 were resolved by Zolt?n Fridrich https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1758 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 27 10:39:20 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 27 Jul 2023 08:39:20 +0000 Subject: [gnutls-devel] GnuTLS | Reduce the number of objects received per iteration in pkcs11_find_objects (!1759) In-Reply-To: References: Message-ID: Reassigned merge request 1759 https://gitlab.com/gnutls/gnutls/-/merge_requests/1759 Assignee changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1759 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 27 10:39:22 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 27 Jul 2023 08:39:22 +0000 Subject: [gnutls-devel] GnuTLS | Reduce the number of objects received per iteration in pkcs11_find_objects (!1759) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1759 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Closes #1491 ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1759 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 27 13:45:26 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 27 Jul 2023 11:45:26 +0000 Subject: [gnutls-devel] GnuTLS | Reduce the number of objects received per iteration in pkcs11_find_objects (!1759) In-Reply-To: References: Message-ID: Merge request !1759 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1759 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1759 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 27 13:59:34 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 27 Jul 2023 11:59:34 +0000 Subject: [gnutls-devel] GnuTLS | p11tool --list-all "" does not find any items on Thales ProtectServer HSMs. (#1491) In-Reply-To: References: Message-ID: Issue was closed by Zolt?n Fridrich via merge request !1759 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1759) Issue #1491: https://gitlab.com/gnutls/gnutls/-/issues/1491 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1491 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jul 27 13:59:34 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 27 Jul 2023 11:59:34 +0000 Subject: [gnutls-devel] GnuTLS | Reduce the number of objects received per iteration in pkcs11_find_objects (!1759) In-Reply-To: References: Message-ID: Merge request !1759 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1759 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1759 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 29 05:34:48 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 29 Jul 2023 03:34:48 +0000 Subject: [gnutls-devel] GnuTLS | fips: fix checking on hash algorithm used in ECDSA [3.7.x] (!1760) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1760 Project:Branches: dueno/gnutls:wip/dueno/ecdsa-hash-check-3_7 to gnutls/gnutls:gnutls_3_7_x Author: Daiki Ueno This backports !1644 to the 3.7.x series. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1760 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 29 12:05:52 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 29 Jul 2023 10:05:52 +0000 Subject: [gnutls-devel] GnuTLS | Support for ECH (encrypted client hello) (!1748) In-Reply-To: References: Message-ID: Daiki Ueno started a new discussion on lib/includes/gnutls/gnutls.h.in: https://gitlab.com/gnutls/gnutls/-/merge_requests/1748#note_1492768979 > gnutls_transport_ktls_enable_flags_t > gnutls_transport_is_ktls_enabled(gnutls_session_t session); > > +/* ECH stuff */ > +int gnutls_load_ech_configs(gnutls_datum_t *data, gnutls_session_t session); Let's follow the naming convention suggested in [CONTRIBUTING.md](https://gitlab.com/gnutls/gnutls/-/blob/master/CONTRIBUTING.md#function-names). That is to name ECH related functions with a common prefix, e.g., `gnutls_ech_*`. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1748#note_1492768979 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jul 29 12:10:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 29 Jul 2023 10:10:15 +0000 Subject: [gnutls-devel] GnuTLS | Support for ECH (encrypted client hello) (!1748) In-Reply-To: References: Message-ID: Daiki Ueno started a new discussion on lib/system/ech.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1748#note_1492769588 > + > +#include > +#include > +#include > +#include > + > +/** > + * gnutls_load_ech_configs: > + * @data: pem encoded serialized ech configs > + * @session: gnutls_session_t structure > + * > + * This function intialize the configs_list and stores deserialized configs list > + * within the session. > +**/ > + > +int gnutls_load_ech_configs(gnutls_datum_t *data, gnutls_session_t session) I would suggest having 4 functions: ```c int gnutls_ech_config_list_init(gnutls_ech_config_list_t *configs); int gnutls_ech_config_list_parse(gnutls_ech_config_list_t configs, const gnutls_datum_t *pem); int gnutls_session_set_ech_config(gnutls_session_t session, const gnutls_ech_config_list_t configs); void gnutls_ech_config_list_deinit(gnutls_ech_config_list_t configs); ``` I guess that way testing those would be a little easier. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1748#note_1492769588 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 08:49:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 06:49:17 +0000 Subject: [gnutls-devel] GnuTLS | Check nonce length more strictly in aead_{encrypt, decrypt} (!1756) In-Reply-To: References: Message-ID: Merge request !1756 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1756 Project:Branches: dueno/gnutls:wip/dueno/aead-nonce-length to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1756 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 08:49:16 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 06:49:16 +0000 Subject: [gnutls-devel] GnuTLS | Check nonce length more strictly in aead_{encrypt, decrypt} (!1756) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1756#note_1493243018 LGTM! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1756#note_1493243018 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 08:51:18 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 06:51:18 +0000 Subject: [gnutls-devel] GnuTLS | Check nonce length more strictly in aead_{encrypt, decrypt} (!1756) In-Reply-To: References: Message-ID: Merge request !1756 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1756 Project:Branches: dueno/gnutls:wip/dueno/aead-nonce-length to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1756 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 08:51:18 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 06:51:18 +0000 Subject: [gnutls-devel] GnuTLS | AEAD output difference on Mac (#1494) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1756 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1756) Issue #1494: https://gitlab.com/gnutls/gnutls/-/issues/1494 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1494 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 09:35:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 07:35:21 +0000 Subject: [gnutls-devel] GnuTLS | fips: fix checking on hash algorithm used in ECDSA [3.7.x] (!1760) In-Reply-To: References: Message-ID: Merge request !1760 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1760 Project:Branches: dueno/gnutls:wip/dueno/ecdsa-hash-check-3_7 to gnutls/gnutls:gnutls_3_7_x Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1760 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 09:35:20 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 07:35:20 +0000 Subject: [gnutls-devel] GnuTLS | fips: fix checking on hash algorithm used in ECDSA [3.7.x] (!1760) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1760#note_1493297408 Looks good. I don't see any problems. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1760#note_1493297408 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 10:16:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 08:16:05 +0000 Subject: [gnutls-devel] GnuTLS | fips: fix checking on hash algorithm used in ECDSA [3.7.x] (!1760) In-Reply-To: References: Message-ID: Merge request !1760 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1760 Project:Branches: dueno/gnutls:wip/dueno/ecdsa-hash-check-3_7 to gnutls/gnutls:gnutls_3_7_x Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1760 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 10:40:43 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 08:40:43 +0000 Subject: [gnutls-devel] GnuTLS | doc: fix C++ example compilation on MinGW (!1761) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1761 Project:Branches: dueno/gnutls:wip/dueno/ex-cxx to gnutls/gnutls:master Author: Daiki Ueno The examples under doc/examples/ are compiled with Gnulib, which overrides write if it's not available, as a macro. This conflicts with the usage of std::iostream::write in ex-cxx.cpp. To avoid the build issue, use a custom namespace to hide it, as suggested in: https://www.gnu.org/software/gnulib/manual/html_node/A-C_002b_002b-namespace-for-gnulib.html Fixes: #1480 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1761 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 10:42:48 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 08:42:48 +0000 Subject: [gnutls-devel] GnuTLS | doc: fix C++ example compilation on MinGW (!1761) In-Reply-To: References: Message-ID: Merge request !1761 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1761 Project:Branches: dueno/gnutls:wip/dueno/ex-cxx to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1761 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 10:42:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 08:42:44 +0000 Subject: [gnutls-devel] GnuTLS | doc: fix C++ example compilation on MinGW (!1761) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1761#note_1493385010 Looks good. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1761#note_1493385010 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 11:45:38 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 09:45:38 +0000 Subject: [gnutls-devel] GnuTLS | doc: fix C++ example compilation on MinGW (!1761) In-Reply-To: References: Message-ID: Merge request !1761 was set to auto-merge by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1761 Project:Branches: dueno/gnutls:wip/dueno/ex-cxx to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1761 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 17:03:50 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 15:03:50 +0000 Subject: [gnutls-devel] GnuTLS | doc: fix C++ example compilation on MinGW (!1761) In-Reply-To: References: Message-ID: Merge request !1761 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1761 Project:Branches: dueno/gnutls:wip/dueno/ex-cxx to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1761 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jul 31 17:03:50 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 31 Jul 2023 15:03:50 +0000 Subject: [gnutls-devel] GnuTLS | C++ doc example does not compile if gnulib overrides the "write" function on mingw (#1480) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1761 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1761) Issue #1480: https://gitlab.com/gnutls/gnutls/-/issues/1480 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1480 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: