From gnutls-devel at lists.gnutls.org Sat Jun 1 12:41:16 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 01 Jun 2024 10:41:16 +0000 Subject: [gnutls-devel] GnuTLS | remove testcompat-* tests (!1840) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840#note_1931744997 Just to be sure: do the fedora-interop tests have sufficient coverage on [0-RTT](https://gitlab.com/gnutls/gnutls/-/blob/9bd7c693b21791572b6b137f2a3018a82e82e079/tests/suite/testcompat-openssl-tls13-serv.sh#L331)? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840#note_1931744997 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jun 2 02:21:36 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 02 Jun 2024 00:21:36 +0000 Subject: [gnutls-devel] GnuTLS | nettle: avoid symbol clash in sha3-shake.h (!1841) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841 Project:Branches: dueno/gnutls:wip/dueno/shake-fixes to gnutls/gnutls:master Author: Daiki Ueno * nettle: avoid symbol clash in sha3-shake.h Signed-off-by: Daiki Ueno ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jun 2 02:22:59 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 02 Jun 2024 00:22:59 +0000 Subject: [gnutls-devel] GnuTLS | Draft: key_share: Support X25519Kyber768Draft00 (!1842) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1842 Project:Branches: dueno/gnutls:wip/dueno/hybrid-kx-liboqs to gnutls/gnutls:master Author: Daiki Ueno This implements X25519Kyber768Draft00 hybrid post-quantum key exchange in TLS 1.3, based on the draft: https://datatracker.ietf.org/doc/draft-tls-westerbaan-xyber768d00/ ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [x] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1842 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 00:42:48 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 02 Jun 2024 22:42:48 +0000 Subject: [gnutls-devel] GnuTLS | nettle: follow-up on SHAKE support (!1841) In-Reply-To: References: Message-ID: Alexander Sosedkin and Zolt?n Fridrich were added as reviewers. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 00:42:18 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 02 Jun 2024 22:42:18 +0000 Subject: [gnutls-devel] GnuTLS | nettle: follow-up on SHAKE support (!1841) In-Reply-To: References: Message-ID: Reassigned merge request 1841 https://gitlab.com/gnutls/gnutls/-/merge_requests/1841 Daiki Ueno was added as an assignee. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 10:23:49 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jun 2024 08:23:49 +0000 Subject: [gnutls-devel] GnuTLS | nettle: follow-up on SHAKE support (!1841) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841#note_1932503535 Change looks good. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841#note_1932503535 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 10:23:25 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jun 2024 08:23:25 +0000 Subject: [gnutls-devel] GnuTLS | nettle: follow-up on SHAKE support (!1841) In-Reply-To: References: Message-ID: Merge request !1841 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841 Project:Branches: dueno/gnutls:wip/dueno/shake-fixes to gnutls/gnutls:master Author: Daiki Ueno Assignee: Daiki Ueno Reviewers: Alexander Sosedkin and Zolt?n Fridrich -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 10:33:43 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jun 2024 08:33:43 +0000 Subject: [gnutls-devel] GnuTLS | nettle: follow-up on SHAKE support (!1841) In-Reply-To: References: Message-ID: Alexander Sosedkin commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841#note_1932520087 > This makes gnutls_hash_output just reset the hash context without calling out Nettle's hash digest function if DIGEST argument is NULL. Should this digest=NULL behaviour be documented in gnutls_hash_output docs? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841#note_1932520087 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 13:42:44 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jun 2024 11:42:44 +0000 Subject: [gnutls-devel] GnuTLS | nettle: follow-up on SHAKE support (!1841) In-Reply-To: References: Message-ID: All discussions on merge request !1841 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1841 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 13:42:40 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jun 2024 11:42:40 +0000 Subject: [gnutls-devel] GnuTLS | nettle: follow-up on SHAKE support (!1841) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841#note_1932906563 Updated the documentation. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841#note_1932906563 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 14:22:33 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jun 2024 12:22:33 +0000 Subject: [gnutls-devel] GnuTLS | nettle: follow-up on SHAKE support (!1841) In-Reply-To: References: Message-ID: Merge request !1841 was set to auto-merge by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841 Project:Branches: dueno/gnutls:wip/dueno/shake-fixes to gnutls/gnutls:master Author: Daiki Ueno Assignee: Daiki Ueno Reviewers: Alexander Sosedkin and Zolt?n Fridrich -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 15:06:51 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jun 2024 13:06:51 +0000 Subject: [gnutls-devel] GnuTLS | nettle: follow-up on SHAKE support (!1841) In-Reply-To: References: Message-ID: Merge request !1841 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841 Project:Branches: dueno/gnutls:wip/dueno/shake-fixes to gnutls/gnutls:master Author: Daiki Ueno Assignee: Daiki Ueno Reviewers: Alexander Sosedkin and Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1841 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 16:50:33 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jun 2024 14:50:33 +0000 Subject: [gnutls-devel] GnuTLS | aarch64: enable PAC and BTI (!1843) References: Message-ID: William Roberts created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1843 Project:Branches: wcrobertarm/gnutls:update-openssl-to-3.2.1-add-pac-bti to gnutls/gnutls:master Author: William Roberts Enable PAC and BTI. **NOTE** that after this merge it requires a maintainer to run `make asm-sources` and commit the result. This an update to #1804 and closes #1517 once `make asm-sources` is updated. - 0a97df525 lib/accellerated: update asm and enable PAC/BTI - c3e075671 cfg.mk: add common headers used for asm gen - 05f406223 openssl: update 3.2.1 - 1330e07c1 ci: ignore parse errors from gcovr ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1843 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 16:52:33 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jun 2024 14:52:33 +0000 Subject: [gnutls-devel] GnuTLS | openssl: update 3.2.1, enable PAC/BTI, Fix deps in Makefile (!1804) In-Reply-To: References: Message-ID: William Roberts commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1804#note_1933307510 Updated here: https://gitlab.com/gnutls/gnutls/-/merge_requests/1843 Sorry about that, I made a mistake in our submission process. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1804#note_1933307510 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 3 23:34:36 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 03 Jun 2024 21:34:36 +0000 Subject: [gnutls-devel] GnuTLS | Draft: key_share: support X25519Kyber768Draft00 (!1842) In-Reply-To: References: Message-ID: Daiki Ueno marked merge request !1842 as draft -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1842 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jun 4 10:21:57 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 04 Jun 2024 08:21:57 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 39 (!1796) In-Reply-To: References: Message-ID: Daiki Ueno marked merge request !1796 as ready -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1796 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jun 4 10:30:30 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 04 Jun 2024 08:30:30 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 39 (!1796) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1796#note_1934593038 Changes seem logical. No obvious mistakes. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1796#note_1934593038 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jun 4 10:30:36 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 04 Jun 2024 08:30:36 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 39 (!1796) In-Reply-To: References: Message-ID: Merge request !1796 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1796 Project:Branches: dueno/gnutls:wip/dueno/ci-fedora39 to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jun 4 10:38:12 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 04 Jun 2024 08:38:12 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 39 (!1796) In-Reply-To: References: Message-ID: Merge request !1796 was set to auto-merge by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1796 Project:Branches: dueno/gnutls:wip/dueno/ci-fedora39 to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jun 4 13:11:32 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 04 Jun 2024 11:11:32 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 39 (!1796) In-Reply-To: References: Message-ID: Merge request !1796 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1796 Project:Branches: dueno/gnutls:wip/dueno/ci-fedora39 to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1796 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 5 05:57:33 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 05 Jun 2024 03:57:33 +0000 Subject: [gnutls-devel] GnuTLS | server_name: synchronize server name send/receive (remove dns check) (!1838) In-Reply-To: References: Message-ID: Elliott Mitchell commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1838#note_1936198981 This _does_ decrease complexity by removing the extra check. Nothing about this necessarily reduces enforcement of RFC-compliance. If a server does make use of SNI, then it will have some sort of table implementation. Enforcing RFC-compliance simply means the table needs to omit things which violate the RFC. Handling violations as simply no match seems simplest. My thought is ensuring the string doesn't contain an embedded nul-character is appropriate protection for most server programs. Going much further risks making the implementation brittle and reducing potentially valuable functionality. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1838#note_1936198981 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 5 06:55:52 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 05 Jun 2024 04:55:52 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 40 (!1844) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844 Project:Branches: dueno/gnutls:wip/dueno/ci-fedora40 to gnutls/gnutls:master Author: Daiki Ueno * .gitlab-ci.yml: switch to using Fedora 40 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 5 06:57:00 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 05 Jun 2024 04:57:00 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 40 (!1844) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844#note_1936229390 @ep69 FYI, the fedora-interop tests against OpenSSL is now failing under Fedora 40, where CCM-8 is now moved to SECLEVEL=0. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844#note_1936229390 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 5 12:03:45 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 05 Jun 2024 10:03:45 +0000 Subject: [gnutls-devel] GnuTLS | remove testcompat-* tests (!1840) In-Reply-To: References: Message-ID: Stanislav ?idek commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840#note_1936775175 @dueno good catch, I missed that, interop tests don't test early data. I see two options: Either rely on other tests (e.g., tlsfuzzer), that do test 0-RTT, or keep `testcompat-openssl-tls13-cli.sh` and `testcompat-openssl-tls13-serv.sh` Thoughts? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840#note_1936775175 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 5 12:14:11 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 05 Jun 2024 10:14:11 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 40 (!1844) In-Reply-To: References: Message-ID: Stanislav ?idek commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844#note_1936803807 @dueno I recall dealing with the same problem (CCM-8) in openssl upstream, where I ended up overwriting `openssl.cnf`: https://gitlab.com/redhat-crypto/tests/interop/-/commit/978fb6cd25e88afc9d80daaf8be8c3d81d08ec67#b434d448f1b1de47058fbc373f7aa91c6a47e7a5_0_87 Shall we do something similar? Would you like me to help somehow? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844#note_1936803807 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 5 13:08:20 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 05 Jun 2024 11:08:20 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 40 (!1844) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844#note_1936920394 @ep69 so far I worked around it with `--cipher ALL:@SECLEVEL=0 --min_protocol TLSv1.3 --ciphersuites ...` in https://gitlab.com/gnutls/gnutls/-/merge_requests/1844/diffs?commit_id=60a901aef0b54b4fac7c5413fc4b4f2d9ea01856 I suspect it might be possible to change the behavior of s_client / s_server, to give a higher precedence to --ciphersuites than the implicit SECLEVEL. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844#note_1936920394 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 5 13:34:02 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 05 Jun 2024 11:34:02 +0000 Subject: [gnutls-devel] GnuTLS | server_name: synchronize server name send/receive (remove dns check) (!1838) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1838#note_1936963468 Is my understanding correct that: - SNI extension handling has sufficient length check at the TLS extension level, so there will not be an opportunity of buffer overrun - The SNI hostname is never unmarshalled but compared (as an opaque data) with the one the server is serving If both of the above are true, I don't oppose to remove the check. I tested with OpenSSL and it also doesn't check the well-formedness of the hostname. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1838#note_1936963468 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jun 7 13:01:16 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jun 2024 11:01:16 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 40 (!1844) In-Reply-To: References: Message-ID: Merge request !1844 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844 Project:Branches: dueno/gnutls:wip/dueno/ci-fedora40 to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jun 7 13:01:38 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jun 2024 11:01:38 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 40 (!1844) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844#note_1940597085 No obvious mistakes found. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844#note_1940597085 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jun 7 13:38:23 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jun 2024 11:38:23 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 40 (!1844) In-Reply-To: References: Message-ID: Merge request !1844 was set to auto-merge by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844 Project:Branches: dueno/gnutls:wip/dueno/ci-fedora40 to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jun 7 14:16:20 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 07 Jun 2024 12:16:20 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: switch to using Fedora 40 (!1844) In-Reply-To: References: Message-ID: Merge request !1844 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844 Project:Branches: dueno/gnutls:wip/dueno/ci-fedora40 to gnutls/gnutls:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1844 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jun 8 10:33:24 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 08 Jun 2024 08:33:24 +0000 Subject: [gnutls-devel] GnuTLS | aarch64: enable PAC and BTI (!1843) In-Reply-To: References: Message-ID: Merge request !1843 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1843 Project:Branches: wcrobertarm/gnutls:update-openssl-to-3.2.1-add-pac-bti to gnutls/gnutls:master Author: William Roberts Assignees: Reviewers: -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jun 8 10:33:33 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 08 Jun 2024 08:33:33 +0000 Subject: [gnutls-devel] GnuTLS | aarch64: enable PAC and BTI (!1843) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1843#note_1941685625 Thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1843#note_1941685625 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jun 8 10:33:38 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 08 Jun 2024 08:33:38 +0000 Subject: [gnutls-devel] GnuTLS | aarch64: enable PAC and BTI (!1843) In-Reply-To: References: Message-ID: Merge request !1843 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1843 Project:Branches: wcrobertarm/gnutls:update-openssl-to-3.2.1-add-pac-bti to gnutls/gnutls:master Author: William Roberts -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1843 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jun 8 10:33:39 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 08 Jun 2024 08:33:39 +0000 Subject: [gnutls-devel] GnuTLS | aarch64/armv8 assembler files not supporting PAC/BTI (#1517) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno with merge request !1843 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1843) Issue #1517: https://gitlab.com/gnutls/gnutls/-/issues/1517 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1517 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 10 17:01:58 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jun 2024 15:01:58 +0000 Subject: [gnutls-devel] GnuTLS | aarch64/armv8 assembler files not supporting PAC/BTI (#1517) In-Reply-To: References: Message-ID: William Roberts commented: https://gitlab.com/gnutls/gnutls/-/issues/1517#note_1943341278 I don't see a commit running `make asm-sources`, has that been done, this cannot be closed until that is completed. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1517#note_1943341278 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 10 20:17:38 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 10 Jun 2024 18:17:38 +0000 Subject: [gnutls-devel] GnuTLS | aarch64/armv8 assembler files not supporting PAC/BTI (#1517) In-Reply-To: References: Message-ID: William Roberts commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1517#note_1943631208 We'll also need some more changes: cfg.mk needs CFLAGS in asm generation and I missed a space in the pushsection. I have these changes tested again locally, should be able to send those relatively soon. Sorry for the noise, rebase mishap :-/ -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1517#note_1943631208 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jun 11 16:10:29 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 11 Jun 2024 14:10:29 +0000 Subject: [gnutls-devel] GnuTLS | lib/accelerated: add missing space on pushsection (!1845) References: Message-ID: William Roberts created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845 Project:Branches: wcrobertarm/gnutls:fixes-for-pac-bti-enablement to gnutls/gnutls:master Author: William Roberts Fixs for pac and bti enablement, descriptions in the patches. * lib/accelerated: add CFLAGS to aarch64/elf When building with certain cflags, like -mbranch-protection=standard, the assembly generation needs to get the CFLAGS to enable assembler level features. Without this, closing PAC/BTI feature support will not be completed. Example: export CFLAGS='-mbranch-protection=standard' export CPPFLAGS='-mbranch-protection=standard' \# not needed, just for error reporting export LDFLAGS='-Wl,-zforce-bti,--fatal-warnings' ./bootstrap ./configure --with-included-libtasn1 --with-included-unistring make asm-sources make -j4 readelf -n ./lib/.libs/libgnutls.so Displaying notes found in: .note.gnu.property Owner Data size Description GNU 0x00000010 NT_GNU_PROPERTY_TYPE_0 Properties: AArch64 feature: BTI, PAC readelf -n ./lib/.libs/libgnutlsxx.so Displaying notes found in: .note.gnu.property Owner Data size Description GNU 0x00000010 NT_GNU_PROPERTY_TYPE_0 Properties: AArch64 feature: BTI, PAC Related to: #1517 Signed-off-by: Bill Roberts * lib/accelerated: add missing space on pushsection Missing a space between pushsection and the section name. Results in this error: lib/accelerated/aarch64/aarch64-common.h:109: Error: unknown pseudo-op: `.pushsection.note.gnu.property' Signed-off-by: Bill Roberts ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [x] Code modified for feature * [x] Test suite updated with functionality tests (existing tests work) * [x] Test suite updated with negative tests (existing tests work) * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 12 09:56:08 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 12 Jun 2024 07:56:08 +0000 Subject: [gnutls-devel] GnuTLS | remove testcompat-* tests (!1840) In-Reply-To: References: Message-ID: Stanislav ?idek commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840#note_1946402500 @dueno I kept 0-RTT for now and fixed interop tests, could you review? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840#note_1946402500 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jun 13 03:31:19 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 13 Jun 2024 01:31:19 +0000 Subject: [gnutls-devel] GnuTLS | remove testcompat-* tests (!1840) In-Reply-To: References: Message-ID: Merge request !1840 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840 Project:Branches: ep69/gnutls:remove-testcompat to gnutls/gnutls:master Author: Stanislav ?idek Assignee: Stanislav ?idek -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jun 13 03:30:56 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 13 Jun 2024 01:30:56 +0000 Subject: [gnutls-devel] GnuTLS | remove testcompat-* tests (!1840) In-Reply-To: References: Message-ID: Merge request !1840 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840 Project:Branches: ep69/gnutls:remove-testcompat to gnutls/gnutls:master Author: Stanislav ?idek Assignee: Stanislav ?idek Reviewers: -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jun 13 09:33:40 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 13 Jun 2024 07:33:40 +0000 Subject: [gnutls-devel] GnuTLS | remove testcompat-* tests (!1840) In-Reply-To: References: Message-ID: Stanislav ?idek commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840#note_1948343785 Thanks. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840#note_1948343785 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jun 13 21:02:06 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 13 Jun 2024 19:02:06 +0000 Subject: [gnutls-devel] GnuTLS | thread-local storage not supported for this target (#1556) References: Message-ID: Martin created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1556 ## Description of problem: gnutls can't be compiled with TLS support ## Version of gnutls used: ../gnutls-3.7.11 ../gnutls-3.7.2: ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) from source ## How reproducible: use a Linux debian-sparc sparc32 machine without TLS support Steps to Reproduce: * CFLAGS="-DNO_TLS" ./configure -with-includedinuxunistring --without-p11-kit --disable-doc && make" ## Actual results: ``` ../gl/c-ctype.h:313: warning: no previous prototype for `c_isupper' ../gl/c-ctype.h:325: warning: no previous prototype for `c_isxdigit' ../gl/c-ctype.h:338: warning: no previous prototype for `c_tolower' ../gl/c-ctype.h:350: warning: no previous prototype for `c_toupper' In file included from hash_int.h:29, from gnutls_int.h:713, from random.c:26: crypto.h:36: warning: declaration of `setkey' shadows a global declaration /usr/include/stdlib.h:874: warning: shadowed declaration is here crypto.h:38: warning: declaration of `encrypt' shadows a global declaration /usr/include/unistd.h:1005: warning: shadowed declaration is here random.c:39: error: thread-local storage not supported for this target random.c:40: error: thread-local storage not supported for this target make[4]: *** [random.lo] Error 1 make[4]: Leaving directory `/root/build/gnutls-3.7.2/lib' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/root/build/gnutls-3.7.2/lib' make[2]: *** [all] Error 2 make[2]: Leaving directory `/root/build/gnutls-3.7.2/lib' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/root/build/gnutls-3.7.2' make: *** [all] Error 2 debian-sparc:~/build/gnutls-3.7.2# ls ../gnutls-3.7.* ../gnutls-3.7.11.tar ../gnutls-3.7.2.tar ``` ## Expected results: fallback to a none TLS version -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1556 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jun 14 08:37:23 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 14 Jun 2024 06:37:23 +0000 Subject: [gnutls-devel] GnuTLS | remove testcompat-* tests (!1840) In-Reply-To: References: Message-ID: Stanislav ?idek commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840#note_1950253987 @dueno I realized that I did not add back the configure option to enable TLS-1.3 tests (\`ENABLE_TLS13_INTEROP\`). Should I create another MR for that? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1840#note_1950253987 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jun 16 11:30:15 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 16 Jun 2024 09:30:15 +0000 Subject: [gnutls-devel] GnuTLS | thread-local storage not supported for this target (#1556) In-Reply-To: References: Message-ID: Martin commented: https://gitlab.com/gnutls/gnutls/-/issues/1556#note_1952204803 With which version got thread local storage mandatory? Maybe I can switch to an older version. I'm looking for a workaround -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1556#note_1952204803 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 19 11:31:46 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 19 Jun 2024 09:31:46 +0000 Subject: [gnutls-devel] GnuTLS | thread-local storage not supported for this target (#1556) In-Reply-To: References: Message-ID: Alexander Sosedkin commented: https://gitlab.com/gnutls/gnutls/-/issues/1556#note_1957614164 > With which version got thread local storage mandatory? git blame suggests 1677f1ac06beecb2fb23f0f49d89260f86131a5c from January 2017. That'd be, like, 3.6.0? > CFLAGS=-DNO_TLS I also can't help but note `-DDNO_TLS` isn't something defined by gnutls. > Maybe I can switch to an older version. I'm looking for a workaround Start with double-checking your platform really does not support TLS, maybe you're just missing a compile flag or something? Maybe go the other way around, try a modern compiler and the newest version of gnutls, which uses gnulib's glthreads/tls, that could be more portable. > gnutls can't be compiled with out TLS support I'm really not sure gnutls would be interested in maintaining platforms without TLS. I, for one, can't name a single one. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1556#note_1957614164 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 19 15:10:11 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 19 Jun 2024 13:10:11 +0000 Subject: [gnutls-devel] GnuTLS | Fix running tests in the close future (!1846) References: Message-ID: Alexander Sosedkin created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846 Project:Branches: asosedkin/gnutls:fix-tests-for-future to gnutls/gnutls:master Author: Alexander Sosedkin * tests: use faketime in more tests: with this change, building should build fine until 2039. * test/cert-tests: use --attime in more tests: with this change, building should be fine until 2049. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [x] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 19 16:22:30 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 19 Jun 2024 14:22:30 +0000 Subject: [gnutls-devel] GnuTLS | Fix running tests in the close future (!1846) In-Reply-To: References: Message-ID: Alexander Sosedkin commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846#note_1958195812 Hm, 32-bit ones now fail with attimes past Y2K38. What should I do, exclude? Clamp the date to Y2K38? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846#note_1958195812 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 19 22:00:58 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 19 Jun 2024 20:00:58 +0000 Subject: [gnutls-devel] GnuTLS | Fix running tests in the close future (!1846) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846#note_1958780762 I'd suggest excluding them. Clamping to 2038 might work thanks to Gnulib's year2038 support, though it is known to cause an ABI [incompatibility](https://src.fedoraproject.org/rpms/gnutls/c/e361bb292d32b206faaca49ea045c4b8ea08a8c7?branch=rawhide) when enabled on 32-bit arches. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846#note_1958780762 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jun 20 12:20:27 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 20 Jun 2024 10:20:27 +0000 Subject: [gnutls-devel] GnuTLS | lib/accelerated: add missing space on pushsection (!1845) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1959516647 @wcrobertarm thank you for this follow-up. The CI failure is that clang-format is not happy with the added space. It is certainly possible to exclude the file from the auto-indentation, but I wonder if we can turn the code into a proper inline assembly (with `asm`) or put it in a separate .s file. What do you think? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1959516647 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jun 20 14:13:35 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 20 Jun 2024 12:13:35 +0000 Subject: [gnutls-devel] GnuTLS | lib/accelerated: add missing space on pushsection (!1845) In-Reply-To: References: Message-ID: William Roberts commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1959696387 I can put it in a separate .s file and #include it, something like if ELF include gnu-elf-notes.s. Otherwise, I would just tell clang format to ignore it. This might be due to my hatred for inline assembly. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1959696387 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jun 20 15:51:28 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 20 Jun 2024 13:51:28 +0000 Subject: [gnutls-devel] GnuTLS | lib/accelerated: add missing space on pushsection (!1845) In-Reply-To: References: Message-ID: William Roberts commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1959904377 What about just using NOLINTBEGIN and NOLINTEND -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1959904377 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jun 20 15:56:30 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 20 Jun 2024 13:56:30 +0000 Subject: [gnutls-devel] GnuTLS | Fix running tests in the close future (!1846) In-Reply-To: References: Message-ID: Alexander Sosedkin commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846#note_1959914374 OK, I don't want to exclude tests en masse, so how about doing this? I'm setting different dates for different time_t sizes where applicable. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846#note_1959914374 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jun 20 17:58:26 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 20 Jun 2024 15:58:26 +0000 Subject: [gnutls-devel] GnuTLS | lib/accelerated: add missing space on pushsection (!1845) In-Reply-To: References: Message-ID: William Roberts commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1960174269 inline asm won't work as this is stuff for gas not for cc. Just to verify I attempted it and got: ``` lib/accelerated/aarch64/aarch64-common.h: Assembler messages: lib/accelerated/aarch64/aarch64-common.h:109: Error: unknown mnemonic `__asm__' -- `__asm__ __volatile__(' ``` So the two options are: 1. turn clang-format off and back on. 2. split to a separate file. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1960174269 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jun 21 04:22:07 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 21 Jun 2024 02:22:07 +0000 Subject: [gnutls-devel] GnuTLS | lib/accelerated: add missing space on pushsection (!1845) In-Reply-To: References: Message-ID: Merge request !1845 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845 Project:Branches: wcrobertarm/gnutls:fixes-for-pac-bti-enablement to gnutls/gnutls:master Author: William Roberts Assignees: Reviewers: -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jun 21 04:22:35 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 21 Jun 2024 02:22:35 +0000 Subject: [gnutls-devel] GnuTLS | lib/accelerated: add missing space on pushsection (!1845) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1960807295 Yeah, that's probably the best approach for now. Thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1960807295 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jun 21 04:22:49 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 21 Jun 2024 02:22:49 +0000 Subject: [gnutls-devel] GnuTLS | lib/accelerated: add missing space on pushsection (!1845) In-Reply-To: References: Message-ID: Merge request !1845 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845 Project:Branches: wcrobertarm/gnutls:fixes-for-pac-bti-enablement to gnutls/gnutls:master Author: William Roberts -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jun 21 15:56:23 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 21 Jun 2024 13:56:23 +0000 Subject: [gnutls-devel] GnuTLS | lib/accelerated: add missing space on pushsection (!1845) In-Reply-To: References: Message-ID: William Roberts commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1961762639 @dueno someone (it can't be me unfortunately) still needs to run 1. `make asm-sources` and submit a PR to the repo. We need to see this all the way through. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1961762639 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jun 21 23:37:36 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 21 Jun 2024 21:37:36 +0000 Subject: [gnutls-devel] GnuTLS | lib/accelerated: add missing space on pushsection (!1845) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1962459234 @ZoltanFridrich could you handle that when you create a 3.8.6 release? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1962459234 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jun 22 14:38:18 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 22 Jun 2024 12:38:18 +0000 Subject: [gnutls-devel] GnuTLS | thread-local storage not supported for this target (#1556) In-Reply-To: References: Message-ID: Martin commented: https://gitlab.com/gnutls/gnutls/-/issues/1556#note_1963116620 Thanks @asosedkin for the hints. I upgraded my compiler and configured passed with: ` CC=/c/opt/gcc-7.1/bin/gcc ./configure --with-included-unistring --without-p11-kit --disable-doc --enable-openssl-compatibility` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1556#note_1963116620 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jun 22 14:38:19 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 22 Jun 2024 12:38:19 +0000 Subject: [gnutls-devel] GnuTLS | thread-local storage not supported for this target (#1556) In-Reply-To: References: Message-ID: Issue was closed by Martin Issue #1556: https://gitlab.com/gnutls/gnutls/-/issues/1556 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1556 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jun 24 12:06:20 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 24 Jun 2024 10:06:20 +0000 Subject: [gnutls-devel] GnuTLS | lib/accelerated: add missing space on pushsection (!1845) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1964430719 sure -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1845#note_1964430719 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jun 26 20:28:35 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 26 Jun 2024 18:28:35 +0000 Subject: [gnutls-devel] libtasn1 | Time to parse a few entries and a lot of entries is not linear (#51) References: Message-ID: Thomas Karlsson created an issue: https://gitlab.com/gnutls/libtasn1/-/issues/51 ## Description of problem: The time to parse an CRL file is not linear to how many entries there are in the file. I noticed this while using certtool to view a CRL file with approximately 56000 entries. I don't remember but it took a few minutes to parse the whole file. The reason I'm posting this issue here is that with my limited skills traced it back to lib/decoding.c and to the function asn1_der_decoding2, but I'm not sure. ## Version of libtasn1 used: 4.19.0 ## Distributor of libtasn1 (e.g., Ubuntu, Fedora, RHEL) Debian bookworm ## How reproducible: Steps to Reproduce: * Create a CRL with a lot of entries. I used crlbuilder by wbond. I can provide the script if requested. * time certtool --crl-info --infile root.crl.pem ## Actual results: Here is a table with how many entries is the CRL, seconds it took (time certtool --crl-info --infile root.crl.pem) and per entry. entr sec. per entry 4000 0.253s 0.063ms 5000 0.422s 0.084ms 6000 0.652s 0.108ms 7000 0.832s 0.119ms 8000 1.143s 0.143ms 9000 1.530s 0.170ms 10000 2.034s 0.203ms 11000 2.692s 0.245ms 12000 4.020s 0.335ms 13000 5.215s 0.401ms 14000 6.505s 0.465ms 15000 8.810s 0.587ms 16000 10.734s 0.671ms 17000 12.688s 0.746ms ## Expected results: I don't know why but I think the time should be linear. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/51 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jun 29 10:24:46 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 29 Jun 2024 08:24:46 +0000 Subject: [gnutls-devel] GnuTLS | Fix running tests in the close future (!1846) In-Reply-To: References: Message-ID: Merge request !1846 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846 Project:Branches: asosedkin/gnutls:fix-tests-for-future to gnutls/gnutls:master Author: Alexander Sosedkin Assignees: Reviewers: -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jun 29 10:24:50 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 29 Jun 2024 08:24:50 +0000 Subject: [gnutls-devel] GnuTLS | Fix running tests in the close future (!1846) In-Reply-To: References: Message-ID: Merge request !1846 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846 Project:Branches: asosedkin/gnutls:fix-tests-for-future to gnutls/gnutls:master Author: Alexander Sosedkin -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jun 29 10:25:01 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 29 Jun 2024 08:25:01 +0000 Subject: [gnutls-devel] GnuTLS | Fix running tests in the close future (!1846) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846#note_1974363461 Thank you (sorry for the delay). -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1846#note_1974363461 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jun 30 03:04:01 2024 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 30 Jun 2024 01:04:01 +0000 Subject: [gnutls-devel] GnuTLS | build: switch to using auto-generated files created by dlwrap (!1847) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1847 Project:Branches: dueno/gnutls:wip/dueno/compress-dlwrap to gnutls/gnutls:master Author: Daiki Ueno This switches the dynamic loading logic for compression libraries to using the [dlwrap](https://crates.io/crates/dlwrap) tool, so it can support both platforms supporting/not-supporting dlopen. Fixes: #1546 ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1847 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: