From gnutls-devel at lists.gnutls.org Sun Jan 1 00:54:12 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 31 Dec 2022 23:54:12 +0000 Subject: [gnutls-devel] Guile-GnuTLS | I cannot run the Ubuntu22.04-release job in my gnutls-guile fork (#10) In-Reply-To: References: Message-ID: Simon Josefsson commented: There are two "interesting" parts of the log: ``` $ git checkout $CI_COMMIT_BRANCH Previous HEAD position was 5fe243a CI: Delete any v17.42.23 tag if present Switched to branch 'hmac-functions' Your branch and 'origin/hmac-functions' have diverged, and have 19 and 13 different commits each, respectively. (use "git pull" to merge the remote branch into yours) ``` Maybe you were force pushing to the branch, and GitLab somehow caches the git repository? I wonder what the appropriate command here would be to just discard any local stuff and checkout the branch that you force-pushed. Secondly, which is the real failure: ``` do-release-commit-and-tag: invalid version: 17.42.23 (<= 17.42.23) ``` This would only happen if the .prev-version file contained 17.42.23 for some strange reason, maybe you committed/pushed that file as well, maybe when the v17.42.23 tag was also pushed? Maybe if we figure out what happened in the 'git checkout' command above the .prev-version stuff will just go away. Maybe a 'git reset --hard' or some similar command is required before the 'git checkout'. I don't know enough of how GitLab CI/CD deals with git checkouts, it appears to do some caching of the repository that is interfering here. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/10#note_1224803236 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 1 01:36:32 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 01 Jan 2023 00:36:32 +0000 Subject: [gnutls-devel] Guile-GnuTLS | I cannot run the Ubuntu22.04-release job in my gnutls-guile fork (#10) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: I?m trying with the GIT_STRATEGY=clone environment variable, as described here: https://archives.docs.gitlab.com/14.2/ee/ci/runners/configure_runners.html#git-strategy -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/10#note_1224807916 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 1 01:41:31 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 01 Jan 2023 00:41:31 +0000 Subject: [gnutls-devel] Guile-GnuTLS | I cannot run the Ubuntu22.04-release job in my gnutls-guile fork (#10) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/10#note_1224808539 The force push stuff is not a problem, I get the same true error if I run it on master, where I did not push anything. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/10#note_1224808539 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 1 01:50:26 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 01 Jan 2023 00:50:26 +0000 Subject: [gnutls-devel] Guile-GnuTLS | I cannot run the Ubuntu22.04-release job in my gnutls-guile fork (#10) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/10#note_1224809056 Well, it fails early because of the copyright year bug? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/10#note_1224809056 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 1 09:52:02 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 01 Jan 2023 08:52:02 +0000 Subject: [gnutls-devel] Guile-GnuTLS | I cannot run the Ubuntu22.04-release job in my gnutls-guile fork (#10) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/10#note_1224845405 I merged the jas/drop-bootstrap2 branch to master now to reduce the dependency on gnulib, as discussed on the mailing list, and also updated gnulib to solve the copyright year bug. Please rebase your branch on master and hopefully it should work! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/10#note_1224845405 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 1 10:20:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 01 Jan 2023 09:20:33 +0000 Subject: [gnutls-devel] Guile-GnuTLS | cicd: Fix announcement output. Shorten apt-get outputs. Checkout to new branch. (!6) References: Message-ID: Simon Josefsson created a merge request: https://gitlab.com/gnutls/guile/-/merge_requests/6 Project:Branches: jas/guile-gnutls:jas/fix-cicd to gnutls/guile:master Author: Simon Josefsson -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/6 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 1 10:21:59 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 01 Jan 2023 09:21:59 +0000 Subject: [gnutls-devel] Guile-GnuTLS | cicd: Fix announcement output. Shorten apt-get outputs. Checkout to new branch. (!6) In-Reply-To: References: Message-ID: Merge request !6 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/6 Project:Branches: jas/guile-gnutls:jas/fix-cicd to gnutls/guile:master Author: Simon Josefsson -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/6 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 1 10:25:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 01 Jan 2023 09:25:05 +0000 Subject: [gnutls-devel] Guile-GnuTLS | I cannot run the Ubuntu22.04-release job in my gnutls-guile fork (#10) In-Reply-To: References: Message-ID: Simon Josefsson commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/10#note_1224853159 I tried a fresh clone of guile-gnutls now, and ran CI/CD on master and all CI/CD built. I also created a branch and pushed to it, and CI/CD built too, and even tried force-pushing to the branch but that also worked. So I can't reproduce the build error now. However I installed a fix to use 'git checkout -B my-release-branch' instead which may improve some cases. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/10#note_1224853159 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 1 14:17:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 01 Jan 2023 13:17:06 +0000 Subject: [gnutls-devel] Guile-GnuTLS | I cannot run the Ubuntu22.04-release job in my gnutls-guile fork (#10) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/issues/10#note_1224874296 Solved! Thanks :) So the solution for me was to set GIT_STRATEGY=clone. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/10#note_1224874296 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 1 14:17:10 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 01 Jan 2023 13:17:10 +0000 Subject: [gnutls-devel] Guile-GnuTLS | I cannot run the Ubuntu22.04-release job in my gnutls-guile fork (#10) In-Reply-To: References: Message-ID: Issue was closed by Vivien Kraus Would Rather Not Be On Gitlab_com Issue #10: https://gitlab.com/gnutls/guile/-/issues/10 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/issues/10 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 1 18:41:31 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 01 Jan 2023 17:41:31 +0000 Subject: [gnutls-devel] GnuTLS | TLS1.3 new session ticket GNUTLS_E_PUSH_ERROR (#1444) References: Message-ID: Neelabh Mam created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1444 Hi, With my libssl-1_1 based FTPS client I am facing an issue with TLS1.3 session reuse when I connect to Windows filezilla FTP server (based on gnutls). I am able to generally connect using FTPS and get the initial directory listing over data channel. I am also able to manually browser FTP directories without any issues, for extended periods of time. Every directory list operation uses a new data channel connection where the control channel session gets reused successfully. I can see the server sending new session tickets over cc periodically.. everything runs fine and the user is able to browsing manually. Now, today I implemented recursive directory list operation that would basically traverse and list all directories from a selected root directory. As part of testing this scheme, I executed the new workflow against the "C:\Windows" folder (~120k directories to be listed) and it ran fine for around a minute or so but then at one point the server disconnects the control channel. This is what the FZ log says. Wireshark sniff confirms that it is indeed the server which initiates the control channel reset. ![image](/uploads/805163284b96b68a7f50ecb749327626/image.png) now the thing is, FZ's own FTPS client (again based on gnutls) apparently runs fine with a similar workflow of it own. With my libssl implementation, I have a new session ticket callback which keeps pushing new session tickets, which I get from the server, in a vector and then every data channel uses the latest one and it works fine for about a minute or so.. I had a look at gnutls sources but couldn't isolate the circumstance under which the server would throw this GNUTLS_E_PUSH_ERROR error. FZ server just maps this -53 to a generic ECONNABORTED error. I was wondering if anyone could please advise on what could possibly be going wrong here ? Thanks Neelabh -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1444 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 2 04:49:27 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 02 Jan 2023 03:49:27 +0000 Subject: [gnutls-devel] GnuTLS | TLS1.3 new session ticket GNUTLS_E_PUSH_ERROR (#1444) In-Reply-To: References: Message-ID: Neelabh Mam commented: I re-checked the logs of fz client against FZ server (both using gnutls) and realized that even fz client is getting these -53 errors (infact much more quickly than my libssl client). It's just that FZ maintains state and immediately initiates a reconnect and then proceeds with the listing from the remote folder where it errored out the last time.. So, at this point this does not look like an issue specific to my libssl client's handling of new session tickets. I took a process explorer trace of nw operations. This gives you a callstack of the server initiated disconnect. But unfortunately without the public symbols it doesn't highlight the correct situation. Short of me building a debug fz server, how best could we diagnose the problem ? This looks like something in the server tls layer is maxing out. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1444#note_1224969215 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 2 07:02:01 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 02 Jan 2023 06:02:01 +0000 Subject: [gnutls-devel] GnuTLS | TLS1.3 new session ticket GNUTLS_E_PUSH_ERROR (#1444) In-Reply-To: References: Message-ID: Daiki Ueno commented: @codesquid perhaps you might have a clue off-hand? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1444#note_1224993312 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 2 09:19:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 02 Jan 2023 08:19:39 +0000 Subject: [gnutls-devel] GnuTLS | TLS1.3 new session ticket GNUTLS_E_PUSH_ERROR (#1444) In-Reply-To: References: Message-ID: Tim Kosse commented: @n-man: Do you have Windows Firewall enabled? The symptoms should go away if you disable Windows Firewall, or use a port other than 21. Windows Firewall is known to sabotage FTP port 21, even if using TLS. Something about the traffic pattern trips up the firewall if you perform many data connection in a short amount of time. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1444#note_1225044436 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 2 09:43:20 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 02 Jan 2023 08:43:20 +0000 Subject: [gnutls-devel] GnuTLS | TLS1.3 new session ticket GNUTLS_E_PUSH_ERROR (#1444) In-Reply-To: References: Message-ID: Neelabh Mam commented: @codesquid `Do you have Windows Firewall enabled?` yes it was enabled by default.. I retried the workflow after disabling windows FW and the entire recursive listing for c:\windows over TLS1.3 completed with both fz and my clint without any disconnects. Thanks for the pointer. I don't have anything else at this point, I'll mark the issues as closed, thanks. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1444#note_1225058939 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 2 09:43:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 02 Jan 2023 08:43:21 +0000 Subject: [gnutls-devel] GnuTLS | TLS1.3 new session ticket GNUTLS_E_PUSH_ERROR (#1444) In-Reply-To: References: Message-ID: Issue was closed by Neelabh Mam Issue #1444: https://gitlab.com/gnutls/gnutls/-/issues/1444 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1444 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 2 13:27:10 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 02 Jan 2023 12:27:10 +0000 Subject: [gnutls-devel] GnuTLS | Forbid uncolicited CompressedCertificate messages (!1678) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: 1. this should fix that hopefully ebc72f15 2. you have suggested "illegal_parameter" in Case 2 in #1440. "bad_certificate" alert should still be sent. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678#note_1225248747 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 2 13:27:54 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 02 Jan 2023 12:27:54 +0000 Subject: [gnutls-devel] GnuTLS | Forbid uncolicited CompressedCertificate messages (!1678) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678#note_1225249655 1. this should fix that hopefully ebc72f15 2. you have suggested "illegal_parameter" in Case 2 in #1440. "bad_certificate" alert should still be sent. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678#note_1225249655 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 3 00:12:43 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 02 Jan 2023 23:12:43 +0000 Subject: [gnutls-devel] GnuTLS | Forbid uncolicited CompressedCertificate messages (!1678) In-Reply-To: References: Message-ID: Daiki Ueno commented: The CI should be fixed once you rebase it against master and also update the copyright year range in `doc/gnutls.texi` to cover 2023, as in f62a768a4f8e96560b6288d6cb75fbe007f5ee3c. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678#note_1225610274 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 3 18:08:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 03 Jan 2023 17:08:04 +0000 Subject: [gnutls-devel] GnuTLS | Add setting for requiring use of EMS in TLS 1.2 (#1445) References: Message-ID: Hubert Kario (@mention me if you need reply) created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1445 ## Description of the feature: The [FIPS 140-3 I.G.](https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf) will require use of EMS KDF for TLS 1.2 after 16th of May 2023. GnuTLS should have a way to requiring use of EMS for connections that have negotiated TLS 1.2. ## Applications that this feature may be relevant to: All applications using TLS in FIPS mode. ## Is this feature implemented in other libraries (and which) `requireExtendedMasterSecret` is a setting in tlslite-ng, not aware of others -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1445 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 4 03:31:12 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Jan 2023 02:31:12 +0000 Subject: [gnutls-devel] GnuTLS | Forbid uncolicited CompressedCertificate messages (!1678) In-Reply-To: References: Message-ID: Merge request !1678 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewers: Daiki Ueno and Alexander Sosedkin -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 4 08:51:16 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 04 Jan 2023 07:51:16 +0000 Subject: [gnutls-devel] GnuTLS | Forbid uncolicited CompressedCertificate messages (!1678) In-Reply-To: References: Message-ID: Daiki Ueno commented: Looks good to me, but maybe good to wait for a second approval from Alex. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678#note_1227116810 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 11:15:50 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 10:15:50 +0000 Subject: [gnutls-devel] GnuTLS | srtp: support AES-GCM profiles (!1685) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: I see no problems with this MR. Approved. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1685#note_1229993456 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 11:15:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 10:15:53 +0000 Subject: [gnutls-devel] GnuTLS | srtp: support AES-GCM profiles (!1685) In-Reply-To: References: Message-ID: Merge request !1685 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1685 Project:Branches: dueno/gnutls:wip/dueno/srtp to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1685 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 11:33:42 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 10:33:42 +0000 Subject: [gnutls-devel] GnuTLS | build: remove MAX_RECORD_SEND_SIZE in favor of max_record_send_size (!1684) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: I have checked the difference between using `MAX_RECORD_SEND_SIZE` and `max_record_send_size + MAX_RECORD_SEND_OVERHEAD` and I think there should be no problems. The change looks good. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1684#note_1230013245 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 11:33:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 10:33:45 +0000 Subject: [gnutls-devel] GnuTLS | build: remove MAX_RECORD_SEND_SIZE in favor of max_record_send_size (!1684) In-Reply-To: References: Message-ID: Merge request !1684 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1684 Project:Branches: dueno/gnutls:wip/dueno/max-record-send-size to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1684 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 12:06:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 11:06:36 +0000 Subject: [gnutls-devel] GnuTLS | build: remove MAX_RECORD_SEND_SIZE in favor of max_record_send_size (!1684) In-Reply-To: References: Message-ID: Reviewer changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1684 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 12:06:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 11:06:45 +0000 Subject: [gnutls-devel] GnuTLS | MAX_RECORD_SEND_SIZE: remove macro (#815) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1684 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1684) Issue #815: https://gitlab.com/gnutls/gnutls/-/issues/815 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/815 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 12:06:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 11:06:44 +0000 Subject: [gnutls-devel] GnuTLS | build: remove MAX_RECORD_SEND_SIZE in favor of max_record_send_size (!1684) In-Reply-To: References: Message-ID: Merge request !1684 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1684 Project:Branches: dueno/gnutls:wip/dueno/max-record-send-size to gnutls/gnutls:master Author: Daiki Ueno Assignee: Daiki Ueno Reviewer: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1684 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 12:06:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 11:06:36 +0000 Subject: [gnutls-devel] GnuTLS | build: remove MAX_RECORD_SEND_SIZE in favor of max_record_send_size (!1684) In-Reply-To: References: Message-ID: Reassigned merge request 1684 https://gitlab.com/gnutls/gnutls/-/merge_requests/1684 Assignee changed to Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1684 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 12:06:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 11:06:53 +0000 Subject: [gnutls-devel] GnuTLS | build: remove MAX_RECORD_SEND_SIZE in favor of max_record_send_size (!1684) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1684#note_1230047809 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 12:07:30 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 11:07:30 +0000 Subject: [gnutls-devel] GnuTLS | srtp: support AES-GCM profiles (!1685) In-Reply-To: References: Message-ID: Reassigned merge request 1685 https://gitlab.com/gnutls/gnutls/-/merge_requests/1685 Assignee changed to Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1685 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 12:07:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 11:07:28 +0000 Subject: [gnutls-devel] GnuTLS | srtp: support AES-GCM profiles (!1685) In-Reply-To: References: Message-ID: Reviewer changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1685 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 12:07:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 11:07:39 +0000 Subject: [gnutls-devel] GnuTLS | srtp: support AES-GCM profiles (!1685) In-Reply-To: References: Message-ID: Merge request !1685 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1685 Project:Branches: dueno/gnutls:wip/dueno/srtp to gnutls/gnutls:master Author: Daiki Ueno Assignee: Daiki Ueno Reviewer: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1685 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 12:07:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 11:07:39 +0000 Subject: [gnutls-devel] GnuTLS | Support more SRTP profiles (AEAD_AES_256_GCM...) (#1266) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno via merge request !1685 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1685) Issue #1266: https://gitlab.com/gnutls/gnutls/-/issues/1266 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1266 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 12:08:22 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 11:08:22 +0000 Subject: [gnutls-devel] GnuTLS | srtp: support AES-GCM profiles (!1685) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you for the review! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1685#note_1230049627 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 6 21:33:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 06 Jan 2023 20:33:06 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli crashes with segfault in mingw (#1446) References: Message-ID: Biswapriyo Nath created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1446 ## Description of problem: gnutls-cli command crashes with segmentation fault. ## Version of gnutls used: 3.7.8 ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) * Windows 10 build 19045 * msys2/mingw-w64 * gcc version 12.2.0 targeting x86_64-w64-mingw32 * Build command can be found in this file https://github.com/msys2/MINGW-packages/blob/master/mingw-w64-gnutls/PKGBUILD * With some patches from here https://github.com/msys2/MINGW-packages/tree/master/mingw-w64-gnutls ## How reproducible: Steps to Reproduce: * Run this command after compiling `gnutls-cli -d 1 imap.gmail.com -p 993` ## Actual results: gnutls-cli command crashes with segmentation fault. * Here is the output: ``` $ ./ucrt64/bin/gnutls-cli -d 1 imap.gmail.com -p 993 |<1>| There was a non-CA certificate in the trusted list: CN=y. |<1>| There was a non-CA certificate in the trusted list: OU=Copyright (c) 1997 Microsoft Corp.,OU=Microsoft Corporation ,CN=Microsoft Root Authority. |<1>| There was a non-CA certificate in the trusted list: C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority. |<1>| There was a non-CA certificate in the trusted list: CN=DESKTOP-IEGKK8M. |<1>| There was a non-CA certificate in the trusted list: CN=Root Agency. Processed 37 CA certificate(s). Resolving 'imap.gmail.com:993'... Connecting to '172.217.194.109:993'... Segmentation fault ``` * Here is the backtrace from gdb: ``` Thread 1 received signal SIGSEGV, Segmentation fault. 0x00007ff6eed016da in system_write (ptr=0x3, data=0x223b158940b, data_size=396) at ../../gnutls-3.7.8/src/common.h:128 128 return send(hd->fd, data, data_size, 0); (gdb) bt #0 0x00007ff6eed016da in system_write (ptr=0x3, data=0x223b158940b, data_size=396) at ../../gnutls-3.7.8/src/common.h:128 #1 0x00007ffeb4445c59 in _gnutls_writev_emu (session=0x223b15844b0, fd=0x3, giovec=0xbb28ffcc90, giovec_cnt=1, vec=0) at ../../gnutls-3.7.8/lib/buffers.c:450 #2 0x00007ffeb4445e4d in _gnutls_writev (session=0x223b15844b0, giovec=0xbb28ffcc90, giovec_cnt=1, total=396) at ../../gnutls-3.7.8/lib/buffers.c:506 #3 0x00007ffeb4446622 in _gnutls_io_write_flush (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/buffers.c:700 #4 0x00007ffeb4446db0 in _gnutls_handshake_io_write_flush (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/buffers.c:839 #5 0x00007ffeb444da0d in _gnutls_send_handshake2 (session=0x223b15844b0, bufel=0x223b1588210, type=GNUTLS_HANDSHAKE_CLIENT_HELLO, queue_only=0) at ../../gnutls-3.7.8/lib/handshake.c:1450 #6 0x00007ffeb444d4ed in _gnutls_send_handshake (session=0x223b15844b0, bufel=0x223b1588210, type=GNUTLS_HANDSHAKE_CLIENT_HELLO) at ../../gnutls-3.7.8/lib/handshake.c:1287 #7 0x00007ffeb4451026 in send_client_hello (session=0x223b15844b0, again=0) at ../../gnutls-3.7.8/lib/handshake.c:2357 #8 0x00007ffeb4452a05 in handshake_client (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/handshake.c:3052 #9 0x00007ffeb445248c in gnutls_handshake (session=0x223b15844b0) at ../../gnutls-3.7.8/lib/handshake.c:2884 #10 0x00007ff6eed055bd in do_handshake (rpl_socket=0xbb28ffe700) at ../../gnutls-3.7.8/src/cli.c:1855 #11 0x00007ff6eed0c79c in socket_open2 (hd=0xbb28ffe700, hostname=0x223af8851b0 "imap.gmail.com", service=0x7ff6eed35080 "993", app_proto=0x0, flags=64, msg=0x7ff6eed2893b "Connecting to", rdata=0x0, edata=0x0, server_trace=0x0, client_trace=0x0) at ../../gnutls-3.7.8/src/socket.c:602 #12 0x00007ff6eed04347 in main (argc=6, argv=0x223af8729f0) at ../../gnutls-3.7.8/src/cli.c:1371 ``` ## Expected results: After reverting the src/common.h hunk from this commit https://gitlab.com/gnutls/gnutls/-/commit/20f993aca3c08a779cd350bf2093d01a6309a32e, the program is working as expected. * Here is the correct output: ``` $ ./ucrt64/bin/gnutls-cli -d 1 imap.gmail.com -p 993 |<1>| There was a non-CA certificate in the trusted list: CN=y. |<1>| There was a non-CA certificate in the trusted list: OU=Copyright (c) 1997 Microsoft Corp.,OU=Microsoft Corporation ,CN=Microsoft Root Authority. |<1>| There was a non-CA certificate in the trusted list: C=US,O=MSFT,CN=Microsoft Authenticode(tm) Root Authority. |<1>| There was a non-CA certificate in the trusted list: CN=DESKTOP-IEGKK8M. |<1>| There was a non-CA certificate in the trusted list: CN=Root Agency. Processed 37 CA certificate(s). Resolving 'imap.gmail.com:993'... Connecting to '172.217.194.109:993'... - Certificate type: X.509 - Got a certificate list of 3 certificates. - Certificate[0] info: ... ... goes on... ``` Previously reported here https://github.com/msys2/MINGW-packages/issues/14739 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1446 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 7 09:33:25 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 07 Jan 2023 08:33:25 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli crashes with segfault in mingw (#1446) In-Reply-To: References: Message-ID: Daiki Ueno commented: > After reverting the src/common.h hunk from this commit 20f993ac, the program is working as expected. It rather looks like a regression after f7160e4fb970b4ba6f96e85e21f8395eae735d95, which we should have conditionalized the logic based on platform. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1446#note_1230848623 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 7 09:34:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 07 Jan 2023 08:34:19 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli crashes with segfault in mingw (#1446) In-Reply-To: References: Message-ID: Milestone changed to Release of GnuTLS 3.8.0 (Oct 1, 2022?Jan 15, 2023) ( https://gitlab.com/gnutls/gnutls/-/milestones/30 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1446 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 7 10:26:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 07 Jan 2023 09:26:19 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli crashes with segfault in mingw (#1446) In-Reply-To: References: Message-ID: Biswapriyo Nath commented: Thank you for looking into this issue. I am not familiar with the codebase. If you suggest to perform any tests I can try those. I was thinking to add native Windows platform tests in CI but 12 tests failed in 3.7.8 version. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1446#note_1230856373 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 8 19:16:06 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 08 Jan 2023 18:16:06 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add the HMAC and hash functions (!5) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: Hi, let me bump that :) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/5#note_1231167158 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 10 12:45:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Jan 2023 11:45:15 +0000 Subject: [gnutls-devel] GnuTLS | Forbid uncolicited CompressedCertificate messages (!1678) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1678 was reviewed by Alexander Sosedkin -- Alexander Sosedkin commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678#note_1233883937 1. looks fixed to me 2. I see =D Yeah, looks underspecified with arguments for both contenders. OK, as of 8d71603a90 I observe `bad_certificate` and it aligns with openssl, so let's have `bad_certificate`. -- Alexander Sosedkin started a new discussion on lib/tls13/certificate.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678#note_1233883945 > + if (!(session->internals.hsk_flags & HSK_COMP_CRT_REQ_SENT)) > + return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET); > + trailing whitespace -- Alexander Sosedkin started a new discussion on lib/tls13/certificate.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678#note_1233883949 > err = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_COMPRESSED_CERTIFICATE_PKT, 0, &buf); > if (err >= 0) { > + /* fail if we receive unsoliceted compressed certificate */ misspelling (`s/unsoliceted/unsolicited/`), same in commit message. other occurrences look fine -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 10 12:45:14 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Jan 2023 11:45:14 +0000 Subject: [gnutls-devel] GnuTLS | Forbid uncolicited CompressedCertificate messages (!1678) In-Reply-To: References: Message-ID: Alexander Sosedkin commented: Couple of newly spotted nitpicks aside (inline), looks fine to me as well, thanks! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678#note_1233883956 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 10 12:45:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Jan 2023 11:45:15 +0000 Subject: [gnutls-devel] GnuTLS | Forbid uncolicited CompressedCertificate messages (!1678) In-Reply-To: References: Message-ID: Merge request !1678 was approved by Alexander Sosedkin Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewers: Daiki Ueno and Alexander Sosedkin -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 10 17:49:41 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Jan 2023 16:49:41 +0000 Subject: [gnutls-devel] GnuTLS | Forbid uncolicited CompressedCertificate messages (!1678) In-Reply-To: References: Message-ID: All discussions on merge request !1678 were resolved by Zolt?n Fridrich https://gitlab.com/gnutls/gnutls/-/merge_requests/1678 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 10 17:49:40 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Jan 2023 16:49:40 +0000 Subject: [gnutls-devel] GnuTLS | Forbid uncolicited CompressedCertificate messages (!1678) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented on a discussion on lib/tls13/certificate.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678#note_1234514333 > } > > if (decompress_cert) { > - ret = decompress_certificate(&buf); > + ret = decompress_certificate(session, &buf); > if (ret < 0) { > gnutls_assert(); > gnutls_alert_send(session, GNUTLS_AL_FATAL, GNUTLS_A_BAD_CERTIFICATE); I don't think I can do that as the alert will not be sent in that case. Easy way to test it is by changing the `gnutls_alert_send` into some error which would be translated into `GNUTLS_A_BAD_CERTIFICATE` like `ret = GNUTLS_E_CERTIFICATE_ERROR;`. Then the tls13/compress-cert-neg2 test fails with `didn't receive BAD CERTIFICATE alert`. I am keeping it as is. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678#note_1234514333 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 10 18:11:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Jan 2023 17:11:33 +0000 Subject: [gnutls-devel] GnuTLS | certificate compression: unsolicited CompressedCertificate is accepted (#1440) In-Reply-To: References: Message-ID: Issue was closed by Zolt?n Fridrich via merge request !1678 (https://gitlab.com/gnutls/gnutls/-/merge_requests/1678) Issue #1440: https://gitlab.com/gnutls/gnutls/-/issues/1440 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1440 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 10 18:11:32 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 10 Jan 2023 17:11:32 +0000 Subject: [gnutls-devel] GnuTLS | Forbid uncolicited CompressedCertificate messages (!1678) In-Reply-To: References: Message-ID: Merge request !1678 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel2 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewers: Daiki Ueno and Alexander Sosedkin -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1678 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 11 07:28:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 11 Jan 2023 06:28:44 +0000 Subject: [gnutls-devel] GnuTLS | trust: make filesystem path construction flexible (!1493) In-Reply-To: References: Message-ID: All discussions on merge request !1493 were resolved by Daiki Ueno https://gitlab.com/gnutls/gnutls/-/merge_requests/1493 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1493 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 11 07:28:44 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 11 Jan 2023 06:28:44 +0000 Subject: [gnutls-devel] GnuTLS | trust: make filesystem path construction flexible (!1493) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion on lib/pathbuf.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1493#note_1235095281 > + * You should have received a copy of the GNU Lesser General Public License > + * along with this program. If not, see > + * > + */ > + > +#include "config.h" > + > +#include "pathbuf.h" > +#include "gnutls_int.h" > +#include > +#include "intprops.h" > + > +static int > +pathbuf_reserve(struct gnutls_pathbuf_st *buffer, size_t to_add) > +{ > + size_t cap; I'm disabling cppcheck for now until https://trac.cppcheck.net/ticket/10192 is fixed. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1493#note_1235095281 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 11 07:28:54 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 11 Jan 2023 06:28:54 +0000 Subject: [gnutls-devel] GnuTLS | trust: make filesystem path construction flexible (!1493) In-Reply-To: References: Message-ID: Merge request !1493 was scheduled to merge after pipeline succeeds by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1493 Project:Branches: dueno/gnutls:wip/dueno/ca-path to gnutls/gnutls:master Author: Daiki Ueno Assignee: Daiki Ueno Reviewer: Tim R?hsen -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1493 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 11 10:30:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 11 Jan 2023 09:30:05 +0000 Subject: [gnutls-devel] GnuTLS | trust: make filesystem path construction flexible (!1493) In-Reply-To: References: Message-ID: Merge request !1493 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1493 Project:Branches: dueno/gnutls:wip/dueno/ca-path to gnutls/gnutls:master Author: Daiki Ueno Assignee: Daiki Ueno Reviewer: Tim R?hsen -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1493 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 12 13:09:59 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 12 Jan 2023 12:09:59 +0000 Subject: [gnutls-devel] GnuTLS | Failed to set TLS options (default:). error: The request is invalid. (#1405) In-Reply-To: References: Message-ID: KENJI AKIHARA commented: I tried the debug you suggested. In v4.15, "Got/read 0 bytes","Emptied buffer"etc., it seems that nothing recieved. could you tell what the probrem is from thease logs?[squid_debug.txt](/uploads/fd5129bd6c5f519b32099576fb683699/squid_debug.txt) [squid_debug.txt](/uploads/7fce341a396dfafdeb7d16c4e79b0a29/squid_debug.txt) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1405#note_1237113346 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 13 03:14:51 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 02:14:51 +0000 Subject: [gnutls-devel] GnuTLS | Failed to set TLS options (default:). error: The request is invalid. (#1405) In-Reply-To: References: Message-ID: Daiki Ueno commented: I looked at the logs but I'm now more confused. I asked you to collect logs for the squid process as a TLS server, but the attached logs indicate that they are about TLS client, as the following lines appear in the log: ```console |<4>| HSK[110066ff0]: CLIENT HELLO was queued [235 bytes] |<4>| HSK[110066ff0]: SERVER HELLO (2) was received. Length 83[83], frag offset 0, frag length: 83, sequence: 0 ``` If you are correctly logging the server side, you should see something like the following instead: ```console |<4>| HSK[0x55d374045130]: CLIENT HELLO (1) was received. Length 374[374], frag offset 0, frag length: 374, sequence: 0 |<4>| HSK[0x55d374045130]: SERVER HELLO was queued [122 bytes] ``` Could you tell me the exact steps you took to collect logs? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1405#note_1238049542 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 13 09:28:20 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 08:28:20 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli crashes with segfault in mingw (#1446) In-Reply-To: References: Message-ID: acstime commented: We did some further testing in that discussion and don't believe that this was actually the issue. Reversing the win32 patch to common.h makes things apparently worse and without further additional feedback from OP we can close I will reopen with an updated context. Thank you. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1446#note_1238312500 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 13 10:07:10 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 09:07:10 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli crashes with segfault in mingw (#1446) In-Reply-To: References: Message-ID: Biswapriyo Nath commented: I shall close this issue when it is fixed or invalid. Feel free to open an new issue. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1446#note_1238402392 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 13 10:15:29 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 09:15:29 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli crashes with segfault in mingw (#1446) In-Reply-To: References: Message-ID: acstime commented: @Biswa96 well welcome back. This ticket will only cause confusion since the pretext that MinGW64 needs a chunk reversal on common.h. No one else can duplicate success with this idea. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1446#note_1238421936 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 13 10:44:27 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 09:44:27 +0000 Subject: [gnutls-devel] GnuTLS | Cannot use certificates from machine store. (#1365) In-Reply-To: References: Message-ID: acstime commented: We have similar issues with the Windows certificate store under MinGW: https://github.com/msys2/MINGW-packages/issues/14739#issue-1510226820 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1365#note_1238469543 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 13 13:35:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 12:35:05 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: consolidate duplicate "aggressive" targets (!1690) In-Reply-To: References: Message-ID: Alexander Sosedkin was added as a reviewer.
-- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1690 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 13 13:34:55 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 12:34:55 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: consolidate duplicate "aggressive" targets (!1690) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1690 Project:Branches: dueno/gnutls:wip/dueno/ci-fixes3 to gnutls/gnutls:master Author: Daiki Ueno The UB+ASAN-Werror.Fedora.x86_64.gcc-aggressive shared almost same tasks with UB+ASAN-Werror-aggressive.Fedora.x86_64.gcc, except the former explicitly specified --disable-hardware-acceleration. ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1690 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 13 14:27:00 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 13:27:00 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: consolidate duplicate "aggressive" targets (!1690) In-Reply-To: References: Message-ID: Alexander Sosedkin commented: For those like me, confused about how ASAN job list has evolved: First time we got more than one ASAN job is in 970aeb621c: * UB+ASAN-Werror.Fedora.x86_64.gcc: --disable-hardware-acceleration * UB+ASAN-Werror-aggressive.Fedora.x86_64.gcc: --disable-hardware-acceleration, -DAGGRESSIVE_REALLOC Then we have f1b2959c42 "reduce PKCS#12 iteration count while testing": * UB+ASAN-Werror.Fedora.x86_64.gcc: --disable-hardware-acceleration, --with-pkcs12-iter-count=10000 * UB+ASAN-Werror-aggressive.Fedora.x86_64.gcc: --disable-hardware-acceleration, --with-pkcs12-iter-count=10000, -DAGGRESSIVE_REALLOC Modified in cba5b176ff ".gitlab-ci.yml: enable hardware acceleration in UB+ASAN jobs": * UB+ASAN-Werror.Fedora.x86_64.gcc: --with-pkcs12-iter-count=10000 * UB+ASAN-Werror-aggressive.Fedora.x86_64.gcc: --with-pkcs12-iter-count=10000, -DAGGRESSIVE_REALLOC Current, after 6a348c0956 "replace valgrind checks with ASan" introduces one more: * UB+ASAN-Werror.Fedora.x86_64.gcc: --with-pkcs12-iter-count=10000 * UB+ASAN-Werror-aggressive.Fedora.x86_64.gcc: --with-pkcs12-iter-count=10000, -DAGGRESSIVE_REALLOC * UB+ASAN-Werror.Fedora.x86_64.gcc-aggressive: --disable-hardware-acceleration, -DAGGRESSIVE_REALLOC And the proposal in v1 of this MR is revert back to: * UB+ASAN-Werror.Fedora.x86_64.gcc: --with-pkcs12-iter-count=10000 * UB+ASAN-Werror-aggressive.Fedora.x86_64.gcc: --with-pkcs12-iter-count=10000, -DAGGRESSIVE_REALLOC -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1690#note_1238767021 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 13 14:27:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 13:27:04 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: consolidate duplicate "aggressive" targets (!1690) In-Reply-To: References: Message-ID: Merge request !1690 was approved by Alexander Sosedkin Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1690 Project:Branches: dueno/gnutls:wip/dueno/ci-fixes3 to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewer: Alexander Sosedkin -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1690 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 14 00:13:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 23:13:47 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: consolidate duplicate "aggressive" targets (!1690) In-Reply-To: References: Message-ID: Daiki Ueno commented: Thank you for the clarification. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1690#note_1239362085 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 14 00:13:52 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 23:13:52 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: consolidate duplicate "aggressive" targets (!1690) In-Reply-To: References: Message-ID: Merge request !1690 was scheduled to merge after pipeline succeeds by Daiki Ueno Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1690 Project:Branches: dueno/gnutls:wip/dueno/ci-fixes3 to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewer: Alexander Sosedkin -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1690 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 14 00:27:39 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 13 Jan 2023 23:27:39 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: consolidate duplicate "aggressive" targets (!1690) In-Reply-To: References: Message-ID: Merge request !1690 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1690 Project:Branches: dueno/gnutls:wip/dueno/ci-fixes3 to gnutls/gnutls:master Author: Daiki Ueno Reviewer: Alexander Sosedkin -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1690 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 14 14:11:14 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 14 Jan 2023 13:11:14 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add the HMAC and hash functions (!5) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented: Hello @civodul and @jas I believe I answered your points, what do you think? Is there something else I must do? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/5#note_1239538289 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 14 19:11:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 14 Jan 2023 18:11:19 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add the HMAC and hash functions (!5) In-Reply-To: References: Message-ID: Merge request !5 was merged Merge request URL: https://gitlab.com/gnutls/guile/-/merge_requests/5 Project:Branches: vivien_/guile:hmac-functions to gnutls/guile:master Author: Vivien Kraus Would Rather Not Be On Gitlab_com -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/5 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 14 19:13:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 14 Jan 2023 18:13:04 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add the HMAC and hash functions (!5) In-Reply-To: References: Message-ID: civodul commented: @vivien\_ Oops, I hadn't been notified or your comments so I saw it just now. It looks great to me so I went ahead and merge it. @jas Let me know if you think there are still concerns that should be addressed. Thank you @vivien\_! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/5#note_1239605630 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 15 02:13:41 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 15 Jan 2023 01:13:41 +0000 Subject: [gnutls-devel] GnuTLS | Indent code. (!1671) In-Reply-To: References: Message-ID: Daiki Ueno commented: Is there any update? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1671#note_1239675127 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 17 00:06:01 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 16 Jan 2023 23:06:01 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add the HMAC and hash functions (!5) In-Reply-To: References: Message-ID: Simon Josefsson commented: Thank you @vivien\_! Looks great to me. Is this work complete now, or is it part of more work? Would you like to make a release, @vivien\_ to get it released? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/5#note_1241476899 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 17 11:49:56 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 17 Jan 2023 10:49:56 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: take advantage of GitLab code coverage visualization (!1691) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1691 Project:Branches: dueno/gnutls:wip/dueno/coverage to gnutls/gnutls:master Author: Daiki Ueno This switches to using gcovr instead of our custom coverage generation rule to take advantage of "Test coverage visualization" in GitLab: https://docs.gitlab.com/ee/ci/testing/test_coverage_visualization.html ## Checklist * [x] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1691 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 17 14:44:13 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 17 Jan 2023 13:44:13 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: take advantage of GitLab code coverage visualization (!1691) In-Reply-To: References: Message-ID: Alexander Sosedkin was added as a reviewer.
-- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1691 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 18 07:12:38 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Jan 2023 06:12:38 +0000 Subject: [gnutls-devel] Guile-GnuTLS | Add the HMAC and hash functions (!5) In-Reply-To: References: Message-ID: Vivien Kraus Would Rather Not Be On Gitlab_com commented on a discussion: https://gitlab.com/gnutls/guile/-/merge_requests/5#note_1243664372 Hello! I would like to add the rest of the crypto API. I was waiting for that to be merged to try and avoid as many beginner mistakes as possible in the future. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/guile/-/merge_requests/5#note_1243664372 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 18 23:57:57 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Jan 2023 22:57:57 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: take advantage of GitLab code coverage visualization (!1691) In-Reply-To: References: Message-ID: Daiki Ueno commented: Merging this without approval, as it is a CI-only change. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1691#note_1245030173 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 18 23:58:30 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 18 Jan 2023 22:58:30 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: take advantage of GitLab code coverage visualization (!1691) In-Reply-To: References: Message-ID: Merge request !1691 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1691 Project:Branches: dueno/gnutls:wip/dueno/coverage to gnutls/gnutls:master Author: Daiki Ueno Reviewer: Alexander Sosedkin -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1691 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 19 15:57:53 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 19 Jan 2023 14:57:53 +0000 Subject: [gnutls-devel] GnuTLS | Add configuration option for certificate compression algorithms (#1423) In-Reply-To: References: Message-ID: Reassigned Issue 1423 https://gitlab.com/gnutls/gnutls/-/issues/1423 Assignee changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1423 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 19 16:22:29 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 19 Jan 2023 15:22:29 +0000 Subject: [gnutls-devel] GnuTLS | KTLS: decryption failure with ChaCha20-Poly1305 in TLS 1.2 (#1443) In-Reply-To: References: Message-ID: Issue was closed by Zolt?n Fridrich Issue #1443: https://gitlab.com/gnutls/gnutls/-/issues/1443 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1443 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 19 16:22:29 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 19 Jan 2023 15:22:29 +0000 Subject: [gnutls-devel] GnuTLS | KTLS: decryption failure with ChaCha20-Poly1305 in TLS 1.2 (#1443) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: Seems to be a kernel dependent issue. I see no issues with kernel versions 6.1.6 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1443#note_1246078726 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 19 16:24:31 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 19 Jan 2023 15:24:31 +0000 Subject: [gnutls-devel] GnuTLS | Update tlsfuzzer submodule once tests for compress_certificate is ready (#1418) In-Reply-To: References: Message-ID: Milestone removed -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1418 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 20 20:32:01 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 20 Jan 2023 19:32:01 +0000 Subject: [gnutls-devel] GnuTLS | KTLS: decryption failure with ChaCha20-Poly1305 in TLS 1.2 (#1443) In-Reply-To: References: Message-ID: Franti?ek Kren?elok commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1443#note_1247917686 +1 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1443#note_1247917686 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 21 02:48:21 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 21 Jan 2023 01:48:21 +0000 Subject: [gnutls-devel] GnuTLS | Integrate "coverage" subproject into this repository (#1393) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno Issue #1393: https://gitlab.com/gnutls/gnutls/-/issues/1393 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1393 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 21 02:48:20 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 21 Jan 2023 01:48:20 +0000 Subject: [gnutls-devel] GnuTLS | Integrate "coverage" subproject into this repository (#1393) In-Reply-To: References: Message-ID: Daiki Ueno commented: Let's close this now that !1691 is merged. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1393#note_1248140911 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 23 18:46:59 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 23 Jan 2023 17:46:59 +0000 Subject: [gnutls-devel] GnuTLS | .gitlab-ci.yml: take advantage of GitLab code coverage visualization (!1691) In-Reply-To: References: Message-ID: Alexander Sosedkin commented: I'm not sure it's working, as I don't see coverage highlighted in neither repository nor merge requests. XML coverage is being generated, but I'm not sure that it can map filenames from XML back to actual paths, as it has lines like ``. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1691#note_1249632147 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 24 03:02:25 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 24 Jan 2023 02:02:25 +0000 Subject: [gnutls-devel] GnuTLS | crash in 32-bit gnutls_privkey_sign_data() when using MD2 digest algorithm (#1447) References: Message-ID: Andrew Meadows created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1447 ## Description of problem: Crash in gnutls_privkey_sign_data() when trying to create RSA signature with MD2 digest algorithm. ## Version of gnutls used: 32-bit 3.6.7-4+deb10u7 ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) debian buster, using 32-bit package libgnutls28-dev:i386 ## How reproducible: 100% Steps to Reproduce: * Create a foo.cpp file with the following code: ``` // foo.cpp -- crash in gnutls_privkey_sign_data() // // This program demonstrates what appears to be a bug in 32-bit // gnutls 3.6.7 when trying to create an RSA signature using the // MD2 algorithm. These are the tested versions and their results: // // 64-bit gnutls-3.7.3 FAIL // 64-bit gnutls-3.6.7 SUCCESS // 32-bit gnutls-3.6.7 CRASH // // These tests were done using some variety of debian or ubuntu. #include #include #include #include gnutls_digest_algorithm_t digest_algorithm = GNUTLS_DIG_MD2; std::string pem_key = "-----BEGIN PRIVATE KEY-----" "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDj1ejV7Aax85LJ" "yevp8C5bsinRyFGEGK+oVXVzQUKGUFI8fjW0j0uGGfezkwKvNo0UUg4RjoORCsjn" "xTVh0WFUnQd2S9VCmngak41jSR7g7Zg5et2nLOLIKhUcq5N9bdYkFKFF6Tcij20Z" "ekkHJtjPDYAemux26kViqALKvS/n0T+d3MedsVUrGVxCDjGvyrbNF0PaJXfW/ZEz" "C01LcyqCUUMRLdGQCuG7EbV9xKOKajj2nuSeg/aPDAZ5tHJ/ZtBbmyV+5mF8UU5e" "QJKYXCg16xeFoQstdRtk3xyOvfA9D0MPewIpoZL1xj8grMpEigJXH2DbMcuAwFHl" "PL2OVPNZAgMBAAECggEATOqRYW7+T6NIYgFeOKsSK3i5b44uHudqnezD6vYULF3/" "dVaycNOTjqFDo4c098v10u9kun6fYh7+9mf4fp5+Ol+M/l3ZkFOvymEX8XXlC9CK" "fJVDMUYRBbxXRkeSUlz7V1DzpTN3np5HGbvT3as6tKP9JdftjrPGWukXkDRQcPTr" "aTT1s205Bc7ph0G3nRBfNJz077XUJUD+O17r8ILPjMFnQkWOilx9rZtdnUvXwnei" "WUfitibsuZRmNxldQVkeBlM3BS8sMAXodBnDIarQxkbFiRkOUxMNNjhB2oUF1bUI" "zob7S0pAqXpnp6wawvscuwLn5Ik8vGicqYUgoC9UpQKBgQD2SpQyKtSiK6ccR1bH" "divXmRbdu2tXBHVOxxNscH21aCMJ3RExFnQHMTZI2E0zmW2dYUQrqfN+OoXYkq/h" "NfHGiXN059dOXU543UCymtMkxv9UqmkNQxuvhTlP+aBuVOsg6/vNBSUkxH+pyAhV" "kKP70aCzai7xFV6+a3jAi5XQ5wKBgQDs0RYr8Xr0/BdwlekN7cOGRYGLOCOMwI+9" "cq1t61iAUbhXf8wh2NaYg/GsEZ+ZJv5tLLT8KDVOeTCj2/AkKvDuqNhbjY6i8RMY" "xoBx7Pd5GAfkOj3LoMRyQelY+6TbQh2l2iRAxJIjMeBpyyXnKIgoB09R75SmxbV/" "Obx3OkNRvwKBgQCwdZCmPO+p3VLWvPoc4LratrGeXgizCNuvfIybFiHLFnh8Oap2" "nBq3iHfXSzpM7PGPX8AC9LojR3TcTYS7+/VlBNf2+6DUYZ+2kvcmwCzlXbpUg9/O" "g7VTVUVR2o0qX6czKEB5jOUm6a56C3qFK6OB6ZiU01AcpO4DymZytc+6IwKBgQDO" "p673beTkgFBcGRWk6AUl2OWw/a5YF3nX0ojxUNyMLcP15znVl4m80fdFNqPVXCfO" "UaMmIFhUQIFnnHg0t5xER+d2DVOZcVI+3oob4LQcYhIQ4ZonZgXHxyjAU+iKxWll" "37SfKGp2eAHjkDllPQOEGsznLXDFD+bQPSvvx1ITtQKBgGCNB92wMTiLc0GdlEtq" "vOUZBm/ImvmfM52Z7Xgk5x86Nb5kUq39+3udMT/7G0MklGy0gHrX6mjp5rnFAzi6" "eeUxQBQJTOxateiaMrh8CLjrBth0NfTI61bkDNIV/EFAXa7Ou3jjzSDhPW/xzPmm" "jA4eMgGDOpi6f8hdAjDPgrys" "-----END PRIVATE KEY-----"; std::string message = "Hello world!"; int32_t main() { gnutls_datum_t key_dat = { (uint8_t*)(pem_key.data()), (uint32_t)(pem_key.size()) }; gnutls_x509_privkey_t key; gnutls_privkey_t private_key; gnutls_datum_t msg_dat = { (uint8_t*)(message.data()), (uint32_t)(message.size()) }; gnutls_datum_t sig_dat; int32_t sig64_len = 0; bool success = true; std::string error_message = ""; if (gnutls_x509_privkey_init(&key)) { error_message = "out of memory"; success = false; } if (success && gnutls_x509_privkey_import(key, &key_dat, GNUTLS_X509_FMT_PEM)) { error_message = "failed to import key"; success = false; } if (success && gnutls_privkey_init(&private_key)) { error_message = "out of memory"; success = false; } if (success) { if (gnutls_privkey_import_x509(private_key, key, 0)) { error_message = "failed to import private key"; success = false; } if (success && GNUTLS_PK_RSA != gnutls_privkey_get_pk_algorithm(private_key, nullptr)) { // key not compatible with RSA? error_message = "private key incompatible with RSA"; success = false; } // sign data if (gnutls_privkey_sign_data(private_key, digest_algorithm, 0, &msg_dat, &sig_dat) != 0) { error_message = "failed to sign"; success = false; } if (success) { std::cout << "success!" << std::endl; gnutls_free(sig_dat.data); } gnutls_privkey_deinit(private_key); } gnutls_x509_privkey_deinit(key); if (!success) { std::cout << "fail: error='" << error_message << "'" << std::endl; } return 0; } ``` * Install the libgnutls28-dev:i386 package * Compile foo.cpp: `g++ -ofoo -m32 foo.cpp -l gnutls -L /usr/lib/i386-linux-gnu/` * Run the foo executable: `./foo` ## Actual results: * Executable will crash with SIGABRT signal ## Expected results: * Executable should print `success!` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1447 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 25 12:29:29 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 25 Jan 2023 11:29:29 +0000 Subject: [gnutls-devel] GnuTLS | Support external PSK importer (#1355) In-Reply-To: References: Message-ID: Milestone changed to Release of GnuTLS 3.10.0 ( https://gitlab.com/gnutls/gnutls/-/milestones/38 ) -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1355 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 25 12:31:24 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 25 Jan 2023 11:31:24 +0000 Subject: [gnutls-devel] GnuTLS | For 2nd ClientHello in 0-RTT(TLS1.3), it should not be encrypted and early data extension should not exist. (#1429) In-Reply-To: References: Message-ID: Milestone removed -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1429 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 25 22:24:12 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 25 Jan 2023 21:24:12 +0000 Subject: [gnutls-devel] GnuTLS | New priority string: `%NO_EC_POINT_FORMAT` (and, test in gnutls-cli-debug) (#1448) References: Message-ID: Daniel Kahn Gillmor created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1448 In TLS 1.3, the EC Point Format extension is deprecated. It looks like some TLS servers (at least those from [Vencel](https://vencel.com)) appear to send a handshake failure alert if the ClientHello does not contain an `ec_point_format` extension. It would be useful to introduce a new priority string named something like `%NO_EC_POINT_FORMAT` which would cause the TLS client to omit the extension entirely. It would also be a useful test to add to `gnutls-cli-debug`. This test would report whether the handshake succeeds if the extension is omitted. --- Note: I discovered this [looking into a failure with RIPE Atlas probes](https://github.com/RIPE-NCC/ripe-atlas-probe-measurements/pull/15), after some manual testing. GnuTLS doesn't have a problem connecting to Vencel servers, but the probe did. Having a way to diagnose the connection failure directly from the `gnutls-cli-debug` would have made my testing simpler and easier. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1448 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 26 08:02:18 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Jan 2023 07:02:18 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1622) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1622#note_1253285226 I think this is almost ready to merge, except the CI errors. Would you like to address them, or would you mind if I do that? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1622#note_1253285226 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 26 12:20:59 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Jan 2023 11:20:59 +0000 Subject: [gnutls-devel] GnuTLS | Indent code. (!1671) In-Reply-To: References: Message-ID: Zolt?n Fridrich was added as a reviewer.
-- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1671 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 26 12:21:03 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Jan 2023 11:21:03 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1622) In-Reply-To: References: Message-ID: Zolt?n Fridrich was added as a reviewer.
-- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1622 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 26 15:45:07 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Jan 2023 14:45:07 +0000 Subject: [gnutls-devel] GnuTLS | Indent code. (!1671) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: I went over the issues and I don't see any problems that would prevent us from merging the MR. We can resolve the threads in a separate MR. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1671#note_1253956453 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 26 15:45:07 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Jan 2023 14:45:07 +0000 Subject: [gnutls-devel] GnuTLS | Indent code. (!1671) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1671 was reviewed by Zolt?n Fridrich -- Zolt?n Fridrich started a new discussion on devel/indent-maybe: https://gitlab.com/gnutls/gnutls/-/merge_requests/1671#note_1253956430 > + > +for f in "$@"; do > + $INDENT -st $f | $INDENT -st - | diff -u $f - || ($INDENT $f && $INDENT $f) Cant we merge the indent-gnutls and indent-maybe scripts? What is the purpose to have two scripts? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1671 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 26 15:45:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 26 Jan 2023 14:45:19 +0000 Subject: [gnutls-devel] GnuTLS | Indent code. (!1671) In-Reply-To: References: Message-ID: Merge request !1671 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1671 Project:Branches: jas/gnutls:jas/indent to gnutls/gnutls:master Author: Simon Josefsson Assignees: Reviewer: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1671 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 11:13:07 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 10:13:07 +0000 Subject: [gnutls-devel] GnuTLS | Add code indentation scripts (!1692) In-Reply-To: References: Message-ID: Reassigned merge request 1692 https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 Assignee changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 11:13:10 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 10:13:10 +0000 Subject: [gnutls-devel] GnuTLS | Add code indentation scripts (!1692) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 11:31:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 10:31:04 +0000 Subject: [gnutls-devel] GnuTLS | Add code indentation (!1692) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 was reviewed by Daiki Ueno -- Daiki Ueno started a new discussion on devel/indent-maybe: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692#note_1255208075 > +# License: GPLv3+ > + > +INDENT=${INDENT:-indent} ```suggestion:-0+0 : ${INDENT=indent} ``` -- Daiki Ueno started a new discussion on devel/indent-gnutls: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692#note_1255208082 > +git ls-files -z | grep -z '\.