From gnutls-devel at lists.gnutls.org  Tue Jul  1 16:39:24 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 01 Jul 2025 14:39:24 +0000
Subject: [gnutls-devel] GnuTLS | tests/tls13-early-data-neg2: avoid a
 small memory leak (!1969)
In-Reply-To: <merge_request_394205991@gitlab.com>
References: <reply-f2e1f8fbf5d776528e384d6b27b65909@gitlab.com>
 <merge_request_394205991@gitlab.com>
Message-ID: <mailman.6243.1751380828.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno started a new discussion on tests/tls13-early-data-neg2.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1969#note_2596816622

 >  
 >  		if (t < 2) {
 >  			/* get the session data size */
 > +			if (session_data.data)
 > +				gnutls_free(session_data.data);

I would prefer calling `gnutls_free` unconditionally without the check.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1969#note_2596816622
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250701/7d8cf743/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  1 16:43:08 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 01 Jul 2025 14:43:08 +0000
Subject: [gnutls-devel] GnuTLS | tests/tls13-early-data-neg2: avoid a
 small memory leak (!1969)
In-Reply-To: <merge_request_394205991@gitlab.com>
References: <reply-71652e2e249c6d56c1e182e6e6bb3b17@gitlab.com>
 <merge_request_394205991@gitlab.com>
Message-ID: <mailman.6246.1751381053.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno started a new discussion on tests/tls13-early-data-neg2.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1969#note_2596830985

 >  					fail("client: unexpected non-zero value of max_early_data_size = %d\n",
 >  					     (int)gnutls_record_get_max_early_data_size(
 >  						     session));
 > -				if (gnutls_record_send_early_data(
 > -					    session, EARLY_MSG,
 > -					    sizeof(EARLY_MSG)) >= 0)
 > +				do {
 > +					ret = gnutls_record_send_early_data(
 > +						session, EARLY_MSG,
 > +						sizeof(EARLY_MSG));
 > +				} while (ret == GNUTLS_E_AGAIN ||

I wonder if this test could be rewritten without fork, so such check would be not necessary in the first place.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1969#note_2596830985
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250701/abafdba3/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  1 16:44:30 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 01 Jul 2025 14:44:30 +0000
Subject: [gnutls-devel] GnuTLS | src/danetool.c: Free str on error to
 avoid memory leak (!1963)
In-Reply-To: <merge_request_384132145@gitlab.com>
References: <reply-77418408e304dbad4a68e88d9da1fe52@gitlab.com>
 <merge_request_384132145@gitlab.com>
Message-ID: <mailman.6247.1751381128.18299.gnutls-devel@lists.gnutls.org>



All discussions on merge request !1963 were resolved by Daiki Ueno

https://gitlab.com/gnutls/gnutls/-/merge_requests/1963

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1963
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250701/1d790b0e/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  1 16:44:15 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 01 Jul 2025 14:44:15 +0000
Subject: [gnutls-devel] GnuTLS | src/danetool.c: Free str on error to
 avoid memory leak (!1963)
In-Reply-To: <merge_request_384132145@gitlab.com>
References: <reply-b59f725d01825ddc0e642be42d772481@gitlab.com>
 <merge_request_384132145@gitlab.com>
Message-ID: <mailman.6248.1751381136.18299.gnutls-devel@lists.gnutls.org>



Merge request !1963 was approved by Daiki Ueno
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1963
Project:Branches: JiashengJiang/gnutls:patch13 to gnutls/gnutls:master
Author: Jiasheng Jiang
Assignees: 
Reviewers: 

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250701/84789cb8/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  1 16:44:34 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 01 Jul 2025 14:44:34 +0000
Subject: [gnutls-devel] GnuTLS | src/danetool.c: Free str on error to
 avoid memory leak (!1963)
In-Reply-To: <merge_request_384132145@gitlab.com>
References: <reply-83c07888edaa5e5c10ca2dda8fb9b9cf@gitlab.com>
 <merge_request_384132145@gitlab.com>
Message-ID: <mailman.6252.1751381145.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1963#note_2596837838


Thank you!

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1963#note_2596837838
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250701/dcd9bf9e/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  1 16:45:12 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 01 Jul 2025 14:45:12 +0000
Subject: [gnutls-devel] GnuTLS | src/danetool.c: Free str on error to
 avoid memory leak (!1963)
In-Reply-To: <merge_request_384132145@gitlab.com>
References: <reply-e2bf0a031d431a115ec27208640e10e8@gitlab.com>
 <merge_request_384132145@gitlab.com>
Message-ID: <mailman.6253.1751381149.18299.gnutls-devel@lists.gnutls.org>



Merge request !1963 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1963
Project:Branches: JiashengJiang/gnutls:patch13 to gnutls/gnutls:master
Author: Jiasheng Jiang

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1963
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250701/4b695e64/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  1 16:48:06 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 01 Jul 2025 14:48:06 +0000
Subject: [gnutls-devel] GnuTLS | doc: fix typo in docs about system profile
 fallback (!1971)
References: <reply-138fb2e4f4cd16fd8b096feed3c60d0c@gitlab.com>
Message-ID: <mailman.6254.1751381321.18299.gnutls-devel@lists.gnutls.org>



Daniel P_ Berrang? created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1971

Project:Branches: berrange/gnutls:keyword-typo to gnutls/gnutls:master
Author:   Daniel P_ Berrang?




Docs for the system profile fallback syntax accidentally repeated
the "@" marker before each keyword. The "@" marker only indicates
the start of the profile field, and individual names are merely
separated by a comma, per the impl in 6b6d9dd44e.

Fixes 6f425b0fd7d860e9d78b7ba0d9c4d3165d824d7c

## Checklist
 * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author
 * [ ] Code modified for feature
 * [ ] Test suite updated with functionality tests
 * [ ] Test suite updated with negative tests
 * [ ] Documentation updated / NEWS entry present (for non-trivial changes)
 * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

## Reviewer's checklist:
 * [ ] Any issues marked for closing are addressed
 * [ ] There is a test suite reasonably covering new functionality or modifications
 * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
 * [ ] This feature/change has adequate documentation added
 * [ ] No obvious mistakes in the code

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1971
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250701/b4bce9ef/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  1 16:54:16 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 01 Jul 2025 14:54:16 +0000
Subject: [gnutls-devel] GnuTLS | doc: fix typo in docs about system
 profile fallback (!1971)
In-Reply-To: <merge_request_395389875@gitlab.com>
References: <reply-1b7a98966cab60333885acd631521996@gitlab.com>
 <merge_request_395389875@gitlab.com>
Message-ID: <mailman.6255.1751381689.18299.gnutls-devel@lists.gnutls.org>



Merge request !1971 was approved by Daiki Ueno
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1971
Project:Branches: berrange/gnutls:keyword-typo to gnutls/gnutls:master
Author: Daniel P_ Berrang?
Assignees: 
Reviewers: 

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250701/928009b1/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  1 16:54:25 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 01 Jul 2025 14:54:25 +0000
Subject: [gnutls-devel] GnuTLS | doc: fix typo in docs about system
 profile fallback (!1971)
In-Reply-To: <merge_request_395389875@gitlab.com>
References: <reply-74ce945ea37ef1d0c49fedacbe828a49@gitlab.com>
 <merge_request_395389875@gitlab.com>
Message-ID: <mailman.6258.1751381727.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1971#note_2596885556


Thank you!

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1971#note_2596885556
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250701/c4df398c/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  1 16:54:56 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 01 Jul 2025 14:54:56 +0000
Subject: [gnutls-devel] GnuTLS | doc: fix typo in docs about system
 profile fallback (!1971)
In-Reply-To: <merge_request_395389875@gitlab.com>
References: <reply-d1a1e39c8853e9128cd8594c775d00c8@gitlab.com>
 <merge_request_395389875@gitlab.com>
Message-ID: <mailman.6259.1751381758.18299.gnutls-devel@lists.gnutls.org>



Merge request !1971 was set to auto-merge by Daiki Ueno
Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1971
Project:Branches: berrange/gnutls:keyword-typo to gnutls/gnutls:master
Author: Daniel P_ Berrang?
Assignees: 
Reviewers: 

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250701/080e108b/attachment.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  2 11:44:50 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 02 Jul 2025 09:44:50 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA private
 keys in CHOICE format (!1972)
References: <reply-ad36744c3db35b92d499ed0ab5ae78fb@gitlab.com>
Message-ID: <mailman.6274.1751449554.18299.gnutls-devel@lists.gnutls.org>



Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972

Project:Branches: dueno/gnutls:wip/dueno/mldsa-followup2 to gnutls/gnutls:master
Author:   Daiki Ueno




<!-- Add a description of the new feature/bug fix. Reference any relevant bugs. -->

This extends the acceptable formats of ML-DSA private keys to the
three formats defined in draft-ietf-lamps-dilithium-certificates-12,
section 6, namely: "seed", "expandedKey", and "both". The legacy
format compatible with liboqs/oqsprovider is still accepted and the
default output format for now.

