_gnutls_timespec_cmp: new inline function

Signed-off-by: Daiki Ueno <dueno@redhat.com>

tls13/session_ticket: rename tls13_ticket_t type to tls13_ticket_st

This is consistent with the coding guideline.

Signed-off-by: Daiki Ueno <dueno@redhat.com>

gnutls-cli: reduce printed session information

When connecting to a server we were printing a lot of duplicate
information that was already part of the "Description" string.
No longer print that information unless --verbose is given.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

gnutls-cli: do not print errors twice

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Vendor in CFB8 functionality from Nettle

If nettle's CFB8 is not available, use a vendored in version from master.
This is necessary as long as we need to link against 3.4 for ABI
compatibility reasons.

Signed-off-by: Simo Sorce <simo@redhat.com>

Add AES-CFB8 Support

Signed-off-by: Simo Sorce <simo@redhat.com>

Merge branch 'tmp-fix-fips-mode' into 'master'

fips140: aligned code with documentation

See merge request gnutls/gnutls!781

Merge branch 'tmp-initialize-so-pin-fix' into 'master'

p11tool: fix admin user PIN initialization

Closes #561

See merge request gnutls/gnutls!776

p11tool: fix initialization of security officer's PIN

Previously we would call gnutls_pkcs11_token_set_pin() without an
old PIN provided, which will result to the use of C_InitPIN() on the
underlying module. The C_InitPIN() in contrast with C_SetPIN() will
only work for the user and not for the administrator. As such, we
always provide the oldpin for when we change the admin's PIN.

Resolves #561

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

fips140: aligned code with documentation

That is, we introduce the documented but unimplemented macros
GNUTLS_FIPS140_SET_LAX_MODE() and GNUTLS_FIPS140_SET_STRICT_MODE().

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Merge branch 'tmp_cleanup_and_fixes' into 'master'

Cleanup and fixes

Closes #453

See merge request gnutls/gnutls!779

Simplified check for NULL pointer to reduce code changes.

Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Unified abbreviation for certificate type priorities in code.

Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Merge branch 'tmp-update-tlsfuzzer' into 'master'

update tlsfuzzer scripts to latest version

Closes #591

See merge request gnutls/gnutls!774

Renamed CHECK_AUTH macro to CHECK_AUTH_TYPE to be more clear what it checks.

Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Renamed _gnutls_server_select_cert() to _gnutls_select_server_cert() for consistency reasons with its client couterpart.

Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Renamed certificate_credential_append_crt_list() to certificate_credential_append_keypair().

Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Renamed _gnutls_auth_info_set() to _gnutls_auth_info_init().

Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Renamed fields in priority_st to improve code readability. Fixes #453.

Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Added NULL pointer check in gnutls_certificate_free_credentials for safety.

Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Renamed _gnutls_proc_x509_server_crt to _gnutls_proc_x509_crt.

Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Small fixes for comments and log strings.

Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Merge branch 'tmp-uris' into 'master'

pkcs11 uris: the scheme is case insensitive

Closes #590

See merge request gnutls/gnutls!616

Merge branch 'tmp-fix-global-init-override' into 'master'

SKIP tests/global-init-override if weak symbols don't work

Closes #592

See merge request gnutls/gnutls!778

SKIP tests/global-init-override if weak symbols don't work

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

tests: eagain-auto-auth: only compiled in systems with cmocka available

This fixes build issue at MacOSX CI.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

tlsfuzzer: updated to latest upstream and enabled new tests

Resolves: #591

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

handshake: send missing extension alert

When a key share extension is not seen under TLS1.3, send
the missing extension alert.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Merge branch 'tmp-auto-reauth' into 'master'

gnutls_init: added flag for automatic re-authentication

Closes #571

See merge request gnutls/gnutls!766

_gnutls_server_select_cert: return error when no server cert is selected

When a certificate callback is used and no certificate is provided
by it, return an error rather than trying to use it (and crashing)
later. Note that this affects only an "illegal" code path when
a server would have provided no certificate, something which must
not happen on a real-world server.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

gnutls_init: added flag for automatic re-authentication

This introduces the GNUTLS_AUTO_REAUTH gnutls_init() flag and makes
re-authentication under TLS simpler to enable and use.

Resolves #571

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

pkcs11 uris: the URI scheme is case insensitive

Makes the comparisons of the URI scheme to use c_strcasecmp
from gnulib. It also replaces various straw strcasecmp with
the gnulib variant. This ensures that comparison will be
reliable irrespective of the locale.

Resolves #590

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

.gitlab-ci.yml: cross CI requires privileged systems

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Merge branch 'tmp-fix-eina-cpu-on-solaris' into 'master'

Fix check for GNU C compiler in eina_cpu.c

See merge request gnutls/gnutls!772

Merge branch 'tmp-fix-gen-mech-list-on-solaris' into 'master'

Fix gen-mech-list.sh on Solaris / Bourne Shell

See merge request gnutls/gnutls!771

Fix check for GNU C compiler in eina_cpu.c

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Fix gen-mech-list.sh on Solaris / Bourne Shell

`cmd` is more compatible than $(cmd).

The shell is "sh (Schily Bourne Shell) version 2013/01/14 a+ (i386-pc-solaris2.9)"

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Merge branch 'tmp-check-prereqs' into 'master'

Let bootstrap check for gperf, makeinfo, rsync, autopoint

Closes #582

See merge request gnutls/gnutls!769

Merge branch 'tmp-fix-584' into 'master'

Skip tests/tls13/prf.c if visibility 'protected' doesn't work

Closes #584

See merge request gnutls/gnutls!770

Let bootstrap check for gperf and autopoint

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Skip tests/tls13/prf.c if visibility 'protected' doesn't work

Overriding gnutls_rnd() with visibility 'protected' doesn't always work.
E.g. LDFLAGS="-Wl,-Bsymbolic-functions" seems to have priority on
Debian derived systems.

Fixes #584

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

tests: added unit test for gnutls_session_set_id

This adds a unit and a negative test which ensures that
a client will not be tricked in performing resumption when
this function is used.

Resolves #585

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

doc: fix use of gnutls_ext_raw_parse callback [ci skip]

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Merge branch 'tmp-fix-priority-set-call' into 'master'

gnutls_priority_set: do not override version on handshake

Closes #580

See merge request gnutls/gnutls!765

gnutls_priority_set: do not override version on handshake

When handshake is in progress, do not override the default TLS
version in the session. This allows gnutls_priority_set to be called
in the post_client_hello function without breaking the handshake.

Resolves #580

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Merge branch 'tmp-check-iv-size' into 'master'

encrypt_packet_tls13: added explicit check on iv_size bounds

See merge request gnutls/gnutls!767

encrypt_packet_tls13: added explicit check on iv_size bounds

Although there are no ciphers defined for TLS1.3 which would overflow
the assumed bound, an explicit check is necessary to avoid that code
be a liability in future updates.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

privkey_pkcs8: added reference for validation parameters OID [ci skip]

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

NEWS: corrected typo [ci skip]

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Merge branch 'tmp-lib-c-strcase' into 'master'

Use ASCII version of strcasecmp() in library code

Closes #570

See merge request gnutls/gnutls!764

Merge branch 'tlsfuzzer-ssl3' into 'master'

tlsfuzzer: add missing script

See merge request gnutls/gnutls!759

Merge branch 'tmp-fix-buffer-t' into 'master'

Make tlsproxy/buffer.c compilable by gcc 4.4.7

Closes #577

See merge request gnutls/gnutls!763

Merge branch 'tmp-cleanup-in-docs' into 'master'

manpage generation cleanup

See merge request gnutls/gnutls!760

Use ASCII version of strcasecmp() in library code

strcasecmp() has side effects in some locales.
What we really need is c_strcasecmp() from Gnulib for comparing
ASCII strings.

Fixes #570

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

.gitlab-ci.yml: reenable SSLv2 hello support for SSL-3.0.Fedora.x86_64

Reenable SSLv2 hello support to let several SSL-3.0 tls-fuzzer tests
pass.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

tlsfuzzer: disable SSL3.0 in export-ciphers-rejected test

These tests will fail with SSL3.0-enabled gnutls-serv unless --ssl3
option was passed. We will run these tests anyway from
gnutls-nocert-ssl3.json, so disable them here.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

tlsfuzzer: support running from separate build dir

Adapt tls-fuzzer-common.sh script to be able to run tests in case
srcdir != builddir.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

.gitlab-ci.yml: reenable full test suite in SSL-3.0/SHA-1 case

Reenable full test suite run in SSL-3.0/SHA-1 CI test case to let us
catch issues in legacy code.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

tlsfuzzer: add missing script

Makefile.am refers tls-fuzzer-nocert-ssl3.sh script, which is missing
in the source tree. Add it back.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

tlsfuzzer: move common code to separate file

Move common code to tls-fuzzer-common.sh to ease further adjustments.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

tlsfuzzer: use random port for tls-fuzzer-nocert test

Like the rest of tls-fuzzer tests, pass "-p PORT" to subtests, allowing
usage of random port for server.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

tlsfuzzer: use random port for tls-fuzzer-cert test

Like the rest of tls-fuzzer tests, pass "-p PORT" to subtests, allowing
usage of random port for server.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Merge branch 'tmp-eliminate-dead-code' into 'master'

_gnutls_check_key_purpose: eliminated dead code

Closes #573

See merge request gnutls/gnutls!762

Make tlsproxy/buffer.c compilable by gcc 4.4.7

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

_gnutls_check_key_purpose: eliminated dead code

Resolves #573

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

manpages: do not generate any manpages for openpgp.h

This API is no longer functional and is only available as stubs
for backwards binary compatibility.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

manpage generation: cleanup

Recognize parameters of the form unsigned char name[8], and
do not print obscure warnings. Furthermore gdoc will fail
when a function parameter is not described or when no
function is found. This addresses the generation of undetected
errors in generated manpages.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

doc: fixed missing function and enumeration parameters

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

tests: removed unused file

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Merge branch 'tmp-fix-mech-list-generation' into 'master'

mech-list.h: generate unique entries

See merge request gnutls/gnutls!761

mech-list.h: generate unique entries

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

released 3.6.4

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

tests: pkcs12-utf8 depend on bash

The NetBSD default shell cannot handle the UTF-8 strings we use
in that script.

Resolves #544

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

bumped versions and updated NEWS file

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Enable the TLS1.3 protocol by default

As the protocol has been finalized, and the implementation is
stable and interoperable, there is no need to enable it conditionally.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Merge branch 'tmp-pkcs11-lax-search' into 'master'

Provide a less restrictive PKCS#11 search of certificates

Closes #569

See merge request gnutls/gnutls!757

Merge branch 'tmp-be-strict-on-crls' into 'master'

gnutls-cli enables CRL validation on startup

Closes #564

See merge request gnutls/gnutls!752

Merge branch 'tmp-session-ticket-key-rotation-ajuaristi' into 'master'

Session ticket key rotation with TOTP

Closes #184

See merge request gnutls/gnutls!695

gnutls-cli: enable CRL validation on startup

This also makes the failure in adding CRLs or CAs, a fatal error.

Resolves #564

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Provide a more flexible PKCS#11 search of trust store certificates

This addresses the problem where the CA certificate doesn't
have a subject key identifier whereas the end certificates
have an authority key identifier.

Resolves #569

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

trust list: added flag to force failure on CRL validation error

This allows an application to be notified of the addition of invalid
CRLs in the trust list.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Merge branch 'tmp-rm-mech-list' into 'master'

Remove auto-generated src/mech-list.h from repo

See merge request gnutls/gnutls!753

Remove auto-generated src/mech-list.h from repo

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Merge branch 'tmp-res-prio' into 'master'

Fix issue introduced in 20886264fe

See merge request gnutls/gnutls!756

Fix issue introduced in 20886264fe

This makes _gnutls_resolve_priorities() return a string that is always
allocated with the gnutls memory functions.

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

session tickets: check timestamp for validity

We were previously only relying on the client's view of the
ticket lifetime for TLS1.3 tickets. This makes sure that we
only resume tickets that the server considers valid and consolidates
the expiration time checks to _gnutls_check_resumed_params().

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

ECC export/import: updated documentation on EdDSA curves

This clarifies the format that parameters in the EdDSA curves
will be returned, and also ensures that the import/export
functions fail on unsupported curves.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Merge branch 'gost-endianness' into 'master'

GOST endianness

See merge request gnutls/gnutls!755

tests: use virt-time.h in resumption tests

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Added session ticket key rotation with TOTP

This introduces session ticket key rotation on server side. The
key set with gnutls_session_ticket_enable_server() is used as a
master key to generate time-based keys for tickets. The rotation
relates to the gnutls_db_set_cache_expiration() period.

Resolves #184

Signed-off-by: Ander Juaristi <a@juaristi.eus>

certtool: print GOST public key with MSB first

OpenSSL and other libraries print MSB first, when printing GOST public
keys. Let's return to this convention.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

x509: print_pubkey: print GOST public key with MSB first

OpenSSL and other libraries print MSB first, when printing GOST public
keys. Let's return to this convention.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

lib: use little endian when importing/exporting GOST keys

GOST R 34.10 native format is little endian. It is better for the
application code to use native format data to interface library, rather
than convert buffers on their own.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

mpi: add function to dprint mpi in little endianness

Add little endian counterpart to _gnutls_mpi_dprint and
_gnutls_mpi_dprint_le.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Merge branch 'fix-gost-docs' into 'master'

gnutls.h: correct GOST R number references

See merge request gnutls/gnutls!750

gnutls.h: correct GOST R number references [ci skip]

Fix numeric GOST R ids used in documentation, too many numbers:
 - GOST R 34.11 is digest function
 - GOST R 34.10-2001 is a digital signature over GOST R 34.11-94 digest
 - GOST R 34.10-2012 is a digital signature over GOST R 34.11-2012 digest

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Update git submodules via ./bootstrap

Setting $SUBMODULE_NOFETCH to a non-empty value adds
--no-fetch to the git command (for CI speedup).

Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

tests: pkcs1-pad: run with SHA-1 enabled or disabled

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

.gitlab-ci.yml: enable run with SHA-1 enabled

This adds a CI run with SHA-1 enabled, and corrects issues in the
testsuite when that's the case.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

gnutls_x509_trust_list_add_trust_mem: fix behavior with unaccounted certs

If gnutls_x509_trust_list_add_cas returns less than clist_size, the additional
unaccounted certificates will never be freed.

Relates #552

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>