[ch]\(.in\)\?$' | grep -z -v '^./devel/' | xargs -0 -n1 `dirname "$0"`/indent-maybe > + > +exit 0 Do we need this? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 11:31:04 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 10:31:04 +0000 Subject: [gnutls-devel] GnuTLS | Add code indentation (!1692) In-Reply-To: References: Message-ID: Merge request !1692 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 11:34:15 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 10:34:15 +0000 Subject: [gnutls-devel] GnuTLS | Add code indentation (!1692) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented on a discussion on devel/indent-gnutls: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692#note_1255212205 > +#!/bin/sh > + > +# Copyright (c) 2022 Simon Josefsson > +# License: GPLv3+ > + > +if ! indent --version 2> /dev/null | grep 'GNU indent' > /dev/null; then > + echo 1>&2 "$0: GNU indent is missing" > + exit 77 > +fi > + > +INDENT="indent -ppi1 -linux"; export INDENT > + > +git ls-files -z | grep -z '\.[ch]\(.in\)\?$' | grep -z -v '^./devel/' | xargs -0 -n1 `dirname "$0"`/indent-maybe > + > +exit 0 the script or exit 0? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692#note_1255212205 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 11:41:09 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 10:41:09 +0000 Subject: [gnutls-devel] GnuTLS | Add code indentation (!1692) In-Reply-To: References: Message-ID: Daiki Ueno commented on a discussion on devel/indent-gnutls: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692#note_1255221878 > +#!/bin/sh > + > +# Copyright (c) 2022 Simon Josefsson > +# License: GPLv3+ > + > +if ! indent --version 2> /dev/null | grep 'GNU indent' > /dev/null; then > + echo 1>&2 "$0: GNU indent is missing" > + exit 77 > +fi > + > +INDENT="indent -ppi1 -linux"; export INDENT > + > +git ls-files -z | grep -z '\.[ch]\(.in\)\?$' | grep -z -v '^./devel/' | xargs -0 -n1 `dirname "$0"`/indent-maybe > + > +exit 0 The latter; maybe it would be better to exit with `$?`? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692#note_1255221878 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 11:41:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 10:41:33 +0000 Subject: [gnutls-devel] GnuTLS | Add code indentation (!1692) In-Reply-To: References: Message-ID: All discussions on merge request !1692 were resolved by Zolt?n Fridrich https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 11:46:20 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 10:46:20 +0000 Subject: [gnutls-devel] GnuTLS | Add code indentation (!1692) In-Reply-To: References: Message-ID: Merge request !1692 was scheduled to merge after pipeline succeeds by Zolt?n Fridrich Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 13:56:24 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 12:56:24 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1622) In-Reply-To: References: Message-ID: All reviewers were removed. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1622 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 14:01:27 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 13:01:27 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1622) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1622 was reviewed by Zolt?n Fridrich -- Zolt?n Fridrich started a new discussion on lib/gnutlsxx.cpp: https://gitlab.com/gnutls/gnutls/-/merge_requests/1622#note_1255429143 > > #include > - Can we remove this file completely? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1622 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 14:01:27 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 13:01:27 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1622) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: Is there any point in keeping lib/gnutlsxx.cpp file when its empty? Otherwise ok. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1622#note_1255429157 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 27 15:43:22 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 14:43:22 +0000 Subject: [gnutls-devel] GnuTLS | Add code indentation (!1692) In-Reply-To: References: Message-ID: Merge request !1692 was scheduled to merge after pipeline succeeds by Zolt?n Fridrich Merge request url: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 28 00:21:19 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 23:21:19 +0000 Subject: [gnutls-devel] GnuTLS | GnuTLS 3.7.8 MinGW64 DTLS timed out Resource temporarily unavailable (#1449) References: Message-ID: acstime created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1449 ## Description of problem: I am not an experienced GnuTLS developer but interested and trying to help isolate confirmed behavior under MSYS2/MinGW64 port in MS Windows x64, [failure to re-handshake](https://github.com/msys2/MINGW-packages/issues/14739#issuecomment-1380526887). Summarized test suite and dependency results posted there as well. Everything passes except anything touching Datagram TLS (DTLS): All dtls-* tests fail. Four other test fail, upon debug: ``` server|<3>| ASSERT: ../../gnutls-3.7.8/lib/dtls.c[_dtls_transmit]:263 server|<3>| ASSERT: ../../gnutls-3.7.8/lib/dtls.c[_dtls_transmit]:420 client|<3>| ASSERT: ../../gnutls-3.7.8/lib/buffers.c[get_last_packet]:1190 client|<3>| ASSERT: ../../gnutls-3.7.8/lib/handshake.h[handshake_remaining_time] :132 client|<3>| ASSERT: ../../gnutls-3.7.8/lib/buffers.c[_gnutls_handshake_io_recv_i nt]:1456 client|<3>| ASSERT: ../../gnutls-3.7.8/lib/handshake.c[_gnutls_recv_handshake]:1 600 client|<3>| ASSERT: ../../gnutls-3.7.8/lib/kx.c[_gnutls_recv_server_kx_message]: 590 client|<3>| ASSERT: ../../gnutls-3.7.8/lib/handshake.c[handshake_client]:3140 server|<3>| ASSERT: ../../gnutls-3.7.8/lib/buffers.c[_gnutls_io_write_flush]:696 server|<3>| ASSERT: ../../gnutls-3.7.8/lib/dtls.c[_dtls_transmit]:263 server|<3>| ASSERT: ../../gnutls-3.7.8/lib/dtls.c[_dtls_transmit]:420 client[-319]: The operation timed out server[-28]: Resource temporarily unavailable, try again. ``` Two questions: Would dtls "timeout" possibly also cause the re-handshake failure we have observed in gnutls-cli? How can we go about fixing it? I looked at a couple of the source files for this, they mostly involve ciphers that clearly pass the test suite on their own. It appears that some assumption about the OS doesn't work in Windows ("Resource temporarily unavailable") What resource? It's not much for me to go on, looks like I'm stuck.. Running the GnuTLS test suite Provided; see github link. ## Version of gnutls used: 3.7.8 ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) MinGW64 (MS Windows x64) ## How reproducible: See test link Steps to Reproduce: See test link * one * two * three ## Actual results: ## Expected results: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1449 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 28 00:23:02 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 27 Jan 2023 23:23:02 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli crashes with segfault in mingw (#1446) In-Reply-To: References: Message-ID: acstime commented: New issue created, https://gitlab.com/gnutls/gnutls/-/issues/1449 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1446#note_1256150329 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 28 11:29:45 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 28 Jan 2023 10:29:45 +0000 Subject: [gnutls-devel] GnuTLS | GnuTLS 3.7.8 MinGW64 DTLS timed out Resource temporarily unavailable (#1449) In-Reply-To: References: Message-ID: acstime commented: Same results in -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1449#note_1256300222 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 28 12:32:51 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 28 Jan 2023 11:32:51 +0000 Subject: [gnutls-devel] GnuTLS | GnuTLS 3.7.8 MinGW64 Test x509cert-ct fails DERs do not match (#1450) References: Message-ID: acstime created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1450 I am not an experienced GnuTLS developer but interested and trying to help isolate confirmed behavior under MSYS2/MinGW64 port in MS Windows x64, [failure to re-handshake](https://github.com/msys2/MINGW-packages/issues/14739#issuecomment-1380526887). Summarized test suite and dependency results posted there as well. Test x509cert-ct fails massively. Small sections of the two test data sets appear to be completely different I modified test source as follows, only for reporting purposes (line 253): ``` xder.data = ct_extension_der; xder.size = sizeof(ct_extension_der); if (ext_out.size != xder.size || memcmp(ext_out.data, xder.data, xder.size) != 0) printf ("ext_out.data (%i bytes):\n", ext_out.size); for (i=0; i < ext_out.size; ++i) printf("%02x ", ext_out.data[i]); printf ("\n\nxder.data (%i bytes):\n", xder.size); for (i=0; i < xder.size; ++i) printf("%02x ", xder.data[i]); printf("\n\n"); fail("DERs do not match"); ``` Produces: ``` ext_out.data (486 bytes): 04 82 01 e2 01 e0 00 75 00 dd eb 1d 2b 7a 0d 4f a6 20 8b 81 ad 81 68 70 7e 2e 8e 9d 01 d5 5c 88 8d 3d 11 c4 cd b6 ec be cc 00 00 00 00 00 00 00 00 00 00 04 03 00 46 30 44 02 20 4b 95 1e ad 31 c9 77 cd f1 73 f4 2f 2f 1e 4c 42 41 dd 73 00 2a 16 9e ad c9 f4 12 a8 ed 80 d5 0f 02 20 4d fb fa 54 27 d1 30 17 8c a1 da 14 54 d5 4d ca 91 dc d3 23 e2 83 7a b2 d9 0a 5d 34 e0 00 c5 72 00 77 00 a4 b9 09 90 b4 18 58 14 87 bb 13 a2 cc 67 70 0a 3c 35 98 04 f9 1b df b8 e3 77 cd 0e c8 0d dc 10 00 00 00 00 00 00 00 00 00 00 04 03 00 48 30 46 02 21 00 fa 0c 53 f8 b3 d0 d7 b8 be 03 38 71 0a 25 ef 32 d5 4b cc 44 73 5f 27 6a d7 3d 12 02 e9 3a ab ef 02 21 00 b7 2b 7a 9c c8 3b d7 cf da c5 e7 20 d5 f9 36 75 c0 ca 08 ff 04 a4 42 56 9d a6 e7 0d 1c 0c 6f 4d 00 76 00 ee 4b bd b7 75 ce 60 ba e1 42 69 1f ab e1 9e 66 a3 0f 7e 5f b0 72 d8 83 00 c4 7b 89 7a a8 fd cb 00 00 00 00 00 00 00 00 00 00 04 03 00 47 30 45 02 20 7f 29 64 de 5d 89 ed a5 3a de a2 d8 d4 b9 ef 1c 5d ba 8d 76 98 66 78 5e de 9c 3c 04 55 64 28 a9 02 21 00 c4 e1 97 2b ad e0 0a 69 74 8d 99 e5 04 03 7f e3 56 0c 08 d1 74 70 29 7d ac c2 11 98 43 9e 7d f6 00 76 00 bc 78 e1 df c5 f6 3c 68 46 49 33 4d a1 0f a1 5f 09 79 69 20 09 c0 81 b4 f3 f6 91 7f 3e d9 b8 a5 00 00 00 00 00 00 00 00 00 00 04 03 00 47 30 45 02 20 3b 47 9f ea bd de 7f e6 18 6c dd 15 96 fd 3c 89 9e bc 4d ed f3 28 b8 16 91 0a 42 1d df 37 e1 dd 02 21 00 eb 5f 2d 37 f9 51 f6 6f 1d 87 40 55 7c 70 09 f6 8d c2 01 3e 77 b1 68 ce df bb 05 84 73 cd 39 3e xder.data (486 bytes): 04 82 01 e2 01 e0 00 75 00 dd eb 1d 2b 7a 0d 4f a6 20 8b 81 ad 81 68 70 7e 2e 8e 9d 01 d5 5c 88 8d 3d 11 c4 cd b6 ec be cc 00 00 01 5a ec a4 b6 4a 00 00 04 03 00 46 30 44 02 20 4b 95 1e ad 31 c9 77 cd f1 73 f4 2f 2f 1e 4c 42 41 dd 73 00 2a 16 9e ad c9 f4 12 a8 ed 80 d5 0f 02 20 4d fb fa 54 27 d1 30 17 8c a1 da 14 54 d5 4d ca 91 dc d3 23 e2 83 7a b2 d9 0a 5d 34 e0 00 c5 72 00 77 00 a4 b9 09 90 b4 18 58 14 87 bb 13 a2 cc 67 70 0a 3c 35 98 04 f9 1b df b8 e3 77 cd 0e c8 0d dc 10 00 00 01 5a ec a4 b6 e8 00 00 04 03 00 48 30 46 02 21 00 fa 0c 53 f8 b3 d0 d7 b8 be 03 38 71 0a 25 ef 32 d5 4b cc 44 73 5f 27 6a d7 3d 12 02 e9 3a ab ef 02 21 00 b7 2b 7a 9c c8 3b d7 cf da c5 e7 20 d5 f9 36 75 c0 ca 08 ff 04 a4 42 56 9d a6 e7 0d 1c 0c 6f 4d 00 76 00 ee 4b bd b7 75 ce 60 ba e1 42 69 1f ab e1 9e 66 a3 0f 7e 5f b0 72 d8 83 00 c4 7b 89 7a a8 fd cb 00 00 01 5a ec a4 b6 9d 00 00 04 03 00 47 30 45 02 20 7f 29 64 de 5d 89 ed a5 3a de a2 d8 d4 b9 ef 1c 5d ba 8d 76 98 66 78 5e de 9c 3c 04 55 64 28 a9 02 21 00 c4 e1 97 2b ad e0 0a 69 74 8d 99 e5 04 03 7f e3 56 0c 08 d1 74 70 29 7d ac c2 11 98 43 9e 7d f6 00 76 00 bc 78 e1 df c5 f6 3c 68 46 49 33 4d a1 0f a1 5f 09 79 69 20 09 c0 81 b4 f3 f6 91 7f 3e d9 b8 a5 00 00 01 5a ec a4 b7 40 00 00 04 03 00 47 30 45 02 20 3b 47 9f ea bd de 7f e6 18 6c dd 15 96 fd 3c 89 9e bc 4d ed f3 28 b8 16 91 0a 42 1d df 37 e1 dd 02 21 00 eb 5f 2d 37 f9 51 f6 6f 1d 87 40 55 7c 70 09 f6 8d c2 01 3e 77 b1 68 ce df bb 05 84 73 cd 39 3e ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1450 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 30 09:30:28 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 30 Jan 2023 08:30:28 +0000 Subject: [gnutls-devel] GnuTLS | Indent code? (#1419) In-Reply-To: References: Message-ID: Issue was closed by Zolt?n Fridrich via commit d75eec5cb344468ccb31a93f385004f87f72a301 Issue #1419: https://gitlab.com/gnutls/gnutls/-/issues/1419 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1419 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 30 09:30:33 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 30 Jan 2023 08:30:33 +0000 Subject: [gnutls-devel] GnuTLS | Add code indentation (!1692) In-Reply-To: References: Message-ID: Merge request !1692 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1692 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 30 09:40:55 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 30 Jan 2023 08:40:55 +0000 Subject: [gnutls-devel] GnuTLS | Indent code. (!1671) In-Reply-To: References: Message-ID: Merge request !1671 was closed by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1671 Project:Branches: jas/gnutls:jas/indent to gnutls/gnutls:master Author: Simon Josefsson Assignees: Reviewer: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1671 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 30 09:40:54 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 30 Jan 2023 08:40:54 +0000 Subject: [gnutls-devel] GnuTLS | Indent code. (!1671) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: The changes have been merged in !1692 Closing this MR -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1671#note_1256970555 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 30 10:29:46 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 30 Jan 2023 09:29:46 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1693) In-Reply-To: References: Message-ID: Reassigned merge request 1693 https://gitlab.com/gnutls/gnutls/-/merge_requests/1693 Assignee changed to Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1693 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 30 10:29:48 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 30 Jan 2023 09:29:48 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1693) References: Message-ID: Zolt?n Fridrich created a merge request: https://gitlab.com/gnutls/gnutls/-/merge_requests/1693 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Add a description of the new feature/bug fix. Reference any relevant bugs.. ## Checklist * [ ] Commits have `Signed-off-by:` with name/author being identical to the commit author * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [ ] Documentation updated / NEWS entry present (for non-trivial changes) * [ ] CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout) ## Reviewer's checklist: * [ ] Any issues marked for closing are addressed * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent and according to `CONTRIBUTION.md` * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1693 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 31 09:45:05 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 31 Jan 2023 08:45:05 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1693) In-Reply-To: References: Message-ID: Merge request !1693 was approved by Daiki Ueno Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1693 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1693 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 31 09:45:47 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 31 Jan 2023 08:45:47 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli crashes with segfault in mingw (#1446) In-Reply-To: References: Message-ID: acstime commented on a discussion: https://gitlab.com/gnutls/gnutls/-/issues/1446#note_1258762057 As evidence, I can confirm #1449 #1450 behavior is unchanged for me, also with common.h chunk reversal. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1446#note_1258762057 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 31 09:46:54 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 31 Jan 2023 08:46:54 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1693) In-Reply-To: References: Message-ID: Daiki Ueno commented: Looks good to me, thanks @createyourpersonalaccount for making this happen and thanks @ZoltanFridrich for the follow-up! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1693#note_1258763565 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 31 09:47:31 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 31 Jan 2023 08:47:31 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1693) In-Reply-To: References: Message-ID: Merge request !1693 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1693 Project:Branches: ZoltanFridrich/gnutls:zfridric_devel3 to gnutls/gnutls:master Author: Zolt?n Fridrich Assignee: Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1693 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 31 09:48:32 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 31 Jan 2023 08:48:32 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1622) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: Closing this MR as these changes has been merged in !1693 Thank you for contribution! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1622#note_1258765920 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 31 09:48:32 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 31 Jan 2023 08:48:32 +0000 Subject: [gnutls-devel] GnuTLS | gnutlsxx: become header-only library (!1622) In-Reply-To: References: Message-ID: Merge request !1622 was closed by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/1622 Project:Branches: createyourpersonalaccount/gnutls:gnutlsxx-headeronly to gnutls/gnutls:master Author: Nikolaos Chatzikonstantinou Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1622 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 31 09:51:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 31 Jan 2023 08:51:36 +0000 Subject: [gnutls-devel] GnuTLS | Make gnutlsxx header-only library (#1381) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: fixed in !1693 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1381#note_1258770356 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 31 09:51:36 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 31 Jan 2023 08:51:36 +0000 Subject: [gnutls-devel] GnuTLS | Make gnutlsxx header-only library (#1381) In-Reply-To: References: Message-ID: Issue was closed by Zolt?n Fridrich Issue #1381: https://gitlab.com/gnutls/gnutls/-/issues/1381 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1381 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 31 17:35:18 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 31 Jan 2023 16:35:18 +0000 Subject: [gnutls-devel] GnuTLS | Fail to retrieve directory listing connecting TLS 1.3 protocol (#1451) References: Message-ID: Alla Gofman created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1451 ## Description of problem: Use FileZilla FTPS client. Connect protocol TLS 1.3. Server based on Java 11 or higher. Java TLS implementation on close sends "user_canceled" alert before sending "close_notify" (for some backsword compatibility) GnuTLS fails to retrieve directory listing with error: **tls_layer_impl::failure(-12)** and FileZilla client aborts connection on this error. According to: https://www.rfc-editor.org/rfc/rfc8446#section-6.1 user_canceled: This alert notifies the recipient that the sender is canceling the handshake for some reason unrelated to a protocol failure. If a user cancels an operation after the handshake is complete, just closing the connection by sending a "close_notify" is more appropriate. This alert SHOULD be followed by a "close_notify". This alert generally has AlertLevel=warning. ** user_canceled - should be treated as a warning and not an error. When called gnutls_record_recv() - GnuTLS returns code: | -12 | GNUTLS_E_FATAL_ALERT_RECEIVED | A TLS fatal alert has been received. | instead returning for example | -16 | GNUTLS_E_WARNING_ALERT_RECEIVED | A TLS warning alert has been received. | FileZilla client expects | 0 | GNUTLS_E_SUCCESS | Success. | Otherwise aborts connection. Opened also bug to FileZilla: https://trac.filezilla-project.org/ticket/12099 ## Version of gnutls used: GnuTLS 3.6.7 ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) ## How reproducible: Steps to Reproduce: * one Use Server based on Java v11 ?r higher. See https://mina.apache.org/ftpserver-project/ * two Use FileZilla FTPS client to connect to above server with TLS 1.3 protocol to retrieve directory listing ## Actual results: FileZilla client aborts the connection ## Expected results: List directory succeeded -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1451 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 31 18:13:46 2023 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 31 Jan 2023 17:13:46 +0000 Subject: [gnutls-devel] GnuTLS | Fail to retrieve directory listing connecting TLS 1.3 protocol (#1451) In-Reply-To: References: Message-ID: Alla Gofman commented: Fix suggested in Java 17 due bug https://bugs.openjdk.org/browse/JDK-8282600 Doesn't solve the issue. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1451#note_1259737403 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: