[gnutls-devel] GnuTLS | SRP authentication disabled by default in 3.8.4+ (#1668)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Thu Feb 20 17:59:59 CET 2025 


Robin created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1668



## Description of problem:

It seems that the SRP auth is disabled by default in 3.8.4 and later, is this wanted ? I did not find any information on this in the documentation.

I tried to compile from the sources downloaded on the website (3.8.9) but I get a compile error if using the `--enable-srp-authentication` but compilation works on master with the same flag.

```
In file included from ./str.h:28,
                 from ./auth.h:26,
                 from auth/srp_kx.h:26,
                 from srp.c:24:
./gnutls_int.h:490:9: error: unknown type name 'gnutls_buffer_st'
  490 |         gnutls_buffer_st data;
      |         ^~~~~~~~~~~~~~~~
./gnutls_int.h:1215:9: error: unknown type name 'gnutls_buffer_st'
 1215 |         gnutls_buffer_st
      |         ^~~~~~~~~~~~~~~~
./gnutls_int.h:1301:9: error: unknown type name 'gnutls_buffer_st'
 1301 |         gnutls_buffer_st early_data_presend_buffer;
      |         ^~~~~~~~~~~~~~~~
./gnutls_int.h:1305:9: error: unknown type name 'gnutls_buffer_st'
 1305 |         gnutls_buffer_st record_key_update_buffer;
      |         ^~~~~~~~~~~~~~~~
./gnutls_int.h:1306:9: error: unknown type name 'gnutls_buffer_st'
 1306 |         gnutls_buffer_st record_presend_buffer; /* holds cached data
      |         ^~~~~~~~~~~~~~~~
./gnutls_int.h:1312:9: error: unknown type name 'gnutls_buffer_st'
 1312 |         gnutls_buffer_st reauth_buffer;
      |         ^~~~~~~~~~~~~~~~
./gnutls_int.h:1468:9: error: unknown type name 'gnutls_buffer_st'
 1468 |         gnutls_buffer_st post_handshake_hash_buffer;
      |         ^~~~~~~~~~~~~~~~
./gnutls_int.h:1546:9: error: unknown type name 'gnutls_buffer_st'
 1546 |         gnutls_buffer_st full_client_hello;
      |         ^~~~~~~~~~~~~~~~
./gnutls_int.h:1550:9: error: unknown type name 'gnutls_buffer_st'
 1550 |         gnutls_buffer_st hb_local_data;
      |         ^~~~~~~~~~~~~~~~
./gnutls_int.h:1551:9: error: unknown type name 'gnutls_buffer_st'
 1551 |         gnutls_buffer_st hb_remote_data;
      |         ^~~~~~~~~~~~~~~~
In file included from ./gnutls_int.h:1741:
./algorithms.h:233:37: error: unknown type name 'gnutls_buffer_st'; did you mean 'gnutls_buffer_t'?
  233 |                                     gnutls_buffer_st *cdata,
      |                                     ^~~~~~~~~~~~~~~~
      |                                     gnutls_buffer_t
./algorithms.h:340:1: error: unknown type name 'mod_auth_st'
  340 | mod_auth_st *_gnutls_kx_auth_struct(gnutls_kx_algorithm_t algorithm);
      | ^~~~~~~~~~~
```

## Version of gnutls used:

3.8.4, 3.8.9, master

## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)

- Homebrew
- MacPorts
- Source tarball 

## How reproducible:

Steps to Reproduce:

- linking with a 3.8+ GnuTLS on mac (homebrew, MacPorts) or 3.8+ compiled with default configure script on linux
- call `gnutls_srp_allocate_server_credentials` func in a program.

## Actual results:

An error:
```
An unimplemented or disabled feature has been requested.
```

## Expected results:

No error

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1668
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250220/a3b7ce42/attachment-0001.html>

More information about the Gnutls-devel mailing list