## Checklist
 * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author
 * [x] Code modified for feature
 * [x] Test suite updated with functionality tests
 * [ ] Test suite updated with negative tests
 * [ ] Documentation updated / NEWS entry present (for non-trivial changes)
 * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

## Reviewer's checklist:
 * [ ] Any issues marked for closing are addressed
 * [ ] There is a test suite reasonably covering new functionality or modifications
 * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
 * [ ] This feature/change has adequate documentation added
 * [ ] No obvious mistakes in the code

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250702/da651362/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  2 12:09:56 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 02 Jul 2025 10:09:56 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <merge_request_395591165@gitlab.com>
References: <reply-4a2c42f775da55cf537e24feb0eb5aa1@gitlab.com>
 <merge_request_395591165@gitlab.com>
Message-ID: <mailman.6279.1751451084.18299.gnutls-devel@lists.gnutls.org>




Alicja Kario (@mention me if you need reply) started a new discussion on lib/x509/privkey_pkcs8.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2598449985

 >  		}
 >  	}
 >  
 > +	/* Append an empty publicKey field.
 > +	 */
 > +	result = asn1_write_value(*pkey_info, "publicKey", NULL, 0);

I don't think it's mandatory to include it...
I'm pretty sure that the test vectors don't have it...

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2598449985
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250702/ee1ace25/attachment.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  2 12:15:39 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 02 Jul 2025 10:15:39 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <merge_request_395591165@gitlab.com>
References: <reply-8ffda21ff06681147e695d609f81a21a@gitlab.com>
 <merge_request_395591165@gitlab.com>
Message-ID: <mailman.6280.1751451372.18299.gnutls-devel@lists.gnutls.org>




Alicja Kario (@mention me if you need reply) started a new discussion on lib/gnutls.asn: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2598466472

 >      privkey         OCTET STRING
 >  }
 >  
 > +-- Legacy private key format defined in
 > +-- draft-ietf-lamps-dilithium-certificates-04, section 6

it's not that either, as the liboqs format puts both the private key and public key in the `privateKey` field?

Or will gnutls allow a fifth format?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2598466472
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250702/cb04ebf5/attachment.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  2 12:17:11 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 02 Jul 2025 10:17:11 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <merge_request_395591165@gitlab.com>
References: <reply-fc2878d67f70825691fdfae7976be56b@gitlab.com>
 <merge_request_395591165@gitlab.com>
Message-ID: <mailman.6281.1751451464.18299.gnutls-devel@lists.gnutls.org>




Alicja Kario (@mention me if you need reply) commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2598470657


I do see test keys, but how do we verify that all three result in the same expanded key after loading?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2598470657
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250702/3b56fa63/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  2 12:59:20 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 02 Jul 2025 10:59:20 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <note_2598449985@gitlab.com>
References: <reply-c521221fbfbd929453d05bb2257ffa02@gitlab.com>
 <merge_request_395591165@gitlab.com> <note_2598449985@gitlab.com>
Message-ID: <mailman.6286.1751454025.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented on a discussion on lib/x509/privkey_pkcs8.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2598574402

 >  		}
 >  	}
 >  
 > +	/* Append an empty publicKey field.
 > +	 */
 > +	result = asn1_write_value(*pkey_info, "publicKey", NULL, 0);

This does not affect the output format, but just indicates that the "publicKey" field is empty.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2598574402
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250702/095823ea/attachment.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  2 13:01:08 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 02 Jul 2025 11:01:08 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <note_2598466472@gitlab.com>
References: <reply-644217e49ed306a51175956f9241d624@gitlab.com>
 <merge_request_395591165@gitlab.com> <note_2598466472@gitlab.com>
Message-ID: <mailman.6287.1751454138.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented on a discussion on lib/gnutls.asn: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2598578440

 >      privkey         OCTET STRING
 >  }
 >  
 > +-- Legacy private key format defined in
 > +-- draft-ietf-lamps-dilithium-certificates-04, section 6

That depends on whether the "version" field is 0 or 1. If 0, we used to concatenate a private key and a public key; if it is 1, a public key was stored in a separate field.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2598578440
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250702/6764fbb7/attachment.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  2 13:01:08 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 02 Jul 2025 11:01:08 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <merge_request_395591165@gitlab.com>
References: <reply-e38ca12f4d28577884d23466ff9aac30@gitlab.com>
 <merge_request_395591165@gitlab.com>
Message-ID: <mailman.6288.1751454146.18299.gnutls-devel@lists.gnutls.org>



All discussions on merge request !1972 were resolved by Daiki Ueno

https://gitlab.com/gnutls/gnutls/-/merge_requests/1972

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250702/604cf496/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 01:51:39 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 02 Jul 2025 23:51:39 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <note_2598470657@gitlab.com>
References: <reply-222ca3fa09d15482db65c7907850b723@gitlab.com>
 <merge_request_395591165@gitlab.com> <note_2598470657@gitlab.com>
Message-ID: <mailman.6337.1751500404.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2600059541


Oh, I forgot to commit the changes to tests/mldsa.sh. Should now be there.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2600059541
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250702/8db0843f/attachment.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 01:52:48 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 02 Jul 2025 23:52:48 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <merge_request_395591165@gitlab.com>
References: <reply-a9b53b37b40216eb1b62529b1e6d2f12@gitlab.com>
 <merge_request_395591165@gitlab.com>
Message-ID: <mailman.6338.1751500426.18299.gnutls-devel@lists.gnutls.org>



Reassigned merge request 1972

https://gitlab.com/gnutls/gnutls/-/merge_requests/1972

Daiki Ueno was added as an assignee.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250702/b79b7064/attachment.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 01:53:05 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 02 Jul 2025 23:53:05 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <merge_request_395591165@gitlab.com>
References: <reply-95eef1b7ba4ac0ce6364ba17a6e8a2dc@gitlab.com>
 <merge_request_395591165@gitlab.com>
Message-ID: <mailman.6339.1751500459.18299.gnutls-devel@lists.gnutls.org>



Alicja Kario (@mention me if you need reply) was added as a reviewer.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250702/2e2ad703/attachment.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 01:53:16 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 02 Jul 2025 23:53:16 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <merge_request_395591165@gitlab.com>
References: <reply-64010ad2f28396b6c6b747c5e2ea7fed@gitlab.com>
 <merge_request_395591165@gitlab.com>
Message-ID: <mailman.6340.1751500463.18299.gnutls-devel@lists.gnutls.org>



Milestone changed to Release of GnuTLS 3.8.10 (Feb 7, 2025?Jul 31, 2025) ( https://gitlab.com/gnutls/gnutls/-/milestones/48 )

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250702/59f3d4f0/attachment.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 02:07:35 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Thu, 03 Jul 2025 00:07:35 +0000
Subject: [gnutls-devel] GnuTLS | doc: fix typo in docs about system
 profile fallback (!1971)
In-Reply-To: <merge_request_395389875@gitlab.com>
References: <reply-60b293cb0270b2ad8b9303a6ea1ccbdb@gitlab.com>
 <merge_request_395389875@gitlab.com>
Message-ID: <mailman.6342.1751501351.18299.gnutls-devel@lists.gnutls.org>



Merge request !1971 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1971
Project:Branches: berrange/gnutls:keyword-typo to gnutls/gnutls:master
Author: Daniel P_ Berrang?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1971
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250703/7b9a6d73/attachment.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 09:11:12 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Thu, 03 Jul 2025 07:11:12 +0000
Subject: [gnutls-devel] GnuTLS | Draft: pubkey: fix byte/bit confusion in
 public key sizes of ML-DSA (!1973)
References: <reply-12e46a9d93a907e75b0e10e220bb191f@gitlab.com>
Message-ID: <mailman.6350.1751526737.18299.gnutls-devel@lists.gnutls.org>



Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973

Project:Branches: dueno/gnutls:wip/dueno/mldsa-followup3 to gnutls/gnutls:master
Author:   Daiki Ueno




<!-- Add a description of the new feature/bug fix. Reference any relevant bugs. -->

This is an encoding counterpart of !1972.

## Checklist
 * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author
 * [ ] Code modified for feature
 * [ ] Test suite updated with functionality tests
 * [ ] Test suite updated with negative tests
 * [ ] Documentation updated / NEWS entry present (for non-trivial changes)
 * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

## Reviewer's checklist:
 * [ ] Any issues marked for closing are addressed
 * [ ] There is a test suite reasonably covering new functionality or modifications
 * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
 * [ ] This feature/change has adequate documentation added
 * [ ] No obvious mistakes in the code

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250703/47d17ff8/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 09:17:18 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Thu, 03 Jul 2025 07:17:18 +0000
Subject: [gnutls-devel] GnuTLS | Draft: x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-4765b1652c3fd914d7dd6553f51a4b22@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6353.1751527082.18299.gnutls-devel@lists.gnutls.org>



Daiki Ueno marked merge request !1973 as draft

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250703/260e6fda/attachment.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 12:42:55 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Thu, 03 Jul 2025 10:42:55 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <merge_request_395591165@gitlab.com>
References: <reply-2c287c6f93d5c81e4a701ef980689b30@gitlab.com>
 <merge_request_395591165@gitlab.com>
Message-ID: <mailman.6355.1751539413.18299.gnutls-devel@lists.gnutls.org>




Alicja Kario (@mention me if you need reply) commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2601164994


LGTM

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972#note_2601164994
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250703/abc76622/attachment.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 12:42:54 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Thu, 03 Jul 2025 10:42:54 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <merge_request_395591165@gitlab.com>
References: <reply-2f6ef57b2acbd752150b325edc2c4ee8@gitlab.com>
 <merge_request_395591165@gitlab.com>
Message-ID: <mailman.6356.1751539416.18299.gnutls-devel@lists.gnutls.org>



Merge request !1972 was approved by Alicja Kario (@mention me if you need reply)
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972
Project:Branches: dueno/gnutls:wip/dueno/mldsa-followup2 to gnutls/gnutls:master
Author: Daiki Ueno
Assignee: Daiki Ueno
Reviewer: Alicja Kario (@mention me if you need reply)

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250703/64ce36b9/attachment.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 12:58:12 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Thu, 03 Jul 2025 10:58:12 +0000
Subject: [gnutls-devel] GnuTLS | Draft: x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-60644885dc66d3cbf5a3ce4a135c02cd@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6357.1751540332.18299.gnutls-devel@lists.gnutls.org>



Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1973 was reviewed by Alicja Kario (@mention me if you need reply)

--
  
Alicja Kario (@mention me if you need reply) started a new discussion on lib/x509/privkey_pkcs8.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2601200960

 > +	 * parse it manually */
 > +	if (raw_key->size == 34 && raw_key->data[0] == 0x80 &&
 > +	    raw_key->data[1] == 0x20) {

this is more on the level of a nit than an actual issue, but I think it would be nicer to check if the first byte is `0x80` as that indicates that this is the `[0]` context-specific implicit tag, and only then check for length, and reject it if it is wrong, with a more specific error message


-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250703/b3f485bb/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 12:58:13 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Thu, 03 Jul 2025 10:58:13 +0000
Subject: [gnutls-devel] GnuTLS | Draft: x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-564921d796641b7d93839893464da489@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6360.1751540341.18299.gnutls-devel@lists.gnutls.org>




Alicja Kario (@mention me if you need reply) commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2601201014


LGTM, with the exception of that one nit

I haven't checked if the test vectors match the drafts or if it interoperates with openssl though

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2601201014
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250703/e000713c/attachment.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 12:58:12 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Thu, 03 Jul 2025 10:58:12 +0000
Subject: [gnutls-devel] GnuTLS | Draft: x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-6494ed870e86daa79216b27a408aef81@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6361.1751540355.18299.gnutls-devel@lists.gnutls.org>



Merge request !1973 was approved by Alicja Kario (@mention me if you need reply)
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
Project:Branches: dueno/gnutls:wip/dueno/mldsa-followup3 to gnutls/gnutls:master
Author: Daiki Ueno
Assignees: 
Reviewers: 

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250703/0cece45f/attachment.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 22:16:43 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Thu, 03 Jul 2025 20:16:43 +0000
Subject: [gnutls-devel] GnuTLS | Add a way to show the default trust store
 configuration (#1720)
References: <reply-b94d1b329a85f302e09d7edc4aab1e74@gitlab.com>
Message-ID: <mailman.6388.1751573868.18299.gnutls-devel@lists.gnutls.org>



Sam Morris created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1720



## Description of the feature:
It would be useful if `gnutls-cli --list-config` would show what trust store option GnuTLS was configured with. Something like:

```
default-trust-store-pkcs11: pkcs11:
```

or

```
default-trust-store-file: /etc/ssl/certs/ca-certificates.crt
```

and so on.

## Applications that this feature may be relevant to:
User-facing feature. When I am configuring systems it's useful to be able to check how various TLS libraries are configured.

## Is this feature implemented in other libraries (and which)
N/A

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1720
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250703/8c9dcba7/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 22:51:56 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Thu, 03 Jul 2025 20:51:56 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <merge_request_395591165@gitlab.com>
References: <reply-1eb61c4eb1ac609e83375033be63e795@gitlab.com>
 <merge_request_395591165@gitlab.com>
Message-ID: <mailman.6391.1751575950.18299.gnutls-devel@lists.gnutls.org>



All discussions on merge request !1972 were resolved by Daiki Ueno

https://gitlab.com/gnutls/gnutls/-/merge_requests/1972

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250703/a490c3ec/attachment.html>

From gnutls-devel at lists.gnutls.org  Thu Jul  3 23:14:21 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Thu, 03 Jul 2025 21:14:21 +0000
Subject: [gnutls-devel] GnuTLS | x509: support decoding of ML-DSA
 private keys in CHOICE format (!1972)
In-Reply-To: <merge_request_395591165@gitlab.com>
References: <reply-bf60c18b8cd5480321b6a2429e7e3fb5@gitlab.com>
 <merge_request_395591165@gitlab.com>
Message-ID: <mailman.6392.1751577324.18299.gnutls-devel@lists.gnutls.org>



Merge request !1972 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972
Project:Branches: dueno/gnutls:wip/dueno/mldsa-followup2 to gnutls/gnutls:master
Author: Daiki Ueno
Assignee: Daiki Ueno
Reviewer: Alicja Kario (@mention me if you need reply)

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1972
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250703/9de8ce25/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 05:51:30 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 03:51:30 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-5b8fca323eea21ad83b126a159370378@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6404.1751601154.18299.gnutls-devel@lists.gnutls.org>



Daiki Ueno marked merge request !1973 as ready

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/5075aaeb/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 05:52:40 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 03:52:40 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <note_2601201014@gitlab.com>
References: <reply-ce5951210e9ac55dc2ad47f7e86850bb@gitlab.com>
 <merge_request_395887520@gitlab.com> <note_2601201014@gitlab.com>
Message-ID: <mailman.6405.1751601193.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2602647220


Added some roundtrip tests

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2602647220
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/4b3e6c01/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 06:37:58 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 04:37:58 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-437653316a32ea13a5c367cafbcb0bfa@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6406.1751603911.18299.gnutls-devel@lists.gnutls.org>



All discussions on merge request !1973 were resolved by Daiki Ueno

https://gitlab.com/gnutls/gnutls/-/merge_requests/1973

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/b5e6743d/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 06:37:57 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 04:37:57 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <note_2601200960@gitlab.com>
References: <reply-25253b60f28d9aaea043bb807d9c8ea5@gitlab.com>
 <merge_request_395887520@gitlab.com> <note_2601200960@gitlab.com>
Message-ID: <mailman.6407.1751603919.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented on a discussion on lib/x509/privkey_pkcs8.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2602678535

 >  	return ret;
 >  }
 >  
 > +static int decode_ml_dsa_inner_private_key(const gnutls_datum_t *raw_key,
 > +					   size_t raw_pub_size,
 > +					   size_t raw_priv_size,
 > +					   gnutls_x509_privkey_t pkey)
 > +{
 > +	int ret;
 > +	asn1_node inner_asn = NULL;
 > +
 > +	/* libtasn1 doesn't support encoding instructions in CHOICE,
 > +	 * parse it manually */
 > +	if (raw_key->size == 34 && raw_key->data[0] == 0x80 &&
 > +	    raw_key->data[1] == 0x20) {

I'm afraid that would make the control flow complicated as the other alternatives in the CHOICE is handled in the `else` branch. I'd leave it as is.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2602678535
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/fdd95301/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 08:39:31 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 06:39:31 +0000
Subject: [gnutls-devel] GnuTLS | algorithms: assign hash strength to ML-DSA
 signature algorithms (!1974)
References: <reply-338a743cef014d825d0598237d581c82@gitlab.com>
Message-ID: <mailman.6410.1751611235.18299.gnutls-devel@lists.gnutls.org>



Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1974

Project:Branches: dueno/gnutls:wip/dueno/mldsa-tls-fixes to gnutls/gnutls:master
Author:   Daiki Ueno




<!-- Add a description of the new feature/bug fix. Reference any relevant bugs. -->

The _gnutls_sign_get_hash_strength function previously returned 0 for
ML-DSA algorithms, preventing the security level check in certificate
signatures. This assigns the collision strength for commitment hashes,
as defined in FIPS 204, section 4, table 1.

## Checklist
 * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author
 * [ ] Code modified for feature
 * [ ] Test suite updated with functionality tests
 * [ ] Test suite updated with negative tests
 * [ ] Documentation updated / NEWS entry present (for non-trivial changes)
 * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

## Reviewer's checklist:
 * [ ] Any issues marked for closing are addressed
 * [ ] There is a test suite reasonably covering new functionality or modifications
 * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
 * [ ] This feature/change has adequate documentation added
 * [ ] No obvious mistakes in the code

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1974
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/750d5420/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 08:57:33 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 06:57:33 +0000
Subject: [gnutls-devel] GnuTLS | algorithms: assign hash strength to
 ML-DSA signature algorithms (!1974)
In-Reply-To: <merge_request_396175425@gitlab.com>
References: <reply-d51567f475a29e6c8e734feaca2b99b3@gitlab.com>
 <merge_request_396175425@gitlab.com>
Message-ID: <mailman.6411.1751612305.18299.gnutls-devel@lists.gnutls.org>



Reassigned merge request 1974

https://gitlab.com/gnutls/gnutls/-/merge_requests/1974

Daiki Ueno was added as an assignee.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1974
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/85af3621/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 08:57:32 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 06:57:32 +0000
Subject: [gnutls-devel] GnuTLS | algorithms: assign hash strength to
 ML-DSA signature algorithms (!1974)
In-Reply-To: <merge_request_396175425@gitlab.com>
References: <reply-b08d6fba1a31192b4f6b713e08b65260@gitlab.com>
 <merge_request_396175425@gitlab.com>
Message-ID: <mailman.6412.1751612320.18299.gnutls-devel@lists.gnutls.org>



Alicja Kario (@mention me if you need reply) was added as a reviewer.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1974
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/3ce229b0/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 08:57:55 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 06:57:55 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-6bbfa8dd715f478e1c0dddb92d7a3051@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6413.1751612337.18299.gnutls-devel@lists.gnutls.org>



Alicja Kario (@mention me if you need reply) was added as a reviewer.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/8fed787a/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 08:57:58 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 06:57:58 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-5496153b0915b2d81d79bd9ce8e95157@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6416.1751612340.18299.gnutls-devel@lists.gnutls.org>



Reassigned merge request 1973

https://gitlab.com/gnutls/gnutls/-/merge_requests/1973

Daiki Ueno was added as an assignee.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/ae7d750a/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 10:39:15 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 08:39:15 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-53df438854cdd07ed9efa0aeb0c1aef8@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6418.1751618418.18299.gnutls-devel@lists.gnutls.org>



Merge request !1973 was approved by Zolt?n Fridrich
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
Project:Branches: dueno/gnutls:wip/dueno/mldsa-followup3 to gnutls/gnutls:master
Author: Daiki Ueno
Assignee: Daiki Ueno
Reviewer: Alicja Kario (@mention me if you need reply)

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/447507c7/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 10:39:41 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 08:39:41 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-6d222ef5082f28e09db3a6752b7a1ff6@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6419.1751618444.18299.gnutls-devel@lists.gnutls.org>




Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2603041167


Looks nice. No mistakes spotted.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2603041167
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/751cacc0/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 10:52:53 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 08:52:53 +0000
Subject: [gnutls-devel] GnuTLS | algorithms: assign hash strength to
 ML-DSA signature algorithms (!1974)
In-Reply-To: <merge_request_396175425@gitlab.com>
References: <reply-5bb19afc6e688a6fd1cf9e044898d287@gitlab.com>
 <merge_request_396175425@gitlab.com>
Message-ID: <mailman.6420.1751619237.18299.gnutls-devel@lists.gnutls.org>



Merge request !1974 was approved by Alicja Kario (@mention me if you need reply)
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1974
Project:Branches: dueno/gnutls:wip/dueno/mldsa-tls-fixes to gnutls/gnutls:master
Author: Daiki Ueno
Assignee: Daiki Ueno
Reviewer: Alicja Kario (@mention me if you need reply)

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/8af781c9/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 10:52:54 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 08:52:54 +0000
Subject: [gnutls-devel] GnuTLS | algorithms: assign hash strength to
 ML-DSA signature algorithms (!1974)
In-Reply-To: <merge_request_396175425@gitlab.com>
References: <reply-a4b7ee41e3ab636ff017e810c187738c@gitlab.com>
 <merge_request_396175425@gitlab.com>
Message-ID: <mailman.6423.1751619245.18299.gnutls-devel@lists.gnutls.org>




Alicja Kario (@mention me if you need reply) commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1974#note_2603066655


LGTM

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1974#note_2603066655
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/0cebb346/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 11:02:51 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 09:02:51 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-c00a3520e866933dededae5dff629520@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6424.1751619805.18299.gnutls-devel@lists.gnutls.org>



Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1973 was reviewed by Alexander Sosedkin

--
  
Alexander Sosedkin started a new discussion on lib/x509/privkey_pkcs8.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2603089825

 > +
 > +	if (flags & GNUTLS_PKCS_MLDSA_SEED)
 > +		format |= 1 << 0;

maybe use enum values instead of magic constants?

--
  
Alexander Sosedkin started a new discussion on lib/x509/privkey_pkcs8.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2603089835

 > +	ML_DSA_PRIVKEY_FORMAT_SEED,
 > +	ML_DSA_PRIVKEY_FORMAT_EXPANDED,
 > +	ML_DSA_PRIVKEY_FORMAT_BOTH

I'd find verifying `ML_DSA_PRIVKEY_FORMAT_BOTH == ML_DSA_PRIVKEY_FORMAT_EXPANDED | ML_DSA_PRIVKEY_FORMAT_SEED` easier if the numbers were spelled out.

--
  
Alexander Sosedkin started a new discussion on src/certtool-options.json: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2603089842

 > +          "long-option": "key-format",
 > +          "description": "Specify the key format to use on key generation",
 > +          "detail": "This option can be combined with --generate-privkey, to specify\nthe key format to be generated, when the key type is ML-DSA. Valid options are, 'seed', 'expanded', and 'both'.",

Should it error out when the key type is not ML-DSA? Just to reduce confusion and to not support ignoring it when it's not.


-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/0756c8f0/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 11:03:08 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 09:03:08 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-c3b1cf64ee61cfcca028d9fb352d82e9@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6425.1751619852.18299.gnutls-devel@lists.gnutls.org>




Alicja Kario (@mention me if you need reply) commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2603090423


still looks good :smile:

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2603090423
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/97a877f6/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 11:16:55 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 09:16:55 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <note_2603140273@gitlab.com>
References: <reply-fc81586653a70e9b6f84e02122c54666@gitlab.com>
 <merge_request_395887520@gitlab.com> <note_2603089835@gitlab.com>
 <note_2603140273@gitlab.com>
Message-ID: <mailman.6428.1751620678.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented on a discussion on lib/x509/privkey_pkcs8.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2603142256

 >  #define PEM_PKCS8 "ENCRYPTED PRIVATE KEY"
 >  #define PEM_UNENCRYPTED_PKCS8 "PRIVATE KEY"
 >  
 > +typedef enum ml_dsa_privkey_format_t {
 > +	ML_DSA_PRIVKEY_FORMAT_UNKNOWN = 0,
 > +	ML_DSA_PRIVKEY_FORMAT_SEED,
 > +	ML_DSA_PRIVKEY_FORMAT_EXPANDED,
 > +	ML_DSA_PRIVKEY_FORMAT_BOTH

Good idea, rewrote in that way.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2603142256
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/29eb771d/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 11:19:11 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 09:19:11 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-94f12e27f49968e2dc995730ea12d73e@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6429.1751620785.18299.gnutls-devel@lists.gnutls.org>



All discussions on merge request !1973 were resolved by Daiki Ueno

https://gitlab.com/gnutls/gnutls/-/merge_requests/1973

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/8a792773/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 11:19:14 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 09:19:14 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <note_2603089842@gitlab.com>
References: <reply-467c3e0de0d8965879554b0ec451356c@gitlab.com>
 <merge_request_395887520@gitlab.com> <note_2603089842@gitlab.com>
Message-ID: <mailman.6430.1751620787.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented on a discussion on src/certtool-options.json: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2603147005

 >            "detail": "This option can be combined with --generate-privkey, to specify\nthe key type to be generated. Valid options are, 'rsa', 'rsa-pss', 'rsa-oaep', 'dsa', 'ecdsa', 'ed25519, 'ed448', 'x25519', and 'x448'.'.\nWhen combined with certificate generation it can be used to specify an\nRSA-PSS certificate when an RSA key is given.",
 >            "argument-type": "string"
 >          },
 > +        {
 > +          "long-option": "key-format",
 > +          "description": "Specify the key format to use on key generation",
 > +          "detail": "This option can be combined with --generate-privkey, to specify\nthe key format to be generated, when the key type is ML-DSA. Valid options are, 'seed', 'expanded', and 'both'.",

It would be too complicated to implement, as in some cases (e.g., `certtool -k`) the key type is known only after decoding the key itself. I'd leave it as-is, as most of the other options that don't take effect are simply ignored.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973#note_2603147005
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/a92ca03b/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 11:35:56 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 09:35:56 +0000
Subject: [gnutls-devel] GnuTLS | algorithms: assign hash strength to
 ML-DSA signature algorithms (!1974)
In-Reply-To: <merge_request_396175425@gitlab.com>
References: <reply-2780266ab6bf030cb5b4219d41f95ede@gitlab.com>
 <merge_request_396175425@gitlab.com>
Message-ID: <mailman.6433.1751621838.18299.gnutls-devel@lists.gnutls.org>



Merge request !1974 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1974
Project:Branches: dueno/gnutls:wip/dueno/mldsa-tls-fixes to gnutls/gnutls:master
Author: Daiki Ueno
Assignee: Daiki Ueno
Reviewer: Alicja Kario (@mention me if you need reply)

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1974
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/2383d22f/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 13:49:04 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 11:49:04 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-b21f417a335a64d99ec07c5dfc1719af@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6434.1751629808.18299.gnutls-devel@lists.gnutls.org>



Merge request !1973 was approved by Alexander Sosedkin
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
Project:Branches: dueno/gnutls:wip/dueno/mldsa-followup3 to gnutls/gnutls:master
Author: Daiki Ueno
Assignee: Daiki Ueno
Reviewer: Alicja Kario (@mention me if you need reply)

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/2a0d6922/attachment.html>

From gnutls-devel at lists.gnutls.org  Fri Jul  4 14:13:18 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Fri, 04 Jul 2025 12:13:18 +0000
Subject: [gnutls-devel] GnuTLS | x509: support encoding of ML-DSA
 private keys in CHOICE format (!1973)
In-Reply-To: <merge_request_395887520@gitlab.com>
References: <reply-71104982e0eeb29fdcbd7b4994848045@gitlab.com>
 <merge_request_395887520@gitlab.com>
Message-ID: <mailman.6435.1751631260.18299.gnutls-devel@lists.gnutls.org>



Merge request !1973 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
Project:Branches: dueno/gnutls:wip/dueno/mldsa-followup3 to gnutls/gnutls:master
Author: Daiki Ueno
Assignee: Daiki Ueno
Reviewer: Alicja Kario (@mention me if you need reply)

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1973
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250704/8b4bb818/attachment.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:01:11 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:01:11 +0000
Subject: [gnutls-devel] GnuTLS | Minor build fixes for pkcs11-provider
 (!1975)
In-Reply-To: <merge_request_396368430@gitlab.com>
References: <reply-d68eb0778bee2a10bc549a3635bdf1f0@gitlab.com>
 <merge_request_396368430@gitlab.com>
Message-ID: <mailman.6466.1751673734.18299.gnutls-devel@lists.gnutls.org>



Zolt?n Fridrich was added as a reviewer.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1975
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/68501d24/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:01:13 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:01:13 +0000
Subject: [gnutls-devel] GnuTLS | Minor build fixes for pkcs11-provider
 (!1975)
References: <reply-70531e233cb67408fba0eb5b2507c6e9@gitlab.com>
Message-ID: <mailman.6469.1751673742.18299.gnutls-devel@lists.gnutls.org>



Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1975

Project:Branches: dueno/gnutls:wip/dueno/pkcs11-provider-fixes to gnutls/gnutls:master
Author:   Daiki Ueno

Reviewer: Zolt?n Fridrich


<!-- Add a description of the new feature/bug fix. Reference any relevant bugs. -->

* build: fix build with --with-included-libtasn1

As libminitasn1.la is always built a static library, linking it twice
makes linking fail because of duplicated symbols.

* pkcs11: stop including <nettle/bignum.h>

The header is unused and causing compile error on macOS homebrew:
```
  In file included from p11_pk.c:32:
  /opt/homebrew/Cellar/nettle/3.10.2/include/nettle/bignum.h:50:11: fatal error: 'gmp.h' file not found
  # include <gmp.h>
            ^~~~~~~
  1 error generated.
```
## Checklist
 * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author
 * [ ] Code modified for feature
 * [ ] Test suite updated with functionality tests
 * [ ] Test suite updated with negative tests
 * [ ] Documentation updated / NEWS entry present (for non-trivial changes)
 * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

## Reviewer's checklist:
 * [ ] Any issues marked for closing are addressed
 * [ ] There is a test suite reasonably covering new functionality or modifications
 * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
 * [ ] This feature/change has adequate documentation added
 * [ ] No obvious mistakes in the code

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1975
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/6d42620e/attachment.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:47:17 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:47:17 +0000
Subject: [gnutls-devel] GnuTLS | src/common.c: Move gnutls_free() out of
 out lable to avoid double free (!1966)
In-Reply-To: <merge_request_387147656@gitlab.com>
References: <reply-a0f77d5597948aa6632c671c1659cbac@gitlab.com>
 <merge_request_387147656@gitlab.com>
Message-ID: <mailman.6470.1751676469.18299.gnutls-devel@lists.gnutls.org>



Merge request !1966 was closed by Daiki Ueno
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1966
Project:Branches: JiashengJiang/gnutls:patch14 to gnutls/gnutls:master
Author: Jiasheng Jiang
Assignees: 
Reviewers: 

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1966
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/68d46b18/attachment.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:47:30 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:47:30 +0000
Subject: [gnutls-devel] GnuTLS | src/common.c: Move gnutls_free() out of
 out lable to avoid double free (!1966)
In-Reply-To: <merge_request_387147656@gitlab.com>
References: <reply-9fbf559754abd92f67ba49acd123fc97@gitlab.com>
 <merge_request_387147656@gitlab.com>
Message-ID: <mailman.6471.1751676483.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1966#note_2604423354


Closing as this seems like a non-issue.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1966#note_2604423354
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/458e50e2/attachment.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:48:51 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:48:51 +0000
Subject: [gnutls-devel] GnuTLS | tests/x509-cert-callback.c: Free p and
 certs on error to avoid memory leak (!1960)
In-Reply-To: <merge_request_384131831@gitlab.com>
References: <reply-647849fa658e808c05093c711dceea13@gitlab.com>
 <merge_request_384131831@gitlab.com>
Message-ID: <mailman.6472.1751676565.18299.gnutls-devel@lists.gnutls.org>



Merge request !1960 was approved by Daiki Ueno
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1960
Project:Branches: JiashengJiang/gnutls:patch10 to gnutls/gnutls:master
Author: Jiasheng Jiang
Assignees: 
Reviewers: 

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/39d6ae87/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:49:10 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:49:10 +0000
Subject: [gnutls-devel] GnuTLS | tests/x509-cert-callback.c: Free p and
 certs on error to avoid memory leak (!1960)
In-Reply-To: <merge_request_384131831@gitlab.com>
References: <reply-7870be61296a86f05e4c3a61a40e57c6@gitlab.com>
 <merge_request_384131831@gitlab.com>
Message-ID: <mailman.6475.1751676614.18299.gnutls-devel@lists.gnutls.org>



Merge request !1960 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1960
Project:Branches: JiashengJiang/gnutls:patch10 to gnutls/gnutls:master
Author: Jiasheng Jiang

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1960
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/8d28779f/attachment.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:49:58 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:49:58 +0000
Subject: [gnutls-devel] GnuTLS | tests/x509-cert-callback-ocsp.c: Free p
 and certs on error to avoid memory leak (!1958)
In-Reply-To: <merge_request_384130492@gitlab.com>
References: <reply-810f8efe15090879e25bd492bd03e125@gitlab.com>
 <merge_request_384130492@gitlab.com>
Message-ID: <mailman.6476.1751676631.18299.gnutls-devel@lists.gnutls.org>



Merge request !1958 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1958
Project:Branches: JiashengJiang/gnutls:patch8 to gnutls/gnutls:master
Author: Jiasheng Jiang

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1958
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/3546a033/attachment.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:49:48 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:49:48 +0000
Subject: [gnutls-devel] GnuTLS | tests/x509-cert-callback-ocsp.c: Free p
 and certs on error to avoid memory leak (!1958)
In-Reply-To: <merge_request_384130492@gitlab.com>
References: <reply-b82fe3c9942361bc46b9aa445f824a82@gitlab.com>
 <merge_request_384130492@gitlab.com>
Message-ID: <mailman.6477.1751676651.18299.gnutls-devel@lists.gnutls.org>



Merge request !1958 was approved by Daiki Ueno
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1958
Project:Branches: JiashengJiang/gnutls:patch8 to gnutls/gnutls:master
Author: Jiasheng Jiang
Assignees: 
Reviewers: 

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/f63b7786/attachment.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:52:03 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:52:03 +0000
Subject: [gnutls-devel] GnuTLS | lib/ext/srp.c: Add gnutls_free() to
 avoid memory leak (!1956)
In-Reply-To: <merge_request_383054299@gitlab.com>
References: <reply-a3b4b28d1d1a6d37e33d463f5b7ad8e6@gitlab.com>
 <merge_request_383054299@gitlab.com>
Message-ID: <mailman.6478.1751676756.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno started a new discussion on lib/ext/srp.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1956#note_2604424109

 >  
 >  		priv->password = gnutls_strdup(cred->password);
 >  		if (priv->password == NULL) {
 > +			gnutls_free(priv->username);
 >  			gnutls_assert();

Not a fault of this MR, but shouldn't we also set `ret` here (e.g., `GNUTLS_E_MEMORY_ERROR`)?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1956#note_2604424109
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/c895a404/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:54:27 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:54:27 +0000
Subject: [gnutls-devel] GnuTLS | lib/x509/x509_ext.c: Add gnutls_free()
 to avoid memory leak (!1954)
In-Reply-To: <merge_request_383029575@gitlab.com>
References: <reply-3b26f0ffb6b3a6519f9a0d924582cb04@gitlab.com>
 <merge_request_383029575@gitlab.com>
Message-ID: <mailman.6481.1751676899.18299.gnutls-devel@lists.gnutls.org>



Merge request !1954 was approved by Daiki Ueno
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1954
Project:Branches: JiashengJiang/gnutls:patch4 to gnutls/gnutls:master
Author: Jiasheng Jiang
Assignees: 
Reviewers: 

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/0122ec6e/attachment.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:55:12 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:55:12 +0000
Subject: [gnutls-devel] GnuTLS | lib/x509/x509_ext.c: Add gnutls_free()
 to avoid memory leak (!1954)
In-Reply-To: <merge_request_383029575@gitlab.com>
References: <reply-81a9bd2cace6ca90a3a164c57a146340@gitlab.com>
 <merge_request_383029575@gitlab.com>
Message-ID: <mailman.6482.1751676975.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1954#note_2604424677


LGTM, thanks!

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1954#note_2604424677
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/b7eb39ed/attachment.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:55:20 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:55:20 +0000
Subject: [gnutls-devel] GnuTLS | lib/x509/x509_ext.c: Add gnutls_free()
 to avoid memory leak (!1954)
In-Reply-To: <merge_request_383029575@gitlab.com>
References: <reply-12fdb3b430b9f06dac48df688b5b4ce6@gitlab.com>
 <merge_request_383029575@gitlab.com>
Message-ID: <mailman.6483.1751676982.18299.gnutls-devel@lists.gnutls.org>



Merge request !1954 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1954
Project:Branches: JiashengJiang/gnutls:patch4 to gnutls/gnutls:master
Author: Jiasheng Jiang

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1954
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/05d8f1b8/attachment.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:56:38 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:56:38 +0000
Subject: [gnutls-devel] GnuTLS | lib/hello_ext.c: Add gnutls_free() to
 avoid memory leak (!1955)
In-Reply-To: <merge_request_383048490@gitlab.com>
References: <reply-a781456232d7f742e1a310e0e92e8f32@gitlab.com>
 <merge_request_383048490@gitlab.com>
Message-ID: <mailman.6484.1751677029.18299.gnutls-devel@lists.gnutls.org>



Merge request !1955 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1955
Project:Branches: JiashengJiang/gnutls:patch5 to gnutls/gnutls:master
Author: Jiasheng Jiang

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1955
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/709bf881/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Sat Jul  5 02:56:27 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sat, 05 Jul 2025 00:56:27 +0000
Subject: [gnutls-devel] GnuTLS | lib/hello_ext.c: Add gnutls_free() to
 avoid memory leak (!1955)
In-Reply-To: <merge_request_383048490@gitlab.com>
References: <reply-3f46cb8e0740dd91dbd0f245a363945b@gitlab.com>
 <merge_request_383048490@gitlab.com>
Message-ID: <mailman.6487.1751677050.18299.gnutls-devel@lists.gnutls.org>



Merge request !1955 was approved by Daiki Ueno
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1955
Project:Branches: JiashengJiang/gnutls:patch5 to gnutls/gnutls:master
Author: Jiasheng Jiang
Assignees: 
Reviewers: 

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250705/b426fb19/attachment.html>

From gnutls-devel at lists.gnutls.org  Sun Jul  6 17:33:50 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sun, 06 Jul 2025 15:33:50 +0000
Subject: [gnutls-devel] GnuTLS | Expose HPKE through abstract key API
 [BASE+PSK] (!1976)
References: <reply-8098c0bd70b9c4dd97ada4234aaaab1c@gitlab.com>
Message-ID: <mailman.6542.1751816096.18299.gnutls-devel@lists.gnutls.org>



David Dudas created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1976

Project:Branches: d-Dudas/gnutls:dev/ddudas/hpke to gnutls/gnutls:master
Author:   David Dudas




<!-- Add a description of the new feature/bug fix. Reference any relevant bugs. -->

* Porting HPKE - a new adaptation of !1749 by @poenix
* Expose HPKE through abstract key API - currently just base + psk.

## Checklist
 * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author
 * [x] Code modified for feature
 * [x] Test suite updated with functionality tests
 * [x] Test suite updated with negative tests
 * [ ] Documentation updated / NEWS entry present (for non-trivial changes)
 * [x] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

## Reviewer's checklist:
 * [ ] Any issues marked for closing are addressed
 * [ ] There is a test suite reasonably covering new functionality or modifications
 * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
 * [ ] This feature/change has adequate documentation added
 * [ ] No obvious mistakes in the code

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1976
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250706/92ebd0d8/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 01:10:58 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sun, 06 Jul 2025 23:10:58 +0000
Subject: [gnutls-devel] GnuTLS | Add a way to show the default trust
 store configuration (#1720)
In-Reply-To: <issue_170041322@gitlab.com>
References: <reply-b19f891b4dfdc2403826d2b332cfb834@gitlab.com>
 <issue_170041322@gitlab.com>
Message-ID: <mailman.6558.1751843533.18299.gnutls-devel@lists.gnutls.org>



Milestone changed to Release of GnuTLS 3.8.10 (Feb 7, 2025?Jul 31, 2025) ( https://gitlab.com/gnutls/gnutls/-/milestones/48 )

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1720
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250706/8dafe54f/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 01:10:54 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sun, 06 Jul 2025 23:10:54 +0000
Subject: [gnutls-devel] GnuTLS | Add a way to show the default trust
 store configuration (#1720)
In-Reply-To: <issue_170041322@gitlab.com>
References: <reply-eef4bb6e179f64067fc865661791eaff@gitlab.com>
 <issue_170041322@gitlab.com>
Message-ID: <mailman.6559.1751843537.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1720#note_2606447439


Thank you for the suggestion; that makes sense to me (and would be trivial to implement).

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1720#note_2606447439
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250706/fb9e28df/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 01:50:24 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Sun, 06 Jul 2025 23:50:24 +0000
Subject: [gnutls-devel] GnuTLS | Expose HPKE through abstract key API
 [BASE+PSK] (!1976)
In-Reply-To: <merge_request_396592980@gitlab.com>
References: <reply-2b23c92a558eefbf437cb5cd7adfc37b@gitlab.com>
 <merge_request_396592980@gitlab.com>
Message-ID: <mailman.6562.1751845888.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno started a new discussion on lib/includes/gnutls/abstract.h: https://gitlab.com/gnutls/gnutls/-/merge_requests/1976#note_2606457953

 >  			gnutls_certificate_print_formats_t format,
 >  			gnutls_datum_t *out);
 >  
 > +int gnutls_privkey_encap(gnutls_pubkey_t pkR, gnutls_datum_t psk,
 > +			 gnutls_hpke_mode_t mode, gnutls_pubkey_t *pkE,

Although this is suggested in the original issue, I would not hard-wire this API to HPKE, now that we also have ML-KEM. Perhaps `mode` could be turned into a flag, e.g., adding a `gnutls_pk_encapsulate_flags_t`? PSK might deserve a new API function though.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1976#note_2606457953
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250706/dcdbd006/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 09:13:22 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 07:13:22 +0000
Subject: [gnutls-devel] GnuTLS | Minor build fixes for pkcs11-provider
 (!1975)
In-Reply-To: <merge_request_396368430@gitlab.com>
References: <reply-8c202262fcdf7f92f55c94c5ab443e38@gitlab.com>
 <merge_request_396368430@gitlab.com>
Message-ID: <mailman.6564.1751872437.18299.gnutls-devel@lists.gnutls.org>



Merge request !1975 was approved by Zolt?n Fridrich
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1975
Project:Branches: dueno/gnutls:wip/dueno/pkcs11-provider-fixes to gnutls/gnutls:master
Author: Daiki Ueno
Assignees: 
Reviewer: Zolt?n Fridrich

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/7d6126f6/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 09:14:18 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 07:14:18 +0000
Subject: [gnutls-devel] GnuTLS | Minor build fixes for pkcs11-provider
 (!1975)
In-Reply-To: <merge_request_396368430@gitlab.com>
References: <reply-ec55c0c02044b336c7fd11870b2f2385@gitlab.com>
 <merge_request_396368430@gitlab.com>
Message-ID: <mailman.6567.1751872522.18299.gnutls-devel@lists.gnutls.org>




Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1975#note_2607179250


Thanks for spotting these. Looks good.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1975#note_2607179250
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/0c2e00d8/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 09:44:13 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 07:44:13 +0000
Subject: [gnutls-devel] GnuTLS | Minor build fixes for pkcs11-provider
 (!1975)
In-Reply-To: <merge_request_396368430@gitlab.com>
References: <reply-b1f819e68eaf52aeaa44eb9f1998cee0@gitlab.com>
 <merge_request_396368430@gitlab.com>
Message-ID: <mailman.6568.1751874287.18299.gnutls-devel@lists.gnutls.org>



Merge request !1975 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1975
Project:Branches: dueno/gnutls:wip/dueno/pkcs11-provider-fixes to gnutls/gnutls:master
Author: Daiki Ueno
Reviewer: Zolt?n Fridrich

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1975
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/5b609e37/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 10:10:48 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 08:10:48 +0000
Subject: [gnutls-devel] GnuTLS | Add documentation for the
 pkcs#11-provider (!1977)
In-Reply-To: <merge_request_396777200@gitlab.com>
References: <reply-9d13f2e4219e8e5890c38d389713f2a5@gitlab.com>
 <merge_request_396777200@gitlab.com>
Message-ID: <mailman.6569.1751875882.18299.gnutls-devel@lists.gnutls.org>



Reassigned merge request 1977

https://gitlab.com/gnutls/gnutls/-/merge_requests/1977

Zolt?n Fridrich was added as an assignee.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1977
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/b5018433/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 10:10:50 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 08:10:50 +0000
Subject: [gnutls-devel] GnuTLS | Add documentation for the pkcs#11-provider
 (!1977)
References: <reply-411e6aed2e4d693baa582891dabe5cee@gitlab.com>
Message-ID: <mailman.6570.1751875891.18299.gnutls-devel@lists.gnutls.org>



Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1977

Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master
Author:   Zolt?n Fridrich
Assignee: Zolt?n Fridrich
Reviewer: Daiki Ueno


<!-- Add a description of the new feature/bug fix. Reference any relevant bugs. -->

* Add NEWS entry for the PKCS#11 provider

Signed-off-by: Zoltan Fridrich <zfridric at redhat.com>

* Add documentation for the pkcs#11-provider

Signed-off-by: Zoltan Fridrich <zfridric at redhat.com>

## Checklist
 * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author
 * [ ] Code modified for feature
 * [ ] Test suite updated with functionality tests
 * [ ] Test suite updated with negative tests
 * [ ] Documentation updated / NEWS entry present (for non-trivial changes)
 * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

## Reviewer's checklist:
 * [ ] Any issues marked for closing are addressed
 * [ ] There is a test suite reasonably covering new functionality or modifications
 * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
 * [ ] This feature/change has adequate documentation added
 * [ ] No obvious mistakes in the code

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1977
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/6e1dee9b/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 10:10:48 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 08:10:48 +0000
Subject: [gnutls-devel] GnuTLS | Add documentation for the
 pkcs#11-provider (!1977)
In-Reply-To: <merge_request_396777200@gitlab.com>
References: <reply-9ed3fab6d9c2c02cdd6f3d032d4562ec@gitlab.com>
 <merge_request_396777200@gitlab.com>
Message-ID: <mailman.6573.1751875910.18299.gnutls-devel@lists.gnutls.org>



Daiki Ueno was added as a reviewer.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1977
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/bb8c277b/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 10:48:03 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 08:48:03 +0000
Subject: [gnutls-devel] GnuTLS | Add documentation for the
 pkcs#11-provider (!1977)
In-Reply-To: <merge_request_396777200@gitlab.com>
References: <reply-c8aa614cc7298d8a459fbeaeeac728d0@gitlab.com>
 <merge_request_396777200@gitlab.com>
Message-ID: <mailman.6574.1751878121.18299.gnutls-devel@lists.gnutls.org>



Merge request !1977 was approved by Daiki Ueno
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1977
Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master
Author: Zolt?n Fridrich
Assignee: Zolt?n Fridrich
Reviewer: Daiki Ueno

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/0e6d7f50/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 10:48:11 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 08:48:11 +0000
Subject: [gnutls-devel] GnuTLS | Add documentation for the
 pkcs#11-provider (!1977)
In-Reply-To: <merge_request_396777200@gitlab.com>
References: <reply-90ae61bbb6e6665057a36daf2ab6e42d@gitlab.com>
 <merge_request_396777200@gitlab.com>
Message-ID: <mailman.6575.1751878154.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1977#note_2607597927


Thank you!

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1977#note_2607597927
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/8c0375d6/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 12:17:07 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 10:17:07 +0000
Subject: [gnutls-devel] Guile-GnuTLS | 32bit time_t fixes. (!41)
In-Reply-To: <merge_request_376171852@gitlab.com>
References: <reply-26853052bb0b99cd0ddc180246cda07d@gitlab.com>
 <merge_request_376171852@gitlab.com>
Message-ID: <mailman.6578.1751883492.18299.gnutls-devel@lists.gnutls.org>




Dariqq commented: https://gitlab.com/gnutls/guile/-/merge_requests/41#note_2607826173


Hi @jas,

What do you think of this generally?
I am happy to make adjustments but I am not a fan of the tests failing when the platform cannot handle 64bit time_t

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/41#note_2607826173
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/91f10d68/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 23:48:17 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 21:48:17 +0000
Subject: [gnutls-devel] GnuTLS | Add documentation for the pkcs#11-provider
 (!1978)
References: <reply-fbbae38965fb2dafa70a0e98c592af4c@gitlab.com>
Message-ID: <mailman.6615.1751924961.18299.gnutls-devel@lists.gnutls.org>



Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1978

Project:Branches: dueno/gnutls:wip/dueno/pkcs11-provider-docs to gnutls/gnutls:master
Author:   Daiki Ueno




<!-- Add a description of the new feature/bug fix. Reference any relevant bugs. -->

This is identical to !1977, but skipping the CI.

## Checklist
 * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author
 * [ ] Code modified for feature
 * [ ] Test suite updated with functionality tests
 * [ ] Test suite updated with negative tests
 * [x] Documentation updated / NEWS entry present (for non-trivial changes)
 * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

## Reviewer's checklist:
 * [ ] Any issues marked for closing are addressed
 * [ ] There is a test suite reasonably covering new functionality or modifications
 * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
 * [ ] This feature/change has adequate documentation added
 * [ ] No obvious mistakes in the code

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1978
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/4eb64f00/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 23:49:52 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 21:49:52 +0000
Subject: [gnutls-devel] GnuTLS | Add documentation for the
 pkcs#11-provider (!1977)
In-Reply-To: <merge_request_396777200@gitlab.com>
References: <reply-9ee47a1ec6eb7c98fc3fd55bce7c1581@gitlab.com>
 <merge_request_396777200@gitlab.com>
Message-ID: <mailman.6616.1751925026.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1977#note_2609926080


As the CI is stall because of the usage quota, I've filed !1978 with "[skip ci]".

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1977#note_2609926080
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/81133425/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 23:49:52 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 21:49:52 +0000
Subject: [gnutls-devel] GnuTLS | Add documentation for the
 pkcs#11-provider (!1977)
In-Reply-To: <merge_request_396777200@gitlab.com>
References: <reply-1e8456d8a8ce8d4c881268aa2580d603@gitlab.com>
 <merge_request_396777200@gitlab.com>
Message-ID: <mailman.6617.1751925035.18299.gnutls-devel@lists.gnutls.org>



Merge request !1977 was closed by Daiki Ueno
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1977
Project:Branches: ZoltanFridrich/gnutls:zfridric_devel to gnutls/gnutls:master
Author: Zolt?n Fridrich
Assignee: Zolt?n Fridrich
Reviewer: Daiki Ueno

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1977
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/7a87eadc/attachment.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 23:51:07 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 21:51:07 +0000
Subject: [gnutls-devel] GnuTLS | Add documentation for the
 pkcs#11-provider (!1978)
In-Reply-To: <merge_request_397132091@gitlab.com>
References: <reply-8228f9244406fdca3eba27005a88864f@gitlab.com>
 <merge_request_397132091@gitlab.com>
Message-ID: <mailman.6618.1751925100.18299.gnutls-devel@lists.gnutls.org>



Merge request !1978 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1978
Project:Branches: dueno/gnutls:wip/dueno/pkcs11-provider-docs to gnutls/gnutls:master
Author: Daiki Ueno

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1978
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/13eab4b5/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Mon Jul  7 23:50:57 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 21:50:57 +0000
Subject: [gnutls-devel] GnuTLS | Add documentation for the
 pkcs#11-provider (!1978)
In-Reply-To: <merge_request_397132091@gitlab.com>
References: <reply-29f41afb6d3e070a30bf6a99a711a7c6@gitlab.com>
 <merge_request_397132091@gitlab.com>
Message-ID: <mailman.6621.1751925135.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1978#note_2609928831


Merging without approval as it has already been reviewed in !1977.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1978#note_2609928831
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/db547c6b/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  8 01:54:16 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Mon, 07 Jul 2025 23:54:16 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
References: <reply-7564c2f67b301685d639ab265e0b1e0c@gitlab.com>
Message-ID: <mailman.6623.1751932490.18299.gnutls-devel@lists.gnutls.org>



Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979

Project:Branches: dueno/gnutls:wip/dueno/release-3.8.10 to gnutls/gnutls:master
Author:   Daiki Ueno




<!-- Add a description of the new feature/bug fix. Reference any relevant bugs. -->

Fixes: #1666, #1694, #1695, #1696, #1718, #1720

## Checklist
 * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author
 * [x] Code modified for feature
 * [x] Test suite updated with functionality tests
 * [x] Test suite updated with negative tests
 * [x] Documentation updated / NEWS entry present (for non-trivial changes)
 * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)

## Reviewer's checklist:
 * [ ] Any issues marked for closing are addressed
 * [ ] There is a test suite reasonably covering new functionality or modifications
 * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md`
 * [ ] This feature/change has adequate documentation added
 * [ ] No obvious mistakes in the code

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250707/8155ac4f/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  8 06:14:58 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 08 Jul 2025 04:14:58 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
In-Reply-To: <merge_request_397208332@gitlab.com>
References: <reply-efa33a3bd64296eb6668f5e0797cf580@gitlab.com>
 <merge_request_397208332@gitlab.com>
Message-ID: <mailman.6624.1751948136.18299.gnutls-devel@lists.gnutls.org>



Alexander Sosedkin and Zolt?n Fridrich were added as reviewers.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250708/97ffa466/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  8 06:15:02 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 08 Jul 2025 04:15:02 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
In-Reply-To: <merge_request_397208332@gitlab.com>
References: <reply-5bfbd1141d696757fca5cc008a726f24@gitlab.com>
 <merge_request_397208332@gitlab.com>
Message-ID: <mailman.6625.1751948173.18299.gnutls-devel@lists.gnutls.org>



Reassigned merge request 1979

https://gitlab.com/gnutls/gnutls/-/merge_requests/1979

Daiki Ueno was added as an assignee.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250708/081588ec/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  8 10:44:18 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 08 Jul 2025 08:44:18 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
In-Reply-To: <merge_request_397208332@gitlab.com>
References: <reply-1c9f3c3457cb78c9bbfb51add2a5b869@gitlab.com>
 <merge_request_397208332@gitlab.com>
Message-ID: <mailman.6629.1751964294.18299.gnutls-devel@lists.gnutls.org>



Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1979 was reviewed by Zolt?n Fridrich

--
  
Zolt?n Fridrich started a new discussion on src/certtool-cfg.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979#note_2611127228

 >  			i = 0;                                             \
 > -			s_name = malloc(sizeof(char *) * MAX_ENTRIES);     \
 > +			s_name = malloc(MAX_ENTRIES + 1);                  \

Is this correct?
You have removed `sizeof(char *)` which means now you are allocating less, not more.


-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250708/01326866/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  8 11:48:02 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 08 Jul 2025 09:48:02 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
In-Reply-To: <note_2611292162@gitlab.com>
References: <reply-314838290292757e4a2f59a8427123a9@gitlab.com>
 <merge_request_397208332@gitlab.com> <note_2611127228@gitlab.com>
 <note_2611292162@gitlab.com>
Message-ID: <mailman.6630.1751968115.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented on a discussion on src/certtool-cfg.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979#note_2611294166

 >  	if (val != NULL) {                                                 \
 >  		if (s_name == NULL) {                                      \
 >  			i = 0;                                             \
 > -			s_name = malloc(sizeof(char *) * MAX_ENTRIES);     \
 > +			s_name = malloc(MAX_ENTRIES + 1);                  \

Good catch; fixed it and added a test.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979#note_2611294166
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250708/7cbcfe4f/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  8 11:48:04 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 08 Jul 2025 09:48:04 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
In-Reply-To: <merge_request_397208332@gitlab.com>
References: <reply-798ce3db156a49b72466be491d8505dc@gitlab.com>
 <merge_request_397208332@gitlab.com>
Message-ID: <mailman.6631.1751968148.18299.gnutls-devel@lists.gnutls.org>



All discussions on merge request !1979 were resolved by Daiki Ueno

https://gitlab.com/gnutls/gnutls/-/merge_requests/1979

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250708/da8a923f/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  8 12:13:10 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 08 Jul 2025 10:13:10 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
In-Reply-To: <merge_request_397208332@gitlab.com>
References: <reply-8dac18b428296ab2457941c5d73a698e@gitlab.com>
 <merge_request_397208332@gitlab.com>
Message-ID: <mailman.6632.1751969656.18299.gnutls-devel@lists.gnutls.org>



Merge request !1979 was approved by Zolt?n Fridrich
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
Project:Branches: dueno/gnutls:wip/dueno/release-3.8.10 to gnutls/gnutls:master
Author: Daiki Ueno
Assignee: Daiki Ueno
Reviewers: Alexander Sosedkin and Zolt?n Fridrich

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250708/93d8b266/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  8 12:13:19 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 08 Jul 2025 10:13:19 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
In-Reply-To: <merge_request_397208332@gitlab.com>
References: <reply-218813b74b92600e1b79ddf26d7a1aca@gitlab.com>
 <merge_request_397208332@gitlab.com>
Message-ID: <mailman.6635.1751969691.18299.gnutls-devel@lists.gnutls.org>




Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979#note_2611375366


Looks good now

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979#note_2611375366
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250708/5054d72d/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  8 16:22:19 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 08 Jul 2025 14:22:19 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
In-Reply-To: <merge_request_397208332@gitlab.com>
References: <reply-fda938864cb7429aa5bee45eaee697ea@gitlab.com>
 <merge_request_397208332@gitlab.com>
Message-ID: <mailman.6641.1751984573.18299.gnutls-devel@lists.gnutls.org>



Merge request !1979 was approved by Alexander Sosedkin
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
Project:Branches: dueno/gnutls:wip/dueno/release-3.8.10 to gnutls/gnutls:master
Author: Daiki Ueno
Assignee: Daiki Ueno
Reviewers: Alexander Sosedkin and Zolt?n Fridrich

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250708/ac74d684/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  8 18:35:10 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 08 Jul 2025 16:35:10 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
In-Reply-To: <merge_request_397208332@gitlab.com>
References: <reply-aa8e3677eff503628968c7938bd87d8a@gitlab.com>
 <merge_request_397208332@gitlab.com>
Message-ID: <mailman.6645.1751992580.18299.gnutls-devel@lists.gnutls.org>




Alicja Kario (@mention me if you need reply) commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979#note_2612311577


can't say that I know the C internals to review it properly, but looks good to me otherwise

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979#note_2612311577
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250708/f62d53d2/attachment.html>

From gnutls-devel at lists.gnutls.org  Tue Jul  8 18:35:13 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Tue, 08 Jul 2025 16:35:13 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
In-Reply-To: <merge_request_397208332@gitlab.com>
References: <reply-9c9d53d9826ff7892c3dcbfaef03d20f@gitlab.com>
 <merge_request_397208332@gitlab.com>
Message-ID: <mailman.6646.1751992589.18299.gnutls-devel@lists.gnutls.org>



Merge request !1979 was approved by Alicja Kario (@mention me if you need reply)
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
Project:Branches: dueno/gnutls:wip/dueno/release-3.8.10 to gnutls/gnutls:master
Author: Daiki Ueno
Assignee: Daiki Ueno
Reviewers: Alexander Sosedkin and Zolt?n Fridrich

-- 
You're receiving this email because of your account on gitlab.com.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250708/0e5dac36/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  9 06:04:50 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 09 Jul 2025 04:04:50 +0000
Subject: [gnutls-devel] GnuTLS | Release 3.8.10 (!1979)
In-Reply-To: <merge_request_397208332@gitlab.com>
References: <reply-5d97f160467e875694a075f3f53206d1@gitlab.com>
 <merge_request_397208332@gitlab.com>
Message-ID: <mailman.6689.1752033931.18299.gnutls-devel@lists.gnutls.org>



Merge request !1979 was merged
Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
Project:Branches: dueno/gnutls:wip/dueno/release-3.8.10 to gnutls/gnutls:master
Author: Daiki Ueno
Assignee: Daiki Ueno
Reviewers: Alexander Sosedkin and Zolt?n Fridrich

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1979
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250709/8045a593/attachment.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  9 06:05:00 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 09 Jul 2025 04:05:00 +0000
Subject: [gnutls-devel] GnuTLS | Add a way to show the default trust
 store configuration (#1720)
In-Reply-To: <issue_170041322@gitlab.com>
References: <reply-1b98c59704deceb4489c5c25a9ff1f1b@gitlab.com>
 <issue_170041322@gitlab.com>
Message-ID: <mailman.6690.1752033967.18299.gnutls-devel@lists.gnutls.org>



Issue was closed by Daiki Ueno with merge request !1979 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1979)
Issue #1720: https://gitlab.com/gnutls/gnutls/-/issues/1720

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1720
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250709/d42f8365/attachment.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  9 08:02:04 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 09 Jul 2025 06:02:04 +0000
Subject: [gnutls-devel] GnuTLS | gnutls_session_t unsafe to use from
 multiple threads due to TLS 1.3 rekeying (#1717)
In-Reply-To: <issue_168861302@gitlab.com>
References: <reply-b2c8230133750352c7a9e45b76acc43a@gitlab.com>
 <issue_168861302@gitlab.com>
Message-ID: <mailman.6695.1752040956.18299.gnutls-devel@lists.gnutls.org>



Milestone changed to Release of GnuTLS 3.8.11 (Jul 8, 2025?Sep 30, 2025) ( https://gitlab.com/gnutls/gnutls/-/milestones/49 )

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1717
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250709/35c46f38/attachment.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  9 08:04:26 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 09 Jul 2025 06:04:26 +0000
Subject: [gnutls-devel] GnuTLS | [Security] Vulnerability in GnuTLS SCT
 extension parsing (#1695)
In-Reply-To: <issue_165824658@gitlab.com>
References: <reply-5b64c2e21de814d338b76e16893a2d62@gitlab.com>
 <issue_165824658@gitlab.com>
Message-ID: <mailman.6696.1752041130.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1695#note_2613217799


Fix released in 3.8.10 release.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1695#note_2613217799
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250709/bce33db5/attachment.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  9 08:05:59 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 09 Jul 2025 06:05:59 +0000
Subject: [gnutls-devel] GnuTLS | [Security] Vulnerability in GnuTLS
 certtool template parsing (#1696)
In-Reply-To: <issue_165824673@gitlab.com>
References: <reply-a2b5f7fddb71dc2e54dfd4b5f5bc2253@gitlab.com>
 <issue_165824673@gitlab.com>
Message-ID: <mailman.6697.1752041192.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1696#note_2613219642


Fix released in 3.8.10.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1696#note_2613219642
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250709/b5e96fbc/attachment.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  9 08:05:35 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 09 Jul 2025 06:05:35 +0000
Subject: [gnutls-devel] GnuTLS | [Security] Vulnerability in GnuTLS
 otherName SAN export (#1694)
In-Reply-To: <issue_165824628@gitlab.com>
References: <reply-78c3148a051f70441ccb491ff91a018c@gitlab.com>
 <issue_165824628@gitlab.com>
Message-ID: <mailman.6698.1752041197.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1694#note_2613218857


Fix released in 3.8.10.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1694#note_2613218857
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250709/7ec9287a/attachment-0001.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  9 08:06:22 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 09 Jul 2025 06:06:22 +0000
Subject: [gnutls-devel] GnuTLS | NULL pointer deref in
 _gnutls_figure_common_ciphersuite (#1718)
In-Reply-To: <issue_168922377@gitlab.com>
References: <reply-641919d2f6db27459108f9ba6e4721e6@gitlab.com>
 <issue_168922377@gitlab.com>
Message-ID: <mailman.6701.1752041244.18299.gnutls-devel@lists.gnutls.org>




Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1718#note_2613220346


Fix released in 3.8.10.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1718#note_2613220346
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250709/9f8f18bb/attachment.html>

From gnutls-devel at lists.gnutls.org  Wed Jul  9 14:08:00 2025
From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities)
Date: Wed, 09 Jul 2025 12:08:00 +0000
Subject: [gnutls-devel] GnuTLS | system-override-compress-cert testsuite
 error with 3.8.10 (#1721)
References: <reply-b2c7019cf47ed28437b67bd0e08a968f@gitlab.com>
Message-ID: <mailman.6707.1752062914.18299.gnutls-devel@lists.gnutls.org>



Andreas Metzler created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1721



system-override-compress-cert fails for me:
```
FAIL: system-override-compress-cert
===================================

./compress-cert-conf expected to succeed
FAIL system-override-compress-cert.sh (exit status: 1)
```

Is the test unable to handle the case where gnutls is built without any of ZLIB / LIBBROTLI / LIBZSTD?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1721
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250709/daf8cc85/attachment.html>