From gnutls-devel at lists.gnutls.org Mon Oct 2 14:51:24 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 02 Oct 2023 12:51:24 +0000 Subject: [gnutls-devel] GnuTLS | Draft: DTLS1_3-client (!1667) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1667#note_1586179827 I would like to see some tests but the changes so far look good to me. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1667#note_1586179827 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Oct 2 14:51:23 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 02 Oct 2023 12:51:23 +0000 Subject: [gnutls-devel] GnuTLS | Draft: DTLS1_3-client (!1667) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1667 was reviewed by Daiki Ueno -- Daiki Ueno started a new discussion on lib/algorithms/protocols.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1667#note_1586179800 > .explicit_iv = 0, > - .extensions = 1, > + .extensions = 0, This is for TLS 1.3; wouldn't that cause any issue? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1667 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Oct 2 19:27:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 02 Oct 2023 17:27:28 +0000 Subject: [gnutls-devel] build-images | docker-mingw-fedora38: split into more steps (!33) References: Message-ID: Alexander Sosedkin created a merge request: https://gitlab.com/gnutls/build-images/-/merge_requests/33 Project:Branches: asosedkin/build-images:step-by-step-mingw to gnutls/build-images:master Author: Alexander Sosedkin Installing everything in one step triggers some out-of-space error, both in GitLab CI and locally. This MR splits software installation into two layers. `--setopt=install_weak_deps=False` could be another measure to consider to make the layers slimmer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/build-images/-/merge_requests/33 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 3 12:15:23 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 03 Oct 2023 10:15:23 +0000 Subject: [gnutls-devel] build-images | docker-mingw-fedora38: split into more steps (!33) In-Reply-To: References: Message-ID: Alexander Sosedkin commented: https://gitlab.com/gnutls/build-images/-/merge_requests/33#note_1587755029 hm, 07d5d48 built fine on my machine. splitting further... -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/build-images/-/merge_requests/33#note_1587755029 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 3 14:52:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 03 Oct 2023 12:52:19 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Franti?ek Kren?elok commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588006710 I have tested the implementation and it works well. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588006710 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 03:23:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 01:23:33 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Merge request !1768 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 Project:Branches: zyongye/gnutls:ktls-freebsd to gnutls/gnutls:master Author: Yongye Zhu Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 03:24:34 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 01:24:34 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588851059 Thank you @zyongye for the patch and @FrantisekKrenzelok for the review. Let's include this in the next release! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588851059 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 03:24:48 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 01:24:48 +0000 Subject: [gnutls-devel] GnuTLS | Support KTLS in FreeBSD (#1417) In-Reply-To: References: Message-ID: Milestone changed to Release of GnuTLS 3.8.2 (Aug 5, 2023?Oct 15, 2023) ( https://gitlab.com/gnutls/gnutls/-/milestones/40 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1417 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 03:26:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 01:26:47 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588851823 @zyongye could you rebase this against the latest git master? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588851823 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 04:23:00 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 02:23:00 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Yongye Zhu commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588873093 Hey Daiki. Sorry for the late reply. When I rebase the code and do regression testing. It generate this error `cipher.c:68:10: fatal error: 'backport/siv-gcm.h' file not found` I have the neetle library up to date but not sure how to fix it. I would appreciate your help. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588873093 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 05:48:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 03:48:17 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588908666 The file is imported from a newer nettle release, so I guess you would need to rerun the `bootstrap` script, after updating the submodule: ```console $ git submodule update $ ./bootstrap $ ./configure ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588908666 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 06:46:09 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 04:46:09 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Yongye Zhu commented on a discussion on lib/system/ktls.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588937903 > > #include "config.h" > #include "system/ktls.h" > - > #ifdef ENABLE_KTLS > > +#if defined(__FreeBSD__) Added another commit on that. (Sorry for the late reply).. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588937903 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 06:46:43 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 04:46:43 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Yongye Zhu commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588938221 Cool. Resolved and pushed the rebased branch. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1588938221 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 11:20:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 09:20:21 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: All discussions on merge request !1768 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 11:26:16 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 09:26:16 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Merge request !1768 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 Project:Branches: zyongye/gnutls:ktls-freebsd to gnutls/gnutls:master Author: Yongye Zhu -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 12:36:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 10:36:33 +0000 Subject: [gnutls-devel] GnuTLS | Adding KTLS feature for free-bsd, support AES128, AES 256, CHACHA20-POLY 1305 (!1768) In-Reply-To: References: Message-ID: Franti?ek Kren?elok commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1589392281 @zyongye Well done! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1768#note_1589392281 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 22:47:14 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 20:47:14 +0000 Subject: [gnutls-devel] GnuTLS | Support KTLS in FreeBSD (#1417) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno Issue #1417: https://gitlab.com/gnutls/gnutls/-/issues/1417 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1417 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 4 22:47:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Oct 2023 20:47:13 +0000 Subject: [gnutls-devel] GnuTLS | Support KTLS in FreeBSD (#1417) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1417#note_1590342948 Fixed in !1768. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1417#note_1590342948 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 5 15:14:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 05 Oct 2023 13:14:15 +0000 Subject: [gnutls-devel] GnuTLS | pkcs11: support Ed448 keys (!1779) In-Reply-To: References: Message-ID: Marek Havrila commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1779#note_1591435049 @dueno I went through changes, there seems to be correct logic and I didn't find anything blocking this PR. However, I'm not in list of reviewers so I'm afraid I can not add review + here right now. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1779#note_1591435049 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 6 00:13:38 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 05 Oct 2023 22:13:38 +0000 Subject: [gnutls-devel] GnuTLS | pkcs11: support Ed448 keys (!1779) In-Reply-To: References: Message-ID: Merge request !1779 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1779 Project:Branches: dueno/gnutls:wip/dueno/pkcs11-ed448 to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1779 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 6 00:13:25 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 05 Oct 2023 22:13:25 +0000 Subject: [gnutls-devel] GnuTLS | pkcs11: support Ed448 keys (!1779) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1779#note_1592156537 @mhavrila thank you for the review! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1779#note_1592156537 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 6 00:13:38 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 05 Oct 2023 22:13:38 +0000 Subject: [gnutls-devel] GnuTLS | Support use of Ed448 in PKCS#11 interface (#1502) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1779 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1779) Issue #1502: https://gitlab.com/gnutls/gnutls/-/issues/1502 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1502 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Oct 7 10:36:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 07 Oct 2023 08:36:44 +0000 Subject: [gnutls-devel] GnuTLS | devel: add script to fix header inclusion (!1780) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1780 Project:Branches: dueno/gnutls:wip/dueno/check-headers to gnutls/gnutls:master Author: Daiki Ueno This adds check-headers.sh script which scans .c files and checks that local header files under lib/ are consistently included with `#include "foo.h"` instead of `#include `. Fixes: #459 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1780 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 10 06:50:14 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Oct 2023 04:50:14 +0000 Subject: [gnutls-devel] GnuTLS | Expose HPKE through abstract key API (#1506) References: Message-ID: Daiki Ueno created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1506 !1749 tries to port Nettle's work in progress HPKE implementation for ECH. As HPKE is general purpose mechanism and useful outside of ECH, it would make sense to expose it from the GnuTLS API, possibly in the absract key API. The following is the design drafted by @npocs some time ago, with a slight modification: ### New API functions ```c /* gnutls_privkey_encap: * @priv: an initialized (and generated) private key * @peer: the public key of the peer side * @mode: the hpke mode to be used, can be: base, auth, psk, auth_psk * @handle: the handle for cipher functions * @key: (out): the calculated shared key * * Performs HPKE encapsulation. Note that gnutls_aead_cipher_init() must be called before this operation. * * Returns: 0 on success, negative error code otherwise */ int gnutls_privkey_encap (gnutls_privkey_t priv, gnutls_pubkey_t peer, gnutls_hpke_mode_t mode, gnutls_aead_cipher_hd_t *handle, gnutls_datum_t *key); /* gnutls_privkey_decap: * @priv: an initialized (and generated) private key * @peer: the public key of the peer side * @mode: the hpke mode to be used, can be: base, auth, psk, auth_psk * @handle: the handle for cipher functions * @key: (out): the calculated shared key * * Performs HPKE decapsulation. Note that gnutls_aead_cipher_init() must be called before this operation. * * Returns: 0 on success, negative error code otherwise */ int gnutls_privkey_decap (gnutls_privkey_t priv, gnutls_pubkey_t peer, gnutls_hpke_mode_t mode, gnutls_cipher_hd_t *handle, gnutls_datum_t *key); ``` For seal/open `gnutls_aead_cipher_encrypt/decrypt` can be freely used instead of creating these new ones. Notes: - The KEM context does not need to be saved to a structure, as the user can use it directly with the functions. - The HPKE mode only affects the public key part of the scheme. ### Example usage Sender: ```c gnutls_aead_cipher_hd_t handle = NULL; gnutls_datum_t key; gnutls_hpke_mode mode = GNUTLS_HPKE_MODE_BASE; gnutls_privkey_t priv = NULL; int ret; ret = gnutls_privkey_init(&priv); ret = gnutls_privkey_generate2(priv, GNUTLS_PK_ECDH_X25519, ...); /* this creates the shared key and stores it in `key` */ ret = gnutls_privkey_encap(priv, peer, mode, handle, &key); ret = gnutls_aead_cipher_init(&handle, GNUTLS_CIPHER_AES_128_GCM, &key); ret = gnutls_aead_cipher_encrypt(handle, ?); /* doing other stuff */ /* cleanup */ ... ``` Receiver: ```c gnutls_aead_cipher_hd_t handle = NULL; gnutls_datum_t key; gnutls_hpke_mode mode = GNUTLS_HPKE_MODE_BASE; gnutls_privkey_t priv = NULL; int ret; ret = gnutls_privkey_init(&priv); ret = gnutls_privkey_import_x509(priv, ...); /* this creates the shared key and stores it in `key` */ ret = gnutls_privkey_decap(priv, peer, mode, handle, &key); ret = gnutls_aead_cipher_init(&handle, GNUTLS_CIPHER_AES_128_GCM, &key); ret = gnutls_aead_cipher_decrypt(handle, ?); /* doing other stuff */ /* cleanup */ ... ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1506 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 10 20:47:52 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Oct 2023 18:47:52 +0000 Subject: [gnutls-devel] GnuTLS | devel: add script to fix header inclusion (!1780) In-Reply-To: References: Message-ID: Merge request !1780 was approved by Sahana Prasad Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1780 Project:Branches: dueno/gnutls:wip/dueno/check-headers to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1780 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 10 20:48:12 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Oct 2023 18:48:12 +0000 Subject: [gnutls-devel] GnuTLS | devel: add script to fix header inclusion (!1780) In-Reply-To: References: Message-ID: Sahana Prasad was added as a reviewer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1780 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 10 20:48:23 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Oct 2023 18:48:23 +0000 Subject: [gnutls-devel] GnuTLS | devel: add script to fix header inclusion (!1780) In-Reply-To: References: Message-ID: Sahana Prasad commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1780#note_1597655150 LGTM! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1780#note_1597655150 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 11 00:34:54 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Oct 2023 22:34:54 +0000 Subject: [gnutls-devel] GnuTLS | devel: add script to fix header inclusion (!1780) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1780#note_1597882486 Thank you for the review! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1780#note_1597882486 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 11 00:35:03 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Oct 2023 22:35:03 +0000 Subject: [gnutls-devel] GnuTLS | devel: add script to fix header inclusion (!1780) In-Reply-To: References: Message-ID: Merge request !1780 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1780 Project:Branches: dueno/gnutls:wip/dueno/check-headers to gnutls/gnutls:master Author: Daiki Ueno Reviewer: Sahana Prasad -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1780 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 11 00:35:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Oct 2023 22:35:04 +0000 Subject: [gnutls-devel] GnuTLS | Clean up #include statements (#459) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1780 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1780) Issue #459: https://gitlab.com/gnutls/gnutls/-/issues/459 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/459 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 11 11:36:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 11 Oct 2023 09:36:39 +0000 Subject: [gnutls-devel] GnuTLS | p11tool does not distinguish key objects with the same label (#1467) In-Reply-To: References: Message-ID: Edheldil commented: https://gitlab.com/gnutls/gnutls/-/issues/1467#note_1598437833 To refine the problem statement a bit: The problem manifests if there are multiple objects in a token that have the same label and ID. p11tool could distinguish between the objects using their handle if it did all querying in a single session. It even first does so with a generic search template using only label and/or id a MaxObjectCount 8192 , but then closes that "common" session and does a new session and a new search (C_FindObjectsInit) for each previously found object, this time with label and/or id and object class and type search template and MaxObjectCount=1. And these searches then return some random object from the matching set depending on vagaries of the specific token and pkcs11 library. :sigh: This is also probably related to p11tool's inability to change object's label or id if there's more than one with the same label and id. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1467#note_1598437833 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 11 19:43:56 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 11 Oct 2023 17:43:56 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli starttls connection to XMPP fails with 'error receiving Message-ID: Paul Menzel created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1507 ## Description of problem: Using Debian sid/unstable with *gnutls-bin* 3.8.1-4+b1, it fails to connect to an ejabberd server: $ gnutls-cli --starttls-proto=xmpp xmpp.molgen.mpg.de:5222 Processed 140 CA certificate(s). Resolving 'xmpp.molgen.mpg.de:5222'... Connecting to '141.14.18.22:5222'... error receiving ' starttls: waiting for: " starttls: sending: starttls: waiting for: " error receiving ') Accepted connection [::ffff:172.17.0.1]:56920 -> [::ffff:172.17.0.4]:5222 2023-10-11 17:30:58.619661+00:00 [notice] (tcp|<0.3464.0>) Received XML on stream = <<"\n">> 2023-10-11 17:30:58.619974+00:00 [notice] (tcp|<0.3464.0>) Send XML on stream = <<"">> 2023-10-11 17:30:58.620301+00:00 [debug] Running hook c2s_filter_send: mod_client_state:filter_chat_states/1 2023-10-11 17:30:58.620526+00:00 [debug] Running hook c2s_filter_send: mod_client_state:filter_pep/1 2023-10-11 17:30:58.620714+00:00 [debug] Running hook c2s_filter_send: mod_client_state:filter_presence/1 2023-10-11 17:30:58.620852+00:00 [debug] Running hook c2s_filter_send: mod_client_state:filter_other/1 2023-10-11 17:30:58.621029+00:00 [notice] (tcp|<0.3464.0>) Send XML on stream = <<"">> 2023-10-11 17:30:58.621205+00:00 [debug] Running hook c2s_handle_send: mod_push:c2s_stanza/3 2023-10-11 17:30:58.621413+00:00 [debug] Running hook c2s_handle_send: mod_push_keepalive:c2s_stanza/3 2023-10-11 17:30:58.621738+00:00 [debug] Running hook c2s_handle_send: mod_stream_mgmt:c2s_handle_send/3 2023-10-11 17:30:58.621935+00:00 [debug] Running hook c2s_closed: mod_stream_mgmt:c2s_closed/2 2023-10-11 17:30:58.622124+00:00 [debug] Running hook c2s_closed: ejabberd_c2s:process_closed/2 2023-10-11 17:30:58.622288+00:00 [debug] Running hook c2s_terminated: mod_stream_mgmt:c2s_terminated/2 2023-10-11 17:30:58.622450+00:00 [debug] Running hook c2s_terminated: mod_pubsub:on_user_offline/2 2023-10-11 17:30:58.622603+00:00 [debug] Running hook c2s_terminated: ejabberd_c2s:process_terminated/2 2023-10-11 17:30:58.622766+00:00 [notice] (tcp|<0.3464.0>) Send XML on stream = <<"">> ``` *openssl* 3.0.11-1 works: ``` $ openssl s_client -connect xmpp.molgen.mpg.de:5222 From gnutls-devel at lists.gnutls.org Wed Oct 11 19:44:27 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 11 Oct 2023 17:44:27 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli starttls connection to XMPP fails with 'error receiving References: Message-ID: Paul Menzel commented: https://gitlab.com/gnutls/gnutls/-/issues/1507#note_1599258320 The error is very similar to issue https://gitlab.com/gnutls/gnutls/-/issues/697. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1507#note_1599258320 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 11 19:45:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 11 Oct 2023 17:45:33 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli starttls connection to XMPP fails with 'error receiving References: Message-ID: Paul Menzel commented: https://gitlab.com/gnutls/gnutls/-/issues/1507#note_1599259329 Same problem with GnuTLS 3.7.10. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1507#note_1599259329 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 12 01:21:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 11 Oct 2023 23:21:21 +0000 Subject: [gnutls-devel] GnuTLS | Refine the meaning of %COMPAT to the latest standard (#1508) References: Message-ID: Daiki Ueno created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1508 The `%COMPAT` priority string not only tolerates the legacy behavior of the peer, but also prevents using security features such as extended master secret or EtM in TLS 1.2. We should review the exact meaning of `%COMPAT`, adjust it as necessary, and update the documentation. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1508 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 12 10:24:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 12 Oct 2023 08:24:04 +0000 Subject: [gnutls-devel] GnuTLS | p11tool does not distinguish key objects with the same label (#1467) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1467#note_1599921891 With the new list-objects [subcommand](https://github.com/p11-glue/p11-kit/pull/533) of p11-kit, which uses the P11KitIter interface, the output is as follows: ```console $ p11-kit list-objects pkcs11:model=SoftHSM%20v2 Object: #0 uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b0a8274329e800a;token=Token1;id=;object=OpenDNSSEC1;type=public class: public-key key-type: ec label: OpenDNSSEC1 id: flags: local token modifiable copyable destroyable Object: #1 uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b0a8274329e800a;token=Token1;id=;object=;type=public class: public-key key-type: rsa label: id: flags: local token modifiable copyable destroyable Object: #2 uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b0a8274329e800a;token=Token1;id=;object=;type=public class: public-key key-type: ec label: id: flags: local token modifiable copyable destroyable Object: #3 uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=4b0a8274329e800a;token=Token1;id=;object=;type=public class: public-key key-type: ec label: id: flags: local token modifiable copyable destroyable ``` I guess p11tool could also do similar. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1467#note_1599921891 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 13 04:14:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Oct 2023 02:14:45 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli starttls connection to XMPP fails with 'error receiving References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1507#note_1601285352 This is caused by a hostname mismatch, according to wireshark: ```console XMPP Protocol eXtensible Markup Language [Expert Info (Note/Undecoded): Unknown packet: error] [Unknown packet: error] [Severity level: Note] [Group: Undecoded] ``` If I specify the correct hostname as with `-xmpphost` of openssl s_client, that works fine: ```diff diff --git a/src/socket.c b/src/socket.c index b3ed84c5a3..85a27fc6df 100644 --- a/src/socket.c +++ b/src/socket.c @@ -240,7 +240,7 @@ static void socket_starttls(socket_st *socket) snprintf( buf, sizeof(buf), "\n", - socket->hostname); + "molgen.mpg.de"); send_line(socket, buf); wait_for_text(socket, " From gnutls-devel at lists.gnutls.org Fri Oct 13 04:15:20 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Oct 2023 02:15:20 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli starttls connection to XMPP fails with 'error receiving References: Message-ID: Milestone changed to Release of GnuTLS 3.8.2 (Aug 5, 2023?Oct 15, 2023) ( https://gitlab.com/gnutls/gnutls/-/milestones/40 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1507 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 13 06:42:20 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Oct 2023 04:42:20 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli starttls connection to XMPP fails with 'error receiving References: Message-ID: Paul Menzel commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1507#note_1601365718 Thank you for looking into this. Yes, it would be great, if that option was added. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1507#note_1601365718 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 13 10:52:16 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Oct 2023 08:52:16 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli starttls connection to XMPP fails with 'error receiving References: Message-ID: Reassigned Issue 1507 https://gitlab.com/gnutls/gnutls/-/issues/1507 Assignee changed to Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1507 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 13 10:51:57 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Oct 2023 08:51:57 +0000 Subject: [gnutls-devel] GnuTLS | cli: add --starttls-name option (!1781) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1781 Project:Branches: dueno/gnutls:wip/dueno/starttls-name to gnutls/gnutls:master Author: Daiki Ueno Some deployment of application protocols, such as XMPP, require a different hostname than the host being connected. This adds a new option, `--starttls-name`, to gnutls-cli to specify it separately. Fixes: #1507 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1781 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 13 12:58:49 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Oct 2023 10:58:49 +0000 Subject: [gnutls-devel] GnuTLS | make check suite FAIL: several test fails when /bin/sh is not symlinked to bash (#1509) References: Message-ID: Adrian Wijaya created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1509 ## Description of problem: Whenever I try to run `make check` or `make check suite`, there are several test case on suite that fails. ## Version of gnutls used: 3.8.x ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) Arch Linux ## How reproducible: Steps to Reproduce: * Set the default shell into another shell that is not bash. In this case I use `sudo ln -sfT dash /usr/bin/sh` * run `make check` (of course we have to build the program beforehand) ## Actual results: ``` PASS: chain.sh SKIP: testrng.sh SKIP: testcompat-polarssl-serv.sh SKIP: testcompat-polarssl-serv-compat.sh SKIP: testcompat-polarssl-serv-no-etm.sh SKIP: testcompat-openssl-cli.sh SKIP: testcompat-openssl-cli-compat.sh SKIP: testcompat-openssl-cli-no-etm.sh SKIP: testcompat-openssl-serv.sh SKIP: testcompat-openssl-serv-compat.sh SKIP: testcompat-openssl-serv-no-etm.sh SKIP: testcompat-openssl-serv-no-tickets.sh SKIP: testcompat-openssl-serv-no-safe-renegotiation.sh SKIP: testcompat-openssl-serv-safe-renegotiation.sh PASS: testrandom.sh PASS: test-ciphersuite-names.sh FAIL: tls-fuzzer/tls-fuzzer-nocert.sh FAIL: tls-fuzzer/tls-fuzzer-cert.sh FAIL: tls-fuzzer/tls-fuzzer-alpn.sh FAIL: tls-fuzzer/tls-fuzzer-nocert-tls13.sh FAIL: tls-fuzzer/tls-fuzzer-psk.sh FAIL: tls-fuzzer/tls-fuzzer-nolimit.sh FAIL: tls-fuzzer/tls-fuzzer-nolimit-tls13.sh PASS: multi-ticket-reception.sh FAIL: testcompat-openssl-tls13-cli.sh FAIL: testcompat-openssl-tls13-serv.sh PASS: testdane.sh PASS: eagain.sh PASS: prime-check ============================================================================ Testsuite summary for GnuTLS 3.8.1 ============================================================================ # TOTAL: 29 # PASS: 7 # SKIP: 13 # XFAIL: 0 # FAIL: 9 # XPASS: 0 # ERROR: 0 ``` On `tests/suite/tls-fuzzer/tls-fuzzer-cert.log`: ``` reserved port 41039 ./tls-fuzzer/tls-fuzzer-cert.sh: 39: ./tls-fuzzer/tls-fuzzer-common.sh: pushd: not found sed: can't read ../gnutls-cert.json: No such file or directory /usr/bin/python: can't open file '/home/adrian/Public/gnutls/tests/suite/tests/scripts_retention.py': [Errno 2] No such file or directory ./tls-fuzzer/tls-fuzzer-cert.sh: 56: ./tls-fuzzer/tls-fuzzer-common.sh: popd: not found unreserved port 41039 FAIL tls-fuzzer/tls-fuzzer-cert.sh (exit status: 2) ``` On `tests/suite/testcompat-openssl-tls13-serv.log`: ``` ./testcompat-openssl-tls13-serv.sh: 65: Syntax error: redirection unexpected FAIL testcompat-openssl-tls13-serv.sh (exit status: 2) ``` If we see the log, we can see that the tests can't recognize some of the bash syntax even though the test script begin with `#!/bin/bash` ## Expected results: The test pass without any problems (assume bash is installed) ## Misc: I suspect this issue can be reproduced on fedora or debian if we change the default shell. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1509 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Oct 14 06:04:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 14 Oct 2023 04:04:44 +0000 Subject: [gnutls-devel] GnuTLS | make check suite FAIL: several test fails when /bin/sh is not symlinked to bash (#1509) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1509#note_1603191467 While we ensure that the tests bundled in distribution tarball should be portable, we don't care much about portability in tests under `tests/suite`, as they are not distributed. I wouldn't oppose to rewriting them without bashism, though otherwise I would simply suggest disabling those tests with `--disable-full-test-suite` or explicitly set SHELL to bash. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1509#note_1603191467 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Oct 14 14:15:49 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 14 Oct 2023 12:15:49 +0000 Subject: [gnutls-devel] GnuTLS | support async operation e.g. io_uring (#1510) References: Message-ID: Yick created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1510 By io_uring, a batch of recv/send could be submitted in a single syscall; frankly it looks like sendmmsg/recvmmsg, though it is more powerful, because it can combine recv/send operations with dozens of sockets in one shot. Besides that, in order to support UDP GSO feature, multiple data shall be concatenated in a continued buffer. At present, it is possible to fetch data then feed to gnutls_record_recv(), but still hard to deal with send(). Hence could it be possible for gnutls to expose some buffer management API? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1510 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Oct 15 23:29:10 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 15 Oct 2023 21:29:10 +0000 Subject: [gnutls-devel] GnuTLS | support async operation e.g. io_uring (#1510) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1510#note_1604478793 That is an interesting suggestion; thanks. The current offloading solutions (i.e., KTLS and QUIC) do buffering by themselves, either in the kernel (after `gnutls_record_get_state`) or through ngtcp2, though I agree that there should be some support from the library for TLS. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1510#note_1604478793 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Oct 16 11:44:16 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 16 Oct 2023 09:44:16 +0000 Subject: [gnutls-devel] GnuTLS | Support reading and writing private keys in PKCS#8 v2 format (#1474) In-Reply-To: References: Message-ID: Adrian Wijaya commented: https://gitlab.com/gnutls/gnutls/-/issues/1474#note_1604993109 Hi @dueno , is this issue still open? I would like to work on this one. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1474#note_1604993109 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Oct 16 13:29:49 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 16 Oct 2023 11:29:49 +0000 Subject: [gnutls-devel] GnuTLS | Support reading and writing private keys in PKCS#8 v2 format (#1474) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1474#note_1605175194 That's great; afaik this is still open and would benefit post-quantum keys support (cc @d-Dudas). -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1474#note_1605175194 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 03:55:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 01:55:13 +0000 Subject: [gnutls-devel] GnuTLS | Fix DTLS handshake when first fragment is 1 byte (!1753) In-Reply-To: References: Message-ID: Merge request !1753 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1753 Project:Branches: singpolyma/gnutls:fix-dtls-handshake-1-byte-first-fragment to gnutls/gnutls:master Author: Stephen Paul Weber Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1753 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 03:55:57 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 01:55:57 +0000 Subject: [gnutls-devel] GnuTLS | Fix DTLS handshake when first fragment is 1 byte (!1753) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1753#note_1607965841 Thank you for the patch and sorry for the long delay; this looks good to me. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1753#note_1607965841 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 03:56:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 01:56:06 +0000 Subject: [gnutls-devel] GnuTLS | Fix DTLS handshake when first fragment is 1 byte (!1753) In-Reply-To: References: Message-ID: Merge request !1753 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1753 Project:Branches: singpolyma/gnutls:fix-dtls-handshake-1-byte-first-fragment to gnutls/gnutls:master Author: Stephen Paul Weber -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1753 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 04:23:14 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 02:23:14 +0000 Subject: [gnutls-devel] GnuTLS | srptool: rework entry parsing without indexing (!1782) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782 Project:Branches: dueno/gnutls:wip/dueno/srptool-fixes to gnutls/gnutls:master Author: Daiki Ueno This simplifies the loop matching and parsing an SRP entry, considering the buffer read with fgets is always NUL-terminated. Supersedes: !1771 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 04:23:37 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 02:23:37 +0000 Subject: [gnutls-devel] GnuTLS | index should check before use (!1771) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion on src/srptool.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1771#note_1607983566 > while (fgets(line, sizeof(line), fp) != NULL) { > /* move to first ':' */ > i = 0; > - while ((line[i] != ':') && (line[i] != '\0') && > - (i < sizeof(line))) { > + while ((i < sizeof(line)) && (line[i] != ':') && (line[i] != '\0')) { > i++; > } Done this in !1782. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1771#note_1607983566 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 04:23:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 02:23:36 +0000 Subject: [gnutls-devel] GnuTLS | index should check before use (!1771) In-Reply-To: References: Message-ID: All discussions on merge request !1771 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1771 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1771 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 04:23:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 02:23:53 +0000 Subject: [gnutls-devel] GnuTLS | index should check before use (!1771) In-Reply-To: References: Message-ID: Merge request !1771 was closed by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1771 Project:Branches: xuraoqing/gnutls:master to gnutls/gnutls:master Author: xuraoqing Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1771 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 06:56:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 04:56:53 +0000 Subject: [gnutls-devel] GnuTLS | Fix DTLS handshake when first fragment is 1 byte (!1753) In-Reply-To: References: Message-ID: Milestone changed to Release of GnuTLS 3.8.2 (Aug 5, 2023?Oct 15, 2023) ( https://gitlab.com/gnutls/gnutls/-/milestones/40 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1753 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 07:24:29 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 05:24:29 +0000 Subject: [gnutls-devel] GnuTLS | Draft: pkcs8: support read and write private key in v2 format (!1783) References: Message-ID: Adrian Wijaya created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1783 Project:Branches: adrian.wijaya/gnutls:wip/rfc5958 to gnutls/gnutls:master Author: Adrian Wijaya Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1783 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 10:45:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 08:45:17 +0000 Subject: [gnutls-devel] GnuTLS | cli: add --starttls-name option (!1781) In-Reply-To: References: Message-ID: Clemens Lang commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1781#note_1608362972 Looks good to me! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1781#note_1608362972 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 10:54:26 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 08:54:26 +0000 Subject: [gnutls-devel] GnuTLS | CONTRIBUTING.md: Fix file name in reviewer checklist (!1784) References: Message-ID: Clemens Lang created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784 Project:Branches: cllang/gnutls:cal-doc-typo to gnutls/gnutls:master Author: Clemens Lang Simple fix, but this may also have to be fixed in the merge request template (which doesn't seem to be part of the repository, or I couldn't find it). ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] ~~Code modified for feature~~ * [ ] ~~Test suite updated with functionality tests~~ * [ ] ~~Test suite updated with negative tests~~ * [ ] ~~Documentation updated / NEWS entry present (for non-trivial changes)~~ * [ ] ~~CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)~~ ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 11:30:46 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 09:30:46 +0000 Subject: [gnutls-devel] GnuTLS | CONTRIBUTING.md: Fix file name in reviewer checklist (!1784) In-Reply-To: References: Message-ID: Merge request !1784 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784 Project:Branches: cllang/gnutls:cal-doc-typo to gnutls/gnutls:master Author: Clemens Lang Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 11:31:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 09:31:15 +0000 Subject: [gnutls-devel] GnuTLS | CONTRIBUTING.md: Fix file name in reviewer checklist (!1784) In-Reply-To: References: Message-ID: Merge request !1784 was set to auto-merge by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784 Project:Branches: cllang/gnutls:cal-doc-typo to gnutls/gnutls:master Author: Clemens Lang Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 11:31:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 09:31:04 +0000 Subject: [gnutls-devel] GnuTLS | CONTRIBUTING.md: Fix file name in reviewer checklist (!1784) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784#note_1608461028 Thanks for pointing that out! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784#note_1608461028 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 11:35:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 09:35:13 +0000 Subject: [gnutls-devel] GnuTLS | cli: add --starttls-name option (!1781) In-Reply-To: References: Message-ID: Merge request !1781 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1781 Project:Branches: dueno/gnutls:wip/dueno/starttls-name to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1781 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 11:35:03 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 09:35:03 +0000 Subject: [gnutls-devel] GnuTLS | cli: add --starttls-name option (!1781) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1781#note_1608469377 Thanks for the review! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1781#note_1608469377 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 11:35:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 09:35:15 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli starttls connection to XMPP fails with 'error receiving References: Message-ID: Issue was closed by Daiki Ueno via merge request !1781 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1781) Issue #1507: https://gitlab.com/gnutls/gnutls/-/issues/1507 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1507 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 12:24:58 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 10:24:58 +0000 Subject: [gnutls-devel] GnuTLS | CONTRIBUTING.md: Fix file name in reviewer checklist (!1784) In-Reply-To: References: Message-ID: Clemens Lang commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784#note_1608574744 The failing tests seem to be unrelated to the change. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784#note_1608574744 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 12:36:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 10:36:21 +0000 Subject: [gnutls-devel] GnuTLS | CONTRIBUTING.md: Fix file name in reviewer checklist (!1784) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784#note_1608591230 Could you rebase against master or just add `[ci skip]` to the first line of commit message? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784#note_1608591230 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 12:54:56 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 10:54:56 +0000 Subject: [gnutls-devel] GnuTLS | CONTRIBUTING.md: Fix file name in reviewer checklist (!1784) In-Reply-To: References: Message-ID: Clemens Lang commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784#note_1608616799 I rebased. There was a failure in `debian/test` that I'm not sure is already solved, but maybe that one was transient. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784#note_1608616799 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 13:03:08 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 11:03:08 +0000 Subject: [gnutls-devel] GnuTLS | srptool: rework entry parsing without indexing (!1782) In-Reply-To: References: Message-ID: Zolt?n Fridrich was added as a reviewer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 13:04:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 11:04:19 +0000 Subject: [gnutls-devel] GnuTLS | srptool: rework entry parsing without indexing (!1782) In-Reply-To: References: Message-ID: Merge request !1782 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782 Project:Branches: dueno/gnutls:wip/dueno/srptool-fixes to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewer: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 13:04:11 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 11:04:11 +0000 Subject: [gnutls-devel] GnuTLS | srptool: rework entry parsing without indexing (!1782) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782#note_1608630649 The logic looks correct. Approved. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782#note_1608630649 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 13:12:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 11:12:33 +0000 Subject: [gnutls-devel] GnuTLS | srptool: rework entry parsing without indexing (!1782) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782#note_1608642605 Thanks for the review! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782#note_1608642605 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 13:12:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 11:12:36 +0000 Subject: [gnutls-devel] GnuTLS | srptool: rework entry parsing without indexing (!1782) In-Reply-To: References: Message-ID: Merge request !1782 was set to auto-merge by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782 Project:Branches: dueno/gnutls:wip/dueno/srptool-fixes to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewer: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 13:24:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 11:24:36 +0000 Subject: [gnutls-devel] GnuTLS | Support reading and writing private keys in PKCS#8 v2 format (#1474) In-Reply-To: References: Message-ID: Adrian Wijaya commented: https://gitlab.com/gnutls/gnutls/-/issues/1474#note_1608659164 I have some questions regarding this issue: * In `lib/x509/privkey_pkcs8.c`, afaik only function [`_decode_pkcs8_dsa_key`](https://gitlab.com/gnutls/gnutls/-/blob/master/lib/x509/privkey_pkcs8.c?ref_type=heads#L1375) that needs to be changed when read `privateKey` value so that It can fallback into v1 when necessary. Are there things that I miss here? * Similar to above, only function [`encode_to_private_key_info`](https://gitlab.com/gnutls/gnutls/-/blob/master/lib/x509/privkey_pkcs8.c?ref_type=heads#L177) that needs to be changed on write privateKey. Can I just add new parameter like `version` on this function so we can reuse existing API? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1474#note_1608659164 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 13:34:49 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 11:34:49 +0000 Subject: [gnutls-devel] GnuTLS | CONTRIBUTING.md: Fix file name in reviewer checklist (!1784) In-Reply-To: References: Message-ID: All discussions on merge request !1784 were resolved by Clemens Lang https://gitlab.com/gnutls/gnutls/-/merge_requests/1784 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 18 22:51:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Oct 2023 20:51:17 +0000 Subject: [gnutls-devel] GnuTLS | CONTRIBUTING.md: Fix file name in reviewer checklist (!1784) In-Reply-To: References: Message-ID: Merge request !1784 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784 Project:Branches: cllang/gnutls:cal-doc-typo to gnutls/gnutls:master Author: Clemens Lang -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1784 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 19 12:48:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 19 Oct 2023 10:48:04 +0000 Subject: [gnutls-devel] GnuTLS | NEWS: mention KTLS support in FreeBSD [ci skip] (!1785) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1785 Project:Branches: dueno/gnutls:wip/dueno/release-3.8.2 to gnutls/gnutls:master Author: Daiki Ueno . ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [x] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1785 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 19 13:12:14 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 19 Oct 2023 11:12:14 +0000 Subject: [gnutls-devel] GnuTLS | NEWS: mention KTLS support in FreeBSD [ci skip] (!1785) In-Reply-To: References: Message-ID: Merge request !1785 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1785 Project:Branches: dueno/gnutls:wip/dueno/release-3.8.2 to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1785 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 19 13:12:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 19 Oct 2023 11:12:36 +0000 Subject: [gnutls-devel] GnuTLS | NEWS: mention KTLS support in FreeBSD [ci skip] (!1785) In-Reply-To: References: Message-ID: Merge request !1785 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1785 Project:Branches: dueno/gnutls:wip/dueno/release-3.8.2 to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1785 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 19 13:57:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 19 Oct 2023 11:57:13 +0000 Subject: [gnutls-devel] GnuTLS | srptool: rework entry parsing without indexing (!1782) In-Reply-To: References: Message-ID: Merge request !1782 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782 Project:Branches: dueno/gnutls:wip/dueno/srptool-fixes to gnutls/gnutls:master Author: Daiki Ueno Reviewer: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1782 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 19 21:03:00 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 19 Oct 2023 19:03:00 +0000 Subject: [gnutls-devel] GnuTLS | Add experimental support for post-quantum algorithms in X.509 certificates (!1786) References: Message-ID: David Dudas created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1786 Project:Branches: d-Dudas/gnutls:pqc to gnutls/gnutls:master Author: David Dudas Experimental support for post-quantum cryptography algorithms standardized by NIST, using liboqs. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1786 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 20 09:21:20 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 20 Oct 2023 07:21:20 +0000 Subject: [gnutls-devel] GnuTLS | Add experimental support for post-quantum algorithms in X.509 certificates (!1786) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1786#note_1611785601 Liboqs depends on OpenSSL, it seems rather weird for GnuTLS to depend on OpenSSL. Could we add this using some other crypto library? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1786#note_1611785601 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 20 13:19:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 20 Oct 2023 11:19:53 +0000 Subject: [gnutls-devel] GnuTLS | Do not use HMAC-SHA1 for session ticket authentication algorithm (#1482) In-Reply-To: References: Message-ID: Milestone changed to Release of GnuTLS 3.8.3 (Oct 23, 2023?Dec 15, 2023) ( https://gitlab.com/gnutls/gnutls/-/milestones/41 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1482 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 20 14:09:11 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 20 Oct 2023 12:09:11 +0000 Subject: [gnutls-devel] abi-dump | Regenerate from 3.8.2 release (!8) In-Reply-To: References: Message-ID: Reassigned merge request 8 https://gitlab.com/gnutls/abi-dump/-/merge_requests/8 Assignee changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/abi-dump/-/merge_requests/8 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 20 14:09:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 20 Oct 2023 12:09:15 +0000 Subject: [gnutls-devel] abi-dump | Regenerate from 3.8.2 release (!8) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/abi-dump/-/merge_requests/8 Project:Branches: ZoltanFridrich/gnutls-abi-dump:zfridric_devel to gnutls/abi-dump:main Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Signed-off-by: Zoltan Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/abi-dump/-/merge_requests/8 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 20 14:10:16 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 20 Oct 2023 12:10:16 +0000 Subject: [gnutls-devel] abi-dump | Regenerate from 3.8.2 release (!8) In-Reply-To: References: Message-ID: Merge request !8 was merged Merge request URL: https://gitlab.com/gnutls/abi-dump/-/merge_requests/8 Project:Branches: ZoltanFridrich/gnutls-abi-dump:zfridric_devel to gnutls/abi-dump:main Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/abi-dump/-/merge_requests/8 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 20 14:16:37 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 20 Oct 2023 12:16:37 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.2 (!1787) In-Reply-To: References: Message-ID: Reassigned merge request 1787 https://gitlab.com/gnutls/gnutls/-/merge_requests/1787 Assignee changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1787 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 20 14:16:49 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 20 Oct 2023 12:16:49 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.2 (!1787) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1787 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [x] Documentation updated / NEWS entry present (for non-trivial changes) * [x] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1787 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Oct 20 14:16:35 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 20 Oct 2023 12:16:35 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.2 (!1787) In-Reply-To: References: Message-ID: Daiki Ueno was added as a reviewer. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1787 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Oct 21 09:43:48 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 21 Oct 2023 07:43:48 +0000 Subject: [gnutls-devel] GnuTLS | Add experimental support for post-quantum algorithms in X.509 certificates (!1786) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1786#note_1613206387 Afaik liboqs can be compiled without OpenSSL (that means bundled files are used for SHAKE, etc.), though it might not be acceptable when downstream liboqs packages choose to link to OpenSSL. In that case, a short-term solution could be to dlopen liboqs (as we [do](https://gitlab.com/gnutls/gnutls/-/merge_requests/1544) for TPM); fortunately, it shouldn't be too hard as the signing API in liboqs consists of only a couple of functions. In the long-run, we might want to implement necessary algorithms in Nettle; looking at [PQClean](https://github.com/PQClean/PQClean/) might be a good starting point. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1786#note_1613206387 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Oct 21 10:16:52 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 21 Oct 2023 08:16:52 +0000 Subject: [gnutls-devel] libtasn1 | libtasn1 4.9 make Intall err (#43) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/libtasn1/-/issues/43#note_1613233374 Can you try 4.19? Version 4.9 is around 7 years old. Please re-open if there is any build problem on CentOS8 with 4.19. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/43#note_1613233374 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Oct 21 10:16:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 21 Oct 2023 08:16:47 +0000 Subject: [gnutls-devel] libtasn1 | libtasn1 4.9 make Intall err (#43) In-Reply-To: References: Message-ID: Issue was closed by Simon Josefsson Issue #43: https://gitlab.com/gnutls/libtasn1/-/issues/43 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/43 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Oct 21 10:21:35 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 21 Oct 2023 08:21:35 +0000 Subject: [gnutls-devel] libtasn1 | Add new test cases that represent usage of libtasn1 (!89) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/libtasn1/-/merge_requests/89#note_1613242199 Thanks. The patch commits several generated files, we don't want to have generated non-editable source code files in libtasn1 -- can you add recipes how to re-generate the generated files? If that pulls in a lot of dependencies, I think it may be acceptable to leave a generated version in the repository if build rules will re-build it and compare with the distributed source file if the dependencies are available. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/89#note_1613242199 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Oct 21 10:25:10 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 21 Oct 2023 08:25:10 +0000 Subject: [gnutls-devel] libtasn1 | BIT STRING input to asn1_der_coding producing incorrect result (#47) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/libtasn1/-/issues/47#note_1613243791 Is `myBit abc123` really a valid assignment to a `BIT STRING` type? I would expect binary digits only. Just my initial reaction, I didn't debug this. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/47#note_1613243791 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Oct 22 16:44:24 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 22 Oct 2023 14:44:24 +0000 Subject: [gnutls-devel] libtasn1 | Add new test cases that represent usage of libtasn1 (!89) In-Reply-To: References: Message-ID: Ahmed Zaki commented: https://gitlab.com/gnutls/libtasn1/-/merge_requests/89#note_1613828312 @jas Thanks for the response. I will edit the tests but can you highlight to me which generated files are you referring to ? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/89#note_1613828312 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Oct 23 08:53:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 23 Oct 2023 06:53:17 +0000 Subject: [gnutls-devel] libtasn1 | Add new test cases that represent usage of libtasn1 (!89) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/libtasn1/-/merge_requests/89#note_1614434935 The comments at the top of `tests/Tests_gnutls.c` and `tests/Tests_p11kit_1.c`: ``` This test is automatically generated from GnuTLS source code. This test will create an element then fills that element with the values of a DER encoding string. It then attempts to read a value from that element. ``` Also, `tests/Tests_swtpm.c` seems generated and uses a non-standard license. Can you re-license this under the LGPL? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/89#note_1614434935 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Oct 23 11:22:01 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 23 Oct 2023 09:22:01 +0000 Subject: [gnutls-devel] libtasn1 | Revert "indent 2.2.13" (!91) References: Message-ID: Ahmed Zaki created a merge request: https://gitlab.com/gnutls/libtasn1/-/merge_requests/91 Project:Branches: zaki_ahmed/libtasn1:revert-5d080d81 to gnutls/libtasn1:master Author: Ahmed Zaki Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated ## Reviewer's checklist: * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent with other code * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/91 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Oct 23 12:38:57 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 23 Oct 2023 10:38:57 +0000 Subject: [gnutls-devel] libtasn1 | Indent fix (!92) References: Message-ID: Simon Josefsson created a merge request: https://gitlab.com/gnutls/libtasn1/-/merge_requests/92 Project:Branches: jas/libtasn1:jas/indent-fix to gnutls/libtasn1:master Author: Simon Josefsson -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/92 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Oct 23 12:40:17 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 23 Oct 2023 10:40:17 +0000 Subject: [gnutls-devel] libtasn1 | Indent fix (!92) In-Reply-To: References: Message-ID: Merge request !92 was merged Merge request URL: https://gitlab.com/gnutls/libtasn1/-/merge_requests/92 Project:Branches: jas/libtasn1:jas/indent-fix to gnutls/libtasn1:master Author: Simon Josefsson -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/92 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 24 09:59:38 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 24 Oct 2023 07:59:38 +0000 Subject: [gnutls-devel] GnuTLS | Release 3.8.2 (!1787) In-Reply-To: References: Message-ID: Merge request !1787 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1787 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewer: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1787 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 24 10:33:01 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 24 Oct 2023 08:33:01 +0000 Subject: [gnutls-devel] GnuTLS | Draft: DTLS1_3-client (!1667) In-Reply-To: References: Message-ID: All discussions on merge request !1667 were resolved by Franti?ek Kren?elok https://gitlab.com/gnutls/gnutls/-/merge_requests/1667 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1667 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Oct 24 17:21:07 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 24 Oct 2023 15:21:07 +0000 Subject: [gnutls-devel] GnuTLS | Android build not using "User" certificates on newer android versions (#1512) References: Message-ID: Tobias Diendorfer created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1512 ## Description of problem: The android build (#define ANDROID or __ANDROID__) is not using the user installed CA certificates. ## Version of gnutls used: 3.6.16 ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) vlc-android ## How reproducible: Steps to Reproduce: * generate an domain CA certificate & an correct client certificate for an ex.: IIS * try to access https site with browser from an windows machine, to check site is secure and cert is ok (lock symbol in url bar) * install the CA certificate manually on an android device (tested on android 10 & 11) * try to access https site with browser from the android device, to check site is secure and cert is ok (lock symbol in url bar) * use vlc-android (from playstore) or any other software on android which uses gnuTLS * try to play an m3u8 playlist with vlc android from the webserver which url starts with https://... * Now the error happens in gnutls, see actual results ## Actual results: [7c02f630/12a7] libvlc tls client: Certificate verification failure: The certificate is NOT trusted. The certificate issuer is unknown. The name in the certificate does not match the expected. I have checked the installed system certificates count which is 138 and gnutls is reporting also 138 are loaded. Missing the "1" single user certificate. Count should be 139. ## Expected results: gnutls should also load user certificates on android and use them! After changing: lib/system/certs.c old, doesn't work: ret = gnutls_x509_trust_list_add_trust_dir(list, "/data/misc/keychain/cacerts-added/", new, works: ret = gnutls_x509_trust_list_add_trust_dir(list, "/data/misc/user/0/cacerts-added/", So clearly the path has changed on newer android versions and doesn't work with current ones. Please fix this issue. thx -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1512 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Oct 25 10:12:23 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 25 Oct 2023 08:12:23 +0000 Subject: [gnutls-devel] GnuTLS | Android build not using "User" certificates on newer android versions (#1512) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1512#note_1617794950 Looks like it's defined [here](https://cs.android.com/android/platform/superproject/main/+/main:frameworks/base/core/java/android/security/net/config/UserCertificateSource.java;l=34?q=%22cacerts-added%22&ss=android%2Fplatform%2Fsuperproject%2Fmain). I'm not sure if we can assume 0 as the user ID, but maybe we could enumerate under /data/misc/user. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1512#note_1617794950 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 26 00:19:12 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 25 Oct 2023 22:19:12 +0000 Subject: [gnutls-devel] GnuTLS | .lgtm.yml: remove LGTM.com configuration file (!1788) References: Message-ID: Dimitri Papadopoulos Orfanos created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1788 Project:Branches: DimitriPapadopoulos/gnutls:lgtm to gnutls/gnutls:master Author: Dimitri Papadopoulos Orfanos LGTM.com has been deprecated and replaced by GitHub code analysis: https://github.blog/2022-08-15-the-next-step-for-lgtm-com-github-code-scanning/ ## Checklist * [X] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1788 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 26 02:05:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Oct 2023 00:05:06 +0000 Subject: [gnutls-devel] GnuTLS | .lgtm.yml: remove LGTM.com configuration file (!1788) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1788#note_1619355256 Thank you; I guess this is the first step towards #1461. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1788#note_1619355256 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 26 02:05:12 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Oct 2023 00:05:12 +0000 Subject: [gnutls-devel] GnuTLS | .lgtm.yml: remove LGTM.com configuration file (!1788) In-Reply-To: References: Message-ID: Merge request !1788 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1788 Project:Branches: DimitriPapadopoulos/gnutls:lgtm to gnutls/gnutls:master Author: Dimitri Papadopoulos Orfanos Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1788 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 26 02:05:22 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Oct 2023 00:05:22 +0000 Subject: [gnutls-devel] GnuTLS | .lgtm.yml: remove LGTM.com configuration file (!1788) In-Reply-To: References: Message-ID: Merge request !1788 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1788 Project:Branches: DimitriPapadopoulos/gnutls:lgtm to gnutls/gnutls:master Author: Dimitri Papadopoulos Orfanos -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1788 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 26 02:28:35 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Oct 2023 00:28:35 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: enable code quality analysis (!1789) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1789 Project:Branches: dueno/gnutls:wip/dueno/code-quality to gnutls/gnutls:master Author: Daiki Ueno This includes the Code Quality template as suggested in: https://docs.gitlab.com/ee/ci/testing/code_quality.html ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1789 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 26 15:01:41 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Oct 2023 13:01:41 +0000 Subject: [gnutls-devel] libtasn1 | Revert "indent 2.2.13" (!91) In-Reply-To: References: Message-ID: Merge request !91 was closed by Ahmed Zaki Merge request URL: https://gitlab.com/gnutls/libtasn1/-/merge_requests/91 Project:Branches: zaki_ahmed/libtasn1:revert-5d080d81 to gnutls/libtasn1:master Author: Ahmed Zaki Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/91 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Oct 26 15:03:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Oct 2023 13:03:15 +0000 Subject: [gnutls-devel] libtasn1 | Add new test cases that represent usage of libtasn1 (!89) In-Reply-To: References: Message-ID: Ahmed Zaki commented on a discussion: https://gitlab.com/gnutls/libtasn1/-/merge_requests/89#note_1620223884 Thanks @jas! The test cases are automatically extracted from the respective clients that use Libtasn1 and we then edit those test cases manually to integrate them into Libtasn1's test suite. I have edited the description to explain this. The process of automatically re-generating the test cases is non-trivial and requires considerable setup to run our research tool on the clients. We have contributed similar test cases to other libraries where we edit the automatically extracted test cases to fit the test suite of the library. Hope this explains the confusion regarding the automated aspect of the test generation. Regarding Tests_swtpm.c: I don't think I can relicense and modify the copyright notice, but the original code has a liberal BSD license so I think it would be fine to include it here. However, if in doubt, we can remove this test." -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/89#note_1620223884 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: