From 991b9335accd7a7146e76367d8f0fd9fe77ccbcd Mon Sep 17 00:00:00 2001 From: Packit Service Date: Dec 15 2020 07:38:32 +0000 Subject: gnutls-3.6.14 base --- diff --git a/AUTHORS b/AUTHORS index e9c5378..df1b52d 100644 --- a/AUTHORS +++ b/AUTHORS @@ -2,57 +2,63 @@ The authors list is autogenerated from the git history; sorted by number of comm Nikos Mavrogiannopoulos Simon Josefsson -Tim Rühsen +Dmitry Baryshkov Daiki Ueno -Dmitry Eremin-Solenikov +Tim Rühsen Ludovic Courtès Timo Schulz Jonathan Bastien-Filiatrault Alon Bar-Lev Andreas Metzler +Tom Vrancken Martin Storsjo Tim Kosse Simo Sorce -Tom Vrancken Daniel Kahn Gillmor Fabian Keil Fabio Fiorina Stef Walter Armin Burgmeier +Anderson Toshiyuki Sasaki Andrew McDonald Alex Gaynor Martin Ukrop Jaak Ristioja Attila Molnar Hugo Beauzée-Luyssen +Jakub Jelen Martin Sucha Stefan Berger +Ander Juaristi David Woodhouse Jan Vcelak Kevin Cernekee -Ander Juaristi Stefan Sørensen +Steve Lhomme Adam Sampson Alfredo Pironti -Anderson Toshiyuki Sasaki Brad Hards +Daniel Lenski +Dimitri John Ledkov +Fiona Klute Michael Weiser Patrick Pelletier Rolf Eike Beer Sjoerd Simons +Stefan Bühler Thomas Klute Wolfgang Meyer zu Bergsten Christian Grothoff Daniel P. Berrange Gustavo Zacarias -Jakub Jelen Jiří Klimeš +Karsten Ohme Kurt Roeckx Peter Wu -Stefan Bühler Thierry Quemerais Alessandro Ghedini Alex Monk +Bernhard M. Wiedemann David Caldwell Diego Elio Pettenò Elta Koepp @@ -66,11 +72,16 @@ Ke Zhao Mark Brand Matthias-Christian Ott Maya Rashish +Michael Catanzaro +Michael Catanzaro Michał Górny Petr Písař +Pierre Ossman Roman Bogorodskiy Stephan Mueller Steve Dispensa +Vitezslav Cizek +nia raspa0 Alban Crequy Aleksei Nikiforov @@ -81,7 +92,8 @@ Andreas Schneider Andreas Schwab Avinash Sonawane Bas van Schaik -Bernhard M. Wiedemann +Bjoern Jacke +Björn Jacke Bjørn Christensen Carolin Latze Chen Hongzhi @@ -91,9 +103,11 @@ Dan Fandrich Daniel Schaefer David Walker David Weber +Edward Stangler Elias Pipping Elta Koepp Frank Morgner +Günther Deschner Hani Benhabiles Ilya V. Matveychikov Jared Wong @@ -103,6 +117,7 @@ Jeffrey Walton Jens Lechtenboerger Jussi Kukkonen Kenneth J. Miller +Lili Quan <13132239506 at 163.com> Lucas Fisher Ludwig Nussel Luis G.F @@ -117,7 +132,7 @@ Marti Raudsepp Matt Turner Matt Whitlock Micah Anderson -Michael Catanzaro +Miroslav Lichvar Nick Alcock Nicolas Dufresne Nils Maier @@ -127,22 +142,23 @@ Philippe Widmer R. Andrew Bailey Raj Raman Rical Jasan +Ricardo M. Correia Rickard Bellgrim Robert Scheck Roberto Newmon +Ross Nicholson Rowan Thorpe SUMIT AGGARWAL Saurav Babu Sebastian Dröge Simon Arlott -Steve Lhomme Thomas Klausner Tobias Polzer Tomas Hoger Tristan Matthews -Vitezslav Cizek Werner Koch Yuriy M. Kaminskiy +rrivers2 <5981058-rrivers2 at users.noreply.gitlab.com> sskaje Łukasz Stelmach diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3a20170..96fb7ff 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -132,6 +132,7 @@ like e.g. in lib/srp.h: ... #endif /* GNUTLS_LIB_SRP_H */ +``` The public header files follow a similar convention but use the relative install directory as template, e.g. `GNUTLS_GNUTLS_H` for `gnutls/gnutls.h`. @@ -178,7 +179,7 @@ should be introduced to enable the new behavior. When it is necessary, or desireable to enable the new features by default (e.g., TLS1.3 introduction), the "next" releases should be used (and introduced if necessary), to allow the modification to be tested for an -extended amount of time. +extended amount of time (see the [Release policy](RELEASES.md)). # API documentation diff --git a/ChangeLog b/ChangeLog index 7856ae5..a11b89d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,5023 @@ +Author: Daiki Ueno +Date: Mon Jun 1 14:18:03 2020 +0200 + + Release 3.6.14 [ci skip] + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Tue Jun 2 21:45:17 2020 +0200 + + valgrind: check if session ticket key is used without initialization + + This adds a valgrind client request for + session->key.session_ticket_key to make sure that it is not used + without initialization. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Tue Jun 2 20:53:11 2020 +0200 + + stek: differentiate initial state from valid time window of TOTP + + There was a confusion in the TOTP implementation in stek.c. When the + mechanism is initialized at the first time, it records the timestamp + but doesn't initialize the key. This removes the timestamp recording + at the initialization phase, so the key is properly set later. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun May 31 14:28:48 2020 +0200 + + tests: add test case for certificate chain superseding + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun May 31 13:59:53 2020 +0200 + + x509: trigger fallback verification path when cert is expired + + gnutls_x509_trust_list_verify_crt2 use the macro SIGNER_OLD_OR_UNKNOWN + to trigger the fallback verification path if the signer of the last + certificate is not in the trust store. Previously, it doesn't take + into account of the condition where the certificate is expired. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun May 31 12:39:14 2020 +0200 + + _gnutls_pkcs11_verify_crt_status: check validity against system cert + + To verify a certificate chain, this function replaces known + certificates with the ones in the system trust store if possible. + + However, if it is found, the function checks the validity of the + original certificate rather than the certificate found in the trust + store. That reveals a problem in a scenario that (1) a certificate is + signed by multiple issuers and (2) one of the issuers' certificate has + expired and included in the input chain. + + This patch makes it a little robuster by actually retrieving the + certificate from the trust store and perform check against it. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sat May 30 11:06:57 2020 +0200 + + build: write "FILE *fp" instead of "FILE *fd" + + This makes it clear that "fd" is not a file descriptor but a FILE + pointer. Suggested by Tim Rühsen. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon May 25 15:33:49 2020 +0200 + + gnutls_load_file: document limitation regarding partial failure + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon May 25 11:21:38 2020 +0200 + + cert-cred: clear private key data loaded from file + + This makes use of the RF_SENSITIVE flag newly added to read_file + function when reading potentially senstive information from a file. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon May 25 10:09:28 2020 +0200 + + lib: avoid file descriptor leak when application forks + + This makes use of the "e" flag of fopen, provided by the Gnulib's + fopen-gnu module. + + Reported by Remi Denis-Courmont in: + https://gitlab.com/gnutls/gnutls/-/issues/985 + and fix suggested by Tim Rühsen. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon May 25 18:37:51 2020 +0200 + + gnulib: update git submodule + + This brings in the new fopen-gnu module and the RF_SENSITIVE flag for + fread_file and read_file. This also adds the following changes to be + consistent with the latest changes in Gnulib: + - the callers of fread_file and read_file to be adjusted for the FLAGS + argument + - "attribute.h" needs to be used extensively + + Signed-off-by: Daiki Ueno + +Author: Steve Lhomme +Date: Wed Apr 29 10:32:08 2020 +0200 + + win32: use bcrypt instead of CryptoAPI on Vista+ for random numbers + + CryptoAPI is a deprecated API [1] that is forbidden in UWP builds. + + Rewrite the CryptoAPI calls in bcrypt. + + bcrypt is used instead of CryptoAPI when targeting Windows Vista and above. + + https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptdecrypt + + Signed-off-by: Steve Lhomme + +Author: Dmitry Baryshkov +Date: Thu May 28 03:15:55 2020 +0300 + + .travis.yml: use several different OSX versions + + Signed-off-by: Dmitry Baryshkov + +Author: Steve Lhomme +Date: Wed May 27 21:14:50 2020 +0000 + + win32: move the NCRYPT key import into a function + + No functional change. The has been simply moved. + + Signed-off-by: Steve Lhomme + +Author: Steve Lhomme +Date: Wed May 27 21:13:43 2020 +0000 + + configure.ac: determine if the Vista APIs can be linked statically + + If _WIN32_WINNT is higher or equal to 0x0600, Vista API's are allowed during + the build. We can assume that the minimum platform the code will run on is + Vista [1] + + In that case there's no need to call API's (ncrypt) dynamically when it can be + done statically. + + [1] https://docs.microsoft.com/en-us/cpp/porting/modifying-winver-and-win32-winnt + + Signed-off-by: Steve Lhomme + +Author: Dmitry Baryshkov +Date: Wed May 27 00:34:02 2020 +0300 + + lib: add support for AES-192-GCM + + Add support for AES-192 in GCM mode. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Tue May 26 16:19:59 2020 +0300 + + configure: check that -no_weak_links works with FD_SET + + Several Xcode/SDK versions provide FD_SET implementation that does not + work with -no_weak_links. Check that this option does not break FD_SET + usage. + + Fixes #966 + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Tue May 26 13:12:24 2020 +0300 + + tests: build datefudge-check during make all + + Most of the tests depend on datefudge-check. Let's make it during 'make + all' stage to allow running individual tests w/o requiring to build it + separately. + + Fixes #920 + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Tue May 26 13:06:03 2020 +0300 + + configure.ac: add -fno-builtin-strcmp if valgrind is enabled + + Recent GCC provides strcmp which makes Valgrind assume that it accesses + uninitialized data. Disable this optimization if Valgrind tests are + enabled. + + Fixes #944 + + Signed-off-by: Dmitry Baryshkov + +Author: rrivers2 <5981058-rrivers2@users.noreply.gitlab.com> +Date: Sun May 24 23:11:01 2020 +0000 + + Update session_ticket.c to add support for zero length session tickets returned from the server + + check that ticket_len > 0 prior to calling gnutls_realloc_fast + + Signed-off-by: Rod Rivers <5981058-rrivers2@users.noreply.gitlab.com> + +Author: Dmitry Baryshkov +Date: Thu May 14 05:54:58 2020 +0300 + + build: vendor in libtasn1 code + + Instead of keeping the minitasn1 source in Git, vendor in it during + bootstrap as we do with Nettle code. This also upgrades included + minitasn1 to latest version (4.16.0). + + Signed-off-by: Dmitry Baryshkov + +Author: Steve Lhomme +Date: Tue May 19 16:23:40 2020 +0200 + + win32: link with crypt32 + + Since 5d03564cccd2c10c41252ea468d4a098bd08e9c1 we use CertOpenStore(). + To properly link it needs to be linked with the crypt32.dll. + https://docs.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-certopenstore + + This library was missing from the pkg-config library. It exists in + thirdparty_libadd to link gnutls as a DLL. + + Signed-off-by: Steve Lhomme + +Author: Daiki Ueno +Date: Tue May 19 16:18:39 2020 +0200 + + fips: remove FIPS_STARTUP_ONLY_TEST_CASE macro + + The macro was intended to avoid non-recoverable errors during library + initialization, but the code path has been removed in commit + 3963518d067a64412bbe0aa9ce5fc33ae729c15f. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon May 18 12:25:42 2020 +0200 + + fips: make FIPS140-2 mode enablement logic simpler + + Previously, to enable the FIPS140-2 mode, both /etc/system-fips and + the fips=1 kernel command line need to be set. While this was + designed to be consistent, the convention is not well followed by the + other crypto libraries and the former tends to be ignored. This + aligns the behavior to the latter, i.e. if fips=1 is set, the library + enables the FIPS140-2 mode regardless of the existence of + /etc/system-fips. + + Suggested by Alexander Sosedkin. + + Signed-off-by: Daiki Ueno + +Author: Dmitry Baryshkov +Date: Mon May 18 00:13:34 2020 +0300 + + x509: support commonName extension + + Add support for Common Name certificate extension. + + Fixes #989 + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Sun May 17 22:01:22 2020 +0300 + + x509: aki: always print authorityCert info + + Always print authorityCertIssuer/SerialNumber. Currently it is output + only if keyIdentifier is not present. + + Fixes #991 + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Mon May 11 23:50:40 2020 +0300 + + output: add Russian security class policies + + Add Russian Security Class certificate policies (per + draft-deremin-rfc4491-bis). + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Mon May 11 23:11:56 2020 +0300 + + x509: print certificate policiy names + + Add ability to print names for several pre-defined Certificate policies. + Currently the list is populated with anyPolicy from X.509 and CA/B + policies. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Thu May 14 02:22:05 2020 +0300 + + certtool: use gnutls_pkcs7_print_signature_info + + Use new function to remove code duplication. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Thu May 14 02:20:57 2020 +0300 + + pkcs7: add function to display signature information + + Basically export print_pkcs7_info() in a way usable by external + applications. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Thu May 14 02:22:20 2020 +0300 + + pkcs7: decode attribute OIDs when printing + + Try printing symbolic names for well-known OIDs when printing PKCS7 + signature info. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Thu May 14 05:28:20 2020 +0300 + + devel: add libtasn1 submodule + + GnuTLS maintains a part of libtasn1 sources in form of minitasn1 import. + Add libtasn1 submodule to ease synchronization with libtasn1. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Thu May 14 02:15:23 2020 +0300 + + x509: generify oid to str conversions + + Make oid to name conversion functions generic enough by allowing caller + to specify a pointer to OID table. + + Signed-off-by: Dmitry Baryshkov + +Author: Anderson Toshiyuki Sasaki +Date: Mon May 4 18:23:45 2020 +0200 + + accelerated: use AES-NI for AES-XTS when available + + This introduces a wrapper for the CRYPTOGAMS AES-XTS implementation + already present in the generated assembly code. + + Signed-off-by: Anderson Toshiyuki Sasaki + +Author: Anderson Toshiyuki Sasaki +Date: Fri Mar 20 16:37:33 2020 +0100 + + gnutls-cli: Add option to wait for resumption data + + This introduces the --waitresumption command line option which makes the + client to wait for the resumption data until a ticket is received under + TLS1.3. The client will block if no ticket is received. The new option + has no effect if the option --resume is not provided. + + This is useful to force the client to wait for the resumption data when + the server takes long to send the ticket, allowing the session + resumption to be tested. This is a common scenario in CI systems where + the testing machines have limited resources. + + Signed-off-by: Anderson Toshiyuki Sasaki + +Author: Anderson Toshiyuki Sasaki +Date: Tue May 5 19:27:59 2020 +0200 + + benchmark: enable AES-XTS cipher + + Signed-off-by: Anderson Toshiyuki Sasaki + +Author: Daiki Ueno +Date: Fri Aug 16 17:01:05 2019 +0200 + + nettle: disable RSA blinding in FIPS selftests + + Nettle's RSA signing, encryption and decryption functions still + require randomness for blinding, so fallback to use a fixed buffer in + selftests where entropy might not be available. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Apr 26 19:27:11 2020 +0200 + + nettle: expose SIV-CMAC through the AEAD interface + + This adds a couple of new cipher algorithms GNUTLS_CIPHER_AES_128_SIV + and GNUTLS_CIPHER_AES_256_SIV, exposing nettle_siv_cmac_aes{128,256}* + functions. Note that they can only used with the AEAD interface and + authentication tags are prepended (not appended) to the ciphertext. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Apr 26 19:27:05 2020 +0200 + + nettle: vendor in SIV-CMAC implementation + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Apr 26 19:26:57 2020 +0200 + + nettle: avoid manual backports of CFB8, CMAC, and XTS + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Apr 26 19:26:48 2020 +0200 + + nettle: rename import-chacha-from-nettle.sh to import-from-nettle.sh + + This script will handle other backports except ECC as well. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Apr 26 19:26:36 2020 +0200 + + configure.ac: fix broken nettle_cfb8_decrypt detection + + Given the fixed version of the function will be part of Nettle 3.6, + use pkg-config --atleast-version instead of a manually comparison of + the Nettle version. + + Fixes #974. + + Signed-off-by: Daiki Ueno + +Author: Tim Rühsen +Date: Wed Apr 29 12:41:52 2020 +0200 + + New make target 'update-copyright-year' + + We don't want to automatically update the copyright year as this + prevents reproducible builds. + + Instead, 'make update-copyright-year' has to be executed at the + start of each new year and the changes have to be pushed. + + Closes #980 + + Signed-off-by: Tim Rühsen + +Author: Dmitry Baryshkov +Date: Wed Apr 29 20:43:23 2020 +0300 + + tests/prime-check: don't include gmp.h + + Do not include gmp.h header, conflicts with it in + mini-gmp configuration and includes this header on it's own in + non-mini-gmp config. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Tue Apr 28 17:45:40 2020 +0300 + + tests/srp: increase timeouts + + SRP test times out if running on the GitLab CI with mini-gmp version of + Nettle. Increase timeouts to let the test pass. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Tue Apr 28 15:48:29 2020 +0300 + + CI: add nettle-mini-gmp test + + Wget/Wget2 OSS-Fuzz builders use mini-gmp version of nettle. Check that + we do not break them occasionally. + + Signed-off-by: Dmitry Baryshkov + +Author: Daiki Ueno +Date: Thu Apr 30 07:05:19 2020 +0200 + + doc: expand GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE description on RSA-PSS [ci skip] + + For RSA-PSS, this flag alone doens't fully enable reproducible + signatures and the user needs to indicate the fact that a zero-length + salt is used through SPKI upon verification. + + Signed-off-by: Daiki Ueno + +Author: Dmitry Baryshkov +Date: Tue Apr 28 03:06:26 2020 +0300 + + gost: use gostdsa-vko from nettle 3.6rc3 + + Now as we have upgraded Nettle to 3.6rc3 (which includes gostdsa_vko), + use this function from imported nettle sources. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Tue Apr 28 13:59:15 2020 +0300 + + nettle: update imported source to nettle 3.6rc3 + + Update imported nettle version to 3.6rc3. This will bring in updated + gmp-glue code and a possiblity to use gostdsa-vko imported from nettle + sources. + + Signed-off-by: Dmitry Baryshkov + +Author: Daiki Ueno +Date: Mon Apr 6 14:37:53 2020 +0200 + + fips: check library soname during configure + + Previously, we hard-coded the sonames of linked libraries for FIPS + integrity checking. That required downstream packagers to manually + adjust the relevant code in lib/fips.c, when a new interface version + of the dependent libraries (nettle, gmp) becomes available and linked + to libgnutls. + + This patch automates that process with the configure script. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Fri Mar 27 09:53:38 2020 +0100 + + gnutls_session_ext_register: keep track of extension name + + Previously it discarded the name argument, and that was making the + debug output awkward, e.g., running tests/tls-session-ext-register -v: + + client|<4>| EXT[0x9cdc20]: Preparing extension ((null)/242) for 'client hello' + client|<4>| EXT[0x9cdc20]: Preparing extension ((null)/241) for 'client hello' + client|<4>| EXT[0x9cdc20]: Sending extension (null)/241 (2 bytes) + + Signed-off-by: Daiki Ueno + +Author: Dmitry Baryshkov +Date: Sun Feb 16 00:28:43 2020 +0300 + + gost: update gostdsa_vko to follow Nettle + + Update gostdsa_vko() following changes going to be accepted into Nettle. + + Signed-off-by: Dmitry Baryshkov + +Author: Daiki Ueno +Date: Tue Apr 21 16:29:41 2020 +0200 + + gnutls_ext_get_name2: new function + + This adds a generalized version of gnutls_ext_get_name, which can + retrieve the name of the extension, even if it is registered per + session. + + Signed-off-by: Daiki Ueno + +Author: Dmitry Baryshkov +Date: Thu Apr 16 18:49:22 2020 +0300 + + build: attempt to fix build issues on FreeBSD + + BSD sed does not like \n and \0 in string substitution. Workaround this + by using sed magic. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Wed Apr 15 18:49:26 2020 +0300 + + gitlab CI: when calling cppcheck ignore lib/nettle/ecc rather than lib/nettle/curve448 + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Tue Apr 14 14:17:07 2020 +0300 + + gitlab-ci: add test for usage of nettle/hogweed internal symbols + + Check that GnuTLS does not depend on Nettle/Hogweed internal symbols. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Tue Apr 14 13:47:43 2020 +0300 + + nettle: vendor in poly1305 code + + Nettle's poly1305 code ended up with internal symbol _poly1305_block in + public header. This causes issues on Nettle version changes. Since those + symbols are going to become nettle-internal, vendor in relevant source + file. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Mon Apr 13 17:54:28 2020 +0300 + + gost: import _nettle_write_le32 to stop using Nettle's internal symbol + + Remove another dependency on nettle internal symbol by vendoring in + _nettle_write_le32 code + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Mon Apr 13 17:06:06 2020 +0300 + + nettle: use new imported source files for GOST DSA + + Provide GOST support using source files copied by script rather than + manually crafted by me. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Mon Apr 13 16:11:02 2020 +0300 + + build: import-curve448 -> import-ecc + + As the script now imports not just Curve448, but also gost code, rename + the script, target directory and symbols to follow that. + + Signed-off-by: Dmitry Baryshkov + +Author: Daiki Ueno +Date: Sat Apr 11 15:28:29 2020 +0200 + + xts: check key blocks according to FIPS-140-2 IG A.9 + + The implementation guidance suggests that a check of key1 != key2 + should be done at any place before the keys are used: + https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Module-Validation-Program/documents/fips140-2/FIPS1402IG.pdf + + Signed-off-by: Daiki Ueno + +Author: Dmitry Baryshkov +Date: Mon Apr 13 16:08:29 2020 +0300 + + devel: modify curve448 script to import gost sources + + Curve448 script already imports several ecc sources into GnuTLS tree. + Modify it to also vendor in GOST-related ecc files. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Mon Apr 13 12:43:42 2020 +0300 + + import-chacha: fix several additional symbol clashes + + Fix sed script used to rename symbols to remove few additional symbols + sitting in _nettle_FOO namespace. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Mon Apr 13 12:59:12 2020 +0300 + + curve448: import write-le64.c which defines internal symbol + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Mon Apr 13 12:43:42 2020 +0300 + + import-curve448: fix several additional symbol clashes + + Fix sed script used to rename symbols to remove few additional symbols + sitting in _nettle_FOO namespace. + + Signed-off-by: Dmitry Baryshkov + +Author: Daiki Ueno +Date: Mon Mar 30 11:27:40 2020 +0200 + + handshake-tls13: add session flag to disable sending session tickets + + While GnuTLS by default implicitly sends NewSessionTicket during + handshake, application protocols like QUIC set a clear boundary + between "in handshake" and "post handshake", and NST must be sent in + the post handshake state. + + Signed-off-by: Daiki Ueno + +Author: Bernhard M. Wiedemann +Date: Sun Apr 5 15:09:57 2020 +0200 + + tests: Fix status-request-revoked after 2020-10-24 + + included certs expire 2020-10-24 so this test fails after that date. + + Fixes #967 + + This patch was done while working on reproducible builds for openSUSE. + + Signed-off-by: Bernhard M. Wiedemann + +Author: Daiki Ueno +Date: Tue Mar 31 06:58:48 2020 +0200 + + build: use valgrind client request to detect undefined memory use + + This tightens the check introduced in + ac2f71b892d13a7ab4cc39086eef179042c7e23c, by using the valgrind client + request to explicitly mark the "uninitialized but initialization is + needed before use" regions. With this patch and the + fix (c01011c2d8533dbbbe754e49e256c109cb848d0d) reverted, you will see + the following error when running dtls_hello_random_value under + valgrind: + + $ valgrind ./dtls_hello_random_value + testing: default + ==520145== Conditional jump or move depends on uninitialised value(s) + ==520145== at 0x4025F5: hello_callback (dtls_hello_random_value.c:90) + ==520145== by 0x488BF97: _gnutls_call_hook_func (handshake.c:1215) + ==520145== by 0x488C1AA: _gnutls_send_handshake2 (handshake.c:1332) + ==520145== by 0x488FC7E: send_client_hello (handshake.c:2290) + ==520145== by 0x48902A1: handshake_client (handshake.c:2908) + ==520145== by 0x48902A1: gnutls_handshake (handshake.c:2740) + ==520145== by 0x402CB3: client (dtls_hello_random_value.c:153) + ==520145== by 0x402CB3: start (dtls_hello_random_value.c:317) + ==520145== by 0x402EFE: doit (dtls_hello_random_value.c:331) + ==520145== by 0x4023D4: main (utils.c:254) + ==520145== + + Signed-off-by: Daiki Ueno + +Author: Pierre Ossman +Date: Tue Mar 24 15:32:13 2020 +0100 + + Compare DNs by comparing their string representations + + A binary comparison will not work in case the contents is the same but + the ASN.1 type differ (e.g. PrintableString vs UTF8String). Such + variations are permitted so we need to handle them. + + Signed-off-by: Pierre Ossman + +Author: Pierre Ossman +Date: Tue Mar 24 15:29:34 2020 +0100 + + Properly compare DNs when checking sorting + + We might want to do other things than a simple memcmp() so make sure + we're using the right helper when comparing DNs. + + Signed-off-by: Pierre Ossman + +Author: Nikos Mavrogiannopoulos +Date: Tue Mar 31 16:58:07 2020 +0200 + + IDNA: require libidn2 2.0.0 + + We require private symbols which dissapear at some point in + IDN2 releases in order to support old versions of libidn2. Simplify + the code by requiring only recent versions and avoid issues such + as #832. + + Resolves: #832 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Tue Mar 31 07:40:21 2020 +0200 + + NEWS: updated for release + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Mar 30 20:52:36 2020 +0200 + + NEWS: doc update + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Mar 30 20:52:27 2020 +0200 + + bumped version + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sun Mar 29 21:30:37 2020 +0200 + + NEWS: doc update + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sun Mar 29 21:30:37 2020 +0200 + + tests: added check for random value of client and server hello in TLS + + This creates a tests that checks whether the TLS client and server + hello have sufficient non-zero bytes. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sun Mar 29 19:05:30 2020 +0200 + + tests: added reproducer for client hello random value behavior in DTLS + + This adds an equivalent test of tls13/hello_random_value.c for DTLS + and extends the tests for server hello as well. + + Relates: #960 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Mar 30 08:23:03 2020 +0200 + + psk: added checks to satisfy static analyzers + + Added null checks in legacy callbacks to avoid warnings from + static analyzers. The issues do not appear to be reproducible + in real-world use. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Sat Mar 28 02:31:10 2020 +0300 + + padlock: fix exception in wrap_padlock_hash_fast + + wrap_padlock_hash_fast() allocates a context on a stack (via local + variable) then tries to free it by calling wrap_padlock_hash_deinit() + causing a crash. Remove a call to deinit() to fix a crash. + + Fixes #930 + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Sat Mar 28 02:29:31 2020 +0300 + + padlock: fix exception in sha code + + padlock sha code will segfault (at least on Nano) if it is passed a NULL + data pointer (even if size is 0). Pass digest output buffer as a dummy + data pointer in such case. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Sat Mar 28 02:27:31 2020 +0300 + + padlock: make cbc code return error properly + + If underlying padlock_cbc_en/decrypt return an error, pass this error to + calling code. + + Signed-off-by: Dmitry Baryshkov + +Author: Stefan Bühler +Date: Fri Mar 27 17:17:57 2020 +0100 + + dtls client hello: fix zeroed random (fixes #960) + + This broke with bcf4de03 "handshake: treat reply to HRR as a reply to + hello verify request", which failed to "De Morgan" properly. + + Signed-off-by: Stefan Bühler + +Author: Anderson Toshiyuki Sasaki +Date: Tue Mar 24 09:55:08 2020 +0100 + + gnutls-serv: Do not exit when a message to be echoed is received + + Previously, when gnutls-serv was executed with the --echo option, it + would exit when a message to be echoed was received. Moreover, the + server would output "Memory error" although no error occurred. + + Signed-off-by: Anderson Toshiyuki Sasaki + +Author: Nikos Mavrogiannopoulos +Date: Wed Mar 18 11:23:47 2020 +0100 + + _gnutls_check_id_for_change: ensure that we check the username length + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Mar 18 10:01:53 2020 +0000 + + Ensure that an incorrectly formatted password file doesn't cause invalid memory access + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Ander Juaristi +Date: Sun Mar 15 23:31:49 2020 +0100 + + Update NEWS file + + Signed-off-by: Ander Juaristi + +Author: Ander Juaristi +Date: Tue Mar 3 11:49:32 2020 +0000 + + Update files + + Signed-off-by: Ander Juaristi + +Author: Ander Juaristi +Date: Mon Mar 2 16:37:10 2020 +0100 + + psk: Allow non-NULL PSK usernames + + This commit closes #586. + + Two new functions are introduced: gnutls_psk_server_get_username2() + and gnutls_psk_set_client_username2(), which are identical in behavior + to those named similarly (without the final '2'), but allow arbitrary + gnutls datums (not strings) to be used as usernames. + + Two new callback functions are also introduced, with their respective + setters: gnutls_psk_set_server_credentials_function2() and + gnutls_psk_set_client_credentials_function2(). + + In addition, the password file format is extended so that non-string + usernames can be specified. A leading '#' character tells GnuTLS that the + username should be interpreted as a raw byte string (encoded in HEX). + + Example: + + #deadbeef:9e32cf7786321a828ef7668f09fb35db + + Signed-off-by: Ander Juaristi's avatarAnder Juaristi + +Author: Daniel Lenski +Date: Sun Mar 22 19:12:44 2020 -0700 + + add NEWS entry + + Signed-off-by: Daniel Lenski + +Author: Daniel Lenski +Date: Sun Mar 22 19:01:55 2020 -0700 + + add additional tests of SSL 3.0 (with extensions, and with cipher suites not in SSL 3.0) + + See #958 + + Signed-off-by: Daniel Lenski + +Author: Daniel Lenski +Date: Sun Mar 22 19:00:32 2020 -0700 + + test_ssl3: minimize cipher suites to those actually included in SSL 3.0 + + See #958 + + Signed-off-by: Daniel Lenski + +Author: Daniel Lenski +Date: Sun Mar 22 18:58:26 2020 -0700 + + SSL 3.0 (RFC6101) doesn't actually appear to require extensions, and some servers don't accept them + + See #958 + + Signed-off-by: Daniel Lenski + +Author: Daiki Ueno +Date: Sun Mar 22 10:44:51 2020 +0100 + + gnutls_session_get_keylog_function: new function + + This adds a way to retrieve the keylog function set by + gnutls_session_set_keylog_function() to allow application protocols to + implement custom logging facility. + + Signed-off-by: Daiki Ueno + +Author: Dmitry Baryshkov +Date: Sun Mar 22 16:07:12 2020 +0300 + + oss-fuzz: return build error if fuzzers have failed to build + + Instead of silently ignoring build errors and running fewer fuzzers, + exit on the first build error. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Sun Mar 22 16:05:40 2020 +0300 + + oss-fuzz: use CC rather than CXX to compile fuzzers + + clang++ will choke on several fuzzer sources because C++ is stricter + than C wrt. type conversion: + + gnutls_base64_decoder_fuzzer.c:26:63: error: non-constant-expression + cannot be narrowed from type 'size_t' (aka 'unsigned long') to 'unsigned + int' in initializer list [-Wc++11-narrowing] + gnutls_datum_t raw = {.data = (unsigned char *)data, .size = size}; + + Signed-off-by: Dmitry Baryshkov + +Author: Tim Rühsen +Date: Thu Mar 19 17:49:11 2020 +0100 + + fuzz: Update README.md for clang-9 [skip ci] + + Signed-off-by: Tim Rühsen + +Author: Daiki Ueno +Date: Sun Mar 15 11:18:30 2020 +0100 + + state: add function to get the current hash algorithm + + This is particularly useful when the application applies key + derivation function by itself with the same underlying hash algorithm + as the session. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sat Mar 14 09:53:31 2020 +0100 + + abi: add enum values for GNUTLS_CIPHER_CHACHA20_* + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sat Mar 14 06:09:56 2020 +0100 + + cipher: allow setting ChaCha20 initial block counter + + This also introduces GNUTLS_CIPHER_CHACHA20_32, which is a 96-bit + nonce variant of GNUTLS_CIPHER_CHACHA20_64. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Fri Mar 13 17:24:26 2020 +0100 + + nettle: vendor in ChaCha20 implementation from nettle + + This enables to use bundled ChaCha20 implementation if the system + nettle doesn't have nettle_chacha_set_counter. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sat Mar 14 06:01:49 2020 +0100 + + cipher: expose raw ChaCha20 cipher + + Signed-off-by: Daiki Ueno + +Author: Anderson Toshiyuki Sasaki +Date: Wed Mar 18 16:17:39 2020 +0100 + + global: Load configuration after FIPS POST + + Previously, if the loaded configuration file disabled an algorithm + tested during FIPS-140 power-on self-tests, the test would fail. By + loading the configuration file after the test is finished, such failure + is avoided as any algorithm is allowed during the tests. + + Signed-off-by: Anderson Toshiyuki Sasaki + +Author: Jakub Jelen +Date: Wed Mar 11 18:31:49 2020 +0100 + + Validate EC_PARAMS for EdDSA keys + + Signed-off-by: Jakub Jelen + +Author: Jakub Jelen +Date: Fri Mar 6 13:41:25 2020 +0100 + + pubkey: Validate input parameters in pubkey_import_ecc_raw + + Signed-off-by: Jakub Jelen + +Author: Jakub Jelen +Date: Fri Feb 28 18:50:53 2020 +0100 + + tests: Verify writing and reading of ECDSA public keys from PKCS#11 + + Signed-off-by: Jakub Jelen + +Author: Jakub Jelen +Date: Fri Feb 28 18:45:14 2020 +0100 + + tests: Verify writing and reading of EdDSA public keys + + Signed-off-by: Jakub Jelen + +Author: Jakub Jelen +Date: Fri Feb 28 18:40:42 2020 +0100 + + pkcs11_write: Copy data to avoid double-free crashes and properly encode EC_POINT attribute + + Signed-off-by: Jakub Jelen + +Author: Nikos Mavrogiannopoulos +Date: Sat Mar 14 23:15:45 2020 +0100 + + .lgtm.yml: work around issues in LGTM system + + This disables dependency tracking and removes the gnulib + tests to work-around a failure build gl/. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Mar 12 20:46:58 2020 +0100 + + bootstrap.conf: do not bring tests in gnulib clones (src/unistring) + + These tests are not being run, and they can cause issues as + in !1208. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Mar 14 22:39:05 2020 +0100 + + .lgtm.yml: no longer bring nettle from master + + The system used has already a sufficiently recent version. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Anderson Toshiyuki Sasaki +Date: Thu Apr 4 15:45:02 2019 +0200 + + crypto-selftests-pk.c: Use deterministic signatures in test_known_sig() + + Use deterministic signatures for ECDSA and DSA in test_known_sig(). Do + not call test_known_sig() for non-deterministic algorithms. Do not run + PK_TEST() for algorithms tested with PK_KNOWN_TEST(). + + The deterministic algorithms are used if in FIPS-140 POST or if FIPS-140 + mode is disabled. When called explicitly with FIPS-140 mode enabled, + the pairwise-consistency test (PK_TEST()) is used instead. + + test_known_sig() was modified to support only deterministic algorithms. + The "deterministic" parameter was replaced with the "flags" parameter + through which the flags to be used in gnutls_privkey_sign_data() are + passed. + + The hard-coded values for the ECDSA and DSA signatures were replaced + with the values corresponding to the deterministic signatures to be used + in known answer tests. The unused values for GOST signatures were + removed. + + Signed-off-by: Anderson Toshiyuki Sasaki + +Author: Anderson Toshiyuki Sasaki +Date: Thu Mar 5 15:54:06 2020 +0100 + + crypto-selftests-pk.c: Use specified key in test_sig() + + Previously, test_sig() would use the same key regardless the value + provided in bits parameter. The changes introduced make test_sig() to + choose the key according to the value provided in bits. + + For RSA, only 2048 bits key is available for testing. The calls were + adjusted accordingly. + + Introduced 2048 bits DSA key in test_sig(). Removed unused 512 bits + key, leaving only the 2048 bits key available. + + For GOST, use the same keys for test_sig() and test_known_sig(). Remove + the unused keys. + + Reorder constant values and change variables names for better + readability. + + Signed-off-by: Anderson Toshiyuki Sasaki + +Author: Daiki Ueno +Date: Mon Mar 16 11:09:29 2020 +0100 + + tests/sign-is-secure: fix off-by-one error + + Reported by Peter Dettman in: + https://gitlab.com/gnutls/gnutls/-/issues/128#note_304892538 + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon Mar 16 11:03:41 2020 +0100 + + algorithms: properly calculate hash strength for Ed448 + + The Ed448 signature scheme internally uses XOF (SHAKE256) as the hash + function with 114-octet output. According to FIPS-202, the strength + against collisions is calculated as: + + min(114*8/2, 256) = 256 + + Reported by Peter Dettman in: + https://gitlab.com/gnutls/gnutls/-/issues/128#note_304892538 + + Signed-off-by: Daiki Ueno + +Author: Dmitry Baryshkov +Date: Thu Mar 12 12:56:37 2020 +0300 + + lib/x509: use common routine for parsing data version + + OSS Fuzzer noted an issue in parsing (incorrect) CRL files with + zero-length version field. Certificate parser does not have this issue, + while CRL and OCSP Request and Response parsers shows this problem. To + remove code duplication extract common function and use it from all four + parsers. + + Signed-off-by: Dmitry Baryshkov + +Author: Anderson Toshiyuki Sasaki +Date: Thu Apr 4 17:22:04 2019 +0200 + + crypto-selftests-pk.c: Fix PK_KNOWN_TEST and PK_TEST + + Previously, when multiple tests where declared in sequence using one of + the macros, only the first test would be executed. This happened + because a check for the GNUTLS_SELF_TEST_FLAG_ALL was embedded in the + macro. To allow more than one test to be executed in sequence, the + check for the flag was removed from both macros. + + To keep the previous behaviour (execute only the first test) the check + for the flag was moved to be after the first test, except for RSA since + the RSA encryption test must be executed in FIPS mode. + + Signed-off-by: Anderson Toshiyuki Sasaki + +Author: Anderson Toshiyuki Sasaki +Date: Wed Apr 3 13:40:04 2019 +0200 + + crypto-selftests-pk.c: Move hardcoded values to the top + + Signed-off-by: Anderson Toshiyuki Sasaki + +Author: Dmitry Baryshkov +Date: Tue Mar 10 22:42:02 2020 +0300 + + x509: apply same fix to print_crq + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Tue Mar 10 22:41:54 2020 +0300 + + x509: apply same fix to print_crl + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Tue Mar 10 12:12:36 2020 +0300 + + x509: drop endless loop in print_extensions + + If crq is malformed in extensions part, print_extensions() might loop + endlessly because gnutls_x509_crq_get_extension_info would return + unhandled GNUTLS_ASN1_DER_ERROR looping over extension index, rather + than bailing out. Fix this by handling this error code properly. Found + thanks to oss-fuzz. + + Signed-off-by: Dmitry Baryshkov + +Author: Daiki Ueno +Date: Sat Feb 29 17:01:10 2020 +0100 + + lib: use static assertion to check enum values + + We previously had checks of enum values with '#if', such as below: + + #define GNUTLS_EXTENSION_MAX_VALUE 31 + + typedef enum extensions_t { + ... + GNUTLS_EXTENSION_MAX /* not real extension - used for iterators */ + } extensions_t; + + /* we must provide at least 16 extensions for users to register */ + #if GNUTLS_EXTENSION_MAX_VALUE - GNUTLS_EXTENSION_MAX < 16 + # error not enough extension types + #endif + + This doesn't work as expected; because GNUTLS_EXTENSION_MAX is not + defined as a preprocessor macro, it always expands to 0. To properly + do this check, we need to use static assert as provided as the + 'verify' macro in gnulib. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Mar 1 10:16:08 2020 +0100 + + hello_ext: use 64-bit integer to track extensions + + We currently have 26 predefined extensions, allowing the user to + define 5 extra as tested in tests/handshake-large-packet.c. However, + if we introduce one more, session->internals.used_exts exceeds. + + Signed-off-by: Daiki Ueno + +Author: Dmitry Baryshkov +Date: Sat Mar 7 01:05:45 2020 +0300 + + fuzz: add simple x509 certificate requests and revocation lists fuzzers + + Add x509 certificate requests and certificate revocation lists fuzzers. + Use data from tests/cert-tests as a starting seed for the corpora. + + Fixes #903 + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Sat Mar 7 01:09:55 2020 +0300 + + lib/x509/output.c: remove occasioinal memory leak in print_issuer_sign_tool() + + Remove memory leak in error handling in print_issuer_sign_tool() by + moving asn1_delete_structure to the end of the function. + + Signed-off-by: Dmitry Baryshkov + +Author: Nikos Mavrogiannopoulos +Date: Mon Mar 2 20:28:21 2020 +0100 + + RELEASES.md: describe the release process + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Jakub Jelen +Date: Fri Feb 28 16:18:58 2020 +0100 + + Add support for loading EdDSA keys from PKCS#11 and using them + + Signed-off-by: Jakub Jelen + +Author: Ross Nicholson +Date: Sun Feb 23 07:55:43 2020 +0000 + + Adding missing macosx directory for aarch64 acceleration + + Signed-off-by: Ross Nicholson + +Author: Daiki Ueno +Date: Fri Feb 21 16:38:29 2020 +0100 + + keylogfile: simplify the callback mechanism + + This partially reverts commit 97117556 with a simpler interface. The + original intention of having the callback mechanism was to reuse it + for monitoring QUIC encryption changes. However, it turned out to be + insufficient because such changes must be emitted after a new epoch is + ready. + + Signed-off-by: Daiki Ueno + +Author: Tim Rühsen +Date: Fri Feb 21 13:14:48 2020 +0100 + + Add valgrind suppression for fun:decode_complex_string.isra.0 + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Fri Feb 21 13:14:03 2020 +0100 + + Add --gen-suppressions=all to valgrind to iautomatically generate suppression rules + + Signed-off-by: Tim Rühsen + +Author: Dmitry Baryshkov +Date: Tue Feb 18 14:35:37 2020 +0300 + + lib: drop unused pbkdf2 helpers + + Updated pbkdf2 API in GnuTLS removed the need for PBKDF2 helpers, drop + them now. + + Signed-off-by: Dmitry Baryshkov + +Author: Fiona Klute +Date: Sat Feb 8 23:47:17 2020 +0100 + + gnutls-cli: Add option to store all stapled OCSP responses + + Note that there's a small modification to the behavior of the existing + --ocsp-save option: If there is no stapled OCSP response the output + file is still created and will be empty. + + Signed-off-by: Fiona Klute + +Author: Tim Rühsen +Date: Sat Feb 8 18:04:27 2020 +0100 + + TravisCI: Add bison [skip ci] + + The latest gnulib needs a newer bison than TravisCI OSX has. + + Signed-off-by: Tim Rühsen + +Author: Daiki Ueno +Date: Sun Feb 2 08:13:50 2020 +0100 + + keylogfile: generalize with a callback + + This refactors the keylogfile mechanism by adding a callback to get + notified when a new secret is derived and installed. That way, + consumers can implement custom logging feature per session, which is + particularly useful in QUIC implementation. + + Signed-off-by: Daiki Ueno + +Author: Tim Rühsen +Date: Fri Feb 7 16:55:11 2020 +0100 + + .lgtm.yml: Fix --disable-documentation to --disable-doc [skip ci] + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Thu Feb 6 16:48:48 2020 +0100 + + cfg.mk: Exclude sc_prohibit_gnu_make_extensions from syntax-check + + This new gnulib check does not work with GNU awk 5.0.1 and GNU make 4.2.1. + + References: + https://lists.gnu.org/archive/html/bug-gnulib/2019-05/msg00095.html + https://lists.gnu.org/archive/html/bug-gnulib/2019-06/msg00040.html + https://lists.gnu.org/archive/html/bug-gnulib/2019-07/msg00046.html + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Thu Feb 6 15:52:50 2020 +0100 + + Update gnulib to fix building on OSX 10.9 + + Fixes #926 + + Signed-off-by: Tim Rühsen + +Author: Dimitri John Ledkov +Date: Tue Jan 14 15:14:59 2020 +0000 + + testcompat-openssl: improve testing against secured OpenSSL versions. + + In Debian, and soon Ubuntu, OpenSSL is compiled with SECLEVEL=2 and + requiring minimum TLSv1.2. However, smaller hashes/keys/versions are + allowed if one enables SECLEVEL=1. Do so when testing pre v1.2 algos, + and thus enabling testing more compatability combinations. + + Signed-off-by: Dimitri John Ledkov + +Author: Dmitry Baryshkov +Date: Wed Feb 5 16:06:30 2020 +0300 + + nettle/gost: gost28147: require calling set_param before set_key + + Require selecting parameter set before setting the key. There is no need + to provide default setting, if a param is always selected anyway. + + Signed-off-by: Dmitry Baryshkov + +Author: Daiki Ueno +Date: Mon Feb 3 05:18:29 2020 +0100 + + tests: skip pkcs12-gost under GNUTLS_FORCE_FIPS_MODE + + The MAC algorithm used in the PBKDF2 is actually prohibited in the + FIPS mode and previously there wasn't a check for that. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Feb 2 17:58:56 2020 +0100 + + privkey_pkcs8: remove unused #include + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Feb 2 17:57:37 2020 +0100 + + pkcs7-crypt: refactor using gnutls_pbkdf2 + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Feb 2 16:15:51 2020 +0100 + + pkcs12: refactor using gnutls_pbkdf2 + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Feb 2 16:00:56 2020 +0100 + + secrets: refactor using gnutls_hkdf_{extract,expand} + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Feb 2 14:44:05 2020 +0100 + + crypto-api: add generic crypto functions for KDF + + This exposes HKDF and PBKDF2 functions from the library. Instead of + defining a single KDF interface as in PKCS #11, this patch defines 3 + distinct functions for HKDF-Extract, HKDF-Expand, and PBKDF2 + derivation, so that we can take advantage of compile time checking of + necesssary parameters. + + Signed-off-by: Daiki Ueno + +Author: Michael Catanzaro +Date: Sun Feb 2 09:47:25 2020 -0600 + + session_pack: fix leak in error path + + If called at the wrong time, it allocates the buffer sb and forgets to + clear it. + + Signed-off-by: Michael Catanzaro + +Author: Nikos Mavrogiannopoulos +Date: Sat Feb 1 23:09:01 2020 +0100 + + .mailmap: map Dmitry's email to a single name [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Feb 1 23:02:55 2020 +0100 + + NEWS: fixed issue number for 448 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Feb 1 22:54:13 2020 +0100 + + NEWS: refactored for release + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Feb 1 22:44:41 2020 +0100 + + hooks.m4: bumped so-version + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Wed Jan 29 20:00:53 2020 +0300 + + nettle/gost: support use GOST DSA support from master branch + + Use GOST DSA and GOST curves provided by Nettle's master branch. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Tue Jan 28 13:05:14 2020 +0300 + + pkcs12: do not go try calculating pbkdf2 with 0 iterations + + Nettle will abort on a call to pbkdf2 if iterations is 0. Add check to + GnuTLS PKCS12 GOST code to check that iter is not 0. + + Signed-off-by: Dmitry Baryshkov + +Author: Bjoern Jacke +Date: Mon Jan 27 19:40:53 2020 +0100 + + add support for local threads with studio and ibm compilers + + Signed-off-by: Bjoern Jacke + +Author: Nikos Mavrogiannopoulos +Date: Sun Jan 26 21:45:29 2020 +0100 + + tlsfuzzer: optimized tests for CI and enabled x448 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sun Jan 26 21:32:18 2020 +0100 + + tlsfuzzer: fix test-tls13-large-number-of-extensions.py + + This test requires a TLS-1.3-only server as its tests clash with + extensions supported by a TLS-1.2 server. Ensure that the extensions + that overlap with TLS-1.2 are not manipulated as we don't have + a pure TLS-1.3-only implementation. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Andreas Metzler +Date: Sun Jan 26 18:39:18 2020 +0100 + + Avoid pushd/popd bashism in testsuite + + Signed-off-by: Andreas Metzler + +Author: Tim Rühsen +Date: Mon Jan 20 11:48:50 2020 +0100 + + tests/key-material-dtls.c: Try again on GNUTLS_E_AGAIN and GNUTLS_E_INTERRUPTED + + This fixes issues on the CI cross-runners with 'make -jN', N > 1. + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Sat Jan 4 14:37:46 2020 +0100 + + Use make with crafted -j for CI builds and tests + + This speeds up the Gitlab CI runners. E.g. measured timings of the + Debian.x86_64 runner show ~40% speedup (down from 38 to 23 minutes). + + Signed-off-by: Tim Rühsen + +Author: Nikos Mavrogiannopoulos +Date: Sat Jan 25 22:28:32 2020 +0100 + + tests: updated tlsfuzzer tests to latest version + + This adds new tests, reduces running time, and removes test-tls13-obsolete-curves.py. + The latter introduced too pendantic tests on curves we don't implement, + and requires significant changes to passing with limited benefit. For example + it requires the server to error on mismatching entries (and we simply ignore + them). As its value is low (we do not target to be a reference implementation + for testing broken clients), it was removed. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Jan 25 22:02:48 2020 +0100 + + key shares: avoid using internal errors + + On unknown curves or illegal parameters, make sure we return the + right error code which will translate to the appropriate alert. + + Resolves: #907 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jan 24 23:12:07 2020 +0100 + + fuzz: fixed Ed448 fuzzer traces + + The fuzzer files for ed448 were the reverse for client and server. + Enhanced the fuzzer tools to run a single fuzzer, and added more + clear documentation on how to generate and manually test the fuzzer + outputs. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jan 24 23:11:34 2020 +0100 + + README-adding-traces.md: updated with more precise information + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jan 24 22:57:49 2020 +0100 + + fuzzers: added ed448 keys + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Tim Rühsen +Date: Sat Jan 25 11:18:09 2020 +0100 + + Create files in gl/ licenced lgpl2+ instead of lgpl3+ + + Signed-off-by: Tim Rühsen + +Author: Nikos Mavrogiannopoulos +Date: Fri Jan 24 22:53:50 2020 +0100 + + fuzzers: when provided with a parameter they will run on a single file + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Fri Jan 24 22:04:41 2020 +0300 + + .gitlab-ci.yml: remove --disable-gost from nettle-master test + + Remove --disable-gost switch from the test using Nettle's master branch + as GnuTLS is now compatible again with nettle/master. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Thu Jan 23 13:07:23 2020 +0300 + + lib/nettle/gost: restore compatibility with nettle master + + Use newer format of ecc curve data if curve448 support is detected. + + Signed-off-by: Dmitry Baryshkov + +Author: Nikos Mavrogiannopoulos +Date: Fri Jan 24 16:38:15 2020 +0100 + + .gitlab-ci.yml: force running jobs on linux runners + + There are shared windows runners in gitlab, that will fail + running our jobs. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Daiki Ueno +Date: Thu Jan 23 16:25:43 2020 +0100 + + fuzz: import key, certificate, and traces using Ed448 + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Wed Jan 22 05:25:19 2020 +0100 + + tlsfuzzer: enable tests for X448 + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon Jan 20 11:17:51 2020 +0100 + + .gitlab-ci.yml: set WINEPATH to allow eccdata run under Wine + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Jan 19 12:13:48 2020 +0100 + + .gitlab-ci.yml: export LDFLAGS throughout the FreeBSD build + + Otherwise the build process wouldn't be able to find -lgmp. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon Jan 13 11:35:15 2020 +0100 + + .gitlab-ci.yml: add target to build against nettle master + + This is similar to the build/gnutls target in nettle's own gitlab CI. + The only difference is that this will build/test all branches of + GnuTLS against the master branch of nettle. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon Apr 22 08:27:43 2019 +0200 + + algorithms: implement X448 key exchange and Ed448 signature scheme + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Sun Apr 21 21:13:30 2019 +0200 + + nettle: vendor in Curve448 and Ed448 implementation + + Signed-off-by: Daiki Ueno + +Author: Nikos Mavrogiannopoulos +Date: Wed Jan 15 11:05:31 2020 +0100 + + tls13: request OCSP responses as a server + + The TLS1.3 protocol requires the server to advertise an empty + OCSP status request extension on its certificate verify message + for an OCSP response to be sent by the client. We now always + send this extension to allow clients attaching those responses. + + Resolves: #876 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Mon Jan 20 15:08:04 2020 +0300 + + x509: add OGRNIP DN entry definition used by qualified GOST certificates + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Wed Nov 6 15:14:48 2019 +0300 + + x509: include digestParamSet into GOST 512-bit curves A and B params + + Old implementations do not understand PublicKeyParams with omitted + digestParamSet. So include the field for old 512-bit curves to improve + compatibility with old implementations. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Mon Jan 20 03:16:56 2020 +0300 + + fuzz in gost pkcs7/8/12 files + + Add several examples of PKCS#7/#8/#12 files using GOST keys, ciphers and + digest functions. + + Signed-off-by: Dmitry Baryshkov + +Author: Dmitry Baryshkov +Date: Mon Jan 20 03:11:08 2020 +0300 + + pkcs12: use correct key length when using STREEBOG-512 + + PKCS#12 files using GOST HMAC (GOST R 34.11-94 and Streebog) use special + function to generate MAC key. Pass correct key length (fixed to be 32) + when generating PKCS#12 files protected with Streebog (currently it + incorrectly uses 64 there). + + Signed-off-by: Dmitry Baryshkov + +Author: Nikos Mavrogiannopoulos +Date: Fri Jan 17 21:34:45 2020 +0100 + + gnutls-cli-debug: ignore tests when algorithms are unavailable + + When gnutls-cli-debug is run on systems where a particular algorithm + is disabled, ensure that we don't stop the testing; in that case + we ignore the test. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Jan 15 14:44:22 2020 +0100 + + doc update [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Jan 15 09:46:38 2020 +0100 + + tls13: do not send OCSP responses as client without server requesting + + In client side ensure we see a request for OCSP from servers before + sending one. + + Relates: #876 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dimitri John Ledkov +Date: Tue Jan 7 11:32:37 2020 +0000 + + libgnutls: Add system-wide default-priority-string override. + + Signed-off-by: Dimitri John Ledkov + +Author: Dmitry Baryshkov +Date: Mon Jan 13 01:20:28 2020 +0300 + + lib: fix _kx_priority_gost termination item + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sun Jan 12 19:24:51 2020 +0300 + + tests/priorities: add tests for GOST ciphersuites enablement + + Add test counting GOST ciphersuites and ciphers available. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Fiona Klute +Date: Sat Jan 11 21:16:50 2020 +0100 + + gnutls-cli: Log all stapled OCSP responses when running with --verbose + + Signed-off-by: Fiona Klute + +Author: Dmitry Baryshkov +Date: Fri Jan 10 14:17:44 2020 +0300 + + pk: set generated key algo before calling pct_test + + In wrap_nettle_pk_generate_keys() set params->algo before calling + pct_test() as GOST sign/verify use that field. + + Reported-by: Daiki Ueno + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Jan 10 14:16:56 2020 +0300 + + CI: FIPS140-2 run make check without enforcing FIPS mode + + Some distributions might enable --enable-fips140-mode, without actually + enabling/enforcing FIPS at runtime. Catch issues in such configurations + (reported by Daiki Ueno). + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Daiki Ueno +Date: Tue Jan 7 11:24:01 2020 +0100 + + tests: add test for revoked OCSP response + + This adds a test that exercises a failed handshake upon receipt of an + OCSP response with the "revoked" status. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Wed Jan 8 16:01:38 2020 +0100 + + ocsp: set GNUTLS_CERT_INVALID if OCSP response indicates revocation + + This makes the OCSP based certificate verification adhere to the + convention used throughout the library: "The 'GNUTLS_CERT_INVALID' + flag is always set on a verification error and more detailed flags + will also be set when appropriate." + + Signed-off-by: Daiki Ueno + +Author: Dmitry Baryshkov +Date: Wed Jan 8 22:17:55 2020 +0300 + + NEWS: expand documentation for GOST priority strings + + Use +GOST-ALL shortcut to enable GOST ciphersuites. Also document newly + added GOST shortcuts. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Jan 8 22:11:51 2020 +0300 + + priority: make priority matching less error-prone + + To remove possibility of using wrong length or using strncasecmp() + instead of c_strncasecmp() define PRIO_MATCH(name) macro taking care + about all details. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Jan 8 22:07:19 2020 +0300 + + priority: add new GOST-ALL shortcut + + Add GOST-ALL as an alias for CIPHER-GOST-ALL, MAC-GOST-ALL, KX-GOST-ALL, + SIGN-GOST-ALL and GROUP-GOST-ALL. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Jan 8 22:03:44 2020 +0300 + + priority: add more GOST shortcuts + + Add shortcuts for GOST ciphers, MACs and KXes. For now they contain only + one item, but this list will be expanded as support for GOST-CTR-ACPKM + ciphersuites will be added. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Jan 8 21:10:55 2020 +0300 + + lib/priority: add SIGN-GOST-ALL keyword + + Add SIGN-GOST-ALL keyword containing all defined GOST signature + algorithms. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Nikos Mavrogiannopoulos +Date: Thu Jan 9 13:03:10 2020 +0100 + + doc: clarify thread safeness in gnutls_global_init() + + This documents and clarifies the thread safeness of gnutls_global_init() + and its constraints. + + Resolves: #900 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Wed Jan 8 20:22:11 2020 +0300 + + lib/priority: use c_strncasecmp() for string comparison + + Use c_strncasecmp() instead of just strncasecmp() which can be affected + by locale. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Jan 8 21:31:32 2020 +0300 + + doc: document GOST priority options + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Jan 8 21:37:28 2020 +0300 + + doc: document GOST cipher and MAC algorithms + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Jan 8 22:08:14 2020 +0300 + + priority: fix GROUP-GOST-ALL comparison length + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Nikos Mavrogiannopoulos +Date: Sat Jan 4 13:38:01 2020 +0100 + + tests: replace invalid extension OIDs with valid ones + + libtasn1 4.15.0 or earlier allow encoding and decoding + of invalid OIDs, but more recent versions may stop + accepting them. Ensure that our test suite includes + OIDs which can be decoded by all versions of libtasn1. + + Relates: + https://gitlab.com/gnutls/libtasn1/issues/25 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dimitri John Ledkov +Date: Mon Jan 6 09:41:27 2020 +0000 + + tests/Makefile.am: use absolute top_srcdir for GNUTLS_PRIORITY_FILE + + Some tests, e.g. in suite/tls-fuzzer execute scripts from + sub-directories, making the relative path to system.prio in the + environment pointing to a non-existent file. Export system.prio + testsuite file as an absolute path to avoid this issue. + + Signed-off-by: Dimitri John Ledkov + +Author: Nikos Mavrogiannopoulos +Date: Fri Jan 3 20:21:07 2020 +0100 + + doc: updated epub.texi from gnutls.texi + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jan 3 16:58:04 2020 +0100 + + .gitlab-ci.yml: identify on runtime to db2epub directory + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Tim Rühsen +Date: Fri Jan 3 13:17:28 2020 +0100 + + Remove && command concatenation in .gitlab-ci.yml + + As it turns out, `set -e` doesn't work if one of the commands fail, + maybe except the last command. + Seen, tested and reproduced on Fedora28 image. + + Signed-off-by: Tim Rühsen + +Author: Nikos Mavrogiannopoulos +Date: Fri Jan 3 13:55:09 2020 +0100 + + .gitlab-ci.yml: merged ASAN and UBSAN runs + + This in addition to merging the two CI runs, it also attempts + to run the fuzz code under SHANI for CI. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Edward Stangler +Date: Fri Jan 3 10:36:21 2020 +0000 + + Fixes dummy getrandom() when errno = EAGAIN. + + Fixes #892. + + Signed-off-by: Edward Stangler + +Author: Tim Rühsen +Date: Thu Jan 2 16:15:15 2020 +0100 + + Fix '-Werror=unused-const-variable=' in fuzz/ + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Sun Dec 22 13:20:03 2019 +0100 + + Fix NULL ptr access in _gnutls_iov_iter_next() + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Sat Dec 21 19:21:55 2019 +0100 + + Use check_for_datefudge in tests + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Fri Dec 20 11:00:53 2019 +0100 + + Fix "left shift cannot be represented in type 'int'" in hello_ext.[ch] + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Thu Dec 19 12:33:34 2019 +0100 + + Fix 2x -Wunused-function in tests/ + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Thu Dec 19 12:23:34 2019 +0100 + + certtool-cfg.c: Silence -Wunused-variable if HAVE_IPV6 not set + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Thu Dec 19 11:48:47 2019 +0100 + + status_request.c: Silence -Wsign-compare + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Thu Dec 19 11:46:23 2019 +0100 + + rnd-fuzzer.c: Suppress shift sanitization check + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Thu Dec 19 11:17:43 2019 +0100 + + handshake.c: Suppress warning in fuzzing build + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Wed Dec 18 19:44:10 2019 +0100 + + Fix implicit value change in verify-high.c + + verify-high.c:284:7: runtime error: implicit conversion from type 'size_t' + (aka 'unsigned long') of value 15421545260338 418178 (64-bit, unsigned) to + type 'uint32_t' (aka 'unsigned int') changed the value to 437555714 (32-bit, + unsigned) + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Wed Dec 18 16:39:38 2019 +0100 + + UBSAN: Fail tests if UB detected + + Suppressions are in devel/ubsan.supp. + Suppressions only work on recoverable checks. + + Signed-off-by: Tim Rühsen + +Author: Nikos Mavrogiannopoulos +Date: Sun Dec 29 21:53:32 2019 +0100 + + gnutls_x509_crt_get_extension_info: optimize when critical equals NULL + + That is, do not perform the look ups necessary to calculate the value + when it will not be used. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Dec 30 05:35:45 2019 +0100 + + fuzz: import certificate with and without sanity checks + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sun Dec 29 22:33:07 2019 +0100 + + x509: reject certificates having duplicate extensions + + According to RFC5280 a certificate must not include more than + one instance of a particular extension. We were previously printing + warnings when such extensions were found, but that is insufficient + to flag such certificates. Instead, refuse to import them. + + Resolves: #887 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jan 3 08:53:55 2020 +0100 + + tests/suite: do not include scripts into dist + + This part of the test suite is only run on CI. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Jan 2 14:09:50 2020 +0100 + + ecore cli: updated and rewritten to use libev + + That removes a lot of code that was not necessary in the gnutls test + suite. + + Resolves: #884 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Jan 2 22:32:43 2020 +0100 + + .gitlab-ci.yml: use separate images for mingw and fedora builds + + This should result to faster image loading for CI builds. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Jan 2 14:55:11 2020 +0100 + + tests: use newer nettle APIs in cipher-override.c + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Jan 1 21:37:01 2020 +0100 + + doc: updated copyrights for 2020 + + This updates the copyright year for documentation + and excludes gnulib files from the copyright check. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Sun Dec 29 12:52:21 2019 +0300 + + cli: fix building with GOST disabled + + Fix building gnutls-cli (benchmark part) with GOST keys support being + disabled. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sun Dec 29 12:49:16 2019 +0300 + + cli: support building with OCSP and ANON disabled + + Support gnutls-cli when building GnuTLS with OCSP and ANON + authentication API disabled. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sun Dec 29 12:49:16 2019 +0300 + + serv: support building with OCSP disabled + + Support gnutls-serv when building GnuTLS with OCSP API disabled. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sat Nov 9 02:29:19 2019 +0300 + + tls12-server-kx-neg: add tests without GOST signature algorithms + + Add tests mimicking SChannel clients which are unable to send proper + SignatureAlgorithms extension. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sat Nov 9 02:01:22 2019 +0300 + + SignatureAlgorithms: force-enable GOST signatures for GOST KX + + SChannel-based clients can not send GOST identifiers as a part of + SignatureAlgorithms extension. To mitigate this forcefully enable GOST + signature algorithms if client sends GOST ciphersuite. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue Dec 24 16:26:27 2019 +0300 + + benchmark: enable benchmarking of GOST CNT ciphersuite/KX + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue Dec 24 02:33:26 2019 +0300 + + benchmark: support benchmarking GOST ciphers/MACs + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue Dec 24 02:32:17 2019 +0300 + + benchmark: use mac key size instead of block size + + Use newly added gnutls_hmac_get_key_size() to get key size instead of + assuming that key size = block size (incorrect for GOST 28147 IMIT). + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue Dec 24 02:31:30 2019 +0300 + + crypto-api: add gnutls_hmac_get_key_size() function + + Add gnutls_hmac_get_key_size() to retrieve MAC key size. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue Dec 24 01:20:24 2019 +0300 + + nettle/gost: remove gost28147_imit_init + + Rewrite gost28147 imit code to clean up state and index on key setup to + be sure that imit context is properly cleaned. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Ludovic Courtès +Date: Wed Nov 20 16:10:11 2019 +0100 + + guile: Arrange to make 'gnutls.scm' architecture-independent. + + Fixes #838. + Reported by Andreas Metzler. + + * configure.ac: Define and substitute 'maybe_guileextensiondir'. + * guile/Makefile.am (.in.scm): Substitute 'maybe_guileextensiondir'. + * guile/modules/gnutls.in : Use @maybe_guileextensiondir@. + Check if %LIBDIR is true. + + Signed-off-by: Ludovic Courtès + +Author: Nikos Mavrogiannopoulos +Date: Mon Dec 23 20:20:58 2019 +0100 + + x509: do not tolerate invalid DER time + + This effectively reverts !400 and ensures that we no longer tolerate + invalid DER time. This complements the previous commit by Lili Quan + and ensures we provide the --disable-strict-der-time backwards compatibility + option. + + Resolves: #207 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Dec 14 10:51:48 2019 +0100 + + certtool: always set extensions from template + + Previously we would only set these extensions specific with add_extension + when generating using --generate-certificate. The change makes sure these + options are considered even when generating an extension from a certificate + request. Issue reported on the mailing list. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Dec 14 10:44:16 2019 +0100 + + tests: check certificate generation from certificate request + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Dec 20 20:37:32 2019 +0100 + + tests: ensure test suite does not apply global config + + When running the test suite we do not apply the global + gnutls configration as it may change options that are + tested. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Dec 5 11:40:31 2019 +0100 + + gnutls-cli: improved output of --benchmark-tls-kx + + It is now printed in a way that separates the tests. Example: + ``` + (TLS1.3)-(ECDHE-SECP256R1)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM) + - 179.19 transactions/sec + - avg. handshake time: 5.57 ms + - standard deviation: 0.57 + + (TLS1.3)-(ECDHE-X25519)-(RSA-PSS-RSAE-SHA256)-(AES-128-GCM) + - 182.24 transactions/sec + - avg. handshake time: 5.48 ms + - standard deviation: 0.64 + ``` + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Dec 4 13:58:21 2019 +0100 + + gnutls-cli: benchmark-tls-kx can work with sub-ms accuracy + + This allows micro and nanoseconds to be reported if necessary, + and it changes reporting of sample variance to standard deviation + giving a possibly better overview as it is in the same units as + the average. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Thu Jul 19 15:40:46 2018 +0300 + + gnutls-cli-debug: add GOST_CNT-related KX/cipher/MAC tests + + Add test for VKO-GOST-12, GOST28147-TC26Z-CNT and GOST28147-TC26Z-IMIT + support by the server. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Nikos Mavrogiannopoulos +Date: Thu Dec 19 21:13:15 2019 +0100 + + README.md: updated to list fuzz coverage results [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dimitri John Ledkov +Date: Sun Dec 15 20:32:02 2019 +0000 + + doc: update reference to the default configuration file + + Signed-off-by: Dimitri John Ledkov + +Author: Nikos Mavrogiannopoulos +Date: Thu Dec 19 20:28:50 2019 +0100 + + updated auto-generated files + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Dec 19 09:37:34 2019 +0100 + + _gnutls_verify_crt_status: apply algorithm checks to trusted CAs + + If a CA is found in the trusted list, check in addition to + time validity, whether the algorithms comply to the expected + level. This addresses the problem of accepting CAs which would + have been marked as insecure otherwise. + + Resolves: #877 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Dec 18 14:38:32 2019 +0100 + + certtool: added option to apply a certificate verification profile + + This applies to the --verify and --verify-chain commands. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Dec 18 14:29:21 2019 +0100 + + Export profile ID/name handling functions + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Dec 18 14:04:35 2019 +0100 + + is_level_acceptable: apply the system-wide profile in all verifications + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Lili Quan <13132239506@163.com> +Date: Thu Dec 19 17:14:20 2019 +0100 + + Introduced check to reject certificates with non-digits in time field + + According to RFC5280 we should reject such certificates. + + Resolves: #870 + + Signed-off-by: Lili Quan <13132239506@163.com> + +Author: Dmitry Baryshkov +Date: Wed Nov 13 23:47:16 2019 +0300 + + abi-check: fix include paths + + If GnuTLS is built outside of source tree, abicheck will miss gnutls.h + header which is generated in the build tree. Expand arguments to include + it. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Dec 18 23:28:48 2019 +0300 + + doc: document GROUP-GOST-ALL keyword + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Nov 27 15:48:57 2019 +0300 + + NEWS: add news entry, describing TLS 1.3 vs GOST issues + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Jul 17 19:41:47 2019 +0300 + + ext/signature: use GOST signatures for GOST ciphersiuites + + draft-smyshlyaev-tls12-gost-suites limits SignatureAndHash algorithms + in CertificateRequest message to GOST values if GOST cipher suite is + selected. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue Sep 3 10:48:09 2019 +0300 + + tls13-server-kx-neg: add test for GOST-enabled server and client + + If both client and server have enabled TLS 1.3 and GOST-CNT + ciphersuites, they should correctly negotiate a connection, but using + TLS 1.2 version. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Mon Oct 9 07:17:59 2017 +0300 + + tests: added testcases for ciphersuite/KX negotiation with VKO-GOST + + This verifies whether the ciphersuite negotiation will detect and + reject incompatible data present in credentials. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sat Sep 23 21:37:38 2017 +0300 + + tests: add tests for KX-GOST-VKO using different key variants + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Thu Oct 27 03:31:49 2016 +0300 + + Add GOST cipher suites + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sun Feb 10 12:18:40 2019 +0300 + + priority: add GROUP-GOST-ALL keyword + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Nov 30 13:11:28 2016 +0300 + + Support GOST certificate request values + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sat Sep 23 21:56:23 2017 +0300 + + lib: fix group selection in case of GOST cipher suites + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Tim Rühsen +Date: Tue Dec 17 20:09:54 2019 +0100 + + Sync with fuzzers from OSS-Fuzz + + Only lots of corpora removed (by merge step). Not sure why. + But there are several new UBs detected. + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Tue Dec 17 19:52:58 2019 +0100 + + Amend fuzz scripts and README for clang-8 + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Tue Dec 17 19:52:05 2019 +0100 + + Add fuzz corpora for gnutls_ext_raw_parse_fuzzer + + Signed-off-by: Tim Rühsen + +Author: Nikos Mavrogiannopoulos +Date: Mon Dec 16 12:54:23 2019 +0100 + + fuzzer: added fuzzer for gnutls_ext_raw_parse() + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Dec 16 12:45:06 2019 +0100 + + gnutls_ocsp_status_request_is_checked: mark explicitly as unsigned the return type + + Also some documentation updates. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Dec 16 11:35:48 2019 +0100 + + README.md: updated CI build badge [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Dec 14 15:41:17 2019 +0100 + + Provide flag to identify sessions that an OCSP response was requested + + That adds the flag GNUTLS_SFLAGS_CLI_REQUESTED_OCSP which can be + checked by a server application to determine whether the + client has requested stapled OCSP responses. + + This includes minor cleanups in the status request handling code. + + Resolves: #829 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Dec 7 21:30:17 2019 +0100 + + abi: updated to latest const changes and added NEWS entry + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Tim Rühsen +Date: Tue May 21 21:50:33 2019 +0200 + + Add const to function arguments in lib/x509 + + This change does not introduce functionality changes. + It just adds const promises to the caller. + + Signed-off-by: Tim Rühsen + +Author: Nikos Mavrogiannopoulos +Date: Thu Dec 5 17:06:22 2019 +0100 + + gnutls-serv: do not exit on command failure + + If gnutls_reauth() or gnutls_heartbeat_ping() fail, gnutls-serv + would simply quit. This prevents using this tool in a test environment + like tlsfuzzer. Ensure that we don't quit on error. + + Resolves: #868 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Dec 4 22:18:02 2019 +0100 + + .triage-policies.yml: updated to work with latest gitlab-triage [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Vitezslav Cizek +Date: Wed Dec 4 15:24:17 2019 +0100 + + lib: remove obsolete AVOID_INTERNALS + + Although commit 1f246c381e8a7449d84b143ffe50a0818622d2a3 enabled + the self-check functions unconditionally, the #ifdefs AVOID_INTERNALS + remained in lib/crypto-selftests-pk.c. + + Signed-off-by: Vitezslav Cizek + +Author: Nikos Mavrogiannopoulos +Date: Mon Dec 2 17:32:16 2019 +0100 + + Revert "Released 3.6.11.1 including missing files" + + This reverts commit 1e9c9ba0c0798b5566902e6c5ab83418826dd7f5. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Dec 2 17:08:43 2019 +0100 + + Released 3.6.11.1 including missing files + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Dec 2 08:56:05 2019 +0100 + + libopts: include new files into dist + + This also includes --enable-local-libopts flag to make dist + to catch future regressions. + + Resolves: #867 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sun Dec 1 22:39:01 2019 +0100 + + released 3.6.11 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Fiona Klute +Date: Sun Dec 1 19:20:17 2019 +0100 + + Write OCSP status request debug information to logfile, if set + + The status information not part of the payload data and should be + separate when using --logfile. + + Signed-off-by: Fiona Klute + +Author: Fiona Klute +Date: Sun Dec 1 18:45:28 2019 +0100 + + Send log messages about loading client credentials to logfile, if set + + Signed-off-by: Fiona Klute + +Author: Nikos Mavrogiannopoulos +Date: Fri Nov 29 20:30:26 2019 +0100 + + .travis.yml: explicitly install openssl to address build issue + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Nov 29 16:19:07 2019 +0100 + + NEWS: documented AES-CFB8 fix [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Nov 29 13:06:41 2019 +0100 + + bumped version + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Nov 28 09:08:28 2019 +0100 + + .travis.yml: update submodules [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Nov 29 09:40:55 2019 +0100 + + base64: minor improvements in OOM handling and test suite + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Nov 28 15:05:17 2019 +0100 + + gnutls_base64_decode2() succeeds decoding the empty string + + This is a behavioral change of the API but it conforms to + the RFC4648 expectations. + + Resolves: #834 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Nov 27 16:13:06 2019 +0100 + + Revert "tests: ignore datefudge-check check when running on command line" + + This commit was breaking CI on FreeBSD systems. + + This reverts commit 1fe4f8e289d666979618fbb909983ac05aad11ac. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Nov 25 22:36:22 2019 +0100 + + certtool: always include the CRL distribution points on CAs + + Previously we would omit the CRL distribution points from a non-self + signed CA certificate, even if contained in the template. + + Resolves: #765 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Nov 25 22:38:05 2019 +0100 + + tests: ignore datefudge-check check when running on command line + + That allows running the tests individually without make or setting + top_builddir variable. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Fri Nov 22 17:21:19 2019 +0300 + + tests: make tests pass with disabled GOST algorithms + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Nov 22 16:43:49 2019 +0300 + + gitlab-ci: enable running make check on minimal build + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Ludovic Courtès +Date: Mon Nov 11 21:36:22 2019 +0100 + + guile: Silence auto-compilation warning for 'guild'. + + Reported by Helmut Grohne + and Andreas Metzler + at . + + * guile/Makefile.am (%.go): Pass "GUILE_AUTO_COMPILE=0" to avoid + warnings about 'guild' needing to be compiled. + + Signed-off-by: Ludovic Courtès + +Author: Dmitry Baryshkov +Date: Sun Nov 10 14:06:58 2019 +0300 + + vko: fix possible unitilized scalar access + + Fix error path in _gnutls_gost_keytrans_decrypt. If + _asn1_strict_der_decode() fails, cleanup path will try to + gnutls_pk_params_release(&pub), which will access unitialized pub + variable. Fix by deleting asn1 sctructure directly. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Ludovic Courtès +Date: Mon Nov 11 21:30:48 2019 +0100 + + guile: Do not attempt to load shared object when cross-compiling. + + Reported by Helmut Grohne + and Andreas Metzler + at . + + * configure.ac: Add 'CROSS_COMPILING' conditional. + * guile/Makefile.am (CROSS_COMPILING_VARIABLE): New variable. + (%.go): Use it. + * guile/modules/gnutls.in : Do not call 'load-extension' + when "GNUTLS_GUILE_CROSS_COMPILING" is defined. + + Signed-off-by: Ludovic Courtès + +Author: Dmitry Baryshkov +Date: Thu Oct 27 03:30:34 2016 +0300 + + Add support for VKO GOST key exchange + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Daiki Ueno +Date: Thu Nov 7 18:25:01 2019 +0100 + + .gitlab-ci.yml: bump configure cache version + + Signed-off-by: Daiki Ueno + +Author: Günther Deschner +Date: Wed Nov 6 13:17:57 2019 +0100 + + crypto-selftests: test CFB8 ciphers with different chunksizes + + Signed-off-by: Guenther Deschner + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Fri Nov 8 10:10:09 2019 +0100 + + nettle: use included CFB8 implementation if nettle is 3.5 + + Signed-off-by: Daiki Ueno + +Author: Dmitry Baryshkov +Date: Sun Feb 10 02:38:43 2019 +0300 + + groups: add function to return group by curve + + Two GOST groups will have two curves attached. Add function to retrieve + group by curve, rather than by group id. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue May 7 18:01:33 2019 +0300 + + ecc: define curve->group relationship + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue Aug 29 11:09:31 2017 +0300 + + Declare groups corresponding to GOST curves + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Dec 2 06:26:55 2016 +0300 + + Add GOST key transport support + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Thu Jun 7 13:19:55 2018 +0300 + + nettle: add support for GOST key derivation + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Thu Oct 27 18:58:12 2016 +0300 + + _gnutls_pk_derive: add argument for nonce + + GOST VKO key derivation needs another opaque argument (called UKM). + Add an argument to _gnutls_pk_derive to accomodate that keying material. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Thu Jun 14 15:39:39 2018 +0300 + + nettle/gost: add support for GOST VKO algorithm + + GOST VKO is a variant of ECDHE algorithm. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Thu Jun 14 15:39:19 2018 +0300 + + nettle/gost: provide GOST keywrapping support + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Miroslav Lichvar +Date: Wed Nov 6 11:37:10 2019 +0100 + + prf: don't crash when called before handshake completion + + If a gnutls_prf*() function is called before the handshake is completed, + return GNUTLS_E_INVALID_REQUEST instead of crashing. + + Signed-off-by: Miroslav Lichvar + +Author: Daiki Ueno +Date: Wed Nov 6 12:07:24 2019 +0100 + + nettle: backport fixes to cfb8_decrypt + + cfb8: don't truncate output IV if input is shorter than block size: + https://git.lysator.liu.se/nettle/nettle/commit/f4a9c842621baf5d71aa9cc3989851f44dc46861 + + Signed-off-by: Daiki Ueno + +Author: Nikos Mavrogiannopoulos +Date: Tue Nov 5 16:47:17 2019 +0100 + + gnutls_privkey_sign_data2: removed unnecessary text [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Nov 1 14:04:27 2019 +0100 + + .gitlab-ci.yml: do not inline strcmp in valgrind build + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Nov 1 10:24:24 2019 +0100 + + .gitlab-ci.yml: removed unnecessary use of --enable-valgrind-tests + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: nia +Date: Thu Oct 31 18:36:49 2019 +0000 + + Add NEWS entry for the NetBSD KERN_ARND change. + + Signed-off-by: Nia Alarie + +Author: Dmitry Baryshkov +Date: Thu May 18 05:36:49 2017 +0300 + + tls-sig: reverse bytes in TLS signatures for GOST signatures + + GOST TLS suites have one peculiarity: CertificateVerify message uses + byte order opposite to the rest of GOST signature usage (BE instead of + LE). So, reverse byte order in signatures in TLS code. For now this + applies only to TLS 1.2 code. GOST TLS 1.3 ciphersuites will also follow + this approach. Legacy TLS 1.0 ciphersuites also had this peculiarity. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Nikos Mavrogiannopoulos +Date: Wed Oct 30 10:39:49 2019 +0100 + + .gitlab-ci.yml: updated CI environment to F31 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Oct 11 20:46:41 2019 +0200 + + tests: include config.h in rawpk-api.c + + This seems to have impacted windows compilation. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Oct 11 15:57:43 2019 +0200 + + tests: global-init-override do not run in windows + + It cannot be compiled in f30. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Oct 11 14:44:39 2019 +0200 + + updated to libopts 5.18.16 + + This fixes compilation in Fedora 30 which ships with this + version of autogen. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Sun Oct 27 03:12:45 2019 +0300 + + serv: move closing TABLE tag after actual table end + + Move closing TABLE tag after printing information on cipher and MAC. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sun Oct 27 03:08:33 2019 +0300 + + ecc: fix curve sizes for TC26-256 gost curves + + Fix curve size being incorrectly set to 64 instead of 32 for several + GOST curves. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: nia +Date: Sat Oct 26 20:58:49 2019 +0100 + + nettle: Support sysctl(KERN_ARND) for RNG on NetBSD. + + This system call will never block and does not require a file + descriptor to be opened. It provides an endless stream of random + numbers from the kernel's ChaCha20-based random number generator. + + Signed-off-by: Nia Alarie + +Author: Björn Jacke +Date: Fri Oct 25 17:25:39 2019 +0200 + + doc: describe how to make gnutls-cli quiet for pipe usage + + Signed-off-by: Bjoern Jacke + +Author: Dmitry Baryshkov +Date: Thu Oct 24 18:01:55 2019 +0300 + + lib: simplify uint24 handling + + Drop separate uint24 type and functions to convert between it and + uint32_t. This makes _gnutls_read/_write_uint24 simpler and easier to + understand. And with faster assembly code. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sun Oct 20 18:49:41 2019 +0300 + + lib: drop gnutls_uint64 usage as sequence number + + GnuTLS is depending already on uint64_t being a properly defined type. + So there is no need to have a special byte-array type for 8-byte + integers. Use uint64_t instead, thus simplifying a code quite heavily. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Mon Oct 21 15:55:47 2019 +0300 + + sign: convert tls13_ok to flags field + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Mon Oct 21 18:55:26 2019 +0300 + + tls-sig: split TLS 1.0/1.1 CertificateVerify code + + For the symmetry split the TLS 1.[01] CertificateVerify code, so that + main functions work as pure multiplexors. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Mon Oct 21 14:08:00 2019 +0300 + + mac: mark GOST28147-TC26Z-IMIT as using CONTINUOUS_MAC + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Thu May 18 04:09:51 2017 +0300 + + Support GOST cipher suite MAC calculation + + GOST ciphersuites require that MAC is calculated over _all_ packets, + rather than just current packet. Add flag to auth_cipher_hd_st + controlling this behaviour. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Mon Oct 21 13:57:55 2019 +0300 + + mac: change preimage_insecure to be a flag + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Oct 18 13:19:04 2019 +0300 + + cipher: replace several bools with single flags instance + + Replace bools in cipher_entry_st with flags field. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Thu Jun 21 19:34:45 2018 +0300 + + lib: pubkey vs TLS signature compatibility for GOST algorithms + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Oct 18 13:22:06 2019 +0300 + + src: fix noreturn-related warning + + Recent autogen started adding '#include ' into -args.h + files. However in GnuTLS tools code this results in the following + warnings, because stdnoreturn.h unconditionally redefines 'noreturn' to + _Noreturn: + + warning: '_Noreturn' attribute directive ignored + + Use __noreturn__ attribute instead as does Gnulib. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Dec 2 08:28:34 2016 +0300 + + Allow using implicit IV for stream ciphers with TLS + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue Aug 29 11:10:33 2017 +0300 + + prf: add Streebog (GOST R 34.11-2012) PRF support + + Add support and tests for PRF generated using both Streebog versions. + This is necessary for adding GOST TLS ciphersuites support. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Tim Rühsen +Date: Sat Oct 12 20:59:22 2019 +0200 + + Add const to several read-only packet sequence params + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Sun Oct 13 12:04:20 2019 +0200 + + tests/buffer.c: Add unit test for _gnutls_buffer_unescape() + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Wed Oct 9 18:54:12 2019 +0200 + + lib/x509/x509.c: Check before pointer dereference in get_alt_name() + + Fixes Coverity issue 1361513 + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Wed Oct 9 18:44:35 2019 +0200 + + cipher: Let _gnutls_auth_cipher_setiv() return int + + Fixes Coverity issue 1454646 + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Wed Oct 9 18:34:22 2019 +0200 + + lib/record.c: Use assignment instead of memcpy() + + Fixes Coverity issue 1454647 + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Wed Oct 9 18:27:11 2019 +0200 + + lib/sslv2_compat.c: Check return value of _gnutls_generate_session_id() + + Fixes Coverity issue 1454649 + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Wed Oct 9 18:11:10 2019 +0200 + + lib/x509/output.c: Remove unneeded NULL check in print_crt_pubkey() + + Fixes Coverity issue 1454670 + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Wed Oct 9 18:04:44 2019 +0200 + + lib/auth/srp_passwd.c: Fix NULL dereference in _gnutls_srp_pwd_read_entry() + + Fixes Coverity issue 1454652 + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Wed Oct 9 17:53:54 2019 +0200 + + lib/str.c: Replace sscanf() in _gnutls_buffer_unescape() + + Fixes Coverity issue 1454651 + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Wed Oct 9 17:39:24 2019 +0200 + + lib/handshake.c: Check return value of _gnutls_version_max() + + Fixes Coverity issue 1454674 + Fixes Coverity issue 1454658 + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Wed Oct 9 17:37:42 2019 +0200 + + Remove trailing spaces in several files + + Signed-off-by: Tim Rühsen + +Author: Nikos Mavrogiannopoulos +Date: Thu Oct 10 17:49:01 2019 +0200 + + .gitlab-ci.yml: removed coverity build [ci skip] + + The coverity run is subject to several restrictions by the service, + and thus it is not really useful in the main CI runs as it cannot reasonably + be run on MRs or master. As such we simplify the main CI file by moving the + coverity to the coverage sub-project and running it weekly. + + The new location is at: + https://gitlab.com/gnutls/coverage + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Oct 5 03:30:32 2019 +0200 + + crq APIs: fix typos [ci skip] + + Resolves: #842 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Sep 25 07:04:04 2019 +0200 + + document limitations of gnutls_record_discard_queued() [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Ricardo M. Correia +Date: Wed Oct 9 17:37:22 2019 +0200 + + README.md: document lscpu/util-linux dependency for make check + + Closes #764 + + Signed-off-by: Ricardo M. Correia + +Author: Dmitry Baryshkov +Date: Wed Oct 9 01:29:07 2019 +0300 + + testpkcs11.sh: test that we output mechanism flags correctly + + Verify some of PKCS#11 mechanism flags. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Sep 25 21:11:09 2019 +0300 + + p11tool: print mechanism info in list-mechanisms + + Print key size range and flags in mechanisms list. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Oct 9 00:10:09 2019 +0300 + + tests/psk-file: fix heizenbug in last test + + Currently last test case in psk-file expects that the server will + terminate connection with fatal error and close connection. Client will + receive GNUTLS_E_PUSH_ERROR error. However on slow boxes (or under qemu) + client is able to receive server's fatal alert thus returning unexpected + error. To make this behaviour predictable make server wait for client to + read all data and actually close connection on it's own. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Nikos Mavrogiannopoulos +Date: Tue Oct 8 07:23:31 2019 +0200 + + session tickets: parse extension during session resumption on client side + + It is possible for a server to send a new session ticket during + TLS1.2 resumption. To be able to parse it as client we need to + check the extension during resumption as well. + + Resolves: #841 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Mon Jun 24 01:37:31 2019 +0300 + + ext/supported_groups: don't consider non-EC groups for EC + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Aug 2 02:08:00 2019 +0300 + + tests: correct gost server certificates + + Correct GOST server certificates: + - use only Digital Signature Key Usage, + - use new format for 512-bit curve key and certificate. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Nikos Mavrogiannopoulos +Date: Tue Oct 8 06:48:44 2019 +0200 + + .gitlab-ci.yml: only run coverity task on 3_6_x tags [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Wed Oct 2 17:05:10 2019 +0300 + + cert-tests/gost: add certificate with new GOSTParameters struct + + Add certificate example using simplified (new) GOSTParameters structure. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Nikos Mavrogiannopoulos +Date: Mon Oct 7 20:59:34 2019 +0200 + + .gitlab-ci.yml: include an automated coverity build on tags + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Wed Sep 25 18:13:37 2019 +0300 + + lib: implement support for updated GOST PublicKeyParameters + + Recomendation for standardization R 1323565.1.023-2018 has made changes + to PublicKeyParameters for GOST R 34.10-2012 keys. It has removed + encryptionParamSet (since now S-BOX is basically fixed as TC26-Z) and + made digestParamSet OPTIONAL (as it can be concluded from public key + OID). Implement these requirements. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Thu Apr 25 15:06:58 2019 +0300 + + nettle/pk: add support for "new" TC26 256 B curve + + TC26 likes aliases. Thus "new" TC26 256 B curve is the same as old + CryptoPro-256-A curve (but with limitation to use GOST R 34.10-2012). + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sat Sep 28 21:40:30 2019 +0300 + + lib/ecc: add documentation for GOST-related curves + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue May 7 15:24:53 2019 +0300 + + lib: define more GOST curves + + Declare GOST curves from GOST R 34.10-2001 and GOST R 34.10-2012 (test + curves) and GOST curves defined by TC26 itself. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Daiki Ueno +Date: Tue Oct 1 18:15:19 2019 +0200 + + gnutls_aead_cipher_{en,de}cryptv2: write back cached data to buffers + + Previously, those functions failed to write the output to the buffers + if the buffer length is not multiple of cipher block size. This makes + sure that the cached data is always flushed. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Tue Oct 1 18:14:48 2019 +0200 + + iov: add _gnutls_iov_iter_sync to write back cached data to iov + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Thu Oct 3 10:34:18 2019 +0200 + + iov: _gnutls_iov_iter_next: return bytes instead of blocks + + This eliminates the need of special handling of final block. Also + adds more tests in exceptional cases. + + Signed-off-by: Daiki Ueno + +Author: Nikos Mavrogiannopoulos +Date: Sat Oct 5 03:27:01 2019 +0200 + + NEWS: added entry for 3.6.11 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Tom Vrancken +Date: Fri Oct 4 20:50:19 2019 +0200 + + Updated NEWS to reflect the added raw public-key handling functionality for gnutls-cli/serv tools. + + Signed-off-by: Tom Vrancken + +Author: Tom Vrancken +Date: Mon Sep 30 21:22:59 2019 +0200 + + Added functional regression tests for rawpk functionality in gnutls-cli and gnutls-serv. + + Signed-off-by: Tom Vrancken + +Author: Tom Vrancken +Date: Tue Aug 27 17:10:04 2019 +0200 + + Implemented raw public key support for gnutls-serv application. + + Signed-off-by: Tom Vrancken + +Author: Tom Vrancken +Date: Mon Aug 26 17:12:40 2019 +0200 + + Implemented raw public key support for gnutls-cli application. + + Signed-off-by: Tom Vrancken + +Author: Dmitry Baryshkov +Date: Wed Oct 2 14:47:44 2019 +0300 + + nettle/mac: add missing ifdef + + Add an ifdef guarding gost28147 include. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Andreas Metzler +Date: Sun Sep 29 18:55:18 2019 +0200 + + cipher-alignment: migrate LDADD/CFLAGS after rename + + Test was renamed from mini-alignment to cipher-alignment. + + Signed-off-by: Andreas Metzler + +Author: Nikos Mavrogiannopoulos +Date: Sun Sep 29 12:24:02 2019 +0200 + + bumped versions + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Sep 28 21:25:25 2019 +0200 + + .gitlab-ci.yml: run pic-check on i686-linux-gnu to catch wrong assembly + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Andreas Metzler +Date: Sat Sep 28 14:28:12 2019 +0200 + + Regenerate asm files with -fPIC + + CRYPTOGAMS' perl-scripts can produce different output if -fPIC is passed + as option. Set -fPIC for the same files as openssl does. + + Closes #818 + + Signed-off-by: Andreas Metzler + +Author: Nikos Mavrogiannopoulos +Date: Sat Sep 28 12:42:12 2019 +0200 + + certtool: ensure that PKCS#8 file does not contain key description + + Resolves: #840 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Sat Sep 28 21:23:17 2019 +0300 + + NEWS: document previous changes [ci skip] + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Aug 2 13:55:18 2019 +0300 + + tests: add verbose logging to server-kx-neg tests + + Add support for verbose logging to tls*-server-kx-neg tests. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue Jun 19 17:42:53 2018 +0300 + + lib/algorithms: add AID values assigned by IANA + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Sep 27 17:00:29 2019 +0300 + + x509: add support for Russian extensions defined for qualified certificate + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Sun Sep 1 11:05:35 2019 +0300 + + crypto-selftests: add CNT and IMIT self tests + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Thu Jun 14 15:37:20 2018 +0300 + + nettle: provide GOST 28147-89 IMIT MAC support + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Thu Jun 14 15:36:55 2018 +0300 + + nettle: provide GOST 28147-89 CNT mode support + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Daiki Ueno +Date: Thu Sep 26 16:45:25 2019 +0200 + + ext/supported_versions: reorder client precedence if necessary + + If the client advertises TLS < 1.2 before TLS 1.3 and the server is + configured with TLS 1.3 enabled, the server should select TLS 1.3; + otherwise the client will disconnect when seeing downgrade sentinel. + + Signed-off-by: Daiki Ueno + +Author: Nikos Mavrogiannopoulos +Date: Wed Sep 25 06:23:22 2019 +0200 + + gnutls_session_get_data2: fix operation without a timeout callback + + When TLS1.3 was introduced, gnutls_session_get_data2 was modified + to assume that the callbacks set included the timeout one which was + not previously necessary except for some special cases. This corrects + that issue and makes sure that gnutls_session_get_data2() does not + fail (but not necessarily succeed), if that timeout callback is not + set. + + Resolves: #823 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Sep 25 06:18:48 2019 +0200 + + _gnutls_io_check_recv: added newline to error message + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Sep 23 21:42:14 2019 +0200 + + tests: cipher-alignment: ensure cipher registration + + That is, ensure that the registered cipher is called at least + once in the program. That is, to make this test fail if the registration + API ever become deprecated/no-op. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Sep 23 21:11:53 2019 +0200 + + tests: mini-alignment moved to modern nettle API + + That is, it no longer uses the deprecated API, and it is also + removed to cipher-alignment for clarity. + + Resolves: #835 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Sep 23 21:05:48 2019 +0200 + + nettle: use nettle_get_secpp* consistently + + We already depend on nettle 3.4.1 which provides that symbol, + ensure that we use it consistently. + + Relates: #835 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Sep 20 22:09:39 2019 +0200 + + Updates in OCSP status response related documentation + + gnutls_certificate_set_ocsp_status_request_file2: corrected documentation + + This corrects the documented return code in gnutls_certificate_set_ocsp_status_request_file2 + and the applicability of gnutls_ocsp_status_request_is_checked. + + Resolves: #836 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Sep 20 21:04:09 2019 +0200 + + tests: added server side OCSP check + + This checks whether gnutls_ocsp_status_request_is_checked() is functional + on server-side verification. + + Relates: #829 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Sep 20 20:57:51 2019 +0200 + + tests: added server-side verification test + + This tests gnutls_certificate_verify_peers2() operation in server + side. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Sep 19 21:26:25 2019 +0200 + + gnutls_ocsp_status_request_is_checked: added tests in client side + + This ensures that this function has functional tests. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Sep 16 15:03:41 2019 +0200 + + pkcs11-mock: updated license based on upstream project [ci skip] + + Based on the relicense of the original project: + https://github.com/Pkcs11Interop/pkcs11-mock + + Applied in commit: 8751256956e414c1b0a30414831f5083afbf64bf + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Ludovic Courtès +Date: Sat Jun 1 16:54:47 2019 +0200 + + guile: Add support for Guile 3.0. + + * configure.ac: Add 3.0 to 'GUILE_PKG', as well as the + previously-supported versions. + * doc/gnutls-guile.texi (Guile Preparations): Update list of supported + versions. + + Signed-off-by: Ludovic Courtès + +Author: Ludovic Courtès +Date: Sat Jun 1 16:52:34 2019 +0200 + + doc: Run guile with '-q'. + + This makes sure we don't load the user's ~/.guile. + + * doc/Makefile.am (GUILE_FOR_BUILD): Pass '-q'. + + Signed-off-by: Ludovic Courtès + +Author: Nikos Mavrogiannopoulos +Date: Thu Sep 12 15:21:55 2019 +0200 + + tlsfuzzer: enable atypical padding check + + The atypical padding check is complementary to the existing + GnuTLS 2.12.x interop test. + + This commit also upgrades to the latest version, and adds new TLS1.3 + tests as well. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Daiki Ueno +Date: Thu Aug 8 18:04:18 2019 +0200 + + lib/*: remove unnecessary cast to ssize_t + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Thu Aug 8 18:02:08 2019 +0200 + + gnutls_int.h: make DECR_LEN neutral to signedness + + DECR_LEN was previously implemented in a way that it first decrements + the given length and then checks whether the result is negative. This + requires the caller to properly coerce the length argument to a signed + integer, before invoking the macro. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Wed Sep 11 11:24:17 2019 +0200 + + .gitlab-ci.yml: bump configure cache version + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Tue Sep 10 13:50:45 2019 +0200 + + .gitlab-ci.yml: export guile related envvars for doc-dist.Fedora + + Signed-off-by: Daiki Ueno + +Author: Nikos Mavrogiannopoulos +Date: Fri Sep 6 08:36:04 2019 +0200 + + tests: check interoperability testing with gnutls 2.12.x and SHA256 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Aug 3 21:51:58 2019 +0200 + + _gnutls_epoch_set_keys: do not forbid random padding in TLS1.x CBC ciphersuites + + Since some point in 3.6.x we updated the calculation of maximum record size, + however that did not include the possibility of random record padding available + for CBC ciphersuites which exceeds the maximum. This commit allows for larger + sizes for these ciphersuites to account for random padding as applied by + gnutls 2.12.x. + + Resolves: #811 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Ludovic Courtès +Date: Sat Jul 20 16:13:02 2019 +0200 + + .gitlab-ci.yml: minimal.Fedora.x86_64: Pass '--disable-guile' the 2nd time as well. + + Signed-off-by: Ludovic Courtès + +Author: Ludovic Courtès +Date: Sat Jul 20 16:08:48 2019 +0200 + + .gitlab-ci.yml: doc-dist.Fedora: Pass "GUILE", "GUILD", and "guile_snarf" to 'configure'. + + Signed-off-by: Ludovic Courtès + +Author: Ludovic Courtès +Date: Sat Aug 31 16:38:13 2019 +0200 + + maint: Include Guile's M4 macros. + + This ensures 'GUILE_PKG' & co. behaves as we want. Previously we had + problem in CI when using 'guile.m4' coming from potentially old distro + packages, as discussed in issue !1020: + + https://gitlab.com/gnutls/gnutls/merge_requests/1020#note_194443890 + + * m4/guile.m4: New file, from Guile's 'stable-2.2' branch, + commit 9846178c69445142ef0b9432417453d2d4de6635. + * .x-sc_prohibit_test_minus_ao: New file. + + Signed-off-by: Ludovic Courtès + +Author: Dmitry Baryshkov +Date: Thu Sep 5 11:36:27 2019 +0300 + + priority: fix loop which removes systemwide disabled KX algos + + Fix c&p error in KX-removal loop. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Tom Vrancken +Date: Sun Sep 1 13:50:35 2019 +0200 + + Added initial corpora for rawpk client and server fuzzers. + + Signed-off-by: Tom Vrancken + +Author: Tom Vrancken +Date: Sun Sep 1 13:49:59 2019 +0200 + + Implemented server rawpk fuzzer. + + Signed-off-by: Tom Vrancken + +Author: Tom Vrancken +Date: Sun Sep 1 13:49:40 2019 +0200 + + Implemented client rawpk fuzzer. + + Signed-off-by: Tom Vrancken + +Author: Dmitry Baryshkov +Date: Mon Sep 2 16:34:08 2019 +0300 + + gnutls-cli-debug: fix early break for no version supported check + + Currently gnutls-cli-debug code hardodes index of tests, after which it + will check if any known protocols (SSL 3.0/TLS1.[0123]) are supported by + the server. However this number is hardcoded and thus easy to break. + This is exactly what happened after adding %ALLOW_SMALL_RECORDS check. + Two tests were added in front of tests lists without updating this + index. + + So let's make this check robust by adding another test which will return + fatal error if no known protocols are supported. While we are at it, + also simplify tests loop by removing internal loop completely and + controlling opening/closing a socket with a flag. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Nikos Mavrogiannopoulos +Date: Sat Aug 3 21:32:47 2019 +0200 + + tests: added interoperability test with gnutls 2.12.x + + This enables this test in debian build. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Ludovic Courtès +Date: Sat Aug 31 16:33:33 2019 +0200 + + guile: Update the list of certificate status values. + + * guile/modules/gnutls/build/enums.scm (%certificate-status-enum): Add + 'gnutls_certificate_status_t' values that were missing. + * guile/src/core.c (scm_gnutls_peer_certificate_status): Add + 'MATCH_STATUS' clauses to handle them. + * guile/modules/gnutls.in: Export them. + + Signed-off-by: Ludovic Courtès + +Author: Michael Catanzaro +Date: Tue Aug 13 14:55:19 2019 -0500 + + Fix typo in gnutls_db_set_cache_expiration() docs + + 21600 seconds is six hours. + + Signed-off-by: Michael Catanzaro + +Author: Daiki Ueno +Date: Fri Aug 2 07:40:44 2019 +0200 + + crypto-api: add gnutls_aead_cipher_{en,de}cryptv2 + + This adds an in-place equivalent of gnutls_aead_cipher_encrypt() and + gnutls_aead_cipher_decrypt(), that works on data buffers. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Thu Aug 1 18:13:38 2019 +0200 + + crypto-api: use giovec_t iterator interface for aead_encryptv + + This replaces the macros AUTH_UPDATE and ENCRYPT used in + gnutls_aead_cipher_encryptv() with the iov_iter interface. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Thu Aug 1 17:41:45 2019 +0200 + + iov: add iterator interface for giovec_t + + This adds an iterator interface over giovec_t array, extracting a + fixed sized block. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Wed Aug 7 15:55:44 2019 +0200 + + nettle: prohibit deterministic ECDSA/DSA under FIPS except selftests + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon Aug 5 15:21:55 2019 +0200 + + nettle: enable deterministic ECDSA/DSA during FIPS selftests + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon Jul 29 14:01:11 2019 +0200 + + pk: implement deterministic ECDSA/DSA + + This exposes the deterministic ECDSA/DSA functionality through the + GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Wed Aug 7 14:37:00 2019 +0200 + + privkey_sign_prehashed: remove unused argument + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon Jul 29 15:10:51 2019 +0200 + + privkey_sign_raw_data: remove unnecessary local variable + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon Jul 29 14:00:30 2019 +0200 + + nettle: add functions for deterministic ECDSA/DSA + + This adds functions to perform deterministic ECDSA/DSA, namely + _gnutls_{ecdsa,dsa}_compute_k(), which computes the k value according + to RFC 6979. The retrieved k value can be given to + nettle_{ecdsa,dsa}_sign() through a wrapper random function. + + Signed-off-by: Daiki Ueno + +Author: Nikos Mavrogiannopoulos +Date: Fri Aug 2 21:57:40 2019 +0200 + + read_cpuid_vals: use __get_cpuid_count() only when available + + This makes the functionality available on gcc 4.8. + + Resolves: #812 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Aug 2 22:16:31 2019 +0200 + + src/Makefile.am: fix detection of .bak files + + This fixes detection in a way to work in builds outside the + source directory. + + Resolves: #810 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Aug 2 21:25:39 2019 +0200 + + configure: AS_HELP_STRING cannot print variables; don't try + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Karsten Ohme +Date: Tue Jun 18 12:17:14 2019 +0000 + + Notes about Ubuntu specific software versions not available. + + Signed-off-by: Karsten Ohme + +Author: Andreas Metzler +Date: Mon Jul 29 17:47:42 2019 +0200 + + Ship inih/LICENSE.txt in release tarball + + inih's license terms requires shipping a copy of the license when + redistributing the source. + + Signed-off-by: Andreas Metzler + +Author: Michael Catanzaro +Date: Fri Jul 26 11:18:07 2019 -0500 + + Improve documentation of gnutls_record_send() + + It's no longer required to retry this function with the same parameters + if you want to use gnutls_record_discard_queued(). + + Fixes #806 + + Signed-off-by: Michael Catanzaro + +Author: Nikos Mavrogiannopoulos +Date: Fri Jul 26 09:57:29 2019 +0200 + + certtool: default to yes on signing certificates for CAs + + When asking the questions for CA certificate generation, default + to yes to signing certificates. This is because that's the most + common type of CAs generated and defaulting to yes eliminates + the need for restart on error. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Jul 25 20:38:14 2019 +0200 + + bumped version for 3.6.9 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Jul 22 12:43:50 2019 +0200 + + gnutls.h: mark AEAD ciphers as such in gnutls_cipher_algorithm_t description + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Jul 22 10:00:51 2019 +0200 + + abi-check: correctly bail-out on errors + + Added suppressions for _MAX enumerator values. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Karsten Ohme +Date: Sat Jun 22 00:39:56 2019 +0200 + + Support for Generalname registeredID from RFC 5280 in subject alt name + + Added test certificates (cert10.der) with registered ID + + Updated Makefile for inclusion of test certificates + + Updated SAN unknown test certificates (cert5.der) + + Signed-off-by: Karsten Ohme + +Author: Nikos Mavrogiannopoulos +Date: Sun Jul 21 10:18:35 2019 +0200 + + libgnutls.abignore: added comment linking to syntax + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sun Jul 21 10:06:22 2019 +0200 + + NEWS: updated for upcoming release [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Tim Rühsen +Date: Tue Jul 16 14:41:50 2019 +0200 + + Fix documented params for gnutls_certificate_retrieve_function3() + + Signed-off-by: Tim Rühsen + +Author: Nikos Mavrogiannopoulos +Date: Sun Jul 14 22:27:50 2019 +0200 + + Fixed alerts returned on TLS1.3 corner cases + + This enables the tls-fuzzer tests 'test-tls13-certificate-verify.py'. + + Resolves: #682 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Sun Jul 14 12:17:18 2019 +0300 + + nettle/backport: fix xts-backport guarding check + + Check for nettle_xts_encrypt_message() function rather than just + xts_encrypt_message(). All functions in nettle are renamed to contain + `nettle_` prefix. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Thu Jul 11 21:37:08 2019 +0300 + + nettle/gost: support building with GOST-enabled Nettle + + Nettle library starts to gain support for GOST algorithms. Support + building GnuTLS with GOST-enabled nettle library. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Daiki Ueno +Date: Sun Jun 30 08:23:41 2019 +0200 + + tests: remove unused destructive/p11-kit-load.sh + + This file is replaced with tests/p11-kit-load.sh and + tests/pkcs11/list-tokens.c. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Wed Jun 19 17:21:16 2019 +0200 + + pkcs11: ignore login error when traversing tokens + + If a token is a general access device, it is expected that login + attempt to that token returns error: + https://github.com/p11-glue/p11-kit/blob/master/trust/module.c#L852 + + On the other hand, _pkcs11_traverse_tokens treats the error as fatal + and stops iteration. This behavior prevents object search without + token specifier if such tokens are registered in the system. + + Reported by Stanislav Zidek in + https://bugzilla.redhat.com/show_bug.cgi?id=1705478 + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Mon Jul 8 16:54:56 2019 +0200 + + ext/session_ticket: avoid calling memcpy on overlapping memory areas + + In _gnutls_encrypt_session_ticket, ticket.encrypted_state is allocated + from ticket_data->data, thus those memory areas may overlap. Using + memcpy here leads to undefined behavior. + + Spotted by valgrind run on ppc64le. + + ==95231== Source and destination overlap in memcpy(0x47ce3a2, 0x47ce3a2, 160) + ==95231== at 0x408A840: memcpy (vg_replace_strmem.c:1023) + ==95231== by 0x424EE9F: pack_ticket (session_ticket.c:139) + ==95231== by 0x424FA4F: _gnutls_encrypt_session_ticket (session_ticket.c:335) + ==95231== by 0x4199E3B: generate_session_ticket (session_ticket.c:249) + ==95231== by 0x419A333: _gnutls13_send_session_ticket (session_ticket.c:307) + ==95231== by 0x40F8817: _gnutls13_handshake_server (handshake-tls13.c:511) + ==95231== by 0x4110DEB: handshake_server (handshake.c:3331) + ==95231== by 0x410C70B: gnutls_handshake (handshake.c:2727) + ==95231== by 0x10009EBF: retry_handshake (serv.c:1306) + ==95231== by 0x1000AB67: tcp_server (serv.c:1500) + ==95231== by 0x10009E5B: main (serv.c:1297) + ==95231== + + Signed-off-by: Daiki Ueno + +Author: Nikos Mavrogiannopoulos +Date: Tue Jul 9 10:06:47 2019 +0200 + + lib: mark infinite loops explicitly + + There were few infinite loop constructions which were checking + for an always true condition. Make sure that this construction + is marked explicitly as while(1) to assist static analysers, or + reviewers. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Tue Jul 9 09:56:24 2019 +0200 + + tests: improve coverage of CRQ related functions + + That adds sanity check of crq-related functions that were not included + in the testsuite at all. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Jul 8 19:33:50 2019 +0200 + + encode_ber_digest_info: added sanity check + + Issue found using oss-fuzz: + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15665 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Jul 3 21:04:23 2019 +0200 + + doc update [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Jun 13 09:13:22 2019 +0200 + + testcompat-openssl: added interop test with DTLS 1.2 + + This tests AES-CBC ciphersuites in isolation, as they are + prioritized lower than AES-GCM. We want to test them explicitly + because they have different behavior under EtM. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jun 7 23:22:52 2019 +0200 + + tests: added sanity check for rfc7633 behavior + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jun 7 16:51:30 2019 +0200 + + tests: status-request-missing: renamed to rfc7633-missing + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jun 7 16:39:53 2019 +0200 + + status-request-ext: run under all TLS versions + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jun 7 16:35:11 2019 +0200 + + tests: status-request: cleanup + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jun 7 16:34:21 2019 +0200 + + tests: status-request-missing: run for all TLS versions + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Jun 29 21:02:11 2019 +0200 + + gnutls-cli-debug: test whether RSA key exchange is supported + + Resolves: #449 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jun 28 21:08:32 2019 +0200 + + gnutls_session_get_desc: avoid printing a NULL value + + When gnutls_session_set_premaster() is used (under openconnect), + it is possible that gnutls_session_get_desc will print a string like + this: "(DTLS1.2)-(ECDHE-(null))-(AES-256-GCM)" + + With this change we ensure that we do not print null values. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Daiki Ueno +Date: Fri Jun 21 15:49:26 2019 +0200 + + nettle/rnd-fips: add FIPS 140-2 continuous RNG test + + This adds a continuous random number generator test as defined in FIPS + 140-2 4.9.2, by iteratively fetching fixed sized block from the system + and comparing consecutive blocks. + + Signed-off-by: Daiki Ueno + +Author: Dmitry Baryshkov +Date: Fri Jun 28 16:54:30 2019 +0300 + + lib: document gnutls_hmac_fast vs nonce relationship + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Jun 28 00:27:01 2019 +0300 + + tests/gnutls_hmac_fast: run test for AES-UMAC-96/-128 + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Tue Jun 25 00:12:29 2019 +0300 + + nettle: return true for gnutls_mac_exists(AES-CMAC*) + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Jun 28 16:28:58 2019 +0300 + + NEWS: add an entry for AES-GMAC algorithms + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Jun 28 00:27:01 2019 +0300 + + tests/gnutls_hmac_fast: run test for AES-GMAC-128/-192/-256 + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Jun 28 16:19:15 2019 +0300 + + nettle/mac: fail mac calculation if nonce is required but not provided + + Fail _wrap_nettle_mac_set_nonce() and _wrap_nettle_mac_fast() if MAC + requires nonce, but it was not supplied. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Fri Jun 28 00:27:04 2019 +0300 + + nettle/mac: in mac_fast call set_nonce after set_key + + Calling set_nonce before set_key is plain incorrect. For GMAC key is not + initialized. For UMAC set_key will reset nonce to empty. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Mon Jun 24 20:29:31 2019 +0300 + + lib: add support for AES-GMAC + + Add support for computing AES-GMAC using MAC API, as requested by Samba + for SMB3 support. + + Resolves: #781 + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Nikos Mavrogiannopoulos +Date: Fri Jun 28 14:59:19 2019 +0200 + + tests: gnutls_x509_crt_list_import: verify that return code is as documented + + That checks whether the return code of gnutls_x509_crt_list_import() + contains the number of loaded certificates. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Jun 28 08:20:31 2019 +0200 + + gnutls_x509_crt_list_import2: updated doc to reflect the actual return value options + + Resolves: #794 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon Apr 29 15:28:28 2019 +0200 + + Align _gnutls_x86_cpuid_s as OPENSSL_ia32cap_P would be + + We were not setting the third array member correctly, though + this didn't have any impact to previous implementations as they + did not rely on it. This also moves away from the custom implementation + of cpuid (which was limited), and we now rely on the compiler's + version. + + This effectively enables support for SHA_NI. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Fri Apr 26 14:43:19 2019 +0200 + + Updated asm files to latest version under cryptogams license + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Wed Jun 26 14:24:42 2019 +0300 + + NEWS: document gnutls_hash/hmac_copy addition + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Nikos Mavrogiannopoulos +Date: Wed Jun 26 11:27:27 2019 +0200 + + gnutls_hash/hmac_copy: check its usability in all cases + + During the test suite run we require that all supported + MAC and hash algorithms implement the copy function. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Jun 26 11:20:25 2019 +0200 + + accelerated ciphers: implement hmac and hash copy + + This implements the new API to all internal implementations. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Dmitry Baryshkov +Date: Wed Jun 26 11:00:39 2019 +0300 + + lib: add support for gnutls_hash_copy() + + Add gnutls_hash_copy() function for copying message digest context. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Mon Jun 24 17:42:10 2019 +0300 + + crypto-selftests: add test for gnutls_hmac_copy() + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Mon Jun 24 17:38:56 2019 +0300 + + api: add gnutls_hmac_copy() function + + Add gnutls_hmac_copy() API to duplicate MAC handler state, which is + necessary for SMB3 support. + + Resolves: #787 + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Nov 30 01:34:14 2016 +0300 + + Add MAC copying support to nettle backend + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Dmitry Baryshkov +Date: Wed Nov 30 01:32:30 2016 +0300 + + Add MAC api to support copying of instances + + GOST ciphersuites requires continuously computing MAC of all the + previously sent or received data. The easies way to support that is to + add support for copy function, that creates MAC instance with the same + internal state. + + Signed-off-by: Dmitry Eremin-Solenikov + +Author: Nikos Mavrogiannopoulos +Date: Wed May 29 10:36:24 2019 +0200 + + updated auto-generated files + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu Apr 4 16:25:37 2019 +0200 + + config: added ability to override and mark algorithms as disabled + + This allows the system administrator or the distributor to use + the gnutls configuration file to mark hashes, signature algorithms, + TLS versions, curves, groups, ciphers KX, and MAC algorithms as + insecure (the last four only in the context of a TLS session). + It also allows to set a minimum profile which the applications + cannot fall below. + + The options intentionally do not allow marking algorithms as + secure so that the configuration file cannot be used as an attack + vector. This change also makes sure that unsupported and disabled protocols + during compile time (e.g., SSL3.0), do not get listed by gnutls-cli. + + The configuration file feature can be disabled at compile time + with an empty --with-system-priority-file. + + This patch it introduces the function gnutls_get_system_config_file() + allowing applications to check whether a configuration file + was used. + + Resolves: #587 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Apr 3 11:59:37 2019 +0200 + + Use inih to parse configuration file + + This introduces the inih copylib, and makes our configuration + file parsing more flexible. + + Relates: #587 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Jun 19 21:38:32 2019 +0200 + + Marked the crypto backend registration APIs as deprecated + + This is to warn for a future conversion of these APIs to a no-op. + + Resolves: #789 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Wed Jun 19 14:20:26 2019 +0000 + + gnutls-cli-debug.sh: sanity check of %ALLOW_SMALL_RECORDS test + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Daiki Ueno +Date: Fri Jun 7 11:39:53 2019 +0200 + + tlsfuzzer: test both with and without %ALLOW_SMALL_RECORDS + + The option changes the behavior of the server, it would make sense to + check both with and without %ALLOW_SMALL_RECORDS. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Fri Jun 7 15:10:36 2019 +0200 + + tlsfuzzer: use fixed HTTP response for record_size_limit tests + + Previously those tests assumed varying sizes of connection information + gnutls-serv sends. This is too brittle and if the default algorithm + has changed the tests need to be updated. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Fri Jun 7 14:54:58 2019 +0200 + + gnutls-serv: add --httpdata option to respond with fixed sized data + + By default, the gnutls-server --http responds with the connection + information. While this is useful for manual testing, fixed content + would be more desirable for automated testing. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Fri Jun 7 11:37:37 2019 +0200 + + gnutls-cli-debug: check if %ALLOW_SMALL_RECORDS is required + + This adds a new test against the server to check if + %ALLOW_SMALL_RECORDS is required to continue communicating with the + server. The test is in two parts: one to check if the server accepts + records with the default size (512 bytes) and the other is to check if + %ALLOW_SMALL_RECORDS helps if the previuos test fails. + + Signed-off-by: Daiki Ueno + +Author: Daiki Ueno +Date: Wed Jun 19 14:36:31 2019 +0200 + + gnutls-serv: add --recordsize option + + This adds a means to set maximum record size to receive. If the size + is less than our default (< 512), --priority with %ALLOW_SMALL_RECORDS + also needs to be specified. + + Signed-off-by: Daiki Ueno + +Author: Karsten Ohme +Date: Wed Jun 19 07:51:16 2019 +0200 + + Corrected call for updating ABI files + + Signed-off-by: Karsten Ohme + +Author: Nikos Mavrogiannopoulos +Date: Sun Jun 16 14:08:54 2019 +0200 + + doc: updated p11-kit links [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Andreas Metzler +Date: Sat Jun 15 11:38:46 2019 +0200 + + CONTRIBUTING.md: Fix syntax error [ci skip] + + Signed-off-by: Andreas Metzler + +Author: Ludovic Courtès +Date: Wed Jun 12 11:37:39 2019 +0200 + + guile: Add support for post-handshake reauthentication. + + * guile/modules/gnutls/build/enums.scm (%connection-flag-enum): New + variable. + (%gnutls-enums): Add it. + * guile/modules/gnutls.in: Export 'reauthenticate', + 'connection-flag->string', and all the 'connection-flag/' bindings. + * guile/src/core.c (scm_gnutls_make_session): Add rest arguments FLAGS + and honor it. + (scm_gnutls_reauthenticate): New function. + * guile/tests/reauth.scm: New file. + * guile/Makefile.am (TESTS): Add it. + + Signed-off-by: Ludovic Courtès + +Author: Ludovic Courtès +Date: Wed Jun 12 11:32:19 2019 +0200 + + guile: Loop or poll upon GNUTLS_E_AGAIN and GNUTLS_E_INTERRUPTED. + + * guile/src/core.c (do_fill_port) [USING_GUILE_BEFORE_2_2]: Loop while + 'gnutls_record_recv' returns GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED. + (read_from_session_record_port) [!USING_GUILE_BEFORE_2_2]: Likewise, and + return -1 if SCM_GNUTLS_SESSION_TRANSPORT_IS_FD and we got GNUTLS_E_AGAIN. + (session_record_port_fd) [!USING_GUILE_BEFORE_2_2]: New function. + (scm_init_gnutls_session_record_port_type) [!USING_GUILE_BEFORE_2_2]: + Call 'scm_set_port_read_wait_fd'. + + Signed-off-by: Ludovic Courtès + +Author: Ludovic Courtès +Date: Fri Jun 7 11:06:18 2019 +0200 + + guile: Add bindings for 'gnutls_error_is_fatal'. + + * guile/src/errors.c (scm_gnutls_fatal_error_p): New function. + * guile/modules/gnutls.in: Export 'fatal-error?'. + * guile/tests/errors.scm: test 'fatal-error?'. + + Signed-off-by: Ludovic Courtès + +Author: Ludovic Courtès +Date: Fri Jun 7 10:34:42 2019 +0200 + + guile: Update list of error values. + + * guile/modules/gnutls/build/enums.scm (%error-enum): Update list of + error constants. + * guile/modules/gnutls.in (gnutls): Adjust exports accordingly. + + Signed-off-by: Ludovic Courtès + +Author: Daiki Ueno +Date: Wed Jun 12 14:02:05 2019 +0200 + + fips: run selftests over overridden AES-CBC algorithm + + Previously, we only tested nettle's AES-CBC in + _gnutls_fips_perform_self_checks1(), which is called before the + implementation is overridden. This adds an AES-CBC self-test in + _gnutls_fips_perform_self_checks2() so it can test the actual + implementation. + + Signed-off-by: Daiki Ueno + +Author: Ludovic Courtès +Date: Thu Jun 6 18:30:28 2019 +0200 + + guile: Deprecate OpenPGP bindings. + + * guile/modules/gnutls.in (define-deprecated): New macro. + Use it for all the *openpgp* bindings. + * guile/src/core.c: Rename *openpgp* bindings with a '%' prefix. + + Signed-off-by: Ludovic Courtès + +Author: Nikos Mavrogiannopoulos +Date: Mon Jun 10 22:12:09 2019 +0200 + + gnutls_privkey_sign_hash2: accept the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA flag + + Previously this flag was ignored, although documented not to. + This patch also enables the tests sign-verify-newapi and sign-verify-data-newapi + which were supposed to test this interface, but were never enabled. + + This was caught by Andreas Metzler. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu May 30 13:49:22 2019 +0200 + + tests: removed debugging output from GETPORT + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat Jun 8 19:19:03 2019 +0200 + + .gitlab-ci.yml: include top log files in all build failures [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Ludovic Courtès +Date: Fri Jun 7 10:16:02 2019 +0200 + + guile: Remove unbounded uses of 'alloca'. + + * guile/src/core.c (ALLOCA_MAX_SIZE, FAST_ALLOC): New macros. + (set_certificate_file): + (scm_gnutls_set_certificate_credentials_x509_key_files_x) + (scm_gnutls_set_srp_server_credentials_files_x) + (scm_gnutls_set_srp_client_credentials_x) + (scm_gnutls_srp_base64_encode, scm_gnutls_srp_base64_decode) + (scm_gnutls_set_psk_server_credentials_file_x) + (scm_gnutls_pkcs8_import_x509_private_key) + (scm_gnutls_x509_certificate_matches_hostname_p) + (scm_gnutls_import_openpgp_private_key): Use 'FAST_ALLOC' instead of + 'alloca'. + * guile/src/utils.c: Remove unneeded include. + + Signed-off-by: Ludovic Courtès + +Author: Ludovic Courtès +Date: Fri Jun 7 10:11:12 2019 +0200 + + guile: Always provide 'scm_gc_malloc_pointerless'. + + * guile/src/core.c (scm_gc_malloc_pointerless) + [!HAVE_SCM_GC_MALLOC_POINTERLESS]: New macro. + (make_session_record_port): Remove #ifdef HAVE_SCM_GC_MALLOC_POINTERLESS. + + Signed-off-by: Ludovic Courtès + +Author: Daiki Ueno +Date: Wed Jun 5 16:48:39 2019 +0200 + + tls13/key_update: ignore multiple key updates instead of error + + This fixes the multiple KeyUpdate messages handling in commit + 65e2aa80d114d4bef095d129c2eda475e473244a, where illegal_parameter is + sent even if the limit doesn't exceed. + + Signed-off-by: Daiki Ueno + +Author: Tim Rühsen +Date: Mon Jun 3 21:53:05 2019 +0200 + + Prefix gcc attributes with 'attr_' + + Signed-off-by: Tim Rühsen + +Author: Nikos Mavrogiannopoulos +Date: Mon Jun 3 13:26:18 2019 +0200 + + gnutls_prf_early: corrected Since version [ci skip] + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Tim Rühsen +Date: Sun Jun 2 12:42:16 2019 +0200 + + Fix warn_unused_result for clang < 4 + + Signed-off-by: Tim Rühsen + +Author: Nikos Mavrogiannopoulos +Date: Sat Jun 1 16:18:50 2019 +0200 + + .gitlab-ci.yml: switched fedora to latest version + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Thu May 30 14:42:52 2019 +0200 + + Makefile.am: do not create files when it shouldn't + + If a pdf or html file is not distributed, previously `make dist` + would create a file called '*.pdf' which did not make sense. This + addresses this problem. + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Sat May 25 21:17:27 2019 +0200 + + Do not regenerate autogen files if --enable-local-libopts is given + + This addresses issue on installed systems which have autogen but + use --enable-local-libopts. In these systems if the installed autogen + would not match the local libopts library version compilation would + fail because the auto-generated files depend on the corresponding to + autogen version libopts internals. + + Resolves: #772 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos +Date: Mon May 27 15:16:52 2019 +0200 + + Remove malloc from gnutls_srp_set_server_fake_salt_seed() + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Tim Rühsen +Date: Mon May 20 12:49:51 2019 +0200 + + gnutls_session_set_data(): Check for allocation error + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Mon May 20 12:46:54 2019 +0200 + + _gnutls_set_[str]datum: Cleanup, add function attributes + + _gnutls_set_datum(): Do not change output 'dat' on error + _gnutls_set_strdatum: Likewise, cleanup code + + Signed-off-by: Tim Rühsen + +Author: Tim Rühsen +Date: Tue May 21 11:17:39 2019 +0200 + + Add nonnull, nonnull_all and warn_unusd_result attributes in lib/gnutls_int.h + + Signed-off-by: Tim Rühsen + Author: Nikos Mavrogiannopoulos Date: Tue May 28 07:05:46 2019 +0200 @@ -29,7 +5049,19 @@ Date: Mon May 27 21:29:44 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos +Date: Sun May 26 21:35:19 2019 +0200 + + RELEASES.md: document the releases policy [ci skip] + + This adds a file to document the policy on releases based on + the discussions taken place in the last face to face meeting. + + https://gitlab.com/gnutls/gnutls/wikis/face2face-meeting-fosdem2019 + + Signed-off-by: Nikos Mavrogiannopoulos + +Author: Nikos Mavrogiannopoulos Date: Fri May 24 12:59:13 2019 +0200 .gitlab-ci.yml: ensure that the LIBS variable is empty after a configure run @@ -52,7 +5084,7 @@ Date: Thu May 23 21:20:49 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 23 11:41:45 2019 +0200 bumped version @@ -89,7 +5121,7 @@ Date: Thu May 23 21:11:58 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 23 15:29:23 2019 +0200 tests: prf-early.sh: use the static flag of datefudge @@ -98,21 +5130,21 @@ Date: Thu May 23 15:29:23 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 23 15:41:19 2019 +0200 tlsfuzzer: reverted accidental move to incorrect version Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 23 11:44:12 2019 +0200 NEWS: doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 23 11:41:45 2019 +0200 bumped version @@ -191,7 +5223,7 @@ Date: Wed May 1 10:57:51 2019 -0400 Signed-off-by: Simo Sorce -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed May 22 10:39:27 2019 +0200 tls13/key_update: increase handling limit from 1 to 8 @@ -205,14 +5237,14 @@ Date: Wed May 22 10:39:27 2019 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed May 22 11:51:57 2019 +0200 tlsfuzzer: use %ALLOW_SMALL_RECORDS for testing Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed May 22 11:16:03 2019 +0200 priority: add new option to allow small records (>= 64) @@ -227,7 +5259,7 @@ Date: Wed May 22 11:16:03 2019 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue May 21 08:32:21 2019 +0200 record_add_to_buffers: check if there is an incomplete handshake header @@ -238,7 +5270,7 @@ Date: Tue May 21 08:32:21 2019 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri May 17 11:51:00 2019 +0200 algorithms: eliminate the FFDHE alert desc requirement @@ -262,7 +5294,7 @@ Date: Fri May 17 14:44:06 2019 +0300 Signed-off-by: Aleksei Nikiforov -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 21 08:22:08 2019 +0200 tests: verify functionality of GNUTLS_VERIFY_DISABLE_CA_SIGN flag @@ -298,7 +5330,7 @@ Date: Mon May 20 21:34:30 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 20 16:13:12 2019 +0200 certtool: CA certificates will contain the digital signature key usage flag @@ -310,7 +5342,7 @@ Date: Mon May 20 16:13:12 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 20 14:40:31 2019 +0200 Added profile to correspond to the future security parameter @@ -323,14 +5355,14 @@ Date: Mon May 20 14:40:31 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 20 15:47:41 2019 +0200 tests: added unit tests of utc and generalTime convertor Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Apr 29 19:03:55 2019 +0200 server auth: disable TLS 1.3 if no signature algorithm is usable @@ -350,7 +5382,7 @@ Date: Sat May 18 21:13:10 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 20 14:34:56 2019 +0200 gnutls-serv: GERR macro will output in stderr @@ -396,7 +5428,7 @@ Date: Tue May 14 21:39:46 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Apr 25 17:08:43 2019 +0200 ext/record_size_limit: distinguish sending and receiving limits @@ -415,7 +5447,7 @@ Date: Thu Apr 25 17:08:43 2019 +0200 Signed-off-by: Daiki Ueno -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue May 7 14:49:05 2019 +0300 lib/nettle: fix carry flag in Streebog code @@ -559,7 +5591,7 @@ Date: Fri May 3 19:10:03 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Apr 30 14:42:51 2019 +0200 crypto: add private API to retrieve internal IV @@ -572,7 +5604,7 @@ Date: Tue Apr 30 14:42:51 2019 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Apr 29 13:15:33 2019 +0200 abi-check: supply --hd2 to abi-check-latest target @@ -589,7 +5621,7 @@ Date: Sat Apr 20 18:46:23 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 15 14:32:55 2019 +0200 certtool: generate RSA-PSS certificates from RSA keys @@ -605,14 +5637,14 @@ Date: Mon Apr 15 14:32:55 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Apr 19 22:04:24 2019 +0200 tls13/session_ticket: use the same ticket_age_add regardless of endianness Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Apr 19 16:59:31 2019 +0200 tls13/session_ticket: avoid UB regarding 64-bit time encoding @@ -622,7 +5654,7 @@ Date: Fri Apr 19 16:59:31 2019 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Apr 19 08:12:56 2019 +0200 tests: make datefudge check robuster @@ -634,7 +5666,7 @@ Date: Fri Apr 19 08:12:56 2019 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Apr 11 14:35:32 2019 +0200 serv, cli: add --keymatexport option @@ -645,7 +5677,7 @@ Date: Thu Apr 11 14:35:32 2019 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Apr 11 12:11:00 2019 +0200 prf: add function to retrieve early keying material @@ -657,14 +5689,14 @@ Date: Thu Apr 11 12:11:00 2019 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Apr 11 12:07:00 2019 +0200 handshake: generate early exporter secret Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Apr 11 12:00:46 2019 +0200 handshake: move early secrets calculation to pre_shared_key @@ -674,28 +5706,28 @@ Date: Thu Apr 11 12:00:46 2019 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Apr 11 12:10:00 2019 +0200 tests/tls13/prf: check if the exported material matches on server Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Apr 11 11:23:26 2019 +0200 prf: centrally define "exporter" label in handshake.h Signed-off-by: Daiki Ueno -Author: Andreas Metzler +Author: Andreas Metzler Date: Thu Apr 18 18:43:30 2019 +0200 doc: Add documentation for GNUTLS_CERT_IGNORE Signed-off-by: Andreas Metzler -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Apr 16 14:27:10 2019 +0200 p11tool: copy vendor query attributes when listing privkeys @@ -805,7 +5837,7 @@ Date: Thu Apr 11 09:46:21 2019 +0200 Signed-off-by: Tim Rühsen Reported-by: J. Ali Harlow (@j_ali on Gitlab.com) -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Apr 9 18:20:15 2019 +0200 tests: fix race condition in tls13/post-handshake-with-cert-pkcs11 @@ -893,7 +5925,7 @@ Date: Sun Apr 7 13:03:20 2019 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Apr 4 16:51:28 2019 +0200 tests: add post-handshake auth test using PKCS#11 token @@ -903,7 +5935,7 @@ Date: Thu Apr 4 16:51:28 2019 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Apr 4 16:40:11 2019 +0200 tests: add mock PKCS#11 module disabling RSA-PSS @@ -944,7 +5976,7 @@ Date: Fri Apr 5 10:04:12 2019 -0400 Signed-off-by: Elta Koepp -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Apr 4 17:01:24 2019 +0200 cert auth: reject auth if no signature algorithm is usable in TLS 1.3 @@ -957,7 +5989,7 @@ Date: Thu Apr 4 17:01:24 2019 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Apr 1 14:14:12 2019 +0200 handshake: remove unnecessary HSK_CRT_SENT flag @@ -967,7 +5999,7 @@ Date: Mon Apr 1 14:14:12 2019 +0200 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 3 11:59:37 2019 +0200 .gitlab-ci.yml: do not run commit-check on master branch @@ -1046,7 +6078,7 @@ Date: Wed Mar 27 07:21:31 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Mar 25 16:06:39 2019 +0100 handshake: add missing initialization of local variable @@ -1056,7 +6088,7 @@ Date: Mon Mar 25 16:06:39 2019 +0100 Signed-off-by: Daiki Ueno Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 25 15:47:51 2019 +0100 fuzz: added fuzzer for certificate verification @@ -1067,7 +6099,7 @@ Date: Mon Mar 25 15:47:51 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 26 16:11:42 2019 +0100 bumped version @@ -1115,14 +6147,14 @@ Date: Sat Mar 23 00:38:17 2019 +0200 Signed-off-by: Alon Bar-Lev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 20 11:40:15 2019 +0100 _x509_en/decode_provable_seed: clarified purpose of functions [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 1 11:15:47 2019 +0100 handshake: increase the default number of tickets we send to 2 @@ -1192,7 +6224,7 @@ Date: Fri Mar 15 17:00:17 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 13 15:14:37 2019 +0100 pkcs11: security officer login implies writable session @@ -1272,7 +6304,7 @@ Date: Tue Feb 5 16:22:43 2019 +0100 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 13 09:03:39 2019 +0100 .gitlab-ci.yml: updated cache key name @@ -1325,7 +6357,7 @@ Date: Fri Mar 8 20:17:49 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Mar 4 17:17:47 2019 +0100 tls13/certificate: utilize "certificate_required" alert @@ -1335,7 +6367,7 @@ Date: Mon Mar 4 17:17:47 2019 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Feb 27 18:38:09 2019 +0100 alert: recognize "certificate_required" @@ -1380,7 +6412,7 @@ Date: Thu Feb 28 22:15:26 2019 +0000 Signed-off-by: Bas van Schaik -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 25 14:41:24 2019 +0100 .gitlab-ci.yml: added thread sanitizer run @@ -1390,14 +6422,14 @@ Date: Mon Feb 25 14:41:24 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 25 14:35:16 2019 +0100 Protected _gnutls_epoch_get from _gnutls_epoch_gc on false start Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 25 15:11:19 2019 +0100 gnutls_record_send2: try to ensure integrity of operations on false and early start @@ -1449,7 +6481,7 @@ Date: Fri Mar 1 20:13:38 2019 +0100 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 27 10:01:47 2019 +0100 Clarifications on AEAD ciphers @@ -1458,7 +6490,7 @@ Date: Wed Feb 27 10:01:47 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 27 09:29:04 2019 +0100 Improve documentation for gnutls_cipher_get_iv_size @@ -1470,7 +6502,7 @@ Date: Wed Feb 27 09:29:04 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 26 15:42:01 2019 +0100 pkcs11: clarify GNUTLS_PKCS11_TOKEN_MODNAME presence [ci skip] @@ -1479,14 +6511,14 @@ Date: Tue Feb 26 15:42:01 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 26 15:21:48 2019 +0100 cppcheck: suppress warning on nettle code [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Sat Feb 23 18:43:49 2019 +0100 gnutls-cli: fix --benchmark-ciphers type overflow @@ -1529,14 +6561,14 @@ Date: Tue Feb 12 15:09:11 2019 +0100 Signed-off-by: Tim Rühsen -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Feb 19 13:56:35 2019 +0100 tlsfuzzer: update to the latest upstream for downgrade protection tests Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Sat Feb 9 10:26:56 2019 +0100 ext/supported_versions: regenerate server random @@ -1619,7 +6651,7 @@ Date: Thu Feb 14 09:38:33 2019 -0500 Signed-off-by: R. Andrew Bailey -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Feb 8 14:46:33 2019 +0100 gnutls_record_set_max_size: make it work on server side @@ -1630,14 +6662,14 @@ Date: Fri Feb 8 14:46:33 2019 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Jan 31 13:39:35 2019 +0100 tlsfuzzer: update to the latest upstream for record_size_limit test Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Feb 8 13:22:13 2019 +0100 ext/record_size_limit: account for content type octet in TLS 1.3 @@ -1654,7 +6686,7 @@ Date: Fri Feb 8 13:22:13 2019 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Jan 31 16:56:55 2019 +0100 decrypt_packet_tls13: add check for max plaintext size @@ -1664,28 +6696,28 @@ Date: Thu Jan 31 16:56:55 2019 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jan 25 17:00:44 2019 +0100 record: reject too large plaintext after decryption Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Jan 30 16:45:08 2019 +0100 constate: reset max_record_recv_size upon renegotiation Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Jan 30 10:21:07 2019 +0100 session_pack: reset max_record_recv_size when packing Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Jan 17 11:53:35 2019 +0100 ext/record_size_limit: don't confuse with negotiated/user-supplied maximum @@ -1696,7 +6728,7 @@ Date: Thu Jan 17 11:53:35 2019 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Sun Jan 20 09:18:21 2019 +0100 ext/max_record: server shouldn't send it with record_size_limit @@ -1708,7 +6740,7 @@ Date: Sun Jan 20 09:18:21 2019 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Feb 7 16:28:52 2019 +0100 _gnutls_hello_ext_is_present: don't ignore max_fragment_length @@ -1717,14 +6749,14 @@ Date: Thu Feb 7 16:28:52 2019 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jan 25 17:04:40 2019 +0100 .dir-locals.el: disable indent-tabs-mode in js-mode Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 14 13:01:34 2019 +0100 bootstrap.conf: do not override GNULIB_SRCDIR @@ -1734,7 +6766,7 @@ Date: Thu Feb 14 13:01:34 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 11 09:18:46 2019 +0100 x509: corrected issue in the algorithm parameters comparison @@ -1822,7 +6854,7 @@ Date: Wed Feb 6 20:35:11 2019 +0100 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sun Feb 3 12:18:30 2019 +0100 _gnutls_gen_rawpk_crt: corrected the use of assert @@ -1832,7 +6864,7 @@ Date: Sun Feb 3 12:18:30 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sun Feb 3 08:47:50 2019 +0100 raw public keys: apply the key usage bits the same way as X.509 @@ -1842,7 +6874,7 @@ Date: Sun Feb 3 08:47:50 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Feb 2 09:13:40 2019 +0100 Fallback to TLS 1.2 when incompatible with signature certs are provided @@ -1855,7 +6887,7 @@ Date: Sat Feb 2 09:13:40 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Feb 2 07:10:10 2019 +0100 Enforce the certificate key usage restrictions on all cases @@ -1880,7 +6912,7 @@ Date: Mon Jan 21 12:54:58 2019 +0100 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 4 15:10:19 2019 +0100 .triage-policies.yml: added [ci skip] @@ -1899,7 +6931,7 @@ Date: Mon Feb 4 15:10:19 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Feb 2 17:47:48 2019 +0300 build: do not generate mech-list.h if p11-kit is not available @@ -1911,7 +6943,7 @@ Date: Sat Feb 2 17:47:48 2019 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Feb 2 17:32:01 2019 +0300 build: pass NETTLE_LIBS together with HOGWEED_LIBS @@ -1934,7 +6966,7 @@ Date: Sat Jan 26 21:44:28 2019 +0100 Signed-off-by: Tim Rühsen -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Jan 30 21:58:34 2019 +0300 lib/nettle: replace nettle-stdint.h with just stdint.h @@ -2050,7 +7082,7 @@ Date: Thu Jan 24 20:25:59 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Thu Jan 24 18:48:40 2019 +0100 certtool.1: fix formatting @@ -2061,14 +7093,14 @@ Date: Thu Jan 24 18:48:40 2019 +0100 Signed-off-by: Andreas Metzler -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Jan 23 17:52:47 2019 +0100 tlsfuzzer: update to the latest upstream for record_size_limit tests Signed-off-by: Daiki Ueno -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu Jan 24 01:57:13 2019 +0300 configure.ac: fix substitution for libatomic @@ -2102,21 +7134,21 @@ Date: Wed Jan 23 15:13:12 2019 +0100 Signed-off-by: Tim Rühsen -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Jan 22 15:47:39 2019 +0100 tests: check record_size_limit is reset after resumption Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Sat Jan 19 10:31:52 2019 +0100 constate: don't restore max_record_recv_size from resumed data Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Jan 17 17:50:49 2019 +0100 ext/record_size_limit: mark it as mandatory extension @@ -2126,7 +7158,7 @@ Date: Thu Jan 17 17:50:49 2019 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Jan 17 11:52:50 2019 +0100 ext/record_size_limit: reject too large extension payload @@ -2155,7 +7187,7 @@ Date: Wed Jan 23 13:36:23 2019 +0100 Signed-off-by: Fabrice Fontaine -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 23 08:42:54 2019 +0100 tests: added tests for multiple ticket reception @@ -2289,7 +7321,7 @@ Date: Thu Jan 17 10:22:45 2019 +0100 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 14 10:56:27 2019 +0100 certtool: data encipherment is disabled by default @@ -2327,7 +7359,7 @@ Date: Thu Jan 10 07:56:17 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 8 12:26:19 2019 +0100 When sending no extensions do not include a zero length @@ -2351,7 +7383,7 @@ Date: Tue Jan 8 19:37:49 2019 +0000 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Jan 2 13:21:49 2019 +0100 tls-sig: check RSA-PSS signature key compatibility also in TLS 1.2 @@ -2363,14 +7395,14 @@ Date: Wed Jan 2 13:21:49 2019 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Jan 8 18:09:29 2019 +0100 tlsfuzzer: update to the latest upstream for the TLS 1.2 CV tests Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Jan 8 18:06:17 2019 +0100 alert: map GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM to illegal_parameter @@ -2380,7 +7412,7 @@ Date: Tue Jan 8 18:06:17 2019 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Jan 8 14:40:25 2019 +0100 Revert "build: remove src/*.bak from distribution" @@ -2390,7 +7422,7 @@ Date: Tue Jan 8 14:40:25 2019 +0100 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 8 12:07:00 2019 +0100 _gnutls_hello_ext_set_datum: removed unnecessary remark [ci skip] @@ -2415,7 +7447,7 @@ Date: Mon Jan 7 17:46:10 2019 +0200 Signed-off-by: Alon Bar-Lev -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Jan 2 13:44:50 2019 +0100 ext/pre_shared_key: avoid unnecessary use of VLA for MSVC @@ -2439,7 +7471,7 @@ Date: Thu Jan 3 16:36:17 2019 +0100 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 3 09:51:34 2019 +0100 tests: treat all signals as error @@ -2455,7 +7487,7 @@ Date: Thu Jan 3 09:51:34 2019 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 4 14:48:26 2019 +0100 Revert "verify-high2: Fix cert dir iteration on Win32" @@ -2479,7 +7511,7 @@ Date: Tue Jan 1 14:26:04 2019 +0100 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 3 09:13:56 2019 +0100 _gnutls13_handshake_sign_data: properly fail on signing error @@ -2576,7 +7608,7 @@ Date: Sat Dec 29 19:16:57 2018 +0100 Signed-off-by: Tim Rühsen -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Dec 25 14:44:11 2018 +0300 tests: cipher-openssl-compat: don't call EVP_CIPHER_CTX_init() @@ -2588,7 +7620,7 @@ Date: Tue Dec 25 14:44:11 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Dec 25 14:43:56 2018 +0300 tests: cipher-openssl-compat: don't fail if OpenSSL doesn't provide cipher @@ -2645,7 +7677,7 @@ Date: Thu Dec 20 16:33:34 2018 +0100 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 19 09:41:41 2018 +0100 vasprintf: use from gnulib; don't bundle twice @@ -2809,7 +7841,7 @@ Date: Sat Dec 15 22:01:10 2018 +0100 find_token_modname_cb uses p11_kit_config_option to retrieve the module name, but its return value (stored in tn.modname) must be freed. -Author: Tom Vrancken +Author: Tom Vrancken Date: Sat Aug 26 14:22:44 2017 +0200 Implemented support for raw public-key functionality (RFC7250). @@ -2866,7 +7898,7 @@ Date: Thu Nov 15 10:44:20 2018 +0100 Signed-off-by: Tim Rühsen Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 12 09:48:01 2018 +0100 GNUTLS_PCERT_NO_CERT: marked as unused/ignored @@ -2875,7 +7907,7 @@ Date: Wed Dec 12 09:48:01 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 11 09:34:22 2018 +0100 srp/psk: update recommendations for usernames [ci skip] @@ -2889,7 +7921,7 @@ Date: Wed Dec 12 06:15:25 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Dec 6 14:59:30 2018 +0100 tlsfuzzer: update to the latest upstream to eanble CCS tests @@ -2906,7 +7938,7 @@ Date: Tue Dec 4 17:15:02 2018 +0100 Signed-off-by: Tim Rühsen -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Nov 22 14:59:11 2018 +0100 record: make CCS handling stricter in TLS 1.3 @@ -2917,7 +7949,7 @@ Date: Thu Nov 22 14:59:11 2018 +0100 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 5 14:44:23 2018 +0100 bootstrap: only update the required submodules for building @@ -2929,7 +7961,7 @@ Date: Wed Dec 5 14:44:23 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Sat Dec 1 13:26:20 2018 +0100 Fix error message on old or missing nettle. @@ -2957,14 +7989,14 @@ Date: Wed Oct 3 13:12:38 2018 -0400 Signed-off-by: Simo Sorce -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 28 16:00:34 2018 +0100 Added test about rsa decryption under pkcs11 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 30 10:28:28 2018 +0100 gnutls_x509_crt_set_expiration_time: fixed documentation [ci skip] @@ -2989,7 +8021,7 @@ Date: Fri Nov 30 08:44:35 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu Nov 29 06:05:22 2018 +0300 tests: attempt to fix test errors on Mac OS X @@ -3000,14 +8032,14 @@ Date: Thu Nov 29 06:05:22 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 28 23:39:32 2018 +0300 travis: print logs for all failed tests Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 28 14:10:35 2018 +0300 lib: fix pkcs11 using defines from PKCS#11 3.0 for EdDSA @@ -3044,7 +8076,7 @@ Date: Wed Nov 21 21:09:33 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 28 16:03:59 2018 +0300 tests: fix crl test under MinGW32/64 @@ -3108,7 +8140,7 @@ Date: Tue Nov 27 22:27:26 2018 +0100 Signed-off-by: Stephan Mueller -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 27 13:47:46 2018 +0100 Fix session description info printing @@ -3119,7 +8151,7 @@ Date: Tue Nov 27 13:47:46 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 20 11:30:22 2018 +0100 Prevent applications from combining legacy versions of TLS with TLS1.3 @@ -3134,14 +8166,14 @@ Date: Tue Nov 20 11:30:22 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 21 18:35:07 2018 +0300 cert-tests: verify --no-text switch for pkcs7/pkcs12 info Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Nov 16 03:46:52 2018 +0300 certtool: don't output textual information if --no-text was given @@ -3151,7 +8183,7 @@ Date: Fri Nov 16 03:46:52 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 21 20:05:20 2018 +0300 certtool: don't output pkcs12 information to stderr @@ -3160,14 +8192,14 @@ Date: Wed Nov 21 20:05:20 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 21 18:35:07 2018 +0300 cert-tests: verify --no-text switch for cert/crq/pub/privkeys Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Nov 16 03:46:52 2018 +0300 certtool: don't output textual information if --no-text was given @@ -3179,7 +8211,7 @@ Date: Fri Nov 16 03:46:52 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Stefan Berger +Author: Stefan Berger Date: Mon Nov 19 11:47:45 2018 -0500 tests: tpm: Use kill_proc to terminate a process @@ -3189,7 +8221,7 @@ Date: Mon Nov 19 11:47:45 2018 -0500 Signed-off-by: Stefan Berger -Author: Stefan Berger +Author: Stefan Berger Date: Mon Nov 19 11:19:53 2018 -0500 tests: tpm: Redirect help screen output to stdout @@ -3199,14 +8231,14 @@ Date: Mon Nov 19 11:19:53 2018 -0500 Signed-off-by: Stefan Berger -Author: Daiki Ueno +Author: Daiki Ueno Date: Sat Nov 24 16:59:12 2018 +0100 doc: suggest to check max_early_data_size before sending early data Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Nov 22 14:59:54 2018 +0100 tests: resume: suppress compiler warnings @@ -3223,7 +8255,7 @@ Date: Sun Nov 25 13:46:44 2018 +0100 Signed-off-by: Stephan Mueller -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Nov 22 15:04:00 2018 +0100 .gitignore: ignore more files and sort them alphabetically @@ -3237,7 +8269,7 @@ Date: Sat Nov 24 15:58:48 2018 +0100 Signed-off-by: Tim Rühsen -Author: Daiki Ueno +Author: Daiki Ueno Date: Sat Nov 24 15:57:11 2018 +0100 build: fix srcdir detection when VPATH build @@ -3247,7 +8279,7 @@ Date: Sat Nov 24 15:57:11 2018 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Sat Nov 24 16:00:48 2018 +0100 tests: remove unnecessary session creation in tls13/anti_replay @@ -3264,14 +8296,14 @@ Date: Wed Nov 21 21:09:55 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 19 14:16:50 2018 +0100 tests: added test for RSA decryption under gnutls_privkey_import_ext4 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 19 14:07:39 2018 +0100 crypto-self-tests-pk: added RSA-PSS sign/verify tests @@ -3325,7 +8357,7 @@ Date: Mon Nov 19 06:50:55 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 14 15:20:08 2018 +0100 gnutls_certificate_type_get*: ensure that the default type is returned @@ -3340,14 +8372,14 @@ Date: Wed Nov 14 15:20:08 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Nov 16 16:13:31 2018 +0100 tests/tls13-early-data: check if max_early_data_size is advertised Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Nov 16 14:25:49 2018 +0100 serv: add --maxearlydata option @@ -3356,14 +8388,14 @@ Date: Fri Nov 16 14:25:49 2018 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Sun Nov 18 05:47:08 2018 +0100 record: gnutls_record_send_early_data: check the upper limit Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Nov 16 16:12:13 2018 +0100 tls13/session_ticket: fix "max_early_data_size" extension handling @@ -3393,7 +8425,7 @@ Date: Fri Nov 16 21:16:33 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Stefan Berger +Author: Stefan Berger Date: Fri Nov 16 10:47:23 2018 -0500 tests: tpm: Extend test case to not use --register @@ -3420,28 +8452,28 @@ Date: Wed Nov 14 10:07:08 2018 -0500 Signed-off-by: Stefan Berger -Author: Stefan Berger +Author: Stefan Berger Date: Fri Nov 16 06:48:01 2018 -0500 .gitlab-ci.yml: copy the log files of minimal.Fedora to the gitlab server Signed-off-by: Stefan Berger -Author: Stefan Berger +Author: Stefan Berger Date: Thu Nov 15 19:55:02 2018 -0500 lib: tpm: Fix a memory leak Signed-off-by: Stefan Berger -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Nov 16 03:38:38 2018 +0300 doc: mention GOST private key unmasking and additional format support Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 13 11:25:17 2018 +0300 cert-tests: test parsing and decoding of GOST private keys @@ -3451,7 +8483,7 @@ Date: Tue Nov 13 11:25:17 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 13 11:23:37 2018 +0300 certtool: support --pkcs-cipher none @@ -3462,7 +8494,7 @@ Date: Tue Nov 13 11:23:37 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 13 03:02:35 2018 +0300 nettle/gost: gostdsa: use size_t instead of mp_limb_t @@ -3472,7 +8504,7 @@ Date: Tue Nov 13 03:02:35 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 13 02:48:05 2018 +0300 pkcs8: support GOST keys without encapsulation @@ -3483,14 +8515,14 @@ Date: Tue Nov 13 02:48:05 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 13 02:47:39 2018 +0300 nettle: unmaks GOST private keys if necessary Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 13 02:45:18 2018 +0300 nettle/gost: support GOST key unmasking @@ -3501,21 +8533,21 @@ Date: Tue Nov 13 02:45:18 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Stefan Berger +Author: Stefan Berger Date: Thu Nov 15 12:43:01 2018 -0500 tpmtool: Fix a memory leak related to TPM key list Signed-off-by: Stefan Berger -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 15 16:03:38 2018 +0100 updated auto-generated-files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 14 13:56:52 2018 +0100 anti_replay: moved new add function into anti_replay structure @@ -3535,7 +8567,7 @@ Date: Tue Nov 13 22:49:26 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 13 09:24:06 2018 +0100 gnutls_x509_privkey_import_ecc_raw(): fail on invalid sizes @@ -3561,7 +8593,7 @@ Date: Sun Nov 11 08:52:13 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 14 13:42:01 2018 +0100 tests: added a test for detecting duplicate early data @@ -3570,7 +8602,7 @@ Date: Wed Nov 14 13:42:01 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 14 01:43:05 2018 +0300 tests: add testfile from RFC4134 Section 4.5 @@ -3580,7 +8612,7 @@ Date: Wed Nov 14 01:43:05 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Nov 12 03:34:31 2018 +0300 pkcs7: allow BER encoding when parsing encapContentInfo.eContent @@ -3590,7 +8622,7 @@ Date: Mon Nov 12 03:34:31 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 14 01:49:08 2018 +0300 configure.ac: drop obsolete info line @@ -3603,21 +8635,21 @@ Date: Wed Nov 14 01:49:08 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov Noted-by: Dilyan Palauzov -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Nov 13 10:07:09 2018 +0100 build: minor cleanup of mech-list.h generation Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Nov 13 10:02:17 2018 +0100 README-ci.freebsd.md: require autogen Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Nov 12 13:41:19 2018 +0100 build: remove autogen .bak files from the repository @@ -3630,14 +8662,14 @@ Date: Mon Nov 12 13:41:19 2018 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Nov 12 15:48:44 2018 +0100 build: use suffix rules for generating .bak files Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Nov 12 15:48:14 2018 +0100 build: use AM_MISSING_PROG for autogen @@ -3647,7 +8679,7 @@ Date: Mon Nov 12 15:48:14 2018 +0100 Signed-off-by: Daiki Ueno -Author: Stefan Berger +Author: Stefan Berger Date: Mon Nov 12 09:20:44 2018 -0500 tpm: Fix memory leak in encode_tpmkey_url @@ -3658,21 +8690,21 @@ Date: Mon Nov 12 09:20:44 2018 -0500 Signed-off-by: Stefan Berger -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Oct 15 13:35:43 2018 +0200 doc: mention 0-RTT Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Sun Oct 21 07:34:07 2018 +0200 serv: enable anti-replay when early data is used Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Oct 19 17:52:48 2018 +0200 TLS 1.3: implement anti-replay measure using ClientHello recording @@ -3682,7 +8714,7 @@ Date: Fri Oct 19 17:52:48 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Nov 1 15:37:42 2018 +0100 db: introduce gnutls_db_set_add_function @@ -3692,7 +8724,7 @@ Date: Thu Nov 1 15:37:42 2018 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Nov 8 17:54:11 2018 +0100 db: introduce gnutls_db_check_entry_expire_time @@ -3705,7 +8737,7 @@ Date: Thu Nov 8 17:54:11 2018 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Oct 22 15:26:07 2018 +0200 tls13/session_ticket: record timestamp in ticket @@ -3715,42 +8747,42 @@ Date: Mon Oct 22 15:26:07 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Nov 8 15:46:42 2018 +0100 str: suppress compiler warning when time_t is 32-bit Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Oct 22 11:12:02 2018 +0200 testcompat-tls13-openssl: exercise early data transmission Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Oct 15 11:29:56 2018 +0200 tests: add tests for early data Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Oct 12 13:33:13 2018 +0200 cli: add --earlydata option Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Oct 12 13:33:00 2018 +0200 serv: add --earlydata option Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Oct 12 13:34:21 2018 +0200 record: introduce new API functions for early data @@ -3761,7 +8793,7 @@ Date: Fri Oct 12 13:34:21 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Oct 12 11:45:59 2018 +0200 handshake: handle early data @@ -3775,7 +8807,7 @@ Date: Fri Oct 12 11:45:59 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Sun Oct 28 07:57:34 2018 +0100 session_pack: record max_early_data_size in session data @@ -3785,7 +8817,7 @@ Date: Sun Oct 28 07:57:34 2018 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Sun Oct 28 07:57:57 2018 +0100 record: fix memleak when rejecting early data @@ -3797,7 +8829,7 @@ Date: Sun Oct 28 07:57:57 2018 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Oct 12 17:10:51 2018 +0200 constate: add epoch_rel argument to _gnutls_epoch_dup @@ -3810,14 +8842,14 @@ Date: Fri Oct 12 17:10:51 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Oct 12 11:29:57 2018 +0200 handshake: refactor early secret derivation Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Oct 5 10:41:23 2018 +0200 handshake: record transcript hash for ClientHello @@ -3827,7 +8859,7 @@ Date: Fri Oct 5 10:41:23 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Oct 5 11:13:24 2018 +0200 ext/pre_shared_key: use predefined macros for secret labels @@ -3871,7 +8903,7 @@ Date: Fri Nov 9 20:11:42 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 6 14:47:41 2018 +0300 src: update autogenerated .bak files @@ -3880,7 +8912,7 @@ Date: Tue Nov 6 14:47:41 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 6 14:42:56 2018 +0300 src: include .bak files in EXTRA_DIST @@ -3891,7 +8923,7 @@ Date: Tue Nov 6 14:42:56 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 6 14:34:18 2018 +0300 src: update .bak files during -args.c/.h regeneration @@ -3901,14 +8933,14 @@ Date: Tue Nov 6 14:34:18 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 6 12:01:49 2018 +0300 doc: fix texi generation in out-of-tree builds Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 6 10:52:47 2018 +0300 src: mark autogen'ed sources as nodist_ @@ -3918,7 +8950,7 @@ Date: Tue Nov 6 10:52:47 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Nov 5 16:37:02 2018 +0300 Makefile.am: drop manpages regeneration from dist-hook @@ -3928,7 +8960,7 @@ Date: Mon Nov 5 16:37:02 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Nov 5 16:22:25 2018 +0300 manpages: fix manpages distribution @@ -3940,7 +8972,7 @@ Date: Mon Nov 5 16:22:25 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Nov 5 15:02:50 2018 +0300 manpages: fix tools manpages generation @@ -3950,7 +8982,7 @@ Date: Mon Nov 5 15:02:50 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Nov 5 14:53:46 2018 +0300 manpages: un-unroll the loop @@ -3960,7 +8992,7 @@ Date: Mon Nov 5 14:53:46 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Nov 5 14:30:53 2018 +0300 configure.ac: merge autogen/libopts checks @@ -3970,7 +9002,7 @@ Date: Mon Nov 5 14:30:53 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Nov 5 13:12:51 2018 +0300 doc: fix documentation generation in out-of-tree builds @@ -3980,7 +9012,7 @@ Date: Mon Nov 5 13:12:51 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Nov 5 00:43:55 2018 +0300 cfg.mk: fix ChangeLog generation on out-of-tree builds @@ -3990,7 +9022,7 @@ Date: Mon Nov 5 00:43:55 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sun Nov 4 14:29:11 2018 +0300 src: args-std.def: substitute variables using configure @@ -4024,7 +9056,7 @@ Date: Mon Nov 5 20:51:33 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Stefan Berger +Author: Stefan Berger Date: Fri Nov 2 18:33:32 2018 -0400 tpmtool: Support --srk-well-known for SRK with 20 zero bytes password @@ -4033,7 +9065,7 @@ Date: Fri Nov 2 18:33:32 2018 -0400 Signed-off-by: Stefan Berger -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 7 09:56:56 2018 +0100 testcompat-openssl: do not test DSS or small curves with 1.1.1 @@ -4043,7 +9075,7 @@ Date: Wed Nov 7 09:56:56 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 7 10:20:32 2018 +0100 doc/credentials: increased key size in RSA client cert @@ -4053,14 +9085,14 @@ Date: Wed Nov 7 10:20:32 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 7 10:16:10 2018 +0100 certtool: allow --update-certificate to replace public key Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 7 08:37:23 2018 +0100 README.md: updated instructions to apply to fedora29 @@ -4076,7 +9108,7 @@ Date: Thu Oct 4 14:57:47 2018 +0200 Signed-off-by: Ander Juaristi -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Nov 1 13:43:17 2018 +0100 ext/record_size_limit: handle the extension in TLS 1.2 ServerHello @@ -4108,7 +9140,7 @@ Date: Tue Oct 30 19:46:09 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 19 12:04:29 2018 +0200 gnutls_priority_set: re-organized @@ -4120,7 +9152,7 @@ Date: Fri Oct 19 12:04:29 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 17 14:53:47 2018 +0200 gnutls_priority_set: do not override the version after handshake is complete @@ -4134,7 +9166,7 @@ Date: Wed Oct 17 14:53:47 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 30 10:28:20 2018 +0100 gnutls-serv: use default priorities when none are given @@ -4143,7 +9175,7 @@ Date: Tue Oct 30 10:28:20 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Oct 29 01:42:28 2018 +0300 self-tests: add GOST public key tests @@ -4195,14 +9227,14 @@ Date: Fri Oct 26 13:22:23 2018 -0400 Signed-off-by: Simo Sorce -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sun Oct 28 15:44:15 2018 +0300 NEWS: Add entry mentioning fix of S-BOXes for CryptoPro-B,-C,-D variants Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sun Oct 28 10:13:00 2018 +0300 self-tests: add GOST symmetric algorithms tests @@ -4215,7 +9247,7 @@ Date: Sun Oct 28 10:13:00 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sun Oct 28 10:11:21 2018 +0300 nettle: fix s-boxes selection for rare GOST 28147-89 variants @@ -4232,7 +9264,7 @@ Date: Fri Oct 26 22:50:52 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Oct 24 13:08:45 2018 +0200 ext/pre_shared_key: don't assume ob_ticket_age < ticket_age_add @@ -4242,7 +9274,7 @@ Date: Wed Oct 24 13:08:45 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Oct 25 12:32:52 2018 +0200 tls13/session_ticket: calculate ticket_age in milliseconds @@ -4253,14 +9285,14 @@ Date: Thu Oct 25 12:32:52 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Oct 26 08:18:01 2018 +0200 str: add macros to encode/decode struct timespec value Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Oct 25 13:47:13 2018 +0200 system: provide a means to replace gettime implementation @@ -4277,14 +9309,14 @@ Date: Wed Oct 24 15:45:23 2018 -0400 Add selftest for CFB8 -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Oct 25 12:09:05 2018 +0200 _gnutls_timespec_cmp: new inline function Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Oct 25 12:02:53 2018 +0200 tls13/session_ticket: rename tls13_ticket_t type to tls13_ticket_st @@ -4293,7 +9325,7 @@ Date: Thu Oct 25 12:02:53 2018 +0200 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 25 08:29:27 2018 +0200 gnutls-cli: reduce printed session information @@ -4304,7 +9336,7 @@ Date: Thu Oct 25 08:29:27 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 24 13:05:58 2018 +0200 gnutls-cli: do not print errors twice @@ -4329,7 +9361,7 @@ Date: Wed Oct 24 12:14:51 2018 -0400 Signed-off-by: Simo Sorce -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 15 15:59:48 2018 +0200 p11tool: fix initialization of security officer's PIN @@ -4344,7 +9376,7 @@ Date: Mon Oct 15 15:59:48 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 23 15:20:45 2018 +0200 fips140: aligned code with documentation @@ -4431,7 +9463,7 @@ Date: Thu Oct 18 11:09:09 2018 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 16 15:06:04 2018 +0200 tests: eagain-auto-auth: only compiled in systems with cmocka available @@ -4440,7 +9472,7 @@ Date: Tue Oct 16 15:06:04 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 12 16:36:12 2018 +0200 tlsfuzzer: updated to latest upstream and enabled new tests @@ -4449,7 +9481,7 @@ Date: Fri Oct 12 16:36:12 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 12 17:08:15 2018 +0200 handshake: send missing extension alert @@ -4459,7 +9491,7 @@ Date: Fri Oct 12 17:08:15 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 4 08:27:10 2018 +0200 _gnutls_server_select_cert: return error when no server cert is selected @@ -4472,7 +9504,7 @@ Date: Thu Oct 4 08:27:10 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 1 11:58:15 2018 +0200 gnutls_init: added flag for automatic re-authentication @@ -4484,7 +9516,7 @@ Date: Mon Oct 1 11:58:15 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 29 14:21:59 2018 +0200 pkcs11 uris: the URI scheme is case insensitive @@ -4556,7 +9588,7 @@ Date: Sat Oct 6 16:43:33 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 4 08:29:41 2018 +0200 doc: fix use of gnutls_ext_raw_parse callback [ci skip] @@ -4576,7 +9608,7 @@ Date: Sun Sep 30 22:05:59 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 2 11:57:31 2018 +0200 encrypt_packet_tls13: added explicit check on iv_size bounds @@ -4587,14 +9619,14 @@ Date: Tue Oct 2 11:57:31 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 1 09:18:46 2018 +0200 privkey_pkcs8: added reference for validation parameters OID [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 1 08:31:16 2018 +0200 NEWS: corrected typo [ci skip] @@ -4614,7 +9646,7 @@ Date: Thu Sep 27 21:11:21 2018 +0200 Signed-off-by: Tim Rühsen -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu Sep 27 11:02:33 2018 +0300 .gitlab-ci.yml: reenable SSLv2 hello support for SSL-3.0.Fedora.x86_64 @@ -4624,7 +9656,7 @@ Date: Thu Sep 27 11:02:33 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu Sep 27 01:05:09 2018 +0300 tlsfuzzer: disable SSL3.0 in export-ciphers-rejected test @@ -4635,7 +9667,7 @@ Date: Thu Sep 27 01:05:09 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu Sep 27 00:42:21 2018 +0300 tlsfuzzer: support running from separate build dir @@ -4645,7 +9677,7 @@ Date: Thu Sep 27 00:42:21 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Sep 25 17:00:14 2018 +0300 .gitlab-ci.yml: reenable full test suite in SSL-3.0/SHA-1 case @@ -4655,7 +9687,7 @@ Date: Tue Sep 25 17:00:14 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Sep 24 16:07:19 2018 +0300 tlsfuzzer: add missing script @@ -4665,7 +9697,7 @@ Date: Mon Sep 24 16:07:19 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu Sep 27 00:35:20 2018 +0300 tlsfuzzer: move common code to separate file @@ -4674,7 +9706,7 @@ Date: Thu Sep 27 00:35:20 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Sep 26 23:34:16 2018 +0300 tlsfuzzer: use random port for tls-fuzzer-nocert test @@ -4684,7 +9716,7 @@ Date: Wed Sep 26 23:34:16 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Sep 26 23:34:16 2018 +0300 tlsfuzzer: use random port for tls-fuzzer-cert test @@ -4701,7 +9733,7 @@ Date: Wed Sep 26 12:54:37 2018 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 26 09:38:04 2018 +0200 _gnutls_check_key_purpose: eliminated dead code @@ -4710,7 +9742,7 @@ Date: Wed Sep 26 09:38:04 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 25 13:52:25 2018 +0200 manpages: do not generate any manpages for openpgp.h @@ -4720,7 +9752,7 @@ Date: Tue Sep 25 13:52:25 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 25 13:06:57 2018 +0200 manpage generation: cleanup @@ -4733,21 +9765,21 @@ Date: Tue Sep 25 13:06:57 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 25 12:07:10 2018 +0200 doc: fixed missing function and enumeration parameters Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 25 14:12:26 2018 +0200 tests: removed unused file Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 25 18:10:12 2018 +0200 mech-list.h: generate unique entries @@ -4761,7 +9793,7 @@ Date: Mon Sep 24 17:33:03 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 21 16:31:58 2018 +0200 tests: pkcs12-utf8 depend on bash @@ -4773,14 +9805,14 @@ Date: Fri Sep 21 16:31:58 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 21 16:20:36 2018 +0200 bumped versions and updated NEWS file Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 21 16:18:23 2018 +0200 Enable the TLS1.3 protocol by default @@ -4790,7 +9822,7 @@ Date: Fri Sep 21 16:18:23 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 18 08:36:18 2018 +0200 gnutls-cli: enable CRL validation on startup @@ -4801,7 +9833,7 @@ Date: Tue Sep 18 08:36:18 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 20 16:44:51 2018 +0200 Provide a more flexible PKCS#11 search of trust store certificates @@ -4814,7 +9846,7 @@ Date: Thu Sep 20 16:44:51 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 18 08:35:32 2018 +0200 trust list: added flag to force failure on CRL validation error @@ -4841,7 +9873,7 @@ Date: Tue Sep 18 15:35:20 2018 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 19 14:15:20 2018 +0200 session tickets: check timestamp for validity @@ -4853,7 +9885,7 @@ Date: Wed Sep 19 14:15:20 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 20 10:11:42 2018 +0200 ECC export/import: updated documentation on EdDSA curves @@ -4864,7 +9896,7 @@ Date: Thu Sep 20 10:11:42 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 19 15:03:32 2018 +0200 tests: use virt-time.h in resumption tests @@ -4885,7 +9917,7 @@ Date: Tue Sep 18 09:40:20 2018 +0200 Signed-off-by: Ander Juaristi -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Sep 18 03:05:51 2018 +0300 certtool: print GOST public key with MSB first @@ -4895,7 +9927,7 @@ Date: Tue Sep 18 03:05:51 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Sep 18 03:05:51 2018 +0300 x509: print_pubkey: print GOST public key with MSB first @@ -4905,7 +9937,7 @@ Date: Tue Sep 18 03:05:51 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Sep 18 00:53:17 2018 +0300 lib: use little endian when importing/exporting GOST keys @@ -4916,7 +9948,7 @@ Date: Tue Sep 18 00:53:17 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Sep 18 00:51:05 2018 +0300 mpi: add function to dprint mpi in little endianness @@ -4926,7 +9958,7 @@ Date: Tue Sep 18 00:51:05 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Sep 17 12:26:31 2018 +0300 gnutls.h: correct GOST R number references [ci skip] @@ -4948,14 +9980,14 @@ Date: Mon Sep 17 10:12:38 2018 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 17 15:14:12 2018 +0200 tests: pkcs1-pad: run with SHA-1 enabled or disabled Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 17 12:58:38 2018 +0200 .gitlab-ci.yml: enable run with SHA-1 enabled @@ -4965,7 +9997,7 @@ Date: Mon Sep 17 12:58:38 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 17 09:28:08 2018 +0200 gnutls_x509_trust_list_add_trust_mem: fix behavior with unaccounted certs @@ -4977,7 +10009,7 @@ Date: Mon Sep 17 09:28:08 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 17 09:12:29 2018 +0200 gnutls_x509_trust_list_add_cas: corrected return value @@ -4990,7 +10022,7 @@ Date: Mon Sep 17 09:12:29 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 17 09:10:24 2018 +0200 fixed documentation in trust list functions @@ -5025,7 +10057,7 @@ Date: Sun Sep 16 15:35:19 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 14 16:32:05 2018 +0200 Fix variable used in reallocation @@ -5038,14 +10070,14 @@ Date: Fri Sep 14 16:32:05 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 22 15:25:06 2018 +0200 .gitignore: updated Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 22 10:08:41 2018 +0200 dtls: recover when a NewSessionTicket message is lost @@ -5059,7 +10091,7 @@ Date: Wed Aug 22 10:08:41 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Aug 27 17:44:35 2018 +0200 tlsfuzzer: remove duplicate tests and sort them alphabetically @@ -5073,7 +10105,7 @@ Date: Mon Sep 10 17:35:08 2018 +0200 Signed-off-by: Andreas Schwab -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 20 15:17:04 2018 +0200 priority: be backwards compatible with priority strings starting with NONE @@ -5104,14 +10136,14 @@ Date: Fri Aug 24 16:27:36 2018 +0200 Signed-off-by: Tim Rühsen -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Aug 21 15:02:56 2018 +0200 ext/pre_shared_key: use consistent name for regitration entry Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Aug 21 14:54:41 2018 +0200 ext/pre_shared_key: make ticket age calculation consistent @@ -5133,7 +10165,7 @@ Date: Tue Aug 21 14:54:41 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Aug 17 15:45:20 2018 +0200 tls13/psk_ext_parser: simplify the iterator interface @@ -5144,7 +10176,7 @@ Date: Fri Aug 17 15:45:20 2018 +0200 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 21 16:18:11 2018 +0200 gnutls-cli-debug: mention RFC8446 for TLS1.3 and RFC8422 for X25519 @@ -5162,7 +10194,7 @@ Date: Tue Aug 21 13:10:48 2018 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 17 14:02:34 2018 +0200 handshake: do not negotiate TLS1.3 using the legacy version field @@ -5174,14 +10206,14 @@ Date: Fri Aug 17 14:02:34 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 17 12:57:25 2018 +0200 handshake: simplified protocol version checking functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 17 10:50:15 2018 +0200 tlsfuzzer: modify to use the final code points @@ -5217,7 +10249,7 @@ Date: Wed Aug 15 18:29:32 2018 +0200 Signed-off-by: Tom Vrancken -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Aug 10 14:06:16 2018 +0200 ext/record_size_limit: new extension @@ -5231,7 +10263,7 @@ Date: Fri Aug 10 14:06:16 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Aug 14 16:46:12 2018 +0200 ext/max_record: remove use of extension private data @@ -5242,7 +10274,7 @@ Date: Tue Aug 14 16:46:12 2018 +0200 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 17 14:43:30 2018 +0200 gnutls_session_resumption_requested: fixed behavior under TLS1.3 @@ -5266,14 +10298,14 @@ Date: Sun Aug 19 18:59:02 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 17 14:48:56 2018 +0200 hello_ext: removed bogus comment Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 17 16:08:37 2018 +0200 .gitmodules: gnulib submodule is now synced from libidn's mirror @@ -5285,7 +10317,7 @@ Date: Fri Aug 17 16:08:37 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Wed Aug 15 14:20:43 2018 +0200 Fix two typos (overriden/guarranteed) @@ -5313,28 +10345,28 @@ Date: Mon Aug 13 20:19:55 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 9 16:13:50 2018 +0200 gnutls_session_set_premaster: corrected error checks Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 9 16:12:36 2018 +0200 pubkey_verify_hashed_data: apply algorithm checks Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 9 16:09:21 2018 +0200 privkey_sign_raw_data: use assert to mark code which always succeeds Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 9 16:05:47 2018 +0200 _gnutls_send_change_cipher_spec: removed unnecessary test @@ -5350,7 +10382,7 @@ Date: Mon Aug 13 21:04:56 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 7 16:27:19 2018 +0200 gnutls_memset: use explicit_bzero @@ -5373,7 +10405,7 @@ Date: Tue Aug 7 09:52:55 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Aug 7 14:45:07 2018 +0200 ext/pre_shared_key: prevent crash if no server credentials are set @@ -5388,7 +10420,7 @@ Date: Tue Aug 7 14:45:07 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Aug 7 13:21:16 2018 +0200 tlsfuzzer: update to the latest version @@ -5399,7 +10431,7 @@ Date: Tue Aug 7 13:21:16 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Aug 7 12:32:56 2018 +0200 alert: map GNUTLS_E_NO_COMMON_KEY_SHARE to handshake_failure @@ -5412,7 +10444,7 @@ Date: Tue Aug 7 12:32:56 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Aug 7 11:43:32 2018 +0200 algorithms: add support for FFDHE6144 @@ -5434,7 +10466,7 @@ Date: Fri Aug 3 22:26:47 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 3 14:13:14 2018 +0200 Ensure we are sending the right protocol version on second client hello @@ -5474,7 +10506,7 @@ Date: Mon Jul 30 21:50:35 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 30 16:48:26 2018 +0200 resume: keep persistent session identifiers @@ -5489,14 +10521,14 @@ Date: Mon Jul 30 16:48:26 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Jul 19 15:57:59 2018 +0200 .gitlab-ci.yml: include fuzz/*.log in artifacts Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Jul 18 15:56:17 2018 +0200 tests: tls-fuzzer: enable tests relying on header fragmentation @@ -5506,14 +10538,14 @@ Date: Wed Jul 18 15:56:17 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Aug 2 15:44:15 2018 +0200 record: send unexpected_message upon empty unencrypted records Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jul 27 06:30:41 2018 +0200 buffers: handle very short fragmentation of handshake messages @@ -5528,7 +10560,7 @@ Date: Fri Jul 27 06:30:41 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jul 27 06:23:12 2018 +0200 mbuffers: introduce _mbuffer_head_push_first @@ -5540,7 +10572,7 @@ Date: Fri Jul 27 06:23:12 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jul 27 06:10:37 2018 +0200 _gnutls_parse_record_buffered_msgs: eliminate local variable usage @@ -5552,7 +10584,7 @@ Date: Fri Jul 27 06:10:37 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jul 27 05:35:02 2018 +0200 buffers: avoid confusion in fragment length calculation @@ -5563,7 +10595,7 @@ Date: Fri Jul 27 05:35:02 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Aug 2 16:59:27 2018 +0200 tlsfuzzer: update to the latest version @@ -5572,7 +10604,7 @@ Date: Thu Aug 2 16:59:27 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Jul 16 11:30:05 2018 +0200 TLS 1.3: ignore "early_data" extension @@ -5595,7 +10627,7 @@ Date: Fri Aug 3 21:45:14 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 19 15:52:26 2018 +0200 tls1.3: server returns early on handshake when no cert is provided by client @@ -5610,7 +10642,7 @@ Date: Thu Jul 19 15:52:26 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 23 15:01:49 2018 +0200 gnutls-serv: don't close connection properly when handshake is not yet complete @@ -5622,7 +10654,7 @@ Date: Mon Jul 23 15:01:49 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 2 16:16:27 2018 +0200 gnutls-cli: corrected input buffer null-termination @@ -5635,7 +10667,7 @@ Date: Thu Aug 2 16:16:27 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 31 11:37:50 2018 +0200 certtool: added example of converting to DER in manpage @@ -5651,7 +10683,7 @@ Date: Fri Jul 27 23:46:50 2018 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 27 11:58:38 2018 +0200 ext/key_share: check the validity of server key shares @@ -5663,7 +10695,7 @@ Date: Fri Jul 27 11:58:38 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 26 15:37:58 2018 +0200 gnutls-serv: improve output under TLS1.3 @@ -5674,7 +10706,7 @@ Date: Thu Jul 26 15:37:58 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 26 15:06:34 2018 +0200 fuzz: updated traces for latest TLS1.3 draft @@ -5683,7 +10715,7 @@ Date: Thu Jul 26 15:06:34 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 26 12:40:54 2018 +0200 tests: run tls-fuzzer PSK testsuite @@ -5692,7 +10724,7 @@ Date: Thu Jul 26 12:40:54 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 26 11:27:23 2018 +0200 tests: added unit test of handshake with large certificate @@ -5704,7 +10736,7 @@ Date: Thu Jul 26 11:27:23 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 26 11:02:37 2018 +0200 certtool: eliminated limits in certificate export size @@ -5714,7 +10746,7 @@ Date: Thu Jul 26 11:02:37 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 26 10:56:25 2018 +0200 certtool: eliminate maximum limit in fields read with READ_MULTI_LINE_TOKENIZED() @@ -5723,14 +10755,14 @@ Date: Thu Jul 26 10:56:25 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 25 16:41:38 2018 +0200 gnutls.h: corrected typo Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 25 14:48:47 2018 +0200 send_client_hello: don't override version after HRR is received @@ -5746,7 +10778,7 @@ Date: Wed Jul 25 14:48:47 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 25 13:08:35 2018 +0200 hello_ext_parse: apply the test for pre-shared key ext being last on client hello @@ -5772,14 +10804,14 @@ Date: Tue Jul 24 20:58:10 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 24 16:48:32 2018 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 24 16:38:08 2018 +0200 allow no certificates to be reported by the gnutls_certificate_retrieve_function callbacks @@ -5791,7 +10823,7 @@ Date: Tue Jul 24 16:38:08 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Jul 20 20:49:28 2018 +0300 cert-cred: fix possible segfault when resetting cert retrieval function @@ -5804,7 +10836,7 @@ Date: Fri Jul 20 20:49:28 2018 +0300 Fixes: 9829ef9a3ca06d60472599df7c74ebb9a53f1fe2 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sun Jul 22 20:31:36 2018 +0300 kx: for uniformity print master secret size @@ -5815,7 +10847,7 @@ Date: Sun Jul 22 20:31:36 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sun Jul 22 20:31:09 2018 +0300 constate: dump full key block to log @@ -5824,7 +10856,7 @@ Date: Sun Jul 22 20:31:09 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sun Jul 22 20:30:04 2018 +0300 constate: dump MAC keys to debug log @@ -5834,7 +10866,7 @@ Date: Sun Jul 22 20:30:04 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sun Jul 22 20:25:35 2018 +0300 constate: drop unused variable in _gnutls_set_keys @@ -5846,7 +10878,7 @@ Date: Sun Jul 22 20:25:35 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov Fixes: 8bdb8d53aa5b4c5d04255b6c9b5f2dac8b23d51b -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Jul 21 13:23:42 2018 +0300 cert auth: simplify certificate selection code @@ -5865,7 +10897,7 @@ Date: Thu Jul 19 12:50:13 2018 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 17 09:03:38 2018 +0200 gnutls_x509_privkey_import_ecc_raw: encode parameters on import @@ -5881,7 +10913,7 @@ Date: Tue Jul 17 09:03:38 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu Jul 19 14:19:07 2018 +0300 certtool: use gnutls_gost_paramset_get_name @@ -5892,7 +10924,7 @@ Date: Thu Jul 19 14:19:07 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 19 11:24:04 2018 +0200 gnutls-cli: do not fail if CKA_ID is too long @@ -5922,7 +10954,7 @@ Date: Thu Jul 19 06:06:34 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 16 14:04:01 2018 +0200 gnutls_priority_init: fix err_pos on invalid strings @@ -5946,14 +10978,14 @@ Date: Tue Jul 17 21:55:33 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 17 08:17:13 2018 +0200 doc: simplified documentation on threads Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 17 13:53:02 2018 +0200 examples: tlsproxy: eliminated warnings @@ -6018,49 +11050,49 @@ Date: Sat Jul 14 08:27:26 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 13 16:11:16 2018 +0200 NEWS: doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 13 14:23:28 2018 +0200 nettle/rnd-fips: updated documentation Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 13 14:01:44 2018 +0200 gnutls-cli: improve error reporting with -l --priority option Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 13 11:18:21 2018 +0200 cipher-listings: use the sed found by configure script and make it portable Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 13 09:04:42 2018 +0200 tests: tls-fuzzer: separated SSL3.0 from TLS1.x tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 12 16:17:02 2018 +0200 gnutls-cli-debug: do not attempt SSL3.0 negotiation when not enabled Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 12 15:41:21 2018 +0200 priorities: ensure that SSL3.0 enablement fails early when disabled @@ -6070,7 +11102,7 @@ Date: Thu Jul 12 15:41:21 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 12 15:14:39 2018 +0200 The SSL 3.0 protocol is disabled on compile time by default @@ -6082,7 +11114,7 @@ Date: Thu Jul 12 15:14:39 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 13 08:45:49 2018 +0200 tests: gnutls-cli-debug.sh: corrected run under FIPS mode @@ -6116,7 +11148,7 @@ Date: Fri Jul 13 06:40:08 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 12 09:20:57 2018 +0200 gnutls-cli-debug: generalized cipher tests @@ -6126,14 +11158,14 @@ Date: Thu Jul 12 09:20:57 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 12 09:19:13 2018 +0200 gnutls-cli-debug: removed legacy tests no longer applicable Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 12 09:17:11 2018 +0200 gnutls-cli-debug: detect TLS1.3 support @@ -6149,14 +11181,14 @@ Date: Wed Jul 11 21:26:05 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Jul 3 11:33:21 2018 +0200 doc: update for TLS 1.3 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 09:56:35 2018 +0200 _gnutls13_recv_async_handshake: process multiple and split handshake messages @@ -6173,14 +11205,14 @@ Date: Mon Jul 2 09:56:35 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 10:18:23 2018 +0200 tests: check whether multiple tickets can be sent/received Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 10:11:41 2018 +0200 gnutls_session_ticket_send: allow sending multiple tickets in one go @@ -6197,7 +11229,7 @@ Date: Wed Jul 4 07:42:44 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 16:28:28 2018 +0200 generate_session_ticket: tickets cannot extend the original session time @@ -6209,7 +11241,7 @@ Date: Mon Jul 2 16:28:28 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 3 18:42:01 2018 +0200 pre_shared_key: do not send extension when no identities are present @@ -6223,14 +11255,14 @@ Date: Mon Jul 2 20:25:40 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 3 10:22:04 2018 +0200 doc: mention session ticket behavior under TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 16:29:04 2018 +0200 generate_session_ticket: use a 4-byte nonce by default @@ -6239,7 +11271,7 @@ Date: Mon Jul 2 16:29:04 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 16:22:04 2018 +0200 pre_shared_key: use time_t type for ticket_age variable @@ -6248,14 +11280,14 @@ Date: Mon Jul 2 16:22:04 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 16:19:35 2018 +0200 generate_session_ticket: fixed comment Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Jul 9 18:21:20 2018 +0300 lib: document digest and paramset in gost key import functions @@ -6265,7 +11297,7 @@ Date: Mon Jul 9 18:21:20 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Jul 9 14:22:34 2018 +0300 lib/x509: use new function to deduce default GOST paramset @@ -6275,7 +11307,7 @@ Date: Mon Jul 9 14:22:34 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Jul 9 14:02:14 2018 +0300 lib: remove undefined behaviour when handling GOST paramset @@ -6288,7 +11320,7 @@ Date: Mon Jul 9 14:02:14 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 9 12:40:59 2018 +0200 updated auto-generated files @@ -6320,7 +11352,7 @@ Date: Sat Jul 7 19:48:14 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Sat Jul 7 14:20:01 2018 +0200 configure: Fix progress message for --enable-tls13-support @@ -6336,7 +11368,7 @@ Date: Sat Jul 7 10:21:51 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 3 08:49:06 2018 +0200 configure: added option --enable-tls13-support @@ -6349,7 +11381,7 @@ Date: Tue Jul 3 08:49:06 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 3 11:45:31 2018 +0200 _gnutls_figure_common_ciphersuite: apply rfc7919 requirements only under TLS1.2 @@ -6359,7 +11391,7 @@ Date: Tue Jul 3 11:45:31 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 3 09:06:27 2018 +0200 supported_versions: do not parse in server side when TLS1.3 is disabled @@ -6369,7 +11401,7 @@ Date: Tue Jul 3 09:06:27 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 3 08:31:13 2018 +0200 protocols: bumped TLS1.3 protocol to draft-28 @@ -6378,21 +11410,21 @@ Date: Tue Jul 3 08:31:13 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 4 10:08:06 2018 +0200 tests: mini-record-timing: avoid warning for too large stack usage Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 11:47:34 2018 +0200 tlsfuzzer: updated to include RSA and RSA-PSS related tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 08:32:52 2018 +0200 sign_supports_cert_pk_algorithm: corrected check for RSAE-PSS @@ -6406,7 +11438,7 @@ Date: Mon Jul 2 08:32:52 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 14:12:48 2018 +0200 tlsproxy: included but not as submodule @@ -6416,7 +11448,7 @@ Date: Mon Jul 2 14:12:48 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 14:12:15 2018 +0200 tlsproxy: removed submodule @@ -6517,7 +11549,7 @@ Date: Wed Jun 27 21:31:43 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 27 15:00:13 2018 +0200 tests: check for GNUTLS_E_GOT_APPLICATION_DATA on post-handshake auth @@ -6530,7 +11562,7 @@ Date: Wed Jun 27 15:00:13 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 27 14:38:40 2018 +0200 post-handshake: return GNUTLS_E_GOT_APPLICATION_DATA as documented to @@ -6539,7 +11571,7 @@ Date: Wed Jun 27 14:38:40 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 27 13:57:11 2018 +0200 tests: introduced test for post-handshake auth + PSK @@ -6548,7 +11580,7 @@ Date: Wed Jun 27 13:57:11 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 27 14:19:02 2018 +0200 tls13 handshake: allow certificate messages after handshake @@ -6560,7 +11592,7 @@ Date: Wed Jun 27 14:19:02 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 27 13:41:13 2018 +0200 gnutls_session_get_flags: introduced GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH @@ -6571,7 +11603,7 @@ Date: Wed Jun 27 13:41:13 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 2 08:10:45 2018 +0200 gnutls-serv: make --disable-client-cert and --require-client-cert options incompatible @@ -6616,7 +11648,7 @@ Date: Tue Jun 26 12:50:30 2018 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 21 11:29:19 2018 +0200 testcompat-tls13-openssl: fix openssl interactions @@ -6632,7 +11664,7 @@ Date: Thu Jun 21 11:29:19 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 22 14:14:07 2018 +0200 gnutls-serv: when post-handshake auth is asked; require a certificate @@ -6641,7 +11673,7 @@ Date: Fri Jun 22 14:14:07 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 21 15:05:40 2018 +0200 key update: corrected generation of keys @@ -6650,7 +11682,7 @@ Date: Thu Jun 21 15:05:40 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 21 08:46:04 2018 +0200 gnutls-cli: wait for all server data prior to closing connection @@ -6663,28 +11695,28 @@ Date: Thu Jun 21 08:46:04 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 27 13:34:16 2018 +0200 .gitignore: added new test executables Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 27 13:27:39 2018 +0200 tests: eliminated compiler warnings Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Jun 26 16:02:45 2018 +0300 Update .gitignore files according to bootstrap Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Jun 26 15:22:49 2018 +0300 src: fix regenerating autogen files if builddir = srcdir @@ -6715,7 +11747,7 @@ Date: Tue Jun 26 14:59:54 2018 +0200 Signed-off-by: Rolf Eike Beer -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Jun 26 11:38:58 2018 +0300 lib/nettle/gost: support building with mini-nettle/mini-gmp @@ -6794,7 +11826,7 @@ Date: Sun Jun 24 21:50:15 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 18 13:14:03 2018 +0200 .gitlab-ci.yml: use qemu for aarch64 testing @@ -6848,14 +11880,14 @@ Date: Sat Jun 23 19:35:13 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Jun 15 13:38:44 2018 +0300 tests: add PKCS#12 test script for GOST 28147-89-encrypted files Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Jun 15 13:06:41 2018 +0300 certtool: honour --hash option when generating PKCS#12 files @@ -6865,35 +11897,35 @@ Date: Fri Jun 15 13:06:41 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sun Sep 24 10:31:39 2017 +0300 tests: expand pkcs7 test to also check GOST files Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Sep 23 22:51:19 2017 +0300 test: test GOST keys import/export Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Sep 23 21:40:34 2017 +0300 certtool: ask if certificate will be used for data encryption Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Sep 23 21:37:18 2017 +0300 tests: add common gost certificates for tests Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Dec 6 03:57:24 2016 +0300 Support key matching with GOST keys @@ -6903,84 +11935,84 @@ Date: Tue Dec 6 03:57:24 2016 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Nov 26 04:51:41 2016 +0300 Add generated GOST credentials for tests Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Nov 21 20:58:00 2016 +0300 Use GOST R 34.11-94 when generating key for PKCS data to be encrypted with GOST 28147-89 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Nov 21 20:52:43 2016 +0300 certtool: support generating GOST-encrypted PKCS#8/12 files Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Nov 18 00:23:54 2016 +0300 Add gost certificates to chainverify tests Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu Nov 17 10:47:16 2016 +0300 Expand x509 sign/verify test with GOST algorithms Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu Nov 17 10:22:11 2016 +0300 oids: expand to include GOST digests/signatures Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Aug 29 17:44:10 2017 +0300 tests: privkey-keygen: adapt to support GOST algorithms Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Oct 24 20:56:46 2016 +0300 Support GOST private keys generation Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 18:01:20 2016 +0300 certtool: support dumping GOST private key information Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 17:38:57 2016 +0300 Add several DN entry definitions used by qualified GOST signatures Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Aug 28 14:34:33 2017 +0300 certool: export GOST privkeys only in PKCS#8 format Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 9 14:19:58 2016 +0300 Add support for PKCS12 files using GOST MAC @@ -6990,42 +12022,42 @@ Date: Wed Nov 9 14:19:58 2016 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 9 14:02:56 2016 +0300 Add support for PBES2/PBKDF2 using GOST algorithms Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Jan 28 06:01:01 2017 +0300 Support PKCS#12 key derivation with GOST digests Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 17:56:04 2016 +0300 Add support for importing/exporting GOST private keys Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Sep 18 12:54:12 2017 +0300 Support importing/exporting X.509 GOST public keys Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 04:43:35 2016 +0300 Add ASN.1 definitions for GOST keys Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 04:07:36 2016 +0300 nettle: add support for GOST 34.10 public keys @@ -7035,49 +12067,49 @@ Date: Fri Oct 21 04:07:36 2016 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 17:05:38 2016 +0300 Add few functions to support basic operations with GOST public keys Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 04:02:30 2016 +0300 Add declarations for GOST R 34.10 signatures Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 03:55:10 2016 +0300 Define GOST R 34.10 curves Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 04:00:21 2016 +0300 Add declarations to support GOST public keys Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 29 05:28:17 2016 +0300 Add support for I/O of little-endian MPI Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Nov 29 05:30:10 2016 +0300 nettle: add support for unsigned LE MPIs Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 04:05:41 2016 +0300 nettle: add support for GOST 34.11 hash functions @@ -7086,28 +12118,28 @@ Date: Fri Oct 21 04:05:41 2016 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 04:05:07 2016 +0300 nettle: support GOST28147-89 in CFB mode Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu Oct 27 03:18:32 2016 +0300 Add declarations for GOST 28147-89 cipher in CFB mode Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 03:57:17 2016 +0300 Add declarations for GOST R 34.11 (-94 and -2012) digest algorithms Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Aug 29 15:12:53 2017 +0300 Import GOST-supporting part from Nettle pending patches @@ -7118,21 +12150,21 @@ Date: Tue Aug 29 15:12:53 2017 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sun Sep 17 20:57:52 2017 +0300 .gitlab-ci.yml: disable gost in minimal build Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Oct 26 22:34:17 2016 +0300 Add configure argument to disable GOST support Signed-off-by: Dmitry Eremin-Solenikov -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 12 10:16:10 2018 +0200 _gnutls_parse_hello_extensions: enforce that pre-shared-key extension is last @@ -7145,21 +12177,21 @@ Date: Tue Jun 12 10:16:10 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 12 10:01:22 2018 +0200 tests: check whether we send the pre-shared key extension after dumbfw Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 12 09:35:16 2018 +0200 tests: corrected typo in comment Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 8 10:48:32 2018 +0200 extensions: corrected order of pre-shared-key and dumbfw @@ -7176,7 +12208,7 @@ Date: Tue Jun 19 13:21:44 2018 +0200 Fix test code for -Werror -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 19 14:59:33 2018 +0200 tests: updated supplemental tests for TLS1.3 @@ -7186,7 +12218,7 @@ Date: Tue Jun 19 14:59:33 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 19 16:03:52 2018 +0200 gnutls_supplemental_register: disable TLS 1.3 globally @@ -7198,7 +12230,7 @@ Date: Tue Jun 19 16:03:52 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 19 14:42:13 2018 +0200 gnutls_session_supplemental_register: disable TLS1.3 when set @@ -7219,7 +12251,7 @@ Date: Tue Jun 19 12:02:13 2018 +0200 This patch also fixes test run issues on Windows. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 20 13:20:27 2018 +0200 gnutls-cli: introduce the rekey1 inline command @@ -7229,14 +12261,14 @@ Date: Wed Jun 20 13:20:27 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 18 11:33:34 2018 +0200 document new behavior on safe padding removal Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 18 11:22:36 2018 +0200 record: fail with invalid request when attempting to send no pad and no data @@ -7246,7 +12278,7 @@ Date: Mon Jun 18 11:22:36 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 18 11:15:56 2018 +0200 tests: enhance padding check @@ -7256,14 +12288,14 @@ Date: Mon Jun 18 11:15:56 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 18 11:03:40 2018 +0200 gnutls-cli: added CCM run under TLS1.2 in benchmark mode Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 18 11:00:39 2018 +0200 cipher: made TLS1.3 safe padding check optional @@ -7278,7 +12310,7 @@ Date: Mon Jun 18 11:00:39 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 19 13:16:13 2018 +0200 gnutls_session_get_id: document restrictions @@ -7290,14 +12322,14 @@ Date: Tue Jun 19 13:16:13 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 19 13:08:27 2018 +0200 tests: verify that resumed session ID matches original Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Jun 19 18:23:14 2018 +0300 Makefile.am: move autogen files update to src/Makefile.am @@ -7307,14 +12339,14 @@ Date: Tue Jun 19 18:23:14 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Jun 19 18:20:18 2018 +0300 Makefile.am: files-update: support out-of-tree builds Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Jun 19 11:26:09 2018 +0300 symbol-check: fix typo to make it work for out-of-tree builds @@ -7347,7 +12379,7 @@ Date: Sat Jun 16 15:27:02 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 18 15:10:32 2018 +0200 drbg-aes: removed the continuous DRBG checks @@ -7446,7 +12478,7 @@ Date: Thu Jun 14 13:47:41 2018 +0300 Signed-off-by: Martin Storsjo -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Jun 13 17:50:20 2018 +0200 tlsfuzzer: update to the latest version @@ -7455,7 +12487,7 @@ Date: Wed Jun 13 17:50:20 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Jun 13 17:47:50 2018 +0200 _gnutls13_handshake_server: send CCS immediately after HRR @@ -7465,14 +12497,14 @@ Date: Wed Jun 13 17:47:50 2018 +0200 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 14 13:43:30 2018 +0200 _gnutls13_handshake_server: corrected transition when post_handshake callback is set Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Jun 13 17:43:32 2018 +0200 _gnutls_send_change_cipher_spec: don't cache under TLS 1.3 @@ -7551,21 +12583,21 @@ Date: Sat Jun 2 21:23:41 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 14 14:51:23 2018 +0200 configure: reduce warnings about implicit-fallthrough [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 14 13:22:03 2018 +0200 gnutls_alert_send_appropriate: fix type Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 14 13:18:54 2018 +0200 README-ci.freebsd.md: updated for new build method with gnulib [ci skip] @@ -7689,7 +12721,7 @@ Date: Fri May 18 20:06:16 2018 +0200 Signed-off-by: Tim Rühsen -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Jun 13 12:12:18 2018 +0300 nettle: require Nettle library >= 3.4 @@ -7700,14 +12732,14 @@ Date: Wed Jun 13 12:12:18 2018 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Jun 12 13:01:17 2018 +0200 .gitlab-ci.yml: fix artifact paths for TLS1.3/interop Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 12 09:12:07 2018 +0200 tlsfuzzer-tls13: use a random port for testing @@ -7716,7 +12748,7 @@ Date: Tue Jun 12 09:12:07 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jun 8 13:13:27 2018 +0200 tlsfuzzer: update to the latest version @@ -7725,21 +12757,21 @@ Date: Fri Jun 8 13:13:27 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Jun 11 12:08:18 2018 +0200 buffers: remove redundant assignment Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Jun 11 10:51:16 2018 +0200 record: use correct alert type upon receiving empty Alert Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jun 8 15:55:06 2018 +0200 record: improve empty message handling in TLS 1.3 @@ -7754,7 +12786,7 @@ Date: Fri Jun 8 15:55:06 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jun 8 12:51:40 2018 +0200 record: fix padding removal when the payload is zero-length @@ -7791,14 +12823,14 @@ Date: Wed Jun 6 09:25:20 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 7 09:56:49 2018 +0200 cbc_mac_verify: require minimum padding under SSL3.0 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 7 09:54:50 2018 +0200 cipher: separated CBC w/o EtM handling @@ -7807,7 +12839,7 @@ Date: Thu Jun 7 09:54:50 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 4 17:57:52 2018 +0200 dummy_wait: always hash the same amount of blocks that would have been on minimum pad @@ -7819,7 +12851,7 @@ Date: Mon Jun 4 17:57:52 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 21 09:04:55 2018 +0200 cbc-record-check.sh: introduced @@ -7829,7 +12861,7 @@ Date: Mon May 21 09:04:55 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 18 15:43:36 2018 +0200 dummy_wait: correctly account the length field in SHA384 HMAC @@ -7855,7 +12887,7 @@ Date: Thu Jun 7 12:11:30 2018 +0200 Signed-off-by: Tim Rühsen Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 8 08:56:23 2018 +0200 gnutls_session_get_data2: harmonize documentation with practice @@ -7867,7 +12899,7 @@ Date: Wed Jun 6 12:45:13 2018 +0200 Fix variable overflow in TLS1.3 session ticket code -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jun 1 15:04:49 2018 +0200 tls13/session_ticket: don't send ticket when no common KE modes @@ -7878,7 +12910,7 @@ Date: Fri Jun 1 15:04:49 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Jun 5 14:08:26 2018 +0200 ext/psk_ke_modes: always send extension unless disabled in config @@ -7919,7 +12951,7 @@ Date: Wed May 23 22:22:27 2018 +0200 Signed-off-by: Tim Rühsen -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jun 1 09:54:41 2018 +0200 ext/pre_shared_key: make PSK identity parsing robuster @@ -7934,7 +12966,7 @@ Date: Fri Jun 1 09:54:41 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Jun 1 10:01:08 2018 +0200 _gnutls_decrypt_session_ticket: fail early on key name mismatch @@ -7986,14 +13018,14 @@ Date: Thu May 24 09:49:34 2018 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 22 09:14:45 2018 +0200 tests: resume: check whether PSK username matches on resumption Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 22 09:04:32 2018 +0200 resumption: reduce session parameters stored under TLS1.3 @@ -8003,7 +13035,7 @@ Date: Tue May 22 09:04:32 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 15 16:35:32 2018 +0200 session_ticket: use random nonces @@ -8013,21 +13045,21 @@ Date: Tue May 15 16:35:32 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 15 16:03:23 2018 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 15 14:14:55 2018 +0200 doc: mention changes under TLS 1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 15 11:22:24 2018 +0200 tests: added main use-case test for gnutls_session_ticket_send() @@ -8039,7 +13071,7 @@ Date: Tue May 15 11:22:24 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 15 11:21:55 2018 +0200 handshake: do not include async messages into transcript @@ -8049,7 +13081,7 @@ Date: Tue May 15 11:21:55 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 15 10:27:00 2018 +0200 gnutls_session_ticket_send: new function @@ -8059,7 +13091,7 @@ Date: Tue May 15 10:27:00 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 15 10:10:20 2018 +0200 handshake: store session parameters in TLS1.3 ticket @@ -8069,7 +13101,7 @@ Date: Tue May 15 10:10:20 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 14 16:05:27 2018 +0200 handshake: TLS1.3 async messages trigger the handshake hook @@ -8082,7 +13114,7 @@ Date: Mon May 14 16:05:27 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 14 14:33:15 2018 +0200 tests: check various parameters on resumption @@ -8097,7 +13129,7 @@ Date: Mon May 14 14:33:15 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Apr 17 13:32:18 2018 +0200 tests: exercise TLS 1.3 session resumption @@ -8110,7 +13142,7 @@ Date: Tue Apr 17 13:32:18 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Apr 30 14:27:52 2018 +0200 gnutls-cli: ignore E_AGAIN to accommodate async handshake message @@ -8122,7 +13154,7 @@ Date: Mon Apr 30 14:27:52 2018 +0200 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 14 09:01:59 2018 +0200 gnutls_auth_get_type: simplified @@ -8149,7 +13181,7 @@ Date: Mon Apr 16 17:13:47 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 10 14:25:12 2018 +0200 psk_ke_modes: introduce psk_ke_modes_is_required() and update doc @@ -8171,7 +13203,7 @@ Date: Thu Apr 12 17:58:47 2018 +0200 Signed-off-by: Ander Juaristi Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu May 3 09:39:15 2018 +0200 ext/pre_shared_key: fix binder calculation when HRR is sent @@ -8181,7 +13213,7 @@ Date: Thu May 3 09:39:15 2018 +0200 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Mon Apr 16 17:22:19 2018 +0200 handshake: record transcript offset of client Finished @@ -8245,14 +13277,14 @@ Date: Sat May 19 11:30:35 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 18 11:04:34 2018 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 18 09:19:16 2018 +0200 gnutls_pkcs11_token_get_ptr, gnutls_pkcs11_obj_get_ptr: introduced @@ -8427,7 +13459,7 @@ Date: Thu May 17 12:31:01 2018 +0200 Signed-off-by: Martin Sucha -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 7 09:52:32 2018 +0200 handshake: do not send TLS extensions under DTLS and vice versa @@ -8440,7 +13472,7 @@ Date: Mon May 7 09:52:32 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 7 11:51:41 2018 +0200 gnutls_ext_raw_parse: introduced GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO @@ -8449,35 +13481,35 @@ Date: Mon May 7 11:51:41 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 16 15:32:35 2018 +0200 tests: fix serv location in testcompat-main-openssl Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Sun May 13 14:39:14 2018 +0200 tests/suite: add missing file to dist Signed-off-by: Andreas Metzler -Author: Andreas Metzler +Author: Andreas Metzler Date: Sun May 13 14:33:17 2018 +0200 Allow running of test against installed gnutls-serv Signed-off-by: Andreas Metzler -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 4 14:55:21 2018 +0200 gnutls_certificate_set_retrieve_function3: updated documentation Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 2 14:30:24 2018 +0200 updated auto-generated files @@ -8531,7 +13563,7 @@ Date: Thu May 10 16:44:58 2018 +0200 Signed-off-by: Philippe Widmer -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 10 13:38:32 2018 +0200 tests: mini-record-timing: updated to work under newer gnutls [ci skip] @@ -8565,7 +13597,7 @@ Date: Sat May 5 23:21:16 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 7 08:12:12 2018 +0200 Makefile.am: optimized the abi-check configure step @@ -8615,21 +13647,21 @@ Date: Mon May 7 21:42:44 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 7 10:50:30 2018 +0200 tests: cookie: fixed exit condition [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 7 15:39:30 2018 +0200 doc update [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 7 08:17:09 2018 +0200 .gitlab-ci.yml: fixes in win32 builds @@ -8638,7 +13670,7 @@ Date: Mon May 7 08:17:09 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 4 08:39:30 2018 +0200 certtool: honor --ask-pass when loading a private key @@ -8711,14 +13743,14 @@ Date: Sat May 5 21:45:56 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 3 11:53:51 2018 +0200 tests: post handshake auth: test more combinations Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 3 11:48:46 2018 +0200 post_handshake_auth: send extension irrespective of certificates being present @@ -8729,7 +13761,7 @@ Date: Thu May 3 11:48:46 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 3 13:48:52 2018 +0200 updated auto-generated files @@ -8752,14 +13784,14 @@ Date: Sun Apr 8 18:38:47 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 23 10:07:32 2018 +0200 doc: clarified re-handshake details under TLS1.2 server Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 23 09:09:41 2018 +0200 tls13/certificate_request: corrected check of duplicate signature algorithms @@ -8772,7 +13804,7 @@ Date: Mon Apr 23 09:09:41 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 23 08:41:22 2018 +0200 gnutls_reauth: doc update @@ -8789,7 +13821,7 @@ Date: Fri Apr 20 21:35:52 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 20 14:51:15 2018 +0200 tls13/certificate: send empty certificate instead of skipping @@ -8802,7 +13834,7 @@ Date: Fri Apr 20 14:51:15 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 20 13:47:57 2018 +0200 _gnutls_figure_common_ciphersuite: ignore certificate check if PSK is negotiated @@ -8813,21 +13845,21 @@ Date: Fri Apr 20 13:47:57 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 20 10:53:51 2018 +0200 tls13/certificate_verify: corrected context in signatures in client side Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 20 10:47:59 2018 +0200 _gnutls13_handshake_sign_data: avoid unnecessary copy Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 20 09:01:28 2018 +0200 handshake: cleanup in TLS1.3 initial secret calculation @@ -8836,7 +13868,7 @@ Date: Fri Apr 20 09:01:28 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 20 08:06:14 2018 +0200 psk: compute binder which is compatible with draft-ietf-tls-tls13 @@ -8848,21 +13880,21 @@ Date: Fri Apr 20 08:06:14 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 4 08:06:35 2018 +0200 CONTRIBUTING.md: added text on CI [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 3 14:19:34 2018 +0200 tests: fallback scsv: check proper fallback under TLS 1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 3 15:13:13 2018 +0200 encrypt_packet_tls13: made size check safer @@ -8879,14 +13911,14 @@ Date: Sat Apr 28 11:14:34 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 23 15:02:53 2018 +0200 tests: check the behavior of TLS1.2 key exchange methods under TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 23 15:11:28 2018 +0200 psk: mark psk_ke_modes as invalid when ignored @@ -8901,7 +13933,7 @@ Date: Mon Apr 23 15:11:28 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 23 15:01:48 2018 +0200 priority: handle RSA-PSK ciphersuites similar to SRP @@ -8910,7 +13942,7 @@ Date: Mon Apr 23 15:01:48 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Sat Apr 28 14:14:30 2018 +0200 Add another sni related test @@ -8920,7 +13952,7 @@ Date: Sat Apr 28 14:14:30 2018 +0200 Signed-off-by: Andreas Metzler -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 23 14:00:15 2018 +0200 tests: sni-hostname was updated to support TLS1.3 @@ -8934,7 +13966,7 @@ Date: Sun Apr 29 13:44:04 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Sat Apr 28 14:11:27 2018 +0200 doc: Add crossreference/warning @@ -8943,7 +13975,7 @@ Date: Sat Apr 28 14:11:27 2018 +0200 Signed-off-by: Andreas Metzler -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 23 13:58:22 2018 +0200 gnutls-cli: added option to specify the verification hostname @@ -8956,14 +13988,14 @@ Date: Mon Apr 23 13:58:22 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 26 09:06:00 2018 +0200 doc: fixes for better latex pdf generation [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 24 08:36:06 2018 +0200 retrieve_pin: refuse to retrieve PIN from URI more than one time @@ -8975,7 +14007,7 @@ Date: Tue Apr 24 08:36:06 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 24 16:42:10 2018 +0200 doc: updated OCSP documentation [ci skip] @@ -8989,14 +14021,14 @@ Date: Sun Apr 22 16:02:08 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 20 08:42:27 2018 +0200 fuzz: corrected TLS1.3 enablement [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 17 10:59:25 2018 +0200 _gnutls_epoch_new: allow re-allocation epoch next epoch @@ -9010,7 +14042,7 @@ Date: Tue Apr 17 10:59:25 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 17 09:52:01 2018 +0200 tests: added reproducers for receiving app data when rehandshake is expected @@ -9019,7 +14051,7 @@ Date: Tue Apr 17 09:52:01 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 17 09:31:12 2018 +0200 tests: eliminated exit_code variable used in few tests @@ -9029,7 +14061,7 @@ Date: Tue Apr 17 09:31:12 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 17 09:24:29 2018 +0200 tests: eagain: moved to cmocka and enhanced for TLS1.3 @@ -9038,14 +14070,14 @@ Date: Tue Apr 17 09:24:29 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 16 09:51:11 2018 +0200 tests: tls12-rehandshake-cert*: run multiple rehandshake tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 17 07:45:54 2018 +0200 tls13/finished: addressed memory leak in receiving finished packet @@ -9055,14 +14087,14 @@ Date: Tue Apr 17 07:45:54 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 16 15:35:33 2018 +0200 priority: document the reasons for the order of supported groups [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 16 15:14:01 2018 +0200 handshake: described the epoch reference counting [ci skip] @@ -9074,21 +14106,21 @@ Date: Mon Apr 16 15:14:01 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 16 09:51:11 2018 +0200 tests: tls12-rehandshake-cert-3: run multiple rehandshake tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 11 14:35:26 2018 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 11 08:34:15 2018 +0200 ANON,SRP,NULL ciphersuites: when set do not negotiate TLS1.3 or later @@ -9174,21 +14206,21 @@ Date: Fri Apr 6 20:51:39 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 4 14:51:08 2018 +0200 doc: re-organized and modernized examples Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 4 13:47:36 2018 +0200 doc: updated for TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 6 13:36:11 2018 +0200 fuzz: added PSK traces with TLS1.3 @@ -9197,7 +14229,7 @@ Date: Fri Apr 6 13:36:11 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 4 15:28:37 2018 +0200 psk: save the username on auth info struct under TLS1.3 @@ -9218,21 +14250,21 @@ Date: Thu Mar 22 10:02:36 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 29 09:51:32 2018 +0200 priority: added GROUP-DH-ALL and GROUP-EC-ALL Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 3 13:10:30 2018 +0200 dumbfw: account for extension data padding Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 5 09:04:47 2018 +0200 Simplified the _gnutls13_psk_ext_parser interface and added unit tests @@ -9253,21 +14285,21 @@ Date: Thu Mar 22 08:59:56 2018 +0100 Signed-off-by: Ander Juaristi Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 6 10:36:18 2018 +0200 certtool: key-type desc was moved along the privkey functionality [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 4 13:47:25 2018 +0200 gnutls_record_can_use_length_hiding: corrected return type Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 4 16:54:15 2018 +0200 encrypt_packet_tls13: reverted to original API @@ -9284,21 +14316,21 @@ Date: Sun Mar 25 20:08:26 2018 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 13 11:11:52 2018 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 13 09:45:44 2018 +0100 protocols: bumped TLS1.3 protocol to draft -26 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 13 09:23:05 2018 +0100 record: added AAD data when encrypting or decrypting @@ -9309,7 +14341,7 @@ Date: Tue Mar 13 09:23:05 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 12 17:10:42 2018 +0100 priorities: disable any key exchange methods if there is no TLS1.2 or earlier @@ -9323,7 +14355,7 @@ Date: Mon Mar 12 17:10:42 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 9 12:12:56 2018 +0100 _gnutls_supported_ecc_recv_params: take into account precedence @@ -9338,7 +14370,7 @@ Date: Fri Mar 9 12:12:56 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 12 10:37:00 2018 +0100 supported_versions: cannot be used to negotiate pre-TLS1.3 @@ -9409,35 +14441,35 @@ Date: Tue Mar 20 07:15:13 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 19 14:42:38 2018 +0100 tests: avoid duplicate runs of tests when not necessary Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 19 18:31:40 2018 +0100 tests: moved invalid-cert reproducer into fuzz/ reproducers Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 19 18:29:23 2018 +0100 tests: testpkcs11.sh was moved to the main tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 19 18:24:10 2018 +0100 tests: long-crl.sh was moved to main suite Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 19 15:22:14 2018 +0100 tests: suite: dropped ocsp-coverage and cert-coverage @@ -9447,7 +14479,7 @@ Date: Mon Mar 19 15:22:14 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 19 15:11:38 2018 +0100 tests: testsrn.sh was removed as duplicate of safe-renegotation/ tests @@ -9457,14 +14489,14 @@ Date: Mon Mar 19 15:11:38 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 19 15:07:14 2018 +0100 tests: pkcs7-cat: moved to main suite Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 13 15:46:16 2018 +0100 tests: updated for TLS1.3 inclusion @@ -9483,21 +14515,21 @@ Date: Mon Mar 19 09:00:23 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 13 13:47:46 2018 +0100 tests: client-fast-open: updated for TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 13 13:43:47 2018 +0100 tests: removed unused test Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 13 13:41:19 2018 +0100 tests: auto-verify: update for TLS1.3 @@ -9511,7 +14543,7 @@ Date: Sat Mar 10 19:08:08 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 8 16:21:20 2018 +0100 tlsfuzzer: updated to the latest version @@ -9520,21 +14552,21 @@ Date: Thu Mar 8 16:21:20 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 8 16:00:34 2018 +0100 alert: send the appropriate alert on GNUTLS_E_ERROR_IN_FINISHED_PACKET Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 8 14:54:55 2018 +0100 Bumped TLS1.3 draft version to -23 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 8 13:57:05 2018 +0100 Hello retry request matches server hello @@ -9546,7 +14578,7 @@ Date: Thu Mar 8 13:57:05 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 7 12:52:46 2018 +0100 tests: added negative tests for RSA-PSS key exchange @@ -9555,7 +14587,7 @@ Date: Wed Mar 7 12:52:46 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 6 15:09:50 2018 +0100 signatures: distinguish RSA-PSS signatures with RSA PKCS#1 1.5 certificates from "pure" @@ -9573,7 +14605,7 @@ Date: Tue Mar 6 15:09:50 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 28 12:41:40 2018 +0100 Server hello format follows TLS1.2 format @@ -9587,7 +14619,7 @@ Date: Wed Feb 28 12:41:40 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 28 11:38:53 2018 +0100 Renumbered the key share extension to 51 @@ -9598,7 +14630,7 @@ Date: Wed Feb 28 11:38:53 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 22 16:12:55 2018 +0100 record: ignore any ChangeCipherSpec messages under TLS1.3 handshake @@ -9611,7 +14643,7 @@ Date: Thu Feb 22 16:12:55 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 22 14:42:43 2018 +0100 record: send 0x0303 under TLS1.3 @@ -9622,21 +14654,21 @@ Date: Thu Feb 22 14:42:43 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 8 12:03:39 2018 +0100 cryptodev: fix prototype of cryptodev_mac_fast [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 7 16:14:51 2018 +0100 cryptodev: added missing macro [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 5 15:42:14 2018 +0100 tests: added unit tests of gnutls_x509_crt_export @@ -9662,7 +14694,7 @@ Date: Fri Mar 2 23:09:11 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 2 17:48:01 2018 +0100 tests: added reproducer with DER re-encoding error on client side @@ -9709,7 +14741,7 @@ Date: Fri Mar 2 23:40:43 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 2 14:51:31 2018 +0100 gnutls_privkey_import_ext4: enhanced with GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS flag @@ -9726,7 +14758,7 @@ Date: Fri Mar 2 14:51:31 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 2 11:18:12 2018 +0100 _gnutls_find_rsa_pss_salt_size: add a validity check for salt size @@ -9737,7 +14769,7 @@ Date: Fri Mar 2 11:18:12 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 2 09:38:55 2018 +0100 tests: eliminated destructive tests @@ -9746,7 +14778,7 @@ Date: Fri Mar 2 09:38:55 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 1 16:38:29 2018 +0100 configure: simplified nettle version check @@ -9769,14 +14801,14 @@ Date: Tue Feb 27 22:04:10 2018 +0100 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 22 11:43:53 2018 +0100 drbg-aes: use the new nettle APIs for AES Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 22 11:29:08 2018 +0100 accelerated: padlock: use the new nettle APIs @@ -9787,21 +14819,21 @@ Date: Thu Feb 22 11:29:08 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 26 11:46:09 2018 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 26 11:44:56 2018 +0100 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 23 09:55:50 2018 +0100 gnutls_ext_raw_parse: introduced function @@ -9814,21 +14846,21 @@ Date: Fri Feb 23 09:55:50 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 21 11:46:08 2018 +0100 fuzz: added TLS1.3 client and server traces [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 21 11:21:36 2018 +0100 fuzz: enable fuzzer target in afl examples and add missing script [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 21 11:20:31 2018 +0100 fuzz: fixes in README file [ci skip] @@ -9842,28 +14874,28 @@ Date: Mon Feb 19 20:11:57 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 19 17:17:45 2018 +0100 fuzz: enable TLS1.3 in server and client fuzzers Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 19 15:10:00 2018 +0100 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 19 15:02:36 2018 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Jan 23 16:39:36 2018 +0100 record: new gnutls_record_send2 function @@ -9873,7 +14905,7 @@ Date: Tue Jan 23 16:39:36 2018 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Feb 8 13:24:46 2018 +0100 _gnutls_record_overhead: count content type octet in plaintext @@ -9883,14 +14915,14 @@ Date: Thu Feb 8 13:24:46 2018 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Jan 3 14:14:56 2018 +0100 tests: check extended record padding work with TLS 1.3 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Dec 21 17:02:22 2017 +0100 range: make length hiding always usable under TLS 1.3 @@ -9901,7 +14933,7 @@ Date: Thu Dec 21 17:02:22 2017 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Jan 3 14:10:22 2018 +0100 tests: re-enable mini-record-range test @@ -9913,7 +14945,7 @@ Date: Wed Jan 3 14:10:22 2018 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Dec 21 15:53:30 2017 +0100 doc: fix mention of gnutls_record_send_range() @@ -9927,28 +14959,28 @@ Date: Sat Jan 27 16:38:14 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 4 17:32:58 2018 +0100 tests: corrected various typos Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 4 17:26:54 2018 +0100 doc: use 3.6.xx to be consistent with other version references Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 2 12:44:15 2018 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 13 10:11:57 2017 +0100 doc: getfuncs.pl: distinguish between different typedef types @@ -9965,7 +14997,7 @@ Date: Wed Dec 13 08:00:38 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 12 14:55:29 2017 +0100 x509/cert: reorganized @@ -9975,14 +15007,14 @@ Date: Tue Dec 12 14:55:29 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 29 16:19:56 2017 +0100 tests: added unit test for gnutls_ocsp_resp_list_import2 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 18 10:35:53 2017 +0200 doc: updated @@ -9992,7 +15024,7 @@ Date: Wed Oct 18 10:35:53 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 21 16:31:02 2017 +0100 tests: added ocsptool sanity check program @@ -10002,7 +15034,7 @@ Date: Tue Nov 21 16:31:02 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 16 16:05:15 2017 +0200 tests: enhanced OCSP tests @@ -10020,7 +15052,7 @@ Date: Mon Oct 16 16:05:15 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 12 08:47:00 2017 +0100 cert auth: use a single callback to call for OCSP @@ -10031,7 +15063,7 @@ Date: Tue Dec 12 08:47:00 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 22 10:32:04 2017 +0100 ocsp: introduced gnutls_certificate_get_ocsp_expiration() @@ -10041,7 +15073,7 @@ Date: Wed Nov 22 10:32:04 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 8 13:45:24 2017 +0100 ocsp: enhanced the OCSP response loading APIs @@ -10057,7 +15089,7 @@ Date: Fri Dec 8 13:45:24 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 18 11:26:55 2017 +0200 gnutls-serv: allow loading multiple OCSP responses @@ -10069,7 +15101,7 @@ Date: Wed Oct 18 11:26:55 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 18 10:32:20 2017 +0200 cert: introduced flag GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK @@ -10083,7 +15115,7 @@ Date: Wed Oct 18 10:32:20 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 7 16:16:55 2017 +0100 gnutls_certificate_set_ocsp_status_request_file: match input response to certificates @@ -10095,7 +15127,7 @@ Date: Thu Dec 7 16:16:55 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 6 13:51:52 2017 +0100 ocsp: moved non-extension related functions to ocsp-api.c @@ -10105,7 +15137,7 @@ Date: Wed Dec 6 13:51:52 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 17 09:59:53 2017 +0200 gnutls_ocsp_status_request_get2: allow operation under TLS1.3 for server side @@ -10115,7 +15147,7 @@ Date: Tue Oct 17 09:59:53 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 17 08:32:09 2017 +0200 select_sign_algorithm: check KX type only on pre-TLS1.3 @@ -10126,14 +15158,14 @@ Date: Tue Oct 17 08:32:09 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 6 13:45:21 2017 +0100 rename _gnutls_selected_certs_set -> selected_certs_set Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 6 13:32:28 2017 +0100 ocsp: send all the OCSP responses under TLS1.3 @@ -10143,7 +15175,7 @@ Date: Wed Dec 6 13:32:28 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 6 13:18:16 2017 +0100 introduced gnutls_certificate_retrieve_function3 @@ -10158,7 +15190,7 @@ Date: Wed Dec 6 13:18:16 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 29 14:27:44 2017 +0100 gnutls_ocsp_resp_list_import2: introduced @@ -10168,7 +15200,7 @@ Date: Wed Nov 29 14:27:44 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 21 16:20:48 2017 +0100 ocsptool: import and export OCSP responses in PEM format @@ -10180,7 +15212,7 @@ Date: Tue Nov 21 16:20:48 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 21 14:59:31 2017 +0100 ocsp: introduced gnutls_ocsp_resp_import2 and gnutls_ocsp_resp_export2 @@ -10190,7 +15222,7 @@ Date: Tue Nov 21 14:59:31 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 13 09:36:38 2017 +0200 _gnutls_x509_cert_verify_peers: verify all received OCSP responses @@ -10200,7 +15232,7 @@ Date: Fri Oct 13 09:36:38 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 13 09:31:58 2017 +0200 gnutls_ocsp_status_request_get2: added function @@ -10210,7 +15242,7 @@ Date: Fri Oct 13 09:31:58 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 10 10:21:19 2017 +0200 tls13/certificate: parse OCSP status response and save responses in auth info struct @@ -10219,7 +15251,7 @@ Date: Tue Oct 10 10:21:19 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 10 11:14:19 2017 +0200 ext/status_request: allow more than a single OCSP response to be received @@ -10232,21 +15264,21 @@ Date: Tue Oct 10 11:14:19 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 10 09:59:17 2017 +0200 _gnutls_copy_certificate_auth_info: simplified and avoid multiple allocations Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 19 16:16:29 2017 +0100 tests: updated to account for HMAC-SHA384 and CAMELLIA removal Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 19 16:00:45 2017 +0100 priorities: provide a more consistent "story" for default cipher settings @@ -10281,7 +15313,7 @@ Date: Tue Dec 19 16:00:45 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 17 09:27:36 2017 +0200 certificate request: corrected parsing of signature algorithms @@ -10304,7 +15336,7 @@ Date: Sat Dec 9 11:23:24 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 8 13:13:31 2017 +0100 session state: TLS1.2 and TLS1.3 state is stored as union @@ -10316,7 +15348,7 @@ Date: Wed Nov 8 13:13:31 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 8 13:08:02 2017 +0100 session state: organized key exchange keys into structures @@ -10326,28 +15358,28 @@ Date: Wed Nov 8 13:08:02 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 7 16:52:21 2017 +0100 record state: avoid memory allocations for stored keys Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 7 16:25:31 2017 +0100 handshake: ffdhe flags merged with handshake flags Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 7 16:09:12 2017 +0100 handshake: false start flag merged with hsk_flags Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 7 15:36:01 2017 +0100 handshake: use hsk_flags in TLS1.2 and TLS1.3 @@ -10357,7 +15389,7 @@ Date: Tue Nov 7 15:36:01 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 5 09:01:56 2017 +0100 doc: added text on TLS1.3 rekey and reauthentication @@ -10371,14 +15403,14 @@ Date: Mon Dec 4 17:45:11 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 2 15:30:43 2017 +0100 tests: re-enabled post-handshake auth tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 2 15:19:10 2017 +0100 handshake: added support for post-handshake authentication @@ -10393,14 +15425,14 @@ Date: Thu Nov 2 15:19:10 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 21 11:12:14 2017 +0100 gnutls_record_set_state: use const for seq_number Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 20 16:56:12 2017 +0100 tests: added test suite on key limits @@ -10409,14 +15441,14 @@ Date: Mon Nov 20 16:56:12 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 20 16:52:58 2017 +0100 gnutls_record_get_state: doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 20 16:01:29 2017 +0100 Introduce key usage limits under TLS1.3 @@ -10428,21 +15460,21 @@ Date: Mon Nov 20 16:01:29 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 20 13:08:18 2017 +0100 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 30 08:59:17 2017 +0100 tests: removed unused variables and introduced temporal vars in macros Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 30 08:51:06 2017 +0100 tests: check gnutls_rehandshake() and gnutls_handshake() under TLS1.3 @@ -10477,7 +15509,7 @@ Date: Sat Oct 28 12:38:52 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 19 16:45:18 2017 +0200 tests: added unit tests with TLS1.3 key update @@ -10486,7 +15518,7 @@ Date: Thu Oct 19 16:45:18 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 19 16:27:30 2017 +0200 handshake: introduced gnutls_session_key_update() @@ -10496,21 +15528,21 @@ Date: Thu Oct 19 16:27:30 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 19 14:52:03 2017 +0200 handshake: added TLS1.3 passive key update Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Wed Nov 29 11:18:40 2017 +0100 keylogfile: write TLS 1.3 secrets Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Nov 28 18:28:19 2017 +0100 _gnutls_nss_keylog_write: define new internal API @@ -10521,7 +15553,7 @@ Date: Tue Nov 28 18:28:19 2017 +0100 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 27 11:27:12 2017 +0100 tls-fuzzer: enabled the large hello checks @@ -10533,21 +15565,21 @@ Date: Mon Nov 27 11:27:12 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 29 16:21:45 2017 +0100 hkdf: refer to nettle's hkdf.h when available Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 29 14:04:30 2017 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 27 11:07:40 2017 +0100 gnutls_prf_rfc5705: apply the context limits only under TLS1.2 or earlier @@ -10556,14 +15588,14 @@ Date: Mon Nov 27 11:07:40 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 27 11:04:59 2017 +0100 gnutls_prf_raw: fail under TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 27 09:10:24 2017 +0100 tests: included behavioral test of gnutls_prf under TLS1.3 @@ -10572,7 +15604,7 @@ Date: Mon Nov 27 09:10:24 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 27 09:03:31 2017 +0100 gnutls_prf: prevent usage under TLS1.3 @@ -10582,21 +15614,21 @@ Date: Mon Nov 27 09:03:31 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Nov 24 11:07:20 2017 +0100 gnutls_prf_rfc5705: calculate exporter using HKDF if TLS 1.3 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Nov 24 10:55:43 2017 +0100 handshake-tls13: derive and store exporter_master_secret Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Nov 24 10:34:26 2017 +0100 _tls13_derive_secret: define secret argument @@ -10608,7 +15640,7 @@ Date: Fri Nov 24 10:34:26 2017 +0100 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 8 11:45:25 2017 +0100 session state: combined srp and dh prime bits variables @@ -10618,14 +15650,14 @@ Date: Wed Nov 8 11:45:25 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 8 11:41:59 2017 +0100 session state: mark mod_auth_st_int as constant Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 8 11:39:53 2017 +0100 dtls: cookie is stored dynamically when needed rather than in pre-allocated size @@ -10637,14 +15669,14 @@ Date: Wed Nov 8 11:39:53 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 10 09:54:13 2017 +0200 removed legacy/unused rsa-related structures/functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Sep 23 21:43:45 2017 +0300 lib: simplify adding groups according to prioritites @@ -10656,7 +15688,7 @@ Date: Sat Sep 23 21:43:45 2017 +0300 Signed-off-by: Dmitry Eremin-Solenikov Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 4 09:21:06 2017 +0200 tests: added unit test for RDNs in cert callback @@ -10669,7 +15701,7 @@ Date: Wed Oct 4 09:21:06 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 15:59:14 2017 +0200 gnutls_auth*_get_type: use gnutls_kx_get to retrieve key exchange @@ -10679,7 +15711,7 @@ Date: Tue Oct 3 15:59:14 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 15:28:07 2017 +0200 tests: check certificate callbacks under TLS 1.2 and 1.3 @@ -10688,14 +15720,14 @@ Date: Tue Oct 3 15:28:07 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 14:56:15 2017 +0200 tests: added unit tests for client certificate under TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 14:21:33 2017 +0200 handshake: handle the certificate authorities extension @@ -10704,7 +15736,7 @@ Date: Tue Oct 3 14:21:33 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 13:59:39 2017 +0200 handshake: added support for client certificates @@ -10716,21 +15748,21 @@ Date: Tue Oct 3 13:59:39 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 11:48:28 2017 +0200 handshake: return GNUTLS_E_NO_CERTIFICATE_FOUND when no certificate is found in TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 11:43:45 2017 +0200 handshake: send certificate request when requested Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 6 11:00:16 2017 +0200 tests: added check for client hello random value after HRR @@ -10742,7 +15774,7 @@ Date: Fri Oct 6 11:00:16 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 6 11:16:17 2017 +0200 handshake: treat reply to HRR as a reply to hello verify request @@ -10754,7 +15786,7 @@ Date: Fri Oct 6 11:16:17 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 6 10:18:33 2017 +0200 tests: added key share behavioral test @@ -10766,7 +15798,7 @@ Date: Fri Oct 6 10:18:33 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 6 09:05:20 2017 +0200 key share: added flags to gnutls_init() to modify its default behavior @@ -10783,14 +15815,14 @@ Date: Fri Oct 6 09:05:20 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 2 15:40:24 2017 +0100 handshake: initialize buffer prior to use Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 4 10:55:48 2017 +0200 tests: added tests for TLS1.2- rollback detection @@ -10803,28 +15835,28 @@ Date: Wed Oct 4 10:55:48 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 4 10:33:11 2017 +0200 _gnutls_set_server_random: corrected TLS1.2 and TLS1.1 rollback detection Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 11:08:04 2017 +0200 extensions: renamed _gnutls_hello_ext_*sdata to _gnutls_hello_ext_*priv Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 09:35:52 2017 +0200 server_name: use the new API for ext data setting Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 08:58:59 2017 +0200 extensions: enhanced extension lib with pack and unpack functions @@ -10833,7 +15865,7 @@ Date: Tue Oct 3 08:58:59 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 08:41:51 2017 +0200 tests: check the correct handling of cookie extension in client side @@ -10842,7 +15874,7 @@ Date: Tue Oct 3 08:41:51 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 3 08:39:58 2017 +0200 extensions: allow receiving and sending extensions which were not advertised by client side @@ -10853,28 +15885,28 @@ Date: Tue Oct 3 08:39:58 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 16:41:09 2017 +0200 extensions: optimized gid_to_ext_entry() map on known extensions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 16:23:10 2017 +0200 extensions: avoid double loop when parsing received extensions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 15:40:36 2017 +0200 extensions: avoid looping to discover location of saved data Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 15:16:04 2017 +0200 handshake: added support for reading and sending cookie extension @@ -10890,7 +15922,7 @@ Date: Mon Nov 13 08:45:09 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 11:58:25 2017 +0200 tests: added unit test for hello retry request support @@ -10899,56 +15931,56 @@ Date: Fri Sep 29 11:58:25 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 14:24:54 2017 +0200 tests: rehandshake tests were restricted to TLS1.2 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 14:11:34 2017 +0200 handshake: reduce assert printouts in common cases Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 10:10:48 2017 +0200 handshake: accept hello retry request in client side Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 09:08:59 2017 +0200 buf: _gnutls_buffer_pop_data made easier to use Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 09:01:41 2017 +0200 handshake: simplified version parsing Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 21 16:40:43 2017 +0200 handshake: send hello retry request when no key share matches Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 12:54:38 2017 +0200 ext: do not advertize post handshake authentication Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 29 08:21:54 2017 +0200 tests: check TLS1.3 record layer packet modification @@ -10974,98 +16006,98 @@ Date: Thu Sep 28 07:47:40 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 27 15:10:07 2017 +0200 nettle/pk: explicitly mark intentional fallthrough in switch cases Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 22 16:59:31 2017 +0200 key share: removed duplicate message Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 27 08:20:10 2017 +0200 tests: fix warning in rng-sigint.c Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 27 08:58:26 2017 +0200 tests: improved tls-session-supplemental Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 26 16:44:39 2017 +0200 kx: moved to new buffer API Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 26 15:38:58 2017 +0200 handshake: moved to the new mbuffer API Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 26 12:54:18 2017 +0200 handshake: use the new buffer type in TLS 1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 26 11:57:18 2017 +0200 handshake: new helper functions to use gnutls_buffer_st to generate mbuffers Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 26 10:29:15 2017 +0200 tlsfuzzer: disable non TLS1.3-ready tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 25 16:28:38 2017 +0200 tests: added tests for TLS1.3 record generation / parsing Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 25 09:47:52 2017 +0200 tests: introduced basic TLS1.3 key exchange test suite Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 25 16:26:45 2017 +0200 record: adjusted overhead calculation for TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 25 14:49:23 2017 +0200 priority: include groups into priority when having a TLS1.3-only session Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 25 09:46:32 2017 +0200 priority: do include all the version's signature semantics @@ -11076,42 +16108,42 @@ Date: Mon Sep 25 09:46:32 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 25 09:32:25 2017 +0200 ext/key_share: corrected release of MPI parameters Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 25 09:28:45 2017 +0200 ext/signature: explicitly prevent RSA/DSA and SHA1 signatures on TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 22 16:55:36 2017 +0200 hello ext: reduce verbosity Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 22 11:10:56 2017 +0200 constate.h: removed non-existing function Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 22 10:55:43 2017 +0200 record: any alert is fatal under TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 18 14:49:24 2017 +0200 extensions: introduced functions to obtain currently parsed message @@ -11121,14 +16153,14 @@ Date: Mon Sep 18 14:49:24 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 21 09:30:39 2017 +0200 supported_versions: print the received versions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 21 12:58:51 2017 +0200 handshake: introduced server side handshake [2/2] @@ -11139,14 +16171,14 @@ Date: Thu Sep 21 12:58:51 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 21 10:21:26 2017 +0200 cs: select certificate under TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 21 09:53:47 2017 +0200 handshake: introduced server side handshake [1/2] @@ -11155,28 +16187,28 @@ Date: Thu Sep 21 09:53:47 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 21 09:50:10 2017 +0200 ciphersuites: introduce a maximum supported TLS/DTLS version Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 21 09:41:37 2017 +0200 handshake: properly set the default record version Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 16:07:39 2017 +0200 handshake: send encrypted extensions handshake message Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 15 13:54:25 2017 +0200 handshake: parse new session ticket message @@ -11185,56 +16217,56 @@ Date: Fri Sep 15 13:54:25 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 15:33:16 2017 +0200 str: added _gnutls_buffer_pop_prefix24 and _gnutls_buffer_pop_prefix8 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 27 15:07:04 2017 +0200 str: use assert to mark impossible cases Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 15:21:16 2017 +0200 str: allow creating a read-only buffer Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 13:43:14 2017 +0200 gnutls_session_get_desc: more descriptive name for TLS1.3 ciphersuites Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 15 09:11:37 2017 +0200 handshake: generate application keys Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 15 08:30:52 2017 +0200 constate: added _gnutls_epoch_dup Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 15 07:59:21 2017 +0200 constate: indentation fixes Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 14 10:22:36 2017 +0200 handshake: added basic support for TLS 1.3 handshake in client side @@ -11250,14 +16282,14 @@ Date: Thu Sep 14 10:22:36 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 13 14:19:12 2017 +0200 handshake: added parsing of encrypted extensions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 25 10:44:43 2017 +0200 crypto-api: introduce internal version of AEAD API @@ -11267,49 +16299,49 @@ Date: Mon Sep 25 10:44:43 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 11 15:16:51 2017 +0200 record: added TLS 1.3 record parsing and key derivation Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 13:48:13 2017 +0200 handshake: introduced TLS 1.3 handshake client state machine outline Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 11:56:28 2017 +0200 extensions: separate the hello extensions from others Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 11:51:10 2017 +0200 hello_ext.h: removed non-existant function definition Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 11:48:30 2017 +0200 extensions: files renamed to hello_ext Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 11:46:55 2017 +0200 extensions: renamed hello extension handling functions appropriately Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 11:40:54 2017 +0200 extensions: simplified semantics of store and check functions @@ -11320,14 +16352,14 @@ Date: Wed Sep 20 11:40:54 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 11:30:12 2017 +0200 extension: renamed functions to reflect purpose Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 10:05:53 2017 +0200 extensions: use the low-level extension parsing code for hello parsing @@ -11337,7 +16369,7 @@ Date: Wed Sep 20 10:05:53 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 20 09:46:34 2017 +0200 extv: introduced a low-level extension parsing code @@ -11347,7 +16379,7 @@ Date: Wed Sep 20 09:46:34 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 19 12:58:56 2017 +0200 extensions: simplified the extension tracking @@ -11358,35 +16390,35 @@ Date: Tue Sep 19 12:58:56 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 19 12:48:14 2017 +0200 extensions: use an internal extension ID independent of the TLS id Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 15 14:46:13 2017 +0200 str: rename _gnutls_buffer_pop_prefix to _gnutls_buffer_pop_prefix32 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 15 14:45:20 2017 +0200 str: rename _gnutls_buffer_pop_datum_prefix to _gnutls_buffer_pop_datum_prefix32 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 14 14:10:14 2017 +0200 security params: store PRF when packing session Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 14 14:03:43 2017 +0200 handshake: simplify by storing a pointer to PRF mac entry @@ -11396,7 +16428,7 @@ Date: Thu Sep 14 14:03:43 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 14 12:13:09 2017 +0200 ext/signature: improved TLS 1.3 signature algorithm negotiation @@ -11406,14 +16438,14 @@ Date: Thu Sep 14 12:13:09 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 14 11:21:51 2017 +0200 str: added helper functions to read prefixed data with 8 or 16-bit headers Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 14 09:44:58 2017 +0200 ecc: do not warn on receiving extension on client side @@ -11422,21 +16454,21 @@ Date: Thu Sep 14 09:44:58 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 14 14:30:07 2017 +0200 Added TLS 1.3 HKDF key derivation functionality Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 12 10:30:59 2017 +0200 extensions: include extension number in debugging message Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 12 10:12:41 2017 +0200 tests: check behavior on the extension hello flags @@ -11480,7 +16512,7 @@ Date: Mon Sep 11 09:50:58 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 12 08:03:59 2017 +0200 tests: guile: don't use VERS-TLS-ALL @@ -11489,14 +16521,14 @@ Date: Tue Sep 12 08:03:59 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 12 08:00:00 2017 +0200 .gitlab-ci.yml: abi-coverage: include guile logs Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 14 09:20:25 2017 +0200 nettle: added HKDF functions @@ -11506,35 +16538,35 @@ Date: Mon Aug 14 09:20:25 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 11 15:54:40 2017 +0200 gnutls-cli-debug: use explicit TLS versions rather than TLS-ALL Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 15:37:04 2017 +0200 _gnutls_server_select_suite: don't set auth callbacks for TLS 1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 11:00:27 2017 +0200 supported_versions: print negotiated protocol Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 15:35:21 2017 +0200 Negotiate draft-TLS1.3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 14:14:58 2017 +0200 handshake: added the TLS 1.3 ciphersuites @@ -11558,7 +16590,7 @@ Date: Mon Sep 11 11:33:31 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 14 09:34:05 2017 +0200 Added support for key share extension @@ -11567,7 +16599,7 @@ Date: Fri Jul 14 09:34:05 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 09:23:53 2017 +0200 handshake: always accept TLS 1.2 in client hello if we have later protocols enabled @@ -11577,7 +16609,7 @@ Date: Tue Jul 18 09:23:53 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 08:23:01 2017 +0200 require nettle 3.3 or later @@ -11586,7 +16618,7 @@ Date: Tue Jul 18 08:23:01 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 14 09:10:11 2017 +0200 str: added function to append fixed-size MPI @@ -11596,7 +16628,7 @@ Date: Fri Jul 14 09:10:11 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 13 11:57:26 2017 +0200 tests: resumption tests were restricted to TLS 1.2 @@ -11606,14 +16638,14 @@ Date: Thu Jul 13 11:57:26 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 13 11:52:07 2017 +0200 ext/post_handshake: restrict the use of this extension to TLS 1.3 or later Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 13 11:46:29 2017 +0200 handshake: optimizations and enhancements in session version handling @@ -11626,14 +16658,14 @@ Date: Thu Jul 13 11:46:29 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 13 11:21:24 2017 +0200 tests: check for post-handshake extension in TLS 1.2-only sessions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 13 11:14:56 2017 +0200 tests: added unit tests for post-handshake-auth extension @@ -11643,7 +16675,7 @@ Date: Thu Jul 13 11:14:56 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 13 10:33:18 2017 +0200 handshake: send client and server hellos according to TLS 1.3 @@ -11653,28 +16685,28 @@ Date: Thu Jul 13 10:33:18 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 13 09:44:28 2017 +0200 Added support for post handshake auth extension Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 13:40:19 2017 +0200 tests: updated for new behavior of disabling protocols on missing signature algorithms Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 13:38:39 2017 +0200 tests: verify that no signature algorithms with (D)TLS 1.2 will cause an error Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 13:33:46 2017 +0200 priorities: when no signature algorithms eliminate (D)TLS 1.2 or later @@ -11685,7 +16717,7 @@ Date: Wed Jul 12 13:33:46 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 13:16:10 2017 +0200 tests: safer use of gnutls_bye in _test_cli_serv() @@ -11694,7 +16726,7 @@ Date: Wed Jul 12 13:16:10 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 09:40:46 2017 +0200 tests: added checks for special signature algorithms @@ -11704,21 +16736,21 @@ Date: Wed Jul 12 09:40:46 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 09:38:26 2017 +0200 tests: verify that +SIGN-ECDSA-SECP256R1-SHA256 has no effect when combined with TLS1.2 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 08:56:18 2017 +0200 tests: added signature tests for ECDSA-SECP256R1-SHA256 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 09:19:16 2017 +0200 priority: do not include signature algorithms that apply to different TLS version @@ -11732,7 +16764,7 @@ Date: Wed Jul 12 09:19:16 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 11 14:07:43 2017 +0200 tests: updated for the new behavior of handshake @@ -11745,14 +16777,14 @@ Date: Tue Jul 11 14:07:43 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 11 11:09:51 2017 +0200 pubkey: enforce TLS 1.3 signature restrictions on verification Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 10 16:43:51 2017 +0200 ext/signature: added TLS 1.3 signature algorithm negotiation @@ -11770,7 +16802,7 @@ Date: Mon Jul 10 16:43:51 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 19 15:20:00 2017 +0200 tests: added unit test for TLS 1.3 version negotiation @@ -11780,7 +16812,7 @@ Date: Mon Jun 19 15:20:00 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 19 14:17:40 2017 +0200 handshake: added support for negotiating version using extension @@ -11790,7 +16822,7 @@ Date: Mon Jun 19 14:17:40 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 19 13:30:46 2017 +0200 handshake: legacy version negotiation is not used for TLS 1.3 @@ -11801,7 +16833,7 @@ Date: Mon Jun 19 13:30:46 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 19 11:57:22 2017 +0200 Added TLS 1.3 Hello message random generation @@ -11812,7 +16844,7 @@ Date: Mon Jun 19 11:57:22 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 19 14:57:55 2018 +0100 Revert "priority: disable the enabled by default RSA-PSS signature algorithms" @@ -11828,14 +16860,14 @@ Date: Sat Feb 10 11:13:57 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 22 11:52:19 2018 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 30 07:41:26 2018 +0100 tests: check gnutls_fips140_set_mode operation per thread @@ -11852,21 +16884,21 @@ Date: Sun Jan 21 15:49:42 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 22 11:40:42 2018 +0100 tests: gnutls_hmac_fast: explicitly enable MD5 use under FIPS140-2 mode Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 21 12:38:29 2017 +0100 tests: gc.c -> gnutls_hmac_fast.c Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 22 09:15:03 2018 +0100 doc: documented gnutls_fips140_set_mode and gnutls_fips_mode_t @@ -11893,14 +16925,14 @@ Date: Sun Jan 21 14:01:17 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 20 15:36:59 2017 +0100 fips140: enforcement of hash and MACs use moved to crypto-api.c and hash_int.c Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 19 08:38:35 2018 +0100 tests: srp: increased timeout to 40secs [ci skip] @@ -11931,7 +16963,7 @@ Date: Fri Feb 16 08:27:56 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 13 16:34:09 2018 +0100 tests: check whether gnutls_credentials_set() can be set in an hsk hook @@ -11943,21 +16975,21 @@ Date: Tue Feb 13 16:34:09 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 13 16:47:16 2018 +0100 doc: documented how to set the credentials late in certain vhost scenarios Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 13 16:21:52 2018 +0100 doc: updated text on gnutls_handshake_set_hook_function Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 13 11:12:09 2018 +0100 doc update [ci skip] @@ -12002,7 +17034,7 @@ Date: Wed Feb 7 18:59:39 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 7 09:24:18 2018 +0100 accelerated: make explicit key size check to all accelerated ciphers @@ -12026,14 +17058,14 @@ Date: Tue Feb 6 16:46:31 2018 +0100 Signed-off-by: Vitezslav Cizek -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 8 14:32:42 2018 +0100 p11tool: updated documentation [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 7 11:34:36 2018 +0100 nettle: use the nettle_get_secp API when available @@ -12042,7 +17074,7 @@ Date: Wed Feb 7 11:34:36 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 6 09:46:41 2017 +0100 nettle base64_encode_raw: use cast to avoid warnings @@ -12056,7 +17088,7 @@ Date: Wed Dec 6 09:46:41 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 6 14:40:59 2018 +0100 accelerated: x86-common: do not use _xgetbv() with clang @@ -12065,7 +17097,7 @@ Date: Tue Feb 6 14:40:59 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 6 14:37:42 2018 +0100 configure: treat solaris as ELF system @@ -12116,7 +17148,7 @@ Date: Mon Feb 5 20:25:23 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 2 15:49:48 2018 +0100 serv: increase cache size used for resumption @@ -12126,14 +17158,14 @@ Date: Fri Feb 2 15:49:48 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 2 11:09:22 2018 +0100 CONTRIBUTING.md: check the issue closing as part of review [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 2 10:35:11 2018 +0100 gnutls-cli: no longer print certificate types or compression methods @@ -12240,14 +17272,14 @@ Date: Wed Jan 17 19:10:52 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 19 11:42:02 2018 +0100 tests: pkcs11/tls-neg-pkcs11-key: updated for softhsm with PKCS#11 support Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 22 09:06:25 2018 +0100 added sub-section on selecting the right return value [ci skip] @@ -12268,21 +17300,21 @@ Date: Wed Jan 17 08:38:13 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 12 16:14:23 2018 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 12 13:23:03 2018 +0100 tests: privkey-verify-broken: addressed uninitialized var use Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 10 15:41:50 2018 +0100 tests: check whether get_mtu() functions relate to the set values @@ -12293,14 +17325,14 @@ Date: Wed Jan 10 15:41:50 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 10 15:35:36 2018 +0100 tests: added unit test for _gnutls_record_overhead() Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 12 09:01:54 2018 +0100 DTLS: improved data MTU calculation under CBC ciphersuites @@ -12320,7 +17352,7 @@ Date: Fri Jan 12 09:01:54 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 10 10:58:30 2018 +0100 fuzz: added reproducer for leak in gnutls_x509_crl_list_import @@ -12330,7 +17362,7 @@ Date: Wed Jan 10 10:58:30 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 10 10:56:28 2018 +0100 gnutls_x509_crt_list_import: eliminated memory leak @@ -12340,14 +17372,14 @@ Date: Wed Jan 10 10:56:28 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 9 11:31:45 2018 +0100 libtasn1: updated to latest libtasn1 master branch Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 3 16:41:36 2018 +0100 gnutls_pkcs12_key_parser_fuzzer.in: added reproducer for oss-fuzz #4890 @@ -12361,7 +17393,7 @@ Date: Sun Jan 7 09:55:37 2018 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 3 16:27:03 2018 +0100 doc: updated copyright year for manual @@ -12392,7 +17424,7 @@ Date: Sat Dec 30 19:57:08 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 20 08:16:29 2017 +0100 gnutls_pk_self_test: include ECDSA tests on GNUTLS_PK_EC @@ -12403,14 +17435,14 @@ Date: Wed Dec 20 08:16:29 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 19 16:40:59 2017 +0100 tests: hash-large: increase parallelism to allow fast run in CI Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 8 11:14:58 2017 +0100 doc: reference gnutls_prf_rfc5705 instead of gnutls_prf @@ -12434,7 +17466,7 @@ Date: Sun Dec 3 10:49:12 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 30 15:08:22 2017 +0100 tests: enhanced pkcs11/list-tokens @@ -12446,7 +17478,7 @@ Date: Thu Nov 30 15:08:22 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 30 14:31:07 2017 +0100 pkcs11 verification: always use the GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE @@ -12457,7 +17489,7 @@ Date: Thu Nov 30 14:31:07 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 30 14:28:46 2017 +0100 pkcs11: simplify trusted module loading state @@ -12468,7 +17500,7 @@ Date: Thu Nov 30 14:28:46 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 30 12:52:57 2017 +0100 _gnutls_pkcs11_check_init: improved transition between states @@ -12484,14 +17516,14 @@ Date: Thu Nov 30 12:52:57 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 30 11:44:14 2017 +0100 tests: corrected destructive/p11-kit-load.sh error checking Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Dec 1 11:13:29 2017 +0100 gnutls-serv: fix double-free on inactivity timeout @@ -12518,7 +17550,7 @@ Date: Fri Dec 1 11:13:29 2017 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Nov 28 15:45:59 2017 +0100 .dir-locals.el: new file @@ -12527,7 +17559,7 @@ Date: Tue Nov 28 15:45:59 2017 +0100 Signed-off-by: Daiki Ueno -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Nov 28 15:45:54 2017 +0100 build: remove m4 files pulled in by autopoint @@ -12537,14 +17569,14 @@ Date: Tue Nov 28 15:45:54 2017 +0100 Signed-off-by: Daiki Ueno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 29 17:16:41 2017 +0100 gnutls_aead_cipher_init: corrected potential memory leak Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 28 14:28:46 2017 +0100 doc: provided basic documentation of the FIPS140-2 mode [ci skip] @@ -12553,7 +17585,7 @@ Date: Tue Nov 28 14:28:46 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 27 09:42:26 2017 +0100 tests: verify whether group remains the same after resumption @@ -12562,7 +17594,7 @@ Date: Mon Nov 27 09:42:26 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 27 09:31:52 2017 +0100 _gnutls_set_resumed_parameters: restore the group from resumed parameters @@ -12572,28 +17604,28 @@ Date: Mon Nov 27 09:31:52 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 27 08:19:01 2017 +0200 tests: removed unnecessary assert Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 10 14:23:20 2017 +0200 tests: delete temporary files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 8 11:47:22 2017 +0100 session state: use the right type for send_cert_req variable Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 24 08:17:40 2017 +0100 tests: client-fastopen: introduce child signal handler and delay prior to starting @@ -12602,7 +17634,7 @@ Date: Fri Nov 24 08:17:40 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 22 17:36:30 2017 +0100 psktool: allow up to 512-byte keys @@ -12639,7 +17671,7 @@ Date: Tue Nov 21 19:17:01 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 21 13:23:21 2017 +0100 tests: updated SRP checks @@ -12650,7 +17682,7 @@ Date: Tue Nov 21 13:23:21 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 21 13:05:12 2017 +0100 .gitlab-ci.yml: move destructive tests after trust store tests @@ -12660,21 +17692,21 @@ Date: Tue Nov 21 13:05:12 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 20 14:43:21 2017 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 20 14:34:20 2017 +0100 tests: include the 8192-bit SRP prime into param checks Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 20 14:33:33 2017 +0100 srp: added the 8192-bit prime @@ -12685,7 +17717,7 @@ Date: Mon Nov 20 14:33:33 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 20 14:10:02 2017 +0100 srp: reject any parameters not in the SRP draft @@ -12696,35 +17728,35 @@ Date: Mon Nov 20 14:10:02 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 20 14:07:12 2017 +0100 fuzz: srp-client: decreased acceptable prime bits to 1024 [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 9 09:47:10 2017 +0100 tests: combined key and cert tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 9 09:40:23 2017 +0100 tests: windows subdir is only included on windows builds Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 8 16:32:48 2017 +0100 tests: dtls subdir was merged into main tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 20 13:49:55 2017 +0100 fuzz: srp-client: restrict prime bits to 1537 [ci skip] @@ -12741,21 +17773,21 @@ Date: Sun Nov 19 16:39:16 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 16 16:57:29 2017 +0100 doc: better detect acronym keyword on latex output Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 16 16:53:46 2017 +0100 doc: latex: resolve all citation issues Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 16 16:43:21 2017 +0100 doc: citations translate into references in texinfo @@ -12775,14 +17807,14 @@ Date: Mon Nov 13 11:03:35 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 15 11:47:31 2017 +0100 cfg.mk: do not include reproducer files into syntax checks Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 15 10:31:00 2017 +0100 gnutls_x509_ext_import_proxy: corrected memory leak @@ -12794,7 +17826,7 @@ Date: Wed Nov 15 10:31:00 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 8 13:56:56 2017 +0100 tools: do not access unused variables @@ -12803,7 +17835,7 @@ Date: Wed Nov 8 13:56:56 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 8 10:51:51 2017 +0100 .gitlab-ci.yml: disabled gcc warnings on CI builds and use dash @@ -12835,14 +17867,14 @@ Date: Sat Nov 4 17:18:23 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 3 15:10:03 2017 +0100 tests: list-tokens: not only list but also verify whether module is operational Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 3 15:03:35 2017 +0100 pkcs11: refuse to load modules with duplicate information @@ -12853,7 +17885,7 @@ Date: Fri Nov 3 15:03:35 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 3 14:33:24 2017 +0100 tests: enhanced PKCS#11 loading test @@ -12864,7 +17896,7 @@ Date: Fri Nov 3 14:33:24 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 30 13:51:33 2017 +0100 tests: added PKCS#11 module loading test @@ -12885,7 +17917,7 @@ Date: Mon Oct 30 13:51:33 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 30 11:29:38 2017 +0100 pkcs11: allow loading trusted modules when pkcs11 was initialized in manual mode @@ -12901,7 +17933,7 @@ Date: Mon Oct 30 11:29:38 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 30 09:57:09 2017 +0100 pkcs11: introduce multiple levels of loading @@ -12913,7 +17945,7 @@ Date: Mon Oct 30 09:57:09 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 31 09:18:15 2017 +0100 CONTRIBUTING.md: added a short text on reviewing code [ci skip] @@ -12986,7 +18018,7 @@ Date: Sat Oct 21 02:18:07 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 19 10:14:33 2017 +0200 doc update [ci skip] @@ -13000,42 +18032,42 @@ Date: Wed Oct 18 19:50:57 2017 +0200 Signed-off-by: Thomas Klute -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 18 15:57:53 2017 +0200 doc: mention SHA224 removal in upgrade guide Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 18 15:55:57 2017 +0200 bumped version Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 18 10:18:33 2017 +0200 gnutls-serv: print the right error code on OCSP request setting Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 18 13:42:21 2017 +0200 ocsptool: doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 16 11:41:36 2017 +0200 doc update [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 27 13:25:02 2017 +0200 cmp_hsk_types: fixed check for SSLv2 hello @@ -13100,7 +18132,7 @@ Date: Sun Oct 1 12:12:25 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Wed Sep 27 19:21:59 2017 +0200 Modernize gtk-doc support @@ -13119,7 +18151,7 @@ Date: Wed Sep 27 21:41:43 2017 +0300 Signed-off-by: Rowan Thorpe -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 25 16:57:31 2017 +0200 CONTRIBUTING.md: added some text on introducing new APIs [ci skip] @@ -13160,21 +18192,21 @@ Date: Sat Sep 23 08:37:50 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 15 09:53:01 2017 +0200 _gnutls_epoch_gc: ensure there are no stray epochs after gc Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 15 09:29:30 2017 +0200 constate: simplified allocation of epochs Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 15 08:26:22 2017 +0200 _gnutls_epoch_get(): simplified use @@ -13254,7 +18286,7 @@ Date: Sat Sep 23 10:59:58 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 19 11:08:19 2017 +0200 .gitlab-ci.yml: use static analyzer and Werror build in src @@ -13321,14 +18353,14 @@ Date: Thu Sep 21 10:45:05 2017 +0200 Signed-off-by: Thomas Klute -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Sep 18 17:06:15 2017 +0300 tests: explicitly check for gnutls.pc in pkgconfig.sh Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Sep 18 13:33:53 2017 +0300 test: use proper library name in pkgconfig.sh error message @@ -13339,7 +18371,7 @@ Date: Mon Sep 18 13:33:53 2017 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Sep 18 13:32:40 2017 +0300 tests: use libidn2 in pkgconfig.sh @@ -13354,7 +18386,7 @@ Date: Tue Sep 19 20:36:22 2017 +0200 parse-datetime: Fix buffer overflow -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 18 15:35:32 2017 +0200 tlsfuzzer: document the reason of failure of few fragmentation tests @@ -13386,14 +18418,14 @@ Date: Sat Sep 16 14:03:54 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 15 16:34:02 2017 +0200 parse_handshake_header: allow 1-byte sized fragments Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 15 16:21:02 2017 +0200 tests: added reproducer for DTLS infinite loop @@ -13421,14 +18453,14 @@ Date: Mon Sep 18 15:54:19 2017 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 14 11:56:27 2017 +0200 x509: removed debugging code [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 27 13:58:58 2017 +0200 tests: modified the MD5 signature algorithm negotiation tests @@ -13439,14 +18471,14 @@ Date: Tue Jun 27 13:58:58 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 27 08:42:10 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 27 08:36:01 2017 +0200 tlsfuzzer: no longer include tests involving SHA224 signatures @@ -13455,7 +18487,7 @@ Date: Tue Jun 27 08:36:01 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 26 15:04:32 2017 +0200 algorithms/sign: removed TLS identifiers for legacy algorithms @@ -13467,14 +18499,14 @@ Date: Mon Jun 26 15:04:32 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 26 15:02:47 2017 +0200 algorithms/sign: legacy signature algorithms were moved toward the end of the list Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 26 14:58:17 2017 +0200 algorithms/sign: no longer enable SHA224 hash in signatures @@ -13485,28 +18517,28 @@ Date: Mon Jun 26 14:58:17 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 8 16:19:38 2017 +0200 tlsfuzzer: added large client hello tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 8 15:16:55 2017 +0200 win32: removed no longer used subdir Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 8 14:01:09 2017 +0200 .gitlab-ci.yml: added warning cppcheck checks Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 16:54:24 2017 +0200 .gitlab-ci.yml: removed initialization step @@ -13517,63 +18549,63 @@ Date: Thu Sep 7 16:54:24 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 16:20:01 2017 +0200 doc: added README on FreeBSD CI setup Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 16:21:44 2017 +0200 .gitlab-ci.yml: added FreeBSD build Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 17:05:57 2017 +0200 tests: ip-utils: added include for FreeBSD compilation Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 14:12:20 2017 +0200 .gitlab-ci.yml: enable more cppcheck tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 8 12:15:47 2017 +0200 tests: updated tlsfuzzer to reduce rsa-pss failures Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 15:51:57 2017 +0200 crq: doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 09:31:30 2017 +0200 tests: added unit test for gnutls_x509_crq_sign Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 09:11:06 2017 +0200 tests: added verification checks into crl_apis Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 09:10:20 2017 +0200 gnutls_x509_crl_verify: check next update field for presence @@ -13582,28 +18614,28 @@ Date: Thu Sep 7 09:10:20 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 08:33:24 2017 +0200 tests: added verification check into crt_apis Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 08:30:13 2017 +0200 tests: added unit test for gnutls_x509_crt_sign Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 08:24:41 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 09:23:28 2017 +0200 gnutls_x509_crq_sign: undeprecate @@ -13613,7 +18645,7 @@ Date: Thu Sep 7 09:23:28 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 09:13:54 2017 +0200 gnutls_x509_crl_sign: undeprecate @@ -13623,7 +18655,7 @@ Date: Thu Sep 7 09:13:54 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 09:21:16 2017 +0200 gnutls_x509_crq_sign: no longer sign with SHA1 @@ -13639,7 +18671,7 @@ Date: Thu Sep 7 09:21:16 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 08:21:47 2017 +0200 gnutls_x509_*_sign: no longer sign with SHA1 @@ -13655,28 +18687,28 @@ Date: Thu Sep 7 08:21:47 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 08:12:05 2017 +0200 doc: document the change of gnutls_x509_crt_sign Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 8 08:31:42 2017 +0200 tests: tolerate leaks in opensc-pkcs11 when present Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 7 08:08:12 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 6 14:51:59 2017 +0200 tests: added reproducer for safe renegotiation failure with openssl @@ -13685,7 +18717,7 @@ Date: Wed Sep 6 14:51:59 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 6 15:11:00 2017 +0200 handshake: check SCSVs prior to resuming a session @@ -13704,7 +18736,7 @@ Date: Wed Sep 6 19:16:30 2017 +0200 Use $(LIBDL) instead of hardcoding -ldl. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 6 14:34:20 2017 +0200 cmocka: require 1.0.1 @@ -13716,7 +18748,7 @@ Date: Wed Sep 6 14:34:20 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 6 09:46:05 2017 +0200 tlslite-ng: updated to latest version @@ -13748,21 +18780,21 @@ Date: Tue Aug 29 13:56:58 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 28 15:16:58 2017 +0200 tools: removed re-using PIN message when in non-verbose mode Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 28 12:57:38 2017 +0200 p11tool: print public or private key algorithm Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 28 14:20:36 2017 +0200 gnutls_pkcs11_privkey_generate3: doc update [ci skip] @@ -13790,21 +18822,21 @@ Date: Sat Aug 26 17:02:28 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 25 15:58:14 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 25 15:56:49 2017 +0200 p11tool: allow obtaining PIN from command line on operations Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 25 14:49:33 2017 +0200 certtool: eliminate global use of default_dig @@ -13814,7 +18846,7 @@ Date: Fri Aug 25 14:49:33 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 25 12:01:37 2017 +0200 tests: krb5-test: disable valgrind mem leak checks for negative checks @@ -13823,42 +18855,42 @@ Date: Fri Aug 25 12:01:37 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 25 11:47:28 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 25 11:41:47 2017 +0200 tests: check whether p11tool signing with RSA-PSS works Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 25 10:53:51 2017 +0200 p11tool: allow signing with RSA-PSS and specifying an explicit hash Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 25 10:41:27 2017 +0200 sign_params_to_flags: moved to certtool-common.c Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 25 10:33:27 2017 +0200 certtool: hash_to_id moved to certtool-common.c Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Sat Aug 26 17:49:28 2017 +0200 Fix some typos [ci skip] @@ -13868,14 +18900,14 @@ Date: Sat Aug 26 17:49:28 2017 +0200 Signed-off-by: Andreas Metzler -Author: Tom Vrancken +Author: Tom Vrancken Date: Fri Aug 25 19:54:58 2017 +0200 Fixed segmentation faults caused by accessing NULL pointers during mutex operations. This bug was triggered while setting priorities. Signed-off-by: Tom Vrancken -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 25 16:15:24 2017 +0200 p11tool: explicitly mark generated keys as sensitive @@ -13896,7 +18928,7 @@ Date: Fri Aug 25 23:45:44 2017 +0300 Signed-off-by: Alon Bar-Lev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 24 17:03:17 2017 +0200 m4: updated ax_code_coverage.m4 [ci skip] @@ -13940,21 +18972,21 @@ Date: Mon Aug 21 14:20:54 2017 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 24 15:29:19 2017 +0200 tlslite: updated to latest version Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 23 10:20:05 2017 +0200 certtool: do not ask about RSA encryption in non-RSA keys Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 22 16:17:54 2017 +0200 fuzz: work-around libtool file name @@ -13965,7 +18997,7 @@ Date: Tue Aug 22 16:17:54 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 22 08:48:03 2017 +0200 dh params: document DH param setting functions as deprecated @@ -13974,7 +19006,7 @@ Date: Tue Aug 22 08:48:03 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 10:03:54 2017 +0200 tests: introduced unit test of gnutls_memset() @@ -14131,70 +19163,70 @@ Date: Fri Aug 18 21:32:28 2017 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 15:43:43 2017 +0200 gnutls_x509_privkey_export: use _gnutls_copy_string on PEM data Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 13:05:34 2017 +0200 Corrected argument names of functions to correspond to declaration Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 12:57:07 2017 +0200 lib: use casts and be explicit on intentional enumeration use Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 13:56:04 2017 +0200 gnutls-cli-debug: do not run non-FIPS cipher tests when in FIPS mode Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 12:52:20 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 12:47:12 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 11:51:53 2017 +0200 tests: added basic test for the operation of gnutls-cli-debug Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 11:44:55 2017 +0200 tests: verify the presence of GNUTLS_SFLAGS_RFC7919 flag in server and client mode Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 11:34:46 2017 +0200 gnutls-cli-debug: check whether RFC7919 is supported Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 11:31:52 2017 +0200 gnutls_session_get_flags: introduced GNUTLS_SFLAGS_RFC7919 @@ -14204,28 +19236,28 @@ Date: Fri Aug 18 11:31:52 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 11:22:11 2017 +0200 gnutls_auth_*: check cs parameter for validity prior to use Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 11:16:50 2017 +0200 certtool: simplified certificate PEM printing Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 11:14:16 2017 +0200 gnutls-cli: fixed bounds check on benchmark-tls Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 10:44:21 2017 +0200 lib: removed legacy debugging code @@ -14237,28 +19269,28 @@ Date: Fri Aug 18 10:44:21 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 10:35:03 2017 +0200 fuzz: added missing files into dist [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 10:06:36 2017 +0200 tests: added missing files in dist [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 18 10:05:36 2017 +0200 tests: do not suppress stderr errors on servers startup Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 17 17:41:34 2017 +0200 doc update @@ -14279,21 +19311,21 @@ Date: Fri Aug 18 08:38:48 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 17 11:27:24 2017 +0200 certtool: fixed documentation of sign-params Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 17 10:50:56 2017 +0200 README.md: mention lockfile-progs dependency Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 17 10:02:47 2017 +0200 tests: tls-neg-ext4-key: explicitly restrict to TLS 1.2, 1.1 and 1.0 @@ -14302,7 +19334,7 @@ Date: Thu Aug 17 10:02:47 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 17 09:59:53 2017 +0200 sign APIs: introduce RSA-RAW signing algorithm @@ -14314,7 +19346,7 @@ Date: Thu Aug 17 09:59:53 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 17 10:09:13 2017 +0200 removed devel/fuzz; functionality moved to fuzz/ [ci skip] @@ -14330,7 +19362,7 @@ Date: Fri Aug 11 21:42:02 2017 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 14 08:46:03 2017 +0200 _gnutls_recv_server_certificate_status: use the same type in subtracted values @@ -14343,7 +19375,7 @@ Date: Mon Aug 14 08:46:03 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 14 08:42:51 2017 +0200 _gnutls_proc_srp_client_kx: use same type in subtracted values @@ -14386,7 +19418,7 @@ Date: Sat Aug 5 20:49:19 2017 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 08:24:59 2017 +0200 fuzzer: added a fuzzer target @@ -14397,14 +19429,14 @@ Date: Wed Aug 9 08:24:59 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 16:40:41 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 16:39:36 2017 +0200 gnutls_x509_privkey_export: made a wrapper over gnutls_x509_privkey_export2() @@ -14413,28 +19445,28 @@ Date: Tue Aug 15 16:39:36 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 13:23:39 2017 +0200 gnutls-http-serv: use RSA-PSS key Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 13:11:03 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 12:58:02 2017 +0200 tests: use certtool to check RSA-PSS to RSA conversion Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 12:07:01 2017 +0200 certtool: introduced --to-rsa option @@ -14443,28 +19475,28 @@ Date: Tue Aug 15 12:07:01 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 11 16:37:21 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 11 12:30:17 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 15:51:34 2017 +0200 tests: added unit tests for gnutls_privkey_import_ext4 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 15:00:46 2017 +0200 gnutls_privkey_import_ext4: introduced to allow signing with RSA-PSS or Ed25519 keys @@ -14477,14 +19509,14 @@ Date: Fri Aug 4 15:00:46 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 10:47:11 2017 +0200 reduce common asserts to assist in debugging the library Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 10:29:42 2017 +0200 doc: algorithms.texi: include list of groups but skip compression methods @@ -14494,7 +19526,7 @@ Date: Tue Aug 15 10:29:42 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 15 10:27:19 2017 +0200 doc: improved elliptic curve and group documentation @@ -14508,7 +19540,7 @@ Date: Mon Aug 14 19:02:45 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 11 12:40:14 2017 +0200 tests: improved detection of 64-bit systems @@ -14518,21 +19550,21 @@ Date: Fri Aug 11 12:40:14 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 10 10:51:26 2017 +0200 tests: updated for new x86 host Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 10 09:37:07 2017 +0200 .gitlab-ci.yml: replaced the f23 x86 build with a f26 x86 build Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 11 11:09:39 2017 +0200 fuzz: explicitly initialize and deinitialize the library [ci skip] @@ -14541,21 +19573,21 @@ Date: Fri Aug 11 11:09:39 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 13:08:31 2017 +0200 handshake: eliminated unnecessary function wrappers Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 10:35:13 2017 +0200 gnutls_int.h: reduce memory occupied by ext_data Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 10:25:10 2017 +0200 gnutls_int.h: reduced the maximum number of epoch states we keep @@ -14565,14 +19597,14 @@ Date: Tue Jul 18 10:25:10 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 10:14:11 2017 +0200 gnutls_int.h: removed unused variable from state Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 14 11:30:51 2017 +0200 extensions: simplified requirements from send callback @@ -14582,14 +19614,14 @@ Date: Fri Jul 14 11:30:51 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 27 11:42:25 2017 +0200 ext/ecc: renamed Supported curves extension Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 27 11:01:08 2017 +0200 gnutls-serv: --require-client-cert no longer implies --verify-client-cert @@ -14599,35 +19631,35 @@ Date: Tue Jun 27 11:01:08 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 10 10:35:22 2017 +0200 CONTRIBUTING.md: corrected typo [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 16:59:15 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 10:30:04 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 09:40:03 2017 +0200 CONTRIBUTING.md: added section on symbol versioning Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 11:06:18 2017 +0200 libgnutls.map: separated symbols introduced in 3.6.0 @@ -14638,7 +19670,7 @@ Date: Fri Aug 4 11:06:18 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 10:21:06 2017 +0200 tests: added reproducer for private key import leak @@ -14648,7 +19680,7 @@ Date: Wed Aug 9 10:21:06 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 13:18:33 2017 +0200 rnd: use time_t for prng_reseed_time @@ -14658,14 +19690,14 @@ Date: Wed Aug 9 13:18:33 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 10:20:36 2017 +0200 gnutls_x509_privkey_import_pkcs8: fixed memory leak on incorrect key import Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 09:58:17 2017 +0200 tests: added reproducer for memory leak in SRP server @@ -14675,14 +19707,14 @@ Date: Wed Aug 9 09:58:17 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 09:57:49 2017 +0200 gnutls_srp_verifier: corrected memory leak Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 09:52:37 2017 +0200 tests: added reproducer for memory leak in RSA-PSK @@ -14692,21 +19724,21 @@ Date: Wed Aug 9 09:52:37 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 09:52:21 2017 +0200 rsa-psk: corrected memory leak on invalid decrypt Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 10:44:56 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 9 10:41:58 2017 +0200 p11tool: --generate-xxx options were replaced by generate-privkey @@ -14727,42 +19759,42 @@ Date: Mon Aug 7 23:04:05 2017 +0200 Signed-off-by: Tim Rühsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 8 15:03:53 2017 +0200 publickey: fixed incorrect assignment Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 8 15:03:11 2017 +0200 mac: simplified iteration functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 8 14:59:56 2017 +0200 corrected input to gnutls_sign_supports_pk_algorithm Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 8 14:59:44 2017 +0200 extensions: corrected flag check Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 8 15:50:44 2017 +0200 tests: updated for new rsa-pss key in doc/credentials Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 8 12:51:58 2017 +0200 cert selection: prioritize RSA-PSS certs over RSA @@ -14781,7 +19813,7 @@ Date: Tue Aug 8 12:51:58 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 8 11:35:26 2017 +0200 gnutls_certificate_credentials_t: combine privkey into cert_st structure @@ -14792,28 +19824,28 @@ Date: Tue Aug 8 11:35:26 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 8 10:56:17 2017 +0200 tests: verify whether the RSA-PSS key is preferred on RSA-PSS sigs Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 8 09:27:57 2017 +0200 certtool: eliminated unused variable Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 7 16:32:17 2017 +0200 tests: added negative tests in provable-privkey Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 7 16:23:29 2017 +0200 gnutls_pk_params_st: separate flags/qbits and curve @@ -14826,7 +19858,7 @@ Date: Mon Aug 7 16:23:29 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 7 14:55:38 2017 +0200 tests: check whether validation parameters are lost on key re-import @@ -14873,7 +19905,7 @@ Date: Sat Aug 5 10:17:46 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 1 16:17:45 2017 +0200 certtool: silence warnings related to --pkcs8 @@ -14882,7 +19914,7 @@ Date: Tue Aug 1 16:17:45 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 1 15:18:34 2017 +0200 certtool: better print provable key validation parameters @@ -14892,7 +19924,7 @@ Date: Tue Aug 1 15:18:34 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 1 15:11:12 2017 +0200 certtool: provable private keys are always exported in PKCS#8 form @@ -14901,35 +19933,35 @@ Date: Tue Aug 1 15:11:12 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 1 14:43:04 2017 +0200 x509: no longer emit the previous custom format for provable parameters Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 1 14:30:06 2017 +0200 x509: store and read provable seed in PKCS#8 form of key Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 2 10:28:07 2017 +0200 Added information on OID registry Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 1 14:23:31 2017 +0200 pkix.asn: removed unused DomainParameters Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 1 11:29:26 2017 +0200 x509: separated PKIX1 attributes parsing code for cert request handling @@ -14938,7 +19970,7 @@ Date: Tue Aug 1 11:29:26 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 7 09:36:20 2017 +0200 _gnutls_fbase64_decode will always return non-zero @@ -15065,7 +20097,7 @@ Date: Sun Jul 30 03:43:42 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 14:00:27 2017 +0200 sign/digest: separate "brokenness" of signatures and hash algorithms @@ -15075,63 +20107,63 @@ Date: Fri Jul 28 14:00:27 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 13:40:21 2017 +0200 sign: use C99 syntax for signature algorithm's table Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 13:22:51 2017 +0200 .gitlab-ci.yml: enable multiple undefined sub-sanitizers Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 16:40:29 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 31 13:51:56 2017 +0200 p11tool: auto-generate the list of PKCS#11 mechanisms from p11-kit Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 12:11:06 2017 +0200 tests: added unit test for gnutls_x509_privkey_import Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 11:52:28 2017 +0200 tests: added TLS negotiation with various keys under PKCS#11 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 11:48:40 2017 +0200 x509_privkey: handle keys which can only have PKCS#8 form transparently Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 11:00:03 2017 +0200 tests: updated for errors returned due to early signature selection Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 10:30:25 2017 +0200 tests: added check for the negotiation of ext keys @@ -15144,14 +20176,14 @@ Date: Fri Jul 28 10:30:25 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 10:22:29 2017 +0200 privkey: reject signing with ext keys and GNUTLS_PK_RSA_PSS or GNUTLS_PK_EDDSA_ED25519 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 10:09:54 2017 +0200 _gnutls_check_key_cert_match: use the new API for signing @@ -15161,14 +20193,14 @@ Date: Fri Jul 28 10:09:54 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 10:02:59 2017 +0200 privkey: return less specific but more appropriate error on invalid pks for ext keys Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 09:27:03 2017 +0200 prior to negotiating a signature check compatibility with private key @@ -15184,7 +20216,7 @@ Date: Fri Jul 28 09:27:03 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 09:21:59 2017 +0200 pkcs11: mark RSA PKCS#11 key which can do RSA-PSS @@ -15195,7 +20227,7 @@ Date: Fri Jul 28 09:21:59 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 11 11:55:52 2017 +0200 handshake: select a signature algorithm early @@ -15210,63 +20242,63 @@ Date: Tue Jul 11 11:55:52 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 08:46:18 2017 +0200 tests: added basic unit test of gnutls_pkcs11_token_check_mechanism Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 27 18:07:54 2017 +0200 gnutls_pkcs11_token_check_mechanism: introduced function to check token for a particular mechanism Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 10:45:20 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 10:21:06 2017 +0200 x509/output: print error on invalid public key parameters on certificate Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 10:05:29 2017 +0200 gnutls_pk_get_oid: return early on unknown algorithm Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 09:48:42 2017 +0200 tests: check whether the gnutls_x509_*_set_spki will reject invalid values Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 09:34:23 2017 +0200 tests: updated for gnutls_x509_spki_get_rsa_pss_params Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 09:29:12 2017 +0200 tests: added unit test of generation of legal and illegal rsa-pss parameters Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 09:25:31 2017 +0200 spki: combined all exported functions to a single set and get @@ -15277,14 +20309,14 @@ Date: Fri Aug 4 09:25:31 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 09:13:15 2017 +0200 certtool: set RSA-PSS parameters using GNUTLS_KEYGEN_SPKI kdata type Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 4 09:06:32 2017 +0200 introduced error code GNUTLS_E_PK_INVALID_PUBKEY_PARAMS @@ -15294,7 +20326,7 @@ Date: Fri Aug 4 09:06:32 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 3 16:46:32 2017 +0200 gnutls_x509_privkey_generate*: allow specifying the SPKI parameters for key generation @@ -15305,98 +20337,98 @@ Date: Thu Aug 3 16:46:32 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 3 16:29:18 2017 +0200 gnutls_x509_privkey_set_spki: check validity of parameters set Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 3 16:21:26 2017 +0200 gnutls_x509_cr*_set_spki: check for validity of parameters set Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 3 16:16:49 2017 +0200 _gnutls_x509_check_pubkey_params: removed unnecessary parameter Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 3 16:06:06 2017 +0200 tests: added check for import of RSA-PSS key with invalid salt Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 3 15:37:18 2017 +0200 gnutls_pubkey_import_x509: propagate errors from gnutls_x509_crt_get_pk_algorithm Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 3 15:16:08 2017 +0200 _rsa_pss_verify_digest: verify the validity of the salt_size length on verification Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 3 15:08:43 2017 +0200 gnutls_x509_privkey_import: immediately exit on GNUTLS_E_PK_INVALID_PRIVKEY Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 3 15:00:00 2017 +0200 wrap_nettle_pk_fixup: check RSA PSS parameters for validity on import Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 3 11:03:44 2017 +0200 gnutls_x509_*_set_spki: removed arbitrary restrictions to setting parameters Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 28 08:20:16 2017 +0200 tests: added unit test for the SPKI abstract functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 27 11:24:40 2017 +0200 tests: chainverify: included negative and positive tests with RSA-PSS signed chains Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 27 15:03:00 2017 +0200 pct_test: use local SPKI structure to override parameters if not set Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 27 08:44:05 2017 +0200 fixup_spki_params: use GNUTLS_E_CONSTRAINT_ERROR for RSA-PSS violations Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 27 08:28:54 2017 +0200 _gnutls_x509_read_pkalgo_params: initialize params structure @@ -15407,7 +20439,7 @@ Date: Thu Jul 27 08:28:54 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 27 08:14:37 2017 +0200 RSA-PSS parameter checking was moved to lower level functions @@ -15416,7 +20448,7 @@ Date: Thu Jul 27 08:14:37 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 27 07:55:24 2017 +0200 signature security level check were moved to lower level functions @@ -15426,7 +20458,7 @@ Date: Thu Jul 27 07:55:24 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 27 07:19:36 2017 +0200 _wrap_nettle_pk_encrypt: return GNUTLS_E_INVALID_REQUEST on unsupported algorithms @@ -15435,35 +20467,35 @@ Date: Thu Jul 27 07:19:36 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 27 07:10:22 2017 +0200 certtool: print signature algorithm in cert verification output Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 17:51:00 2017 +0200 verify_crt: translate GNUTLS_E_CONSTRAINT_ERROR to verification status flag Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 17:50:33 2017 +0200 x509/sign: in debugging mode print the signature algorithm Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 17:34:14 2017 +0200 _gnutls_x509_validate_sign_params: use GNUTLS_E_CONSTRAINT_ERROR for mismatch of RSA-PSS parameters Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 17:28:00 2017 +0200 _gnutls_x509_read_rsa_pss_params: fail early on unknown hash algorithms @@ -15473,7 +20505,7 @@ Date: Wed Jul 26 17:28:00 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 16:55:02 2017 +0200 gnutls_pubkey_get_preferred_hash_algorithm: will take into account the RSA-PSS SPKI @@ -15483,14 +20515,14 @@ Date: Wed Jul 26 16:55:02 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 16:45:00 2017 +0200 certtool: sign_params_to_flags: use strtok to parse input Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 15:41:51 2017 +0200 certtool: copy SPKI information from private key when available @@ -15499,7 +20531,7 @@ Date: Wed Jul 26 15:41:51 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 15:54:07 2017 +0200 x509/output: Subject Public Key parameters are printed just before actual key @@ -15509,14 +20541,14 @@ Date: Wed Jul 26 15:54:07 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 15:35:15 2017 +0200 gnutls_x509_crt_set_spki: be more verbose in parameter restrictions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 15:07:42 2017 +0200 _gnutls_privkey_update_spki_params: use GNUTLS_E_CONSTRAINT_ERROR on mismatch of hash @@ -15530,42 +20562,42 @@ Date: Wed Jul 26 15:07:42 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 15:00:17 2017 +0200 cert-tests: use .tmp suffix for all tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 14:43:15 2017 +0200 certtool: allow specifying RSA-PSS parameters for key generation Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 14:56:36 2017 +0200 _gnutls_x509_write_rsa_pss_params: refuse to write RSA-PSS parameters we cannot use Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 14:30:03 2017 +0200 certtool: group together common options Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 13:41:46 2017 +0200 tests: modified to account new errors Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 17:58:06 2017 +0200 gnutls_x509_*_get_signature_algorithm: simplified error handling @@ -15577,7 +20609,7 @@ Date: Wed Jul 26 17:58:06 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 13:24:52 2017 +0200 _gnutls_x509_get_signature_algorithm: return negative error code on unknown algorithm @@ -15586,14 +20618,14 @@ Date: Wed Jul 26 13:24:52 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 13:40:31 2017 +0200 compare_sig_algorithm: modify to work even for certs with unsupported signature algorithm Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 09:20:22 2017 +0200 pubkey_verify_hashed_data: simplified and made static @@ -15604,7 +20636,7 @@ Date: Wed Jul 26 09:20:22 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 26 09:16:03 2017 +0200 pubkey_verify_data: accept signature entry instead of PK and hash @@ -15614,14 +20646,14 @@ Date: Wed Jul 26 09:16:03 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 27 17:00:00 2017 +0200 NEWS: documented the SPKI handling functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 13:42:12 2017 +0200 tests: added RSA and RSA PSS key unit tests @@ -15634,14 +20666,14 @@ Date: Tue Jul 25 13:42:12 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 16:52:18 2017 +0200 certtool: do not print error on missing RSA-PSS parameters on key Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 27 16:53:57 2017 +0200 Added convention for missing SubjectPublicKeyInfo params field @@ -15652,7 +20684,7 @@ Date: Thu Jul 27 16:53:57 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 14:01:48 2017 +0200 *set_spki(): return error on incompatible algorithms @@ -15662,7 +20694,7 @@ Date: Tue Jul 25 14:01:48 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 16:33:26 2017 +0200 gnutls_x509_privkey_generate2: do not hardcode the RSA-PSS hash to SHA256 @@ -15673,70 +20705,70 @@ Date: Tue Jul 25 16:33:26 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 14:14:49 2017 +0200 _decode_pkcs8_rsa_pss_key: ensure we set the PSS PK identifier Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 13:38:34 2017 +0200 cleanup: removed duplicate parameter in gnutls_pubkey_st Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 13:28:44 2017 +0200 gnutls_x509_privkey_int: eliminated duplicate pk_algorithm field Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 13:34:50 2017 +0200 cleanup: removed unnecessary/duplicate parameters in _dsa_q_to_hash Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 13:18:05 2017 +0200 cleanup: removed unnecessary/duplicate parameters in functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 13:12:19 2017 +0200 cleanup: removed unnecessary/duplicate parameters in functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 12:01:52 2017 +0200 abstract.h: added functions to read and write SPKI information Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 11:48:58 2017 +0200 gnutls_x509_privkey_set_spki: introduced function to update SPKI on a key Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 24 16:35:50 2017 +0200 tests: added unit test for the SPKI related functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 11:37:04 2017 +0200 x509.h: Renamed SPKI related functions @@ -15747,14 +20779,14 @@ Date: Tue Jul 25 11:37:04 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 09:43:05 2017 +0200 tests: introduced RSA-PSS key exchange with a key fixed to rsa-pss with sha256 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 10:06:10 2017 +0200 _gnutls_pubkey_compatible_with_sig: enforce RSA-PSS requirements @@ -15765,21 +20797,21 @@ Date: Tue Jul 25 10:06:10 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 09:39:32 2017 +0200 tests: eagain-common.h: remove superfluous information Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 08:49:30 2017 +0200 tests: renamed tests for uniformity Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 24 16:15:15 2017 +0200 tests: added unit test for RSA-PSS signing over PKCS#11 @@ -15788,14 +20820,14 @@ Date: Mon Jul 24 16:15:15 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 24 16:05:36 2017 +0200 gnutls_pubkey_verify*: use common function to set RSA-PSS parameters Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 24 11:21:34 2017 +0200 pkcs11: added support for signatures with RSA-PSS @@ -15804,7 +20836,7 @@ Date: Mon Jul 24 11:21:34 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 25 10:16:40 2017 +0200 gnutls_pk_params_st: renamed sign field to spki @@ -15817,7 +20849,7 @@ Date: Tue Jul 25 10:16:40 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 24 10:12:54 2017 +0200 Clarified the purpose of the spki params related functions @@ -15920,14 +20952,14 @@ Date: Wed Aug 2 20:52:57 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 21 15:18:38 2017 +0200 tlsfuzzer: enabled test for ECDHE without the supported groups/EC extension Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 2 17:25:17 2017 +0200 Set a default supported curve @@ -15943,14 +20975,14 @@ Date: Wed Aug 2 17:25:17 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 2 12:58:48 2017 +0200 tlsfuzzer: removed duplicate tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 2 12:55:24 2017 +0200 tlsfuzzer: fixed comment fields @@ -15964,21 +20996,21 @@ Date: Tue Jul 11 08:02:56 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 24 08:39:00 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 08:13:00 2017 +0200 gnutls-cli: use FFDHE3072 parameters for benchmarking Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 1 10:21:37 2017 +0200 _gnutls_figure_dh_params: do not use have_ffdhe flag @@ -15988,35 +21020,35 @@ Date: Tue Aug 1 10:21:37 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 10 12:23:55 2017 +0200 tests: added unit test for group listings in priority structure Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 10 12:05:01 2017 +0200 tests: updated cipher-listings.sh for the new groups listing Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 10 11:46:03 2017 +0200 doc: documented the use of RFC7919 and groups Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 3 10:44:14 2017 +0200 tlsfuzzer: enabled RFC7919 FFDHE tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 3 09:09:27 2017 +0200 tests: enhanced server key exchange tests with explicit DH param setting @@ -16026,7 +21058,7 @@ Date: Mon Jul 3 09:09:27 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 30 16:17:12 2017 +0200 tests: updated for post-RFC7919 behavior of library @@ -16037,14 +21069,14 @@ Date: Fri Jun 30 16:17:12 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 30 15:54:27 2017 +0200 tests: added RFC7919 FFDHE unit tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 30 15:37:00 2017 +0200 cli,serv: do not print any information on compression @@ -16053,7 +21085,7 @@ Date: Fri Jun 30 15:37:00 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 30 15:32:58 2017 +0200 cli,serv: no longer print parameters when FFDHE groups are used @@ -16064,14 +21096,14 @@ Date: Fri Jun 30 15:32:58 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 10 11:57:51 2017 +0200 gnutls-cli: print the supported groups instead of curves Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 10 12:02:13 2017 +0200 gnutls_priority_ecc_curve_list: avoid including groups into elliptic curves list @@ -16086,7 +21118,7 @@ Date: Mon Jul 10 12:02:13 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 2 08:42:37 2017 +0200 handshake: moved group negotiation after ciphersuite selection @@ -16096,14 +21128,14 @@ Date: Wed Aug 2 08:42:37 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 14 10:35:58 2017 +0200 security_parameters: ease access to group information by keeping pointer to it Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 14 10:15:23 2017 +0200 security_parameters: simplified contents by keeping pointer to cipher_suite_entry_st @@ -16113,7 +21145,7 @@ Date: Fri Jul 14 10:15:23 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 27 15:36:04 2017 +0200 TLS: introduced support for RFC7919 groups @@ -16127,28 +21159,28 @@ Date: Tue Jun 27 15:36:04 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 21 16:03:35 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 21 14:21:32 2017 +0200 gnutls-cli: use gnutls_priority_set Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 21 14:20:26 2017 +0200 tests: modified gnutls_priority_set2() tests for gnutls_priority_set() Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 21 12:09:49 2017 +0200 gnutls_priority_set: use reference counting @@ -16158,42 +21190,42 @@ Date: Fri Jul 21 12:09:49 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 21 11:43:27 2017 +0200 Introduced atomic.h to simplify handling of atomic integers Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 21 11:22:31 2017 +0200 Revert "Documented use gnutls_priority_set2()." This reverts commit b4aed16ee30f76211c13b075149bb87c012f9bf6. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 21 10:54:13 2017 +0200 tlsfuzzer: enabled test-ecdsa-sig-flexibility.py Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 21 10:05:44 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 14:48:33 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 14:43:20 2017 +0200 algorithms/mac: marked RIPEMD160 as insecure for certificates @@ -16205,7 +21237,7 @@ Date: Thu Jul 20 14:43:20 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 13:26:46 2017 +0200 tests: partially reverted SHA1 broken tests @@ -16216,7 +21248,7 @@ Date: Thu Jul 20 13:26:46 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 13:18:10 2017 +0200 x509/verify: reject SHA1 in signature algorithms for certificate verification @@ -16229,14 +21261,14 @@ Date: Thu Jul 20 13:18:10 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 13:16:07 2017 +0200 tests: added unit tests for gnutls_sign_is_secure2() Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 12:41:47 2017 +0200 gnutls_sign_is_secure2: introduced @@ -16250,7 +21282,7 @@ Date: Thu Jul 20 12:41:47 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 12:40:34 2017 +0200 _gnutls_digest_is_secure_for_certs: introduced @@ -16260,14 +21292,14 @@ Date: Thu Jul 20 12:40:34 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 12:17:40 2017 +0200 mac: re-organized the hash algorithms table Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 16:28:15 2017 +0200 tests: added reproducer with ed25519 private key @@ -16277,7 +21309,7 @@ Date: Thu Jul 20 16:28:15 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 16:43:18 2017 +0200 Ensure that public key parameters are initialized on import @@ -16288,7 +21320,7 @@ Date: Thu Jul 20 16:43:18 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 16:49:11 2017 +0200 _decode_pkcs8_eddsa_key: ensure that the key size read matches the curve size @@ -16302,21 +21334,21 @@ Date: Thu Jul 20 16:49:11 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 16:40:11 2017 +0200 tlsfuzzer: enabled SNI and other tests from master Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 20 08:22:10 2017 +0200 tests: updated to reflect the fact that invalid dns names are rejected Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 16:32:07 2017 +0200 server_name: several simplifications of the code base @@ -16332,7 +21364,7 @@ Date: Tue Jul 18 16:32:07 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 16:11:05 2017 +0200 server_name: be strict in decoding errors @@ -16341,7 +21373,7 @@ Date: Tue Jul 18 16:11:05 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 11:23:11 2017 +0200 tlsfuzzer: enabled RSA-PSS checks on certificate verify @@ -16350,7 +21382,7 @@ Date: Tue Jul 18 11:23:11 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 11:16:09 2017 +0200 tlsfuzzer: enabled test-extended-master-secret-extension.py @@ -16361,7 +21393,7 @@ Date: Tue Jul 18 11:16:09 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 10:59:23 2017 +0200 ext_master_secret: return proper error code on decoding error @@ -16372,7 +21404,7 @@ Date: Tue Jul 18 10:59:23 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 18 08:07:24 2017 +0200 gnutls-cli: re-use priorities for both client and server on benchmarks @@ -16388,7 +21420,7 @@ Date: Mon Jul 17 19:14:33 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 17 14:06:50 2017 +0200 tests: enhanced SSL3.0 openssl detection in testcompat-openssl @@ -16399,21 +21431,21 @@ Date: Mon Jul 17 14:06:50 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 17 11:57:41 2017 +0200 .gitlab-ci.yml: document that the x86 build is our openssl 1.0.x compat testing as well Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 17 11:08:07 2017 +0200 tests: disable ARCFOUR interop tests if openssl doesn't support the cipher Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 17 08:32:08 2017 +0200 tests: testcompat-openssl: 3DES is explicitly enabled for SSL 3.0 @@ -16447,35 +21479,35 @@ Date: Sat Jul 15 17:43:09 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 17 15:17:08 2017 +0200 tests: introduced tests on public key import-export Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 17 09:31:10 2017 +0200 tests: added sign/verification test using rfc8080 keys Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 17 10:20:41 2017 +0200 tests: verify that a server with an ed25519 key will fail when client does not advertise it Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 17 09:11:59 2017 +0200 tests: privkey-keygen: added unit test for Ed25519 keys Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 17 09:06:52 2017 +0200 privkey_sign_and_hash_data: in pre-hashed schemes, allow empty hash algorithm @@ -16510,7 +21542,7 @@ Date: Fri Jul 14 20:52:49 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 14 14:08:20 2017 +0200 priority: enabled Ed25519 signature by default @@ -16520,14 +21552,14 @@ Date: Fri Jul 14 14:08:20 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 19 10:45:49 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 7 09:50:29 2017 +0200 handshake: return better error code on unwanted algorithm @@ -16538,7 +21570,7 @@ Date: Wed Jun 7 09:50:29 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 7 10:05:50 2017 +0200 tests: added check on Ed25519 chain verification @@ -16548,42 +21580,42 @@ Date: Wed Jun 7 10:05:50 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 11:34:49 2017 +0200 gnutls-cli: added RSA-PSS signatures in benchmark Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 11:47:48 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 11:47:09 2017 +0200 privkey_sign_and_hash_data: added sanity check on param validity Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 10:42:58 2017 +0200 gnutls-cli: added benchmark on X25519-Ed25519 key exchange Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 09:42:22 2017 +0200 tests: pkcs7: added ed25519 basic signing and verification checks Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 09:23:53 2017 +0200 privkey_sign_and_hash_data: handle prehashed signatures @@ -16593,42 +21625,42 @@ Date: Tue Jun 6 09:23:53 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 09:21:48 2017 +0200 pkcs7: improved syntax in if-clause Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 10:14:43 2017 +0200 tests: enhanced OID tests for Ed25519 OIDs Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 2 11:27:34 2017 +0200 tests: key-import-export: added Ed25519 key import/export checks Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 2 09:52:51 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 2 09:44:52 2017 +0200 tests: replaced rsa-pss/eddsa certtool options with --key-type Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 2 09:41:56 2017 +0200 certtool: introduced the --key-type option @@ -16637,28 +21669,28 @@ Date: Fri Jun 2 09:41:56 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 13:02:06 2017 +0200 Renamed GNUTLS_PK_ECDHX to GNUTLS_PK_ECDH_X25519 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 12:53:40 2017 +0200 tests: parse and interpret an EdDSA public key Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 16:23:10 2017 +0200 tests: added TLS handshake test with EdDSA25519 certificates Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 16:22:27 2017 +0200 Allowed Ed25519 signing in TLS handshakes @@ -16667,28 +21699,28 @@ Date: Mon May 29 16:22:27 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 15:23:21 2017 +0200 tests: added tests on EdDSA signature validation using the sign/verify_data APIs Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 17:26:34 2017 +0200 tests: Added unit test on EdDSA key parsing Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 12:52:12 2017 +0200 tests: added Ed25519 key and certificate generation tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 15:20:38 2017 +0200 Added support for EdDSA (Ed25519) curve keys @@ -16715,14 +21747,14 @@ Date: Sat Jul 15 17:54:01 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 14 15:12:11 2017 +0200 tlsfuzzer: enabled chacha20 tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 13 14:50:55 2017 +0200 updated tlsfuzzer @@ -16732,7 +21764,7 @@ Date: Thu Jul 13 14:50:55 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 15:54:38 2017 +0200 tests: csr-invalid.der: modify the SPKI OID to use SECP384R1 @@ -16742,7 +21774,7 @@ Date: Wed Jul 12 15:54:38 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 16:04:49 2017 +0200 x509/output: do not attempt to print the key ID on unknown SPKI algorithms @@ -16752,28 +21784,28 @@ Date: Wed Jul 12 16:04:49 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 15:24:23 2017 +0200 .gitlab-ci.yml: corrected location of artifacts in aarch64 build Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 12 13:44:24 2017 +0200 tests: certtool-rsa-pss: use unique temp files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 11 10:28:16 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 19 15:18:20 2017 +0200 _gnutls_buffer_append_data_prefix: cleanup @@ -16784,28 +21816,28 @@ Date: Mon Jun 19 15:18:20 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 11 10:30:56 2017 +0200 .gitlab-ci.yml: removed unnecessary options from minimal build Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 3 09:52:21 2017 +0200 pubkey: print the failed signature algorithm when verification fails Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 3 09:58:35 2017 +0200 gnutls-cli: added option to allow verification with broken algorithms Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 3 10:06:22 2017 +0200 tls sessions will not fail of insecure algorithms which are explicitly enabled @@ -16816,7 +21848,7 @@ Date: Mon Jul 3 10:06:22 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 13 14:37:00 2017 +0200 tests: mini-record-2: made more robust @@ -16827,7 +21859,7 @@ Date: Thu Jul 13 14:37:00 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 13 14:22:33 2017 +0200 tests: mini-record: made more robust @@ -16837,14 +21869,14 @@ Date: Thu Jul 13 14:22:33 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 13 13:21:29 2017 +0200 record: reject 0-byte long ciphertext Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 11 10:18:56 2017 +0200 record: added sanity checking in the record layer version copy @@ -16856,7 +21888,7 @@ Date: Tue Jul 11 10:18:56 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 3 11:51:20 2017 +0200 record: more precise calculation of max recv size @@ -16867,7 +21899,7 @@ Date: Mon Jul 3 11:51:20 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 14 15:33:01 2017 +0200 decryption: use the same error code on all cases @@ -16876,7 +21908,7 @@ Date: Wed Jun 14 15:33:01 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 3 11:08:49 2017 +0200 gnutls-serv: allow receiving requests up to 16kb @@ -16885,7 +21917,7 @@ Date: Mon Jul 3 11:08:49 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 3 11:19:44 2017 +0200 max_record_recv_size: removed call to gnutls_compression_get() @@ -16894,63 +21926,63 @@ Date: Mon Jul 3 11:19:44 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 11 09:10:39 2017 +0200 Print the requested CA names when in debug mode Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 27 11:00:20 2017 +0200 gnutls-http-serv: do not set the obsolete PGP options Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 11 08:51:07 2017 +0200 doc: updated documentation on client authentication [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 10 09:53:55 2017 +0200 doc: explicitly state intended usage of priorities on server-side Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 4 09:26:57 2017 +0200 doc: use the default priorities in server example Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 26 14:04:37 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 26 10:26:03 2017 +0200 tests: added unit tests for gnutls_priority_set*() Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 26 10:18:33 2017 +0200 Documented use gnutls_priority_set2(). Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 26 10:02:22 2017 +0200 priorities: share priority structures across sessions @@ -16966,7 +21998,7 @@ Date: Mon Jun 26 10:02:22 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 27 11:19:37 2017 +0200 set_client_ciphersuite: use the new internal APIs @@ -16999,14 +22031,14 @@ Date: Sun Jun 25 12:03:46 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 23 14:00:52 2017 +0200 doc: corrected typo Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 23 13:32:09 2017 +0200 Renamed fields of sign_algorithm_st @@ -17016,7 +22048,7 @@ Date: Fri Jun 23 13:32:09 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 23 13:24:48 2017 +0200 handshake: simplified signature algorithm list generation @@ -17027,14 +22059,14 @@ Date: Fri Jun 23 13:24:48 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 23 11:55:23 2017 +0200 Eliminated access to obsolete priority cache fields Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 23 10:34:11 2017 +0200 handshake: simplified the client-side ciphersuite negotiation @@ -17049,7 +22081,7 @@ Date: Fri Jun 23 10:34:11 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 21 11:54:39 2017 +0200 handshake: simplified the server-side ciphersuite negotiation @@ -17065,21 +22097,21 @@ Date: Wed Jun 21 11:54:39 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 21 10:25:32 2017 +0200 priority: include a cache of supported ciphersuites Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 21 09:31:31 2017 +0200 removed unused cipher-suite and KX related functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 21 09:17:57 2017 +0200 algorithm/kx: sorted key exchange algorithms based on current trends @@ -17088,7 +22120,7 @@ Date: Wed Jun 21 09:17:57 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 23 11:07:11 2017 +0200 Removed unused functions @@ -17161,7 +22193,7 @@ Date: Sat Jul 1 18:00:45 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 4 16:12:26 2017 +0200 tlsfuzzer: enabled ALPN tests @@ -17175,7 +22207,7 @@ Date: Wed Jul 5 21:44:19 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 4 16:15:08 2017 +0200 ext/alpn: added stricter checks on field lengths @@ -17185,7 +22217,7 @@ Date: Tue Jul 4 16:15:08 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 4 15:35:25 2017 +0200 gnutls-serv: added the --alpn and --alpn-fatal options @@ -17195,7 +22227,7 @@ Date: Tue Jul 4 15:35:25 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 4 11:42:59 2017 +0200 fuzz: updated server with multiple keys (ECDSA, RSA) and DH parameters [ci skip] @@ -17215,7 +22247,7 @@ Date: Sat Jul 1 10:50:57 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 30 10:04:01 2017 +0200 OCSP: check the subject public key identifier field to figure issuer @@ -17234,7 +22266,7 @@ Date: Fri Jun 30 10:04:01 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 30 09:33:08 2017 +0200 OCSP: added more verbose debug logging on verification @@ -17248,7 +22280,7 @@ Date: Thu Jun 29 21:17:34 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 30 10:43:20 2017 +0200 .travis.yml: do not fail on brew install failures @@ -17276,35 +22308,35 @@ Date: Thu Jun 29 14:28:29 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 14:26:07 2017 +0200 moved compression-related APIs to compat.h Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 08:56:09 2017 +0200 doc: removed any references to compression and documented change Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 16:20:25 2017 +0200 tests: removed tests related to zlib support Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 15:58:35 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 15:36:18 2017 +0200 Removed support for compression mechanisms @@ -17317,7 +22349,7 @@ Date: Mon Jun 5 15:36:18 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 20 13:59:54 2017 +0200 gnutls-cli: be less verbose in OCSP error messages @@ -17328,14 +22360,14 @@ Date: Tue Jun 20 13:59:54 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 20 13:57:15 2017 +0200 gnutls-cli: improved error message of OCSP failure Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 20 09:12:39 2017 +0200 updated auto-generated files @@ -17352,28 +22384,28 @@ Date: Mon Jun 19 20:50:22 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 20 09:09:41 2017 +0200 ocsp: print response's signature algorithm in compact listing Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 20 09:06:01 2017 +0200 ocsptool: verify_response will print information on the response Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 20 08:59:45 2017 +0200 ocsptool: doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 20 08:31:41 2017 +0200 ocsptool: allow combining --load-trust with --verify-response @@ -17411,7 +22443,7 @@ Date: Mon Jun 19 20:27:24 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 14:36:43 2017 +0200 ocsptool: added --load-chain option @@ -17421,7 +22453,7 @@ Date: Fri Jun 16 14:36:43 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 19 08:20:47 2017 +0200 doc update @@ -17495,7 +22527,7 @@ Date: Sun May 28 11:07:50 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 11:26:19 2017 +0200 pkcs11: simplified pkcs11_login() @@ -17504,7 +22536,7 @@ Date: Mon May 29 11:26:19 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 11:11:24 2017 +0200 pkcs11: the GNUTLS_PKCS11_OBJ_FLAG_LOGIN will force a login @@ -17528,70 +22560,70 @@ Date: Sat May 27 07:24:36 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 12:06:36 2017 +0200 Added documentation to legacy openpgp functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 10:58:23 2017 +0200 Removed unnecessary certificate type functionality Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 10:23:19 2017 +0200 NEWS: doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 10:21:52 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 10:21:10 2017 +0200 doc: removed references to openpgp Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 10:14:58 2017 +0200 po: removed openpgp/output.c Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 09:55:44 2017 +0200 guile: removed openpgp related tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 09:30:41 2017 +0200 fuzz: removed the openpgp certificate fuzzer Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 09:03:05 2017 +0200 tools: removed options for openpgp support Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 08:50:32 2017 +0200 Removed support for openpgp certificates and keys @@ -17600,14 +22632,14 @@ Date: Fri Jun 16 08:50:32 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 16 08:38:42 2017 +0200 tests: removed openpgp related tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 7 11:58:25 2017 +0200 tests: added reproducer for assertion trigger @@ -17618,7 +22650,7 @@ Date: Wed Jun 7 11:58:25 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Jun 8 15:42:30 2017 +0200 nettle: ported fix for assertion failure in pss_verify_mgf1 @@ -17635,7 +22667,7 @@ Date: Thu Jun 8 17:33:21 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 15 13:41:36 2017 +0200 doc: simplified the default client example @@ -17644,21 +22676,21 @@ Date: Thu Jun 15 13:41:36 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 15 13:20:51 2017 +0200 tests: added reproducer for OCSP response found test cases Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 15 13:14:23 2017 +0200 fuzz: documented location for OCSP-related reproducers Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 15 12:43:48 2017 +0200 ocsp: added sanity check in returned length @@ -17668,21 +22700,21 @@ Date: Thu Jun 15 12:43:48 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 15 10:37:53 2017 +0200 doc: added/modernized text on AEAD ciphers [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 15 09:09:20 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 15 09:06:49 2017 +0200 tests: improved duplicate extension test @@ -17693,63 +22725,63 @@ Date: Thu Jun 15 09:06:49 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 14 14:15:08 2017 +0200 tests: verify that duplicate extensions are rejected Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 14 13:09:44 2017 +0200 TLS extensions: added duplicate extension check on server side Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 14 11:15:54 2017 +0200 gnutls_init: better naming for internal function Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 13 08:08:56 2017 +0200 tests: added unit test for overriding TLS extensions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 14 11:11:34 2017 +0200 TLS extensions: mark each extension which cannot be overriden Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 14 11:02:49 2017 +0200 TLS extensions: combined the extension data and resumed data structures Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 12 17:31:19 2017 +0200 removed type extension_priv_data_t Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 13 08:02:04 2017 +0200 gnutls_int.h: groupped extension structures together Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 12 14:19:23 2017 +0200 TLS extensions: several simplifications @@ -17759,49 +22791,49 @@ Date: Mon Jun 12 14:19:23 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 14 15:53:13 2017 +0200 .gitlab-ci.yml: FreeBSD system is no longer available; disabling for CI [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 12 10:26:13 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 9 18:53:48 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 9 16:37:48 2017 +0200 doc: added reference to privkey export functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 9 18:29:18 2017 +0200 tests: added basic unit tests for the export_*_raw2() functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 9 18:17:34 2017 +0200 corrected typo in x962 functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 9 16:21:31 2017 +0200 pkcs11: do not set leading zeros on integers @@ -17814,7 +22846,7 @@ Date: Fri Jun 9 16:21:31 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 9 16:20:05 2017 +0200 Introduced functions to export integers with no leading zero @@ -17829,7 +22861,7 @@ Date: Fri Jun 9 16:20:05 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 8 15:03:17 2017 +0200 nettle: use older GMP macros for mpz_mod_2exp and mpz_div_2exp @@ -17838,70 +22870,70 @@ Date: Thu Jun 8 15:03:17 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 8 13:15:00 2017 +0200 _gnutls_ucs2_to_utf8: use void* as pointer type to avoid compiler assumptions on alignment [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 8 13:06:19 2017 +0200 ciphersuites: removed unused function Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 8 13:00:25 2017 +0200 nettle/cipher: document that ctx_ptr is 16-byte aligned, and use void* to avoid compiler assumptions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 8 12:53:44 2017 +0200 certtool: corrected typo in strcmp() use Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 8 11:15:02 2017 +0200 _gnutls_x509_privkey_reinit: ensure fields will not be re-used Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 8 09:25:32 2017 +0200 certtool: improved error message when public key cannot be figured [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 16:05:37 2017 +0200 updated auto-generated files for new signing API Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 16:00:41 2017 +0200 handshake: simplify handshake by using the new signing API Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 13:38:05 2017 +0200 tests: introduced unit tests of the new signing API Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 15:39:52 2017 +0200 abstract API: introduced new signing functions @@ -17913,21 +22945,21 @@ Date: Tue May 30 15:39:52 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 7 11:18:07 2017 +0200 pkix: removed unused definition Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 16:04:53 2017 +0200 gnutls_privkey_st: removed unused element Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 10:34:33 2017 +0200 gnutls_session_get_desc: improved ciphersuite description @@ -17937,77 +22969,77 @@ Date: Tue Jun 6 10:34:33 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 2 11:16:45 2017 +0200 tests: key-import-export: use cert-common.h Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 2 17:04:45 2017 +0200 tests: simplified CPPFLAGS of tests using internal gnutls funcs Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 12:54:24 2017 +0200 tests: key-exchange: added error checking in gnutls_certificate_set_x509_key_mem Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 10:58:33 2017 +0200 _gnutls_check_key_cert_match: account for RSA and RSA-PSS mismatches Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 6 09:49:09 2017 +0200 certtool: fix DER export with --p7-info Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 13:21:38 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 10:01:07 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 09:59:49 2017 +0200 psktool: minor documentation updates Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 09:52:53 2017 +0200 tests: added basic functionality check for psktool Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 09:50:07 2017 +0200 psktool: increased default key size to 256-bits Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 09:39:49 2017 +0200 psktool: do not assume any default key file @@ -18028,7 +23060,7 @@ Date: Wed May 31 12:58:58 2017 -0400 * there is no prompt for a password. do not mention it in the example. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 09:22:44 2017 +0200 tests: added unit test to verify that certificates with non-DER strict time fields are accepted @@ -18037,7 +23069,7 @@ Date: Mon May 29 09:22:44 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 09:15:27 2017 +0200 Tolerate DER time encoding errors @@ -18052,14 +23084,14 @@ Date: Mon May 29 09:15:27 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 10:24:04 2017 +0200 tests: enhanced OID tests with OIDs for SHA3 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 5 10:21:54 2017 +0200 tests: enhanced OID tests with OIDs for RSA-PSS @@ -18073,21 +23105,21 @@ Date: Sun Jun 4 13:56:04 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 31 14:55:19 2017 +0200 _gnutls_PRF: was made inline function Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 31 14:29:10 2017 +0200 tests: added low-level unit tests on TLS 1.0 and 1.2 PRFs Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 31 13:52:03 2017 +0200 prf: implement the TLS 1.0 and 1.2 PRFs using nettle @@ -18097,28 +23129,28 @@ Date: Wed May 31 13:52:03 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 31 12:00:26 2017 +0200 doc: refer to the site for commercial support options Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 31 11:29:08 2017 +0200 tests: mini-record-retvals: include AES-CBC tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 31 11:36:30 2017 +0200 tests: eliminated build warnings Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 31 08:55:54 2017 +0200 tests: combined tables of sign-verify tests @@ -18149,7 +23181,7 @@ Date: Tue May 30 19:25:11 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 16:53:14 2017 +0200 gnutls_x509_privkey_sign_data: wrap over gnutls_privkey_sign_data() @@ -18158,21 +23190,21 @@ Date: Tue May 30 16:53:14 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 16:43:28 2017 +0200 tests: added unit tests for the gnutls_x509_* sign/verify APIs Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 15:23:21 2017 +0200 tests: added tests signature validation using the sign/verify_data APIs Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 16:24:05 2017 +0200 Separated use of GNUTLS_PRIVKEY_FLAG_PROVABLE and GNUTLS_PRIVKEY_SIGN_FLAG_REPRODUCIBLE @@ -18181,14 +23213,14 @@ Date: Tue May 30 16:24:05 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 16:19:25 2017 +0200 _gnutls_privkey_find_sign_params: renamed and simplified Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 15:40:40 2017 +0200 gnutls_privkey_sign_hash: removed duplicate code @@ -18197,14 +23229,14 @@ Date: Tue May 30 15:40:40 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 10:47:12 2017 +0200 GNUTLS_E_INSUFFICIENT_SECURITY: moved to fatal errors Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 16:22:27 2017 +0200 tls-sig: re-organize and simplify the TLS signature generation and verification @@ -18215,7 +23247,7 @@ Date: Mon May 29 16:22:27 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 10:59:53 2017 +0200 tests: modify tests to allow signatures with SHA1 @@ -18225,21 +23257,21 @@ Date: Tue May 30 10:59:53 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 31 10:12:31 2017 +0200 gnutls_pubkey_verify_hash2: do not allow GNUTLS_VERIFY_USE_TLS1_RSA with non-RSA keys Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 10:42:27 2017 +0200 gnutls_pubkey_verify_hash2: check for broken signature algorithms Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 10:13:16 2017 +0200 gnutls_pubkey_verify_data2: do not utilize GNUTLS_VERIFY_USE_RSA_PSS @@ -18249,14 +23281,14 @@ Date: Tue May 30 10:13:16 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 30 10:36:59 2017 +0200 tests: do not utilize GNUTLS_VERIFY_USE_RSA_PSS Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 08:55:47 2017 +0200 certtool: do not ask for password when exporting to PKCS#8 implicitly @@ -18268,21 +23300,21 @@ Date: Mon May 29 08:55:47 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 08:43:14 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 08:37:03 2017 +0200 doc: mention RSA-PSS-SHA* signature algorithms Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 08:33:44 2017 +0200 certtool: replaced rsa-pss-sign with sign-params option @@ -18292,28 +23324,28 @@ Date: Mon May 29 08:33:44 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 29 08:26:41 2017 +0200 certtool: better documentation on rsa-pss-sign Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 13:30:18 2017 +0200 replaced MAX_SIGNATURE_ALGORITHMS macro with MAX_ALGOS Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 13:19:08 2017 +0200 tests: added unit test for gnutls_sign_supports_pk_algorithm() Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 10:44:41 2017 +0200 tls-fuzzer: ignore the incomplete RSA-PSS tests @@ -18323,14 +23355,14 @@ Date: Fri May 26 10:44:41 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 10:06:34 2017 +0200 tests: verify that generated RSA-PSS keys can be read with certtool -k Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 10:01:04 2017 +0200 certtool: use PKCS#8 format for generated RSA-PSS keys @@ -18341,21 +23373,21 @@ Date: Fri May 26 10:01:04 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 09:52:33 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 08:57:11 2017 +0200 tests: x509sign-verify: include ECDSA and RSA-PSS key tests Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 08:22:07 2017 +0200 tlsfuzzer: the test-certificate-verify-malformed check now passes @@ -18366,7 +23398,7 @@ Date: Fri May 26 08:22:07 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 16:35:18 2017 +0200 alert: map GNUTLS_E_PK_SIG_VERIFY_FAILED to GNUTLS_A_DECRYPT_ERROR @@ -18376,7 +23408,7 @@ Date: Thu May 25 16:35:18 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 16:18:25 2017 +0200 Increased the maximum number of signature algorithms @@ -18385,14 +23417,14 @@ Date: Thu May 25 16:18:25 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 14:30:17 2017 +0200 x509sign-verify: corrected test to perform RSA tests on RSA keys Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 14:01:53 2017 +0200 tests: added tests for RSA-PSS key exchange under TLS 1.2 @@ -18401,7 +23433,7 @@ Date: Thu May 25 14:01:53 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 14:53:43 2017 +0200 publickey: map RSA ciphersuites to GNUTLS_PK_RSA_PSS @@ -18410,7 +23442,7 @@ Date: Thu May 25 14:53:43 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 30 06:40:39 2016 +0300 Rework KX -> PK mappings @@ -18421,14 +23453,14 @@ Date: Wed Nov 30 06:40:39 2016 +0300 Signed-off-by: Dmitry Eremin-Solenikov Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 12:45:08 2017 +0200 tests: added TLS 1.2 tests with RSA-PSS signatures on RSA certificates Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 11:50:38 2017 +0200 gnutls_privkey_sign_hash: use the GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS flag @@ -18439,7 +23471,7 @@ Date: Thu May 25 11:50:38 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 11:33:49 2017 +0200 tls-sig: sign with RSA-PSS when requested by negotiated signature algorithm @@ -18452,7 +23484,7 @@ Date: Thu May 25 11:33:49 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 11:19:12 2017 +0200 priority: enabled RSA-PSS signatures by default @@ -18464,7 +23496,7 @@ Date: Thu May 25 11:19:12 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 11:13:23 2017 +0200 ext/signature: accept compatible algorithms with PK @@ -18477,7 +23509,7 @@ Date: Thu May 25 11:13:23 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 11:12:33 2017 +0200 gnutls_pubkey_verify_hash2: corrected operation with RSA-PSS keys @@ -18493,7 +23525,7 @@ Date: Thu May 25 11:12:33 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 10:48:30 2017 +0200 Introduced gnutls_sign_supports_pk_algorithm() @@ -18505,7 +23537,7 @@ Date: Thu May 25 10:48:30 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Thu Mar 16 11:38:58 2017 +0100 x509: implement RSA-PSS signature scheme @@ -18548,14 +23580,14 @@ Date: Thu Mar 16 11:38:58 2017 +0100 Signed-off-by: Daiki Ueno Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 10:19:22 2017 +0200 fuzz: added RSA-PSS certificate Signed-off-by: Nikos Mavrogiannopoulos -Author: Daiki Ueno +Author: Daiki Ueno Date: Fri Mar 31 14:36:46 2017 +0200 build: import files from Nettle for RSA-PSS @@ -18569,21 +23601,21 @@ Date: Sat May 27 07:29:44 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 15:10:17 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 09:39:10 2017 +0200 tests: added unit tests for gnutls_de/encode_rs_value Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 25 08:38:43 2017 +0200 pk: exported gnutls_decode_rs_value() and gnutls_encode_rs_value() @@ -18592,54 +23624,54 @@ Date: Thu May 25 08:38:43 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 12:43:21 2017 +0200 tests: skip x86-specific tests when not in x86 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 10:56:30 2017 +0200 updated auto-generated files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 10:18:09 2017 +0200 tests: tls-fuzzer: corrected unlocking at tls-fuzzer-cert.sh Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 10:42:28 2017 +0200 examples: made a comment that getpass() output needs to be sanitized Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 26 10:13:05 2017 +0200 certtool: avoid printing legacy options in --help Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 24 17:34:31 2017 +0200 Makefile: improved code coverage extraction from lcov output Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 24 15:48:31 2017 +0200 configure: warn when building as static library [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 24 14:01:56 2017 +0200 gnutls_ocsp_status_request_enable_client: removed support for problematic parameters @@ -18653,7 +23685,7 @@ Date: Wed May 24 14:01:56 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 24 11:48:24 2017 +0200 gnutls_ocsp_status_request_enable_client: documented requirements for parameters @@ -18663,7 +23695,7 @@ Date: Wed May 24 11:48:24 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 24 11:38:16 2017 +0200 ext/status_request: Removed the parsing of responder IDs from client extension @@ -18673,7 +23705,7 @@ Date: Wed May 24 11:38:16 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 24 10:46:03 2017 +0200 ext/status_request: ensure response IDs are properly deinitialized @@ -18683,14 +23715,14 @@ Date: Wed May 24 10:46:03 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 24 10:28:28 2017 +0200 tlsfuzzer: enabled ocsp stapling test Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 24 10:17:09 2017 +0200 tlsfuzzer: updated to latest version @@ -18704,7 +23736,7 @@ Date: Tue May 23 09:26:10 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 22 16:43:38 2017 +0200 tests: on cipher override do not run the compatibility checks @@ -18714,7 +23746,7 @@ Date: Mon May 22 16:43:38 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 22 16:41:48 2017 +0200 self-tests: introduced flag GNUTLS_SELF_TEST_FLAG_NO_COMPAT @@ -18723,7 +23755,7 @@ Date: Mon May 22 16:41:48 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 22 16:39:14 2017 +0200 self-tests: all parameter was replaced by flags @@ -18733,7 +23765,7 @@ Date: Mon May 22 16:39:14 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 22 14:41:56 2017 +0200 aarch64: fix AES-GCM in-place encryption and decryption @@ -18742,7 +23774,7 @@ Date: Mon May 22 14:41:56 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 22 11:54:25 2017 +0200 crypto: self-tests: enhance to include compatibility APIs @@ -18754,7 +23786,7 @@ Date: Mon May 22 11:54:25 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 22 14:23:14 2017 +0200 crypto-api: refuse to run gnutls_cipher_init() in full AEAD modes @@ -18765,7 +23797,7 @@ Date: Mon May 22 14:23:14 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 22 09:19:53 2017 +0200 doc: corrected error in gnutls_x509_privkey_sign_data parameters [ci skip] @@ -18839,7 +23871,7 @@ Date: Sat May 20 08:14:59 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat May 20 02:19:17 2017 +0300 gnutls-serv: allow user to specify multiple x509certile/x509keyfile @@ -18852,14 +23884,14 @@ Date: Sat May 20 02:19:17 2017 +0300 Signed-off-by: Dmitry Eremin-Solenikov Signed-off-by: Nikos Mavrogiannopoulos -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu May 18 23:55:57 2017 +0300 Fix two memory leaks in debug output of gnutls tools Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Nov 30 07:13:09 2016 +0300 Don't let GnuTLS headers in NETTLE_CFLAGS override local headers @@ -18893,7 +23925,7 @@ Date: Thu May 4 16:46:14 2017 +0300 Signed-off-by: Karl Tarbe -Author: Andreas Metzler +Author: Andreas Metzler Date: Sun May 14 11:21:07 2017 +0200 Fix autoconf progress message concerning heartbeat [ci skip] @@ -18914,14 +23946,14 @@ Date: Thu May 11 22:01:10 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 10 17:43:32 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 10 17:23:54 2017 +0200 pkcs11_override_cert_exts: do not use CKA_X_DISTRUSTED flag when retrieving @@ -18932,7 +23964,7 @@ Date: Wed May 10 17:23:54 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 10 17:08:11 2017 +0200 tests: added unit test for p11-kit trust store @@ -18942,7 +23974,7 @@ Date: Wed May 10 17:08:11 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 10 16:40:10 2017 +0200 p11tool: added the --provider-opts option @@ -18952,7 +23984,7 @@ Date: Wed May 10 16:40:10 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 10 16:34:25 2017 +0200 pkcs11_add_provider: allow passing parameters to p11-kit trust module @@ -19029,14 +24061,14 @@ Date: Mon May 8 06:13:59 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 10 10:39:22 2017 +0200 Makefile: added phony targets to .PHONY [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 9 14:51:44 2017 +0200 fuzz: doc update [ci skip] @@ -19062,7 +24094,7 @@ Date: Fri Apr 28 17:17:32 2017 -0400 Signed-off-by: Nicolas Dufresne -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat May 6 23:06:45 2017 +0200 tests: added check for PSK client callback in RSA-PSK @@ -19075,7 +24107,7 @@ Date: Sat May 6 23:06:45 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat May 6 22:47:32 2017 +0200 tests: simplified name of mini-rsa-psk check @@ -19085,7 +24117,7 @@ Date: Sat May 6 22:47:32 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 5 14:31:30 2017 +0200 tests: utilize the email_protection_key template option @@ -19095,7 +24127,7 @@ Date: Fri May 5 14:31:30 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 5 14:21:13 2017 +0200 certtool: introduced the email_protection_key option @@ -19106,28 +24138,28 @@ Date: Fri May 5 14:21:13 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Mon May 1 19:20:38 2017 +0200 gnutls-cli: Use CRLF with --starttls-proto=smtp. Closes https://gitlab.com/gnutls/gnutls/issues/200 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 1 01:43:40 2017 +0200 doc: remove libidn from instructions and add libidn2 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 1 00:59:12 2017 +0200 doc: update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 1 00:26:47 2017 +0200 added newline in debug messages [ci skip] @@ -19147,14 +24179,14 @@ Date: Tue Apr 4 20:13:11 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 1 12:44:46 2017 +0200 updated minitasn1 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 1 12:42:57 2017 +0200 gnutls.h: introduced GNUTLS_E_ASN1_TIME_ERROR @@ -19164,7 +24196,7 @@ Date: Mon May 1 12:42:57 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sun Apr 30 13:25:16 2017 +0200 gnutls_pkcs12_simple_parse: set to null vars after deinitialization @@ -19174,7 +24206,7 @@ Date: Sun Apr 30 13:25:16 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sun Apr 30 12:52:51 2017 +0200 tests: enhance with checks to verify that textual IPs are not matched @@ -19185,7 +24217,7 @@ Date: Sun Apr 30 12:52:51 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Apr 29 13:30:50 2017 +0200 gnutls_x509_crt_check_hostname2: no match dns fields against IPs @@ -19198,14 +24230,14 @@ Date: Sat Apr 29 13:30:50 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sun Apr 30 12:45:19 2017 +0200 tests: check against symbols present only in IDNA2003 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Apr 29 14:00:24 2017 +0200 gnutls_idna_map: fallback to IDNA2008 transitional encoding on failure @@ -19215,14 +24247,14 @@ Date: Sat Apr 29 14:00:24 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 28 23:12:19 2017 +0200 fuzz: fix leaks in PKCS#12 fuzzer Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 28 22:46:48 2017 +0200 pkcs12: release CRL data on error path @@ -19232,35 +24264,35 @@ Date: Fri Apr 28 22:46:48 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 25 12:01:25 2017 +0200 doc: added gnutls_ext_flags_t enumeration Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 25 11:55:10 2017 +0200 _gnutls_base64_decode: corrected leak on decoding error Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 25 11:08:47 2017 +0200 tests: fixed expected error code in base64 check Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 25 15:15:27 2017 +0200 certtool: ensure no leaks on pkcs12_info() error paths Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 25 11:02:01 2017 +0200 tests: added reproducer for mem leak in PKCS#12 decoding @@ -19270,7 +24302,7 @@ Date: Tue Apr 25 11:02:01 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 25 10:59:58 2017 +0200 pkcs12: eliminate mem leaks in _pkcs12_decode_safe_contents @@ -19281,21 +24313,21 @@ Date: Tue Apr 25 10:59:58 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 25 10:48:46 2017 +0200 cleanups in _pkcs12_decode_safe_contents Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 25 10:36:22 2017 +0200 pkcs12: clean ups in PKCS#12 parsing Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 24 14:16:24 2017 +0200 Added explicit check for the bounds of the generated 'd'. @@ -19304,7 +24336,7 @@ Date: Mon Apr 24 14:16:24 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 24 13:06:45 2017 +0200 fips140-2: enhanced check of generated parameters @@ -19314,7 +24346,7 @@ Date: Mon Apr 24 13:06:45 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 24 13:11:04 2017 +0200 dsa-fips.h: include nettle/bignum.h to allow compilation under nettle-mini @@ -19323,14 +24355,14 @@ Date: Mon Apr 24 13:11:04 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 25 09:50:08 2017 +0200 tests: added base64 reproducer of mem leak Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 24 13:28:39 2017 +0200 doc update [ci skip] @@ -19348,42 +24380,42 @@ Date: Sun Apr 23 11:54:38 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 21 09:28:47 2017 +0200 _gnutls_base64_decode: addressed memory leak in decoding Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 21 09:19:56 2017 +0200 gnutls_pem_base64_decode: allow decoding raw base64 data Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 21 09:14:18 2017 +0200 tests: check whether gnutls_pem_base64_decode2 decodes with null argument Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 21 09:12:51 2017 +0200 Revert "gnutls_pem_base64_decode: allow decoding raw base64 data" This reverts commit fa86fc6892d6551340f24da6a6af4f484a62b884. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 20 16:34:56 2017 +0200 doc: clarifications on custom thread override [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 20 14:03:39 2017 +0200 fuzz: added PEM base64 decoder and encoder fuzzers [ci skip] @@ -19490,14 +24522,14 @@ Date: Fri Apr 7 22:37:54 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 16:56:06 2017 +0200 .gitlab-ci.yml: added runs under the PKCS#11 trust store in fedora Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 16:51:46 2017 +0200 tests: use gnutls_global_init instead of global_init @@ -19508,14 +24540,14 @@ Date: Fri Apr 7 16:51:46 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 14:42:10 2017 +0200 tests: added checks with certificates that contain invalid time field Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 14:33:29 2017 +0200 x509/time: reject invalid dates in local mktime() @@ -19524,28 +24556,28 @@ Date: Fri Apr 7 14:33:29 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 14:25:34 2017 +0200 certtool: added newline in error message Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 14:09:31 2017 +0200 tests: added basic check for systemkey tool Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 14:05:45 2017 +0200 systemkey: improved error message on unsupported systems Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 14:00:41 2017 +0200 tests: enhanced tofu trustdb checks @@ -19555,7 +24587,7 @@ Date: Fri Apr 7 14:00:41 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 10:35:33 2017 +0200 tests: do not run pkgconfig test in systems with invalid libidn flags @@ -19565,42 +24597,42 @@ Date: Fri Apr 7 10:35:33 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 13:30:16 2017 +0200 doc: fixed tpmtool and psktool documentation Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 09:39:50 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 09:38:45 2017 +0200 tests: added unit tests for the base64 raw decoding functions Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 09:37:10 2017 +0200 gnutls_pem_base64_decode: allow decoding raw base64 data Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 09:26:01 2017 +0200 x509/output: do not print usage entry when there is none Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 7 09:21:19 2017 +0200 certtool: improved printing of the key PIN and key ID @@ -19611,21 +24643,21 @@ Date: Fri Apr 7 09:21:19 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 6 18:34:56 2017 +0200 .gitlab-ci.yml: fixed freebsd build project restriction Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 6 18:18:02 2017 +0200 certtool: print the key PIN on private and public keys Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 6 18:09:14 2017 +0200 gnutls_pem_base64_encode2: do raw base64 when msg is NULL @@ -19642,21 +24674,21 @@ Date: Fri Apr 7 08:33:54 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 6 11:53:33 2017 +0200 fuzz: do not enable the openpgp fuzzer when openpgp is disabled Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 14:50:43 2017 +0200 serv: fixed carriage return stripping in strip() Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 14:47:30 2017 +0200 Mark with (void) the remove() function and other unchecked functions @@ -19665,49 +24697,49 @@ Date: Wed Apr 5 14:47:30 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 14:29:16 2017 +0200 gnutls-cli: fixed minor coverity identified issues Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 14:26:52 2017 +0200 certtool: fixed newline skip code in smime-to-p7 code Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 14:12:03 2017 +0200 tests: added unit test for the certtool smime conversion functionality Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 13:41:36 2017 +0200 certtool: fixed minor issues pointed out by coverity Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 13:38:06 2017 +0200 gnutls-cli: better resource management in benchmark cmd Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 13:30:22 2017 +0200 is_level_acceptable: ensure issuer is not dereferenced when null Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 13:25:08 2017 +0200 certtool: guard the value of tl before gnutls_pkcs7_verify @@ -19716,7 +24748,7 @@ Date: Wed Apr 5 13:25:08 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 13:20:44 2017 +0200 Avoid using ASN1_MAX_NAME_SIZE directly @@ -19728,14 +24760,14 @@ Date: Wed Apr 5 13:20:44 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 13:15:38 2017 +0200 gnutls_x509_crq_set_challenge_password: don't accept null password Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 13:13:26 2017 +0200 Mark with (void) the functions where the returned value is not checked intentionally @@ -19744,14 +24776,14 @@ Date: Wed Apr 5 13:13:26 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 13:08:11 2017 +0200 removed duplicate code Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 12:47:03 2017 +0200 handshake/record: mark with comments all expected fall-through switches @@ -19761,70 +24793,70 @@ Date: Wed Apr 5 12:47:03 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 12:42:18 2017 +0200 gnutlsxx.cpp: fixed misleading indentation issues Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 12:39:23 2017 +0200 doc: document intended fallthrough Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 12:36:52 2017 +0200 tests: fixed possible buffer overflow to avoid spurious complaints Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 12:34:56 2017 +0200 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 11:54:45 2017 +0200 x509.h: added macro for inhibit any policy Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 11:50:29 2017 +0200 NEWS: updated Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 10:24:17 2017 +0200 doc: documented the inhibit any policy extension Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 11:08:09 2017 +0200 tests: added PKCS#12 unit test with AES file Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 16:36:48 2017 +0200 tests: added unit test for inhibit anypolicy generation Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 15:36:47 2017 +0200 supported_exts: inhibit anypolicy is listed as supported @@ -19835,7 +24867,7 @@ Date: Wed Apr 5 15:36:47 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 16:27:34 2017 +0200 certtool: added template option inhibit_anypolicy_skip_certs @@ -19844,21 +24876,21 @@ Date: Tue Apr 4 16:27:34 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 16:25:47 2017 +0200 x509: output the inhibit anyPolicy value Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 10:29:32 2017 +0200 documented the GNUTLS_X509_OID_POLICY_ANY macro Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 16:03:34 2017 +0200 x509: added function to set and retrieve inhibit anypolicy extension value @@ -19871,14 +24903,14 @@ Date: Tue Apr 4 16:03:34 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 15:53:05 2017 +0200 _gnutls_x509_write_uint32: ensure we prepend leading zero when writing Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 15:46:45 2017 +0200 Added helper functions to parse the inhibit anyPolicy X.509 extension @@ -19889,7 +24921,7 @@ Date: Tue Apr 4 15:46:45 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 15:22:06 2017 +0200 tests: added unit test for PKCS#12 with file that uses PBES1 with no salt @@ -19930,7 +24962,7 @@ Date: Wed Apr 5 11:15:45 2017 -0700 Signed-off-by: David Caldwell -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 10:11:01 2017 +0200 mpi: openpgp integer scanning was put into conditional @@ -19940,7 +24972,7 @@ Date: Wed Apr 5 10:11:01 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 29 12:38:34 2017 +0200 Moved all openpgp-related variables and definitions into ifdef blocks @@ -19949,7 +24981,7 @@ Date: Wed Mar 29 12:38:34 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 29 09:55:36 2017 +0200 OpenPGP authentication is disabled by default @@ -19961,21 +24993,21 @@ Date: Wed Mar 29 09:55:36 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 08:50:53 2017 +0200 tools: remove outfile when exited on error Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 08:32:48 2017 +0200 certtool: added examples on verifying certificates Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 5 08:12:17 2017 +0200 certtool: improved documentation @@ -19984,28 +25016,28 @@ Date: Wed Apr 5 08:12:17 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 15:22:06 2017 +0200 tests: added unit test for PKCS#12 with file that uses PBES1 with no salt Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 11:28:27 2017 +0200 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 12:52:14 2017 +0200 tests: add unit test for PKCS#12 with file that uses SHA512 for MAC Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 12:11:27 2017 +0200 pkcs12: increased the maximum salt size @@ -20014,7 +25046,7 @@ Date: Tue Apr 4 12:11:27 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 12:01:15 2017 +0200 _gnutls_pkcs12_string_to_key: allow SHA384 and SHA512 @@ -20024,7 +25056,7 @@ Date: Tue Apr 4 12:01:15 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 11:25:22 2017 +0200 PKCS#12: added support for files with zero salt length in MAC @@ -20034,14 +25066,14 @@ Date: Tue Apr 4 11:25:22 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 11:19:23 2017 +0200 tests: added unit test for PKCS#12 with file with no salt in MAC Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 3 09:44:43 2017 +0200 tests: verify that the encryption OID is printed @@ -20052,7 +25084,7 @@ Date: Mon Apr 3 09:44:43 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 3 09:35:31 2017 +0200 gnutls_pkcs8_info: return the encryption algorithm OID on failure @@ -20065,7 +25097,7 @@ Date: Mon Apr 3 09:35:31 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 4 10:26:43 2017 +0200 gnutls_transport_set_pull_timeout_function: doc update [ci skip] @@ -20075,7 +25107,7 @@ Date: Tue Apr 4 10:26:43 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Sun Apr 2 17:56:15 2017 +0200 Use NORMAL priority for SSLv23_*_method. @@ -20166,7 +25198,7 @@ Date: Fri Mar 31 20:53:19 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 31 16:27:03 2017 +0200 tests: added checks with problematic PKCS#12 files @@ -20176,7 +25208,7 @@ Date: Fri Mar 31 16:27:03 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 31 16:17:07 2017 +0200 gnutls_pkcs8_info: do not free oid on GNUTLS_E_UNKNOWN_CIPHER_TYPE @@ -20193,7 +25225,7 @@ Date: Thu Mar 30 19:58:22 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 29 14:08:26 2017 +0200 Makefile.am: dropped .clcopying from dist files [ci skip] @@ -20202,7 +25234,7 @@ Date: Wed Mar 29 14:08:26 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 29 10:40:31 2017 +0200 Simplified the generation of ChangeLog [ci skip] @@ -20212,7 +25244,7 @@ Date: Wed Mar 29 10:40:31 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 28 09:05:38 2017 +0200 tests: added global locks on tls-fuzzer tests @@ -20222,14 +25254,14 @@ Date: Tue Mar 28 09:05:38 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 28 09:01:25 2017 +0200 cert: ensure that there are no leftovers in certificate msg Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 28 08:58:29 2017 +0200 testsuite: added tlsfuzzer certificate requiring tests @@ -20239,28 +25271,28 @@ Date: Tue Mar 28 08:58:29 2017 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 28 08:40:32 2017 +0200 alert: return GNUTLS_A_BAD_CERTIFICATE on GNUTLS_E_PK_SIG_VERIFY_FAILED Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 28 09:28:44 2017 +0200 fuzz: updated pkcs12 corpus Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 27 17:40:23 2017 +0200 fuzz: added PKCS#12 file parser fuzzer Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 27 17:28:08 2017 +0200 doc update @@ -20322,12 +25354,12 @@ Date: Sat Mar 25 21:44:53 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 23 08:03:52 2017 +0100 gnutls.pc: don't include zlib twice in private libs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 23 11:39:34 2017 +0100 tests: create-chain.sh: do not explicitly set serial @@ -20337,14 +25369,14 @@ Date: Thu Mar 23 11:39:34 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 23 11:34:07 2017 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 22 09:39:12 2017 +0100 tests: added mini-x509-ipaddr @@ -20354,7 +25386,7 @@ Date: Wed Mar 22 09:39:12 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 22 09:00:09 2017 +0100 Introduced GNUTLS_DT_IP_ADDRESS @@ -20364,14 +25396,14 @@ Date: Wed Mar 22 09:00:09 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 12:19:35 2017 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 17 15:04:50 2017 +0100 tests: check whether we fallback to CN unconditionally @@ -20381,7 +25413,7 @@ Date: Fri Mar 17 15:04:50 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 17 15:01:12 2017 +0100 gnutls_x509_crt_check_hostname2: do not fallback to CN unconditionally @@ -20393,14 +25425,14 @@ Date: Fri Mar 17 15:01:12 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 17 14:50:10 2017 +0100 tests: added unit test of GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 17 14:43:36 2017 +0100 Introduced verification flag GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES @@ -20412,21 +25444,21 @@ Date: Fri Mar 17 14:43:36 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 17 14:37:21 2017 +0100 updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 16 11:38:19 2017 +0100 tests: added unit test for gnutls_x509_crt_check_ip Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 16 10:07:37 2017 +0100 Added gnutls_x509_crt_check_ip() @@ -20442,21 +25474,21 @@ Date: Thu Mar 16 10:07:37 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 14:07:22 2017 +0100 tests: added unit test of gnutls_pubkey_verify_data2 override flags Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 13:47:09 2017 +0100 tests: keygen -> privkey-keygen Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 13:20:02 2017 +0100 _gnutls_check_key_cert_match: allow broken sigs @@ -20466,14 +25498,14 @@ Date: Tue Mar 21 13:20:02 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 13:14:24 2017 +0100 .gitignore: more files to ignore Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 13:12:07 2017 +0100 Use a common function to decide acceptable signatures @@ -20484,7 +25516,7 @@ Date: Tue Mar 21 13:12:07 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 13:01:51 2017 +0100 check_ocsp_response: utilize the same flags as in certificate verification @@ -20494,7 +25526,7 @@ Date: Tue Mar 21 13:01:51 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 14:34:37 2017 +0100 extensions: print the name/type of any unexpected extension @@ -20518,7 +25550,7 @@ Date: Sat Mar 18 17:56:42 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 10:11:54 2017 +0100 tests: improved tls-rehandshake tests @@ -20528,7 +25560,7 @@ Date: Tue Mar 21 10:11:54 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 09:42:59 2017 +0100 tests: check whether a rehandshake without a cert works @@ -20540,7 +25572,7 @@ Date: Tue Mar 21 09:42:59 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 09:36:18 2017 +0100 handshake: reset cert request state on handshake init @@ -20551,7 +25583,7 @@ Date: Tue Mar 21 09:36:18 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 21 07:59:37 2017 +0100 Revert "nettle/rnd: use gettime() instead of gnutls_time()" @@ -20567,7 +25599,7 @@ Date: Mon Mar 20 23:00:06 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 20 16:31:42 2017 +0100 nettle/rnd: use gettime() instead of gnutls_time() @@ -20578,12 +25610,12 @@ Date: Mon Mar 20 16:31:42 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 20 13:29:42 2017 +0100 doc: updated RNG documentation to reflect the previous changes -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 20 13:23:39 2017 +0100 nettle/rnd: re-seed both key and nonce levels based on time @@ -20593,7 +25625,7 @@ Date: Mon Mar 20 13:23:39 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 20 13:13:11 2017 +0100 nettle/pk: use nonce level for RSA padding @@ -20629,21 +25661,21 @@ Date: Fri Mar 17 23:33:01 2017 +0200 Signed-off-by: Martin Storsjo -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 17 10:47:33 2017 +0100 gnutls.h: added definitions to obtain the maximum element in several enumerations Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 16 14:29:10 2017 +0100 tests: added basic unit tests for several string functions of libs Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 24 09:44:55 2017 +0100 doc update @@ -20657,7 +25689,7 @@ Date: Mon Mar 13 22:51:57 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 17:17:32 2017 +0100 tests: check the flag GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1 @@ -20667,7 +25699,7 @@ Date: Mon Mar 13 17:17:32 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 17:13:48 2017 +0100 Introduced flag GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1 @@ -20679,7 +25711,7 @@ Date: Mon Mar 13 17:13:48 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 17:06:47 2017 +0100 Introduced the %VERIFY_ALLOW_BROKEN priority string option @@ -20688,7 +25720,7 @@ Date: Mon Mar 13 17:06:47 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 17:00:22 2017 +0100 Allow reverting the SHA1 ban as a signature algorithm @@ -20698,7 +25730,7 @@ Date: Mon Mar 13 17:00:22 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 24 12:36:46 2017 +0100 p11tool: test-sign operation using SHA256 instead of SHA1 @@ -20708,14 +25740,14 @@ Date: Fri Feb 24 12:36:46 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 24 09:42:26 2017 +0100 tests: updated to account SHA1 move to broken set Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 24 08:35:34 2017 +0100 algorithms: tag SHA1 as insecure algorithm @@ -20728,28 +25760,28 @@ Date: Fri Feb 24 08:35:34 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 16 14:02:05 2017 +0100 README.md: updated coverage links [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 16 08:25:52 2017 +0100 tests: removed unneeded ifdef in tlsext-decoding.c Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 16 09:04:24 2017 +0100 doc: updated RNG design Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 15 14:21:43 2017 +0100 nettle/rnd: introduced time limit for key generator @@ -20761,7 +25793,7 @@ Date: Wed Mar 15 14:21:43 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 15 15:11:14 2017 +0100 _gnutls_pk_generate_keys: separate between ephemeral and long-term keys @@ -20770,7 +25802,7 @@ Date: Wed Mar 15 15:11:14 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 15 14:46:54 2017 +0100 nettle/pk: use the nonce level for digital signatures @@ -20813,7 +25845,7 @@ Date: Wed Mar 15 05:17:37 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 14 16:43:34 2017 +0100 .gitlab-ci.yml: remove -Werror compilation from scan-build @@ -20857,7 +25889,7 @@ Date: Mon Mar 13 20:13:49 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 15:21:40 2017 +0100 pkcs11: re-open privkey session handle on CKR_SESSION_HANDLE_INVALID @@ -20867,7 +25899,7 @@ Date: Mon Mar 13 15:21:40 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 15:15:31 2017 +0100 tests: pkcs11-mock lib: check object session sanity prior to using it @@ -20877,7 +25909,7 @@ Date: Mon Mar 13 15:15:31 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 9 11:21:50 2017 +0100 tests: added an OCSP response parsing coverage test @@ -20888,7 +25920,7 @@ Date: Thu Mar 9 11:21:50 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 9 08:14:32 2017 +0100 tests: added a certificate parsing coverage test @@ -20899,49 +25931,49 @@ Date: Thu Mar 9 08:14:32 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 09:39:03 2017 +0100 .gitignore: more files to ignore Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 09:33:29 2017 +0100 tests: added unit tests for gnutls_pkcs11_token_get_mechanism Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 09:28:25 2017 +0100 tests: included unit test for gnutls_pkcs11_obj_export Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 09:23:37 2017 +0100 tests: added unit test for gnutls_pkcs11_reinit() Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 09:17:42 2017 +0100 tests: added unit tests for gnutls_pkcs11_obj_get_info Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 09:17:07 2017 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 13 09:14:15 2017 +0100 gnutls_pkcs11_obj_get_info: don't include the terminator into output size @@ -20994,7 +26026,7 @@ Date: Sun Mar 12 14:29:14 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 10 17:37:10 2017 +0100 pkcs11: re-open private key session inside a locked section @@ -21004,7 +26036,7 @@ Date: Fri Mar 10 17:37:10 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 10 17:12:50 2017 +0100 pkcs11: introduced locks to PKCS#11 private key structure @@ -21014,7 +26046,7 @@ Date: Fri Mar 10 17:12:50 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 10 17:04:20 2017 +0100 tests: introduced check for parallel operation (signatures) in PKCS#11 mode @@ -21051,42 +26083,42 @@ Date: Sat Mar 11 10:28:50 2017 -0500 Signed-off-by: Alex Gaynor -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 9 15:50:24 2017 +0100 fuzz: document how to run AFL [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 9 10:57:28 2017 +0100 fuzz: added initial corpus for the OCSP request parser Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 17:09:59 2017 +0100 fuzz: added initial corpus for OCSP response parser Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 17:01:59 2017 +0100 fuzz: added OCSP structure parsers Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 16:51:39 2017 +0100 fuzz: increased minimized set of X.509 certificates Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 9 12:57:41 2017 +0100 PKCS8/PKCS12: enforce a maximum number of iterations @@ -21107,7 +26139,7 @@ Date: Wed Mar 8 14:52:38 2017 -0500 Signed-off-by: Alex Gaynor -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 9 11:25:54 2017 +0100 Revert ".gitlab-ci.yml: include coverage statistics of FIPS140-2 code" @@ -21117,7 +26149,7 @@ Date: Thu Mar 9 11:25:54 2017 +0100 and significant benefit (the extend of the FIPS140 code is limited to have any impact on the overall coverage). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 9 10:52:59 2017 +0100 sysrng-linux: define _rnd_get_system_entropy unconditionally @@ -21126,7 +26158,7 @@ Date: Thu Mar 9 10:52:59 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 16:00:02 2017 +0100 tests: dtls-stress: use X.509 certificates instead of openpgp @@ -21143,7 +26175,7 @@ Date: Tue Mar 7 22:52:31 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 11:32:31 2017 +0100 doc update @@ -21160,14 +26192,14 @@ Date: Tue Mar 7 22:36:16 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 15:00:06 2017 +0100 doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 14:58:14 2017 +0100 tests: split PKCS#12 encoding from decoding tests @@ -21177,14 +26209,14 @@ Date: Wed Mar 8 14:58:14 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 14:47:20 2017 +0100 tests: added PKCS#12 file decoding containing a CRL Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 14:40:15 2017 +0100 certtool: enhance to allow writing CRLs in PKCS#12 files @@ -21194,14 +26226,14 @@ Date: Wed Mar 8 14:40:15 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 14:21:30 2017 +0100 tests: added CRL decoding unit tests using certtool Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 14:04:32 2017 +0100 tests: enhanced basic tests in CRL parsing @@ -21210,7 +26242,7 @@ Date: Wed Mar 8 14:04:32 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 13:50:55 2017 +0100 Rewritten gnutls_x509_rdn_get() and gnutls_x509_rdn_get2() @@ -21219,7 +26251,7 @@ Date: Wed Mar 8 13:50:55 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 13:43:36 2017 +0100 tests: added checks for the old DN decoding functions @@ -21240,21 +26272,21 @@ Date: Tue Mar 7 22:47:55 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 13:22:59 2017 +0100 tests: x509-verify: print the keys on failure Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 13:17:15 2017 +0100 gnutls_privkey_export_x509: doc update Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 13:07:08 2017 +0100 tests: split sign-verify test to RSA and ECDSA parts @@ -21264,14 +26296,14 @@ Date: Wed Mar 8 13:07:08 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 11:52:25 2017 +0100 tests: adjusted for the removal of HMAC-MD5 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 11:48:28 2017 +0100 priority: do not enable HMAC-MD5 by default @@ -21290,7 +26322,7 @@ Date: Tue Mar 7 23:10:43 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 8 10:48:40 2017 +0100 gnutls.h: introduced GNUTLS_E_TLS_PACKET_DECODING_ERROR [ci skip] @@ -21323,7 +26355,7 @@ Date: Mon Mar 6 23:21:33 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 6 15:28:01 2017 +0100 .gitlab-ci.yml: include subdirs of suite/ in artifacts @@ -21341,14 +26373,14 @@ Date: Mon Mar 6 23:11:39 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 6 14:30:19 2017 +0100 _gnutls_proc_x509_server_crt: return GNUTLS_E_CERTIFICATE_ERROR on parsing error Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 6 14:21:45 2017 +0100 alert: GNUTLS_E_NO_CERTIFICATE_FOUND maps to GNUTLS_A_DECODE_ERROR @@ -21359,7 +26391,7 @@ Date: Mon Mar 6 14:21:45 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 6 13:51:33 2017 +0100 read_client_hello: use integer for extensions size @@ -21372,21 +26404,21 @@ Date: Mon Mar 6 13:51:33 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 3 16:33:57 2017 +0100 ext/signature: reject an extension with padded data Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 3 16:18:44 2017 +0100 ext/signature: reject an extension size of zero Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 3 15:58:19 2017 +0100 gnutls_record_recv: do not accept a client hello while handshake is in progress @@ -21396,14 +26428,14 @@ Date: Fri Mar 3 15:58:19 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 3 15:16:59 2017 +0100 read_client_hello: fail early on illegally formatted message Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 2 17:57:57 2017 +0100 _gnutls_parse_extensions: do not fail on empty extensions field @@ -21414,14 +26446,14 @@ Date: Thu Mar 2 17:57:57 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 2 17:53:55 2017 +0100 alert: GNUTLS_E_PK_INVALID_PUBKEY maps to GNUTLS_A_ILLEGAL_PARAMETER Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 2 17:48:31 2017 +0100 alerts: separated record overflow from decode error alerts @@ -21430,7 +26462,7 @@ Date: Thu Mar 2 17:48:31 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 2 17:42:51 2017 +0100 auth: failures of _gnutls_mpi_init_scan_nz map to GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER @@ -21440,12 +26472,12 @@ Date: Thu Mar 2 17:42:51 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 7 11:49:45 2017 +0100 doc: updated tlsproxy to latest version -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 18 14:17:18 2016 +0200 testsuite: added tlsfuzzer @@ -21487,7 +26519,7 @@ Date: Mon Mar 6 22:35:41 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 10:22:04 2017 +0100 nettle/rnd-fips: combined the FIPS-compliant generators to two @@ -21496,7 +26528,7 @@ Date: Wed Mar 1 10:22:04 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 10:18:14 2017 +0100 nettle/rnd: use two random generators instead of 3 @@ -21508,7 +26540,7 @@ Date: Wed Mar 1 10:18:14 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 10:04:18 2017 +0100 doc: updated the PRNG documentation to utilize two PRNG instances @@ -21517,14 +26549,14 @@ Date: Wed Mar 1 10:04:18 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 27 11:37:39 2017 +0100 doc: document the state of PRNG in GnuTLS 3.6.0 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 27 11:51:18 2017 +0100 nettle/pk: corrected call to gnutls_rnd() for rnd_nonce_func @@ -21574,7 +26606,7 @@ Date: Sun Feb 26 19:11:51 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 23 10:44:43 2017 +0100 rnd: reduce calls to _rnd_get_system_entropy @@ -21587,7 +26619,7 @@ Date: Thu Feb 23 10:44:43 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 21 11:48:08 2017 +0100 rnd: when reseeding the generators use the next best generator @@ -21598,7 +26630,7 @@ Date: Tue Feb 21 11:48:08 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 21 11:11:31 2017 +0100 tests: verify whether crypto operations fail @@ -21608,7 +26640,7 @@ Date: Tue Feb 21 11:11:31 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 21 11:05:48 2017 +0100 Added _gnutls_lib_force_operational @@ -21619,7 +26651,7 @@ Date: Tue Feb 21 11:05:48 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 21 10:56:44 2017 +0100 pk: always use _gnutls_switch_lib_state @@ -21631,7 +26663,7 @@ Date: Tue Feb 21 10:56:44 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 21 10:43:56 2017 +0100 rnd: switched to 3 chacha-based PRNGs for all security levels @@ -21647,14 +26679,14 @@ Date: Tue Feb 21 10:43:56 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sun Feb 19 10:40:44 2017 +0100 rnd: aligned type of data counter with input data type (size_t) Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sun Feb 19 09:57:39 2017 +0100 random: keep global list of initialized contexts @@ -21664,7 +26696,7 @@ Date: Sun Feb 19 09:57:39 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Feb 18 21:47:33 2017 +0100 rnd: removed call of _rnd_system_entropy_deinit on deinit @@ -21673,7 +26705,7 @@ Date: Sat Feb 18 21:47:33 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 27 13:52:23 2017 +0100 Removed locks from internal rng @@ -21682,7 +26714,7 @@ Date: Fri Jan 27 13:52:23 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 27 10:21:56 2017 +0100 Use a thread local random generator. @@ -21802,12 +26834,12 @@ Date: Fri Mar 3 08:27:23 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 12:51:47 2017 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 11:59:50 2017 +0100 tests: chainverify: incorporated the tests for unknown critical extensions @@ -21818,7 +26850,7 @@ Date: Wed Mar 1 11:59:50 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 11:47:17 2017 +0100 x509.h: introduced flag GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS @@ -21829,7 +26861,7 @@ Date: Wed Mar 1 11:47:17 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 27 16:54:33 2017 +0100 tests: verify that critical extensions can be stored @@ -21840,7 +26872,7 @@ Date: Mon Feb 27 16:54:33 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 27 15:50:44 2017 +0100 tests: added verification for unknown critical extensions @@ -21850,7 +26882,7 @@ Date: Mon Feb 27 15:50:44 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 27 14:48:37 2017 +0100 x509/verify: refuse to verify certificates with unknown critical extensions @@ -21863,7 +26895,7 @@ Date: Mon Feb 27 14:48:37 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 10:17:41 2017 +0100 .gitlab-ci.yml: run tests under a FIPS140 mode simulation @@ -21875,14 +26907,14 @@ Date: Wed Mar 1 10:17:41 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 17:13:37 2017 +0100 crypto-self-tests: modified exported functions to work under fips140-2 mode Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 15:52:13 2017 +0100 tests: skip tests which cannot be run in FIPS140-2 mode @@ -21891,7 +26923,7 @@ Date: Wed Mar 1 15:52:13 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 15:42:25 2017 +0100 _gnutls_pk_params_copy: copy the provable algorithm used @@ -21901,28 +26933,28 @@ Date: Wed Mar 1 15:42:25 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 14:31:30 2017 +0100 gnutls_session_ticket_key_generate: fixed operation under FIPS140-2 mode Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 14:05:31 2017 +0100 tests: priorities: enhanced for test to work under FIPS140-2 mode Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 13:46:43 2017 +0100 gnutls-cli: print the ciphers, MACs and KXs when priority string is given Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 1 13:39:39 2017 +0100 gnutls_priority_get_cipher_suite_index: do not return values for non-existent ciphers @@ -21933,14 +26965,14 @@ Date: Wed Mar 1 13:39:39 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 28 15:46:07 2017 +0100 README.md: removed info that gnutls is a gnu project [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 28 15:33:45 2017 +0100 tests: doc update [ci skip] @@ -21974,7 +27006,7 @@ Date: Wed Mar 1 07:54:04 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 28 10:32:38 2017 +0100 tests: crt_apis: added tests for writing/reading unique IDs @@ -21987,7 +27019,7 @@ Date: Tue Feb 28 10:32:38 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 28 10:59:28 2017 +0100 Added _gnutls_idna_email_reverse_map @@ -21997,7 +27029,7 @@ Date: Tue Feb 28 10:59:28 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 28 10:47:03 2017 +0100 x509/output: Cleanup in IDNA name printing @@ -22007,7 +27039,7 @@ Date: Tue Feb 28 10:47:03 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 28 08:48:24 2017 +0100 tests: added test for interactive creation of a request @@ -22016,7 +27048,7 @@ Date: Tue Feb 28 08:48:24 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 28 08:24:30 2017 +0100 certtool: removed limits in interactive input @@ -22029,7 +27061,7 @@ Date: Tue Feb 28 08:24:30 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 28 08:00:56 2017 +0100 certtool: increased buffer for reading from user @@ -22041,14 +27073,14 @@ Date: Tue Feb 28 08:00:56 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 27 08:23:47 2017 +0100 tests: added certificate generation with very long DNS and CN name Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 27 15:58:53 2017 +0100 gnutls_x509_crt_get_extension_info: fixed function to comply with documented approach @@ -22058,7 +27090,7 @@ Date: Mon Feb 27 15:58:53 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 27 16:47:55 2017 +0100 certtool: store critical extensions even if no other extension are present @@ -22068,14 +27100,14 @@ Date: Mon Feb 27 16:47:55 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 27 15:06:57 2017 +0100 x509/name_constraints: documented return values and corrected return type Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 24 09:24:19 2017 +0100 gnutls_ocsp_resp_verify_direct, gnutls_ocsp_resp_verify: defined flags argument @@ -22086,7 +27118,7 @@ Date: Fri Feb 24 09:24:19 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 24 09:09:10 2017 +0100 is_level_acceptable: no longer checks for broken algorithms @@ -22097,7 +27129,7 @@ Date: Fri Feb 24 09:09:10 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 24 08:57:27 2017 +0100 gnutls_store_commitment: introduced flag GNUTLS_SCOMMIT_FLAG_ALLOW_BROKEN @@ -22106,14 +27138,14 @@ Date: Fri Feb 24 08:57:27 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 24 08:46:01 2017 +0100 verify: is_broken_allowed: account for "new" flag GNUTLS_VERIFY_ALLOW_BROKEN Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 24 09:53:26 2017 +0100 devel/fuzz: added necessary casts for compilation [ci skip] @@ -22122,7 +27154,7 @@ Date: Fri Feb 24 09:53:26 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 24 07:56:50 2017 +0100 devel/fuzz: include string.h for strlen() [ci skip] @@ -22139,7 +27171,7 @@ Date: Thu Feb 23 18:05:09 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 23 11:08:34 2017 +0100 tests: added test case with invalid openpgp cert @@ -22149,7 +27181,7 @@ Date: Thu Feb 23 11:08:34 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 23 11:10:04 2017 +0100 opencdk: read_attribute: account buffer size @@ -22163,7 +27195,7 @@ Date: Thu Feb 23 11:10:04 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 23 13:35:42 2017 +0100 gnutls-cli-debug: fixed protocol to port discovery @@ -22173,7 +27205,7 @@ Date: Thu Feb 23 13:35:42 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 23 13:11:45 2017 +0100 pk.c: fixed memory leak on DSS signature decoding @@ -22183,7 +27215,7 @@ Date: Thu Feb 23 13:11:45 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 23 13:07:47 2017 +0100 tests: added client reproducer for memory leak @@ -22194,14 +27226,14 @@ Date: Thu Feb 23 13:07:47 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 23 12:34:28 2017 +0100 tests: update to take into account the removal of random art Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 23 10:26:04 2017 +0100 x509/output: No longer include public key's random art @@ -22215,21 +27247,21 @@ Date: Thu Feb 23 10:26:04 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 22 17:02:33 2017 +0100 tests: updated to include the pin-sha256 in output Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 22 16:47:02 2017 +0100 tests: updated to take into account the pin-sha256 oneline output Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 22 11:11:06 2017 +0100 x509/output: print key PIN on oneline output @@ -22239,7 +27271,7 @@ Date: Wed Feb 22 11:11:06 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 22 11:06:51 2017 +0100 x509/output: print the public key PIN of a certificate @@ -22249,7 +27281,7 @@ Date: Wed Feb 22 11:06:51 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 23 09:39:28 2017 +0100 certtool: don't warn when 'uri' is specified on template @@ -22278,7 +27310,7 @@ Date: Wed Feb 22 21:29:22 2017 +0100 tests: pkcs11-import-with-pin: removed invalid conditional macro -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 22 17:38:07 2017 +0100 tests: added PKCS#11 test for pin input @@ -22293,49 +27325,49 @@ Date: Wed Feb 22 21:01:30 2017 +0100 SECURITY.md: updated after comments from Daniel Berrange [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 21 16:50:22 2017 +0100 Removed unnecessary entries in pkix.asn and gnutls.asn Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 21 14:20:17 2017 +0100 nettle/pk: corrected memcpy of Q in DSA params Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 08:02:02 2017 +0100 crypto.h: improved documentation of randomness levels Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 08:01:09 2017 +0100 nettle/pk: use the appropriate level of randomness for each operation Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 08:00:41 2017 +0100 srp: use nonce level for SRP password randomization Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 21 08:58:16 2017 +0100 doc: document the use of assert() Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 21 08:17:25 2017 +0100 doc: removed protocol/ directory @@ -22346,7 +27378,7 @@ Date: Tue Feb 21 08:17:25 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 21 08:13:56 2017 +0100 Added SECURITY.md, a description of the security issue handling process @@ -22378,35 +27410,35 @@ Date: Mon Feb 20 18:50:40 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 16:41:46 2017 +0100 preinitialize variables to work-around warnings with clang Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 15:05:57 2017 +0100 eliminated dead code as indicated by clang scan-build Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 15:02:22 2017 +0100 pkcs7: corrected error checking in write_signer_id Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 14:18:25 2017 +0100 preinitialize variables to work-around warnings with clang's scan-build Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 14:03:40 2017 +0100 eliminated various clang warnings with non-null arguments @@ -22416,14 +27448,14 @@ Date: Mon Feb 20 14:03:40 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 13:49:55 2017 +0100 make_printable_string: allow operation with null input Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 13:32:37 2017 +0100 .gitlab-ci.yml: replaced clang's build with clang analyser's scan-build @@ -22432,7 +27464,7 @@ Date: Mon Feb 20 13:32:37 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 13:13:19 2017 +0100 .gitlab-ci.yml: added cppcheck run @@ -22441,14 +27473,14 @@ Date: Mon Feb 20 13:13:19 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 11:14:49 2017 +0100 opencdk/read-packet.c: corrected typo in type cast Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 11:13:08 2017 +0100 cdk_pkt_read: enforce packet limits @@ -22463,7 +27495,7 @@ Date: Mon Feb 20 11:13:08 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 20 11:01:07 2017 +0100 tests: added test case with invalid openpgp cert @@ -22482,7 +27514,7 @@ Date: Sun Feb 19 22:50:30 2017 +0100 Signed-off-by: Robert Scheck -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sun Feb 19 17:31:52 2017 +0100 README.md: added CII best practices badge [ci skip] @@ -22524,26 +27556,26 @@ Date: Sun Feb 12 19:48:19 2017 +0200 Signed-off-by: Alon Bar-Lev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 15:37:42 2017 +0100 .gitlab-ci.yml: corrected coverage build Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Feb 18 07:23:18 2017 +0100 .gitlab-ci.yml: remove submodule update from main build Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 17:40:27 2017 +0100 updated auto-generated files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 17:38:23 2017 +0100 Makefile: improved symbols extraction @@ -22552,12 +27584,12 @@ Date: Fri Feb 17 17:38:23 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 15:35:41 2017 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 15:31:02 2017 +0100 tests: ignore sanity checks in broken cert test @@ -22567,7 +27599,7 @@ Date: Fri Feb 17 15:31:02 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 15:26:56 2017 +0100 Added gnutls_x509_crt_set_flags() @@ -22578,12 +27610,12 @@ Date: Fri Feb 17 15:26:56 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 15:20:44 2017 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 15:14:38 2017 +0100 Introduced GNUTLS_E_CERTIFICATE_TIME_ERROR error code @@ -22592,14 +27624,14 @@ Date: Fri Feb 17 15:14:38 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 11:49:48 2017 +0100 x509/output: properly indicate error in Time fields Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 11:33:56 2017 +0100 x509/time: refuse importing certificates with invalid Time fields @@ -22611,7 +27643,7 @@ Date: Fri Feb 17 11:33:56 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 11:26:33 2017 +0100 _gnutls_x509_generalTime2gtime: refuse to parse fractional seconds @@ -22620,7 +27652,7 @@ Date: Fri Feb 17 11:26:33 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 11:25:15 2017 +0100 tests: enhanced test suite to include invalid X509v3 cert @@ -22630,12 +27662,12 @@ Date: Fri Feb 17 11:25:15 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 15:10:40 2017 +0100 gnutls_x509_crt_list_import: fixed leak on import failure -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 10:39:21 2017 +0100 tests: enhanced test suite to include creation of invalid certificates @@ -22645,7 +27677,7 @@ Date: Fri Feb 17 10:39:21 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 10:06:58 2017 +0100 gnutls_x509_crt_sign2: refuse to sign invalid X.509 certificates @@ -22655,7 +27687,7 @@ Date: Fri Feb 17 10:06:58 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 10:04:52 2017 +0100 gnutls_x509_crt_import: reject X.509v1 certificates with invalid fields @@ -22669,7 +27701,7 @@ Date: Fri Feb 17 10:04:52 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 17 09:56:24 2017 +0100 tests: enhanced test suite to include invalid V1 certs @@ -22715,7 +27747,7 @@ Date: Thu Feb 9 00:26:16 2017 +0000 Signed-off-by: Marcin Cieślak -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sun Feb 5 11:41:41 2017 +0100 doc: document the intention of the priority string usage [ci skip] @@ -22765,14 +27797,14 @@ Date: Thu Feb 2 22:59:43 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Feb 4 14:28:30 2017 +0100 .travis.yml: list all logs on failure Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Feb 4 14:01:36 2017 +0100 tests: enable all IDNA tests when compiled with libidn2 @@ -22781,7 +27813,7 @@ Date: Sat Feb 4 14:01:36 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Feb 4 07:50:03 2017 +0100 .travis.yml: updated instructions for travis builds @@ -22790,7 +27822,7 @@ Date: Sat Feb 4 07:50:03 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 3 23:28:01 2017 +0100 extras/hex.h: do not use strlen as variable name @@ -22799,7 +27831,7 @@ Date: Fri Feb 3 23:28:01 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 3 23:11:27 2017 +0100 gnutls_pkcs11_obj_list_import_url4: always return an initialized pointer @@ -22818,7 +27850,7 @@ Date: Fri Feb 3 00:08:19 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 2 11:26:18 2017 +0100 gnutls_heartbeat_allowed: corrected type on dummy wrapper @@ -22829,7 +27861,7 @@ Date: Thu Feb 2 11:26:18 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 2 08:27:14 2017 +0100 Address test suite failure due to timezone differences. @@ -22838,14 +27870,14 @@ Date: Thu Feb 2 08:27:14 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 31 17:06:16 2017 +0100 doc update [ci skip] Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 31 07:38:50 2017 +0100 gnutls_heartbeat_allowed: corrected return type @@ -22866,7 +27898,7 @@ Date: Sat Jan 28 09:26:05 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 27 10:07:28 2017 +0100 README.md: added link to travis build for 3.5.x [ci skip] @@ -22876,7 +27908,7 @@ Date: Fri Jan 27 10:07:28 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 26 14:49:33 2017 +0100 heartbeat extension: doc update @@ -22885,7 +27917,7 @@ Date: Thu Jan 26 14:49:33 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 26 13:21:39 2017 +0100 str-idna: improved error handling @@ -23025,7 +28057,7 @@ Date: Tue Jan 24 16:28:41 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 20 16:55:26 2017 +0100 tests: verify that a written certificate will inherit its ID from privkey @@ -23035,7 +28067,7 @@ Date: Fri Jan 20 16:55:26 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 20 16:33:03 2017 +0100 p11tool: re-use ID from corresponding objects when writing certificates @@ -23084,7 +28116,7 @@ Date: Sun Jan 22 00:59:41 2017 +0100 doc: improved documentation on DH parameters [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 20 14:36:51 2017 +0100 Revert "tests: suite: pkcs11: skip if no softhsm" @@ -23093,7 +28125,7 @@ Date: Fri Jan 20 14:36:51 2017 +0100 The reason is to avoid having changes in softhsm packaging, result to skipping large parts of the test suite without someone noticing. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 19 09:28:08 2017 +0100 _decode_pkcs8_dsa_key: ensure that the P value is non-zero @@ -23106,7 +28138,7 @@ Date: Thu Jan 19 09:28:08 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 19 09:24:19 2017 +0100 tests: added private key causing FPE @@ -23116,7 +28148,7 @@ Date: Thu Jan 19 09:24:19 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 19 09:20:28 2017 +0100 _gnutls_decrypt_pbes1_des_md5_data: ensure that encrypted data size is a multiple of blocksize @@ -23129,7 +28161,7 @@ Date: Thu Jan 19 09:20:28 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 19 09:14:29 2017 +0100 tests: added PKCS#8 key which causes undefined behavior on import @@ -23139,7 +28171,7 @@ Date: Thu Jan 19 09:14:29 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 19 09:08:49 2017 +0100 tests: added certificate which reproduces a leak in gnutls_x509_ext_import_aia @@ -23149,7 +28181,7 @@ Date: Thu Jan 19 09:08:49 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 19 09:08:04 2017 +0100 x509: eliminated memory leak on gnutls_x509_ext_import_aia @@ -23159,12 +28191,12 @@ Date: Thu Jan 19 09:08:04 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 17 15:08:29 2017 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 18 13:51:32 2017 +0100 tests: added check which ensures a client cannot receive during handshake @@ -23173,7 +28205,7 @@ Date: Wed Jan 18 13:51:32 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 18 09:51:35 2017 +0100 tests: added check which ensures a client cannot transmit during handshake @@ -23182,12 +28214,12 @@ Date: Wed Jan 18 09:51:35 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 17 15:28:05 2017 +0100 tests: cleanup error reporting in handshake-false-start -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 18 13:47:02 2017 +0100 Refuse to receive data during handshake @@ -23199,7 +28231,7 @@ Date: Wed Jan 18 13:47:02 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 17 15:05:35 2017 +0100 Refuse to send data during handshake @@ -23220,7 +28252,7 @@ Date: Sun Jan 15 10:40:02 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 17 13:34:33 2017 +0100 opencdk: improved error code checking in the stream reading functions @@ -23229,14 +28261,14 @@ Date: Tue Jan 17 13:34:33 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 16 17:09:36 2017 +0100 minitasn1: updated to latest git version Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 16 13:01:56 2017 +0100 doc: removed references to OpenPGP functions and enumerations @@ -23250,7 +28282,7 @@ Date: Sun Jan 15 11:11:19 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 6 08:26:17 2017 +0100 doc: removed documentation related to OpenPGP @@ -23259,7 +28291,7 @@ Date: Fri Jan 6 08:26:17 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 6 08:14:09 2017 +0100 openpgp.h: all openpgp functionality was marked as deprecated @@ -23324,7 +28356,7 @@ Date: Tue Jan 3 16:45:19 2017 +0200 Signed-off-by: Alon Bar-Lev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 15:22:13 2017 +0100 opencdk: added error checking in the stream reading functions @@ -23334,7 +28366,7 @@ Date: Wed Jan 4 15:22:13 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 15:03:12 2017 +0100 tests: added test case with invalid openpgp cert @@ -23344,7 +28376,7 @@ Date: Wed Jan 4 15:03:12 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 14:56:50 2017 +0100 opencdk: cdk_pk_get_keyid: fix stack overflow @@ -23354,7 +28386,7 @@ Date: Wed Jan 4 14:56:50 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 14:48:38 2017 +0100 tests: added test case with invalid openpgp cert @@ -23364,7 +28396,7 @@ Date: Wed Jan 4 14:48:38 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 14:47:11 2017 +0100 tests: added test case with invalid openpgp cert @@ -23374,7 +28406,7 @@ Date: Wed Jan 4 14:47:11 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 14:42:03 2017 +0100 opencdk: read_attribute: added more precise checks when reading stream @@ -23385,7 +28417,7 @@ Date: Wed Jan 4 14:42:03 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 14:34:05 2017 +0100 tests: added test case with invalid openpgp cert @@ -23395,19 +28427,19 @@ Date: Wed Jan 4 14:34:05 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 14:31:26 2017 +0100 tests: openpgp-cert-parser: simplified -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 09:46:26 2017 +0100 auth rsa: eliminated memory leak on pkcs-1 formatting attack path Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 09:42:25 2017 +0100 tests: added reproducer for server issues @@ -23418,21 +28450,21 @@ Date: Wed Jan 4 09:42:25 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 09:32:17 2017 +0100 _decode_pkcs8_dsa_key: fixed memory leak on error path Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 09:28:23 2017 +0100 decode_private_key_info: eliminate memory leaks on error path Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 09:26:07 2017 +0100 _gnutls_x509_read_dsa_params: update params structure parameters size on successful read @@ -23442,7 +28474,7 @@ Date: Wed Jan 4 09:26:07 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 09:18:03 2017 +0100 tests: added test with private key that causes memory leak @@ -23452,14 +28484,14 @@ Date: Wed Jan 4 09:18:03 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 09:10:54 2017 +0100 _gnutls_pkcs12_string_to_key: avoid division by zero when salt_size = 0 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 4 09:07:10 2017 +0100 tests: added test with PKCS#8 key that signals FPE @@ -23496,14 +28528,14 @@ Date: Tue Jan 3 14:40:36 2017 +0200 Signed-off-by: Alon Bar-Lev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 3 16:10:07 2017 +0100 gnutls_x509_ext_import_policies: fixed memory leak on error path Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 3 15:53:27 2017 +0100 tests: added test case with invalid X.509 cert @@ -23513,14 +28545,14 @@ Date: Tue Jan 3 15:53:27 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 3 15:49:37 2017 +0100 x509 output: fixed memory leak in AIA extension printing Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 3 15:46:41 2017 +0100 tests: added test case with invalid X.509 cert @@ -23530,12 +28562,12 @@ Date: Tue Jan 3 15:46:41 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 3 15:00:59 2017 +0100 doc: document how to enhance the testsuite with issues found -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 3 14:37:18 2017 +0100 status_request: eliminated leak on error path @@ -23545,7 +28577,7 @@ Date: Tue Jan 3 14:37:18 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 3 13:49:18 2017 +0100 proc_server_kx: eliminated leak on error path @@ -23555,7 +28587,7 @@ Date: Tue Jan 3 13:49:18 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 3 14:49:03 2017 +0100 tests: added reproducer for client issues @@ -23569,7 +28601,7 @@ Date: Tue Jan 3 14:49:03 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 3 13:39:43 2017 +0100 tests: do not run key-tests under leak sanitizer @@ -23581,12 +28613,12 @@ Date: Tue Jan 3 13:39:43 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 3 13:20:16 2017 +0100 tests: illegal-rsa: don't hide stderr -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 10:47:24 2017 +0100 tests: added suite for checking PKCS#7 structure import @@ -23594,14 +28626,14 @@ Date: Mon Jan 2 10:47:24 2017 +0100 The initial (problematic) structures have been obtained from oss-fuzz project. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 3 11:39:13 2017 +0100 fuzz: added basic Makefile to assist in reproducing [ci skip] Also updated README.md -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 17:24:41 2017 +0100 Simplified contribution policy [ci skip] @@ -23610,12 +28642,12 @@ Date: Mon Jan 2 17:24:41 2017 +0100 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 17:05:29 2017 +0100 _gnutls_x509_get_signature: fix memory leak on error path -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 17:04:29 2017 +0100 tests: added test case with invalid X.509 certificate @@ -23627,7 +28659,7 @@ Date: Mon Jan 2 17:04:29 2017 +0100 Relates #156 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 15:07:48 2017 +0100 valgrind: use different exit code to signify error @@ -23635,29 +28667,29 @@ Date: Mon Jan 2 15:07:48 2017 +0100 This allows the test suite to differentiate between valgrind and expected errors from tools. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 15:01:26 2017 +0100 tests: cert-tests: force asan to return an error code other than one on failure -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 15:00:24 2017 +0100 gnutls_pkcs8_info: addressed memory leak on error path -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 14:55:14 2017 +0100 certtool: pkcs8_info_int: fix memory leak -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 13:44:46 2017 +0100 wrap_nettle_mpi_modm: bail on a modulus that is zero Relates #156 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 13:32:41 2017 +0100 tests: added test for invalid private keys @@ -23665,12 +28697,12 @@ Date: Mon Jan 2 13:32:41 2017 +0100 Also force asan to return an error code other than one (the normally expected for invalid keys). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 12:02:53 2017 +0100 x509: address leak in print_altname - cert printing -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 12:03:35 2017 +0100 tests: added certificate to reproduce memory leak @@ -23680,7 +28712,7 @@ Date: Mon Jan 2 12:03:35 2017 +0100 Relates #156 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 11:05:21 2017 +0100 tests: added test case with invalid PKCS#8 data @@ -23690,14 +28722,14 @@ Date: Mon Jan 2 11:05:21 2017 +0100 Relates #156 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 11:20:45 2017 +0100 nettle: added a safety net on wrap_nettle_cipher_setiv() Return error if attempting to set invalid IV size. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 11:51:10 2017 +0100 pkcs7 decrypt: require a valid IV size on all ciphers @@ -23707,17 +28739,17 @@ Date: Mon Jan 2 11:51:10 2017 +0100 Relates #156 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 13:26:29 2017 +0100 fuzz: added a PBES1 PKCS#8 private key file into corpus -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 13:23:01 2017 +0100 pkcs8: pkcs8_key_info() will correctly detect non-encrypted files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 13:19:49 2017 +0100 certtool: don't print PKCS#8 information when outputting DER data @@ -23729,19 +28761,19 @@ Date: Sun Jan 1 09:15:09 2017 -0500 Signed-off-by: Alex Gaynor -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 10:13:48 2017 +0100 doc: fixed copyright date in gnutls.texi -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 2 08:43:47 2017 +0100 gnutls_rnd: document the available values of level [ci skip] This enables using the function by only checking the man page. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 16:45:19 2016 +0100 pkcs11 verification: ensure that an issuer we retrieve is not blacklist @@ -23912,17 +28944,17 @@ Date: Mon Dec 19 19:01:31 2016 +0100 tests: added check for certtool loading CA certificates from PKCS#11 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 15:52:49 2016 +0100 certtool: document that --load-ca-certificate can be used with PKCS#11 URLs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 15:44:20 2016 +0100 certtool: load_ca_cert() can load a CA from URLs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 11:36:13 2016 +0100 certtool: unified the CA certificate loading process @@ -23937,17 +28969,17 @@ Date: Mon Dec 19 16:15:50 2016 +0100 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 16:21:30 2016 +0100 .gitlab-ci.yml: changed buildroot to fedora25 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Dec 19 11:01:10 2016 +0100 tests: added check for multiple calls to gnutls_priority_set_direct() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Dec 19 10:49:34 2016 +0100 priorities: set the additional verify flags instead of appending them @@ -23956,12 +28988,12 @@ Date: Mon Dec 19 10:49:34 2016 +0100 multiple times with different parameters. In that case if multiple profiles are used the combo could be undefined. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Dec 19 10:36:01 2016 +0100 verify: print certificate on sec param failure -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 15 15:08:31 2016 +0100 x509: corrected leak in certificate printing @@ -23969,7 +29001,7 @@ Date: Thu Dec 15 15:08:31 2016 +0100 The leak could be triggered if the certificate policies to be imported are invalid. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 15 15:02:18 2016 +0100 gnutls_x509_ext_import_proxy: fix issue reading the policy language @@ -23977,12 +29009,12 @@ Date: Thu Dec 15 15:02:18 2016 +0100 If the language was set but the policy wasn't, that could lead to a double free, as the value returned to the user was freed. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 15 14:50:36 2016 +0100 tests: added certificate which was causing issues in gnutls_x509_crt_print() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 15 14:47:13 2016 +0100 tests: improved certder to easily load certificates from a directory @@ -23990,7 +29022,7 @@ Date: Thu Dec 15 14:47:13 2016 +0100 That allows to place certificates in certs-interesting/ and these will be loaded and checked upon the new "cert" test case. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 15 14:06:06 2016 +0100 doc update @@ -24024,7 +29056,7 @@ Date: Mon Dec 12 08:09:49 2016 -0500 Also added a new private_key_parser fuzzer. -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Dec 14 18:07:05 2016 +0300 Drop _gnutls_epoch_get_compression @@ -24033,7 +29065,7 @@ Date: Wed Dec 14 18:07:05 2016 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Dec 14 17:51:56 2016 +0300 Rework setting next compression method @@ -24044,7 +29076,7 @@ Date: Wed Dec 14 17:51:56 2016 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Dec 14 17:51:56 2016 +0300 Rework setting next cipher suite @@ -24055,7 +29087,7 @@ Date: Wed Dec 14 17:51:56 2016 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Mon Nov 28 13:16:13 2016 +0300 Cache MAC algorithm used for PRF function @@ -24066,42 +29098,42 @@ Date: Mon Nov 28 13:16:13 2016 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Dec 14 04:11:11 2016 +0300 Use MAC_MD5_SHA1 instead of MAC_UNKNOWN to specify TLS 1.0 PRF Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Dec 14 03:52:06 2016 +0300 Rewrite SSL/TLS signature verification to use combined MD5+SHA1 digest Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Dec 14 03:52:06 2016 +0300 Rewrite SSL/TLS signing code to use combined MD5+SHA1 digest Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Dec 14 03:15:49 2016 +0300 Add special MD5+SHA1 digest to simplify TLS signature code Signed-off-by: Dmitry Eremin-Solenikov -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 14 10:52:27 2016 +0100 _gnutls_pkcs_raw_decrypt_data: merge all errors during decryption to GNUTLS_E_DECRYPTION_FAILED This makes the function's return values simpler to handle. -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Wed Dec 14 00:46:16 2016 +0300 configure.ac: remove autogen'erated files only if necessary @@ -24112,17 +29144,17 @@ Date: Wed Dec 14 00:46:16 2016 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 14 09:50:24 2016 +0100 bumped versions and added news entry for 3.6.0 [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 14 09:46:18 2016 +0100 README.md: added information on the 3.5.x builds -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 13 11:41:12 2016 +0100 tests: added test for PKCS#8 encrypted key decoding @@ -24130,7 +29162,7 @@ Date: Tue Dec 13 11:41:12 2016 +0100 This also verifies that the return value when attempting to decrypt without a password is GNUTLS_E_DECRYPTION_FAILED. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 13 11:27:38 2016 +0100 pkcs8: ensure that the correct error code is returned on decryption failure @@ -24140,19 +29172,19 @@ Date: Sat Dec 10 13:15:16 2016 +0100 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 15:44:47 2016 +0100 doc: updated to documentation of certtool [ci skip] This corrects options which incorrectly mentioned they support URLs. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 11:54:30 2016 +0100 x509: better documented gnutls_trust_list_flags_t -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 15:06:55 2016 +0100 tests: disable ASAN leak checks on suite tests @@ -24160,7 +29192,7 @@ Date: Fri Dec 9 15:06:55 2016 +0100 These detect memory leaks in the tools in src/ which are not critical nor there is serious reason to address. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 12:03:33 2016 +0100 tests: disable ASAN leak checks on certificate tests @@ -24168,7 +29200,7 @@ Date: Fri Dec 9 12:03:33 2016 +0100 These detect memory leaks in the tools in src/ which are not critical nor there is serious reason to address. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 09:54:14 2016 +0100 tests: enhanced long-session-id test @@ -24177,29 +29209,29 @@ Date: Fri Dec 9 09:54:14 2016 +0100 and that we test for the specific error code that gnutls_handshake() is expected to return. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 09:52:20 2016 +0100 handshake: return GNUTLS_E_ILLEGAL_PARAMETER on invalid ID size This is a more sensible error code to return on invalid packet. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 9 09:15:59 2016 +0100 tests: eliminate compilation warning in crq-basic [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 8 15:41:40 2016 +0100 .gitlab-ci.yml: do not enable IDN support in minimal build -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 2 14:57:41 2016 +0100 configure.ac: use AC_CONFIG_LINKS to copy autogenerated files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 2 09:22:38 2016 +0100 Added autogen pre-generated files into repository @@ -24207,7 +29239,7 @@ Date: Fri Dec 2 09:22:38 2016 +0100 This allows building gnutls from git in systems without using autogen. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 7 14:28:46 2016 +0100 configure: added option to enable maintainer mode @@ -24215,7 +29247,7 @@ Date: Wed Dec 7 14:28:46 2016 +0100 That makes normal builds, not regenerate Makefiles or configure, allowing for faster CI builds on second stage. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 15 09:03:59 2016 +0100 .gitlab-ci.yml: split the CI run into stages @@ -24232,21 +29264,21 @@ Date: Thu Dec 1 21:40:14 2016 +0100 This works around autogen failures on x86-64 centos7 CI hosts. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 8 16:35:24 2016 +0100 doc: updated documentation on multithreading [ci skip] Resolves #154 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 8 16:27:36 2016 +0100 doc: list gnutls_init_flags_t [ci skip] Suggested by Tyler Burns. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 8 15:54:07 2016 +0100 tests: make conditional (to HAVE_LIBIDN) any IDN related checks @@ -24254,19 +29286,19 @@ Date: Thu Dec 8 15:54:07 2016 +0100 This allows the test suite to successfully complete even when compiled without libidn. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 8 15:44:28 2016 +0100 str: do not call gnutls_assert in inline function This allows the build to succeed when compiled without libidn. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 8 13:09:35 2016 +0100 tests: disable leak checks in rsa-md5-collision.sh -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 8 14:04:07 2016 +0100 tests: split and enhanced UTF-8 name checks from hostname-check @@ -24274,7 +29306,7 @@ Date: Thu Dec 8 14:04:07 2016 +0100 That is, added checks to ensure that non-ASCII DNS names in certificates fail, and that properly encoded IDNA2003 names, succeed. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 8 13:54:53 2016 +0100 tests: added check with failed verification on invalid UTF-8 @@ -24283,12 +29315,12 @@ Date: Thu Dec 8 13:54:53 2016 +0100 verification. Raw UTF-8 is prohibited by IETF PKIX (RFC5280) on a certificate. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 8 13:40:41 2016 +0100 tests: updated cert with UTF8 names to contain proper IDNA2003 encoded names -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 8 13:28:00 2016 +0100 gnutls_x509_crt_check_email type changed to unsigned @@ -24297,7 +29329,7 @@ Date: Thu Dec 8 13:28:00 2016 +0100 allows the compiler to warn on accidental checks for negative value. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 8 13:20:05 2016 +0100 x509: do not attempt to ACE encode values stored in certificates @@ -24330,12 +29362,12 @@ Date: Thu Dec 8 07:17:34 2016 +0100 bumped version -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 7 15:43:21 2016 +0100 tests: reduced the intermediate steps in rsa-md5-collision -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 7 13:24:34 2016 +0100 configure: break after finding the first libtspi @@ -24345,12 +29377,12 @@ Date: Wed Dec 7 13:24:34 2016 +0100 64-bit version on 64-bit system, instead of falling back to the 32-bit. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 7 13:20:08 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 7 10:56:30 2016 +0100 tests: added operational -sign/verify- tests in keygen app @@ -24358,7 +29390,7 @@ Date: Wed Dec 7 10:56:30 2016 +0100 This will check that a generated key is immediately usable for operations. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 7 10:27:01 2016 +0100 gnutls_x509_privkey_cpy: use _gnutls_pk_params_copy @@ -24366,29 +29398,29 @@ Date: Wed Dec 7 10:27:01 2016 +0100 This ensures that all fields of parameters are copied. Inspired by patch of Dmitry Eremin-Solenikov. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 7 10:30:13 2016 +0100 tests: enhanced keygen to include check of gnutls_x509_privkey_cpy -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 7 08:58:30 2016 +0100 tests: added tests for CRL generation APIs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 7 09:05:01 2016 +0100 x509 crl: document the nextUpdate field limitation -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Tue Dec 6 22:41:28 2016 +0300 Don't trash DER CRQ output with text data Signed-off-by: Dmitry Eremin-Solenikov -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 7 08:59:03 2016 +0100 x509 crl: Allow generation of CRLs not to specify a nextUpdate @@ -24398,12 +29430,12 @@ Date: Tue Dec 6 20:03:31 2016 +0100 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 6 13:07:57 2016 +0100 tests: updated overhead calculation for new code -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 30 11:57:56 2016 +0100 DTLS: more precise overhead calculation @@ -24413,17 +29445,17 @@ Date: Wed Nov 30 11:57:56 2016 +0100 Resolves #140 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 30 09:54:45 2016 +0100 tests: added check for MTU calculation on DTLS 1.2 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Dec 5 10:36:04 2016 +0100 src: clean all stamp files on 'make clean' -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Dec 5 10:33:07 2016 +0100 configure: search 64-bit paths for libtspi before 32-bit paths @@ -24475,7 +29507,7 @@ Date: Sun Dec 4 18:48:55 2016 +0100 src gl: updated -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 2 15:59:17 2016 +0100 gl: removed iconv module @@ -24487,7 +29519,7 @@ Date: Sun Dec 4 10:11:19 2016 +0100 configure.ac: detect trousers library on debian -Author: Andreas Metzler +Author: Andreas Metzler Date: Sat Dec 3 14:29:51 2016 +0100 Prevent unwanted linkage to -lhogweed @@ -24510,12 +29542,12 @@ Date: Fri Dec 2 15:28:08 2016 -0800 Signed-off-by: James Bottomley -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 2 16:27:58 2016 +0100 x509: fixed output of pubkey -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 1 16:41:55 2016 +0100 doc: document the fact that certificates and CRLs are unusable after generation @@ -24523,12 +29555,12 @@ Date: Thu Dec 1 16:41:55 2016 +0100 They must be exported and re-imported if intended to be used for signing or verification. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 1 16:32:04 2016 +0100 doc: no longer list SHA1 as a safe choice in X.509 signing -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 1 16:19:31 2016 +0100 certtool: prevent-null termination of buffers allocated with fread_file() @@ -24536,7 +29568,7 @@ Date: Thu Dec 1 16:19:31 2016 +0100 We do not know whether their allocated size allows for that additional null, and we do not need the null termination. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 1 08:40:13 2016 +0100 gnutls_x509_crl_verify: always return zero on success @@ -24544,17 +29576,17 @@ Date: Thu Dec 1 08:40:13 2016 +0100 Also document that in previous versions a positive number could be returned on success. Reported by Adrien Beraud. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 1 14:09:15 2016 +0100 tests: corrected space-tab issue -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 1 10:04:45 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 1 09:55:51 2016 +0100 Improved messages and violation handling in signature key usage checks @@ -24562,7 +29594,7 @@ Date: Thu Dec 1 09:55:51 2016 +0100 This will now tolerate violations in server certificate, if %DEBUG_ALLOW_KEY_USAGE_VIOLATIONS is set. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 1 09:48:56 2016 +0100 Removed redundant certificate key usage checks. @@ -24571,12 +29603,12 @@ Date: Thu Dec 1 09:48:56 2016 +0100 well as prior to performing operations with certificates/pubkeys. Kept the checks prior to operations. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 1 09:45:26 2016 +0100 _gnutls_map_pk_get_pk -> _gnutls_map_kx_get_pk -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 30 14:18:51 2016 +0100 gnutls_kx_get: allow calling the function during handshake @@ -24587,19 +29619,19 @@ Date: Wed Nov 30 14:18:51 2016 +0100 modified to return a correct value even during handshake (after a hello is being exchanged). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 30 14:14:42 2016 +0100 _gnutls_check_key_usage: check for invalid key exchange algorithm Reported by Dmitry Eremin-Solenikov. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 30 14:56:41 2016 +0100 tests: added checks on signature key usage violations -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 1 09:10:41 2016 +0100 .gitlab-ci.yml: added docker tag on mingw builds @@ -24607,24 +29639,24 @@ Date: Thu Dec 1 09:10:41 2016 +0100 That ensures that these builds are done on the gitlab.com runners which run as privileged containers (and thus have access to mount). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 30 09:20:26 2016 +0100 privkey: set the key parameters algorithm prior to returning success -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 30 09:15:06 2016 +0100 When decoding a public key ensure that algorithm is written in the params struct Reported by Dmitry Eremin-Solenikov. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 30 08:54:09 2016 +0100 cfg.mk: disable checks for public submodule updates in CI -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 30 08:44:40 2016 +0100 .gitlab-ci.yml: do not require update to /proc/sys/fs/binfmt_misc to succeed @@ -24633,7 +29665,7 @@ Date: Wed Nov 30 08:44:40 2016 +0100 they already have the wine executable registered. In the case we cannot write proceed to running the check and hope for the best. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 29 16:00:30 2016 +0100 tests: use datefudge in rsa-md5-collision check @@ -24641,7 +29673,7 @@ Date: Tue Nov 29 16:00:30 2016 +0100 This makes sure that any failure detected is not because of expired certificates, but because of MD5 being disabled. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 29 15:51:18 2016 +0100 tools: use stamp files to allow parallel build of autogen files @@ -24651,7 +29683,7 @@ Date: Tue Nov 29 15:51:18 2016 +0100 file being fully populated. The current approach uses stamp files to ensure that no incomplete files are used for compilation. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 29 13:44:01 2016 +0100 guile: do not use +COMP-DEFLATE in priorities test @@ -24664,52 +29696,52 @@ Date: Mon Nov 28 18:19:43 2016 +0100 moved all syntax check exceptions in cfg.mk -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 29 07:57:26 2016 +0100 .gitlab-ci.yml: added zlib dependency -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 28 12:48:25 2016 +0100 .gitlab-ci.yml: fixed artifacts paths for Debian build -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 28 10:26:14 2016 +0100 tests: str-unicode: check whether exceptions are tolerated on decryption -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 28 10:01:02 2016 +0100 tests: added exception and join control characters in str-unicode -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 28 09:38:38 2016 +0100 unistring: added property-join-control -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 17:49:10 2016 +0100 unistring: added default_ignorable_code_point and not_a_character tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 17:23:51 2016 +0100 unistring: added NFKC normalization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 15:29:43 2016 +0100 unistring: included all possible categories for simplicity and extensibility -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 14:55:37 2016 +0100 tests: enhanced str-unicode with more char sets -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 14:20:11 2016 +0100 gnutls_utf8_password_normalize: perform more strict check on input characters @@ -24717,22 +29749,22 @@ Date: Fri Nov 25 14:20:11 2016 +0100 That is, ensure that the input characters are in the valid class of characters for the PRECIS FreeformClass. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 13:11:44 2016 +0100 tests: fixed str-unicode tests with control characters -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 13:02:48 2016 +0100 gnutls_utf8_password_normalize: avoid use of strlen() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 28 11:03:28 2016 +0100 tests: added pkcs12 file with long password -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 16:09:20 2016 +0100 renamed system/iconv.c -> str-iconv.c @@ -24741,91 +29773,91 @@ Date: Fri Nov 25 16:09:20 2016 +0100 charsets (we use libunistring), hence it is no longer suitable for the wrappers to stay in system/. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 11:58:14 2016 +0100 x509: when printing ACE DNSnames ensure the actual name is also printed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 11:47:53 2016 +0100 tests: added unit tests of of _gnutls_idna_reverse_map -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 11:34:19 2016 +0100 introduced _gnutls_idna_reverse_map() This function allows mapping ACE formatted domains to UTF-8. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 10:05:28 2016 +0100 Combined checks for printable characters -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 09:58:58 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 23 08:44:59 2016 +0100 tests: updated crt_apis to include setting UTF-8 SAN -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 23 08:17:13 2016 +0100 tests: updated crq_apis to include setting UTF-8 SAN -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 09:48:56 2016 +0100 gnutls_idna_map: check for printable data prior to mapping -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 23 10:53:23 2016 +0100 gnutls_x509_aia_set: IDNA encode when needed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 16 14:48:59 2016 +0100 When writing alternative names to certificates ensure we write in ACE format -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 10:39:10 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 16:30:49 2016 +0100 tests: added pkcs7 verification with struct generated from openssl (with keyid) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 15:44:35 2016 +0100 tests: added pkcs7 verification with struct generated from openssl -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 25 10:23:00 2016 +0100 doc: added certificate for ECC with any purpose -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 16:40:15 2016 +0100 pkcs7: return GNUTLS_E_PK_SIG_VERIFY_FAILED on hash mismatch In addition introduce a new error code to warn about no embedded data. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 16:33:18 2016 +0100 pkcs7: only print signer's issuer DN when DN has contents -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 14:51:15 2016 +0100 pkcs7: added recursive discovery of structure's signer @@ -24833,24 +29865,24 @@ Date: Thu Nov 24 14:51:15 2016 +0100 This uses the PKCS#7 certificate list as a pool of certificates to generate a certificate chain that leads to our root CAs. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 15:11:31 2016 +0100 pkcs7: on data verification failure log the signer -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 13:17:41 2016 +0100 tests: added complex verification example using PKCS#7 That uses multiple intermediate certificates from the PKCS#7 structure. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 14:32:28 2016 +0100 doc: updated gnutls_x509_trust_list_verify_crt2() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 13:14:16 2016 +0100 pkcs7: pass the verification flags down to gnutls_x509_trust_list_verify_crt2, in find_signer() @@ -24858,7 +29890,7 @@ Date: Thu Nov 24 13:14:16 2016 +0100 This allows for flags like GNUTLS_VERIFY_DISABLE_TIME_CHECKS to apply when verifying PKCS#7 structures. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 09:54:17 2016 +0100 pkcs7: corrected iteration over stored certificates @@ -24866,17 +29898,17 @@ Date: Thu Nov 24 09:54:17 2016 +0100 This allows to use all possibly stored certificates on chain discovery, not only the first. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 09:53:58 2016 +0100 pkcs7: added debug logging on verification discovery -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 14:54:46 2016 +0100 errors.h: added _gnutls_reason_log -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 09:49:13 2016 +0100 errors.h: added _gnutls_cert_log @@ -24890,7 +29922,7 @@ Date: Thu Nov 24 17:31:45 2016 +0100 Signed-off-by: Andreas Schneider -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 24 08:37:47 2016 +0100 corrected log message [ci skip] @@ -24900,12 +29932,12 @@ Date: Wed Nov 23 21:09:03 2016 +0100 gnutls_idna_map was prefixed with underscore to avoid clashes with exported symbols -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 23 14:37:47 2016 +0100 more files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 23 14:30:48 2016 +0100 avoid the use of c_isascii() and use c_isprint() @@ -24913,12 +29945,12 @@ Date: Wed Nov 23 14:30:48 2016 +0100 That latter detects correctly the printable characters we are interested in. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 21 15:45:22 2016 +0100 tests: added unit tests for gnutls_idna_map() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 23 13:12:08 2016 +0100 IDNA code re-organization @@ -24927,37 +29959,37 @@ Date: Wed Nov 23 13:12:08 2016 +0100 utilizes libidn and libunistring to convert hostnames to IDNA ACE form. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 22 16:57:01 2016 +0100 tests: updated outputs to reflect new fingerprint/keyid formats -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 22 16:56:41 2016 +0100 tests: made tmp files unique -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 22 16:43:25 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 22 16:42:14 2016 +0100 Align the printing of a certificate's fingerprint with the key ID printing -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 22 16:35:58 2016 +0100 Print a key's or certificate's key ID with SHA256 in addition to SHA1 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 22 16:18:01 2016 +0100 certtool: address compiler warnings -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 22 09:31:19 2016 +0100 doc: document the RFC7613 normalization of passwords [ci skip] @@ -24969,42 +30001,42 @@ Date: Mon Nov 21 21:16:28 2016 +0100 In addition fix the license text of the included library. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 16 15:50:39 2016 +0100 server_name: log server name sent -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 16 16:47:15 2016 +0100 x509/output: improve log message on embedded null -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 21 12:00:28 2016 +0100 build-aux: added unused-parameter.h -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 21 11:36:43 2016 +0100 .gitlab-ci.yml: explicitly specify --with-included-unistring when needed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 21 11:32:09 2016 +0100 hooks.m4: corrected typo -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 21 10:52:23 2016 +0100 .gitlab-ci.yml: ignore syntax-check issues caused by included unistring -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 21 10:11:32 2016 +0100 more files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 21 09:38:38 2016 +0100 unconditionally include unistring code @@ -25013,7 +30045,7 @@ Date: Mon Nov 21 09:38:38 2016 +0100 including a version of libunistring, which is used on systems which do not ship it. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 21 09:20:36 2016 +0100 lib: added unistring sub-library @@ -25030,12 +30062,12 @@ Date: Sun Nov 20 17:08:55 2016 +0100 That is, enhanced to check the tolerable variant of gnutls_utf8_password_normalize() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 9 18:26:21 2016 +0100 .gitlab-ci.yml: added build without libunistring -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 10:42:32 2016 +0100 doc: mention the RFC7613 normalization and the libunistring dependency @@ -25045,47 +30077,47 @@ Date: Sun Nov 20 17:03:02 2016 +0100 tolerate non-valid UTF8 passwords when decrypting -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 9 14:42:26 2016 +0100 tests: addressed compiler warnings -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 9 14:40:19 2016 +0100 _gnutls_utf8_to_ucs2: normalize to NFC UTF16 output -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 9 14:31:24 2016 +0100 openssl_hash_password: normalize the password prior to use -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 9 12:55:22 2016 +0100 TPM: normalize the password prior to use -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 9 10:53:40 2016 +0100 _gnutls_calc_srp_sha: normalize the password prior to use -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 9 10:50:42 2016 +0100 gnutls_x509_crq_set_challenge_password: normalize the password prior to use -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 9 10:48:04 2016 +0100 PKCS#7/8: normalize the password according to rfc7613 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 10:53:37 2016 +0100 gnutls.pc: use the LT version of the lib variables -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 8 15:24:26 2016 +0100 Use libunistring when present instead of iconv() @@ -25093,24 +30125,24 @@ Date: Tue Nov 8 15:24:26 2016 +0100 That allows us to rely to a single provider for unicode functionality. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 8 15:24:00 2016 +0100 tests: added unit tests for gnutls_utf8_password_normalize() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 8 13:00:16 2016 +0100 Added function for UTF-8 normalization based on RFC7613 This introduces gnutls_utf8_password_normalize() and a dependency on libunistring. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 17:12:02 2016 +0100 tests: added test suite with PKCS#8 files that have invalid encryption -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 16:30:46 2016 +0100 PKCS#5,7 decryption: verify the correctness of padding @@ -25120,24 +30152,24 @@ Date: Mon Nov 14 16:30:46 2016 +0100 Relates #148 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 15:17:26 2016 +0100 PKCS#5,7 decryption: added sanity check on padding size Relates #148 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 15:01:18 2016 +0100 PKCS#5,7 decryption: fail without leak on unknown MAC -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 14:54:00 2016 +0100 PKCS#5,7 decryption: fail early on invalid block sizes -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 14:47:13 2016 +0100 PKCS#5,7 decryption: enforce limits in the support parameter sizes @@ -25145,17 +30177,17 @@ Date: Mon Nov 14 14:47:13 2016 +0100 This allows to detect invalid parameters early rather than later. Relates #148 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 14:03:58 2016 +0100 updated auto-generated files for new functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 10:03:29 2016 +0100 pkcs7 output: use the new functions for DN output -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 09:52:16 2016 +0100 tests: account for the strict RFC4514 compliance reversal @@ -25163,34 +30195,34 @@ Date: Mon Nov 14 09:52:16 2016 +0100 Test the new functions only for the strict RFC4514 compliance to output strings, and test the old functions for the legacy format. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 11 19:05:27 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 11 18:52:03 2016 +0100 x509 output: use the new functions for DN output -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 11 18:31:37 2016 +0100 cleanups in _gnutls_buffer_to_datum() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 11 18:42:59 2016 +0100 certtool: use the new APIs for DN extraction -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 13:31:34 2016 +0100 _gnutls_x509_get_dn: when no data ensure we return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE This aligns with the previous (prior to RFC4514 improvements) behavior of the function. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 11 16:20:01 2016 +0100 Introduced new functions to allow multiple DN parsing modes @@ -25201,17 +30233,17 @@ Date: Fri Nov 11 16:20:01 2016 +0100 which relied on the previous format to continue functioning without changes. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 9 17:19:48 2016 +0100 .gitlab-ci.yml: include root dir log files in all builds -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 11:06:26 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 14 12:57:53 2016 +0100 gl: removed invalid module name @@ -25249,12 +30281,12 @@ Date: Thu Nov 10 06:34:50 2016 +0100 p11tool: added options to initialize a user and admin's PIN -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 11 09:01:39 2016 +0100 gnutls_store_pubkey: document the default hosts format -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 7 09:17:22 2016 +0100 _wrap_nettle_pk_verify: use FAIL_IF_LIB_ERROR prior to returning success @@ -25262,7 +30294,7 @@ Date: Mon Nov 7 09:17:22 2016 +0100 This will prevent verification to succeed if the system is in error state. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 7 09:11:24 2016 +0100 fips140-2: moved PCT-test in wrap_nettle_generate_keys @@ -25288,29 +30320,29 @@ Date: Sat Sep 3 10:31:27 2016 +0200 We now require the latest version that supports OIDs with elements that are longer than 32-bits. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 11 11:16:12 2016 +0200 tests: added check for the decoding of certificates with long OIDs That is, OIDs which have an element which exceeds 2^32. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 4 10:42:58 2016 +0100 symbol-check: do not compare against symbols not exported by us -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 4 09:49:41 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 4 09:34:55 2016 +0100 tests: updated known ciphersuites test for CHACHA20-POLY1305 in the SECURE set -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 4 09:10:18 2016 +0100 priorities: added CHACHA20-POLY1305 to SECURE set @@ -25330,27 +30362,27 @@ Date: Fri Nov 4 07:56:33 2016 +0100 symbols.last: updated auto-generated file -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 19 10:27:26 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 31 10:18:09 2016 +0100 tests: added test to ensure that gnutls_rnd() is not called during initialization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 24 08:30:06 2016 +0200 doc: explicitly state that rng self_test mustn't require rng initialization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 17 14:10:08 2016 +0200 deprecated _gnutls_rnd() in favor of exported gnutls_rnd() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 14:16:51 2016 +0200 rng: split initialization in preinit and init @@ -25361,7 +30393,7 @@ Date: Fri Oct 14 14:16:51 2016 +0200 applications even in early boot in systems where getrandom() blocks waiting for entropy. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 31 11:40:12 2016 +0100 _gnutls_rnd_check: call _rnd_system_entropy_check directly @@ -25371,47 +30403,47 @@ Date: Wed Nov 2 18:07:13 2016 +0100 x509: removed unused IDNA file -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 2 13:24:59 2016 +0100 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 2 08:29:25 2016 +0100 handshake: log advertized version -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 2 08:13:38 2016 +0100 algorithms.h: removed exported prototype from internal header -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 1 18:39:38 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 31 17:23:16 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 31 16:59:20 2016 +0100 tests: added decoding of multi-value DN -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 31 14:21:37 2016 +0100 x509_dn: forbid non-supported escaped chars on DN encoding -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 31 14:07:13 2016 +0100 tests: enhanced RFC4514 with arbitrary escaped strings -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 31 14:07:27 2016 +0100 x509_dn: allow arbitrary escaped strings @@ -25419,19 +30451,19 @@ Date: Mon Oct 31 14:07:27 2016 +0100 In addition fail encoding on unescaped '+'. We do not support it for DN encoding. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 14:46:49 2016 +0200 tests: modified to account for backwards-encoded DN (according to RFC4514) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 31 13:18:17 2016 +0100 tests: removed old README file The description in the file had no relevance to the existing tests. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 31 13:00:14 2016 +0100 gnutls_x509_crt_set_*dn, gnutls_x509_dn_set_str: honor the reverse property of RFC4514 @@ -25441,7 +30473,7 @@ Date: Mon Oct 31 13:00:14 2016 +0100 Resolves #111 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 19 15:35:44 2016 +0200 Encode string DNs backwards according to RFC4514 @@ -25451,12 +30483,12 @@ Date: Tue Jul 19 15:35:44 2016 +0200 Relates #111 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 31 14:41:10 2016 +0100 Updated issue templates [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 31 14:35:22 2016 +0100 Added issue templates [ci skip] @@ -25471,17 +30503,17 @@ Date: Sat Oct 29 23:31:00 2016 +0200 nettle: renamed system random generator-related files for clarity -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 17 14:34:10 2016 +0200 tests: introduced checks for gnutls_rnd() in multi-threaded scenario -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 17 14:33:53 2016 +0200 tests: introduced sanity checks in rng-fork -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 24 08:30:29 2016 +0200 drbg-aes-self-test: corrected free call @@ -25495,7 +30527,7 @@ Date: Thu Oct 27 21:04:49 2016 +0200 by the server, if the server does not hold a status response. We require that behavior to be backwards compatible with gnutls 3.3.x. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 26 17:51:11 2016 +0200 Reverted the behavior of sending a status request extension even without a response @@ -25511,21 +30543,21 @@ Date: Wed Oct 26 17:51:11 2016 +0200 Relates !66 -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Thu Oct 27 18:42:38 2016 +0300 tests: do not enable testpkcs11.sh twice Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Oct 22 14:24:16 2016 +0300 starttls: search for chat in sbin if it is not present in PATH Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Fri Oct 21 04:17:36 2016 +0300 Fix autoconf warnings in libopts.m4 @@ -25548,38 +30580,38 @@ Date: Fri Oct 21 04:17:36 2016 +0300 Signed-off-by: Dmitry Eremin-Solenikov -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Oct 22 02:18:40 2016 +0300 cfg.mk: fix m4 files removal Signed-off-by: Dmitry Eremin-Solenikov -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 17:45:03 2016 +0200 tests: better check for gnutls_ecc_curve_get result -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 17:30:43 2016 +0200 Terminate handshake if only unknown or disabled signatures are advertized by the peer That is, do not attempt to proceed assuming that the peer supports SHA-1. -Author: Dmitry Eremin-Solenikov +Author: Dmitry Baryshkov Date: Sat Oct 22 03:28:14 2016 +0300 Fix compilation of tests if nettle is not installed in standard path Signed-off-by: Dmitry Eremin-Solenikov -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 25 08:03:32 2016 +0200 gnutls-cli-debug: corrected TLS1.2 detection -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 24 08:33:42 2016 +0200 doc update @@ -25603,12 +30635,12 @@ Date: Wed Oct 19 23:06:59 2016 +0200 The host seems to be unreliable. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 16:43:47 2016 +0200 .travis.yml: use as many jobs as CPUs in OSX -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 16:14:32 2016 +0200 .travis.yml: do not run the public submodule checks of maint.mk @@ -25616,44 +30648,44 @@ Date: Fri Oct 21 16:14:32 2016 +0200 These seem to be problematic to detect modification and are preventing the CI from operating. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 13:16:50 2016 +0200 .travis.yml: simplified the submodule checkout The default submodule initialization in travis caused the MacOSX builds to fail. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 13:15:19 2016 +0200 Added casts to prevent compiler warnings -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 13:14:57 2016 +0200 corrected typo -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 12:10:56 2016 +0200 README.md: corrected link to travius build -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 20 15:58:38 2016 +0200 .travis.yml: added support for compiling in macosx -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 11:02:30 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 11:01:43 2016 +0200 tests: added checks for the new GNUTLS_NO_TICKETS flag -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 21 10:26:13 2016 +0200 gnutls_init: added GNUTLS_NO_TICKETS flags @@ -25662,7 +30694,7 @@ Date: Fri Oct 21 10:26:13 2016 +0200 session tickets. This could be done only with GNUTLS_NO_EXTENSIONS which also disabled other useful extensions. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 20 09:26:10 2016 +0200 tests: added pkcs11-privkey-export @@ -25685,22 +30717,22 @@ Date: Tue Oct 18 15:28:39 2016 +0200 tests/pkcs11: Expose SUBJECT for certificates, PUBLIC_EXPONENT and MODULUS for public keys to widen compatibility -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 18 15:42:52 2016 +0200 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 18 13:45:34 2016 +0200 updated auto-generated files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 18 09:24:02 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 18 10:13:56 2016 +0200 certtool: allow setting key purposes for non-CA certificates @@ -25709,46 +30741,46 @@ Date: Tue Oct 18 10:13:56 2016 +0200 in certificates that are not marked as CA. The previous restriction served no purpose. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 18 10:01:49 2016 +0200 certtool: introduce key purpose checks in p7 direct verification -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 18 09:22:59 2016 +0200 x509: introduced gnutls_x509_crt_check_key_purpose() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 17 15:07:03 2016 +0200 gnutls_x509_crt_verify_data2: introduce constraints checks on the provided certificate That is check the provided certificate for validity in time and key usage. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 18 10:02:29 2016 +0200 tests: introduced verification constraints checks for PKCS#7 structures That is, key purpose checks and more elaborate time checks. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 17 12:00:41 2016 +0200 gnutls-serv: use the included known DH parameters by default -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 17 11:54:51 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 12:02:31 2016 +0200 certtool: manpage update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 12 08:34:13 2016 +0200 getfuncs-map.pl: ignore the ffdhe exported parameters @@ -25791,7 +30823,7 @@ Date: Tue Oct 11 19:12:16 2016 +0200 tests: check gnutls_certificate_set_known_dh_params -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 11 16:42:28 2016 +0200 DH: introduced gnutls_*_set_known_dh_params() @@ -25805,59 +30837,59 @@ Date: Tue Oct 11 16:42:28 2016 +0200 Relates #37 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 11 16:18:22 2016 +0200 certtool: --get-dh-params will output the FFDHE primes instead of the SRP primes -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 11 16:05:57 2016 +0200 DH: export the FFDHE Diffie-Hellman values -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 16:13:29 2016 +0200 .gitlab-ci.yml: use fedora's mingw-cmocka packages -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 16:12:44 2016 +0200 more files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 15:04:41 2016 +0200 tests: added check for PKCS#7 catalog file parsing and data extracting -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 15:46:05 2016 +0200 tests: updated pkcs7 text outputs to account for certtool update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 14:55:57 2016 +0200 certtool: --p7-info will include the PKCS#7 encoded data in PEM format -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 14:50:25 2016 +0200 tests: replaced large test2.cat with a smaller file -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 13:13:26 2016 +0200 certtool: improve text on missing options for cert generation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 12:57:31 2016 +0200 Revert "certtool: improve text on missing options for cert generation" This reverts commit 7daed1fd0602bce7495d252f1a9b638fc41e38d3. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 10:22:07 2016 +0200 handshake: set a maximum number of warning messages that can be received per handshake @@ -25865,72 +30897,72 @@ Date: Fri Oct 14 10:22:07 2016 +0200 That is to avoid DoS due to the assymetry of cost of sending an alert vs the cost of processing. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 10:08:35 2016 +0200 record: disallow parsing of alert messages prior to session start -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 10:07:58 2016 +0200 tests: added check to verify that the server will bail out after receiving only alerts -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 14 09:59:22 2016 +0200 tests: added check to verify that the server will bail out after many alerts -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 13 17:01:16 2016 +0200 certtool: improve text on missing options for cert generation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 13 16:55:00 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 13 16:51:19 2016 +0200 tools: removed redudant messages on PIN re-use -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 13 16:48:52 2016 +0200 p11tool: avoid asking the security officer PIN twice on initialization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 13 16:41:04 2016 +0200 p11tool: improved messages on token initialization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 13 16:37:45 2016 +0200 p11tool: corrected check of PIN existance in token initialization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 13 13:10:52 2016 +0200 doc: set a default handshake timeout on example server -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 13 13:09:35 2016 +0200 serv: set a timeout value in handshake -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 13 08:56:45 2016 +0200 tests: added check for Encrypt-then-MAC under DTLS -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 13 08:54:52 2016 +0200 tests: cleanups in tls-etm.c -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 12 13:36:01 2016 +0200 gnutls_pkcs7_get_embedded_data: added GNUTLS_PKCS7_EDATA_GET_RAW flag @@ -25967,42 +30999,42 @@ Date: Tue Oct 11 11:28:39 2016 -0400 The simple fix here is to still try to read the first time, even if the file has an mtime of zero. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 11 14:11:27 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 11 13:55:56 2016 +0200 certtool: corrected use of gnutls_pkcs7_get_embedded_data() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 11 13:06:48 2016 +0200 pkix.asn: simplified ASN.1 description by eliminating pkcs-7-ContentType -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 11 13:03:45 2016 +0200 updated auto-generated files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 11 11:30:28 2016 +0200 certtool: print the enacapsulated content OID on verification -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 7 15:25:31 2016 +0200 tests: added checks for the decoding of various PKCS#7 structures -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 7 15:19:16 2016 +0200 pkcs7: print the eContent type in output functions if it does not match the defaults -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 7 12:06:37 2016 +0200 pkcs7: allow unknown and legacy signature data OIDs to be imported @@ -26016,7 +31048,7 @@ Date: Fri Oct 7 19:07:41 2016 +0200 certtool: --p7-info can be combined with --p7-show-data to display embedded data -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 10 09:48:05 2016 +0200 lib: link with LTLIBDL instead of LIBDL @@ -26065,17 +31097,17 @@ Date: Sat Oct 8 07:24:02 2016 +0200 Resolves #137 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 7 15:24:25 2016 +0200 pkcs7: removed any limits in hex encoding of attributes -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 7 16:10:19 2016 +0200 certtool: lift any limits in print_raw() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 7 14:17:52 2016 +0200 certtool: added safety net when generating a certificate request @@ -26084,7 +31116,7 @@ Date: Fri Oct 7 14:17:52 2016 +0200 specifying --load-privkey. Previously if --load-pubkey would have been used, it would have been ignored, causing confusion to the users. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 6 08:50:39 2016 +0200 doc update [ci skip] @@ -26099,22 +31131,22 @@ Date: Wed Oct 5 20:09:21 2016 +0200 updated auto-generated files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 5 13:51:05 2016 +0200 _gnutls_utf8_to_ucs2: force NFC normalization form in windows -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 5 11:04:54 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 5 11:41:23 2016 +0200 tests: added checks for gnutls_session_supplemental_register -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 5 11:33:55 2016 +0200 Added session-specific supplemental data handling @@ -26122,7 +31154,7 @@ Date: Wed Oct 5 11:33:55 2016 +0200 This allows a caller to add supplemental data handling which will only be made available for a specific session. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 5 10:43:29 2016 +0200 tests: added checks for gnutls_session_ext_register @@ -26171,14 +31203,14 @@ Date: Wed Oct 5 14:30:31 2016 +0200 * guile/modules/gnutls/build/tests.scm (uniform-vector-read!) [guile-2]: Return 0 upon EOF. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 5 10:01:20 2016 +0200 win32: install the .def files in libdir instead of bindir Suggested by Eli Zaretskii. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 5 08:48:57 2016 +0200 certtool: include arpa/inet.h unconditionally @@ -26186,12 +31218,12 @@ Date: Wed Oct 5 08:48:57 2016 +0200 That is because we use inet_pton() which is either provided by the OS, or by gnulib. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 5 08:46:08 2016 +0200 gnutls-cli: fix compilation warning in win32 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 5 08:44:05 2016 +0200 Fixed the version in libgnutls-openssl.def file @@ -26199,50 +31231,50 @@ Date: Wed Oct 5 08:44:05 2016 +0200 Previously the version set in that file would have been (incorrectly) equal to the version of the main library. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 5 08:34:51 2016 +0200 tests: avoid using %zd for formatted output It is not supported by windows. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 4 16:20:44 2016 +0200 tests: skip tests which depend on libidn functionality if build without libidn -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 4 15:55:08 2016 +0200 tests: fixed compilation of pkcs11-privkey-always-auth -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 4 15:10:22 2016 +0200 Fix build of system/keys-win.c with older mingw Patch by Eli Zaretskii -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 3 14:48:49 2016 +0200 tests: introduced further parallelization in provable* tests This runs independent verification steps in parallel, improving running time significantly. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 3 14:40:06 2016 +0200 tests: provable-dh-default check is too slow and is only run when the complete suite is requested -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 3 14:25:06 2016 +0200 tests: split provable-privkey into multiple checks This allows the tests to be run in parallel. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 3 14:17:52 2016 +0200 tests: provable-dh was split into two programs @@ -26250,29 +31282,29 @@ Date: Mon Oct 3 14:17:52 2016 +0200 This allows the test to be run more efficiently when run in parallel. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 30 16:48:54 2016 +0200 .gitlab-ci.yml: do not run the full test suite on valgrind test This allows the CI test to run on reasonable time. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 30 14:16:01 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 26 13:00:36 2016 +0200 more files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 30 13:08:53 2016 +0200 devel/openssl: updated to 1.1.0 release -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 29 15:41:23 2016 +0200 aarch64: added optimized AES-CCM mode @@ -26282,27 +31314,27 @@ Date: Tue Sep 27 21:43:05 2016 +0200 Imported Andy Polyakov's implementation of AES-GCM in aarch64 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 26 11:55:37 2016 +0200 Imported Andy Polyakov's implementation of AES in aarch64 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 29 13:36:55 2016 +0200 Added HMAC-SHA* optimizations for aarch64 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 23 14:55:37 2016 +0200 Imported Andy Polyakov's implementations for SHA* in aarch64 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 3 12:53:43 2016 +0200 fix zero-termination in _gnutls_server_name_set_raw() for large server names -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 3 12:56:07 2016 +0200 _gnutls_check_id_for_change: added check for NULL username @@ -26310,12 +31342,12 @@ Date: Mon Oct 3 12:56:07 2016 +0200 This is not required, but may prevent from issues if code-reorganizations which may set a NULL username, occur. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 3 12:58:17 2016 +0200 gnutls_*_crt_print: better error checking -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 3 10:29:29 2016 +0200 tests: added test for CKA_ALWAYS_AUTHENTICATE handling in PKCS#11 @@ -26323,17 +31355,17 @@ Date: Mon Oct 3 10:29:29 2016 +0200 This checks whether GnuTLS properly calls login prior to any sign operations when the object is marked as CKA_ALWAYS_AUTHENTICATE. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 3 11:11:55 2016 +0200 pkcs11: improved debugging output in pkcs11_login -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 3 10:22:44 2016 +0200 name constraints: removed unused variable -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 30 13:25:41 2016 +0200 tools: clarify errors when reading files @@ -26368,7 +31400,7 @@ Date: Tue Sep 27 23:42:01 2016 +0200 These constructions although valid for C99 they are being rejected by various compilers. Get rid of them. -Author: Daiki Ueno +Author: Daiki Ueno Date: Tue Sep 27 11:04:16 2016 +0200 certtool: print correct size of EC keys @@ -26379,12 +31411,12 @@ Date: Tue Sep 27 11:04:16 2016 +0200 Generating a -2147483646 bit EC/ECDSA private key... Note that ECDSA keys with size less than 256 are not widely supported. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 27 09:51:56 2016 +0200 p11tool: documented the p11-kit relevancy of distrust and stapled -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 27 09:39:09 2016 +0200 pkcs11: forbid PKCS#11 extensions to be used in other than trust modules @@ -26393,19 +31425,19 @@ Date: Tue Sep 27 09:39:09 2016 +0200 p11-kit trust modules, to avoid conflicts with potentially other PKCS#11 extensions. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 27 11:46:24 2016 +0200 .gitlab-ci.yml: enabled valgrind tests build -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 27 11:44:16 2016 +0200 tests: allow handshake-large-packet to run under valgrind That is, initialize the allocated buffers with a known value. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 26 14:24:31 2016 +0200 p11tool: introduced the --mark-distrusted and --distrusted options @@ -26414,7 +31446,7 @@ Date: Mon Sep 26 14:24:31 2016 +0200 distrusted certificates (blacklisted) for a p11-kit trust module as: p11tool --list-all-certs --distrusted -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 26 14:23:24 2016 +0200 pkcs11: introduced flag GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED @@ -26422,7 +31454,7 @@ Date: Mon Sep 26 14:23:24 2016 +0200 This allows to mark objects as distrusted, as well as to be able to list distrusted objects. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 26 14:00:32 2016 +0200 pkcs11: only staple extensions from a trust module when they are from a non-distrusted certificate @@ -26433,12 +31465,12 @@ Date: Mon Sep 26 14:00:32 2016 +0200 come from blacklisted certificates, and we have no reason to support stapled extensions with blacklisted certificates. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 26 13:47:19 2016 +0200 p11tool: allow to export a certificate with its stapled extensions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 26 08:12:52 2016 +0200 gnutls_oid_to_ecc_curve: fix null pointer dereference @@ -26447,7 +31479,7 @@ Date: Mon Sep 26 08:12:52 2016 +0200 null pointer dereference. This was introduced with the addition of X25519. Reported by Theofilos Petsios. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 23 16:01:07 2016 +0200 Only send the status request extension on cert authentication @@ -26455,7 +31487,7 @@ Date: Fri Sep 23 16:01:07 2016 +0200 That is, do not both asking for it, or replying to it, if we are not using any certificates. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 22 14:49:57 2016 +0200 gdoc: improved the detection and display of escaped characters (@%) @@ -26463,22 +31495,22 @@ Date: Thu Sep 22 14:49:57 2016 +0200 This allows to properly display strings like %COMPAT and @SYSTEM in the manual and the manpages. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 22 13:46:19 2016 +0200 doc: gnutls_priority_init: fixed %COMPAT [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 22 12:08:45 2016 +0200 .gitlab-ci.yml: corrected debian build's dependency -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 22 11:07:45 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 21 17:59:18 2016 +0200 On client side allow signing with the signature algorithm of our cert @@ -26488,12 +31520,12 @@ Date: Wed Sep 21 17:59:18 2016 +0200 to use a deprecated certificate without enabling deprecated algorithms globally. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 22 11:01:22 2016 +0200 _gnutls_session_get_sign_algo: always return GNUTLS_SIGN_UNKNOWN on failure -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 22 10:35:13 2016 +0200 tests: added check for server-side ECDSA keys @@ -26502,7 +31534,7 @@ Date: Thu Sep 22 10:35:13 2016 +0200 the client in case the client has no ECDSA signature algorithms available. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 22 09:54:12 2016 +0200 tests: added check for client-side DSA key @@ -26511,7 +31543,7 @@ Date: Thu Sep 22 09:54:12 2016 +0200 if DSA is not enabled (which should prohibit the server from providing a DSA certificate). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 22 09:21:06 2016 +0200 certtool: do not require a certificate to generate a PKCS#12 file @@ -26523,12 +31555,12 @@ Date: Tue Sep 20 09:00:23 2016 +0200 .gitlab-ci.yml: added debian build -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 20 14:31:12 2016 +0200 README.md: depend on softhsm2 and net-tools on debian -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 19 15:36:21 2016 +0200 tests: mini-server-name: skip invalid UTF-8 check if compiled without libidn @@ -26536,7 +31568,7 @@ Date: Mon Sep 19 15:36:21 2016 +0200 This allows the test suite to run in systems without libidn. Reported by Thomas Klausner. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 19 14:55:24 2016 +0200 tests: added the macros test_fail() and test_success() @@ -26550,12 +31582,12 @@ Date: Mon Sep 19 18:55:59 2016 +0200 cfg.mk: removed invalid rule in web target -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 19 14:24:10 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 19 14:12:56 2016 +0200 added debugging message when session fails due to handshake hash buffer @@ -26579,7 +31611,7 @@ Date: Mon Sep 19 07:42:41 2016 +0200 This will improve recovery from error conditions. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 16 13:12:50 2016 +0200 Increased the maximum size allowed for handshake messages to 128kb @@ -26609,14 +31641,14 @@ Date: Sat Sep 17 11:31:29 2016 +0200 the specific issue they encountered on public key error. The new codes are GNUTLS_E_PK_INVALID_PUBKEY and GNUTLS_E_PK_INVALID_PRIVKEY -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 15 16:50:26 2016 +0200 .gitlab-ci.yml: no longer require gnutls-devel This package is no longer needed to run abi-check. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 15 16:49:37 2016 +0200 Makefile: abi-check no longer require gnutls headers to be installed @@ -26624,7 +31656,7 @@ Date: Thu Sep 15 16:49:37 2016 +0200 This addresses the issue of requiring gnutls-devel in the CI system to run abi-check. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 13 15:17:29 2016 +0200 doc: remove the conditional self_test functions @@ -26633,7 +31665,7 @@ Date: Tue Sep 13 15:17:29 2016 +0200 by restricting the header files that contribute functions to the known list defined by $(HEADER_FILES). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 13 10:37:54 2016 +0200 Makefile.am: introduced 'make files-update' rule @@ -26642,12 +31674,12 @@ Date: Tue Sep 13 10:37:54 2016 +0200 This allows for easier automation of the symbol change 'make dist' breakages. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 13 10:33:00 2016 +0200 manpages: delete comparison temp file -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 13 10:30:09 2016 +0200 Makefile.am: symbol changes were made more elaborate @@ -26655,12 +31687,12 @@ Date: Tue Sep 13 10:30:09 2016 +0200 During make dist, the makefile will report the appropriate symbol change message with instructions and fail. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 13 10:02:48 2016 +0200 updated doc and symbol files for gnutls_certificate_set_ocsp_status_request_function2 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 13 10:00:42 2016 +0200 Makefile.am: print the symbols.last diff on make dist @@ -26668,12 +31700,12 @@ Date: Tue Sep 13 10:00:42 2016 +0200 This allows to manually verify the contents before overriding the old file. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 12 17:23:07 2016 +0200 doc: allow creation of gnutls.epub without running epub-fix -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 12 15:50:52 2016 +0200 .gitlab-ci.yml: use nproc as argument to 'make -j' @@ -26681,7 +31713,7 @@ Date: Mon Sep 12 15:50:52 2016 +0200 That way, we use as many make processes, as the number of CPUs in the CI system. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 12 15:31:13 2016 +0200 .gitlab-ci.yml: added build which runs 'make dist' @@ -26690,7 +31722,7 @@ Date: Mon Sep 12 15:31:13 2016 +0200 manual are properly generated, and whether any new functions were included into makefiles. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 12 15:30:07 2016 +0200 doc: fixed the epub documentation generation @@ -26715,17 +31747,17 @@ Date: Mon Sep 12 18:24:49 2016 +0100 Signed-off-by: Alex Monk -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 13 08:54:42 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 13 08:49:10 2016 +0200 .gitlab-ci.yml: added check for position dependent code -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 13 08:46:51 2016 +0200 Makefile.am: added check for position dependent code @@ -26733,14 +31765,14 @@ Date: Tue Sep 13 08:46:51 2016 +0200 This check will verify that the generated library doesn't contain position dependent code. It depends on elf utilities. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 13 08:38:36 2016 +0200 openssl asm: reverted to AESNI-x86 code to gnutls 3.4.x code The newer code was creating position dependent code. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 12 11:59:37 2016 +0200 tests: added checks to verify server understanding of UTF8 hostnames @@ -26748,12 +31780,12 @@ Date: Mon Sep 12 11:59:37 2016 +0200 This verifies whether a server can understand and serve requests which contain UTF-8 server names. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 12 11:51:07 2016 +0200 tests: set_key: fixed the time override -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 12 11:23:25 2016 +0200 tests: set_key: enabled failure_mode test @@ -26769,12 +31801,12 @@ Date: Sat Sep 10 10:50:43 2016 +0200 functions, are converted to IDNA format for comparison with client provided values. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 12 10:52:18 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 12 10:48:10 2016 +0200 .gitlab-ci.yml: restrict the freebsd builds to local branches only @@ -26788,7 +31820,7 @@ Date: Sun Sep 11 22:10:14 2016 +0100 Signed-off-by: Alex Monk -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 12 10:22:37 2016 +0200 gnutls_certificate_set_*key: ensure proper cleanup on key mismatch failures @@ -26796,7 +31828,7 @@ Date: Mon Sep 12 10:22:37 2016 +0200 That is, ensure that we keep no local references that are shared with the caller, and that we properly free all initialized values. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 12 10:23:48 2016 +0200 tests: check key mismatch on gnutls_certificate_set_*key @@ -26804,12 +31836,12 @@ Date: Mon Sep 12 10:23:48 2016 +0200 That is, check whether these functions can successfully recover from such condition, without leaks or double freeing. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 8 15:32:06 2016 +0200 tests: added unit testing for gnutls_certificate_set_ocsp_status_request_function2 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 8 15:14:37 2016 +0200 tests: added unit tests for gnutls_certificate_set_x509_key() @@ -26817,7 +31849,7 @@ Date: Thu Sep 8 15:14:37 2016 +0200 In addition these tests verify that the expected index is returned and that can be used with gnutls_certificate_get_crt_raw() afterwards. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 8 15:03:00 2016 +0200 tests: enhanced set_x509_key tests to include index verification @@ -26825,7 +31857,7 @@ Date: Thu Sep 8 15:03:00 2016 +0200 That is, verify that correct indexes are returned, and these can be used with gnutls_certificate_get_crt_raw() afterwards. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 8 13:48:30 2016 +0200 tests: enhanced set_x509_key_file tests to include index verification @@ -26833,7 +31865,7 @@ Date: Thu Sep 8 13:48:30 2016 +0200 That is, verify that correct indexes are returned, and these can be used with gnutls_certificate_get_crt_raw() afterwards. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 7 17:55:38 2016 +0200 tests: more checks for functionality of gnutls_certificate_set_ocsp_status_request_file @@ -26843,7 +31875,7 @@ Date: Wed Sep 7 17:55:38 2016 +0200 certificates. The tests then verify whether the expected OCSP response is received. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 7 14:49:35 2016 +0200 Added gnutls_certificate_set_ocsp_status_request_function2 @@ -26857,7 +31889,7 @@ Date: Wed Sep 7 14:49:35 2016 +0200 rely on to associate with existing certs are the indexes returned by the gnutls_certificate_set_key() and friends functions. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 7 13:38:19 2016 +0200 All the key and chain set functions return an index @@ -26867,12 +31899,12 @@ Date: Wed Sep 7 13:38:19 2016 +0200 That index could be used later either on the get functions, or when setting corresponding data (e.g., an OCSP response). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 7 13:29:54 2016 +0200 doc: clarifications in gnutls_certificate_set_ocsp_status_request_function() -Author: Andreas Metzler +Author: Andreas Metzler Date: Sun Sep 11 16:00:57 2016 +0200 Typo fixes found by lintian. @@ -26995,19 +32027,19 @@ Date: Sat Sep 10 07:44:21 2016 +0200 _gnutls_fbase64_decode: use memsub macro instead of casts -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 9 15:04:52 2016 +0200 gnutls-cli: use gnutls_set_default_priority if no priorities are given -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 9 15:01:05 2016 +0200 gnutls-serv: removed '...' from documentation That caused caused problems in generated manpage. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 9 13:59:05 2016 +0200 configure: better document the random generator variant used @@ -27032,17 +32064,17 @@ Date: Wed Sep 7 22:20:10 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 7 13:17:56 2016 +0200 bumped versions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 7 13:16:41 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 7 09:30:18 2016 +0200 tests: do not run pkcs12-utf8 under windows @@ -27050,47 +32082,47 @@ Date: Wed Sep 7 09:30:18 2016 +0200 This test required to pass UTF8 data under command line, and that doesn't seem to work under windows. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Sep 7 08:45:24 2016 +0200 _gnutls_ucs2_to_utf8: corrected use of WideCharToMultiByte in windows -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 6 18:45:17 2016 +0200 tests: added debugging info in conv-utf8 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 6 16:45:19 2016 +0200 tests: don't build cmocka tests with libutils - they conflict -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 6 15:58:59 2016 +0200 .gitlab-ci.yml: keep config.log in windows builds -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 6 15:14:01 2016 +0200 .gitlab-ci.yml: corrected typo for libidn installation in windows64 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 6 14:52:54 2016 +0200 .gitlab-ci.yml: install our internal cmocka for windows -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 6 13:18:10 2016 +0200 tests: added unit tests of _gnutls_utf8_to_ucs2 and _gnutls_ucs2_to_utf8 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 6 11:40:36 2016 +0200 libgnutls.map: export _gnutls_utf8_to_ucs2 and _gnutls_ucs2_to_utf8 for testing -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 26 14:49:07 2016 +0200 pkcs12: enhanced to allow encrypting using UCS2 passwords @@ -27098,29 +32130,29 @@ Date: Fri Aug 26 14:49:07 2016 +0200 That is use _gnutls_utf8_to_ucs2() to convert the provided password to UCS2. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 26 15:56:19 2016 +0200 _gnutls_ucs2_to_utf8: fixed null termination check in windows code -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 26 14:48:24 2016 +0200 Added _gnutls_utf8_to_ucs2() This function allows to convert between UTF8 to UCS2 big-endian. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 26 14:23:13 2016 +0200 tests: added tests for PKCS#12 decoding with UTF8 passwords -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 26 14:34:07 2016 +0200 pkcs7 encryption: corrected memory leaks -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 6 14:54:30 2016 +0200 Makefile: local-code-coverage-output always succeeds @@ -27135,7 +32167,7 @@ Date: Fri Sep 2 10:30:54 2016 +0200 - Tests updated accordingly. - Behavior now matches NSS. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 6 09:05:59 2016 +0200 tests: added checks to verify behavior in writing pkcs11 objects @@ -27143,12 +32175,12 @@ Date: Tue Sep 6 09:05:59 2016 +0200 That is, verify that private keys are marked as private by default, and public objects are marked as non-private by default. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 6 09:00:20 2016 +0200 p11tool: eliminated memory leak in --list options -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 6 08:49:01 2016 +0200 p11tool: do not mark written objects as private by default @@ -27173,7 +32205,7 @@ Date: Mon Sep 5 18:08:50 2016 +0200 That is, use a single allocation for temporary data. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 5 13:05:17 2016 +0200 .gitlab-ci.yml: use fedora24 with address sanitizer @@ -27181,7 +32213,7 @@ Date: Mon Sep 5 13:05:17 2016 +0200 The fix in fbb9618b25b77c65e24a6ce224d53bc9a0b81457 addresses the problems with asan in fedora24. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 5 13:01:31 2016 +0200 tests: use LSAN_OPTIONS instead of ASAN_OPTIONS @@ -27189,17 +32221,17 @@ Date: Mon Sep 5 13:01:31 2016 +0200 New versions of address sanitizer do not parse this file otherwise. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 5 09:48:24 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 5 09:41:30 2016 +0200 tests: corrected detection of 64-bit systems in softhsm.h -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 5 09:37:51 2016 +0200 tests: added check for PKCS#11 signature validity @@ -27208,7 +32240,7 @@ Date: Mon Sep 5 09:37:51 2016 +0200 contains r, s values that are non-negative, i.e., are zero padded when necessary. This utilizes _gnutls_decode_ber_rs_raw(). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 5 09:29:24 2016 +0200 Introduced helper function _gnutls_decode_ber_rs_raw() @@ -27228,7 +32260,7 @@ Date: Sat Sep 3 10:23:49 2016 +0200 tests: template-test: use uniform way to detect 32-bit systems -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 1 12:35:55 2016 +0200 .gitlab-ci.yml: use the gitlab.com shared runners @@ -27238,7 +32270,7 @@ Date: Thu Sep 1 12:35:55 2016 +0200 testing on other platforms such as Debian simpler, and allows merge requests to pass through the CI. -Author: David Woodhouse +Author: David Woodhouse Date: Tue Aug 30 15:26:27 2016 +0100 Import DTLS sliding window validation from OpenConnect ESP code @@ -27259,22 +32291,22 @@ Date: Wed Aug 31 11:04:06 2016 +0300 This allows compiling certtool without libtasn headers. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 29 14:16:16 2016 +0200 nettle: removed unused variable in windows rng -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 29 13:52:24 2016 +0200 tests: don't run danetool.sh when not compiled with dane support -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 29 13:48:04 2016 +0200 tests: mini-dtls-record: modified expected order to account for new SW behavior -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 29 13:02:54 2016 +0200 dtls: ensure that the DTLS window doesn't get stalled @@ -27282,7 +32314,7 @@ Date: Mon Aug 29 13:02:54 2016 +0200 That is ensure that it is forwarded at least one place if more than 16 packets have been received since the first one. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 29 13:25:23 2016 +0200 tests: enhance the DTLS window unit test to account for lost packets @@ -27291,7 +32323,7 @@ Date: Mon Aug 29 13:25:23 2016 +0200 such as 50% of the packets received, as well as 3 consequent packets being lost. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 26 16:52:19 2016 +0200 README.md: added coverage report [ci skip] @@ -27325,37 +32357,37 @@ Date: Sat Aug 27 17:00:22 2016 +0200 Reported by Stefan Buehler. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 26 11:35:50 2016 +0200 tools: eliminated memory leaks in deinitialization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 26 11:28:51 2016 +0200 tools: allow socket_bye() to be used for non-polite terminations -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 26 11:14:19 2016 +0200 tests: added suppressions.valgrind in ocsp-tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 25 15:48:03 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 25 15:46:06 2016 +0200 tests: added check for the decoding of pbes1-des-md5 key -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 25 17:27:16 2016 +0200 pkcs8: cleaned up PKCS#8 decoding from common code with PKCS#7 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 25 15:40:28 2016 +0200 pkcs8: added support for decryption with PBES1-DES-CBC-MD5 @@ -27370,51 +32402,51 @@ Date: Thu Aug 25 10:58:22 2016 +0200 fix memleak in pkcs11_get_random -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 25 09:57:55 2016 +0200 ocsptool: reduce memory leaks on execution -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 24 14:09:13 2016 +0200 tests: enable ocsp-must-staple-connection check -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 24 16:17:20 2016 +0200 doc: be more explicit about the usage of gnutls_global_init/deinit [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 24 14:41:33 2016 +0200 tests: don't use piped tee in pkcs8-decode It would prevent error codes from being detected in the tests. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 24 14:04:52 2016 +0200 ocsptool: corrected bug in session establishment -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 24 13:57:00 2016 +0200 tests: ocsp-tls-connection: no longer check for netcat; it was not needed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 24 13:39:43 2016 +0200 tests: added decoding of key with pbes2 and SHA256 PRF -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 24 13:32:04 2016 +0200 Added support for decrypting PKCS#8 files which use HMAC-SHA256 as PRF This improves compatibility with new openssl versions. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 24 10:49:13 2016 +0200 Ported openssl format fix from openconnect @@ -27433,7 +32465,7 @@ Date: Mon Aug 15 01:13:16 2016 -0400 Signed-off-by: Philippe Proulx -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 22 16:32:34 2016 +0200 rnd-linux: added check for SYS_getrandom being defined @@ -27441,47 +32473,47 @@ Date: Mon Aug 22 16:32:34 2016 +0200 This allows to compile the getrandom() code in old Linux systems which do not have the system call defined. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 22 16:29:09 2016 +0200 libdane: include minitasn1 headers -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 22 17:11:53 2016 +0200 gnutls-cli: do not exit if fast open is not supported -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 22 13:21:07 2016 +0200 gnutls-cli: added bufferring in starttls read of packets -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 22 13:34:44 2016 +0200 tests: added basic test of STARTTLS over FTP for gnutls-cli -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 22 09:03:41 2016 +0200 tests: added basic starttls functionality testing on gnutls-cli -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 22 09:13:50 2016 +0200 gnutls-cli: exit with error code 2 on starttls errors -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 22 08:57:23 2016 +0200 tests: fixed fastopen.sh to operate from cmd -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 22 08:47:57 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 22 08:46:04 2016 +0200 gnutls-cli: fixed the behavior when --starttls or --starttls-proto is given @@ -27495,7 +32527,7 @@ Date: Fri Aug 19 11:58:39 2016 +0200 Fix HANDLE_LEAK and memory leak issues. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 22 08:18:15 2016 +0200 gnutls-cli: print 'Handshake was completed' @@ -27506,41 +32538,41 @@ Date: Mon Aug 22 08:18:15 2016 +0200 used by applications like gnus which use gnutls-cli. This patch reverts that change and prints that message on successful handshakes. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 10 14:43:03 2016 +0200 tests: openpgp-certs tests were moved to cert-tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 10 14:07:03 2016 +0200 gnutls_key_generate: fail if the state of the library is invalid Suggested by Stephan Mueller. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 10 13:35:33 2016 +0200 tests: mini-dtls-hello-verify: ignore SIGPIPE to avoid unexpected crashes Resolves: #119 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 9 12:00:57 2016 +0200 gnutls_safe_renegotiation_status: changed return type to unsigned -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 9 11:12:16 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 9 10:54:09 2016 +0200 tests: removed unused variables from tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 9 10:45:00 2016 +0200 doc update @@ -27594,7 +32626,7 @@ Date: Wed Aug 3 19:40:55 2016 +0200 Signed-off-by: Martin Ukrop -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 2 15:28:52 2016 +0200 tests: added unit test for ip_in_cidr function @@ -27646,19 +32678,19 @@ Date: Mon Aug 8 13:31:18 2016 +0200 Signed-off-by: Stefan Sørensen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 9 10:14:08 2016 +0200 Revert "tests: check gnutls_certificate_get_x509_crt with more than one certificates" This reverts commit f7d884720b128ef86f6b9dc9fc498be89faf1732. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 9 09:35:03 2016 +0200 tests: do not run srp test when no SRP support is compiled in -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 8 11:49:04 2016 +0200 tests: moved child status error checking code in utils.h @@ -27678,7 +32710,7 @@ Date: Tue Aug 9 07:23:36 2016 +0200 released 3.5.3 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 8 16:30:10 2016 +0200 gnutls_transport_set_fastopen: added flags options @@ -27686,7 +32718,7 @@ Date: Mon Aug 8 16:30:10 2016 +0200 This will allow minor modifications to the semantics of the function in the future, without introducing a new API. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 8 16:22:42 2016 +0200 doc update @@ -27703,7 +32735,7 @@ Date: Mon Aug 8 13:31:15 2016 +0200 Signed-off-by: Stefan Sørensen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 8 16:08:29 2016 +0200 tests: check gnutls_certificate_get_x509_crt with more than one certificates @@ -27769,7 +32801,7 @@ Date: Sun Aug 7 11:53:19 2016 +0200 tests: added missing backslash in key-tests Makefile -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 8 08:25:31 2016 +0200 Revert "nettle: use rsa_*_key_prepare" @@ -27786,7 +32818,7 @@ Date: Sun Aug 7 11:31:36 2016 +0200 prepared for release 3.5.3 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 5 15:55:47 2016 +0200 tests: use gnutls_record_set_timeout instead of kill child processes @@ -27795,7 +32827,7 @@ Date: Fri Aug 5 15:55:47 2016 +0200 process, and we also avoid deadlocks by making sure that recv will terminate after a long delay. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 5 15:52:17 2016 +0200 tests: mini-record modify in a way to be more fail safe @@ -27805,49 +32837,49 @@ Date: Fri Aug 5 15:52:17 2016 +0200 Relates: #118 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 5 15:20:48 2016 +0200 pkcs11: is_object_pkcs11_url -> is_pkcs11_url_object Renamed function for clarity. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 5 09:46:14 2016 +0200 tests: ignore sigpipe in mini-record -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 5 09:30:14 2016 +0200 gnutls_fips140_mode_enabled: changed return type to unsigned -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 4 13:58:54 2016 +0200 doc: updated contribution guide with more info on test suite [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 4 10:22:50 2016 +0200 gnutls_pkcs11_privkey_status: return type changed to unsigned -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 4 09:57:04 2016 +0200 doc: added section on SCTP protocol [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 2 13:46:05 2016 +0200 tests: client-fastopen: removed seccomp conditional -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 2 13:34:18 2016 +0200 fastopen: improved error checking at connect() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 1 10:48:46 2016 +0200 nettle: use rsa_*_key_prepare @@ -27857,17 +32889,17 @@ Date: Mon Aug 1 10:48:46 2016 +0200 may be introduced in the future. Specifically any checks for invalid public keys (e.g., keys that may crash the underlying gmp functions). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 29 15:00:06 2016 +0200 gnutls_transport_set_fastopen: doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 29 13:47:27 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 29 12:19:25 2016 +0200 getrandom: use SYS_getrandom instead of __NR_getrandom @@ -27897,62 +32929,62 @@ Date: Tue Jul 26 17:44:53 2016 +0200 Signed-off-by: Martin Ukrop -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 14:34:15 2016 +0200 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 13:41:11 2016 +0200 configure: do not generate makefiles in removed dirs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 13:37:31 2016 +0200 tests: updated paths for new location of p12 files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 13:34:34 2016 +0200 tests: safe renegotiation tests are run from top dir -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 13:30:18 2016 +0200 tests: srp tests moved outside subdir -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 13:24:55 2016 +0200 tests: moved sha2 tests into cert-tests/ -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 13:20:25 2016 +0200 tests: moved ecdsa tests to key-tests/ -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 13:13:39 2016 +0200 tests: moved dsa tests into key-tests/ -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 13:08:57 2016 +0200 tests: moved pkcs8 tests to key-tests/ -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 13:04:31 2016 +0200 tests: key-tests: moved data files into data/ subdir -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 12:59:33 2016 +0200 tests: moved pkcs12 tests into cert-certs/ subdir -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 11:23:43 2016 +0200 more files to ignore @@ -27962,7 +32994,7 @@ Date: Thu Jul 28 09:55:27 2016 +0200 Require compiler to support C99 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 13:59:26 2016 +0200 doc update @@ -27977,7 +33009,7 @@ Date: Sat Jul 9 12:24:33 2016 +0200 gnutls_x509_crl_list_import2 was ignoring the passed flags if all CTLs in the list fit within the initially allocated memory. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 10:51:40 2016 +0200 gnutls_certificate_get_peers may return an unsorted list @@ -27987,7 +33019,7 @@ Date: Sat Jul 9 11:53:52 2016 +0200 gnutls_x509_crt_list_import2 was ignoring the passed flags if all certificates in the list fit within the initially allocated memory. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 10:37:00 2016 +0200 x509: parse_tlsfeatures: move limit check at the point of addition @@ -27996,26 +33028,26 @@ Date: Thu Jul 28 10:37:00 2016 +0200 which use the maximum allowed number of features. Suggested by Tim Kosse. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 10:33:06 2016 +0200 tests: removed irrelevant comment -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 10:31:25 2016 +0200 correct the sign type of integers in debug message Suggested by Tim Kosse -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 10:29:18 2016 +0200 verify_crt: simplified error setting based on suggestion by Tim Kosse. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 28 10:12:46 2016 +0200 verify_crt: removed text on parameter no longer being present @@ -28042,22 +33074,22 @@ Date: Wed Jul 27 23:27:07 2016 +0200 rnd-linux: use better define check for linux systems -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 27 13:10:28 2016 +0200 gnutls_prf: document when its output matches gnutls_prf_rfc5705 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 27 11:05:59 2016 +0200 doc: gnutls_session_set_id: added since -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 27 10:38:47 2016 +0200 .gitlab-ci.yml: keep the guile logs as artifacts on test suite failure -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 27 09:20:52 2016 +0200 doc update @@ -28071,22 +33103,22 @@ Date: Wed Jul 20 12:43:26 2016 +0100 Resolves: #113 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 15:14:33 2016 +0200 moved system-keys-win.c and system-key-dummy.c under system/ -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 25 15:47:19 2016 +0200 split system.c to various files under system/ -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 25 16:26:39 2016 +0200 gnutls.h: giovec_t is a typedef to iovec where that is available -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 13:37:43 2016 +0200 tests: added unit test for linux _rnd_get_system_entropy @@ -28094,76 +33126,76 @@ Date: Tue Jul 26 13:37:43 2016 +0200 This tests whether the function can operate as expected while being interrupted by signals. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 12:03:54 2016 +0200 getrandom: loop around getrandom to get the requested number of bytes This simplifies and enhanced the previous error handling code. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 11:45:30 2016 +0200 README.ci-runners: document asan and ubsan tags -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 15:17:35 2016 +0200 tests: removed pkcs1-padding from subdirs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 15:10:49 2016 +0200 .gitignore: more tests files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 14:59:34 2016 +0200 configure.ac: don't generate makefiles of moved tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 14:57:44 2016 +0200 tests: pkcs1-pad: moved to cert-tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 14:55:25 2016 +0200 tests: userid test moved to cert-tests/ -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 14:51:59 2016 +0200 tests: rsa-md5-collision: run from top-level -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 14:29:45 2016 +0200 doc: updated documentation for gnutls_transport_set_int* -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 13:59:04 2016 +0200 doc: added section on reducing round-trips That discusses TCP fast open with gnutls_transport_set_fastopen(), and false start. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 11:38:32 2016 +0200 tests: added test of gnutls_transport_set_fastopen -Author: Tim Ruehsen +Author: Tim Rühsen Date: Mon Jul 25 13:05:30 2016 +0200 tests: added test of TCP fast open using gnutls-cli and gnutls-serv -Author: Tim Ruehsen +Author: Tim Rühsen Date: Mon Jul 25 13:08:28 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 10:33:24 2016 +0200 tools: TLS handling has been incorporated into socket_open() @@ -28172,14 +33204,14 @@ Date: Tue Jul 26 10:33:24 2016 +0200 we can detect fast open errors and retry handshake to the next IP address. -Author: Tim Ruehsen +Author: Tim Rühsen Date: Mon Jul 25 13:04:11 2016 +0200 gnutls-cli: added example usage of TCP fastopen It is enabled with the new --fastopen option. -Author: Tim Ruehsen +Author: Tim Rühsen Date: Mon Jul 25 13:00:12 2016 +0200 Support TCP Fast Open @@ -28189,19 +33221,19 @@ Date: Mon Jul 25 13:00:12 2016 +0200 Signed-off-by: Nikos Mavrogiannopoulos Signed-off-by: Tim Ruehsen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 11:09:56 2016 +0200 .gitlab-ci.yml: added asan tag for builds which require asan -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 26 11:08:12 2016 +0200 tests: pkcs11-privkey-fork: added explicit pkcs11 deinitialization Also ignore known leaks for p11-kit. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 25 11:43:08 2016 +0200 mention ubsan in README [ci skip] @@ -28211,7 +33243,7 @@ Date: Thu Jul 21 20:14:39 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 22 14:11:25 2016 +0200 tests: added checks for OCSP response file support @@ -28220,7 +33252,7 @@ Date: Fri Jul 22 14:11:25 2016 +0200 an ocsp response. This improves and makes more generic the test suite API and test_cli_serv() in particular. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 22 15:36:55 2016 +0200 dtls: added a null pointer check in record_overhead @@ -28230,7 +33262,7 @@ Date: Fri Jul 22 15:36:55 2016 +0200 warns about a null pointer derefence and thus adding it, to be safe. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 22 14:43:49 2016 +0200 gnutls_x509_crt_check_hostname*: use unsigned a return value @@ -28238,12 +33270,12 @@ Date: Fri Jul 22 14:43:49 2016 +0200 This is to prevent issues to callers who may check for negative error values. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 22 11:17:08 2016 +0200 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 22 11:08:32 2016 +0200 introduced: GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE @@ -28255,14 +33287,14 @@ Date: Fri Jul 22 11:08:32 2016 +0200 Relates #114 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 21 18:58:24 2016 +0200 tests: added check of the return values of resumption data functions during false start Relates #114 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 22 10:57:37 2016 +0200 doc: mention that the session data functions will fail prior to handshake completion @@ -28297,37 +33329,37 @@ Date: Wed Jul 20 14:28:20 2016 +0200 - Drop explicit (de)initialization (prevents some not reed reachable memory due to PKCS11 subsystem not being deinitialized in the destructor). - Use variables to count set permitted/excluded constraints instead of hard-coded numbers. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 21 16:07:56 2016 +0200 doc: clarify return codes in verification functions [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 21 16:02:42 2016 +0200 gnutls_certificate_verify_peers2: document that hostname comparison follows RFC6125 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 21 11:53:46 2016 +0200 rnd-getentropy: better handling of error printing with errno -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 21 11:51:05 2016 +0200 rnd-linux: make getrandom back-end robust against EINTR failures -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 20 13:36:38 2016 +0200 gnutls_init: doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 20 13:31:18 2016 +0200 tests: verify that GNUTLS_NONBLOCK is available as a definition -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 20 13:23:16 2016 +0200 gnutls.h: define elements of gnutls_init_flags_t @@ -28335,22 +33367,22 @@ Date: Wed Jul 20 13:23:16 2016 +0200 That is, define all the elements that were available prior the move from #define to enum, to allow code relying on -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 20 13:07:44 2016 +0200 gnutls.h: documented the version various gnutls_init flags were introduced -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 20 11:27:35 2016 +0200 Moved the gnutls_x509_dn API functions to x509_dn.c -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 19 15:12:13 2016 +0200 tests: enhanced DN decoding tests with complex encoding -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 19 14:43:52 2016 +0200 RFC4514 DN decoding: allow decoding of raw ('#') items @@ -28358,33 +33390,33 @@ Date: Tue Jul 19 14:43:52 2016 +0200 In addition allow escaping prefix or suffix spaces as well as the hash. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 19 14:21:16 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 19 14:10:08 2016 +0200 tests: enhanced DN decoding tests with encoding This adds unit tests for gnutls_x509_dn_set_str(). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 19 14:09:06 2016 +0200 Added gnutls_x509_dn_set_str() This allows initializing a gnutls_x509_dn_t structure via a DN string. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 19 13:45:08 2016 +0200 tests: utils: use vasprintf() where available This allows printing long strings. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 19 13:35:13 2016 +0200 tests: added checks for the RFC4514 decoding via gnutls_x509_dn_get_str() @@ -28399,12 +33431,12 @@ Date: Tue Jul 19 11:08:10 2016 +0200 Fix tests/slow/cipher-openssl-compat.c for OpenSSL 1.1.0 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 18 18:02:25 2016 +0200 cfg.mk: no longer save config.rpath -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 18 16:36:27 2016 +0200 removed auto-generated files from the repository @@ -28462,17 +33494,17 @@ Date: Fri Jul 15 18:51:14 2016 +0200 rnd-common: added faster detection of getrandom based on GRND_NONBLOCK -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 15 15:31:16 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 15 14:58:07 2016 +0200 urandom: use st_ino and st_rdev to determine device uniqueness -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 15 14:34:38 2016 +0200 Added auto-detection of getrandom() system call in Linux systems @@ -28485,7 +33517,7 @@ Date: Fri Jul 15 14:34:38 2016 +0200 For that we detect on initialization whether getrandom() can obtain random data, and if yes, we continue using that. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 15 13:58:16 2016 +0200 tests: seccomp examples: use cert-common.h @@ -28525,7 +33557,7 @@ Date: Mon Jul 11 16:13:12 2016 +0200 This tests the add_extension and add_critical_extension options of certtool. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 11 11:43:10 2016 +0200 certtool: added options to set arbitrary extensions to certificates and requests @@ -28536,7 +33568,7 @@ Date: Mon Jul 11 11:43:10 2016 +0200 The "0x" prefix can be omitted. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 11 11:41:14 2016 +0200 added gnutls_x509_crq_set_extension_by_oid() @@ -28544,17 +33576,17 @@ Date: Mon Jul 11 11:41:14 2016 +0200 This is a function to add an arbitrary extension into a certificate request. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 13 13:20:10 2016 +0200 doc: mention the need of libtasn1-tools in Fedora based systems [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 13 12:11:57 2016 +0200 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 11 10:54:09 2016 +0200 doc: mention libcmocka dependency @@ -28578,12 +33610,12 @@ Date: Fri Jun 10 22:42:21 2016 +0200 dtls: moved DTLS window handling to separate file -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 12 18:37:53 2016 +0200 ex-client-x509: removed unused call to gnutls_session_set_ptr() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 12 14:48:14 2016 +0200 libtasn1: updated to allow large OIDs to be used even on 32-bit systems @@ -28605,7 +33637,7 @@ Date: Mon Jul 11 17:19:16 2016 +0200 This fixes compilation of gnutls in solaris. Reported by Dagobert Michelsen. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 8 14:26:38 2016 +0200 NEWS: corrected release date [ci skip] @@ -28650,7 +33682,7 @@ Date: Tue Jul 5 11:33:54 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 1 13:51:18 2016 +0200 asm: updated openssl and the asm sources for AES-GCM from openssl 1.0.2h @@ -28667,7 +33699,7 @@ Date: Tue Jul 5 11:44:59 2016 +0200 This ensures that we test our optimized code (which is mostly openssl based), with code that is not identical. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 1 14:29:40 2016 +0200 tests: added openssl compatibility tests for AES-GCM cipher @@ -28681,7 +33713,7 @@ Date: Tue Jul 5 11:41:20 2016 +0200 files mentioned LGPL version 3. Reported by Thomas Petazzoni. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 4 17:29:30 2016 +0200 tests: ignore leaks due to p11-kit in test suite @@ -28689,7 +33721,7 @@ Date: Mon Jul 4 17:29:30 2016 +0200 This addresses issue in "pkcs11-privkey-fork" which failed when compiled under asan due to leaks in p11-kit after fork. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 4 15:28:27 2016 +0200 tests: added check to ensure that pkcs11 objects will be reopened on fork @@ -28699,53 +33731,53 @@ Date: Mon Jul 4 15:28:27 2016 +0200 Resolves #95 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 4 15:19:32 2016 +0200 pkcs11: on object import always check for a support public key algorithm -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 1 15:29:58 2016 +0200 gnutls_aead_cipher_decrypt: corrected the return value of ptext_len That is, do not account the tag_size into the plaintext. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 30 15:29:44 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 30 15:22:22 2016 +0200 configure: check for libdl irrespective of FIPS140 configuration This allows to link to libdl for the tests that require it. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 30 13:44:57 2016 +0200 tests: account pkcs11/pkcs11-mock-ext.h in Makefile -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 30 13:41:51 2016 +0200 tests: link pkcs11-import-url-privkey with libdl That is because it uses dlopen(). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 30 10:47:02 2016 +0200 more files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 30 09:34:33 2016 +0200 tests: avoid compiler warning from pkcs11-pubkey-import -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 30 09:30:47 2016 +0200 tests: added check to verify the tolerance of broken C_GetAttributes @@ -28756,7 +33788,7 @@ Date: Thu Jun 30 09:30:47 2016 +0200 Relates #108 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 30 09:11:40 2016 +0200 pkcs11_get_attribute_avalue: correctly handle a -1 value length from C_GetAttributeValue @@ -28776,21 +33808,21 @@ Date: Wed Jun 29 18:52:22 2016 +0200 to a free'd value. This is against the convention expected by callers, i.e, set data to NULL. Reported by Anthony Alba in #108. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 29 17:25:06 2016 +0200 tests: use datefudge in name-constraints test This avoids the expiration of the used certificate to affect the test. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 28 09:17:13 2016 +0200 tests: link libpkcs11mock1 with gnulib This allows it to use gnulib for strndup where it is needed. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 28 09:15:55 2016 +0200 p11tool: do not return from void functions @@ -28798,57 +33830,57 @@ Date: Tue Jun 28 09:15:55 2016 +0200 This fixes a compilation issue with solaris compiler. Reported by Peter Eriksson. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 24 11:01:35 2016 +0200 doc: mention the boolean functions in the gnutls API -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 24 10:55:37 2016 +0200 tests: removed remainders of pkcs11 tests from suite/ -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 24 08:37:03 2016 +0200 gnutls_pkcs11_crt_is_known: changed to unsigned type -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 23 23:24:19 2016 +0200 tests: pkcs11-is-known: check that no flags enforce compare -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 23 23:13:50 2016 +0200 gnutls_pkcs11_crt_is_known: always assume GNUTLS_PKCS11_OBJ_FLAG_COMPARE unless GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED is given -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 23 23:06:29 2016 +0200 tests: moved pkcs11-softhsm test suite into pkcs11/ -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 23 22:40:26 2016 +0200 find_cert_cb: minor cleanups in find_cert_cb -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 23 22:25:06 2016 +0200 tests: added more unit tests for gnutls_pkcs11_crt_is_known() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 22 18:04:45 2016 +0200 dn2: updated to account for serial number being printed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 22 18:01:15 2016 +0200 tests: corrected create-chain.sh to remove the ocsp_signing_key from generated certs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 22 18:00:03 2016 +0200 tests: replaced tls feature extension checks @@ -28856,22 +33888,22 @@ Date: Wed Jun 22 18:00:03 2016 +0200 The previous checks had incorrect key purpose check on the final (root) certificate. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 22 17:31:30 2016 +0200 enhanced debugging messages for cert verification -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 22 17:09:54 2016 +0200 x509: print serial number in compact output -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 22 16:49:42 2016 +0200 tests: include softhsm.h into dist files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 22 15:27:05 2016 +0200 pkcs11: correctly encode the serial number when searching for certificate @@ -28880,17 +33912,17 @@ Date: Wed Jun 22 15:27:05 2016 +0200 serial number to TLV DER from LV DER. This is the encoding we use when storing that number. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 22 15:50:51 2016 +0200 pkcs11: correctly account check_found_cert() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 22 13:50:48 2016 +0200 gnutls-cli-debug: replaced draft-ietf-tls-chacha20-poly1305-04 with RFC7905 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 20 12:07:03 2016 +0200 gnutls-cli: benchmark the memcpy performance to compare with ciphers @@ -28898,7 +33930,7 @@ Date: Mon Jun 20 12:07:03 2016 +0200 Also ensure that we use different memory areas for each operation to avoid measuring better performance due to caching. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 16 11:53:55 2016 +0200 doc update [ci skip] @@ -28913,12 +33945,12 @@ Date: Sun Jun 19 13:06:15 2016 +0200 Sync with TP. -Author: Andreas Metzler +Author: Andreas Metzler Date: Sat Jun 18 18:36:13 2016 +0200 Typo fixes (found by lintian): extention, reencode -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 16 11:51:42 2016 +0200 tests: added check for handshake packet reconstruction @@ -28926,7 +33958,7 @@ Date: Thu Jun 16 11:51:42 2016 +0200 This tests whether a split handshake packet is properly reconstructed if the parts are switched. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 16 11:37:30 2016 +0200 dtls: corrected reconstruction of handshake packets received out of order @@ -28935,7 +33967,7 @@ Date: Thu Jun 16 11:37:30 2016 +0200 chunks and received out of order, make sure that reconstruction occurs properly. Reported by Guillaume Roguez. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 16 10:08:34 2016 +0200 Corrected the writing of serial number in PKCS#11 modules @@ -28944,12 +33976,12 @@ Date: Thu Jun 16 10:08:34 2016 +0200 in PKCS#11 the serial number must be set encoded as integer. Report and fix by Stanislav Zidek. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 15 13:50:54 2016 +0200 ext: ecc: replaced SUPPORTED ECC POINT FORMATS with better formatted name -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 15 09:21:10 2016 +0200 tests: disable SRP-base64 encode/decoded tests when SRP is disabled @@ -28997,12 +34029,12 @@ Date: Tue Jun 14 15:17:33 2016 +0200 more files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 1 10:21:54 2016 +0200 tests: verify the resilience of the TLSFeature handling functions on large number of features -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 1 10:02:56 2016 +0200 tlsfeature: impose a maximum number of supported TLS features @@ -29011,12 +34043,12 @@ Date: Wed Jun 1 10:02:56 2016 +0200 The currently set maximum number of TLS features aligns with the maximum number of supported TLS extensions. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 1 09:51:01 2016 +0200 tests: added unit test for gnutls_x509_tlsfeatures_check_crt -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 16:07:44 2016 +0200 During PKIX chain verification check the TLSFeatures compliance @@ -29028,14 +34060,14 @@ Date: Tue May 31 16:07:44 2016 +0200 This enhances gnutls_x509_crt_get_tlsfeatures() to allow appending of TLSFeatures, and introduces gnutls_x509_tlsfeatures_check_crt(). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 15:10:27 2016 +0200 verify_crt: moved all verification state into a common structure This allows for easier extension of state. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 09:28:28 2016 +0200 tests: added chain verification with TLS features @@ -29306,54 +34338,54 @@ Date: Sat Jun 4 11:36:34 2016 +0200 pkcs12: corrected return type of gnutls_pkcs12_bag_get_type() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 3 17:07:28 2016 +0200 tests: move pkcs11-cert-import-url4-exts with the other pkcs11 tests This prevents a build failure in windows. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 3 15:01:59 2016 +0200 doc clarify the version since when GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT is accepted -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 3 14:53:04 2016 +0200 tests: corrected typo in crl-test -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 3 14:24:32 2016 +0200 tests: check gnutls_pkcs11_obj_list_import_url4() with GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 3 14:50:45 2016 +0200 gnutls_pkcs11_obj_list_import_url4: accepts the GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 3 14:41:25 2016 +0200 gnutls_pkcs11_obj_list_import_url3: rewritten to use gnutls_pkcs11_obj_list_import_url4 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 3 14:29:45 2016 +0200 pkcs11: use ctx as variable name for ck_object_handle_t for clarity -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 3 13:47:44 2016 +0200 pkcs11: doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 2 14:37:11 2016 +0200 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 2 14:28:52 2016 +0200 _gnutls_check_key_purpose: in CA certificates treat the SGC key purpose as GNUTLS_KP_TLS_WWW_SERVER @@ -29362,7 +34394,7 @@ Date: Thu Jun 2 14:28:52 2016 +0200 of having the GNUTLS_KP_TLS_WWW_SERVER have some old OIDs for that purpose. Consider these OIDs equivalent to GNUTLS_KP_TLS_WWW_SERVER in marked as CA certificates. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 2 09:22:26 2016 +0200 gnutls-cli: --save-ocsp will work even if verification fails @@ -29371,7 +34403,7 @@ Date: Thu Jun 2 09:22:26 2016 +0200 a verification error. That way the response can be examined for possible issues. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 2 09:20:13 2016 +0200 ocsp: attempt harder to figure an OCSP staple issuer @@ -29382,7 +34414,7 @@ Date: Thu Jun 2 09:20:13 2016 +0200 few servers have an OCSP response signed not by their direct CA but rather by one of the higher level CAs. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 1 14:10:59 2016 +0200 tests: added comprehensive OCSP test suite with MUST-staple PKIX extension @@ -29395,22 +34427,22 @@ Date: Wed Jun 1 14:10:59 2016 +0200 - Server with valid certificate - expired staple - Server with valid certificate - old staple -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 1 10:09:54 2016 +0200 tests: utils: added c_print() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 1 10:33:15 2016 +0200 ext: status_request: added more descriptive name -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 1 14:15:49 2016 +0200 ocsp: fail certificate verification on expired or too old revocation data info -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 1 14:13:52 2016 +0200 ocsp: Introduced GNUTLS_CERT_INVALID_OCSP_STATUS @@ -29419,29 +34451,29 @@ Date: Wed Jun 1 14:13:52 2016 +0200 being stapled but it being invalid for some reason (e.g., unable to parse or doesn't contain the expected certificate). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 1 14:38:32 2016 +0200 doc: improved OCSP description and mention RFC7633 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 16:52:06 2016 +0200 tests: added basic check for gnutls_url_is_supported -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 16:47:34 2016 +0200 gnutls_url_is_supported: type changed to unsigned In addition function documentation was updated. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 16:42:22 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 16:37:34 2016 +0200 pubkey_to_bits: return type was changed to unsigned @@ -29449,12 +34481,12 @@ Date: Tue May 31 16:37:34 2016 +0200 This function did not return signed data, so the "int" return type was confusing. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 16:16:38 2016 +0200 crypto-selftests: removed unneeded cast -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 13:49:13 2016 +0200 several sign-related API changes @@ -29467,12 +34499,12 @@ Date: Tue May 31 13:49:13 2016 +0200 This allows easier catching of sign/unsigned related errors from the calling applications. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 11:40:00 2016 +0200 x509: simplified _gnutls_x509_get_tbs() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 10:08:14 2016 +0200 x509: replace the bool type with the unsigned type @@ -29481,7 +34513,7 @@ Date: Tue May 31 10:08:14 2016 +0200 conversions. Unfortunately gcc does warn on invalid checks for the bool type (e.g., b<0). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 10:00:18 2016 +0200 configure: enable the type-limits gcc warnings @@ -29489,7 +34521,7 @@ Date: Tue May 31 10:00:18 2016 +0200 In addition remove the unsafe-loop-optimizations warning as they were not helpful. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 31 08:59:47 2016 +0200 certtool: doc update @@ -29499,19 +34531,19 @@ Date: Mon May 30 22:28:23 2016 +0200 DCO: added Tim Kosse [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 15:19:15 2016 +0200 tools: modify canonicalize_host to not depend on in6_addr -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 15:17:06 2016 +0200 tests: added unit tests for gnutls_x509_tlsfeatures_t handling funcs This includes DER import/export as well as feature appending. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 14:19:20 2016 +0200 tests: tlsfeature-test will ignore the 'Algorithm Security Level' line in comparisons @@ -29519,7 +34551,7 @@ Date: Mon May 30 14:19:20 2016 +0200 That is to allow depending on the certificate output validation without relying on "moving" parameters such as the Algorithm Security Level. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 13:47:14 2016 +0200 tests: verify whether the TLSFeatures extension is copied @@ -29527,7 +34559,7 @@ Date: Mon May 30 13:47:14 2016 +0200 Verify whether the TLSFeatures extension is copied from the certificate request to the generated certificate. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 13:34:17 2016 +0200 doc: updated since version of tlsfeature functionality and documented new functions @@ -29560,7 +34592,7 @@ Date: Sun Dec 20 15:09:24 2015 +0100 status request and have not gotten anything, but the certificate has the Status Request TLSFeature extension present, fail to verify the certificate. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 12:57:55 2016 +0200 tools: allow specifying a hostname with a port attached @@ -29568,31 +34600,31 @@ Date: Mon May 30 12:57:55 2016 +0200 That is: gnutls-cli www.example.com:443 is equivalent to gnutls-cli www.example.com -p 443 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 12:35:45 2016 +0200 tests: check the generation and printing of TLS feature PKIX extension -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 11:23:39 2016 +0200 doc: document tls_feature option in the sample template -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 10:55:46 2016 +0200 TLS extensions: use more human-friendly names This is required to provide better output to gnutls_ext_get_name() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 10:50:38 2016 +0200 exported function to convert TLS extension numbers to strings The exported function is gnutls_ext_get_name() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 10:45:46 2016 +0200 x509/output: print the extension name of TLSFeatures @@ -29602,7 +34634,7 @@ Date: Thu Jan 7 11:27:13 2016 +0100 Implement setting the TLS features extension on certificates via certtool's template file. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 30 10:20:00 2016 +0200 libgnutls.map: exported the tlsfeatures-related functions @@ -29656,7 +34688,7 @@ Date: Mon May 30 09:45:29 2016 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Andreas Metzler +Author: Andreas Metzler Date: Sun May 29 11:53:22 2016 +0200 Typo fix: auxilary -> auxiliary [ci skip] @@ -29714,29 +34746,29 @@ Date: Fri May 27 22:19:40 2016 +0200 Also consider the SSLKEYLOGFILE variable, since the format is identical and we are always appending keys. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 26 11:05:40 2016 +0200 tests: ssl2-hello check is made conditional It is only run if ENABLE_SSL2 is defined. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 26 11:04:27 2016 +0200 .gitignore: more files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 26 11:02:34 2016 +0200 tests: added SSL2.0 client hello parsing check -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 26 10:58:19 2016 +0200 tests: added small text clarifying the purpose of the cert-common.h header -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 24 13:45:32 2016 +0200 tests: add an upper limit in the run of compat tests @@ -29744,7 +34776,7 @@ Date: Tue May 24 13:45:32 2016 +0200 This allows the test suite to recover from the case of DTLS implementations that do not properly retransmit and block on lost packets. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 24 13:27:12 2016 +0200 doc: advise against using the TPM-specific API @@ -29754,14 +34786,14 @@ Date: Tue May 24 13:27:12 2016 +0200 Relates #101 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 24 10:08:14 2016 +0200 .gitlab-ci.yml: corrected typo preventing the no-SSL 3.0 test part to be properly run Also test the --disable-ssl2-support option. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 24 09:58:12 2016 +0200 Amend the "Allow for conditional compilation of SSL 3.0 protocol patch" @@ -29771,7 +34803,7 @@ Date: Tue May 24 09:58:12 2016 +0200 This amends 89faab9e9e9123f39e8c0c6f8da1f67de423254a -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 24 09:17:53 2016 +0200 doc: updated text on priority strings @@ -29779,7 +34811,7 @@ Date: Tue May 24 09:17:53 2016 +0200 Refer to RFC7685 for the TLS padding extension (%DUMBFW), and mention the default behavior for the TLS client hello record version. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 23 11:33:53 2016 +0200 pkcs11: added sanity check to find_obj_url_cb() for object validity @@ -29804,22 +34836,22 @@ Date: Sat May 21 05:39:21 2016 +0200 using the NORMAL priority string. We also add a custom check for DTLS-0.9 as this is not fully supported for negotiation. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 20 17:44:46 2016 +0200 tests: use /bin/bash in tests which require common.sh -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 20 15:04:22 2016 +0200 .gitlab-ci.yml: minimal build disables SSL2 client hello -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 20 15:03:41 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 20 15:01:49 2016 +0200 Allow for conditional compilation of SSL 2.0 client hello support @@ -29829,29 +34861,29 @@ Date: Fri May 20 15:01:49 2016 +0200 Relates #97 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 20 14:54:38 2016 +0200 Amend: Allow for conditional compilation of SSL 3.0 protocol This patch makes conditional several more SSL 3.0-only parts of codebase. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 20 14:47:27 2016 +0200 CONTRIBUTING.md: link to milestones instead of all issues -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 20 14:42:12 2016 +0200 tests: mini-x509-cas: use cert-common.h -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 20 14:41:08 2016 +0200 CONTRIBUTING.md: doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 20 12:07:57 2016 +0200 tests: do not use pkglib to generate libpkcs11mock1.so @@ -29860,7 +34892,7 @@ Date: Fri May 20 12:07:57 2016 +0200 for the library, but pass -rpath to LDFLAGS as a hack to for libtool to generate the shared version. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 19 12:08:13 2016 +0200 configure.ac: increased stack size usage to reduce warnings @@ -29873,7 +34905,7 @@ Date: Fri May 20 07:45:46 2016 +0200 announce.txt: updated list email address -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 19 10:56:52 2016 +0200 priority: CCM ciphersuites was promoted over the CBC ones @@ -29881,7 +34913,7 @@ Date: Thu May 19 10:56:52 2016 +0200 Also make explicit the prioritization rules for the default set of ciphers. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 19 09:24:13 2016 +0200 gnutls-cli: allow operation with stdin input @@ -29891,7 +34923,7 @@ Date: Thu May 19 09:24:13 2016 +0200 Resolves #96 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 18 14:00:06 2016 +0200 doc update @@ -29911,12 +34943,12 @@ Date: Wed May 18 21:15:38 2016 +0200 tests: added check to verify that keylog file is being written -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 18 16:38:13 2016 +0200 doc: documented the GNUTLS_KEYLOGFILE environment variable -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 18 16:31:28 2016 +0200 Write session keys into a file when GNUTLS_KEYLOGFILE is exported @@ -29932,22 +34964,22 @@ Date: Wed May 18 16:31:28 2016 +0200 Resolves #64 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 18 13:39:06 2016 +0200 systemkey: corrected help output -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 18 13:36:11 2016 +0200 doc: document the systems supported via systemkeys API -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 17 14:13:26 2016 +0200 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 17 10:35:39 2016 +0200 gnutls-cli: corrected check for OCSP verification success @@ -29964,12 +34996,12 @@ Date: Fri Apr 29 02:50:31 2016 +0200 Signed-off-by: Thomas Klute Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 17 09:23:22 2016 +0200 INSTALL.md: no longer reference libgcrypt -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 17 09:16:32 2016 +0200 doc: updated README files @@ -29981,34 +35013,34 @@ Date: Tue May 17 09:16:32 2016 +0200 README -> INSTALL.md README-alpha.md -> README.md -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 17 08:56:59 2016 +0200 tests: renamed cert-callback checks for simplicity -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 17 08:55:50 2016 +0200 tests: added check with the legacy cert verification callback -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 17 08:54:43 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 17 08:43:58 2016 +0200 tests: cert-callbacks check now checks the server-side callback operation as well -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 16 18:08:27 2016 +0200 tests: dtls-stress: fix debug argument accounting It was not being considered when it was not the last argument. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 16 18:05:34 2016 +0200 tests: re-disabled dtls-nb check; it had random failures @@ -30016,7 +35048,7 @@ Date: Mon May 16 18:05:34 2016 +0200 This was disabled for quite long time already, and needs to be investigated. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 16 13:47:23 2016 +0200 tests: added DTLS test suite when in session resumption @@ -30142,12 +35174,12 @@ Date: Sat May 14 00:31:43 2016 +0200 This aligns with gitlab's web interface. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 13 20:39:11 2016 +0200 tests: include unistd.h in tests which call _exit() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 13 13:41:53 2016 +0200 tests: simplified server launching process @@ -30155,22 +35187,22 @@ Date: Fri May 13 13:41:53 2016 +0200 Also attempt to use a new port on every started server and added a waiting period for the port to become re-usable. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 13 11:28:51 2016 +0200 tests: avoid calling exit() from signal handlers -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 13 11:16:58 2016 +0200 memmem.m4: don't call exit() from signal handler -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 12 11:24:03 2016 +0200 tests: enhance SNI checking with invalid UTF8 and embedded NULL case -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 12 11:22:51 2016 +0200 Introduce _gnutls_server_name_set_raw @@ -30179,12 +35211,12 @@ Date: Thu May 12 11:22:51 2016 +0200 the same as gnutls_server_name_set() but without any UTF8 conversions or other checks in the input. It is intended to be used with raw data. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 12 11:21:16 2016 +0200 errors: include GNUTLS_E_IDNA_ERROR to the list -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 12 10:58:58 2016 +0200 server_name: only save the supported server names in the session @@ -30192,24 +35224,24 @@ Date: Thu May 12 10:58:58 2016 +0200 Invalid server names with embedded nulls and unsupported types are not saved. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 12 10:37:56 2016 +0200 gnutls_server_name_get: mention GNUTLS_E_IDNA_ERROR being returned -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 12 09:24:23 2016 +0200 doc: clarify that 'hmac' in the name of functions is only for legacy reasons -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 11 13:23:33 2016 +0200 tests: introduce delay between server restarts in testsrn.sh This is to reduce test suite random failures on CI. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 11 09:31:28 2016 +0200 tests: CRL test will separate stderr output from stdout @@ -30217,19 +35249,19 @@ Date: Wed May 11 09:31:28 2016 +0200 This addresses CI failures due to "Merge mismatch for function" messages from gcov being inserted into stdout output and messing the base64 encoding. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 11 09:28:55 2016 +0200 Revert "tests: CRL test will not push stderr into output files" This reverts commit bf1ee75f78cd81ea8309bdfb50f63ed0ab61a23a. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 11 09:27:32 2016 +0200 gnutls_pkcs7_print: avoid warning for signed/unsigned comparison by making everything signed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 11 08:17:37 2016 +0200 tests: CRL test will not push stderr into output files @@ -30277,12 +35309,12 @@ Date: Tue May 10 20:06:03 2016 +0200 tests: fix mmap usage of hash-large to correctly detect failures -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 15:23:11 2016 +0200 doc: updated documentation for gnutls_x509_crt_get_*_dn -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 15:20:09 2016 +0200 certtool: handle empty CNs on verification @@ -30290,21 +35322,21 @@ Date: Tue May 10 15:20:09 2016 +0200 That is, handle GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if returned from gnutls_x509_crt_get_dn() on the end certificate. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 15:17:18 2016 +0200 Revert "x509: allow empty DNs on parsing for subject DNs" This reverts commit 1641ea943079765d601cf418dc2c89c1c93f0ecf. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 11:40:43 2016 +0200 cert cred: add the CN to the list of known hostnames only if no dns_names That is, follow rfc6125 and support CN as a fallback only. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 11:23:02 2016 +0200 tests: enhanced set_x509*_key to verify that connections succeed with creds @@ -30312,29 +35344,29 @@ Date: Tue May 10 11:23:02 2016 +0200 That is the tests no only verify that credentials are set as expected but also whether sessions are established with the credentials provided. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 11:15:53 2016 +0200 gnutls_certificate_set_key: import the DNS names of the certificates That is, only when no (NULL) names are provided. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 11:12:33 2016 +0200 reset the global time func on init/deinit -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 11:05:03 2016 +0200 auth/cert: log the server name requested by client -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 11:00:02 2016 +0200 improved output of gnutls_assert() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 10:44:57 2016 +0200 x509: allow empty DNs on parsing for subject DNs @@ -30346,12 +35378,12 @@ Date: Mon May 9 20:57:36 2016 +0300 Signed-off-by: Alon Bar-Lev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 09:15:29 2016 +0200 .gitlab-ci.yml: enable openssl compat library in minimal build -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 10 09:12:51 2016 +0200 openssl_compat: removed unneeded headers @@ -30393,19 +35425,19 @@ Date: Sat May 7 13:18:20 2016 +0200 x509: added flag to indicate modification in gnutls_x509_crt_t -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 6 16:55:48 2016 +0200 gnutls_x509_crt_equals*: modified to allow operation with certificates that are not imported This allows it operating with certificates that are generated from scratch. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 6 16:04:31 2016 +0200 tests: added checks for certificate generation APIs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 6 15:40:14 2016 +0200 doc: fixed documentation of gnutls_x509_crt_set_subject_alternative_name @@ -30429,17 +35461,17 @@ Date: Fri May 6 11:05:10 2016 +0200 necessary to be able to differentiate between name being rejected because it is unknown to the server and it being malformed. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 6 11:41:12 2016 +0200 doc: TODO list references to gitlab -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 5 11:10:38 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 5 11:01:29 2016 +0200 priorities: when without AES acceleration prefer stream ciphers (i.e., CHACHA20) @@ -30449,7 +35481,7 @@ Date: Thu May 5 22:49:50 2016 +0200 doc: updated documentation on rehandshake and GNUTLS_ALLOW_ID_CHANGE [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 4 09:13:50 2016 +0200 tests: use the 'b' modifier for writing binary data in set_x509_key_file_der @@ -30474,22 +35506,22 @@ Date: Tue May 3 20:14:37 2016 +0200 tests: fixed 64-bit check for time_t in mini-x509 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 15:26:52 2016 +0200 tests: added check for gnutls_certificate_set_x509_simple_pkcs12_file -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 15:12:47 2016 +0200 .gitignore: more files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 15:12:00 2016 +0200 tests: added check of gnutls_certificate_set_x509_key_file2 with DER input -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 14:54:31 2016 +0200 tests: enhanced set_x509_key_file check @@ -30497,46 +35529,46 @@ Date: Tue May 3 14:54:31 2016 +0200 That now verifies that the input is the same as the data stored in the credentials as well checks for valid operation. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 14:29:35 2016 +0200 tests: mini-x509: include the legacy verification functions into the check -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 14:28:44 2016 +0200 tests: added check for gnutls_certificate_set_key() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 14:24:08 2016 +0200 gnutls_certificate_set_key: duplicate the provided memory That is, do not assume that a heap allocated value is provided. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 11:54:04 2016 +0200 .gitlab-ci.yml: enabled coverage run in the x86 build -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 11:49:09 2016 +0200 tests: do not block server errors in testdsa from being printed out Also added a delay prior to launching next server instance. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 11:43:48 2016 +0200 .gitignore: more test files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 11:26:04 2016 +0200 pkcs11: find_ext_cb: eliminated memory leak -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 10:56:44 2016 +0200 pkcs11: find_cert_cb: do not use C_FindObjectsInit() when another is already running @@ -30544,7 +35576,7 @@ Date: Tue May 3 10:56:44 2016 +0200 While some modules implicitly terminated the previous run, this is not something that PKCS#11 modules are expected to typically do. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 3 09:28:36 2016 +0200 pkcs11: the flag GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT will be respected by imported certificates @@ -30554,7 +35586,7 @@ Date: Tue May 3 09:28:36 2016 +0200 extensions overriden. Previously that was available only on gnutls_pkcs11_get_raw_issuer() and friends. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 2 15:36:56 2016 +0200 tests: added a basic PKCS#11 mock module @@ -30563,17 +35595,17 @@ Date: Mon May 2 15:36:56 2016 +0200 and gnutls_pkcs11_get_raw_issuer() with the GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 2 13:13:10 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 2 13:12:00 2016 +0200 _gnutls_x509_crt_cpy: optimized and simplified -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 2 12:53:54 2016 +0200 exported gnutls_x509_crt_equals() and gnutls_x509_crt_equals2() @@ -30581,27 +35613,27 @@ Date: Mon May 2 12:53:54 2016 +0200 These functions provide a way to compare parsed certificates. They were used internally and they are quite useful to be made available. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 2 15:36:37 2016 +0200 gnutls_pkcs11_obj_get_exts: updated documentation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 2 12:09:03 2016 +0200 gnutls_x509_crt_import_url: updated documentation for new function name -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 2 12:05:48 2016 +0200 gnutls_pkcs11_add_provider: clarified params description -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 2 08:38:32 2016 +0200 tests: added checks on PKCS#1 digest info encoding/decoding -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 2 08:37:45 2016 +0200 gnutls_decode_ber_digest_info: return more precise error code on unknown hash @@ -30609,7 +35641,7 @@ Date: Mon May 2 08:37:45 2016 +0200 That is instead of returning GNUTLS_E_UNKNOWN_ALGORITHM on unknown hash, return GNUTLS_E_UNKNOWN_HASH_ALGORITHM. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon May 2 08:35:58 2016 +0200 errors.h: removed terminating colon on gnutls_assert() output @@ -30676,7 +35708,7 @@ Date: Fri Apr 29 19:02:45 2016 +0200 tests: added checks for base64 functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 18:04:50 2016 +0200 .gitlab-ci.yml: added code coverage run @@ -30684,22 +35716,22 @@ Date: Fri Apr 29 18:04:50 2016 +0200 This enhances a test to print the code coverage of the test suite, which in turn is being used/reported by gitlab CI interface. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 14:53:40 2016 +0200 ax_code_coverage.m4: updated to latest version -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 13:12:36 2016 +0200 libtasn1: updated to latest version -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 12:57:23 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 12:56:24 2016 +0200 errors.h: gnutls_assert() will log the function name in addition to filename/line @@ -30707,7 +35739,7 @@ Date: Fri Apr 29 12:56:24 2016 +0200 This is quite necessary after the filenames were simplified and we have filenames with identical names in the directory structure. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 12:34:43 2016 +0200 tests: added check for SRP ID change during rehandshake @@ -30715,7 +35747,7 @@ Date: Fri Apr 29 12:34:43 2016 +0200 The tests make sure that username changes are allowed if the flag GNUTLS_ALLOW_ID_CHANGE is specified, and prohibited otherwise. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 11:47:58 2016 +0200 tests: added check for PSK ID change during rehandshake @@ -30723,7 +35755,7 @@ Date: Fri Apr 29 11:47:58 2016 +0200 The tests make sure that username changes are allowed if the flag GNUTLS_ALLOW_ID_CHANGE is specified, and prohibited otherwise. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 10:23:45 2016 +0200 handshake: enhance same certificate checks to apply to PSK/SRP username @@ -30732,32 +35764,32 @@ Date: Fri Apr 29 10:23:45 2016 +0200 clients will not be allowed to present another certificate than the original, or change their username for PSK or SRP ciphersuites. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 09:39:13 2016 +0200 tests: added 'PFS' and 'SUITEB128' into the list of checked priority strings -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 09:29:45 2016 +0200 tests: fail() function will also print function and line information -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 09:36:02 2016 +0200 _gnutls_hex2bin: refuse to decode odd-sized hex data -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 29 09:32:52 2016 +0200 tests: added unit tests on the HEX encoding/decoding functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 18:08:56 2016 +0200 certtool: eliminated memory leaks in DH parameter printing/generation. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 17:42:49 2016 +0200 certtool: combined all the seed decoding methods to a single one @@ -30765,44 +35797,44 @@ Date: Thu Apr 28 17:42:49 2016 +0200 That not only simplifies the code, but also allows decoding hex strings which contain not hex chars (and that allows decoding hex of the form XX:XX:XX) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 17:31:24 2016 +0200 Revert "tests: ensure the seed is provided in plain hex" This reverts commit 0ea7206e12f52f6ed50c4a76ea0a23f5470115b2. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 16:41:26 2016 +0200 tests: check certtool dh-parameter generation with --provable option -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 16:38:16 2016 +0200 tests: ensure the seed is provided in plain hex -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 16:34:29 2016 +0200 certtool: allow specifying seed size when generating provable DH parameters -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 14:34:17 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 14:26:19 2016 +0200 tests: simplified custom-urls check -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 14:22:44 2016 +0200 tests: added check on whether builtin URLs cannot be overriden -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 14:09:44 2016 +0200 keys: custom URLs take precedence over pre-defined URLs @@ -30812,22 +35844,22 @@ Date: Thu Apr 28 14:09:44 2016 +0200 Resolves #89 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 16:45:44 2016 +0200 x25519: ensure that a valid private key is present on key derivation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 10:33:47 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 10:32:51 2016 +0200 tests: added check for GNUTLS_FORCE_CLIENT_CERT init flag -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 10:31:50 2016 +0200 instead of assigning a variable per flag use the init flags directly @@ -30835,7 +35867,7 @@ Date: Thu Apr 28 10:31:50 2016 +0200 That is store the flags provided in gnutls_init() in the session structure and use these flags directly when required. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 09:28:54 2016 +0200 added flag in session to force sending a client certificate @@ -30847,14 +35879,14 @@ Date: Thu Apr 28 09:28:54 2016 +0200 With that approach this use case is handled by the "automatic" certificate selection functions. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 13:28:50 2016 +0200 .gitlab-ci.yml: do not load submodules on CI since they are not used This reduces the CI running time. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 28 09:27:24 2016 +0200 tests: check client behavior of sending CA certificates @@ -30884,12 +35916,12 @@ Date: Wed Apr 27 07:38:47 2016 +0200 examples: corrected the required version of example -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 26 15:03:08 2016 +0200 tests: enhanced dane testing with offline verification checks -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 26 14:34:26 2016 +0200 dane: verification will not fail if a CA entry is encountered but cannot be verified @@ -30899,22 +35931,22 @@ Date: Tue Apr 26 14:34:26 2016 +0200 the previous behavior verification would have failed, while now this entry will be skipped. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 26 13:54:17 2016 +0200 doc: improved documentation on certificate and DANE verification functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 26 13:35:35 2016 +0200 dane: updated documentation of dane_verify_crt_raw -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 26 13:00:46 2016 +0200 doc: added clarifications on documentation for dane_state_t -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 26 12:56:35 2016 +0200 manpages: include the dane functions into the distributed pages @@ -30972,12 +36004,12 @@ Date: Sat Apr 23 15:20:21 2016 +0200 tests: include self tests with CURVE-X25519 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 22 13:17:38 2016 +0200 gnutls-cli: enhanced KX benchmark with X25519 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 22 12:25:59 2016 +0200 handshake: added support for ECDH with curve X25519 @@ -31018,24 +36050,24 @@ Date: Sat Apr 23 14:52:03 2016 +0200 README-alpha.md: updated badges with the new gitlab URLs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 22 09:26:55 2016 +0200 doc: document the TPM 1.2 limitation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 21 16:50:46 2016 +0200 doc: tpm: include short instructions on initializing the TPM chip -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 20 16:19:32 2016 +0200 tests: hash-large: use private mmap() This reduces the memory usage of the test significantly on Linux. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 20 12:04:09 2016 +0200 tests: use mmap() for large memory allocations in systems that support it @@ -31043,24 +36075,24 @@ Date: Wed Apr 20 12:04:09 2016 +0200 That allows the hash-large test to run on systems which its calloc() is attempting to allocate an impossible amount of memory. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 20 11:28:21 2016 +0200 tests: use /bin/bash for tests that use bashisms -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 20 11:02:10 2016 +0200 tests: don't run danetool.sh if danetool is not present That prevents test suite failure in systems without libunbound. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 20 10:08:23 2016 +0200 gnutls_int.h: allow compiling with system (gnutls) headers -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 20 13:44:59 2016 +0200 .gitlab-ci.yml: added build rule on freebsd @@ -31085,19 +36117,19 @@ Date: Tue Apr 19 22:37:22 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 19 19:25:08 2016 +0200 gnutls-cli-debug: enable socket verbosity when --verbose is given -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 19 19:23:23 2016 +0200 tools: explicitly initialize socket struct to zero That resolves issue where verbose was enabled by default. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 19 19:18:05 2016 +0200 tools: avoid extracting the value of the app-proto alias @@ -31106,29 +36138,29 @@ Date: Tue Apr 19 19:18:05 2016 +0200 that libopts doesn't report any value for the former. This corrects the starttls capability of danetool and gnutls-cli-debug. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 19 19:12:51 2016 +0200 tools: document the starttls capability -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 19 09:20:04 2016 +0200 tests: do not run danetool.sh on windows The test fails due to CRLF. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 18 16:24:34 2016 +0200 tools: avoid relying on static buffers for service name -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 18 16:16:59 2016 +0200 tests: added basic check on danetool --tlsa-rr option -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 18 16:03:37 2016 +0200 danetool: Allow specifying a service name into port option @@ -31145,17 +36177,17 @@ Date: Mon Apr 18 15:15:32 2016 +0200 On other platforms GnuTLS may need to second-guess what the library is reporting, but on NaCl this is unsafe. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 18 12:03:05 2016 +0200 gnutls-serv: don't send closure messages in failed handshakes -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 18 11:46:39 2016 +0200 client key exchange: fail if the client KX message is padded with additional bytes -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 18 11:18:04 2016 +0200 _wrap_nettle_pk_derive: reject values of public key that are over the prime @@ -31167,7 +36199,7 @@ Date: Mon Apr 18 11:18:04 2016 +0200 Resolves #84 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 15 10:17:32 2016 +0200 tests: suite: disable any openssl cpu optimizations @@ -31176,17 +36208,17 @@ Date: Fri Apr 15 10:17:32 2016 +0200 any new instruction optimizations which are not supported by valgrind. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 15 10:14:22 2016 +0200 doc: further updated documentation on false start [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 14 19:32:22 2016 +0200 doc: updated documentation on false start -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 14 19:23:13 2016 +0200 tests: enhanced the false start checks @@ -31195,7 +36227,7 @@ Date: Thu Apr 14 19:23:13 2016 +0200 as expected after handshake, DTLS, as well as test explicit handshake called by the application. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 14 19:20:36 2016 +0200 Updated false start support to be transparent to applications. @@ -31205,51 +36237,51 @@ Date: Thu Apr 14 19:20:36 2016 +0200 this point false start will be performed by the handshake if possible, and gnutls_record_recv() will handle handshake completion. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 14 11:11:01 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 14 11:02:59 2016 +0200 doc: updated docs related to private key generation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 14 10:54:49 2016 +0200 certtool: do not allow combining --provable with --ecc in key generation There is no such support in the library. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 14 10:33:55 2016 +0200 updated auto-generated files for new APIs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 14 10:28:36 2016 +0200 doc: added tlsproxy example reference into documentation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 15:55:56 2016 +0200 tests: pem-decoding: fixed issue preventing out-of-tree checks -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 15:48:58 2016 +0200 tests: pem-decoding: use unique temp files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 14:06:02 2016 +0200 tests: enhanced mini-x509-kx with ECDHE-ECDSA ciphersuite testing Also renamed it to cert-key-exchange for easier tracking. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 13:59:02 2016 +0200 handshake: do not overwrite the server's signature algorithm @@ -31258,22 +36290,22 @@ Date: Wed Apr 13 13:59:02 2016 +0200 would overwrite the server's idea about the used signature algorithm. Reported by Hubert Kario. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 13:50:59 2016 +0200 tests: enhanced mini-x509-kx with client auth scenarios -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 13:39:38 2016 +0200 tests: verify that the output of gnutls_sign_algorithm_get() is the expected one -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 13:06:23 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 11:43:56 2016 +0200 ocsp: increased the preallocated space in check_ocsp_purpose to account for null terminator @@ -31281,14 +36313,14 @@ Date: Wed Apr 13 11:43:56 2016 +0200 This relates to gnutls_x509_crt_get_key_purpose_oid() change to return null-terminated OIDs. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 11:28:13 2016 +0200 tests: enhanced and simplified SHA3 tests Included checks about SHA3-224 and SHA3-384. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 11:05:19 2016 +0200 tests: added check of GOST cert decoding/printing @@ -31296,7 +36328,7 @@ Date: Wed Apr 13 11:05:19 2016 +0200 This verifies whether our printing functions print the OID on unknown/unsupported algorithms. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 11:04:12 2016 +0200 x509 output: print the OID of certificates/CRLs/CRQs with unknown algorithms @@ -31304,7 +36336,7 @@ Date: Wed Apr 13 11:04:12 2016 +0200 That is, if any unknown signature or subject public key algorithm is encountered the OID will be printed instead. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 10:27:14 2016 +0200 tests: added basic tests for CSR parsing @@ -31312,29 +36344,29 @@ Date: Wed Apr 13 10:27:14 2016 +0200 This mainly includes tests on the new gnutls_x509_crq_get_signature_oid() and gnutls_x509_crt_get_algorithm_oid(). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 10:16:29 2016 +0200 tests: added basic tests on CRL parsing That includes testing on the new gnutls_x509_crl_get_signature_oid() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 09:51:46 2016 +0200 tests: added basic functionality tests for gnutls_x509_crt_get_*_oid -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 09:43:31 2016 +0200 Added gnutls_x509_crl_get_signature_oid -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 09:39:21 2016 +0200 Added gnutls_x509_crq_get_signature_oid and gnutls_x509_crq_get_pk_oid -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 09:17:08 2016 +0200 Added gnutls_x509_crt_get_signature_oid and gnutls_x509_crt_get_pk_oid @@ -31342,12 +36374,12 @@ Date: Wed Apr 13 09:17:08 2016 +0200 These functions can directly provide the textual object identifier of their corresponding fields. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 09:03:56 2016 +0200 gnutls_x509_crt_get_key_purpose_oid: copy the OID as a null-terminated string -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 13 08:53:23 2016 +0200 sign: corrected digest in SHA3-224 OID mapping @@ -31379,7 +36411,7 @@ Date: Tue Apr 12 19:25:18 2016 +0200 danetool: corrected typo in manual [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 12 16:07:41 2016 +0200 gnutls_packet_get: avoid null pointer dereference on NULL input @@ -31387,17 +36419,17 @@ Date: Tue Apr 12 16:07:41 2016 +0200 That is, still allow the function to handle a NULL packet input but reset the data contents. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 12 16:04:24 2016 +0200 gnutls_x509_privkey_verify_seed: corrected typo that made the function always return true -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 12 16:02:20 2016 +0200 _gnutls_asn2err: declared as constant function -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 12 15:37:38 2016 +0200 load_dir_certs: use readdir() in all platforms @@ -31406,7 +36438,7 @@ Date: Tue Apr 12 15:37:38 2016 +0200 and the use of readdir() is recommended. As such we switch to it on all platforms. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 12 15:26:42 2016 +0200 tests: combined the resume checks for Anonymous and PSK ciphersuites @@ -31414,7 +36446,7 @@ Date: Tue Apr 12 15:26:42 2016 +0200 In addition enhanced it to check the resumption on the certificate ciphersuites as well. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 12 14:21:04 2016 +0200 configure: Add a code coverage option @@ -31424,12 +36456,12 @@ Date: Tue Apr 12 14:21:04 2016 +0200 Show coverage output with: make && make check && make code-coverage-capture -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 12 14:17:26 2016 +0200 Makefile.am: moved common rules (AM_CFLAGS) to common.mk -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 12 12:12:40 2016 +0200 gnutls_ocsp_resp_get_single: fail if thisUpdate is not available or unparsable @@ -31437,12 +36469,12 @@ Date: Tue Apr 12 12:12:40 2016 +0200 That is because this field is not optional, and a failure on its parsing is always fatal. Reported by Yuan Jochen Kang. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 12 12:08:35 2016 +0200 gnutls_x509_privkey_import2: document an intentional fall through -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 11 16:48:46 2016 +0200 README: add abi-compliance-checker into install instructions @@ -31529,19 +36561,19 @@ Date: Fri Apr 8 19:40:28 2016 +0200 doc: replace inaccurate sentence with reference to gnutls_record_discard_queued [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 8 15:40:06 2016 +0200 gnutls_record_get_direction: doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 8 14:13:26 2016 +0200 tests: reduce the number of loops in x509sign-verify2 This enables running the test in reasonable time under valgrind. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 8 13:36:44 2016 +0200 pkix.asn: corrected byKey definition @@ -31549,19 +36581,19 @@ Date: Fri Apr 8 13:36:44 2016 +0200 OCSP is defined in an EXPLICIT tags module, and as such we must tag explicitly all of its tags. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 5 13:22:29 2016 +0200 tests: check the generation of IP name constraints with certtool -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 5 13:21:53 2016 +0200 certtool: allow generating IP name constraints Relates #83 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 5 13:16:07 2016 +0200 _gnutls_parse_general_name2: allow parsing empty names @@ -31569,19 +36601,19 @@ Date: Tue Apr 5 13:16:07 2016 +0200 This allows parsing empty general names such as an empty DNSname used in name constraints. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 5 11:54:50 2016 +0200 name constraints: enforce the rules for IP constraints when adding This will prevent gnutls from generating badly formed certificates. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 5 10:36:05 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 5 10:33:18 2016 +0200 .gitignore: more files to ignore @@ -31596,7 +36628,7 @@ Date: Wed Mar 16 14:21:41 2016 +0900 Co-authored-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 5 09:08:14 2016 +0200 .gitlab-ci.yml: added C99 target for the library @@ -31604,7 +36636,7 @@ Date: Tue Apr 5 09:08:14 2016 +0200 This compiles the library using gcc options for the C99 standard. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 5 08:44:34 2016 +0200 README: updated libtasn1 URL [ci skip] @@ -31635,12 +36667,12 @@ Date: Sat Apr 2 11:16:19 2016 +0200 README.CODING_STYLE: set C99 as the C dialect of choice -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 1 11:10:56 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 1 11:08:38 2016 +0200 tests: added check for system priority file loading and parsing @@ -31648,7 +36680,7 @@ Date: Fri Apr 1 11:08:38 2016 +0200 This checks whether the file is properly loaded and its contents are parsed as expected. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 1 10:46:12 2016 +0200 priorities: preload the system priorities on library loading time @@ -31658,12 +36690,12 @@ Date: Fri Apr 1 10:46:12 2016 +0200 variable GNUTLS_SYSTEM_PRIORITY_FILE which can be used to override the global priority file. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 31 17:25:45 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 31 17:24:37 2016 +0200 tests: added check of verification using MD5 with and without --verify-allow-broken @@ -31671,7 +36703,7 @@ Date: Thu Mar 31 17:24:37 2016 +0200 This tests certtool and whether it fails verification of MD5 chains with no --verify-allow-broken, or whether it succeeds if given. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 31 17:15:34 2016 +0200 tests: added PKCS #7 signing/verification test with broken sigs (MD5) @@ -31680,22 +36712,22 @@ Date: Thu Mar 31 17:15:34 2016 +0200 and verify structures signed with broken algoritms if --verify-allow-broken is given to certtool. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 31 16:58:37 2016 +0200 certtool: added flag to allow verification using broken algorithms -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 31 09:46:44 2016 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 31 10:29:59 2016 +0200 tests: check whether resumption data from resumed session work -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 31 09:40:09 2016 +0200 session resumption: lift the limitation of calling gnutls_session_get_data*() on non-resumed sessions @@ -31706,17 +36738,17 @@ Date: Thu Mar 31 09:40:09 2016 +0200 Resolves #79 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 31 09:45:43 2016 +0200 dtls: added missing dtls.h to state.c -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 30 12:24:09 2016 +0200 tests: added check for gnutls_record_set_state() under DTLS -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 30 11:37:49 2016 +0200 dtls: reset the record number sliding window on gnutls_record_set_state() @@ -31727,17 +36759,17 @@ Date: Wed Mar 30 11:37:49 2016 +0200 Resolves #82 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 30 10:13:18 2016 +0200 x509/output: simplified cidr_to_string() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 29 16:14:15 2016 +0200 .gitignore: more files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 29 16:11:36 2016 +0200 tests: check gnutls_record_get_state() with DTLS @@ -31748,7 +36780,7 @@ Date: Tue Mar 29 16:11:36 2016 +0200 the "correct" value when asked. Correct being the next number after the last received packet. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 29 15:52:59 2016 +0200 DTLS: save last valid record sequence number @@ -31756,27 +36788,27 @@ Date: Tue Mar 29 15:52:59 2016 +0200 This will allow to report a valid number to gnutls_record_get_state() callers in case of DTLS. Reported by Fridolin Pokorny. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 29 15:34:37 2016 +0200 tests: delete outfile in certtool-long-cn -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 29 15:33:27 2016 +0200 tests: verify the output of name constraints IP decoding -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 29 15:04:11 2016 +0200 x509/output: print RFC5280 CIDRs in name constraints -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 29 14:11:56 2016 +0200 tests: check the sequence numbers produced by gnutls_record_get_state() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 29 14:08:58 2016 +0200 gnutls_record_get_state: Allow for NULL parameters @@ -31864,7 +36896,7 @@ Date: Mon Feb 15 12:14:52 2016 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 21 11:29:08 2016 +0100 gnutls-cli: corrected usage of gnutls_session_get_data() @@ -31873,17 +36905,17 @@ Date: Mon Mar 21 11:29:08 2016 +0100 one resumption in servers which use tickets and don't resend the ticket on subsequent connections. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 18 13:10:40 2016 +0100 testcompat-openssl: enable TLS 1.2 tests with openssl 1.0.1+ -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 18 11:21:35 2016 +0100 tests: verify that the post-client-hello callback has access to ALPN data -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 18 10:35:46 2016 +0100 .gitlab-ci.yml: don't use git submodule update, not needed for our testsuite @@ -31906,7 +36938,7 @@ Date: Tue Mar 15 18:21:32 2016 +0300 Signed-off-by: Yuriy M. Kaminskiy Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 18 09:44:40 2016 +0100 tests: added checks for session resumption and ALPN @@ -31914,7 +36946,7 @@ Date: Fri Mar 18 09:44:40 2016 +0100 This checks whether the ALPN extension is re-read on resumption and is negotiated. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 16 10:00:17 2016 +0100 x86-common: CPUID override will only work if CPU has already the capability present @@ -31922,7 +36954,7 @@ Date: Wed Mar 16 10:00:17 2016 +0100 This resolves test suite failure on CPUs with limited capabilities. Reported by Andreas Metzler. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 17:35:12 2016 +0100 Introduced GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING @@ -31951,7 +36983,7 @@ Date: Wed Mar 16 20:57:31 2016 +0100 Relates #78 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 15 12:00:39 2016 +0100 tests: template-test was updated for OCSP key purpose reordering @@ -31972,7 +37004,7 @@ Date: Mon Mar 14 10:44:07 2016 +0100 * doc/gnutls-guile.texi (Input and Output): Mention "Application Data" packets and buffering. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 15 11:20:16 2016 +0100 certtool: do not require a CA for OCSP signing @@ -31983,14 +37015,14 @@ Date: Tue Mar 15 11:20:16 2016 +0100 Reported by Thomas Klute. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 14 14:06:01 2016 +0100 doc: updated text for gnutls_ocsp_status_request_is_checked() Relates #75 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 14 13:56:17 2016 +0100 doc: clarified expectations on gnutls_datum_t @@ -32009,14 +37041,14 @@ Date: Sun Mar 13 11:39:22 2016 +0100 That will avoid any accidental ABI breakage on that symbol. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 11 14:45:02 2016 +0100 .gitlab-ci.yml: added abi-checker rule This allows to test ABI incompatibilities as soon as possible. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 11 14:36:39 2016 +0100 Makefile: made abi-checks self-contained @@ -32025,17 +37057,17 @@ Date: Fri Mar 11 14:36:39 2016 +0100 outside git. It now includes a static dump of the symbols in 3.4.0 for x86_64 and we compare with it. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 11 11:52:17 2016 +0100 certtool: better error handling in file_size() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 11 11:47:12 2016 +0100 gnutls-cli: fix invalid initialization in cert_verify_ocsp() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 11 11:45:23 2016 +0100 gnutls-serv: human_addr always returns a non-null argument @@ -32043,34 +37075,34 @@ Date: Fri Mar 11 11:45:23 2016 +0100 This addresses issue with libc's which don't support printf() with a NULL argument. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 8 15:10:07 2016 +0100 tests: testpkcs11: the test will always fail in code path failures -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 8 10:12:22 2016 +0100 README: list the main branches build status [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 7 11:50:34 2016 +0100 gnutls_system_recv_timeout: restore poll on EINTR -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 7 10:47:43 2016 +0100 doc: corrected typo [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 7 10:42:14 2016 +0100 gnutls_ocsp_status_request_is_checked: document the version the flag was introduced at Relates: #75 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 7 10:25:57 2016 +0100 doc: generate manpages for all functions @@ -32078,7 +37110,7 @@ Date: Mon Mar 7 10:25:57 2016 +0100 That addresses issue where certain manpages were created empty. See https://bugzilla.redhat.com/show_bug.cgi?id=1306800 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 7 10:11:37 2016 +0100 doc: mention gnutls_certificate_set_x509_trust_dir() @@ -32088,17 +37120,17 @@ Date: Mon Mar 7 10:11:37 2016 +0100 Resolves #76 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 7 09:30:44 2016 +0100 tests: mini-loss-time: improved timeout detection -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 4 10:16:51 2016 +0100 corrected typo in comment [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 1 16:23:55 2016 +0100 configure: silence clang's warnings @@ -32125,7 +37157,7 @@ Date: Wed Mar 2 09:59:19 2016 +0100 Update NEWS. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 1 14:50:42 2016 +0100 Disable weak symbols for _gnutls_global_init_skip() under windows @@ -32135,7 +37167,7 @@ Date: Tue Mar 1 14:50:42 2016 +0100 Relates #74 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 1 13:19:29 2016 +0100 .gitlab-ci.yml: asan, clang and valgrind builds were made arch-independent @@ -32162,66 +37194,66 @@ Date: Mon Feb 29 17:06:12 2016 +0100 Suggested by Bjorn Jacke. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 29 13:23:25 2016 +0100 tests: always used the slow (portable) version of get16bits This prevents issues with misaligned addresses and undefined sanitizer. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 29 12:46:47 2016 +0100 timespec_sub_ms: fixed operation in 32-bit systems -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 29 10:23:20 2016 +0100 .gitlab-ci.yml: don't use the internal libtasn1 when compiling with libubsan This prevents build failures due to issues in libtasn1 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 29 10:22:13 2016 +0100 tests: Fixes to prevent undefined behavior (found with libubsan) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 29 10:18:58 2016 +0100 pkcs11: Fixes to prevent undefined behavior (found with libubsan) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 29 09:58:40 2016 +0100 cipher.c: Fixes to prevent undefined behavior (found with libubsan) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 29 09:57:40 2016 +0100 ecc: optimized extension parsing -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 29 09:48:12 2016 +0100 opencdk: Fixes to prevent undefined behavior (found with libubsan) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 29 09:48:02 2016 +0100 gnutls.h: Fixes to prevent undefined behavior (found with libubsan) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 29 09:43:32 2016 +0100 x509: Fixes to prevent undefined behavior (found with libubsan) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 29 09:27:23 2016 +0100 x509: cleanup in privkey.c -Author: Andreas Metzler +Author: Andreas Metzler Date: Sun Feb 28 15:35:01 2016 +0100 Let p11tool --provider option accept filenames. @@ -32259,27 +37291,27 @@ Date: Sat Feb 27 22:23:34 2016 +0100 .gitlab-ci.yml: asan and ubsan include the suite/ -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 23 10:35:14 2016 +0100 .gitignore: more files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 23 10:33:18 2016 +0100 doc: documented false start functionality -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 23 10:23:57 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 23 10:14:53 2016 +0100 tests: Added checks for false start operation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 23 09:40:26 2016 +0100 Added gnutls_handshake_set_false_start_function() @@ -32313,7 +37345,7 @@ Date: Sat Feb 27 17:56:36 2016 +0100 added getpid() to the list of system calls used -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 26 14:41:12 2016 +0100 .gitlab-ci.yml: added compilation rule with libubsan @@ -32343,12 +37375,12 @@ Date: Thu Feb 25 15:21:29 2016 +0100 Signed-off-by: Jan Vcelak -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 26 12:00:55 2016 +0100 better match with unknown_tls_aid -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 26 11:54:05 2016 +0100 x509: moved time-specific functions to time.c @@ -32361,29 +37393,29 @@ Date: Wed Feb 24 12:42:26 2016 +0200 Without this, compiling Android for x86 or x86-64 fails because the assembly optimizations are not compiled in. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 25 15:45:04 2016 +0100 mentioned the public git URL for cloning [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 24 15:12:23 2016 +0100 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 24 14:55:19 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 24 14:53:59 2016 +0100 tests: check functions which export session parameters That is gnutls_session_get_random() and gnutls_session_get_master_secret(). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 24 14:43:17 2016 +0100 Added gnutls_session_get_master_secret @@ -32393,22 +37425,22 @@ Date: Wed Feb 24 14:43:17 2016 +0100 Resolves #64 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 22 15:51:11 2016 +0100 tests: gnutls_session_get_flags() is checked for extended master secret -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 22 15:49:25 2016 +0100 tests: check gnutls_session_get_flags() for EtM -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 22 15:46:33 2016 +0100 tests: check gnutls_session_get_flags() for safe renegotiation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 22 15:26:46 2016 +0100 Added gnutls_session_get_flags() @@ -32417,7 +37449,7 @@ Date: Mon Feb 22 15:26:46 2016 +0100 flags which we may want to indicate, and would not require API additions for new flags. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 22 11:57:30 2016 +0100 Revert ".gitlab-ci.yml: disable guile tests" @@ -32433,12 +37465,12 @@ Date: Sun Feb 21 18:58:35 2016 +0100 * guile/Makefile.am (.in.scm): Make the parent directory of $@. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 18 17:04:24 2016 +0100 Improved documentation in _gnutls_sort_clist -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 18 16:43:51 2016 +0100 gnutls_x509_crt_list_import: corrected memory leak @@ -32446,7 +37478,7 @@ Date: Thu Feb 18 16:43:51 2016 +0100 This was triggered if GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED was specified and a failure occurred. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 18 15:59:31 2016 +0100 _gnutls_sort_clist: fixed issues when used with func option @@ -32455,12 +37487,12 @@ Date: Thu Feb 18 15:59:31 2016 +0100 included in the list, and would not call func() if the size of the final chain was one. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 18 15:10:54 2016 +0100 tests: added tests for gnutls_pcert_list_import_x509_raw() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 18 14:29:20 2016 +0100 ext master secret: ensure we disable ext master secret if requested @@ -32468,7 +37500,7 @@ Date: Thu Feb 18 14:29:20 2016 +0100 That is, on rehandshakes, as on the standard handshakes it is disabled by default. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 18 14:18:04 2016 +0100 tests: verify that we do not allow rehandshakes without ext master @@ -32476,27 +37508,27 @@ Date: Thu Feb 18 14:18:04 2016 +0100 That is, if we have an initial session which uses the extended master secret do not allow subsequent rehandshakes to skip it. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 18 11:53:20 2016 +0100 tests: sha3-test: use different dates for generation and validation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 18 10:55:32 2016 +0100 certtool: eliminated memory leaks -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 18 10:28:33 2016 +0100 bumped the version of max algorithm num to account for new signing algorithms -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 18 09:17:17 2016 +0100 src: added systemkey-args to BUILT_SOURCES -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 17 15:19:08 2016 +0100 tests: simplified sha3-test @@ -32506,31 +37538,31 @@ Date: Wed Feb 17 05:43:24 2016 +0100 cross.mk: updated for gnutls 3.4.9, nettle 3.2, gmp 6.1.0 and p11-kit 0.23.2 [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 16 16:46:54 2016 +0100 .gitlab-ci.yml: disable guile tests This prevents the test suite from failing. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 16 16:40:09 2016 +0100 doc update [ci skip] -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 16:18:00 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 16:13:12 2016 +0100 tests: resume: check whether the server does not resume in ext master secret mismatch Relates #69 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 16:10:31 2016 +0100 Ensure that session resumption does not occur when ext master secret status changes @@ -32541,17 +37573,17 @@ Date: Thu Feb 11 16:10:31 2016 +0100 Relates #69 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 14:45:40 2016 +0100 tests: resume: simplified structure assignment using C99 syntax -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 15 10:52:55 2016 +0100 tests: added certification generation tests with SHA-3 tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 15 10:37:57 2016 +0100 Added NIST's OIDs for SHA3 signature algorithms @@ -32643,7 +37675,7 @@ Date: Thu Feb 11 23:04:31 2016 +0100 * guile/.dir-locals.el: New file. * guile/Makefile.am (EXTRA_DIST): New variable. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 15 09:52:10 2016 +0100 tests: mini-loss-time: ensure client timeouts after the server is @@ -32698,17 +37730,17 @@ Date: Sat Feb 6 22:44:37 2016 +0100 provable prime generation: arbitrary seed lengths are accepted in non-FIPS mode -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 12:10:57 2016 +0100 gnutls-cli: improved indentation in benchmark output -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 11:43:27 2016 +0100 certtool: removed unused variable -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 11:00:15 2016 +0100 certtool: the --generate-dh-params option can be combined with --provable @@ -32718,29 +37750,29 @@ Date: Thu Feb 11 11:00:15 2016 +0100 Resolves #72 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 10:42:34 2016 +0100 certtool: the --dh-info option will retrieve DH parameters from DSA keys -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 10:34:52 2016 +0100 tests: added check for gnutls_dh_params_import_dsa -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 10:05:58 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 11 10:05:13 2016 +0100 Added gnutls_dh_params_import_dsa() which allows to import DSA parameters into DH ones This simplifies importing DSA private keys into DH parameters. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 10 14:29:47 2016 +0100 tests: set_pkcs12_cred: existing tests are disabled when in FIPS140-2 mode @@ -32763,12 +37795,12 @@ Date: Sat Feb 6 18:16:59 2016 +0100 text which suggests that these functions are optional, "helper" functions when in fact their usage is required for encapsulation reasons. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Feb 10 10:11:00 2016 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 8 11:23:33 2016 +0100 ALPN: added the GNUTLS_ALPN_SERVER_PRECEDENCE flag @@ -32778,7 +37810,7 @@ Date: Mon Feb 8 11:23:33 2016 +0100 Resolves #71 -Author: Andreas Metzler +Author: Andreas Metzler Date: Tue Feb 9 13:37:49 2016 +0100 improve doc on special keywords in priority string @@ -32801,26 +37833,26 @@ Date: Wed Feb 3 09:20:05 2016 +0100 tests: pkcs11-pubkey-import-ecdsa will only work under softhsmv2 -Author: Andreas Metzler +Author: Andreas Metzler Date: Sun Jan 31 17:59:37 2016 +0100 Fix some more typos. certifcate, funtion, withing, missmatch -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Jan 30 12:18:55 2016 +0100 tests: updated check to account for revert in 7d3caedb8df9d04eee9513cb5b3b417ae29927f5 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Jan 30 12:15:07 2016 +0100 Revert "tests: updated to account for cert generation after 2adb9b2bfb31afebbdd9f990e2b74c9a3d4e5c57 fix" This reverts commit 735dbde324be6c8785a3dea5f09c82b6a8ad298b. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sat Jan 30 11:15:13 2016 +0100 Revert "Fix out-of-bounds read in gnutls_x509_ext_export_key_usage" @@ -32830,12 +37862,12 @@ Date: Sat Jan 30 11:15:13 2016 +0100 This reverts commit ffbc9aaea7dcf29c03784d128b83f0682357858d. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 28 13:14:14 2016 +0100 certtool: corrected email escaping in texinfo -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 28 10:45:17 2016 +0100 Replaced select() system call with poll() on POSIX systems @@ -32843,22 +37875,22 @@ Date: Thu Jan 28 10:45:17 2016 +0100 This allows to use the default gnutls functions with file descriptors over the maximum supported by select. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 25 11:08:21 2016 +0100 tests: windows: fixed check-output call -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 22 16:34:29 2016 +0100 tests: added dummy functions used by CAPI32 implementation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 22 16:33:48 2016 +0100 tests: better checking for failure in windows cng check -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 22 12:59:47 2016 +0100 system-key-win: call CertFreeCertificateContext() @@ -32868,17 +37900,17 @@ Date: Fri Jan 22 11:52:21 2016 +0100 system-key-win: added interface to CAPI, old style crypto api on windows -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 21 14:45:56 2016 +0100 certtool: corrected texinfo output for krb5_principal -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 21 12:58:56 2016 +0100 tests: priorities: account for the addition of CHACHA20-POLY1305 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 21 12:00:33 2016 +0100 CHACHA20_POLY1305 was added to the default priority strings @@ -32891,7 +37923,7 @@ Date: Mon Jan 18 18:38:36 2016 +0100 gnutls_global_init: log gnutls' version on initialization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 18 15:56:02 2016 +0100 doc: corrected typo [ci skip] @@ -32923,12 +37955,12 @@ Date: Thu Jan 14 17:04:54 2016 +0100 README: auto-generated from README-install.md -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 14 14:50:34 2016 +0100 gnutls_int.h: increased MAX_SERVER_NAME_SIZE to 256 bytes -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 13 13:14:55 2016 +0100 gnutls_pubkey_import_x509_raw: fixed memory leak @@ -32938,12 +37970,12 @@ Date: Fri Jan 8 16:26:21 2016 +0100 tests: added check for the krb5_principal template option -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 11 15:11:41 2016 +0100 certtool: introduced the krb5_principal template option -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 11 15:09:23 2016 +0100 x509: introduced GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL @@ -32951,7 +37983,7 @@ Date: Mon Jan 11 15:09:23 2016 +0100 That allows to print and write KRB5PrincipalName othernames in subject alternative name. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 11 15:19:24 2016 +0100 x509: place newline when printing unsupported othernames @@ -33049,22 +38081,22 @@ Date: Fri Jan 8 11:05:36 2016 +0100 Relates #62 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 7 14:35:59 2016 +0100 trust_list_get_issuer_by_dn: fixed check for DN or SPKI -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 7 14:02:24 2016 +0100 configure: no longer distribute lzip tarballs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 7 14:14:21 2016 +0100 symbols.last: don't include internal symbols into exported list -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 5 11:21:43 2016 +0100 tests: updated to account for cert generation after 2adb9b2bfb31afebbdd9f990e2b74c9a3d4e5c57 fix @@ -33176,7 +38208,7 @@ Date: Wed Dec 30 11:26:30 2015 +0200 certtool: doc update [skip ci] -Author: Andreas Metzler +Author: Andreas Metzler Date: Sat Dec 26 18:24:56 2015 +0100 Fix some typos [ci skip] @@ -33266,39 +38298,39 @@ Date: Fri Dec 18 12:14:08 2015 +0200 Signed-off-by: Alon Bar-Lev Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 18 14:32:25 2015 +0100 certtool: ignore sigpipe This signal was observed under certain cirquimstances -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 18 14:29:05 2015 +0100 certtool: don't close stdout on exit -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 18 14:24:23 2015 +0100 pkcs7: eliminated leak in gnutls_pkcs7_print -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 18 13:56:31 2015 +0100 gnutls_pubkey_import_privkey: document that this operation is not possible in certain keys -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 18 11:40:59 2015 +0100 doc: replace writev with sendmsg in the list of system calls -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 18 10:23:22 2015 +0100 tests: don't run the no-signal test in systems which MSG_NOSIGNAL is not available -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 18 10:15:10 2015 +0100 Reduce the number of used syscalls by using sendmsg() instead of writev() @@ -33319,12 +38351,12 @@ Date: Thu Dec 17 19:57:52 2015 +0200 .gitignore: add m4/extern-inline.m4 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 17 14:19:04 2015 +0100 tests: added check to verify that the PKCS#7 embedded data are recovered as expected -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 17 14:18:17 2015 +0100 certtool: introduced the --p7-show-data option @@ -33332,7 +38364,7 @@ Date: Thu Dec 17 14:18:17 2015 +0100 This option allows printing the embedded data in a PKCS#7 signed structure. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 17 14:17:23 2015 +0100 gnutls_pkcs7_get_embedded_data: added function @@ -33340,24 +38372,24 @@ Date: Thu Dec 17 14:17:23 2015 +0100 This function allows extracting the embedded data from a PKCS#7 signed structure. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 16 16:13:41 2015 +0100 tests: updated pkcs7-gen to account for content-type attribute -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 16 14:52:39 2015 +0100 tests: check whether the content-type attribute is set if we sign using time -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 16 14:28:23 2015 +0100 pkcs7: set by default the content type attribute That is a requirement of rfc5652. Relates #59 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 16 14:02:56 2015 +0100 pkcs7: use the PK_PKIX1_RSA_OID when writing RSA signature OIDs for PKCS#7 structures @@ -33365,7 +38397,7 @@ Date: Wed Dec 16 14:02:56 2015 +0100 That is because there are implementations which cannot cope with the normal RSA signature OIDs. Relates #59 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 16 10:10:20 2015 +0100 pkcs7: Disable the optional fields prior to generating the PKCS#7 structure @@ -33388,7 +38420,7 @@ Date: Tue Dec 15 20:36:29 2015 +0100 build: fix make distclean by including src/gl only once -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 15 13:52:20 2015 +0100 make sure gnutls_assert is present at the cases where GNUTLS_E_INTERNAL_ERROR is returned @@ -33405,19 +38437,19 @@ Date: Mon Dec 14 15:20:25 2015 -0300 Signed-off-by: Gustavo Zacarias -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 15 11:29:09 2015 +0100 certtool: the --p7-time option was made an enable/disable option It remains disabled by default. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Dec 14 15:19:59 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Dec 14 15:03:23 2015 +0100 tests: check whether server returns the correct error code if presented with invalid versions @@ -33427,7 +38459,7 @@ Date: Mon Dec 14 15:03:23 2015 +0100 Relates #42 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Dec 14 14:34:04 2015 +0100 handshake: when receiving a TLS version which is too low fail @@ -33461,12 +38493,12 @@ Date: Thu Dec 10 09:35:59 2015 +0100 gnutls-cli-debug: rephrased inappropriate fallback test description to match the rest -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 8 10:59:02 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 8 10:52:43 2015 +0100 Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA @@ -33474,24 +38506,24 @@ Date: Tue Dec 8 10:52:43 2015 +0100 This prevents the reading of the public key when non-RSA keys are available. This is a much cleaner approach than 5a4e692511dc3a829eda0d7c5a87e56cbc2055f0. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 8 10:48:13 2015 +0100 Revert "Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA" This reverts commit 5a4e692511dc3a829eda0d7c5a87e56cbc2055f0. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 8 10:44:30 2015 +0100 tests: check whether a peer changing certificate is detected -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 8 10:20:34 2015 +0100 tests: doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 8 10:17:49 2015 +0100 Do not allow certificate change during a rehandshake @@ -33541,36 +38573,36 @@ Date: Sun Dec 6 00:46:39 2015 +0100 Signed-off-by: Jan Vcelak -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 2 18:40:28 2015 +0100 gnutls-cli: don't use RSA ciphersuites to test chacha20 as they are not defined -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 2 16:15:03 2015 +0100 documented bug in gnutls_x509_crt_get_*_unique_id() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 1 10:40:23 2015 +0100 tools: don't compile tpmtool if PKCS11 is disabled That is because GnuTLS' TPM code makes use of the PKCS11 PIN callbacks. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 30 10:34:03 2015 +0100 Amend "When decoding extensions do not ignore decoding errors" Do not treat an error the fact that no extensions field is present. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 30 09:49:08 2015 +0100 allow specifying NULL buffer in gnutls_x509_crt_get_*_unique_id() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 26 12:46:02 2015 +0100 NEWS: removed functions that were part of 3.4.x releases @@ -33609,24 +38641,24 @@ Date: Sat Nov 28 10:11:52 2015 +0100 That is because this field is optional. Resolves #53 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 26 11:23:15 2015 +0100 tests: override-ciphers will not run mac tests on windows There is some issue with symbols for self tests not being exported. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 26 09:37:02 2015 +0100 .gitlab-ci.yml: removed separate builddir build from x86-64 targets to reduce builds -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 26 09:32:25 2015 +0100 tests: updates for certtool test to run under windows -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 26 09:25:48 2015 +0100 .gitlab-ci.yml: minimal library no longer requires x86-64 for compilation @@ -33636,79 +38668,79 @@ Date: Wed Nov 25 19:24:15 2015 +0100 .gitlab-ci.yml: in windows build skip the gnulib tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 25 11:57:31 2015 +0100 .gitlab-ci.yml: added windows build -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 25 11:56:49 2015 +0100 tests: changes for running tests under windows -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 25 11:56:06 2015 +0100 tests: cipher-test will forward the prog exit code as the script exit code -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 25 11:25:07 2015 +0100 README: added information for windows build -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 25 10:53:51 2015 +0100 libopts: use the O_BINARY flag in windows for files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 25 10:49:30 2015 +0100 libopts: updated to 5.18.6 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 25 10:25:08 2015 +0100 use consistent terms in system.c and system-keys-win.c -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 25 10:21:46 2015 +0100 tests: added basic functionality testing for system-keys in windows -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 25 09:49:03 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 25 09:46:26 2015 +0100 Added gnutls_encode_ber_digest_info and gnutls_decode_ber_digest_info -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 24 13:27:13 2015 +0100 cross.mk: allow building with mingw64 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 24 13:09:40 2015 +0100 tests: use gnulib where needed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 24 13:04:28 2015 +0100 cross.mk: updated windows cross compile makefile -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 24 13:03:15 2015 +0100 tests: disable global-init-override test in windows Gcc does not support weak symbols on this platform. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 24 12:54:32 2015 +0100 tools: don't call endservent in windows @@ -33748,12 +38780,12 @@ Date: Sat Nov 21 00:52:51 2015 +0100 gnutls_global_init_skip: prefixed with an underscore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 20 13:57:09 2015 +0100 .gitlab-ci.yml: added clang compilation target -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 20 10:11:29 2015 +0100 certtool: check fread_file() for errors in all situations @@ -33761,7 +38793,7 @@ Date: Fri Nov 20 10:11:29 2015 +0100 This caused certtool to crash on invalid input on stdin. Reported by Christoph Biedl. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 19 11:46:39 2015 +0100 doc update @@ -33784,29 +38816,29 @@ Date: Wed Nov 18 20:13:07 2015 +0100 That allows a user of the credentials to disable the certificate matching action. That is, to disable the calls to sign and verify on initialization. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 18 16:39:36 2015 +0100 link with libdl when trousers is enabled; reported by Andreas Schneider -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 18 16:30:24 2015 +0100 enhanced cipher selftests with variable key sizes on arcfour -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 18 15:55:19 2015 +0100 Do not enforce a maximum key size on ARCFOUR That makes the library consistent with the behavior of previous versions (3.3.x) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 18 10:22:31 2015 +0100 gnutls-cli-debug: make TLS 1.6 fallback check more reliable -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 18 09:24:18 2015 +0100 doc update @@ -33816,37 +38848,37 @@ Date: Tue Nov 17 07:09:05 2015 +0100 README: added non-interactive versions of commands -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 16 18:52:48 2015 +0100 .gitlab-ci.yml: disable non-suiteb curves in all systems as we have multiple which are fedoras -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 16 17:28:49 2015 +0100 tests: corrected copyright info -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 16 16:32:04 2015 +0100 documented GNUTLS_SKIP_GLOBAL_INIT macro -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 16 16:30:37 2015 +0100 tests: added check for overriding global initialization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 16 16:25:31 2015 +0100 Added GNUTLS_SKIP_GLOBAL_INIT macro to allow programs skip implicit global initialization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 16 15:02:48 2015 +0100 tests: utils.c: simplify windows check -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 16 12:40:14 2015 +0100 .gitlab-ci.yml: added build and check in FIPS140-2 mode @@ -33873,97 +38905,97 @@ Date: Sun Nov 15 15:51:14 2015 +0100 tests: check operation of TLS and DTLS under seccomp when configured with --enable-seccomp-tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 13 16:39:24 2015 +0100 gnutls_x509_crt_set_subject/issuer_unique_id: added Since in doc -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 13 14:40:20 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 13 11:00:10 2015 +0100 Added documentation on PKCS #7 signing -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 12 16:38:02 2015 +0100 updated chacha20 ciphers to conform to latest draft -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 12 15:03:10 2015 +0100 tests: suite: more shell scripts were given the .sh suffix and simplified makefile -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 12 12:04:04 2015 +0100 tests: verify that unique IDs are generated as expected -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 12 12:03:14 2015 +0100 certtool: Allow writing unique IDs in generated certificates -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 12 11:43:52 2015 +0100 Added gnutls_x509_crt_set_issuer_unique_id() and gnutls_x509_crt_set_subject_unique_id() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 12 11:10:08 2015 +0100 properly indent unique IDs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 12 09:48:27 2015 +0100 tests: added check with the various X.509 key exchanges -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 12 09:29:43 2015 +0100 tests: check rehandshake from anon to DHE -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 11 11:37:30 2015 +0100 documented the GNUTLS_NO_EXPLICIT_INIT environment variable -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 11 11:29:21 2015 +0100 crypto-api: doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 11 11:15:51 2015 +0100 Allow switching a ciphersuite to DHE and ECDHE on a rehandshake -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 11 10:49:31 2015 +0100 tests: added check for ciphersuite switch from anonymous to certificate -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 10 13:31:16 2015 +0100 .gitlab-ci.yml: disable guile in asan builds -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 10 10:34:56 2015 +0100 tests: suite: don't run shell scripts with valgrind -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 10 10:24:44 2015 +0100 tests: testsrn: output errors on stderr -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 10 10:13:35 2015 +0100 deinitialize all handshake keys when handshake is over @@ -34025,27 +39057,27 @@ Date: Mon Nov 9 21:54:09 2015 +0100 tests: run the PKCS #12 tests under valgrind -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 9 18:43:03 2015 +0100 certtool: make sure that pkcs12 structures are deinitialized -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 9 16:01:55 2015 +0100 tests: provable-privkey: fixed DSA test on FIPS140 enabled systems -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 9 15:51:17 2015 +0100 nettle: be more specific in seed size mismatches -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 9 15:43:20 2015 +0100 crypto-backend: ensure there are no leaks on deinitialization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 9 14:29:48 2015 +0100 Require TLS 1.2 for all the ciphersuites which are defined for it only @@ -34064,39 +39096,39 @@ Date: Sat Nov 7 21:51:56 2015 +0100 Modified the CHACHA20 cipher to conform to draft-ietf-tls-chacha20-poly1305-02 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 6 15:02:51 2015 +0100 .gitlab-ci.yml: use static libasan This prevents issues with tests which use LD_PRELOAD. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 6 10:40:39 2015 +0100 .gitlab-ci.yml: disable non-suiteb curves on build on Fedora system -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 5 11:11:29 2015 +0100 tools: better ftp auth tls negotiation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 4 09:49:47 2015 +0100 tests: added check for gnutls_priority_set_default -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 3 10:46:17 2015 +0100 tools: only check for status code in FTP starttls negotiation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 3 10:45:44 2015 +0100 tools: print more info in starttls negotiation when --verbose is given -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 3 09:40:39 2015 +0100 gnutls.pc: don't use the libtool version of the link options @@ -34109,34 +39141,34 @@ Date: Sun Nov 1 01:53:43 2015 +0100 tests: simplified mini-dtls-hello-verify-48 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 30 13:38:36 2015 +0100 tests: added check for blocking on invalid DTLS cookie Relates to #48 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 29 09:28:59 2015 +0100 removed inacurate text -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 23 15:46:33 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 23 15:44:27 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 23 14:17:23 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 22 13:04:32 2015 +0200 doc: document the sign function requirements in gnutls_privkey_import_ext @@ -34151,12 +39183,12 @@ Date: Wed Oct 21 19:48:22 2015 +0200 doc: updated supplemental data documentation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Oct 21 09:13:56 2015 +0200 tests: testdane will not check hosts which are unreachable -Author: Andreas Metzler +Author: Andreas Metzler Date: Tue Oct 20 19:02:25 2015 +0200 Documentation update @@ -34164,22 +39196,22 @@ Date: Tue Oct 20 19:02:25 2015 +0200 The new simple verification functions were backported to 3.4.6, correct "Since:" to reflect this. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 20 09:40:56 2015 +0200 doc: documented future level -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 20 09:24:36 2015 +0200 pkcs11.h: relocated gnutls_pkcs11_copy_pubkey to allow discovery by buggy doc scripts -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 20 09:16:20 2015 +0200 bumped version to distinguish from 3.4 branch -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 20 09:03:25 2015 +0200 ext master secret: extension is marked as mandatory @@ -34187,7 +39219,7 @@ Date: Tue Oct 20 09:03:25 2015 +0200 This forces the extension to be sent even where resuming sessions. Resolves #45 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Oct 20 08:44:04 2015 +0200 tests: Check whether a resumed session contains the ext master secret extension @@ -34222,7 +39254,7 @@ Date: Fri Oct 16 22:58:54 2015 +0200 tools: when the starttls-proto is specified automatically detect the port if not given -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 16 15:05:09 2015 +0200 tests: verify that public keys are properly written @@ -34230,27 +39262,27 @@ Date: Fri Oct 16 15:05:09 2015 +0200 Also disable parts of the suite that softhsm2 cannot properly work with, to allow running parts of the suite even with broken softhsm. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 16 15:39:05 2015 +0200 cleanup in gnutls_pubkey_import_rsa_raw -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 16 15:33:21 2015 +0200 pkcs11_read_pubkey: make input type more clear -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 16 14:13:47 2015 +0200 p11tool: Allow writing a PKCS #11 pubkey object -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 16 13:16:36 2015 +0200 tools: allow importing a pubkey from a certificate -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 16 13:03:57 2015 +0200 pkcs11: introduced gnutls_pkcs11_copy_pubkey @@ -34276,12 +39308,12 @@ Date: Thu Oct 15 21:09:06 2015 +0200 They were accidentally disabled by b237b37d4d17ee4f98629aae9d72aec87f434cb8 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 15 18:35:44 2015 +0200 tests: check whether the RSA-EXPORT and ARCFOUR-40 legacy strings are accepted -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 15 18:20:38 2015 +0200 Tolerate priority strings with names of legacy ciphers and key exchanges @@ -34290,7 +39322,7 @@ Date: Thu Oct 15 18:20:38 2015 +0200 which disable or enable algorithms which no longer are supported. Relates #44 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Oct 15 16:21:43 2015 +0200 pkcs11: write CKA_ISSUER and CKA_SERIAL_NUMBER when writing on a certificate @@ -34321,17 +39353,17 @@ Date: Mon Oct 12 21:54:09 2015 +0200 certtool: be more specific on the help message for --sec-param when --bits are given -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 12 14:54:04 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 12 14:15:28 2015 +0200 tests: added test case for record timeout values -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 12 13:52:03 2015 +0200 Introduced GNUTLS_INDEFINITE_TIMEOUT @@ -34346,24 +39378,24 @@ Date: Wed Oct 7 10:38:25 2015 +0200 tests: better detection of softhsm library -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 5 14:31:53 2015 +0200 added text on _gnutls_dh_compute_key -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Oct 5 17:11:37 2015 +0200 gnutls_record_recv: simplified text on GNUTLS_E_REHANDSHAKE -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 22 14:31:00 2015 +0200 certtool: print 16-bytes of hex values per line Also avoid a colon on the end of the line. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Sep 22 08:31:04 2015 +0200 fips140: set the key via a configure argument @@ -34373,12 +39405,12 @@ Date: Sat Sep 19 12:37:51 2015 +0200 tests: disable cipher-test on windows platform; they don't seem to work -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 21 14:47:41 2015 +0200 README.md: added build instructions for Fedora/RHEL -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Sep 21 14:25:12 2015 +0200 priorities: sort algorithms by security strength unless performance is requested @@ -34430,27 +39462,27 @@ Date: Fri Sep 18 23:49:46 2015 +0200 tools: added xmpp into the starttls-proto options -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 18 15:57:14 2015 +0200 tools: added ldap into the starttls-proto options -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 17 14:52:27 2015 +0200 system.c: simplify gnutls_system_recv_timeout -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 17 13:15:54 2015 +0200 gnutls-cli-debug: use RFC7627 instead of draft-ietf-tls-session-hash -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 17 10:45:30 2015 +0200 updated documentation on gnutls_vdata_types_t based on DKG's suggestions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Sep 17 10:10:47 2015 +0200 doc update @@ -34571,7 +39603,7 @@ Date: Sat Sep 12 14:47:02 2015 +0200 properly generate asn1_tab.c -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 11 15:44:06 2015 +0200 Don't use formatted output for fixed strings @@ -34590,12 +39622,12 @@ Date: Sat Sep 5 06:20:58 2015 +0200 The names are more consistent with the rest of the library. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Sep 4 14:05:02 2015 +0200 pkcs11: when storing public keys, make sure they are marked as not private -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 31 14:22:02 2015 +0200 README.md: mention the testsuite @@ -34615,17 +39647,17 @@ Date: Sun Aug 30 23:26:27 2015 +0200 Updated coding style -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 28 16:54:47 2015 +0200 gnutls-cli-debug: corrected typo in inappropriate fallback check -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 28 16:51:35 2015 +0200 .gitlab-ci.yml: use the same number of CPUs in all the checks -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 28 12:05:02 2015 +0200 gnutls-cli-debug: added check for inappropriate fallback support @@ -34648,62 +39680,62 @@ Date: Wed Aug 26 19:34:59 2015 +0200 export _gnutls_digest_exists for self tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 26 11:51:09 2015 +0200 x509: tolerate missing subject or issuer fields -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 26 11:42:01 2015 +0200 certtool: added support for sha3 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 26 11:37:13 2015 +0200 gnutls_oid_to_digest(): don't return supported but disabled algorithms -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 26 11:02:39 2015 +0200 Added support for the SHA3 digest algorithm -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Aug 26 09:13:52 2015 +0200 corrected typo in ex-server-anon -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 24 14:13:24 2015 +0200 Define more precisely the auto verification function semantics. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 24 13:59:21 2015 +0200 Allow overriding the verification flags from the auto-verification functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 24 13:43:09 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 24 13:39:33 2015 +0200 Document the new verification functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 24 13:19:51 2015 +0200 examples: simplify the X.509 client example by using the new verification API -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 24 13:13:57 2015 +0200 tests: check the auto-verification functionality -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 24 12:00:10 2015 +0200 Added simpler verification functions for clients @@ -34718,12 +39750,12 @@ Date: Mon Aug 24 12:00:10 2015 +0200 Resolves #27 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 24 11:10:26 2015 +0200 tests: added test for gnutls_session_set_verify_function -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 24 11:03:09 2015 +0200 Added gnutls_session_set_verify_function @@ -34764,36 +39796,36 @@ Date: Sun Aug 23 14:19:17 2015 +0200 That is, return GNUTLS_E_PARSING_ERROR instead of base64 decoding error, and document that fact. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 21 15:10:46 2015 +0200 tests: Added resumption tests for PSK ciphersuites -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 21 14:35:09 2015 +0200 Set the extended master secret status based on resumption data only That is, don't require a new negotiation with extensions. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 21 14:23:38 2015 +0200 tests: corrected resumption tests to disable tickets when needed That is, perform the tests that require no tickets, with tickets disabled. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 21 14:06:51 2015 +0200 session packing: corrected issue in PSK session unpack -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 21 13:54:41 2015 +0200 PSK: save the username in client side in the auth structure -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 21 13:26:08 2015 +0200 _gnutls_hash() returns error code if any. @@ -34804,19 +39836,19 @@ Date: Fri Aug 21 13:26:08 2015 +0200 Resolves #28 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 21 13:15:11 2015 +0200 x509: when appending CRLs to a trust list ensure that we don't have duplicates That is, overwrite CRLs if they have been obsoleted. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 21 11:34:39 2015 +0200 certtool: allow exporting very long CRLs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 14 12:15:16 2015 +0200 tests: verify that a key usage violation is detected @@ -34824,22 +39856,22 @@ Date: Fri Aug 14 12:15:16 2015 +0200 That is that the certificate key usage flags are respected by either the client side or the server side. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 14 12:14:55 2015 +0200 Enable key usage checks in the client side of RSA ciphersuites -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 14 12:14:08 2015 +0200 priorities: Added internal option to allow key usage violations in server side -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 14 11:55:04 2015 +0200 fix typo in comment -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 14 11:27:50 2015 +0200 Re-enable the certificate key usage checks for compliance with ciphersuite @@ -34855,22 +39887,22 @@ Date: Fri Aug 14 11:27:50 2015 +0200 Resolves #24 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 13 12:10:59 2015 +0200 tests: verify whether CRL date setting works as expected -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 13 12:05:35 2015 +0200 certtool: Allow specifying CRL dates as fixed dates -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 13 11:48:15 2015 +0200 tests: verify CRL appending effectiveness -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 13 11:45:50 2015 +0200 gnutls_x509_crl_set_authority_key_id, gnutls_x509_crl_set_number allow overwritting @@ -34878,7 +39910,7 @@ Date: Thu Aug 13 11:45:50 2015 +0200 That allows them to overwrite values which were previously set (e.g., on an imported CRL). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 13 11:36:17 2015 +0200 certtool: allow appending certificates to a CRL @@ -34903,12 +39935,12 @@ Date: Wed Aug 12 22:22:55 2015 +0200 certtool: lifted limits on file size to load -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 10 16:43:28 2015 +0200 before dist ensure that included libopts matches autogen -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 10 16:12:05 2015 +0200 configure: use ':' instead of /bin/true for programs not found @@ -34923,22 +39955,22 @@ Date: Sun Aug 9 20:58:40 2015 +0200 tests: include all cert-tests into dist -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 7 16:59:18 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 7 16:13:12 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 7 16:04:12 2015 +0200 tests: check gnutls_check_version_numeric() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 7 15:45:21 2015 +0200 gnutls.h: added macro gnutls_check_version_numeric @@ -34948,17 +39980,17 @@ Date: Fri Aug 7 15:45:21 2015 +0200 Patch by David Woodhouse. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 7 15:19:33 2015 +0200 use pure and const gcc attributes in headers -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Aug 7 14:14:44 2015 +0200 mention version macro -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Aug 6 10:37:15 2015 +0200 p11tool: test-sign will not fail if a pubkey is not found @@ -34968,24 +40000,24 @@ Date: Tue Aug 4 20:32:25 2015 +0200 key decoding: set key to null for consistency -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 4 14:08:37 2015 +0200 key decoding: simplify decoding logic by removing the fallback -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 4 13:56:41 2015 +0200 key decoding: corrected regression with PKCS #8 key decoding Reported by Daniel Berrange. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Aug 4 13:55:56 2015 +0200 tests: added check for decoding of a PKCS #8 key as fallback -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Aug 3 14:17:16 2015 +0200 pkcs11: set the CKA_TOKEN attribute on generated public keys @@ -35075,29 +40107,29 @@ Date: Fri Jul 31 21:26:25 2015 +0200 updated the required gettext version to match the macros from gnulib -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 31 16:03:25 2015 +0200 safe renegotiation: handle case where client didn't send any extension That was affected by the "don't try to send extensions we didn't receive". -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 31 15:02:01 2015 +0200 tpm: avoid warning -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 31 14:57:33 2015 +0200 As server don't try to send extensions we didn't receive. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 31 14:33:00 2015 +0200 tests: added check for server sending (or not) status request messages -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 31 14:30:00 2015 +0200 fips140: corrected hex decoding @@ -35195,49 +40227,49 @@ Date: Mon Jul 13 20:19:28 2015 +0200 bumped version -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 20 15:42:21 2015 +0200 tests: added cross-check between gnutls_prf_rfc5705() and gnutls_prf() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 20 15:07:05 2015 +0200 removed legacy libgcrypt flags -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 20 14:59:37 2015 +0200 gnutls_prf_rfc5705: optimize in the common use case, by avoiding malloc Also don't handle specially the case of non-NULL context and context_size of zero. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 20 14:03:34 2015 +0200 ignore more files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 20 14:03:22 2015 +0200 p11tool: fix documentation for --generate-ecc and generate-dsa -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 20 10:49:48 2015 +0200 gnutls_prf_rfc5705: mention the version it was introduced at -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 20 10:39:37 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 20 10:35:08 2015 +0200 tests: added check for gnutls_prf() and gnutls_prf_rfc5705 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 20 10:03:37 2015 +0200 gnutls_prf_rfc5705: added @@ -35245,17 +40277,17 @@ Date: Mon Jul 20 10:03:37 2015 +0200 That includes support for RFC5705 when the context field is used. Initial patch by Rick van Rein. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 17 11:38:17 2015 +0200 doc update: explain more about PKCS #11 and fork -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 14 09:55:50 2015 +0200 configure: print the trousers lib only when set -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jul 14 09:44:30 2015 +0200 tpmtool: Added --test-sign parameter @@ -35265,7 +40297,7 @@ Date: Mon Jul 13 20:04:41 2015 +0200 Deinitialize the TPM subsystem only when trousers support is enabled -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jul 13 16:25:16 2015 +0200 TPM: don't link to trousers, use dlopen() @@ -35305,51 +40337,51 @@ Date: Fri Jul 10 19:17:23 2015 +0200 tests: updated pskself to check the hint in all PSK ciphersuites -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 10 16:57:19 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 10 16:55:48 2015 +0200 p11tool: be more compact in token URL printing -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 10 16:52:57 2015 +0200 p11tool: group the provided options for readability -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 10 16:31:02 2015 +0200 p11tool: keep backwards compatibility by introducing --list-token-urls That is, the output of --list-tokens remains the same. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 10 16:25:48 2015 +0200 p11tool: print the module name of a token in verbose mode -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 10 16:24:11 2015 +0200 Added GNUTLS_PKCS11_TOKEN_MODNAME for gnutls_pkcs11_token_get_info That allows to obtain the shared module name of a token URL. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 10 13:36:51 2015 +0200 pkcs11.h: doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jul 10 13:12:00 2015 +0200 p11tool: less verbose output in --list-tokens unless --verbose is specified -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 9 14:10:23 2015 +0200 tests: added suppression for bash mem leak @@ -35361,19 +40393,19 @@ Date: Thu Jul 9 22:50:11 2015 +0200 This avoids test suite failures due to libidn. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 9 13:45:58 2015 +0200 gnutls-cli: doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jul 9 13:26:14 2015 +0200 dumbfw: don't append a size prefix in the pad Reported by Hannes Mehnert. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 8 09:47:52 2015 +0200 gl: use /bin/true to run valgrind during configure @@ -35381,12 +40413,12 @@ Date: Wed Jul 8 09:47:52 2015 +0200 Bash has memory leaks, which prevents the valgrind check to operate using the SHELL variable. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 8 09:38:37 2015 +0200 tests: added check for invalid UTF8 encoded string -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 8 09:19:00 2015 +0200 Revert "libidn support is disabled by default" @@ -35410,7 +40442,7 @@ Date: Wed Jul 1 21:13:23 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 1 15:25:30 2015 +0200 DSA: the numeric number of bits returned from public key should depend on P not Y @@ -35418,22 +40450,22 @@ Date: Wed Jul 1 15:25:30 2015 +0200 That allows to do the proper evaluation to check certificate strength. Reported by Hubert Kario. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 1 15:36:20 2015 +0200 tests: check whether we print the prime size in DSA keys -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 1 11:15:38 2015 +0200 name constraints: simplified gnutls_x509_name_constraints_check_crt() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 1 11:08:11 2015 +0200 tests: verify that unsupported name constraints are properly handled -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jul 1 11:01:20 2015 +0200 name constraints: don't reject certificates if a CA has the URI or IPADDRESS constraints @@ -35470,39 +40502,39 @@ Date: Sat Jun 27 07:51:05 2015 +0200 tests: resume-dtls: increased timeouts -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 26 16:31:21 2015 +0200 Don't use pthread_atfork(), it is not safe to use with dlopen() http://austingroupbugs.net/view.php?id=851 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 26 14:47:39 2015 +0200 atfork: added underscore to gnutls_forkid -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 26 09:08:20 2015 +0200 simplified fork detection -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 26 08:07:01 2015 +0200 enhanced header matching code for private keys to skip unrelated data -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 26 08:00:24 2015 +0200 tests: added private key import checks -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 25 15:08:54 2015 +0200 gnutls_x509_privkey_import: optimized private key loading -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 25 15:01:17 2015 +0200 gnutls_x509_privkey_import2: better behavior when provided with an unencrypted file @@ -35510,14 +40542,14 @@ Date: Thu Jun 25 15:01:17 2015 +0200 That is, it will attempt to decode it first as plain file prior to trying all encrypted options. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 25 14:47:52 2015 +0200 tests: added check to verify that gnutls_x509_privkey_import2 works for plain keys That is, when a password is provided and the key is non encrypted. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 25 11:08:19 2015 +0200 _gnutls_get_asn_mpis() will release any data on failure @@ -35531,7 +40563,7 @@ Date: Sun Jun 21 20:42:12 2015 +0300 Signed-off-by: Alon Bar-Lev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 23 11:53:23 2015 +0200 tests: modified test-ciphersuite-names to work with cpp 5.1.1 @@ -35673,22 +40705,22 @@ Date: Wed Jun 17 14:05:54 2015 +0300 Signed-off-by: Alon Bar-Lev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 16:20:50 2015 +0200 Added gitlab-ci.yml -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 15:52:39 2015 +0200 reduced the exported functions to the minimum needed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 15:49:39 2015 +0200 _gnutls_ext_register was made static -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 15:49:06 2015 +0200 libgnutls.map: use a 3.4 related name for private functions @@ -35708,22 +40740,22 @@ Date: Thu Jun 18 09:41:54 2015 +0300 Signed-off-by: Alon Bar-Lev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 14:15:18 2015 +0200 tests: force link with nettle of mini-alignment -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 14:11:08 2015 +0200 tests: Check the OID functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 14:01:42 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 13:59:57 2015 +0200 Exported functions to convert from and to OIDs @@ -35739,7 +40771,7 @@ Date: Thu Jun 18 12:50:32 2015 +0530 Signed-off-by: Saurav Babu -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 11:19:37 2015 +0200 pkcs7: corrected write_signer_id() when GNUTLS_PKCS7_WRITE_SPKI was used @@ -35797,19 +40829,19 @@ Date: Thu Jun 18 00:57:04 2015 +0300 Signed-off-by: Alon Bar-Lev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 10:51:09 2015 +0200 indentation fix -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 10:46:13 2015 +0200 Always align in 16-byte boundary our input to crypto That allows faster operations in almost all instruction sets. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 18 10:44:45 2015 +0200 tests: added check for memory alignment @@ -35819,17 +40851,17 @@ Date: Wed Jun 17 22:26:51 2015 +0200 tests: only run test with long dates in 64-bit systems -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 17 17:17:10 2015 +0200 tests: regenerate the results in template-test using UTC times -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 17 16:48:36 2015 +0200 ensure that gnutls_pubkey_verify_data2 returns 0 on success -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 17 16:40:15 2015 +0200 Added gnutls_pkcs7_get_signature_count @@ -35848,29 +40880,29 @@ Date: Wed Jun 17 11:59:56 2015 +0300 Signed-off-by: Alon Bar-Lev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 17 11:34:46 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 17 11:19:10 2015 +0200 tests: verify that we generate dates with UTCTime prior to 2050 Also that we generate dates with GeneralizedTime format after 2050. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 17 11:12:03 2015 +0200 When writing the Time ASN.1 structure follow the RFC5280 recommendations -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 17 11:03:29 2015 +0200 Set time in PKCS #7 structures properly (in UTCTime format). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 17 10:42:54 2015 +0200 doc update @@ -35912,152 +40944,152 @@ Date: Tue Jun 16 21:34:30 2015 +0200 released 3.4.2 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 16 17:18:51 2015 +0200 certtool: made explicit the inclusion of time in PKCS #7 signatures -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 16 17:15:04 2015 +0200 pkcs7: write the DER encoded time -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 16 16:56:30 2015 +0200 certtool: include the signature time in PKCS #7 signatures -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 16 16:55:40 2015 +0200 pkcs7: corrected usage of GNUTLS_PKCS7_INCLUDE_TIME flag -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 16 13:31:54 2015 +0200 tests: minor updates in pkcs7 output checks to match new certtool -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 16 13:31:30 2015 +0200 certtool: rely on gnutls_pkcs7_print() even more -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 16 13:27:43 2015 +0200 pkcs7: print certificates and CRLs in FULL mode -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 16 12:29:53 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 16 12:29:38 2015 +0200 certtool: use gnutls_pkcs7_print() - partially -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jun 16 12:18:55 2015 +0200 Added gnutls_pkcs7_print() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 15 11:36:58 2015 +0200 bumped version -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 11 10:34:55 2015 +0200 tests: added signature/verification stress test -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jun 11 10:11:35 2015 +0200 tests: check also individual ciphers for interoperability -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 8 11:38:54 2015 +0200 fips140: better debug messages when verifying MAC -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jun 5 11:19:13 2015 +0200 tpmtool: added newline in error messages -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 16:10:30 2015 +0200 fips140: added check for reseed detection -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 15:48:23 2015 +0200 tests: check random generator for long outputs as well -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 15:42:42 2015 +0200 fips140: when GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS is setup do not perform integrity tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 15:38:09 2015 +0200 fips140: reset the reseed counter only on reseed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 15:37:39 2015 +0200 fips140: when reseeding only reseed the required context not all -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 14:37:11 2015 +0200 fips140: added more checks on the reseed and generate function -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 14:36:35 2015 +0200 fips140: enforce the max_number_of_bits_per_request -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 16:36:32 2015 +0200 tests: do not include times in the PKCS #7 checks as they depend on local timezone -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 13:28:59 2015 +0200 pkcs7: addressed memory leaks -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 11:42:30 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 11:38:55 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 11:35:04 2015 +0200 tests: Added PKCS #7 attribute generation check -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 10:44:25 2015 +0200 tests: updated for new certtool output -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 10:40:54 2015 +0200 certtool: print signed and unsigned PKCS #7 attributes -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jun 3 10:24:05 2015 +0200 Added code to parse and set PKCS #7 attributes @@ -36175,52 +41207,52 @@ Date: Mon Jun 1 20:07:57 2015 +0200 tests: added PKCS #7 test with more than 1 certs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 1 18:56:51 2015 +0200 certtool: allow verification of PKCS #7 structures -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 1 18:55:37 2015 +0200 Initialization of gnutls_x509_dn_t was modified to allow deinitialization after failure -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 1 15:19:03 2015 +0200 Added PKCS #7 signature(s) verification -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 1 15:13:10 2015 +0200 Added gnutls_pkcs11_get_raw_issuer_by_subject_key_id and gnutls_x509_trust_list_get_issuer_by_subject_key_id -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 1 14:34:57 2015 +0200 tests: added check for gnutls_x509_dn_get_str -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 1 14:26:19 2015 +0200 added gnutls_x509_dn_get_str -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 1 11:52:58 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 1 11:51:32 2015 +0200 Added gnutls_x509_crt_verify_data2() and kept gnutls_privkey_sign_data() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jun 1 10:43:46 2015 +0200 verify PKCS #7 signed data -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 29 14:41:13 2015 +0200 updated PKCS #7 code to cache signed_data @@ -36240,19 +41272,19 @@ Date: Sun May 31 08:50:09 2015 +0200 tests: Added tests for PKCS7 cert extraction -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 29 16:37:36 2015 +0200 Revert "updated gnulib" This reverts commit c040ce6dd05b48b971d8dcc8fc8f23957ed15f9c. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 29 14:39:58 2015 +0200 silence format-signness warnings in gcc5 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 29 14:34:53 2015 +0200 updated gnulib @@ -36274,37 +41306,37 @@ Date: Sat May 23 23:30:18 2015 -0400 the documentation which explicitly states that 0 should be returned if no DH key exchange was performed. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 22 09:08:00 2015 +0200 gnutls_dh_get_group: mention that the values may include a leading zero -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 21 11:55:06 2015 +0200 gnutls_dh_set_prime_bits: warn when overriding the DH max prime size with 1007 bits or less -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 21 10:52:37 2015 +0200 cleanup unused variable -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 21 10:51:17 2015 +0200 corrected allocation check -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 21 10:46:26 2015 +0200 removed useless check -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 21 10:43:06 2015 +0200 document intentional fallthrough in switch -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 21 10:41:11 2015 +0200 ecc ext: check return code of _gnutls_buffer_append_data @@ -36335,22 +41367,22 @@ Date: Sun May 17 20:33:48 2015 +0200 other libraries. Resolves #11 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 15 12:03:23 2015 +0200 include nettle/memxor when needed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri May 15 12:02:56 2015 +0200 gnutls-serv: send alert when wrong data have been received from client -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 14 15:32:09 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu May 14 14:00:11 2015 +0200 camellia256-gcm: corrected regression @@ -36362,59 +41394,59 @@ Date: Mon May 11 18:41:09 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 6 15:22:05 2015 +0200 doc: added section about subject alternative names -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 6 11:17:09 2015 +0200 handshake_start_time was moved out of the DTLS-specific variables -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 6 11:13:05 2015 +0200 apply default timeout for DTLS in gnutls_handshake_set_timeout -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 6 10:03:16 2015 +0200 tests: do not perform internationalized name checks without libidn -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed May 6 09:52:39 2015 +0200 tests: updated sign-md5-rep to reduce false failures -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 5 16:40:37 2015 +0200 tests: eliminate mem leaks in mini-loss-time -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 5 15:55:19 2015 +0200 tests: testdane: remove dane.nox.su from the list of known to be good hosts -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 5 14:43:42 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 5 14:41:55 2015 +0200 tests: mini-loss-time enhanced to check proper timeouts in both client and server -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 5 14:35:45 2015 +0200 dtls: combined the total timeouts of DTLS and TLS handshake That also makes the waits for packets more robust against blocking. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue May 5 09:36:17 2015 +0200 define GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA @@ -36459,37 +41491,37 @@ Date: Thu Apr 30 18:48:57 2015 +0200 doc: updated gnutls_dtls_set_timeouts -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 30 16:40:24 2015 +0200 doc: fixed example with DTLS timeouts -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 30 16:32:40 2015 +0200 use macro for DTLS default timeout -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 30 16:28:24 2015 +0200 gnutls_handshake_set_timeout will properly work with DTLS -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 30 14:09:22 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 30 14:53:17 2015 +0200 document the need for gnutls_transport_set_pull_timeout_function -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 30 14:06:09 2015 +0200 doc: updated async operation text -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 30 13:53:19 2015 +0200 disable default handshake timeout @@ -36498,27 +41530,27 @@ Date: Thu Apr 30 13:53:19 2015 +0200 which may not want to block while the pull timeout function waits. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 30 13:38:26 2015 +0200 tests: added check to verify that pull timeout is not called on non-blocking sessions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 30 13:22:34 2015 +0200 GNUTLS_NONBLOCK can be used for non-DTLS sessions as well -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 29 14:44:30 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 29 14:44:30 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 28 16:12:13 2015 +0200 tests: key generation test was moved to main checks @@ -36532,17 +41564,17 @@ Date: Tue Apr 28 13:50:40 2015 +0200 Signed-off-by: Jan Vcelak -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 28 14:30:35 2015 +0200 updated minitasn1 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 28 14:29:41 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 28 14:26:57 2015 +0200 Handle DNS name constraints with leading dot @@ -36552,17 +41584,17 @@ Date: Tue Apr 28 14:26:57 2015 +0200 Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 28 09:02:12 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 27 09:16:42 2015 +0200 updated text for gnutls_pkcs11_init -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 27 09:08:10 2015 +0200 updated pkcs11 loading documentation @@ -36633,32 +41665,32 @@ Date: Sat Apr 25 09:10:15 2015 +0200 updated doc for retrieve function -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Apr 24 16:04:44 2015 +0200 updated PKCS #11 URL references to rfc7512 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 22 14:00:45 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 22 13:54:18 2015 +0200 tests: added check for gnutls_credentials_get -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 22 13:49:10 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 22 13:41:17 2015 +0200 fixed doc: reported by Anton Lavrentiev -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 22 11:33:34 2015 +0200 doc: corrected typo @@ -36668,7 +41700,7 @@ Date: Tue Apr 21 22:08:56 2015 +0200 tests: resume-dtls: remove global variables -Author: Andreas Metzler +Author: Andreas Metzler Date: Tue Apr 21 19:18:00 2015 +0200 List all certificate type priority strings. @@ -36682,47 +41714,47 @@ Date: Sun Apr 19 21:23:21 2015 +0200 Suggested by Nimrod Aviram. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 21 15:20:38 2015 +0200 tests: initialize status where needed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 21 15:18:11 2015 +0200 tests: cleanup openpgp-auth2 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 21 15:17:38 2015 +0200 tests: cleanup mini-dtls-rehandshake -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 21 13:46:36 2015 +0200 tests: resume: check for signals -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 21 10:42:50 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 21 10:40:41 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 21 10:36:07 2015 +0200 tests: reduced compiler warnings -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 21 10:07:30 2015 +0200 tests: verify the return value of gnutls_certificate_get_ours when no cert is sent -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 21 10:07:11 2015 +0200 tests: close unused file descriptors in resume checks @@ -36732,29 +41764,29 @@ Date: Mon Apr 20 23:39:08 2015 +0200 libopts: fixed the reading of the --enable-local-libopts flag -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 20 17:51:20 2015 +0200 gnutls-cli: when no certificate is sent, notify the user -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 20 17:45:33 2015 +0200 tests: added check with X.509 certificates and callbacks That corresponds to functionality checked in openpgp-callback.c -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 20 17:38:10 2015 +0200 tests: added check for gnutls_certificate_get_ours() when used in combination with callbacks -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 20 16:46:34 2015 +0200 tests: improved x509dn check -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 20 16:43:51 2015 +0200 gnutls_certificate_get_ours: will return the certificate even if a callback was used @@ -36762,17 +41794,17 @@ Date: Mon Apr 20 16:43:51 2015 +0200 This corrects a bug where this function would not work, when gnutls_certificate_set_retrieve_function2() was used. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 20 16:31:55 2015 +0200 gnutls-cli: when a certificate is specified require the corresponding private key -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 20 16:25:21 2015 +0200 ensure that the X.509 version number is one byte only -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 20 14:04:37 2015 +0200 Check for invalid length in the X.509 version field @@ -36780,12 +41812,12 @@ Date: Mon Apr 20 14:04:37 2015 +0200 If such an invalid length is detected, reject the certificate. Reported by Hanno Böck. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 20 13:57:31 2015 +0200 ocsp: initialize certs to NULL -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Apr 20 12:45:56 2015 +0200 gnutls-serv: print when the peer's certificate is not verified @@ -36929,37 +41961,37 @@ Date: Thu Apr 9 16:00:43 2015 +0200 remove duplicate entries from manpages Makefile -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 8 17:08:07 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 8 17:07:11 2015 +0200 tests: enhanced cert tests with SHA256 key IDs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 8 16:56:44 2015 +0200 certtool: modified to allow different key ID algorithms -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 8 16:48:46 2015 +0200 Added flags which modify the algorithm used for key ID calculation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 8 16:33:47 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 8 16:18:37 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 8 16:16:42 2015 +0200 gnutls_record_discard_queued() is both for TLS and DTLS @@ -37039,22 +42071,22 @@ Date: Tue Apr 7 20:24:10 2015 +0200 removed unused functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 7 16:03:16 2015 +0200 extend the fallback to setkey in addition to init -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 7 15:50:23 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 7 15:48:41 2015 +0200 tests: verify the behavior of GNUTLS_E_NEED_FALLBACK -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 7 15:39:18 2015 +0200 introduced GNUTLS_E_NEED_FALLBACK to allow falling back from registered ciphers @@ -37063,12 +42095,12 @@ Date: Tue Apr 7 15:39:18 2015 +0200 (e.g., due to memory constraints, or internal limits), and gnutls should proceed with the default algorithms. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 7 10:53:54 2015 +0200 ciphersuites: moved CCM ciphersuites in the appropriate ifdefs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 7 10:51:25 2015 +0200 tests: ciphersuite test will ignore the invalid names of TLS_DHE_PSK_WITH_AES_128_CCM_8 @@ -37076,22 +42108,22 @@ Date: Tue Apr 7 10:51:25 2015 +0200 That is because the names in rfc6655 are for some reason different than the expected. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 7 10:47:00 2015 +0200 document CCM and CCM-8 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 7 10:44:02 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 7 10:42:36 2015 +0200 tests: added CCM and CCM_8 into ciphersuite tests -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Apr 7 10:31:23 2015 +0200 Added CCM-8 ciphersuites @@ -37230,32 +42262,32 @@ Date: Fri Apr 3 22:35:24 2015 +0200 Resolves #5 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 2 15:30:20 2015 +0200 chacha20-poly1305: ciphersuite numbers correspond to the latest draft -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 2 15:27:51 2015 +0200 p11tool: improved output message -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Apr 2 12:54:45 2015 +0200 removed unecessary warning -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 1 19:08:33 2015 +0200 doc update: account for new functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 1 18:42:13 2015 +0200 p11tool: better output text -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 1 18:40:47 2015 +0200 pkcs11: added GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PUBKEY @@ -37263,96 +42295,96 @@ Date: Wed Apr 1 18:40:47 2015 +0200 Also enforce the expected flags despite any given flags in the URL. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 1 18:29:08 2015 +0200 p11tool: added the --test-sign parameter That allows to check an existing key for signing/verification. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 1 16:52:48 2015 +0200 gnutls_priv/pubkey_import_url replace: gnutls_privkey_import_pkcs11_url and gnutls_pubkey_import_pkcs11_url -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 1 16:02:02 2015 +0200 certtool: corrected import of pubkey in DER format -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 1 10:50:08 2015 +0200 tests: added check for EtM negotiation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 1 10:42:28 2015 +0200 only send EtM extension if we have CBC ciphersuites -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 1 10:04:54 2015 +0200 mention gnutls_privkey_sign_raw_data in upgrade section -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 1 09:55:09 2015 +0200 gnutls_privkey_sign_raw_data: converted to macro over gnutls_privkey_sign_hash -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Apr 1 10:00:31 2015 +0200 tests: added check for the legacy gnutls_privkey_sign_raw_data -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 31 11:16:45 2015 +0200 avoid compilation warnings in self checks (take 2) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 31 11:15:04 2015 +0200 Revert "selftests: avoid compilatio warnings" This reverts commit 196477d68f32b30d0de8e203a5c1c405af429603. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 31 08:50:45 2015 +0200 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 31 08:48:37 2015 +0200 tests: check whether PKCS #11 ID set on copy/generation is correct -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 31 08:29:33 2015 +0200 p11tool: allow setting the CKA_ID on object initialization/generation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 31 08:22:58 2015 +0200 exported new functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 31 08:19:18 2015 +0200 pkcs11: enhanced key generation functions to allow specifying a CKA_ID -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 31 08:14:27 2015 +0200 selftests: avoid compilatio warnings -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 30 16:12:27 2015 +0200 enhanced copy functions to allow specifying a CKA_ID -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 30 09:57:41 2015 +0200 tests: mini-server-name: ignore sigpipe @@ -37534,57 +42566,57 @@ Date: Mon Mar 23 19:19:49 2015 +0100 updated gnulib -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 27 14:01:20 2015 +0100 p11tool: more precise documentation of --set-id parameter -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 27 11:05:08 2015 +0100 depend on nettle 3.1 or later -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 27 10:42:48 2015 +0100 tests: updated email check for renamed --verify-email option -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 27 10:32:29 2015 +0100 gnutls_pkcs11_privkey_generate2: increased the size of ck_attributes -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 27 10:31:03 2015 +0100 pkcs11: check gnutls_rnd() for error condition -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 27 10:27:10 2015 +0100 gnutls_pkcs11_privkey_generate2: set a CKA_ID on key generation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 27 10:25:59 2015 +0100 p11tool: reduced debugging output -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 27 09:47:40 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 27 09:47:12 2015 +0100 certtool: --purpose, --hostname were renamed to --verify-purpose, --verify-hostname -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 26 16:46:43 2015 +0100 p11tool: added --mark-no-sign and --mark-no-decrypt options -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 26 16:34:46 2015 +0100 pkcs11: added flags to mark keys as not-being signable or decryptable @@ -37592,103 +42624,103 @@ Date: Thu Mar 26 16:34:46 2015 +0100 That adds GNUTLS_PKCS11_OBJ_FLAG_MARK_NO_DECRYPT and GNUTLS_PKCS11_OBJ_FLAG_MARK_NO_SIGN which can be set during generation or write of keys. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 26 16:21:28 2015 +0100 pkcs11: set the CKA_SIGN and CKA_DECRYPT flags when writing a private key -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 26 13:16:52 2015 +0100 tests: cleanups in resume-dtls -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 26 11:26:14 2015 +0100 ext: server_name: move name length check prior to IDN convertion -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 26 11:04:37 2015 +0100 When an application calls gnutls_server_name_set() with a name of zero size disable the extension Resolves #2 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 26 09:25:10 2015 +0100 gnutls_x509_crt_check_hostname2: check CN for match only if certificate would have been acceptable for GNUTLS_KP_TLS_WWW_SERVER -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 26 09:20:34 2015 +0100 Apply DNS name constraints on CN field only on certificates acceptable for TLS WWW SERVER purpose Suggested by Fotis Loukos. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 25 17:10:06 2015 +0100 tests: mini-loss-time is less prone to timeouts -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 25 15:56:32 2015 +0100 tests: added valgrind suppressions in cert-tests for libidn -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 25 15:52:15 2015 +0100 certtool: eliminated memory leaks on verification -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 25 10:39:35 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 25 10:21:31 2015 +0100 tests: Added email verification tests with certtool -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 25 10:05:33 2015 +0100 certtool: added the --email option, to use in verification -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 25 10:04:56 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 25 09:42:16 2015 +0100 Added gnutls_x509_crt_check_email(), gnutls_openpgp_crt_check_email() and GNUTLS_DT_RFC822NAME -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 25 09:02:53 2015 +0100 tests: verify that we accept a certificate with no name even if its CA has nameconstraints -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 25 08:38:47 2015 +0100 name constraints: when no name of the type is found, accept the certificate This follows RFC5280 advice closely. Reported by Fotis Loukos. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 24 10:49:32 2015 +0100 tests: increase the timeout in resume-dtls -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 24 10:09:43 2015 +0100 gnutls_pkcs11_obj_export3: allow operation when raw.data is NULL and we have a public key -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 24 09:58:17 2015 +0100 pkcs11: simplified export of objects @@ -37698,17 +42730,17 @@ Date: Tue Mar 24 09:58:17 2015 +0100 parameters, which we encode into a key. Issue reported by Frank Leavis. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 24 08:37:35 2015 +0100 gnulib: removed u64 module -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 24 08:36:33 2015 +0100 drop support for gnulib's u64 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 23 13:09:08 2015 +0100 tests: check legacy RC4 in testcompat @@ -37716,7 +42748,7 @@ Date: Mon Mar 23 13:09:08 2015 +0100 That would prevent losing compatibility without detecting it. That is currently the case since it is no longer enabled by default. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 23 10:28:28 2015 +0100 tests: added check to verify the correctness of the record function return values @@ -37736,42 +42768,42 @@ Date: Sat Mar 21 10:38:28 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 20 14:04:26 2015 +0100 doc: avoid mentioning pointers when not needed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 20 13:46:24 2015 +0100 increase the maximum stack frame the compiler will warn for -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 20 13:22:43 2015 +0100 doc: avoid using structure for opaque types -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 20 09:42:28 2015 +0100 tests: include gnutls_ext_s/get_data into tests of mini-extension -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 20 09:41:59 2015 +0100 updated documentation on non-return value of gnutls_ext_set_data -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 20 09:35:51 2015 +0100 tests: fixed buffers in mini-dtls0-9 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 20 09:32:19 2015 +0100 avoid overflow when receiving DTLS 0.9 CCS -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 20 08:35:48 2015 +0100 added gnutls_ext_set_data() and gnutls_ext_get_data() @@ -37893,17 +42925,17 @@ Date: Thu Mar 19 20:11:18 2015 +0100 more files to ignore -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 19 11:43:52 2015 +0100 gnutls_x509_crt_import_pkcs11_url moved to pkcs11.h as it was always defined there -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 19 11:06:28 2015 +0100 inet_ntop replacement: include sys/socket.h -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 19 11:03:24 2015 +0100 inet_ntop replacement: do not depend on socklen_t @@ -37928,62 +42960,62 @@ Date: Wed Mar 18 19:34:14 2015 +0100 tests: increase verbosity of mini-dtls-record -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 18 14:05:51 2015 +0100 document the cipher override API -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 18 13:47:03 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 18 13:42:55 2015 +0100 added test suite for overriden digests and MACs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 18 13:04:43 2015 +0100 Added API to register MAC and digest algorithms. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 18 11:46:06 2015 +0100 added test suite for overriden ciphers -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 18 11:44:26 2015 +0100 Added API to register AEAD and legacy ciphers. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 18 11:30:44 2015 +0100 cryptodev: provide the new AEAD API -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 18 10:34:47 2015 +0100 Added environment variable which can override automatic global initialization -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 18 10:09:34 2015 +0100 removed unused functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 18 10:07:09 2015 +0100 configure: fail compilation if the minimum required libtasn1 is not present -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 18 09:53:06 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 16 13:52:05 2015 +0100 tests: long-session-id uses the test framework @@ -37998,12 +43030,12 @@ Date: Tue Mar 17 09:23:51 2015 +0100 depend on p11-kit 0.23.1 to conform to draft-pechanec-pkcs11uri-21 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 16 13:23:20 2015 +0100 tests: fixed shadowed variable in mini-dtls-record -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 16 11:38:56 2015 +0100 tests: use nanosleep for sleeping @@ -38018,39 +43050,39 @@ Date: Sat Mar 14 08:40:29 2015 +0100 updated README-alpha -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 13 16:30:55 2015 +0100 Fixed handling of supplemental data with types > 255. Patch by Thierry Quemerais. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 13 16:20:54 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 13 16:12:17 2015 +0100 gnutls_priority_init: document that priorities can be NULL -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 13 13:30:12 2015 +0100 testpkcs11: disallow softhsm 2.0.0b1 from being used to test PKCS #11 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 13 13:24:18 2015 +0100 tests: mini-eagain2: call gnutls_handshake_set_timeout() at the proper time -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 13 10:10:23 2015 +0100 added libasan as dependency -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 13 09:52:15 2015 +0100 corrected self test for 3DES @@ -38070,32 +43102,32 @@ Date: Wed Mar 11 22:35:53 2015 +0100 pkcs11: only set ID and label when both size and data are set -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 11 16:14:32 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 11 16:10:46 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 11 16:10:36 2015 +0100 p11tool: exit with non-zero reason if no objects are found -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 11 16:02:44 2015 +0100 tests: added checks for p11tool --set-id and --set-label -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 11 16:02:21 2015 +0100 p11tool: added --set-id and --set-label options -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 11 14:49:04 2015 +0100 added gnutls_pkcs11_obj_set_info() @@ -38142,12 +43174,12 @@ Date: Mon Mar 9 19:09:34 2015 +0100 rearranged internal documentation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 9 12:38:52 2015 +0100 tools: added ftp as a starttls protocol -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 9 12:38:01 2015 +0100 gnutls-cli: starttls and starttls-proto can't mix @@ -38191,76 +43223,76 @@ Date: Fri Mar 6 18:00:41 2015 +0100 This reverts commit aff4b2151b42c6a59e490c3714d3e1e64d2921dd. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 17:36:15 2015 +0100 cleaned up licensing -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 17:32:10 2015 +0100 auto-generate README from README.md -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 17:17:53 2015 +0100 Revert "added README.md as link to README" This reverts commit 041d4f947eb6937d4af62eb35055668825c36833. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 17:17:26 2015 +0100 added README.md as link to README -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 17:15:41 2015 +0100 Revert "renamed README files" This reverts commit 05b4fa46667d3f5972f6de6ac61ff959382c67a5. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 17:14:50 2015 +0100 renamed README files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 17:12:09 2015 +0100 README: converted to mark-down -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 15:58:37 2015 +0100 gnutls-cli-debug: corrected check of certificate chain order -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 15:52:01 2015 +0100 tests: added small test to verify that GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED succeeds with a single cert -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 15:42:40 2015 +0100 gnutls-cli-debug: disable unsupported TLS protocols as soon -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 15:30:42 2015 +0100 cli sockets: check for a digit prior using atoi -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 15:14:14 2015 +0100 gnutls-cli-debug: a cert list of size 1 is always sorted -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 15:11:35 2015 +0100 gnutls-cli-debug: do not warn multiple times about unknown protocols -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Mar 6 10:52:32 2015 +0100 updated documentation on FIPS140-2 @@ -38310,26 +43342,26 @@ Date: Thu Mar 5 18:56:34 2015 +0100 certtool: exit when there is an overflow in parsing days -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 5 11:40:17 2015 +0100 README: mention that openssl and polarssl will be used for interop testing -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 5 10:40:20 2015 +0100 Revert "tests: increased the retries with datefudge cert generation" This reverts commit a381fd148d2e181e19aad9ab9a9c5993080ce869. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 5 10:40:10 2015 +0100 Revert "tests: template-test: added a baseline check to detect slow systems" This reverts commit b7ef1265810ec55d0912db2e3fa4204d8c412377. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Mar 5 09:25:58 2015 +0100 tests: template-test: added a baseline check to detect slow systems @@ -38379,17 +43411,17 @@ Date: Wed Mar 4 17:23:32 2015 +0100 updated copyright date -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 4 14:59:58 2015 +0100 use asn1_decode_simple_ber if available -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 4 11:25:30 2015 +0100 corrected typo -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 4 10:47:30 2015 +0100 mention libidn @@ -38404,7 +43436,7 @@ Date: Wed Mar 4 03:25:42 2015 +0300 Signed-off-by: Ilya V. Matveychikov -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 4 10:07:01 2015 +0100 doc update @@ -38414,12 +43446,12 @@ Date: Fri Feb 20 22:24:23 2015 +0100 tests: added checks for invalid X.509 certificate signatures -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 4 08:20:35 2015 +0100 added the change of priority string NORMAL in documentation -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Mar 4 08:15:16 2015 +0100 document the usage of a PKCS #11 trust module for verification @@ -38439,19 +43471,19 @@ Date: Tue Mar 3 18:51:22 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 3 17:44:00 2015 +0100 cross-implementation test suite was relicensed to 3-clause BSD That way the suite can be used by projects with other licenses. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 3 09:34:26 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Mar 3 09:31:16 2015 +0100 DSA signatures and DHE-DSS are disabled by default @@ -38463,7 +43495,7 @@ Date: Tue Mar 3 09:31:16 2015 +0100 DSA, there is no point to enable it by default and increase our attack surface. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Mar 2 08:12:28 2015 +0100 gnutls-cli: include AES_128_CCM in benchmark-ciphers @@ -38488,27 +43520,27 @@ Date: Sat Feb 28 09:33:12 2015 +0100 bundle inet_ntop in systems that don't have it -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 27 16:31:50 2015 +0100 updated auto-generated files -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 27 16:26:34 2015 +0100 removed gnutls_pubkey_get_verify_algorithm from abstract.h -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Feb 26 13:03:35 2015 +0100 corrected typo in gnutls_handshake(), spotted by Andris Mednis -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 24 10:28:26 2015 +0100 doc update: document that session_get_data() must be used in non-resumed sessions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Feb 23 13:50:00 2015 +0100 doc update @@ -38628,32 +43660,32 @@ Date: Fri Feb 20 22:17:15 2015 +0100 tests: added check for invalid X.509 certificate -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 20 17:09:57 2015 +0100 tests: added check for gnutls_record_get_state() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 20 17:09:34 2015 +0100 removed unused constants -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 20 16:58:41 2015 +0100 memcpy fix in gnutls_record_get_state -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 20 16:23:33 2015 +0100 removed ltmain.sh from root -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 20 11:18:45 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 20 11:16:44 2015 +0100 Added gnutls_record_get_state() and gnutls_record_set_state() @@ -38661,17 +43693,17 @@ Date: Fri Feb 20 11:16:44 2015 +0100 These functions allow to export the key material and sequence numbers. That allows offloading the sending and receiving of individual records. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 20 11:13:55 2015 +0100 fixed sequence number copy -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 20 10:56:54 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Feb 20 10:56:35 2015 +0100 gnutls_handshake_set_hook_function: will provide the raw handshake data @@ -38686,7 +43718,7 @@ Date: Wed Feb 18 22:55:38 2015 +0100 use cast in _gnutls_hash_fast -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Feb 17 14:20:10 2015 +0100 when importing a certificate ensure that the signature parameters match @@ -38711,56 +43743,56 @@ Date: Wed Feb 4 10:14:55 2015 +0100 handle differently OCSP responses that are revoked and of unknown status -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Sun Feb 1 13:35:40 2015 +0100 compilation fix with return on void function; reported by David Marx -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 29 14:31:08 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 29 14:21:18 2015 +0100 set the appropriate direction when _gnutls_io_write_flush() is called -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 28 10:32:16 2015 +0100 tests: added check for operation under different threads and DTLS -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 28 10:22:37 2015 +0100 tests: added check for operation under different processes and DTLS -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 28 09:57:13 2015 +0100 Revert "doc update" This reverts commit eabf1f27d255577bad60d302abf46a969848fcd7. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 28 09:56:56 2015 +0100 Revert "Added gnutls_record_is_async()" This reverts commit 2232822aabe473d124f924d64ff52981d685fd41. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 28 09:56:21 2015 +0100 documented using a session with fork or multiple threads -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 27 13:07:19 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 27 13:06:10 2015 +0100 Added gnutls_record_is_async() @@ -38789,29 +43821,29 @@ Date: Sun Jan 25 08:15:01 2015 +0100 simplified _gnutls_writev() by requiring the total length -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 20 09:39:44 2015 +0100 opencdk: small fixed to reduce warnings -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 19 15:36:22 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 19 15:32:09 2015 +0100 don't be so verbose about the OCSP nonce; it is universally unsupported -Author: Tim Ruehsen +Author: Tim Rühsen Date: Sat Jan 17 14:32:35 2015 +0100 OCSP check the whole cert chain Signed-off-by: Nikos Mavrogiannopoulos -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 19 09:29:31 2015 +0100 on certificate import check whether the two signature algorithms match @@ -38831,14 +43863,14 @@ Date: Mon Jan 12 19:32:38 2015 +0000 Added configure option --disable-tools -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 16 15:54:53 2015 +0100 corrected typos Reported by Guido Kroon. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 16 14:16:58 2015 +0100 Added the notion of obsolete versions @@ -38847,22 +43879,22 @@ Date: Fri Jan 16 14:16:58 2015 +0100 they are the only protocol supported. This avoids the issues with servers that have banned SSL 3.0 record versions. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 16 10:16:47 2015 +0100 ocsptool: follow the documented process for gnutls_x509_crt_get_authority_info_access -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 16 10:15:08 2015 +0100 gnutls_x509_crt_get_authority_info_access: doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 15 15:49:53 2015 +0100 ocsptool-common: iterate through all AIA items prior to decidig the OCSP server -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Jan 14 08:11:17 2015 +0100 use a FIPS key that agree's with fedora's fipshmac @@ -38882,52 +43914,52 @@ Date: Mon Jan 12 23:14:35 2015 +0100 gnutls-cli: added --starttls-proto option -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 12 17:28:50 2015 +0100 pkcs11: cleanup the name of types -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 12 17:19:48 2015 +0100 tests: updates in softhsm detection -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 12 17:12:56 2015 +0100 pkcs11: when importing a public key, import it's data as well (version 2 fix) -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 12 17:02:03 2015 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 12 11:50:53 2015 +0100 testpkcs11: do not ignore the failure to write a trusted CA -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 12 11:17:24 2015 +0100 removed gnutls_pubkey_get_pk_* from the exported function list -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 12 10:33:21 2015 +0100 tests: key-import-export: enhanced to test gnutls_pubkey_*_ecc_x962 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 12 10:32:13 2015 +0100 gnutls_pubkey_t: allow the import of another parameter set without a leak -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 12 10:19:47 2015 +0100 removed ABI-compatibility functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Jan 9 13:59:34 2015 +0100 doc update @@ -39003,7 +44035,7 @@ Date: Thu Jan 8 10:18:07 2015 +0100 * guile/modules/gnutls.in: Wrap '%libdir' definition and 'load-extension' call in 'eval-when'. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 8 09:35:59 2015 +0100 When receiving a TLS record with multiple handshake packets, parse them in one go @@ -39011,7 +44043,7 @@ Date: Thu Jan 8 09:35:59 2015 +0100 That resolves: https://savannah.gnu.org/support/?108712 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Jan 8 09:25:15 2015 +0100 tests: updated mini-dtls-record-asym @@ -39031,55 +44063,55 @@ Date: Tue Jan 6 21:22:02 2015 +0100 tests: corrected asymmetric MTU test for DTLS and added caching -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 6 17:32:44 2015 +0100 Added test case for DTLS handshake packet reconstruction when it exceeds MTU https://savannah.gnu.org/support/?108712 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 6 17:18:57 2015 +0100 simplified _gnutls_dgram_read() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 6 13:39:19 2015 +0100 danetool: only compile when dane is enabled -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 6 10:17:14 2015 +0100 in DTLS don't combine multiple packets which exceed MTU Resolves: https://savannah.gnu.org/support/?108715 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 6 10:01:47 2015 +0100 Added more precise check of push functions availability -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 6 09:59:33 2015 +0100 Revert "in DTLS don't use writev() when multiple packets which exceed MTU are queued" This reverts commit 43082a67c7514d65301d157fb567a133138a85ab. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Jan 6 09:59:25 2015 +0100 Revert "Give precedence to vector push function" This reverts commit cb4ea413569803cbbf291abb27d30d14bfa971c5. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 5 15:08:28 2015 +0100 Give precedence to vector push function -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 5 15:08:28 2015 +0100 in DTLS don't use writev() when multiple packets which exceed MTU are queued @@ -39088,22 +44120,22 @@ Date: Mon Jan 5 15:08:28 2015 +0100 even when writev() is available. Resolves: https://savannah.gnu.org/support/?108715 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 5 16:28:58 2015 +0100 tests: added check to ensure that DTLS handshake packets will not exceed MTU -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 5 16:21:57 2015 +0100 certtool: warn when setting a certificate's expiration longer than the CA's expiration -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 5 15:01:22 2015 +0100 testpkcs11: detect softhsm2 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Jan 5 14:40:51 2015 +0100 tests: account for disabling of ARCFOUR where needed @@ -39539,7 +44571,7 @@ Date: Fri Dec 12 18:41:50 2014 +0100 testdane: removed www.vulcano.cl from good hosts -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 4 14:26:05 2014 +0100 tests: enhanced x509cert-tl @@ -39547,7 +44579,7 @@ Date: Thu Dec 4 14:26:05 2014 +0100 Verify gnutls_x509_trust_list_verify_crt2() in combination with gnutls_x509_trust_list_add_named_crt(). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 4 14:21:46 2014 +0100 use gnutls_x509_trust_list_verify_named_crt in gnutls_x509_trust_list_verify_crt2 @@ -39615,7 +44647,7 @@ Date: Thu Dec 11 18:53:21 2014 +0100 cross.mk: updated for 3.3.11 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 11 10:15:54 2014 +0100 Allow a random generator with the same priority to re-register @@ -39634,7 +44666,7 @@ Date: Thu Dec 11 06:08:33 2014 +0100 testcompat: corrected usage of null cipher -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 10 15:40:49 2014 +0100 added the .check function in FIPS140-2 code @@ -39684,32 +44716,32 @@ Date: Fri Dec 5 19:58:42 2014 +0100 dane: use the new _gnutls_buffer_to_datum -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 5 10:36:34 2014 +0100 tests: corrected the expected lengths in ocsp -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 5 10:31:41 2014 +0100 _gnutls_buffer_to_datum: includes code for exporting strings -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 5 10:04:50 2014 +0100 when the trusted list contains a non-CA certificate warn via the audit log -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 5 09:52:40 2014 +0100 modified the CCM ciphersuite's name to match the one in the IANA registry -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 5 09:52:14 2014 +0100 ciphersuite test: enhanced check for correct ciphersuites -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Dec 5 09:35:46 2014 +0100 ciphersuites tests: add missing includes @@ -39764,22 +44796,22 @@ Date: Thu Dec 4 22:15:16 2014 +0100 references to RSA parameters. Adjust example accordingly. (OpenPGP Authentication Guile Example): Likewise. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 4 16:05:58 2014 +0100 updated TODO list -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Dec 4 14:39:03 2014 +0100 removed several of the unneeded exported internal symbols -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 10:53:25 2014 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 10:39:51 2014 +0100 doc: corrected typo @@ -39789,32 +44821,32 @@ Date: Fri Nov 28 20:21:52 2014 +0100 use unsigned long in gcm_cast_st -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 26 15:43:55 2014 +0100 corrected issue in AES-256-GCM -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 26 15:20:07 2014 +0100 tests: enhanced cipher check to include all ciphers. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 26 14:56:27 2014 +0100 simplified abstractions over nettle based on Niels' comments. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 26 11:21:29 2014 +0100 API doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 26 11:20:26 2014 +0100 Added test vectors for CCM mode -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 26 10:27:23 2014 +0100 CCM: corrected AEAD decryption @@ -39829,32 +44861,32 @@ Date: Tue Nov 25 19:42:10 2014 +0100 aes-gcm-aead.h: generalized -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 25 17:57:15 2014 +0100 gnutls-cli: added benchmark for CCM -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 25 17:46:55 2014 +0100 tests: updated for AES-128-CCM ciphersuites -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 25 17:27:03 2014 +0100 use the new AEAD API in gnutls_cipher.c -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 25 17:04:25 2014 +0100 Added definitions for CCM ciphersuites -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 24 16:02:25 2014 +0100 Modified crypto backend to accomodate for the CCM ciphersuites -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 24 10:54:55 2014 +0100 More nettle2 updates (in FIPS140-2 mode) @@ -39864,32 +44896,32 @@ Date: Sun Nov 23 22:58:41 2014 +0100 ported to nettle 3.0 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 10:10:05 2014 +0100 reduced current soversion -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 10:06:32 2014 +0100 documented the removal of deprecated functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 09:53:52 2014 +0100 corrected comparison -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 09:49:24 2014 +0100 removed the old gnutls_retr_st compatibility functions -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 09:45:19 2014 +0100 Removed binary compatibility with RSA-EXPORT using applications -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 09:41:33 2014 +0100 removed the old priority functions @@ -39902,27 +44934,27 @@ Date: Wed Dec 3 09:41:33 2014 +0100 gnutls_protocol_set_priority gnutls_certificate_type_set_priority -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 09:37:55 2014 +0100 removed gnutls_x509_crt_verify_hash() and gnutls_x509_crt_verify_data() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 09:35:26 2014 +0100 gnutls_sign_callback_set() and gnutls_sign_callback_get() were removed -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 09:32:21 2014 +0100 renumbered fields in gnutls.h -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Dec 3 09:28:10 2014 +0100 increased gnutls' soversion -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Dec 2 10:50:45 2014 +0100 if the rnd structure doesn't provide check, _gnutls_rnd_check() will succeed @@ -39944,42 +44976,42 @@ Date: Sat Nov 29 15:27:34 2014 +0100 systemkey: updated for new gnutls_system_key_iter_get_info -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 28 16:16:19 2014 +0100 gnutls_system_key_iter_get_info() allows restricting results to a specific certificate type -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 28 16:12:31 2014 +0100 removed unneeded variable -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 28 14:39:58 2014 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 28 13:18:49 2014 +0100 doc: added recommendation to use the higher level functions to load keys -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 28 10:40:34 2014 +0100 certtool: avoid gcc warnings -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 25 11:47:56 2014 +0100 gnutls-cli-debug: Added check for whether %NO_EXTENSIONS is required -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 28 10:32:22 2014 +0100 gnutls_session_get_desc: allow proper printing of the NULL KX -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 28 09:30:04 2014 +0100 gnutls_session_get_desc will return NULL if initial negotiation is not complete @@ -40001,32 +45033,32 @@ Date: Thu Nov 27 22:39:08 2014 +0100 That is when it cannot sort the list and GNUTLS_X509_CRT_LIST_SORT is specified. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 27 16:28:10 2014 +0100 gnutls_pcert_import_x509_list: only sort the lists it can sort -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 27 16:12:33 2014 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 27 16:10:44 2014 +0100 simplified windows URLs -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 27 16:08:46 2014 +0100 system-keys-win: include urls.h -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 27 16:06:46 2014 +0100 tests: added mini-chain-unsorted -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 27 15:06:11 2014 +0100 Added flag GNUTLS_X509_CRT_LIST_SORT for gnutls_x509_crt_list_import* @@ -40073,12 +45105,12 @@ Date: Mon Nov 24 18:54:28 2014 +0100 Patch by Georg Richter. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 24 13:27:09 2014 +0100 gnutls-cli-debug: Added check for sorted certificate chain -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 24 10:40:24 2014 +0100 do not allow the resumption of a session which switches the state of ext_master_secret @@ -40181,12 +45213,12 @@ Date: Fri Nov 21 20:18:08 2014 +0100 This corrects a regression introduced in b5a0de2e6da98866cafb770c3141b7353d030ab2 Reported by Dan Winship. https://savannah.gnu.org/support/?108690 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 21 16:48:45 2014 +0100 removed old news -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 21 16:10:33 2014 +0100 The record version in the client Hello will be set to the lowest supported protocol @@ -40199,14 +45231,14 @@ Date: Fri Nov 21 16:10:33 2014 +0100 version, which describes the format of the packet, nothing to do with the negotiated version). -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 21 15:41:25 2014 +0100 Revert "The priority modifier %LATEST_RECORD_VERSION is now the default" This reverts commit 66c419cc6336ea9a2747574588ffee77458b838f. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 21 15:02:40 2014 +0100 deinitialize the OCSP response der data @@ -40214,22 +45246,22 @@ Date: Fri Nov 21 15:02:40 2014 +0100 That also makes sure that reinitialization of ASN1 structures are done when it is required only. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 21 14:48:50 2014 +0100 gnutls_priority_string_list: allow printing the special keywords as well. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 21 14:18:15 2014 +0100 simplified code involving getrandom() and getentropy() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 20 10:36:23 2014 +0100 configure: detect android system and define a variable -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 20 10:35:26 2014 +0100 separated system-keys implementations @@ -40257,12 +45289,12 @@ Date: Wed Nov 19 23:53:50 2014 +0100 compilation fixes -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 19 11:28:38 2014 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 7 16:14:08 2014 +0100 Added API to read/write/delete key-cert pairs (limited to windows for now) @@ -40332,52 +45364,52 @@ Date: Fri Nov 14 20:10:06 2014 +0100 only print about additional certificates if they are present -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 14 17:22:07 2014 +0100 ocsp: fix DN decoding in gnutls_ocsp_resp_get_responder_raw_id -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 14 11:42:42 2014 +0100 tests: ocsp: added check with a long response -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 14 16:17:58 2014 +0100 use the original DER/BER data when verifying an OCSP response -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 14 11:55:21 2014 +0100 _pkcs1_rsa_verify_sig() simplify hashing -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 14 11:42:15 2014 +0100 ocsp: eliminated duplicate code -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 14 11:05:18 2014 +0100 clarified the multiple paths printing of the verify options -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 14 10:53:31 2014 +0100 gnutls-cli: allow printing the certificates in OCSP responses when --print-cert is specified -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 14 10:47:55 2014 +0100 updated OCSP verification code to better use the trust list, and the KeyHash -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 14 09:34:13 2014 +0100 OCSP printing: Add header in front of certificates -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 14 09:32:40 2014 +0100 added gnutls_pkcs11_get_raw_issuer_by_dn and gnutls_x509_trust_list_get_issuer_by_dn @@ -40397,7 +45429,7 @@ Date: Thu Nov 13 20:56:27 2014 +0100 set the GNUTLS_PIN_CONTEXT_SPECIFIC flag on PIN callback -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 16:31:21 2014 +0100 replaced gnutls_ocsp_resp_get_responder_by_key with gnutls_ocsp_resp_get_responder_raw_id @@ -40405,62 +45437,62 @@ Date: Thu Nov 13 16:31:21 2014 +0100 In addition reverted gnutls_ocsp_resp_get_responder() to the old buggy behavior of returning 0 if the element was missing. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 16:05:44 2014 +0100 certtool: make sure that GNUTLS_PKCS_PLAIN is set when no password should be asked -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 16:05:21 2014 +0100 gnutls_x509_privkey_import2: will not use a callback if GNUTLS_PKCS_PLAIN is specified -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 15:55:50 2014 +0100 the FIPS140-2 testing mode is disabled after self-checks -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 15:50:05 2014 +0100 updated OCSP tests to account for the new key ID -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 15:43:04 2014 +0100 doc update and gnutls_ocsp_resp_get_responder() will always initialized output data -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 15:38:34 2014 +0100 _rnd_get_event: use memset to avoid valgrind complaints -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 15:34:23 2014 +0100 gnutls-cli: print the OCSP response in verbose mode -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 15:30:55 2014 +0100 corrected documentation of OCSP response verification -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 14:39:41 2014 +0100 Added gnutls_ocsp_resp_get_responder_by_key() -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 14:39:07 2014 +0100 dn parsing: return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when DN is not available -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 14:12:15 2014 +0100 gnutls-cli: added option to save the OCSP response -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 12:06:32 2014 +0100 added the notion of preferred sign algorithm in a private key @@ -40469,22 +45501,22 @@ Date: Thu Nov 13 12:06:32 2014 +0100 with the info callback. It is only considered for client side keys in TLS sessions. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 10:18:03 2014 +0100 Added priority string %NO_SESSION_HASH to prevent advertising the extended master secret extension -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 10:06:51 2014 +0100 certificate status requestion response is optional according to RFC6066 -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 09:52:43 2014 +0100 Added flag GNUTLS_OCSP_SR_IS_AVAIL for gnutls_ocsp_status_request_is_checked -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 09:27:38 2014 +0100 rnd: removed the packed attribute from event_st @@ -40492,7 +45524,7 @@ Date: Thu Nov 13 09:27:38 2014 +0100 That prevents a SIGBUS on solaris sparc systems. Reported by Thomas Thorberger. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 09:18:31 2014 +0100 The priority modifier %LATEST_RECORD_VERSION is now the default @@ -40500,7 +45532,7 @@ Date: Thu Nov 13 09:18:31 2014 +0100 This works-around issue with servers that forbit the SSL 3.0 version number from the first packet of the record protocol. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Thu Nov 13 09:16:29 2014 +0100 added check for servers that disallow the SSL 3.0 record version @@ -40510,42 +45542,42 @@ Date: Wed Nov 12 19:44:18 2014 +0100 gnutls-cli: print whether status request has been checked -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 12 16:14:55 2014 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Wed Nov 12 15:44:53 2014 +0100 Enable PIN support to gnutls_x509_privkey_t -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 11 15:16:12 2014 +0100 _gnutls_ucs2_to_utf8() can handle little endian strings. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 11 11:25:57 2014 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 11 11:25:44 2014 +0100 Added gnutls_memcmp() and exported it. -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 11 10:47:56 2014 +0100 indentation fix -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Tue Nov 11 10:40:21 2014 +0100 doc update -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Nov 7 16:05:10 2014 +0100 added gnutls_pkcs12_bag_set_privkey() @@ -40553,22 +45585,22 @@ Date: Fri Nov 7 16:05:10 2014 +0100 Conflicts: lib/libgnutls.map -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 10 12:59:39 2014 +0100 dropped unused copy_func -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Mon Nov 10 11:38:58 2014 +0100 silence warning -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 31 10:08:00 2014 +0100 Added check with the invalid crq sent by Sean Burford -Author: Nikos Mavrogiannopoulos +Author: Nikos Mavrogiannopoulos Date: Fri Oct 31 10:00:32 2014 +0100 when exporting curve coordinates to X9.63 format, perform additional sanity checks on input @@ -40609,28 +45641,3 @@ Author: Nikos Mavrogiannopoulos Date: Fri Nov 7 19:01:57 2014 +0100 pkcs11: pass the correct user type to protected authentication login - -Author: Nikos Mavrogiannopoulos -Date: Fri Nov 7 10:22:11 2014 +0100 - - doc: corrected values for INSECURE level - -Author: Nikos Mavrogiannopoulos -Date: Fri Nov 7 08:55:40 2014 +0100 - - pkcs11: support the CKA_EXTRACTABLE and CKA_NEVER_EXTRACTABLE flags - -Author: Nikos Mavrogiannopoulos -Date: Fri Nov 7 08:44:46 2014 +0100 - - pkcs11: added the flag GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH - -Author: Nikos Mavrogiannopoulos -Date: Fri Nov 7 07:54:41 2014 +0100 - - pkcs11: perform reauth at the appropriate state - -Author: Nikos Mavrogiannopoulos -Date: Fri Nov 7 07:49:54 2014 +0100 - - pkcs11_login: set the correct user type on reauthentication diff --git a/GNUmakefile b/GNUmakefile index da25113..bf05269 100644 --- a/GNUmakefile +++ b/GNUmakefile @@ -5,7 +5,7 @@ # It is necessary if you want to build targets usually of interest # only to the maintainer. -# Copyright (C) 2001, 2003, 2006-2019 Free Software Foundation, Inc. +# Copyright (C) 2001, 2003, 2006-2020 Free Software Foundation, Inc. # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/Makefile.am b/Makefile.am index ffcbc4e..ae5820c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -60,7 +60,7 @@ endif ACLOCAL_AMFLAGS = -I m4 -I src/libopts/m4 -I src/gl/m4 -I lib/unistring/m4 --install EXTRA_DIST = cfg.mk maint.mk CONTRIBUTING.md README.md LICENSE AUTHORS NEWS \ - ChangeLog THANKS INSTALL.md + ChangeLog THANKS INSTALL.md RELEASES.md DISTCLEANFILES = AUTHORS @@ -101,16 +101,16 @@ abi-dump-latest: lib/libgnutls.la libdane/libgnutls-dane.la abi-check-latest: lib/libgnutls.la libdane/libgnutls-dane.la @echo "Checking whether the latest ABI dump matches" - @abidiff --suppressions $(ABIGNORE_FILE) lib/.libs/libgnutls.so $(LIBGNUTLS_ABI_LAST_FILE) --hd2 "$(srcdir)/lib/includes/gnutls/"; if test $$? != 0;then \ + @abidiff --suppressions $(ABIGNORE_FILE) lib/.libs/libgnutls.so $(LIBGNUTLS_ABI_LAST_FILE) --hd2 "$(srcdir)/lib/includes/gnutls/" --hd2 $(builddir)/lib/includes/gnutls/ ; if test $$? != 0;then \ echo "*********************************************************"; \ - echo "libgnutls ABI has changed; use 'make-files-update' "; \ + echo "libgnutls ABI has changed; use 'make files-update' "; \ echo "and use 'git diff' to check correctness before committing"; \ echo "*********************************************************"; \ false; \ fi - @abidiff libdane/.libs/libgnutls-dane.so $(LIBDANE_ABI_LAST_FILE) --hd2 "$(srcdir)/libdane/includes/gnutls/"; if test $$? != 0;then \ + @abidiff libdane/.libs/libgnutls-dane.so $(LIBDANE_ABI_LAST_FILE) --hd2 "$(srcdir)/libdane/includes/gnutls/" --hd2 $(builddir)/lib/includes/gnutls/; if test $$? != 0;then \ echo "*********************************************************"; \ - echo "libgnutls-dane ABI has changed; use 'make-files-update' "; \ + echo "libgnutls-dane ABI has changed; use 'make files-update' "; \ echo "and use 'git diff' to check correctness before committing"; \ echo "*********************************************************"; \ false; \ @@ -123,23 +123,23 @@ ABICHECK_COMMON = --no-added-syms abi-check: lib/libgnutls.la libdane/libgnutls-dane.la @for file in $$(echo $(srcdir)/devel/libgnutls-*-$$(uname -m).abi);do \ echo "Comparing libgnutls with $$file"; \ - abidiff $${file} lib/.libs/libgnutls.so $(ABICHECK_COMMON) --suppressions $(ABIGNORE_FILE) --hd2 "$(srcdir)/lib/includes/gnutls/"; \ + abidiff $${file} lib/.libs/libgnutls.so $(ABICHECK_COMMON) --suppressions $(ABIGNORE_FILE) --hd2 "$(srcdir)/lib/includes/gnutls/" --hd2 $(builddir)/lib/includes/gnutls/; \ if test $$? != 0;then \ echo "****************************************************************************"; \ echo "ABI check failed; If intentional add suppression in devel/libgnutls.abignore"; \ echo "****************************************************************************"; \ - false; \ + exit 1; \ fi; \ done @for file in $$(echo $(srcdir)/devel/libdane-*-$$(uname -m).abi);do \ echo "Comparing libgnutls-dane with $$file"; \ - abidiff $${file} libdane/.libs/libgnutls-dane.so $(ABICHECK_COMMON) --hd2 "$(srcdir)/libdane/includes/gnutls/"; \ + abidiff $${file} libdane/.libs/libgnutls-dane.so $(ABICHECK_COMMON) --hd2 "$(srcdir)/libdane/includes/gnutls/" --hd2 $(builddir)/lib/includes/gnutls/; \ if test $$? != 0;then \ echo "**********************************************"; \ echo "ABI check failed; If intentional add a "; \ echo "libabigail suppression file for libgnutls-dane"; \ echo "**********************************************"; \ - false; \ + exit 1; \ fi; \ done @echo "********************" @@ -158,7 +158,7 @@ symbol-check: lib/libgnutls.la false; \ else \ echo "*************************************************************"; \ - echo "Symbols were added in the library; use 'make-files-update' "; \ + echo "Symbols were added in the library; use 'make files-update' "; \ echo "and use 'git diff' to check correctness before committing "; \ echo "*************************************************************"; \ false; \ @@ -204,6 +204,6 @@ dist-hook: libopts-check $(MAKE) -C doc/manpages compare-makefile $(MAKE) ChangeLog mv ChangeLog $(distdir) - touch $(distdir)/doc/*.html $(distdir)/doc/*.pdf $(distdir)/doc/*.info + touch -c $(distdir)/doc/*.html $(distdir)/doc/*.pdf $(distdir)/doc/*.info .PHONY: abi-check abi-dump-versioned abi-dump-latest pic-check symbol-check local-code-coverage-output files-update libopts-check AUTHORS diff --git a/Makefile.in b/Makefile.in index 6112bf6..46ccf9c 100644 --- a/Makefile.in +++ b/Makefile.in @@ -35,7 +35,7 @@ # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # aminclude_static.am generated automatically by Autoconf -# from AX_AM_MACROS_STATIC on Tue May 28 07:09:17 CEST 2019 +# from AX_AM_MACROS_STATIC on Wed Jun 3 15:05:51 CEST 2020 VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ @@ -122,7 +122,6 @@ ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/lib/unistring/m4/inline.m4 \ $(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \ - $(top_srcdir)/src/gl/m4/__inline.m4 \ $(top_srcdir)/src/gl/m4/bison.m4 \ $(top_srcdir)/src/gl/m4/clock_time.m4 \ $(top_srcdir)/src/gl/m4/fseek.m4 \ @@ -142,7 +141,7 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/src/gl/m4/tzset.m4 \ $(top_srcdir)/src/libopts/m4/libopts.m4 \ $(top_srcdir)/src/libopts/m4/stdnoreturn.m4 \ - $(top_srcdir)/m4/00gnulib.m4 \ + $(top_srcdir)/m4/00gnulib.m4 $(top_srcdir)/m4/__inline.m4 \ $(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \ $(top_srcdir)/m4/arpa_inet_h.m4 \ $(top_srcdir)/m4/ax_ac_append_to_file.m4 \ @@ -157,18 +156,19 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/codeset.m4 $(top_srcdir)/m4/ctype.m4 \ $(top_srcdir)/m4/dup2.m4 $(top_srcdir)/m4/eealloc.m4 \ $(top_srcdir)/m4/environ.m4 $(top_srcdir)/m4/errno_h.m4 \ + $(top_srcdir)/m4/explicit_bzero.m4 \ $(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \ $(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \ $(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \ $(top_srcdir)/m4/fdopen.m4 $(top_srcdir)/m4/flexmember.m4 \ - $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fpieee.m4 \ - $(top_srcdir)/m4/fseeko.m4 $(top_srcdir)/m4/fstat.m4 \ - $(top_srcdir)/m4/ftell.m4 $(top_srcdir)/m4/ftello.m4 \ - $(top_srcdir)/m4/ftruncate.m4 $(top_srcdir)/m4/func.m4 \ - $(top_srcdir)/m4/getcwd.m4 $(top_srcdir)/m4/getdelim.m4 \ - $(top_srcdir)/m4/getdtablesize.m4 $(top_srcdir)/m4/getline.m4 \ - $(top_srcdir)/m4/getpagesize.m4 $(top_srcdir)/m4/gettext.m4 \ - $(top_srcdir)/m4/gettimeofday.m4 \ + $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \ + $(top_srcdir)/m4/fpieee.m4 $(top_srcdir)/m4/fseeko.m4 \ + $(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \ + $(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/ftruncate.m4 \ + $(top_srcdir)/m4/func.m4 $(top_srcdir)/m4/getcwd.m4 \ + $(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \ + $(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/getpagesize.m4 \ + $(top_srcdir)/m4/gettext.m4 $(top_srcdir)/m4/gettimeofday.m4 \ $(top_srcdir)/m4/gnulib-common.m4 \ $(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \ $(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \ @@ -177,12 +177,13 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/inet_pton.m4 \ $(top_srcdir)/m4/intl-thread-locale.m4 \ $(top_srcdir)/m4/intlmacosx.m4 $(top_srcdir)/m4/intmax_t.m4 \ - $(top_srcdir)/m4/inttypes-pri.m4 $(top_srcdir)/m4/inttypes.m4 \ - $(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/ioctl.m4 \ - $(top_srcdir)/m4/isblank.m4 $(top_srcdir)/m4/langinfo_h.m4 \ - $(top_srcdir)/m4/largefile.m4 $(top_srcdir)/m4/lcmessage.m4 \ + $(top_srcdir)/m4/inttostr.m4 $(top_srcdir)/m4/inttypes-pri.m4 \ + $(top_srcdir)/m4/inttypes.m4 $(top_srcdir)/m4/inttypes_h.m4 \ + $(top_srcdir)/m4/ioctl.m4 $(top_srcdir)/m4/isblank.m4 \ + $(top_srcdir)/m4/langinfo_h.m4 $(top_srcdir)/m4/largefile.m4 \ + $(top_srcdir)/m4/lcmessage.m4 \ $(top_srcdir)/m4/ld-output-def.m4 \ - $(top_srcdir)/m4/ld-version-script.m4 \ + $(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/locale-fr.m4 \ @@ -190,27 +191,32 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/locale-zh.m4 $(top_srcdir)/m4/locale_h.m4 \ $(top_srcdir)/m4/localename.m4 \ $(top_srcdir)/m4/localtime-buffer.m4 $(top_srcdir)/m4/lock.m4 \ - $(top_srcdir)/m4/longlong.m4 $(top_srcdir)/m4/lseek.m4 \ - $(top_srcdir)/m4/lstat.m4 $(top_srcdir)/m4/ltoptions.m4 \ - $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ - $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \ - $(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \ - $(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \ - $(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \ - $(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \ + $(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/lstat.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/malloc.m4 $(top_srcdir)/m4/malloca.m4 \ + $(top_srcdir)/m4/manywarnings.m4 $(top_srcdir)/m4/memchr.m4 \ + $(top_srcdir)/m4/memmem.m4 $(top_srcdir)/m4/minmax.m4 \ + $(top_srcdir)/m4/mmap-anon.m4 $(top_srcdir)/m4/mode_t.m4 \ + $(top_srcdir)/m4/msvc-inval.m4 \ $(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \ $(top_srcdir)/m4/nanosleep.m4 $(top_srcdir)/m4/netdb_h.m4 \ $(top_srcdir)/m4/netinet_in_h.m4 $(top_srcdir)/m4/nls.m4 \ $(top_srcdir)/m4/off_t.m4 $(top_srcdir)/m4/open-cloexec.m4 \ - $(top_srcdir)/m4/open.m4 $(top_srcdir)/m4/pathmax.m4 \ - $(top_srcdir)/m4/perror.m4 $(top_srcdir)/m4/pipe.m4 \ - $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/m4/po.m4 \ - $(top_srcdir)/m4/printf.m4 $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \ + $(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/perror.m4 \ + $(top_srcdir)/m4/pipe.m4 $(top_srcdir)/m4/pkg.m4 \ + $(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \ + $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/pthread-thread.m4 \ + $(top_srcdir)/m4/pthread_h.m4 \ $(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \ - $(top_srcdir)/m4/putenv.m4 $(top_srcdir)/m4/raise.m4 \ - $(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \ + $(top_srcdir)/m4/pthread_sigmask.m4 $(top_srcdir)/m4/putenv.m4 \ + $(top_srcdir)/m4/raise.m4 $(top_srcdir)/m4/read-file.m4 \ + $(top_srcdir)/m4/realloc.m4 $(top_srcdir)/m4/sched_h.m4 \ $(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/select.m4 \ $(top_srcdir)/m4/setenv.m4 $(top_srcdir)/m4/setlocale.m4 \ + $(top_srcdir)/m4/setlocale_null.m4 \ $(top_srcdir)/m4/sigaction.m4 $(top_srcdir)/m4/signal_h.m4 \ $(top_srcdir)/m4/signalblocking.m4 \ $(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/sleep.m4 \ @@ -218,29 +224,30 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/sockets.m4 $(top_srcdir)/m4/socklen.m4 \ $(top_srcdir)/m4/sockpfaf.m4 $(top_srcdir)/m4/ssize_t.m4 \ $(top_srcdir)/m4/stat-time.m4 $(top_srcdir)/m4/stat.m4 \ - $(top_srcdir)/m4/stdalign.m4 $(top_srcdir)/m4/stdbool.m4 \ - $(top_srcdir)/m4/stddef_h.m4 $(top_srcdir)/m4/stdint.m4 \ - $(top_srcdir)/m4/stdint_h.m4 $(top_srcdir)/m4/stdio_h.m4 \ - $(top_srcdir)/m4/stdlib_h.m4 $(top_srcdir)/m4/strcase.m4 \ - $(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/strerror.m4 \ - $(top_srcdir)/m4/strerror_r.m4 $(top_srcdir)/m4/string_h.m4 \ - $(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \ - $(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \ - $(top_srcdir)/m4/strverscmp.m4 $(top_srcdir)/m4/symlink.m4 \ - $(top_srcdir)/m4/sys_ioctl_h.m4 \ + $(top_srcdir)/m4/std-gnu11.m4 $(top_srcdir)/m4/stdalign.m4 \ + $(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \ + $(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \ + $(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \ + $(top_srcdir)/m4/strcase.m4 $(top_srcdir)/m4/strdup.m4 \ + $(top_srcdir)/m4/strerror.m4 $(top_srcdir)/m4/strerror_r.m4 \ + $(top_srcdir)/m4/string_h.m4 $(top_srcdir)/m4/strings_h.m4 \ + $(top_srcdir)/m4/strndup.m4 $(top_srcdir)/m4/strnlen.m4 \ + $(top_srcdir)/m4/strtok_r.m4 $(top_srcdir)/m4/strverscmp.m4 \ + $(top_srcdir)/m4/symlink.m4 $(top_srcdir)/m4/sys_ioctl_h.m4 \ $(top_srcdir)/m4/sys_select_h.m4 \ $(top_srcdir)/m4/sys_socket_h.m4 \ $(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \ $(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \ - $(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \ - $(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \ - $(top_srcdir)/m4/unistd_h.m4 \ + $(top_srcdir)/m4/thread.m4 $(top_srcdir)/m4/threadlib.m4 \ + $(top_srcdir)/m4/time_h.m4 $(top_srcdir)/m4/time_r.m4 \ + $(top_srcdir)/m4/ungetc.m4 $(top_srcdir)/m4/unistd_h.m4 \ $(top_srcdir)/m4/valgrind-tests.m4 \ $(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \ - $(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \ - $(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \ - $(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \ - $(top_srcdir)/m4/xsize.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/visibility.m4 $(top_srcdir)/m4/vsnprintf.m4 \ + $(top_srcdir)/m4/warn-on-use.m4 $(top_srcdir)/m4/warnings.m4 \ + $(top_srcdir)/m4/wchar_h.m4 $(top_srcdir)/m4/wchar_t.m4 \ + $(top_srcdir)/m4/wint_t.m4 $(top_srcdir)/m4/xsize.m4 \ + $(top_srcdir)/m4/zzgnulib.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(top_srcdir)/configure \ @@ -249,7 +256,8 @@ am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ configure.lineno config.status.lineno mkinstalldirs = $(install_sh) -d CONFIG_HEADER = config.h -CONFIG_CLEAN_FILES = doc/doxygen/Doxyfile lib/includes/gnutls/gnutls.h +CONFIG_CLEAN_FILES = ldd.sh doc/doxygen/Doxyfile \ + lib/includes/gnutls/gnutls.h CONFIG_CLEAN_VPATH_FILES = AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) @@ -311,20 +319,20 @@ DIST_SUBDIRS = gl lib extra libdane po src/gl src tests fuzz guile \ doc/manpages doc am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in \ $(top_srcdir)/aminclude_static.am \ - $(top_srcdir)/build-aux/ar-lib $(top_srcdir)/build-aux/compile \ + $(top_srcdir)/build-aux/ar-lib \ $(top_srcdir)/build-aux/config.guess \ $(top_srcdir)/build-aux/config.rpath \ $(top_srcdir)/build-aux/config.sub \ $(top_srcdir)/build-aux/install-sh \ + $(top_srcdir)/build-aux/ldd.sh.in \ $(top_srcdir)/build-aux/ltmain.sh \ $(top_srcdir)/build-aux/missing \ $(top_srcdir)/doc/doxygen/Doxyfile.in \ $(top_srcdir)/lib/includes/gnutls/gnutls.h.in ABOUT-NLS \ - AUTHORS ChangeLog INSTALL NEWS THANKS build-aux/ar-lib \ - build-aux/compile build-aux/config.guess \ - build-aux/config.rpath build-aux/config.sub build-aux/depcomp \ - build-aux/install-sh build-aux/ltmain.sh build-aux/mdate-sh \ - build-aux/missing build-aux/texinfo.tex build-aux/ylwrap + AUTHORS ChangeLog NEWS THANKS build-aux/ar-lib \ + build-aux/config.guess build-aux/config.rpath \ + build-aux/config.sub build-aux/install-sh build-aux/ltmain.sh \ + build-aux/missing DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) @@ -392,6 +400,7 @@ CCASDEPMODE = @CCASDEPMODE@ CCASFLAGS = @CCASFLAGS@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ +CFLAG_VISIBILITY = @CFLAG_VISIBILITY@ CMOCKA_CFLAGS = @CMOCKA_CFLAGS@ CMOCKA_LIBS = @CMOCKA_LIBS@ CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@ @@ -444,6 +453,7 @@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GNULIB_ACCEPT = @GNULIB_ACCEPT@ GNULIB_ACCEPT4 = @GNULIB_ACCEPT4@ +GNULIB_ACCESS = @GNULIB_ACCESS@ GNULIB_ATOLL = @GNULIB_ATOLL@ GNULIB_BIND = @GNULIB_BIND@ GNULIB_BTOWC = @GNULIB_BTOWC@ @@ -453,6 +463,8 @@ GNULIB_CHDIR = @GNULIB_CHDIR@ GNULIB_CHOWN = @GNULIB_CHOWN@ GNULIB_CLOSE = @GNULIB_CLOSE@ GNULIB_CONNECT = @GNULIB_CONNECT@ +GNULIB_COPY_FILE_RANGE = @GNULIB_COPY_FILE_RANGE@ +GNULIB_CREAT = @GNULIB_CREAT@ GNULIB_CTIME = @GNULIB_CTIME@ GNULIB_DPRINTF = @GNULIB_DPRINTF@ GNULIB_DUP = @GNULIB_DUP@ @@ -502,15 +514,18 @@ GNULIB_GETCWD = @GNULIB_GETCWD@ GNULIB_GETDELIM = @GNULIB_GETDELIM@ GNULIB_GETDOMAINNAME = @GNULIB_GETDOMAINNAME@ GNULIB_GETDTABLESIZE = @GNULIB_GETDTABLESIZE@ +GNULIB_GETENTROPY = @GNULIB_GETENTROPY@ GNULIB_GETGROUPS = @GNULIB_GETGROUPS@ GNULIB_GETHOSTNAME = @GNULIB_GETHOSTNAME@ GNULIB_GETLINE = @GNULIB_GETLINE@ GNULIB_GETLOADAVG = @GNULIB_GETLOADAVG@ GNULIB_GETLOGIN = @GNULIB_GETLOGIN@ GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@ +GNULIB_GETOPT_POSIX = @GNULIB_GETOPT_POSIX@ GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@ GNULIB_GETPASS = @GNULIB_GETPASS@ GNULIB_GETPEERNAME = @GNULIB_GETPEERNAME@ +GNULIB_GETRANDOM = @GNULIB_GETRANDOM@ GNULIB_GETSOCKNAME = @GNULIB_GETSOCKNAME@ GNULIB_GETSOCKOPT = @GNULIB_GETSOCKOPT@ GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@ @@ -590,7 +605,15 @@ GNULIB_PREAD = @GNULIB_PREAD@ GNULIB_PRINTF = @GNULIB_PRINTF@ GNULIB_PRINTF_POSIX = @GNULIB_PRINTF_POSIX@ GNULIB_PSELECT = @GNULIB_PSELECT@ +GNULIB_PTHREAD_COND = @GNULIB_PTHREAD_COND@ +GNULIB_PTHREAD_MUTEX = @GNULIB_PTHREAD_MUTEX@ +GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GNULIB_PTHREAD_MUTEX_TIMEDLOCK@ +GNULIB_PTHREAD_ONCE = @GNULIB_PTHREAD_ONCE@ +GNULIB_PTHREAD_RWLOCK = @GNULIB_PTHREAD_RWLOCK@ GNULIB_PTHREAD_SIGMASK = @GNULIB_PTHREAD_SIGMASK@ +GNULIB_PTHREAD_SPIN = @GNULIB_PTHREAD_SPIN@ +GNULIB_PTHREAD_THREAD = @GNULIB_PTHREAD_THREAD@ +GNULIB_PTHREAD_TSS = @GNULIB_PTHREAD_TSS@ GNULIB_PTSNAME = @GNULIB_PTSNAME@ GNULIB_PTSNAME_R = @GNULIB_PTSNAME_R@ GNULIB_PUTC = @GNULIB_PUTC@ @@ -617,6 +640,7 @@ GNULIB_RENAMEAT = @GNULIB_RENAMEAT@ GNULIB_RMDIR = @GNULIB_RMDIR@ GNULIB_RPMATCH = @GNULIB_RPMATCH@ GNULIB_SCANF = @GNULIB_SCANF@ +GNULIB_SCHED_YIELD = @GNULIB_SCHED_YIELD@ GNULIB_SECURE_GETENV = @GNULIB_SECURE_GETENV@ GNULIB_SELECT = @GNULIB_SELECT@ GNULIB_SEND = @GNULIB_SEND@ @@ -624,6 +648,7 @@ GNULIB_SENDTO = @GNULIB_SENDTO@ GNULIB_SETENV = @GNULIB_SETENV@ GNULIB_SETHOSTNAME = @GNULIB_SETHOSTNAME@ GNULIB_SETLOCALE = @GNULIB_SETLOCALE@ +GNULIB_SETLOCALE_NULL = @GNULIB_SETLOCALE_NULL@ GNULIB_SETSOCKOPT = @GNULIB_SETSOCKOPT@ GNULIB_SHUTDOWN = @GNULIB_SHUTDOWN@ GNULIB_SIGACTION = @GNULIB_SIGACTION@ @@ -753,6 +778,7 @@ HAVE_BTOWC = @HAVE_BTOWC@ HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@ HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@ HAVE_CHOWN = @HAVE_CHOWN@ +HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@ HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@ HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@ HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@ @@ -824,11 +850,13 @@ HAVE_FTELLO = @HAVE_FTELLO@ HAVE_FTRUNCATE = @HAVE_FTRUNCATE@ HAVE_FUTIMENS = @HAVE_FUTIMENS@ HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@ +HAVE_GETENTROPY = @HAVE_GETENTROPY@ HAVE_GETGROUPS = @HAVE_GETGROUPS@ HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@ HAVE_GETLOGIN = @HAVE_GETLOGIN@ HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@ HAVE_GETPASS = @HAVE_GETPASS@ +HAVE_GETRANDOM = @HAVE_GETRANDOM@ HAVE_GETSUBOPT = @HAVE_GETSUBOPT@ HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@ HAVE_GRANTPT = @HAVE_GRANTPT@ @@ -847,12 +875,12 @@ HAVE_LCHMOD = @HAVE_LCHMOD@ HAVE_LCHOWN = @HAVE_LCHOWN@ HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@ HAVE_LIBDL = @HAVE_LIBDL@ +HAVE_LIBEV = @HAVE_LIBEV@ HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@ HAVE_LIBRT = @HAVE_LIBRT@ HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@ HAVE_LINK = @HAVE_LINK@ HAVE_LINKAT = @HAVE_LINKAT@ -HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@ HAVE_LSTAT = @HAVE_LSTAT@ HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@ HAVE_MBRLEN = @HAVE_MBRLEN@ @@ -890,7 +918,65 @@ HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@ HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@ HAVE_PREAD = @HAVE_PREAD@ HAVE_PSELECT = @HAVE_PSELECT@ +HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@ +HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@ +HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@ +HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@ +HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@ +HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@ +HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@ +HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@ +HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@ +HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@ +HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@ +HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@ +HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@ +HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@ +HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@ +HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@ +HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@ +HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@ +HAVE_PTHREAD_H = @HAVE_PTHREAD_H@ +HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@ +HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@ +HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@ +HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@ +HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@ +HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@ +HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@ +HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@ +HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@ +HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@ +HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@ +HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@ +HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@ +HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@ +HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@ +HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@ +HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@ +HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@ +HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@ +HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@ +HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@ +HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@ +HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@ +HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@ +HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@ +HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@ +HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@ +HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@ +HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@ HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@ +HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@ +HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@ +HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@ +HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@ +HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@ +HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@ +HAVE_PTHREAD_T = @HAVE_PTHREAD_T@ HAVE_PTSNAME = @HAVE_PTSNAME@ HAVE_PTSNAME_R = @HAVE_PTSNAME_R@ HAVE_PWRITE = @HAVE_PWRITE@ @@ -907,6 +993,8 @@ HAVE_REALPATH = @HAVE_REALPATH@ HAVE_RENAMEAT = @HAVE_RENAMEAT@ HAVE_RPMATCH = @HAVE_RPMATCH@ HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@ +HAVE_SCHED_H = @HAVE_SCHED_H@ +HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@ HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@ HAVE_SETENV = @HAVE_SETENV@ HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@ @@ -935,6 +1023,7 @@ HAVE_STRTOLL = @HAVE_STRTOLL@ HAVE_STRTOULL = @HAVE_STRTOULL@ HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@ HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@ +HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@ HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@ HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@ HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@ @@ -943,6 +1032,7 @@ HAVE_STRVERSCMP = @HAVE_STRVERSCMP@ HAVE_SYMLINK = @HAVE_SYMLINK@ HAVE_SYMLINKAT = @HAVE_SYMLINKAT@ HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@ +HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@ HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@ HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@ HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@ @@ -959,11 +1049,11 @@ HAVE_TZSET = @HAVE_TZSET@ HAVE_UNISTD_H = @HAVE_UNISTD_H@ HAVE_UNLINKAT = @HAVE_UNLINKAT@ HAVE_UNLOCKPT = @HAVE_UNLOCKPT@ -HAVE_UNSIGNED_LONG_LONG_INT = @HAVE_UNSIGNED_LONG_LONG_INT@ HAVE_USLEEP = @HAVE_USLEEP@ HAVE_UTIMENSAT = @HAVE_UTIMENSAT@ HAVE_VASPRINTF = @HAVE_VASPRINTF@ HAVE_VDPRINTF = @HAVE_VDPRINTF@ +HAVE_VISIBILITY = @HAVE_VISIBILITY@ HAVE_WCHAR_H = @HAVE_WCHAR_H@ HAVE_WCHAR_T = @HAVE_WCHAR_T@ HAVE_WCPCPY = @HAVE_WCPCPY@ @@ -1023,12 +1113,18 @@ INTLLIBS = @INTLLIBS@ INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ LCOV = @LCOV@ LD = @LD@ +LDDPOSTPROC = @LDDPOSTPROC@ +LDDPROG = @LDDPROG@ LDFLAGS = @LDFLAGS@ LIBATOMIC_LIBS = @LIBATOMIC_LIBS@ +LIBBCRYPT = @LIBBCRYPT@ LIBCRYPTO = @LIBCRYPTO@ LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@ LIBDL = @LIBDL@ LIBDL_PREFIX = @LIBDL_PREFIX@ +LIBEV = @LIBEV@ +LIBEV_LIBS = @LIBEV_LIBS@ +LIBEV_PREFIX = @LIBEV_PREFIX@ LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@ LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@ LIBICONV = @LIBICONV@ @@ -1036,20 +1132,21 @@ LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@ LIBIDN2_LIBS = @LIBIDN2_LIBS@ LIBINTL = @LIBINTL@ LIBMULTITHREAD = @LIBMULTITHREAD@ +LIBNCRYPT = @LIBNCRYPT@ LIBOBJS = @LIBOBJS@ LIBOPTS_CFLAGS = @LIBOPTS_CFLAGS@ LIBOPTS_DIR = @LIBOPTS_DIR@ LIBOPTS_LDADD = @LIBOPTS_LDADD@ -LIBPTH = @LIBPTH@ +LIBPMULTITHREAD = @LIBPMULTITHREAD@ LIBPTHREAD = @LIBPTHREAD@ LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@ -LIBPTH_PREFIX = @LIBPTH_PREFIX@ LIBRT = @LIBRT@ LIBRT_PREFIX = @LIBRT_PREFIX@ LIBS = @LIBS@ LIBSECCOMP = @LIBSECCOMP@ LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@ LIBSOCKET = @LIBSOCKET@ +LIBSTDTHREAD = @LIBSTDTHREAD@ LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@ LIBTASN1_LIBS = @LIBTASN1_LIBS@ LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@ @@ -1061,8 +1158,14 @@ LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@ LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@ LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@ LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@ +LIB_CRYPT32 = @LIB_CRYPT32@ LIB_NANOSLEEP = @LIB_NANOSLEEP@ +LIB_PTHREAD = @LIB_PTHREAD@ +LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@ +LIB_SCHED_YIELD = @LIB_SCHED_YIELD@ LIB_SELECT = @LIB_SELECT@ +LIB_SETLOCALE = @LIB_SETLOCALE@ +LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@ LIMITS_H = @LIMITS_H@ LIPO = @LIPO@ LN_S = @LN_S@ @@ -1074,11 +1177,11 @@ LOCALE_ZH_CN = @LOCALE_ZH_CN@ LTALLOCA = @LTALLOCA@ LTLIBCRYPTO = @LTLIBCRYPTO@ LTLIBDL = @LTLIBDL@ +LTLIBEV = @LTLIBEV@ LTLIBICONV = @LTLIBICONV@ LTLIBINTL = @LTLIBINTL@ LTLIBMULTITHREAD = @LTLIBMULTITHREAD@ LTLIBOBJS = @LTLIBOBJS@ -LTLIBPTH = @LTLIBPTH@ LTLIBPTHREAD = @LTLIBPTHREAD@ LTLIBRT = @LTLIBRT@ LTLIBSECCOMP = @LTLIBSECCOMP@ @@ -1120,6 +1223,8 @@ NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@ NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@ NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@ NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@ +NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@ +NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@ NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@ NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@ NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@ @@ -1147,6 +1252,8 @@ NEXT_LIMITS_H = @NEXT_LIMITS_H@ NEXT_LOCALE_H = @NEXT_LOCALE_H@ NEXT_NETDB_H = @NEXT_NETDB_H@ NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@ +NEXT_PTHREAD_H = @NEXT_PTHREAD_H@ +NEXT_SCHED_H = @NEXT_SCHED_H@ NEXT_SIGNAL_H = @NEXT_SIGNAL_H@ NEXT_STDDEF_H = @NEXT_STDDEF_H@ NEXT_STDINT_H = @NEXT_STDINT_H@ @@ -1180,6 +1287,7 @@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ +PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@ PATCH_VERSION = @PATCH_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ @@ -1195,17 +1303,20 @@ PRI_MACROS_BROKEN = @PRI_MACROS_BROKEN@ PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@ PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@ RANLIB = @RANLIB@ +REPLACE_ACCESS = @REPLACE_ACCESS@ REPLACE_BTOWC = @REPLACE_BTOWC@ REPLACE_CALLOC = @REPLACE_CALLOC@ REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@ REPLACE_CHOWN = @REPLACE_CHOWN@ REPLACE_CLOSE = @REPLACE_CLOSE@ +REPLACE_CREAT = @REPLACE_CREAT@ REPLACE_CTIME = @REPLACE_CTIME@ REPLACE_DPRINTF = @REPLACE_DPRINTF@ REPLACE_DUP = @REPLACE_DUP@ REPLACE_DUP2 = @REPLACE_DUP2@ REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@ REPLACE_FACCESSAT = @REPLACE_FACCESSAT@ +REPLACE_FCHMODAT = @REPLACE_FCHMODAT@ REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@ REPLACE_FCLOSE = @REPLACE_FCLOSE@ REPLACE_FCNTL = @REPLACE_FCNTL@ @@ -1225,6 +1336,7 @@ REPLACE_FTELLO = @REPLACE_FTELLO@ REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@ REPLACE_FUTIMENS = @REPLACE_FUTIMENS@ REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@ +REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@ REPLACE_GETCWD = @REPLACE_GETCWD@ REPLACE_GETDELIM = @REPLACE_GETDELIM@ REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@ @@ -1277,7 +1389,58 @@ REPLACE_POPEN = @REPLACE_POPEN@ REPLACE_PREAD = @REPLACE_PREAD@ REPLACE_PRINTF = @REPLACE_PRINTF@ REPLACE_PSELECT = @REPLACE_PSELECT@ +REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@ +REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@ +REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@ +REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@ +REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@ +REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@ +REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@ +REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@ +REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@ +REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@ +REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@ +REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@ +REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@ +REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@ +REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@ +REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@ +REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@ +REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@ +REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@ +REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@ +REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@ +REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@ +REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@ +REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@ +REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@ +REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@ +REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@ +REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@ +REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@ +REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@ +REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@ +REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@ +REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@ +REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@ +REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@ +REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@ +REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@ +REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@ +REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@ +REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@ REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@ +REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@ +REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@ +REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@ +REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@ +REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@ REPLACE_PTSNAME = @REPLACE_PTSNAME@ REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@ REPLACE_PUTENV = @REPLACE_PUTENV@ @@ -1295,6 +1458,7 @@ REPLACE_REMOVE = @REPLACE_REMOVE@ REPLACE_RENAME = @REPLACE_RENAME@ REPLACE_RENAMEAT = @REPLACE_RENAMEAT@ REPLACE_RMDIR = @REPLACE_RMDIR@ +REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@ REPLACE_SELECT = @REPLACE_SELECT@ REPLACE_SETENV = @REPLACE_SETENV@ REPLACE_SETLOCALE = @REPLACE_SETLOCALE@ @@ -1346,6 +1510,7 @@ REPLACE_WCRTOMB = @REPLACE_WCRTOMB@ REPLACE_WCSFTIME = @REPLACE_WCSFTIME@ REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@ REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@ +REPLACE_WCSTOK = @REPLACE_WCSTOK@ REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@ REPLACE_WCTOB = @REPLACE_WCTOB@ REPLACE_WCTOMB = @REPLACE_WCTOMB@ @@ -1394,7 +1559,6 @@ XGETTEXT = @XGETTEXT@ XGETTEXT_015 = @XGETTEXT_015@ XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ YACC = @YACC@ -YEAR = @YEAR@ YFLAGS = @YFLAGS@ abs_aux_dir = @abs_aux_dir@ abs_builddir = @abs_builddir@ @@ -1454,13 +1618,13 @@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +maybe_guileextensiondir = @maybe_guileextensiondir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ -runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ @@ -1488,7 +1652,7 @@ SUBDIRS = gl lib extra $(am__append_1) po $(am__append_2) \ $(am__append_6) $(am__append_7) ACLOCAL_AMFLAGS = -I m4 -I src/libopts/m4 -I src/gl/m4 -I lib/unistring/m4 --install EXTRA_DIST = cfg.mk maint.mk CONTRIBUTING.md README.md LICENSE AUTHORS NEWS \ - ChangeLog THANKS INSTALL.md + ChangeLog THANKS INSTALL.md RELEASES.md DISTCLEANFILES = AUTHORS ABIDW_COMMON = --no-show-locs --no-corpus-path @@ -1567,6 +1731,8 @@ $(srcdir)/config.h.in: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) distclean-hdr: -rm -f config.h stamp-h1 +ldd.sh: $(top_builddir)/config.status $(top_srcdir)/build-aux/ldd.sh.in + cd $(top_builddir) && $(SHELL) ./config.status $@ doc/doxygen/Doxyfile: $(top_builddir)/config.status $(top_srcdir)/doc/doxygen/Doxyfile.in cd $(top_builddir) && $(SHELL) ./config.status $@ lib/includes/gnutls/gnutls.h: $(top_builddir)/config.status $(top_srcdir)/lib/includes/gnutls/gnutls.h.in @@ -2039,16 +2205,16 @@ abi-dump-latest: lib/libgnutls.la libdane/libgnutls-dane.la abi-check-latest: lib/libgnutls.la libdane/libgnutls-dane.la @echo "Checking whether the latest ABI dump matches" - @abidiff --suppressions $(ABIGNORE_FILE) lib/.libs/libgnutls.so $(LIBGNUTLS_ABI_LAST_FILE) --hd2 "$(srcdir)/lib/includes/gnutls/"; if test $$? != 0;then \ + @abidiff --suppressions $(ABIGNORE_FILE) lib/.libs/libgnutls.so $(LIBGNUTLS_ABI_LAST_FILE) --hd2 "$(srcdir)/lib/includes/gnutls/" --hd2 $(builddir)/lib/includes/gnutls/ ; if test $$? != 0;then \ echo "*********************************************************"; \ - echo "libgnutls ABI has changed; use 'make-files-update' "; \ + echo "libgnutls ABI has changed; use 'make files-update' "; \ echo "and use 'git diff' to check correctness before committing"; \ echo "*********************************************************"; \ false; \ fi - @abidiff libdane/.libs/libgnutls-dane.so $(LIBDANE_ABI_LAST_FILE) --hd2 "$(srcdir)/libdane/includes/gnutls/"; if test $$? != 0;then \ + @abidiff libdane/.libs/libgnutls-dane.so $(LIBDANE_ABI_LAST_FILE) --hd2 "$(srcdir)/libdane/includes/gnutls/" --hd2 $(builddir)/lib/includes/gnutls/; if test $$? != 0;then \ echo "*********************************************************"; \ - echo "libgnutls-dane ABI has changed; use 'make-files-update' "; \ + echo "libgnutls-dane ABI has changed; use 'make files-update' "; \ echo "and use 'git diff' to check correctness before committing"; \ echo "*********************************************************"; \ false; \ @@ -2059,23 +2225,23 @@ abi-check-latest: lib/libgnutls.la libdane/libgnutls-dane.la abi-check: lib/libgnutls.la libdane/libgnutls-dane.la @for file in $$(echo $(srcdir)/devel/libgnutls-*-$$(uname -m).abi);do \ echo "Comparing libgnutls with $$file"; \ - abidiff $${file} lib/.libs/libgnutls.so $(ABICHECK_COMMON) --suppressions $(ABIGNORE_FILE) --hd2 "$(srcdir)/lib/includes/gnutls/"; \ + abidiff $${file} lib/.libs/libgnutls.so $(ABICHECK_COMMON) --suppressions $(ABIGNORE_FILE) --hd2 "$(srcdir)/lib/includes/gnutls/" --hd2 $(builddir)/lib/includes/gnutls/; \ if test $$? != 0;then \ echo "****************************************************************************"; \ echo "ABI check failed; If intentional add suppression in devel/libgnutls.abignore"; \ echo "****************************************************************************"; \ - false; \ + exit 1; \ fi; \ done @for file in $$(echo $(srcdir)/devel/libdane-*-$$(uname -m).abi);do \ echo "Comparing libgnutls-dane with $$file"; \ - abidiff $${file} libdane/.libs/libgnutls-dane.so $(ABICHECK_COMMON) --hd2 "$(srcdir)/libdane/includes/gnutls/"; \ + abidiff $${file} libdane/.libs/libgnutls-dane.so $(ABICHECK_COMMON) --hd2 "$(srcdir)/libdane/includes/gnutls/" --hd2 $(builddir)/lib/includes/gnutls/; \ if test $$? != 0;then \ echo "**********************************************"; \ echo "ABI check failed; If intentional add a "; \ echo "libabigail suppression file for libgnutls-dane"; \ echo "**********************************************"; \ - false; \ + exit 1; \ fi; \ done @echo "********************" @@ -2094,7 +2260,7 @@ symbol-check: lib/libgnutls.la false; \ else \ echo "*************************************************************"; \ - echo "Symbols were added in the library; use 'make-files-update' "; \ + echo "Symbols were added in the library; use 'make files-update' "; \ echo "and use 'git diff' to check correctness before committing "; \ echo "*************************************************************"; \ false; \ @@ -2239,7 +2405,7 @@ dist-hook: libopts-check $(MAKE) -C doc/manpages compare-makefile $(MAKE) ChangeLog mv ChangeLog $(distdir) - touch $(distdir)/doc/*.html $(distdir)/doc/*.pdf $(distdir)/doc/*.info + touch -c $(distdir)/doc/*.html $(distdir)/doc/*.pdf $(distdir)/doc/*.info .PHONY: abi-check abi-dump-versioned abi-dump-latest pic-check symbol-check local-code-coverage-output files-update libopts-check AUTHORS diff --git a/NEWS b/NEWS index 9268a0e..755a67c 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,260 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc. Copyright (C) 2013-2019 Nikos Mavrogiannopoulos See the end for copying conditions. +* Version 3.6.14 (released 2020-06-03) + +** libgnutls: Fixed insecure session ticket key construction, since 3.6.4. + The TLS server would not bind the session ticket encryption key with a + value supplied by the application until the initial key rotation, allowing + attacker to bypass authentication in TLS 1.3 and recover previous + conversations in TLS 1.2 (#1011). + [GNUTLS-SA-2020-06-03, CVSS: high] + +** libgnutls: Fixed handling of certificate chain with cross-signed + intermediate CA certificates (#1008). + +** libgnutls: Fixed reception of empty session ticket under TLS 1.2 (#997). + +** libgnutls: gnutls_x509_crt_print() is enhanced to recognizes commonName + (2.5.4.3), decodes certificate policy OIDs (!1245), and prints Authority + Key Identifier (AKI) properly (#989, #991). + +** certtool: PKCS #7 attributes are now printed with symbolic names (!1246). + +** libgnutls: Added several improvements on Windows Vista and later releases + (!1257, !1254, !1256). Most notably the system random number generator now + uses Windows BCrypt* API if available (!1255). + +** libgnutls: Use accelerated AES-XTS implementation if possible (!1244). + Also both accelerated and non-accelerated implementations check key block + according to FIPS-140-2 IG A.9 (!1233). + +** libgnutls: Added support for AES-SIV ciphers (#463). + +** libgnutls: Added support for 192-bit AES-GCM cipher (!1267). + +** libgnutls: No longer use internal symbols exported from Nettle (!1235) + +** API and ABI modifications: +GNUTLS_CIPHER_AES_128_SIV: Added +GNUTLS_CIPHER_AES_256_SIV: Added +GNUTLS_CIPHER_AES_192_GCM: Added +gnutls_pkcs7_print_signature_info: Added + +* Version 3.6.13 (released 2020-03-31) + +** libgnutls: Fix a DTLS-protocol regression (caused by TLS1.3 support), since 3.6.3. + The DTLS client would not contribute any randomness to the DTLS negotiation, + breaking the security guarantees of the DTLS protocol (#960) + [GNUTLS-SA-2020-03-31, CVSS: high] + +** libgnutls: Added new APIs to access KDF algorithms (#813). + +** libgnutls: Added new callback gnutls_keylog_func that enables a custom + logging functionality. + +** libgnutls: Added support for non-null terminated usernames in PSK + negotiation (#586). + +** gnutls-cli-debug: Improved support for old servers that only support + SSL 3.0. + +** API and ABI modifications: +gnutls_hkdf_extract: Added +gnutls_hkdf_expand: Added +gnutls_pbkdf2: Added +gnutls_session_get_keylog_function: Added +gnutls_session_set_keylog_function: Added +gnutls_prf_hash_get: Added +gnutls_psk_server_get_username2: Added +gnutls_psk_set_client_credentials2: Added +gnutls_psk_set_client_credentials_function2: Added +gnutls_psk_set_server_credentials_function2: Added + + +* Version 3.6.12 (released 2020-02-01) + +** libgnutls: Introduced TLS session flag (gnutls_session_get_flags()) + to identify sessions that client request OCSP status request (#829). + +** libgnutls: Added support for X448 key exchange (RFC 7748) and Ed448 + signature algorithm (RFC 8032) under TLS (#86). + +** libgnutls: Added the default-priority-string option to system configuration; + it allows overriding the compiled-in default-priority-string. + +** libgnutls: Added support for GOST CNT_IMIT ciphersuite (as defined by + draft-smyshlyaev-tls12-gost-suites-07). + By default this ciphersuite is disabled. It can be enabled by adding + +GOST to priority string. In the future this priority string may enable + other GOST ciphersuites as well. Note, that server will fail to negotiate + GOST ciphersuites if TLS 1.3 is enabled both on a server and a client. It + is recommended for now to disable TLS 1.3 in setups where GOST ciphersuites + are enabled on GnuTLS-based servers. + +** libgnutls: added priority shortcuts for different GOST categories like + CIPHER-GOST-ALL, MAC-GOST-ALL, KX-GOST-ALL, SIGN-GOST-ALL, GROUP-GOST-ALL. + +** libgnutls: Reject certificates with invalid time fields. That is we reject + certificates with invalid characters in Time fields, or invalid time formatting + To continue accepting the invalid form compile with --disable-strict-der-time + (#207, #870). + +** libgnutls: Reject certificates which contain duplicate extensions. We were + previously printing warnings when printing such a certificate, but that is + not always sufficient to flag such certificates as invalid. Instead we now + refuse to import them (#887). + +** libgnutls: If a CA is found in the trusted list, check in addition to + time validity, whether the algorithms comply to the expected level prior + to accepting it. This addresses the problem of accepting CAs which would + have been marked as insecure otherwise (#877). + +** libgnutls: The min-verification-profile from system configuration applies + for all certificate verifications, not only under TLS. The configuration can + be overriden using the GNUTLS_SYSTEM_PRIORITY_FILE environment variable. + +** libgnutls: The stapled OCSP certificate verification adheres to the convention + used throughout the library of setting the 'GNUTLS_CERT_INVALID' flag. + +** libgnutls: On client side only send OCSP staples if they have been requested + by the server, and on server side always advertise that we support OCSP stapling + (#876). + +** libgnutls: Introduced the gnutls_ocsp_req_const_t which is compatible + with gnutls_ocsp_req_t but const. + +** certtool: Added the --verify-profile option to set a certificate + verification profile. Use '--verify-profile low' for certificate verification + to apply the 'NORMAL' verification profile. + +** certtool: The add_extension template option is considered even when generating + a certificate from a certificate request. + +** API and ABI modifications: +GNUTLS_SFLAGS_CLI_REQUESTED_OCSP: Added +GNUTLS_SFLAGS_SERV_REQUESTED_OCSP: Added +gnutls_ocsp_req_const_t: Added + + +* Version 3.6.11 (released 2019-12-01) + +** libgnutls: Use KERN_ARND for the system random number generator on NetBSD. + This syscall provides an endless stream of random numbers from the kernel's + ChaCha20-based random number generator, without blocking or requiring an open file + descriptor. + +** libgnutls: Corrected issue with TLS 1.2 session ticket handling as client + during resumption (#841). + +** libgnutls: gnutls_base64_decode2() succeeds decoding the empty string to + the empty string. This is a behavioral change of the API but it conforms + to the RFC4648 expectations (#834). + +** libgnutls: Fixed AES-CFB8 implementation, when input is shorter than + the block size. Fix backported from nettle. + +** certtool: CRL distribution points will be set in CA certificates even when + non self-signed (#765). + +** gnutls-cli/serv: added raw public-key handling capabilities (RFC7250). + Key material can be set via the --rawpkkeyfile and --rawpkfile flags. + +** API and ABI modifications: +No changes since last version. + + +* Version 3.6.10 (released 2019-09-29) + +** libgnutls: Added support for deterministic ECDSA/DSA (RFC6979) + Deterministic signing can be enabled by setting + GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE when calling gnutls_privkey_sign_*() + functions (#94). + +** libgnutls: add gnutls_aead_cipher_encryptv2 and gnutls_aead_cipher_decryptv2 + functions that will perform in-place encryption/decryption on data buffers (#718). + +** libgnutls: Corrected issue in gnutls_session_get_data2() which could fail under + TLS1.3, if a timeout callback was not set using gnutls_transport_set_pull_timeout_function() + (#823). + +** libgnutls: added interoperability tests with gnutls 2.12.x; addressed + issue with large record handling due to random padding (#811). + +** libgnutls: the server now selects the highest TLS protocol version, + if TLS 1.3 is enabled and the client advertises an older protocol version first (#837). + +** libgnutls: fix non-PIC assembly on i386 (#818). + +** libgnutls: added support for GOST 28147-89 cipher in CNT (GOST counter) mode + and MAC generation based on GOST 28147-89 (IMIT). For description of the + modes see RFC 5830. S-Box is id-tc26-gost-28147-param-Z (TC26Z) defined in + RFC 7836. + +** certtool: when outputting an encrypted private key do not insert the textual description + of it. This fixes a regression since 3.6.5 (#840). + +** API and ABI modifications: +gnutls_aead_cipher_encryptv2: Added +gnutls_aead_cipher_decryptv2: Added +GNUTLS_CIPHER_GOST28147_TC26Z_CNT: Added +GNUTLS_MAC_GOST28147_TC26Z_IMIT: Added + +* Version 3.6.9 (released 2019-07-25) + +** libgnutls: add gnutls_hash_copy/gnutls_hmac_copy functions that will create a copy + of digest or MAC context. Copying contexts for externally-registered digest and MAC + contexts is unupported (#787). + +** Marked the crypto implementation override APIs as deprecated. These APIs are rarely + used, are for a niche use case, but have significant side effects, such as preventing + any internal re-organization and extension of the internal cipher API. The APIs remain + functional though a compiler warning will be issued, and a future minor version update + may transform them to a no-op while keeping ABI compatibility (#789). + +** libgnutls: Added support for AES-GMAC, as a separate to GCM, MAC algorithm (#781). + +** libgnutls: gnutls_privkey_sign_hash2 now accepts the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA + flag as documented. This makes it a complete replacement of gnutls_privkey_sign_hash(). + +** libgnutls: Added support for Generalname registeredID. + +** The priority configuration was enhanced to allow more elaborate + system-wide configuration of the library (#587). + The following changes were included: + - The file is read as an ini file with '#' indicating a comment. + - The section "[priorities]" or global follows the existing semantics of + the configuration file, and allows to specify system-wide priority strings + which are accessed with the '@' prefix. + - The section "[overrides]" is added with the parameters "insecure-hash", + "insecure-sig", "insecure-sig-for-cert", "disabled-curve", + "disabled-version", "min-verification-profile", "tls-disabled-cipher", + "tls-disabled-mac", "tls-disabled-group", "tls-disabled-kx", which prohibit + specific algorithms or options globally. Existing algorithms in the + library can be marked as disabled and insecure, but no hard-coded + insecure algorithm can be marked as secure (so that the configuration + cannot be abused to make the system vulnerable). + - Unknown sections or options are skipped with a debug message, unless + the GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID environment parameter is + set to 1. + +** libgnutls: Added new flag for GNUTLS_CPUID_OVERRIDE + - 0x20: Enable SHA_NI instruction set + +** API and ABI modifications: +gnutls_crypto_register_cipher: Deprecated +gnutls_crypto_register_aead_cipher: Deprecated +gnutls_crypto_register_digest: Deprecated +gnutls_crypto_register_mac: Deprecated +gnutls_get_system_config_file: Added +gnutls_hash_copy: Added +gnutls_hmac_copy: Added +GNUTLS_MAC_AES_GMAC_128: Added +GNUTLS_MAC_AES_GMAC_192: Added +GNUTLS_MAC_AES_CMAC_256: Added +GNUTLS_SAN_REGISTERED_ID: Added + + * Version 3.6.8 (released 2019-05-28) ** libgnutls: Added gnutls_prf_early() function to retrieve early keying diff --git a/README.md b/README.md index 338ff0d..3ee6c79 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,9 @@ [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/330/badge)](https://bestpractices.coreinfrastructure.org/projects/330) -|Branch|CI system|Status|Coverage| -|:----:|:-------:|-----:|:------:| -|Master|Gitlab|[![build status](https://gitlab.com/gnutls/gnutls/badges/master/build.svg)](https://gitlab.com/gnutls/gnutls/commits/master)|[![coverage report](https://gitlab.com/gnutls/gnutls/badges/master/coverage.svg)](https://gnutls.gitlab.io/coverage/master)| -|Master|Travis|[![build status](https://travis-ci.org/gnutls/gnutls.svg?branch=master)](https://travis-ci.org/gnutls/gnutls)|N/A| -|3.5.x|Gitlab|[![build status](https://gitlab.com/gnutls/gnutls/badges/gnutls_3_5_x/build.svg)](https://gitlab.com/gnutls/gnutls/commits/gnutls_3_5_x)|[![coverage report](https://gitlab.com/gnutls/gnutls/badges/gnutls_3_5_x/coverage.svg)](https://gnutls.gitlab.io/coverage/3.5.x)| -|3.5.x|Travis|[![build status](https://travis-ci.org/gnutls/gnutls.svg?branch=gnutls_3_5_x)](https://travis-ci.org/gnutls/gnutls)|N/A| -|3.3.x|Gitlab|[![build status](https://gitlab.com/gnutls/gnutls/badges/gnutls_3_3_x/build.svg)](https://gitlab.com/gnutls/gnutls/commits/gnutls_3_3_x)|N/A| +|Branch|CI system|Status|Test suite coverage|Fuzzer coverage| +|:----:|:-------:|-----:|:------:|:-------------:| +|Master/3.6.x|Gitlab|[![build status](https://gitlab.com/gnutls/gnutls/badges/master/pipeline.svg)](https://gitlab.com/gnutls/gnutls/commits/master)|[![coverage report](https://gitlab.com/gnutls/gnutls/badges/master/coverage.svg)](https://gnutls.gitlab.io/coverage/master)|[![Fuzzer coverage report](https://gnutls.gitlab.io/coverage/master-fuzz/badge.svg)](https://gnutls.gitlab.io/coverage/master-fuzz)| +|Master/3.6.x|Travis|[![build status](https://travis-ci.org/gnutls/gnutls.svg?branch=master)](https://travis-ci.org/gnutls/gnutls)|N/A|N/A| # GnuTLS -- Information for developers @@ -64,6 +61,9 @@ apt-get install -y libunbound-dev dns-root-data bison gtk-doc-tools apt-get install -y texinfo texlive texlive-generic-recommended texlive-extra-utils ``` +__NOTE:__ Some software versions might not be available in older releases, e.g. `nettle-dev`. +Available backport repos, APT-Pinning or source code compilating can be used to install these versions (and dependencies) from a newer release. + Fedora/RHEL: ``` yum install -y dash git autoconf libtool gettext-devel automake autogen patch @@ -86,17 +86,25 @@ and mbedtls. * [softhsm](https://www.opendnssec.org/softhsm/) (for testing smart card support) * [dieharder](https://www.phy.duke.edu/~rgb/General/dieharder.php) (for testing PRNG) * [lcov](https://linux-test-project.github.io/) (for code coverage) +* [util-linux](https://github.com/karelzak/util-linux) or just [lscpu](https://github.com/NanXiao/lscpu) (for CPU feature detection) +* [libev](hhttp://software.schmorp.de/pkg/libev.html) (for testing) Debian/Ubuntu: ``` -apt-get install -y valgrind libasan1 libubsan0 nodejs softhsm2 datefudge lcov libssl-dev libcmocka-dev expect -apt-get install -y dieharder libpolarssl-runtime openssl abigail-tools socat net-tools ppp lockfile-progs +apt-get install -y valgrind nodejs softhsm2 datefudge lcov libssl-dev libcmocka-dev expect libev-dev +apt-get install -y dieharder openssl abigail-tools socat net-tools ppp lockfile-progs util-linux +``` + +__NOTE:__ `libubsan0` and `libasan1` are required on older versions of Ubuntu <= 16.04. This packages must be manually added on these versions: + +``` +apt-get install -y v libubsan0 libasan1 ``` Fedora/RHEL: ``` -yum install -y valgrind libasan libasan-static libubsan nodejs softhsm datefudge lcov openssl-devel expect -yum install -y dieharder mbedtls-utils openssl libabigail libcmocka-devel socat lockfile-progs +yum install -y valgrind libasan libasan-static libubsan nodejs softhsm datefudge lcov openssl-devel expect libev-devel +yum install -y dieharder mbedtls-utils openssl libabigail libcmocka-devel socat lockfile-progs util-linux ``` diff --git a/RELEASES.md b/RELEASES.md new file mode 100644 index 0000000..5922814 --- /dev/null +++ b/RELEASES.md @@ -0,0 +1,44 @@ +# Release policy + +In the GnuTLS project there are at most two ongoing releases, one marked as +'stable' and one marked as 'next'. The former is always present and +supported, while the latter is introduced on the discretion of the +development team. + +For both release branches all the rules in [CONTRIBUTING.md](CONTRIBUTING.md) +apply, but in principle the 'stable' release is more conservative in new features, +while the 'next' branch allows for mild behavioral changes. The 'stable' branch +always provides API and ABI compatibility, while the 'next' branch may on exceptional +cases change the API. + + +|Branch|Version|Release interval| +|:----:|:-----:|:--------------:| +|stable|3.6.x |bi-monthly | +|next |- | | + + +# Release process + + 0. Create a new 'milestone' for the next release and move all issues present in the + current release milestone. + 1. Verification of release notes: ensure that release notes ([NEWS](NEWS)) exist + for this release, and include all significant changes since last release. + 2. Update of release date in [NEWS](NEWS), and bump of version number in + [configure.ac](configure.ac) as well as soname numbers in [m4/hooks.m4](m4/hooks.m4). + 3. make distcheck + 4. git tag -s $(VERSION). The 3.6.12 was including both the 3.6.12 and + gnutls_3_6_12 tags, but it may make sense to only use the version from + now on. + 5. git push && git push --tags + 6. make dist && gpg --sign --detach gnutls-$(VERSION).tar.xz + 7. scp gnutls-$(VERSION).tar.xz* trithemius.gnupg.org:/home/ftp/gcrypt/v3.6/ + 8. Create and send announcement email based on previously sent email to the list and + [NEWS](NEWS) file. + 9. Create a NEWS entry at [web-pages repository](https://gitlab.com/gnutls/web-pages/-/tree/master/news-entries), + and/or [a security advisory entry](https://gitlab.com/gnutls/web-pages/-/tree/master/security-entries) + if necessary. The NEWS entry is usually pointing to the announcement email. + A commit auto-generates the [gnutls web site](https://gnutls.gitlab.io/web-pages/) + which is mirrored twice a day by www.gnutls.org. +10. Use the @GnuTLS twitter account to announce the release. +11. Close the current release milestone. diff --git a/aclocal.m4 b/aclocal.m4 index 47030a4..ccb0ce2 100644 --- a/aclocal.m4 +++ b/aclocal.m4 @@ -1252,7 +1252,6 @@ AC_SUBST([am__untar]) m4_include([lib/unistring/m4/gnulib-comp.m4]) m4_include([lib/unistring/m4/inline.m4]) m4_include([lib/unistring/m4/libunistring-base.m4]) -m4_include([src/gl/m4/__inline.m4]) m4_include([src/gl/m4/bison.m4]) m4_include([src/gl/m4/clock_time.m4]) m4_include([src/gl/m4/fseek.m4]) @@ -1273,6 +1272,7 @@ m4_include([src/gl/m4/tzset.m4]) m4_include([src/libopts/m4/libopts.m4]) m4_include([src/libopts/m4/stdnoreturn.m4]) m4_include([m4/00gnulib.m4]) +m4_include([m4/__inline.m4]) m4_include([m4/absolute-header.m4]) m4_include([m4/alloca.m4]) m4_include([m4/arpa_inet_h.m4]) @@ -1292,6 +1292,7 @@ m4_include([m4/dup2.m4]) m4_include([m4/eealloc.m4]) m4_include([m4/environ.m4]) m4_include([m4/errno_h.m4]) +m4_include([m4/explicit_bzero.m4]) m4_include([m4/exponentd.m4]) m4_include([m4/extensions.m4]) m4_include([m4/extern-inline.m4]) @@ -1301,6 +1302,7 @@ m4_include([m4/fcntl_h.m4]) m4_include([m4/fdopen.m4]) m4_include([m4/flexmember.m4]) m4_include([m4/float_h.m4]) +m4_include([m4/fopen.m4]) m4_include([m4/fpieee.m4]) m4_include([m4/fseeko.m4]) m4_include([m4/fstat.m4]) @@ -1328,6 +1330,7 @@ m4_include([m4/inet_pton.m4]) m4_include([m4/intl-thread-locale.m4]) m4_include([m4/intlmacosx.m4]) m4_include([m4/intmax_t.m4]) +m4_include([m4/inttostr.m4]) m4_include([m4/inttypes-pri.m4]) m4_include([m4/inttypes.m4]) m4_include([m4/inttypes_h.m4]) @@ -1338,6 +1341,7 @@ m4_include([m4/largefile.m4]) m4_include([m4/lcmessage.m4]) m4_include([m4/ld-output-def.m4]) m4_include([m4/ld-version-script.m4]) +m4_include([m4/ldd.m4]) m4_include([m4/lib-ld.m4]) m4_include([m4/lib-link.m4]) m4_include([m4/lib-prefix.m4]) @@ -1351,7 +1355,6 @@ m4_include([m4/locale_h.m4]) m4_include([m4/localename.m4]) m4_include([m4/localtime-buffer.m4]) m4_include([m4/lock.m4]) -m4_include([m4/longlong.m4]) m4_include([m4/lseek.m4]) m4_include([m4/lstat.m4]) m4_include([m4/ltoptions.m4]) @@ -1375,6 +1378,7 @@ m4_include([m4/netinet_in_h.m4]) m4_include([m4/nls.m4]) m4_include([m4/off_t.m4]) m4_include([m4/open-cloexec.m4]) +m4_include([m4/open-slash.m4]) m4_include([m4/open.m4]) m4_include([m4/pathmax.m4]) m4_include([m4/perror.m4]) @@ -1383,15 +1387,20 @@ m4_include([m4/pkg.m4]) m4_include([m4/po.m4]) m4_include([m4/printf.m4]) m4_include([m4/progtest.m4]) +m4_include([m4/pthread-thread.m4]) +m4_include([m4/pthread_h.m4]) m4_include([m4/pthread_rwlock_rdlock.m4]) +m4_include([m4/pthread_sigmask.m4]) m4_include([m4/putenv.m4]) m4_include([m4/raise.m4]) m4_include([m4/read-file.m4]) m4_include([m4/realloc.m4]) +m4_include([m4/sched_h.m4]) m4_include([m4/secure_getenv.m4]) m4_include([m4/select.m4]) m4_include([m4/setenv.m4]) m4_include([m4/setlocale.m4]) +m4_include([m4/setlocale_null.m4]) m4_include([m4/sigaction.m4]) m4_include([m4/signal_h.m4]) m4_include([m4/signalblocking.m4]) @@ -1405,6 +1414,7 @@ m4_include([m4/sockpfaf.m4]) m4_include([m4/ssize_t.m4]) m4_include([m4/stat-time.m4]) m4_include([m4/stat.m4]) +m4_include([m4/std-gnu11.m4]) m4_include([m4/stdalign.m4]) m4_include([m4/stdbool.m4]) m4_include([m4/stddef_h.m4]) @@ -1430,6 +1440,7 @@ m4_include([m4/sys_stat_h.m4]) m4_include([m4/sys_time_h.m4]) m4_include([m4/sys_types_h.m4]) m4_include([m4/sys_uio_h.m4]) +m4_include([m4/thread.m4]) m4_include([m4/threadlib.m4]) m4_include([m4/time_h.m4]) m4_include([m4/time_r.m4]) @@ -1438,6 +1449,7 @@ m4_include([m4/unistd_h.m4]) m4_include([m4/valgrind-tests.m4]) m4_include([m4/vasnprintf.m4]) m4_include([m4/vasprintf.m4]) +m4_include([m4/visibility.m4]) m4_include([m4/vsnprintf.m4]) m4_include([m4/warn-on-use.m4]) m4_include([m4/warnings.m4]) @@ -1445,3 +1457,4 @@ m4_include([m4/wchar_h.m4]) m4_include([m4/wchar_t.m4]) m4_include([m4/wint_t.m4]) m4_include([m4/xsize.m4]) +m4_include([m4/zzgnulib.m4]) diff --git a/aminclude_static.am b/aminclude_static.am index b325041..9ff8597 100644 --- a/aminclude_static.am +++ b/aminclude_static.am @@ -1,6 +1,6 @@ # aminclude_static.am generated automatically by Autoconf -# from AX_AM_MACROS_STATIC on Tue May 28 07:09:17 CEST 2019 +# from AX_AM_MACROS_STATIC on Wed Jun 3 15:05:51 CEST 2020 # Code coverage diff --git a/build-aux/config.guess b/build-aux/config.guess index 4cd9454..11fda52 100755 --- a/build-aux/config.guess +++ b/build-aux/config.guess @@ -1,8 +1,8 @@ #! /bin/sh # Attempt to guess a canonical system name. -# Copyright 1992-2019 Free Software Foundation, Inc. +# Copyright 1992-2020 Free Software Foundation, Inc. -timestamp='2019-04-28' +timestamp='2020-04-26' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -50,7 +50,7 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright 1992-2019 Free Software Foundation, Inc. +Copyright 1992-2020 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -99,6 +99,8 @@ tmp= trap 'test -z "$tmp" || rm -fr "$tmp"' 0 1 2 13 15 set_cc_for_build() { + # prevent multiple calls if $tmp is already set + test "$tmp" && return 0 : "${TMPDIR=/tmp}" # shellcheck disable=SC2039 { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || @@ -262,6 +264,9 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in *:SolidBSD:*:*) echo "$UNAME_MACHINE"-unknown-solidbsd"$UNAME_RELEASE" exit ;; + *:OS108:*:*) + echo "$UNAME_MACHINE"-unknown-os108_"$UNAME_RELEASE" + exit ;; macppc:MirBSD:*:*) echo powerpc-unknown-mirbsd"$UNAME_RELEASE" exit ;; @@ -271,12 +276,15 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in *:Sortix:*:*) echo "$UNAME_MACHINE"-unknown-sortix exit ;; + *:Twizzler:*:*) + echo "$UNAME_MACHINE"-unknown-twizzler + exit ;; *:Redox:*:*) echo "$UNAME_MACHINE"-unknown-redox exit ;; mips:OSF1:*.*) - echo mips-dec-osf1 - exit ;; + echo mips-dec-osf1 + exit ;; alpha:OSF1:*:*) case $UNAME_RELEASE in *4.0) @@ -918,7 +926,7 @@ EOF echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" exit ;; alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' /proc/cpuinfo 2>/dev/null` in EV5) UNAME_MACHINE=alphaev5 ;; EV56) UNAME_MACHINE=alphaev56 ;; PCA56) UNAME_MACHINE=alphapca56 ;; @@ -1325,38 +1333,39 @@ EOF echo "$UNAME_MACHINE"-apple-rhapsody"$UNAME_RELEASE" exit ;; *:Darwin:*:*) - UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - set_cc_for_build - if test "$UNAME_PROCESSOR" = unknown ; then - UNAME_PROCESSOR=powerpc + UNAME_PROCESSOR=`uname -p` + case $UNAME_PROCESSOR in + unknown) UNAME_PROCESSOR=powerpc ;; + esac + if command -v xcode-select > /dev/null 2> /dev/null && \ + ! xcode-select --print-path > /dev/null 2> /dev/null ; then + # Avoid executing cc if there is no toolchain installed as + # cc will be a stub that puts up a graphical alert + # prompting the user to install developer tools. + CC_FOR_BUILD=no_compiler_found + else + set_cc_for_build fi - if test "`echo "$UNAME_RELEASE" | sed -e 's/\..*//'`" -le 10 ; then - if [ "$CC_FOR_BUILD" != no_compiler_found ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - case $UNAME_PROCESSOR in - i386) UNAME_PROCESSOR=x86_64 ;; - powerpc) UNAME_PROCESSOR=powerpc64 ;; - esac - fi - # On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc - if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \ - (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_PPC >/dev/null - then - UNAME_PROCESSOR=powerpc - fi + if [ "$CC_FOR_BUILD" != no_compiler_found ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi + # On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc + if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_PPC >/dev/null + then + UNAME_PROCESSOR=powerpc fi elif test "$UNAME_PROCESSOR" = i386 ; then - # Avoid executing cc on OS X 10.9, as it ships with a stub - # that puts up a graphical alert prompting to install - # developer tools. Any system running Mac OS X 10.7 or - # later (Darwin 11 and later) is required to have a 64-bit - # processor. This is not true of the ARM version of Darwin - # that Apple uses in portable devices. - UNAME_PROCESSOR=x86_64 + # uname -m returns i386 or x86_64 + UNAME_PROCESSOR=$UNAME_MACHINE fi echo "$UNAME_PROCESSOR"-apple-darwin"$UNAME_RELEASE" exit ;; @@ -1620,6 +1629,12 @@ copies of config.guess and config.sub with the latest versions from: https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess and https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub +EOF + +year=`echo $timestamp | sed 's,-.*,,'` +# shellcheck disable=SC2003 +if test "`expr "\`date +%Y\`" - "$year"`" -lt 3 ; then + cat >&2 <, 1996 # diff --git a/build-aux/config.sub b/build-aux/config.sub index f53af5a..973a298 100755 --- a/build-aux/config.sub +++ b/build-aux/config.sub @@ -1,8 +1,8 @@ #! /bin/sh # Configuration validation subroutine script. -# Copyright 1992-2019 Free Software Foundation, Inc. +# Copyright 1992-2020 Free Software Foundation, Inc. -timestamp='2019-01-05' +timestamp='2020-05-04' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -67,7 +67,7 @@ Report bugs and patches to ." version="\ GNU config.sub ($timestamp) -Copyright 1992-2019 Free Software Foundation, Inc. +Copyright 1992-2020 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -337,17 +337,14 @@ case $1 in basic_machine=m88k-harris os=sysv3 ;; - hp300) + hp300 | hp300hpux) basic_machine=m68k-hp + os=hpux ;; hp300bsd) basic_machine=m68k-hp os=bsd ;; - hp300hpux) - basic_machine=m68k-hp - os=hpux - ;; hppaosf) basic_machine=hppa1.1-hp os=osf @@ -360,10 +357,6 @@ case $1 in basic_machine=i386-mach os=mach ;; - vsta) - basic_machine=i386-pc - os=vsta - ;; isi68 | isi) basic_machine=m68k-isi os=sysv @@ -612,6 +605,10 @@ case $1 in basic_machine=vax-dec os=vms ;; + vsta) + basic_machine=i386-pc + os=vsta + ;; vxworks960) basic_machine=i960-wrs os=vxworks @@ -1172,7 +1169,7 @@ case $cpu-$vendor in | asmjs \ | ba \ | be32 | be64 \ - | bfin | bs2000 \ + | bfin | bpf | bs2000 \ | c[123]* | c30 | [cjt]90 | c4x \ | c8051 | clipper | craynv | csky | cydra \ | d10v | d30v | dlx | dsp16xx \ @@ -1346,11 +1343,11 @@ case $os in | hpux* | unos* | osf* | luna* | dgux* | auroraux* | solaris* \ | sym* | kopensolaris* | plan9* \ | amigaos* | amigados* | msdos* | newsos* | unicos* | aof* \ - | aos* | aros* | cloudabi* | sortix* \ + | aos* | aros* | cloudabi* | sortix* | twizzler* \ | nindy* | vxsim* | vxworks* | ebmon* | hms* | mvs* \ | clix* | riscos* | uniplus* | iris* | isc* | rtu* | xenix* \ | knetbsd* | mirbsd* | netbsd* \ - | bitrig* | openbsd* | solidbsd* | libertybsd* \ + | bitrig* | openbsd* | solidbsd* | libertybsd* | os108* \ | ekkobsd* | kfreebsd* | freebsd* | riscix* | lynxos* \ | bosx* | nextstep* | cxux* | aout* | elf* | oabi* \ | ptx* | coff* | ecoff* | winnt* | domain* | vsta* \ @@ -1368,7 +1365,8 @@ case $os in | powermax* | dnix* | nx6 | nx7 | sei* | dragonfly* \ | skyos* | haiku* | rdos* | toppers* | drops* | es* \ | onefs* | tirtos* | phoenix* | fuchsia* | redox* | bme* \ - | midnightbsd* | amdhsa* | unleashed* | emscripten* | wasi*) + | midnightbsd* | amdhsa* | unleashed* | emscripten* | wasi* \ + | nsk* | powerunix* | genode*) # Remember, each alternative MUST END IN *, to match a version number. ;; qnx*) @@ -1452,9 +1450,6 @@ case $os in ns2) os=nextstep2 ;; - nsk*) - os=nsk - ;; # Preserve the version number of sinix5. sinix5.*) os=`echo $os | sed -e 's|sinix|sysv|'` diff --git a/build-aux/depcomp b/build-aux/depcomp index 65cbf70..6b39162 100755 --- a/build-aux/depcomp +++ b/build-aux/depcomp @@ -3,7 +3,7 @@ scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1999-2018 Free Software Foundation, Inc. +# Copyright (C) 1999-2020 Free Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/build-aux/gendocs.sh b/build-aux/gendocs.sh index fd6a4b8..dec8eb9 100755 --- a/build-aux/gendocs.sh +++ b/build-aux/gendocs.sh @@ -2,9 +2,9 @@ # gendocs.sh -- generate a GNU manual in many formats. This script is # mentioned in maintain.texi. See the help message below for usage details. -scriptversion=2019-01-01.00 +scriptversion=2020-01-01.00 -# Copyright 2003-2019 Free Software Foundation, Inc. +# Copyright 2003-2020 Free Software Foundation, Inc. # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -73,7 +73,7 @@ texarg="-t @finalout" version="gendocs.sh $scriptversion -Copyright 2019 Free Software Foundation, Inc. +Copyright 2020 Free Software Foundation, Inc. There is NO warranty. You may redistribute this software under the terms of the GNU General Public License. For more information about these matters, see the files named COPYING." diff --git a/build-aux/install-sh b/build-aux/install-sh index 8175c64..20d8b2e 100755 --- a/build-aux/install-sh +++ b/build-aux/install-sh @@ -451,7 +451,18 @@ do trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0 # Copy the file name to the temp name. - (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") && + (umask $cp_umask && + { test -z "$stripcmd" || { + # Create $dsttmp read-write so that cp doesn't create it read-only, + # which would cause strip to fail. + if test -z "$doit"; then + : >"$dsttmp" # No need to fork-exec 'touch'. + else + $doit touch "$dsttmp" + fi + } + } && + $doit_exec $cpprog "$src" "$dsttmp") && # and set any options; do chmod last to preserve setuid bits. # diff --git a/build-aux/ldd.sh.in b/build-aux/ldd.sh.in new file mode 100644 index 0000000..b2e6bc3 --- /dev/null +++ b/build-aux/ldd.sh.in @@ -0,0 +1,22 @@ +#!/bin/sh +# Determine the dynamically linked dependencies of a program. + +# Copyright (C) 2006-2020 Free Software Foundation, Inc. +# Written by Bruno Haible , 2006. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# Usage: ldd.sh program + +@LDDPROG@ "$1" @LDDPOSTPROC@ diff --git a/build-aux/ltmain.sh b/build-aux/ltmain.sh index 617dde4..7f3523d 100644 --- a/build-aux/ltmain.sh +++ b/build-aux/ltmain.sh @@ -31,7 +31,7 @@ PROGRAM=libtool PACKAGE=libtool -VERSION="2.4.6 Debian-2.4.6-8" +VERSION=2.4.6 package_revision=2.4.6 @@ -1370,7 +1370,7 @@ func_lt_ver () #! /bin/sh # Set a version string for this script. -scriptversion=2015-10-07.11; # UTC +scriptversion=2014-01-07.03; # UTC # A portable, pluggable option parser for Bourne shell. # Written by Gary V. Vaughan, 2010 @@ -1530,8 +1530,6 @@ func_run_hooks () { $debug_cmd - _G_rc_run_hooks=false - case " $hookable_fns " in *" $1 "*) ;; *) func_fatal_error "'$1' does not support hook funcions.n" ;; @@ -1540,16 +1538,16 @@ func_run_hooks () eval _G_hook_fns=\$$1_hooks; shift for _G_hook in $_G_hook_fns; do - if eval $_G_hook '"$@"'; then - # store returned options list back into positional - # parameters for next 'cmd' execution. - eval _G_hook_result=\$${_G_hook}_result - eval set dummy "$_G_hook_result"; shift - _G_rc_run_hooks=: - fi + eval $_G_hook '"$@"' + + # store returned options list back into positional + # parameters for next 'cmd' execution. + eval _G_hook_result=\$${_G_hook}_result + eval set dummy "$_G_hook_result"; shift done - $_G_rc_run_hooks && func_run_hooks_result=$_G_hook_result + func_quote_for_eval ${1+"$@"} + func_run_hooks_result=$func_quote_for_eval_result } @@ -1559,16 +1557,10 @@ func_run_hooks () ## --------------- ## # In order to add your own option parsing hooks, you must accept the -# full positional parameter list in your hook function, you may remove/edit -# any options that you action, and then pass back the remaining unprocessed +# full positional parameter list in your hook function, remove any +# options that you action, and then pass back the remaining unprocessed # options in '_result', escaped suitably for -# 'eval'. In this case you also must return $EXIT_SUCCESS to let the -# hook's caller know that it should pay attention to -# '_result'. Returning $EXIT_FAILURE signalizes that -# arguments are left untouched by the hook and therefore caller will ignore the -# result variable. -# -# Like this: +# 'eval'. Like this: # # my_options_prep () # { @@ -1578,11 +1570,9 @@ func_run_hooks () # usage_message=$usage_message' # -s, --silent don'\''t print informational messages # ' -# # No change in '$@' (ignored completely by this hook). There is -# # no need to do the equivalent (but slower) action: -# # func_quote_for_eval ${1+"$@"} -# # my_options_prep_result=$func_quote_for_eval_result -# false +# +# func_quote_for_eval ${1+"$@"} +# my_options_prep_result=$func_quote_for_eval_result # } # func_add_hook func_options_prep my_options_prep # @@ -1591,37 +1581,25 @@ func_run_hooks () # { # $debug_cmd # -# args_changed=false -# # # Note that for efficiency, we parse as many options as we can # # recognise in a loop before passing the remainder back to the # # caller on the first unrecognised argument we encounter. # while test $# -gt 0; do # opt=$1; shift # case $opt in -# --silent|-s) opt_silent=: -# args_changed=: -# ;; +# --silent|-s) opt_silent=: ;; # # Separate non-argument short options: # -s*) func_split_short_opt "$_G_opt" # set dummy "$func_split_short_opt_name" \ # "-$func_split_short_opt_arg" ${1+"$@"} # shift -# args_changed=: # ;; -# *) # Make sure the first unrecognised option "$_G_opt" -# # is added back to "$@", we could need that later -# # if $args_changed is true. -# set dummy "$_G_opt" ${1+"$@"}; shift; break ;; +# *) set dummy "$_G_opt" "$*"; shift; break ;; # esac # done # -# if $args_changed; then -# func_quote_for_eval ${1+"$@"} -# my_silent_option_result=$func_quote_for_eval_result -# fi -# -# $args_changed +# func_quote_for_eval ${1+"$@"} +# my_silent_option_result=$func_quote_for_eval_result # } # func_add_hook func_parse_options my_silent_option # @@ -1633,32 +1611,16 @@ func_run_hooks () # $opt_silent && $opt_verbose && func_fatal_help "\ # '--silent' and '--verbose' options are mutually exclusive." # -# false +# func_quote_for_eval ${1+"$@"} +# my_option_validation_result=$func_quote_for_eval_result # } # func_add_hook func_validate_options my_option_validation # -# You'll also need to manually amend $usage_message to reflect the extra +# You'll alse need to manually amend $usage_message to reflect the extra # options you parse. It's preferable to append if you can, so that # multiple option parsing hooks can be added safely. -# func_options_finish [ARG]... -# ---------------------------- -# Finishing the option parse loop (call 'func_options' hooks ATM). -func_options_finish () -{ - $debug_cmd - - _G_func_options_finish_exit=false - if func_run_hooks func_options ${1+"$@"}; then - func_options_finish_result=$func_run_hooks_result - _G_func_options_finish_exit=: - fi - - $_G_func_options_finish_exit -} - - # func_options [ARG]... # --------------------- # All the functions called inside func_options are hookable. See the @@ -1668,28 +1630,17 @@ func_options () { $debug_cmd - _G_rc_options=false - - for my_func in options_prep parse_options validate_options options_finish - do - if eval func_$my_func '${1+"$@"}'; then - eval _G_res_var='$'"func_${my_func}_result" - eval set dummy "$_G_res_var" ; shift - _G_rc_options=: - fi - done + func_options_prep ${1+"$@"} + eval func_parse_options \ + ${func_options_prep_result+"$func_options_prep_result"} + eval func_validate_options \ + ${func_parse_options_result+"$func_parse_options_result"} - # Save modified positional parameters for caller. As a top-level - # options-parser function we always need to set the 'func_options_result' - # variable (regardless the $_G_rc_options value). - if $_G_rc_options; then - func_options_result=$_G_res_var - else - func_quote_for_eval ${1+"$@"} - func_options_result=$func_quote_for_eval_result - fi + eval func_run_hooks func_options \ + ${func_validate_options_result+"$func_validate_options_result"} - $_G_rc_options + # save modified positional parameters for caller + func_options_result=$func_run_hooks_result } @@ -1698,9 +1649,9 @@ func_options () # All initialisations required before starting the option parse loop. # Note that when calling hook functions, we pass through the list of # positional parameters. If a hook function modifies that list, and -# needs to propagate that back to rest of this script, then the complete +# needs to propogate that back to rest of this script, then the complete # modified list must be put in 'func_run_hooks_result' before -# returning $EXIT_SUCCESS (otherwise $EXIT_FAILURE is returned). +# returning. func_hookable func_options_prep func_options_prep () { @@ -1710,14 +1661,10 @@ func_options_prep () opt_verbose=false opt_warning_types= - _G_rc_options_prep=false - if func_run_hooks func_options_prep ${1+"$@"}; then - _G_rc_options_prep=: - # save modified positional parameters for caller - func_options_prep_result=$func_run_hooks_result - fi + func_run_hooks func_options_prep ${1+"$@"} - $_G_rc_options_prep + # save modified positional parameters for caller + func_options_prep_result=$func_run_hooks_result } @@ -1731,20 +1678,18 @@ func_parse_options () func_parse_options_result= - _G_rc_parse_options=false # this just eases exit handling while test $# -gt 0; do # Defer to hook functions for initial option parsing, so they # get priority in the event of reusing an option name. - if func_run_hooks func_parse_options ${1+"$@"}; then - eval set dummy "$func_run_hooks_result"; shift - _G_rc_parse_options=: - fi + func_run_hooks func_parse_options ${1+"$@"} + + # Adjust func_parse_options positional parameters to match + eval set dummy "$func_run_hooks_result"; shift # Break out of the loop if we already parsed every option. test $# -gt 0 || break - _G_match_parse_options=: _G_opt=$1 shift case $_G_opt in @@ -1759,10 +1704,7 @@ func_parse_options () ;; --warnings|--warning|-W) - if test $# = 0 && func_missing_arg $_G_opt; then - _G_rc_parse_options=: - break - fi + test $# = 0 && func_missing_arg $_G_opt && break case " $warning_categories $1" in *" $1 "*) # trailing space prevents matching last $1 above @@ -1815,25 +1757,15 @@ func_parse_options () shift ;; - --) _G_rc_parse_options=: ; break ;; + --) break ;; -*) func_fatal_help "unrecognised option: '$_G_opt'" ;; - *) set dummy "$_G_opt" ${1+"$@"}; shift - _G_match_parse_options=false - break - ;; + *) set dummy "$_G_opt" ${1+"$@"}; shift; break ;; esac - - $_G_match_parse_options && _G_rc_parse_options=: done - - if $_G_rc_parse_options; then - # save modified positional parameters for caller - func_quote_for_eval ${1+"$@"} - func_parse_options_result=$func_quote_for_eval_result - fi - - $_G_rc_parse_options + # save modified positional parameters for caller + func_quote_for_eval ${1+"$@"} + func_parse_options_result=$func_quote_for_eval_result } @@ -1846,21 +1778,16 @@ func_validate_options () { $debug_cmd - _G_rc_validate_options=false - # Display all warnings if -W was not given. test -n "$opt_warning_types" || opt_warning_types=" $warning_categories" - if func_run_hooks func_validate_options ${1+"$@"}; then - # save modified positional parameters for caller - func_validate_options_result=$func_run_hooks_result - _G_rc_validate_options=: - fi + func_run_hooks func_validate_options ${1+"$@"} # Bail if the options were screwed! $exit_cmd $EXIT_FAILURE - $_G_rc_validate_options + # save modified positional parameters for caller + func_validate_options_result=$func_run_hooks_result } @@ -2141,12 +2068,12 @@ include the following information: compiler: $LTCC compiler flags: $LTCFLAGS linker: $LD (gnu? $with_gnu_ld) - version: $progname $scriptversion Debian-2.4.6-8 + version: $progname (GNU libtool) 2.4.6 automake: `($AUTOMAKE --version) 2>/dev/null |$SED 1q` autoconf: `($AUTOCONF --version) 2>/dev/null |$SED 1q` Report bugs to . -GNU libtool home page: . +GNU libtool home page: . General help using GNU software: ." exit 0 } @@ -2197,7 +2124,7 @@ fi # a configuration failure hint, and exit. func_fatal_configuration () { - func__fatal_error ${1+"$@"} \ + func_fatal_error ${1+"$@"} \ "See the $PACKAGE documentation for more information." \ "Fatal configuration error." } @@ -2343,8 +2270,6 @@ libtool_options_prep () nonopt= preserve_args= - _G_rc_lt_options_prep=: - # Shorthand for --mode=foo, only valid as the first argument case $1 in clean|clea|cle|cl) @@ -2368,18 +2293,11 @@ libtool_options_prep () uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u) shift; set dummy --mode uninstall ${1+"$@"}; shift ;; - *) - _G_rc_lt_options_prep=false - ;; esac - if $_G_rc_lt_options_prep; then - # Pass back the list of options. - func_quote_for_eval ${1+"$@"} - libtool_options_prep_result=$func_quote_for_eval_result - fi - - $_G_rc_lt_options_prep + # Pass back the list of options. + func_quote_for_eval ${1+"$@"} + libtool_options_prep_result=$func_quote_for_eval_result } func_add_hook func_options_prep libtool_options_prep @@ -2391,12 +2309,9 @@ libtool_parse_options () { $debug_cmd - _G_rc_lt_parse_options=false - # Perform our own loop to consume as many options as possible in # each iteration. while test $# -gt 0; do - _G_match_lt_parse_options=: _G_opt=$1 shift case $_G_opt in @@ -2471,22 +2386,15 @@ libtool_parse_options () func_append preserve_args " $_G_opt" ;; - # An option not handled by this hook function: - *) set dummy "$_G_opt" ${1+"$@"} ; shift - _G_match_lt_parse_options=false - break - ;; + # An option not handled by this hook function: + *) set dummy "$_G_opt" ${1+"$@"}; shift; break ;; esac - $_G_match_lt_parse_options && _G_rc_lt_parse_options=: done - if $_G_rc_lt_parse_options; then - # save modified positional parameters for caller - func_quote_for_eval ${1+"$@"} - libtool_parse_options_result=$func_quote_for_eval_result - fi - $_G_rc_lt_parse_options + # save modified positional parameters for caller + func_quote_for_eval ${1+"$@"} + libtool_parse_options_result=$func_quote_for_eval_result } func_add_hook func_parse_options libtool_parse_options @@ -7366,11 +7274,10 @@ func_mode_link () # -O*, -g*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization # -specs=* GCC specs files # -stdlib=* select c++ std lib with clang - # -fsanitize=* Clang/GCC memory and address sanitizer -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*| \ - -specs=*|-fsanitize=*) + -specs=*) func_quote_for_eval "$arg" arg=$func_quote_for_eval_result func_append compile_command " $arg" @@ -7663,10 +7570,7 @@ func_mode_link () case $pass in dlopen) libs=$dlfiles ;; dlpreopen) libs=$dlprefiles ;; - link) - libs="$deplibs %DEPLIBS%" - test "X$link_all_deplibs" != Xno && libs="$libs $dependency_libs" - ;; + link) libs="$deplibs %DEPLIBS% $dependency_libs" ;; esac fi if test lib,dlpreopen = "$linkmode,$pass"; then @@ -7985,19 +7889,19 @@ func_mode_link () # It is a libtool convenience library, so add in its objects. func_append convenience " $ladir/$objdir/$old_library" func_append old_convenience " $ladir/$objdir/$old_library" - tmp_libs= - for deplib in $dependency_libs; do - deplibs="$deplib $deplibs" - if $opt_preserve_dup_deps; then - case "$tmp_libs " in - *" $deplib "*) func_append specialdeplibs " $deplib" ;; - esac - fi - func_append tmp_libs " $deplib" - done elif test prog != "$linkmode" && test lib != "$linkmode"; then func_fatal_error "'$lib' is not a convenience library" fi + tmp_libs= + for deplib in $dependency_libs; do + deplibs="$deplib $deplibs" + if $opt_preserve_dup_deps; then + case "$tmp_libs " in + *" $deplib "*) func_append specialdeplibs " $deplib" ;; + esac + fi + func_append tmp_libs " $deplib" + done continue fi # $pass = conv @@ -8921,9 +8825,6 @@ func_mode_link () revision=$number_minor lt_irix_increment=no ;; - *) - func_fatal_configuration "$modename: unknown library version type '$version_type'" - ;; esac ;; no) diff --git a/build-aux/mdate-sh b/build-aux/mdate-sh index 8c7a590..6a6a4bc 100755 --- a/build-aux/mdate-sh +++ b/build-aux/mdate-sh @@ -3,7 +3,7 @@ scriptversion=2018-03-07.03; # UTC -# Copyright (C) 1995-2018 Free Software Foundation, Inc. +# Copyright (C) 1995-2020 Free Software Foundation, Inc. # written by Ulrich Drepper , June 1995 # # This program is free software; you can redistribute it and/or modify diff --git a/build-aux/pmccabe2html b/build-aux/pmccabe2html index 7dcfb0b..a53e997 100644 --- a/build-aux/pmccabe2html +++ b/build-aux/pmccabe2html @@ -1,6 +1,6 @@ # pmccabe2html - AWK script to convert pmccabe output to html -*- awk -*- -# Copyright (C) 2007-2019 Free Software Foundation, Inc. +# Copyright (C) 2007-2020 Free Software Foundation, Inc. # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by diff --git a/build-aux/texinfo.tex b/build-aux/texinfo.tex index ccd1129..d3136db 100644 --- a/build-aux/texinfo.tex +++ b/build-aux/texinfo.tex @@ -1,11 +1,11 @@ % texinfo.tex -- TeX macros to handle Texinfo files. -% +% % Load plain if necessary, i.e., if running under initex. \expandafter\ifx\csname fmtname\endcsname\relax\input plain\fi % -\def\texinfoversion{2019-04-12.13} +\def\texinfoversion{2020-05-22.11} % -% Copyright 1985, 1986, 1988, 1990-2019 Free Software Foundation, Inc. +% Copyright 1985, 1986, 1988, 1990-2020 Free Software Foundation, Inc. % % This texinfo.tex file is free software: you can redistribute it and/or % modify it under the terms of the GNU General Public License as @@ -33,7 +33,7 @@ % The texinfo.tex in any given distribution could well be out % of date, so if that's what you're using, please check. % -% Send bug reports to bug-texinfo@gnu.org. Please include including a +% Send bug reports to bug-texinfo@gnu.org. Please include a % complete document in each bug report with which we can reproduce the % problem. Patches are, of course, greatly appreciated. % @@ -218,7 +218,7 @@ % @errormsg{MSG}. Do the index-like expansions on MSG, but if things % aren't perfect, it's not the end of the world, being an error message, % after all. -% +% \def\errormsg{\begingroup \indexnofonts \doerrormsg} \def\doerrormsg#1{\errmessage{#1}} @@ -323,9 +323,9 @@ % the output routine. The saved contents are valid until we actually % \shipout a page. % -% (We used to run a short output routine to actually set \topmark and -% \firstmark to the right values, but if this was called with an empty page -% containing whatsits for writing index entries, the whatsits would be thrown +% (We used to run a short output routine to actually set \topmark and +% \firstmark to the right values, but if this was called with an empty page +% containing whatsits for writing index entries, the whatsits would be thrown % away and the index auxiliary file would remain empty.) % \newtoks\savedtopmark @@ -349,36 +349,21 @@ \ifodd\pageno \advance\hoffset by \bindingoffset \else \advance\hoffset by -\bindingoffset\fi % + \checkchapterpage + % % Retrieve the information for the headings from the marks in the page, % and call Plain TeX's \makeheadline and \makefootline, which use the % values in \headline and \footline. % - % This is used to check if we are on the first page of a chapter. - \ifcase1\the\savedtopmark\fi - \let\prevchaptername\thischaptername - \ifcase0\firstmark\fi - \let\curchaptername\thischaptername - % - \ifodd\pageno \getoddheadingmarks \else \getevenheadingmarks \fi - % - \ifx\curchaptername\prevchaptername - \let\thischapterheading\thischapter - \else - % \thischapterheading is the same as \thischapter except it is blank - % for the first page of a chapter. This is to prevent the chapter name - % being shown twice. - \def\thischapterheading{}% - \fi - % % Common context changes for both heading and footing. % Do this outside of the \shipout so @code etc. will be expanded in % the headline as they should be, not taken literally (outputting ''code). - \def\commmonheadfootline{\let\hsize=\txipagewidth \texinfochars} - % - \global\setbox\headlinebox = \vbox{\commmonheadfootline \makeheadline}% + \def\commonheadfootline{\let\hsize=\txipagewidth \texinfochars} % + \ifodd\pageno \getoddheadingmarks \else \getevenheadingmarks \fi + \global\setbox\headlinebox = \vbox{\commonheadfootline \makeheadline}% \ifodd\pageno \getoddfootingmarks \else \getevenfootingmarks \fi - \global\setbox\footlinebox = \vbox{\commmonheadfootline \makefootline}% + \global\setbox\footlinebox = \vbox{\commonheadfootline \makefootline}% % {% % Set context for writing to auxiliary files like index files. @@ -423,6 +408,22 @@ \ifr@ggedbottom \kern-\dimen@ \vfil \fi} } +% Check if we are on the first page of a chapter. Used for printing headings. +\newif\ifchapterpage +\def\checkchapterpage{% + % Get the chapter that was current at the end of the last page + \ifcase1\the\savedtopmark\fi + \let\prevchaptername\thischaptername + % + \ifodd\pageno \getoddheadingmarks \else \getevenheadingmarks \fi + \let\curchaptername\thischaptername + % + \ifx\curchaptername\prevchaptername + \chapterpagefalse + \else + \chapterpagetrue + \fi +} % Argument parsing @@ -448,7 +449,7 @@ }% } -% First remove any @comment, then any @c comment. Pass the result on to +% First remove any @comment, then any @c comment. Pass the result on to % \argcheckspaces. \def\argremovecomment#1\comment#2\ArgTerm{\argremovec #1\c\ArgTerm} \def\argremovec#1\c#2\ArgTerm{\argcheckspaces#1\^^M\ArgTerm} @@ -1010,7 +1011,7 @@ where each line of input produces a line of output.} \let\setfilename=\comment % @bye. -\outer\def\bye{\pagealignmacro\tracingstats=1\ptexend} +\outer\def\bye{\chappager\pagelabels\tracingstats=1\ptexend} \message{pdf,} @@ -1052,7 +1053,7 @@ where each line of input produces a line of output.} tex.sprint( string.format(string.char(0x5c) .. string.char(0x25) .. '03o' .. string.char(0x5c) .. string.char(0x25) .. '03o', - (c / 256), (c % 256))) + math.floor(c / 256), math.floor(c % 256))) else c = c - 0x10000 local c_hi = c / 1024 + 0xd800 @@ -1062,8 +1063,8 @@ where each line of input produces a line of output.} string.char(0x5c) .. string.char(0x25) .. '03o' .. string.char(0x5c) .. string.char(0x25) .. '03o' .. string.char(0x5c) .. string.char(0x25) .. '03o', - (c_hi / 256), (c_hi % 256), - (c_lo / 256), (c_lo % 256))) + math.floor(c_hi / 256), math.floor(c_hi % 256), + math.floor(c_lo / 256), math.floor(c_lo % 256))) end end end @@ -1076,15 +1077,19 @@ where each line of input produces a line of output.} function PDFescstr(str) for c in string.bytes(str) do if c <= 0x20 or c >= 0x80 or c == 0x28 or c == 0x29 or c == 0x5c then - tex.sprint( + tex.sprint(-2, string.format(string.char(0x5c) .. string.char(0x25) .. '03o', c)) else - tex.sprint(string.char(c)) + tex.sprint(-2, string.char(c)) end end end } + % The -2 in the arguments here gives all the input to TeX catcode 12 + % (other) or 10 (space), preventing undefined control sequence errors. See + % https://lists.gnu.org/archive/html/bug-texinfo/2019-08/msg00031.html + % \endgroup \def\pdfescapestring#1{\directlua{PDFescstr('\luaescapestring{#1}')}} \ifnum\luatexversion>84 @@ -1133,11 +1138,50 @@ where each line of input produces a line of output.} \fi +% Output page labels information. +% See PDF reference v.1.7 p.594, section 8.3.1. +\ifpdf +\def\pagelabels{% + \def\title{0 << /P (T-) /S /D >>}% + \edef\roman{\the\romancount << /S /r >>}% + \edef\arabic{\the\arabiccount << /S /D >>}% + % + % Page label ranges must be increasing. Remove any duplicates. + % (There is a slight chance of this being wrong if e.g. there is + % a @contents but no @titlepage, etc.) + % + \ifnum\romancount=0 \def\roman{}\fi + \ifnum\arabiccount=0 \def\title{}% + \else + \ifnum\romancount=\arabiccount \def\roman{}\fi + \fi + % + \ifnum\romancount<\arabiccount + \pdfcatalog{/PageLabels << /Nums [\title \roman \arabic ] >> }\relax + \else + \pdfcatalog{/PageLabels << /Nums [\title \arabic \roman ] >> }\relax + \fi +} +\else + \let\pagelabels\relax +\fi + +\newcount\pagecount \pagecount=0 +\newcount\romancount \romancount=0 +\newcount\arabiccount \arabiccount=0 +\ifpdf + \let\ptxadvancepageno\advancepageno + \def\advancepageno{% + \ptxadvancepageno\global\advance\pagecount by 1 + } +\fi + + % PDF uses PostScript string constants for the names of xref targets, % for display in the outlines, and in other places. Thus, we have to % double any backslashes. Otherwise, a name like "\node" will be % interpreted as a newline (\n), followed by o, d, e. Not good. -% +% % See http://www.ntg.nl/pipermail/ntg-pdftex/2004-July/000654.html and % related messages. The final outcome is that it is up to the TeX user % to double the backslashes and otherwise make the string valid, so @@ -1423,7 +1467,13 @@ output) for that.)} % subentries, which we calculated on our first read of the .toc above. % % We use the node names as the destinations. + % + % Currently we prefix the section name with the section number + % for chapter and appendix headings only in order to avoid too much + % horizontal space being required in the PDF viewer. \def\numchapentry##1##2##3##4{% + \dopdfoutline{##2 ##1}{count-\expnumber{chap##2}}{##3}{##4}}% + \def\unnchapentry##1##2##3##4{% \dopdfoutline{##1}{count-\expnumber{chap##2}}{##3}{##4}}% \def\numsecentry##1##2##3##4{% \dopdfoutline{##1}{count-\expnumber{sec##2}}{##3}{##4}}% @@ -1442,7 +1492,7 @@ output) for that.)} % their "best" equivalent, based on the @documentencoding. Too % much work for too little return. Just use the ASCII equivalents % we use for the index sort strings. - % + % \indexnofonts \setupdatafile % We can have normal brace characters in the PDF outlines, unlike @@ -1665,9 +1715,13 @@ output) for that.)} % Therefore, we read toc only once. % % We use node names as destinations. + % + % Currently we prefix the section name with the section number + % for chapter and appendix headings only in order to avoid too much + % horizontal space being required in the PDF viewer. \def\partentry##1##2##3##4{}% ignore parts in the outlines \def\numchapentry##1##2##3##4{% - \dopdfoutline{##1}{1}{##3}{##4}}% + \dopdfoutline{##2 ##1}{1}{##3}{##4}}% \def\numsecentry##1##2##3##4{% \dopdfoutline{##1}{2}{##3}{##4}}% \def\numsubsecentry##1##2##3##4{% @@ -1679,7 +1733,8 @@ output) for that.)} \let\appsecentry\numsecentry% \let\appsubsecentry\numsubsecentry% \let\appsubsubsecentry\numsubsubsecentry% - \let\unnchapentry\numchapentry% + \def\unnchapentry##1##2##3##4{% + \dopdfoutline{##1}{1}{##3}{##4}}% \let\unnsecentry\numsecentry% \let\unnsubsecentry\numsubsecentry% \let\unnsubsubsecentry\numsubsubsecentry% @@ -2492,7 +2547,7 @@ end \def\it{\fam=\itfam \setfontstyle{it}} \def\sl{\fam=\slfam \setfontstyle{sl}} \def\bf{\fam=\bffam \setfontstyle{bf}}\def\bfstylename{bf} -\def\tt{\fam=\ttfam \setfontstyle{tt}} +\def\tt{\fam=\ttfam \setfontstyle{tt}}\def\ttstylename{tt} % Texinfo sort of supports the sans serif font style, which plain TeX does not. % So we set up a \sf. @@ -2726,7 +2781,7 @@ end } % Commands to set the quote options. -% +% \parseargdef\codequoteundirected{% \def\temp{#1}% \ifx\temp\onword @@ -2767,7 +2822,7 @@ end % If we are in a monospaced environment, however, 1) always use \ttsl, % and 2) do not add an italic correction. \def\dosmartslant#1#2{% - \ifusingtt + \ifusingtt {{\ttsl #2}\let\next=\relax}% {\def\next{{#1#2}\futurelet\next\smartitaliccorrection}}% \next @@ -2914,14 +2969,14 @@ end \gdef\codedash{\futurelet\next\codedashfinish} \gdef\codedashfinish{% \normaldash % always output the dash character itself. - % + % % Now, output a discretionary to allow a line break, unless % (a) the next character is a -, or % (b) the preceding character is a -. % E.g., given --posix, we do not want to allow a break after either -. % Given --foo-bar, we do want to allow a break between the - and the b. \ifx\next\codedash \else - \ifx\codedashprev\codedash + \ifx\codedashprev\codedash \else \discretionary{}{}{}\fi \fi % we need the space after the = for the case when \next itself is a @@ -3003,7 +3058,7 @@ end % For pdfTeX and LuaTeX \ifurefurlonlylink % PDF plus option to not display url, show just arg - \unhbox0 + \unhbox0 \else % PDF, normally display both arg and url for consistency, % visibility, if the pdf is eventually used to print, etc. @@ -3016,7 +3071,7 @@ end % For XeTeX \ifurefurlonlylink % PDF plus option to not display url, show just arg - \unhbox0 + \unhbox0 \else % PDF, normally display both arg and url for consistency, % visibility, if the pdf is eventually used to print, etc. @@ -3074,10 +3129,10 @@ end } } -% By default we'll break after the special characters, but some people like to -% break before the special chars, so allow that. Also allow no breaking at +% By default we'll break after the special characters, but some people like to +% break before the special chars, so allow that. Also allow no breaking at % all, for manual control. -% +% \parseargdef\urefbreakstyle{% \def\txiarg{#1}% \ifx\txiarg\wordnone @@ -3095,12 +3150,17 @@ end \def\wordbefore{before} \def\wordnone{none} -% Allow a ragged right output to aid breaking long URL's. Putting stretch in -% between characters of the URL doesn't look good. +% Allow a ragged right output to aid breaking long URL's. There can +% be a break at the \allowbreak with no extra glue (if the existing stretch in +% the line is sufficient), a break at the \penalty100 with extra glue added +% at the end of the line, or no break at all here. +% Changing the value of the penalty and/or the amount of stretch affects how +% preferable one choice is over the other. \def\urefallowbreak{% - \hskip 0pt plus 4 em\relax \allowbreak - \hskip 0pt plus -4 em\relax + \hskip 0pt plus 2 em\relax + \penalty300 + \hskip 0pt plus -2 em\relax } \urefbreakstyle after @@ -3299,7 +3359,7 @@ end % @inlinefmt{FMTNAME,PROCESSED-TEXT} and @inlineraw{FMTNAME,RAW-TEXT}. % Ignore unless FMTNAME == tex; then it is like @iftex and @tex, % except specified as a normal braced arg, so no newlines to worry about. -% +% \def\outfmtnametex{tex} % \long\def\inlinefmt#1{\doinlinefmt #1,\finish} @@ -3307,7 +3367,7 @@ end \def\inlinefmtname{#1}% \ifx\inlinefmtname\outfmtnametex \ignorespaces #2\fi } -% +% % @inlinefmtifelse{FMTNAME,THEN-TEXT,ELSE-TEXT} expands THEN-TEXT if % FMTNAME is tex, else ELSE-TEXT. \long\def\inlinefmtifelse#1{\doinlinefmtifelse #1,,,\finish} @@ -3323,7 +3383,7 @@ end % *right* brace they would have to use a command anyway, so they may as % well use a command to get a left brace too. We could re-use the % delimiter character idea from \verb, but it seems like overkill. -% +% \long\def\inlineraw{\tex \doinlineraw} \long\def\doinlineraw#1{\doinlinerawtwo #1,\finish} \def\doinlinerawtwo#1,#2,\finish{% @@ -3500,7 +3560,7 @@ end % @pounds{} is a sterling sign, which Knuth put in the CM italic font. % -\def\pounds{{\it\$}} +\def\pounds{\ifmonospace{\ecfont\char"BF}\else{\it\$}\fi} % @euro{} comes from a separate font, depending on the current style. % We use the free feym* fonts from the eurosym package by Henrik @@ -3600,7 +3660,7 @@ end % for non-CM glyphs. That is ec* for regular text and tc* for the text % companion symbols (LaTeX TS1 encoding). Both are part of the ec % package and follow the same conventions. -% +% \def\ecfont{\etcfont{e}} \def\tcfont{\etcfont{t}} % @@ -3649,11 +3709,19 @@ end \fi % Quotes. -\chardef\quotedblleft="5C -\chardef\quotedblright=`\" \chardef\quoteleft=`\` \chardef\quoteright=`\' +% only change font for tt for correct kerning and to avoid using +% \ecfont unless necessary. +\def\quotedblleft{% + \ifmonospace{\ecfont\char"10}\else{\char"5C}\fi +} + +\def\quotedblright{% + \ifmonospace{\ecfont\char"11}\else{\char`\"}\fi +} + \message{page headings,} @@ -3672,7 +3740,7 @@ end after the title page.}}% \def\setshortcontentsaftertitlepage{% \errmessage{@setshortcontentsaftertitlepage has been removed as a Texinfo - command; move your @shortcontents and @contents commands if you + command; move your @shortcontents and @contents commands if you want the contents after the title page.}}% \parseargdef\shorttitlepage{% @@ -3727,7 +3795,7 @@ end % don't worry much about spacing, ragged right. This should be used % inside a \vbox, and fonts need to be set appropriately first. \par should % be specified before the end of the \vbox, since a vbox is a group. -% +% \def\raggedtitlesettings{% \rm \hyphenpenalty=10000 @@ -3775,12 +3843,19 @@ end \newtoks\evenheadline % headline on even pages \newtoks\oddheadline % headline on odd pages +\newtoks\evenchapheadline% headline on even pages with a new chapter +\newtoks\oddchapheadline % headline on odd pages with a new chapter \newtoks\evenfootline % footline on even pages \newtoks\oddfootline % footline on odd pages % Now make \makeheadline and \makefootline in Plain TeX use those variables -\headline={{\textfonts\rm \ifodd\pageno \the\oddheadline - \else \the\evenheadline \fi}} +\headline={{\textfonts\rm + \ifchapterpage + \ifodd\pageno\the\oddchapheadline\else\the\evenchapheadline\fi + \else + \ifodd\pageno\the\oddheadline\else\the\evenheadline\fi + \fi}} + \footline={{\textfonts\rm \ifodd\pageno \the\oddfootline \else \the\evenfootline \fi}\HEADINGShook} \let\HEADINGShook=\relax @@ -3796,12 +3871,14 @@ end \def\evenheading{\parsearg\evenheadingxxx} \def\evenheadingxxx #1{\evenheadingyyy #1\|\|\|\|\finish} \def\evenheadingyyy #1\|#2\|#3\|#4\finish{% -\global\evenheadline={\rlap{\centerline{#2}}\line{#1\hfil#3}}} + \global\evenheadline={\rlap{\centerline{#2}}\line{#1\hfil#3}} + \global\evenchapheadline=\evenheadline} \def\oddheading{\parsearg\oddheadingxxx} \def\oddheadingxxx #1{\oddheadingyyy #1\|\|\|\|\finish} \def\oddheadingyyy #1\|#2\|#3\|#4\finish{% -\global\oddheadline={\rlap{\centerline{#2}}\line{#1\hfil#3}}} + \global\oddheadline={\rlap{\centerline{#2}}\line{#1\hfil#3}}% + \global\oddchapheadline=\oddheadline} \parseargdef\everyheading{\oddheadingxxx{#1}\evenheadingxxx{#1}}% @@ -3868,37 +3945,34 @@ end \parseargdef\headings{\csname HEADINGS#1\endcsname} \def\headingsoff{% non-global headings elimination - \evenheadline={\hfil}\evenfootline={\hfil}% - \oddheadline={\hfil}\oddfootline={\hfil}% + \evenheadline={\hfil}\evenfootline={\hfil}\evenchapheadline={\hfil}% + \oddheadline={\hfil}\oddfootline={\hfil}\oddchapheadline={\hfil}% } \def\HEADINGSoff{{\globaldefs=1 \headingsoff}} % global setting \HEADINGSoff % it's the default % When we turn headings on, set the page number to 1. +\def\pageone{ + \global\pageno=1 + \global\arabiccount = \pagecount +} + % For double-sided printing, put current file name in lower left corner, % chapter name on inside top of right hand pages, document % title on inside top of left hand pages, and page numbers on outside top % edge of all pages. \def\HEADINGSdouble{% -\global\pageno=1 -\global\evenfootline={\hfil} -\global\oddfootline={\hfil} -\global\evenheadline={\line{\folio\hfil\thistitle}} -\global\oddheadline={\line{\thischapterheading\hfil\folio}} -\global\let\contentsalignmacro = \chapoddpage +\pageone +\HEADINGSdoublex } \let\contentsalignmacro = \chappager % For single-sided printing, chapter title goes across top left of page, % page number on top right. \def\HEADINGSsingle{% -\global\pageno=1 -\global\evenfootline={\hfil} -\global\oddfootline={\hfil} -\global\evenheadline={\line{\thischapterheading\hfil\folio}} -\global\oddheadline={\line{\thischapterheading\hfil\folio}} -\global\let\contentsalignmacro = \chappager +\pageone +\HEADINGSsinglex } \def\HEADINGSon{\HEADINGSdouble} @@ -3908,7 +3982,9 @@ end \global\evenfootline={\hfil} \global\oddfootline={\hfil} \global\evenheadline={\line{\folio\hfil\thistitle}} -\global\oddheadline={\line{\thischapterheading\hfil\folio}} +\global\oddheadline={\line{\thischapter\hfil\folio}} +\global\evenchapheadline={\line{\folio\hfil}} +\global\oddchapheadline={\line{\hfil\folio}} \global\let\contentsalignmacro = \chapoddpage } @@ -3916,8 +3992,22 @@ end \def\HEADINGSsinglex{% \global\evenfootline={\hfil} \global\oddfootline={\hfil} -\global\evenheadline={\line{\thischapterheading\hfil\folio}} -\global\oddheadline={\line{\thischapterheading\hfil\folio}} +\global\evenheadline={\line{\thischapter\hfil\folio}} +\global\oddheadline={\line{\thischapter\hfil\folio}} +\global\evenchapheadline={\line{\hfil\folio}} +\global\oddchapheadline={\line{\hfil\folio}} +\global\let\contentsalignmacro = \chappager +} + +% for @setchapternewpage off +\def\HEADINGSsinglechapoff{% +\pageone +\global\evenfootline={\hfil} +\global\oddfootline={\hfil} +\global\evenheadline={\line{\thischapter\hfil\folio}} +\global\oddheadline={\line{\thischapter\hfil\folio}} +\global\evenchapheadline=\evenheadline +\global\oddchapheadline=\oddheadline \global\let\contentsalignmacro = \chappager } @@ -4350,7 +4440,7 @@ end } % multitable-only commands. -% +% % @headitem starts a heading row, which we typeset in bold. Assignments % have to be global since we are inside the implicit group of an % alignment entry. \everycr below resets \everytab so we don't have to @@ -4669,13 +4759,13 @@ end % Like \expandablevalue, but completely expandable (the \message in the % definition above operates at the execution level of TeX). Used when % writing to auxiliary files, due to the expansion that \write does. -% If flag is undefined, pass through an unexpanded @value command: maybe it +% If flag is undefined, pass through an unexpanded @value command: maybe it % will be set by the time it is read back in. % % NB flag names containing - or _ may not work here. \def\dummyvalue#1{% \expandafter\ifx\csname SET#1\endcsname\relax - \noexpand\value{#1}% + \string\value{#1}% \else \csname SET#1\endcsname \fi @@ -4693,7 +4783,7 @@ end % @ifset VAR ... @end ifset reads the `...' iff VAR has been defined % with @set. -% +% % To get the special treatment we need for `@end ifset,' we call % \makecond and then redefine. % @@ -4726,7 +4816,7 @@ end % without the @) is in fact defined. We can only feasibly check at the % TeX level, so something like `mathcode' is going to considered % defined even though it is not a Texinfo command. -% +% \makecond{ifcommanddefined} \def\ifcommanddefined{\parsearg{\doifcmddefined{\let\next=\ifcmddefinedfail}}} % @@ -4834,8 +4924,8 @@ end \def\docodeindex#1{\edef\indexname{#1}\parsearg\docodeindexxxx} \def\docodeindexxxx #1{\doind{\indexname}{\code{#1}}} - -% Used for the aux, toc and index files to prevent expansion of Texinfo + +% Used for the aux, toc and index files to prevent expansion of Texinfo % commands. % \def\atdummies{% @@ -4843,6 +4933,7 @@ end \definedummyletter\ % \definedummyletter\{% \definedummyletter\}% + \definedummyletter\&% % % Do the redefinitions. \definedummies @@ -4913,6 +5004,7 @@ end \definedummyword\TeX % % Assorted special characters. + \definedummyword\ampchar \definedummyword\atchar \definedummyword\arrow \definedummyword\backslashchar @@ -4952,6 +5044,8 @@ end \definedummyword\sup \definedummyword\textdegree % + \definedummyword\subentry + % % We want to disable all macros so that they are not expanded by \write. \macrolist \let\value\dummyvalue @@ -5104,64 +5198,66 @@ end \let\lbracechar\{% \let\rbracechar\}% % + % + \let\do\indexnofontsdef + % % Non-English letters. - \def\AA{AA}% - \def\AE{AE}% - \def\DH{DZZ}% - \def\L{L}% - \def\OE{OE}% - \def\O{O}% - \def\TH{TH}% - \def\aa{aa}% - \def\ae{ae}% - \def\dh{dzz}% - \def\exclamdown{!}% - \def\l{l}% - \def\oe{oe}% - \def\ordf{a}% - \def\ordm{o}% - \def\o{o}% - \def\questiondown{?}% - \def\ss{ss}% - \def\th{th}% - % - \def\LaTeX{LaTeX}% - \def\TeX{TeX}% - % - % Assorted special characters. \defglyph gives the control sequence a - % definition that removes the {} that follows its use. - \defglyph\atchar{@}% - \defglyph\arrow{->}% - \defglyph\bullet{bullet}% - \defglyph\comma{,}% - \defglyph\copyright{copyright}% - \defglyph\dots{...}% - \defglyph\enddots{...}% - \defglyph\equiv{==}% - \defglyph\error{error}% - \defglyph\euro{euro}% - \defglyph\expansion{==>}% - \defglyph\geq{>=}% - \defglyph\guillemetleft{<<}% - \defglyph\guillemetright{>>}% - \defglyph\guilsinglleft{<}% - \defglyph\guilsinglright{>}% - \defglyph\leq{<=}% - \defglyph\lbracechar{\{}% - \defglyph\minus{-}% - \defglyph\point{.}% - \defglyph\pounds{pounds}% - \defglyph\print{-|}% - \defglyph\quotedblbase{"}% - \defglyph\quotedblleft{"}% - \defglyph\quotedblright{"}% - \defglyph\quoteleft{`}% - \defglyph\quoteright{'}% - \defglyph\quotesinglbase{,}% - \defglyph\rbracechar{\}}% - \defglyph\registeredsymbol{R}% - \defglyph\result{=>}% - \defglyph\textdegree{o}% + \do\AA{AA}% + \do\AE{AE}% + \do\DH{DZZ}% + \do\L{L}% + \do\OE{OE}% + \do\O{O}% + \do\TH{TH}% + \do\aa{aa}% + \do\ae{ae}% + \do\dh{dzz}% + \do\exclamdown{!}% + \do\l{l}% + \do\oe{oe}% + \do\ordf{a}% + \do\ordm{o}% + \do\o{o}% + \do\questiondown{?}% + \do\ss{ss}% + \do\th{th}% + % + \do\LaTeX{LaTeX}% + \do\TeX{TeX}% + % + % Assorted special characters. + \do\atchar{@}% + \do\arrow{->}% + \do\bullet{bullet}% + \do\comma{,}% + \do\copyright{copyright}% + \do\dots{...}% + \do\enddots{...}% + \do\equiv{==}% + \do\error{error}% + \do\euro{euro}% + \do\expansion{==>}% + \do\geq{>=}% + \do\guillemetleft{<<}% + \do\guillemetright{>>}% + \do\guilsinglleft{<}% + \do\guilsinglright{>}% + \do\leq{<=}% + \do\lbracechar{\{}% + \do\minus{-}% + \do\point{.}% + \do\pounds{pounds}% + \do\print{-|}% + \do\quotedblbase{"}% + \do\quotedblleft{"}% + \do\quotedblright{"}% + \do\quoteleft{`}% + \do\quoteright{'}% + \do\quotesinglbase{,}% + \do\rbracechar{\}}% + \do\registeredsymbol{R}% + \do\result{=>}% + \do\textdegree{o}% % % We need to get rid of all macros, leaving only the arguments (if present). % Of course this is not nearly correct, but it is the best we can do for now. @@ -5176,9 +5272,12 @@ end \macrolist \let\value\indexnofontsvalue } -\def\defglyph#1#2{\def#1##1{#2}} % see above - +% Give the control sequence a definition that removes the {} that follows +% its use, e.g. @AA{} -> AA +\def\indexnofontsdef#1#2{\def#1##1{#2}}% + + % #1 is the index name, #2 is the entry text. @@ -5205,7 +5304,7 @@ end \ifx\suffix\indexisfl\def\suffix{f1}\fi % Open the file \immediate\openout\csname#1indfile\endcsname \jobname.\suffix - % Using \immediate above here prevents an object entering into the current + % Using \immediate above here prevents an object entering into the current % box, which could confound checks such as those in \safewhatsit for % preceding skips. \typeout{Writing index file \jobname.\suffix}% @@ -5224,10 +5323,10 @@ end } \def\indexwriteseealso#1{ - \gdef\pagenumbertext{@seealso{#1}}% + \gdef\pagenumbertext{\string\seealso{#1}}% } \def\indexwriteseeentry#1{ - \gdef\pagenumbertext{@seeentry{#1}}% + \gdef\pagenumbertext{\string\seeentry{#1}}% } % The default definitions @@ -5257,7 +5356,7 @@ end \ifx\segment\isfinish \else % - % Fully expand the segment, throwing away any @sortas directives, and + % Fully expand the segment, throwing away any @sortas directives, and % trim spaces. \edef\trimmed{\segment}% \edef\trimmed{\expandafter\eatspaces\expandafter{\trimmed}}% @@ -5315,6 +5414,15 @@ end % the current value of \escapechar. \def\escapeisbackslash{\escapechar=`\\} +% Use \ in index files by default. texi2dvi didn't support @ as the escape +% character (as it checked for "\entry" in the files, and not "@entry"). When +% the new version of texi2dvi has had a chance to become more prevalent, then +% the escape character can change back to @ again. This should be an easy +% change to make now because both @ and \ are only used as escape characters in +% index files, never standing for themselves. +% +\set txiindexescapeisbackslash + % Write the entry in \indextext to the index file. % \def\doindwrite{% @@ -5331,7 +5439,7 @@ end \def\}{\rbracechar{}}% \uccode`\~=`\\ \uppercase{\def~{\backslashchar{}}}% % - % Split the entry into primary entry and any subentries, and get the index + % Split the entry into primary entry and any subentries, and get the index % sort key. \splitindexentry\indextext % @@ -5512,18 +5620,18 @@ end \uccode`\~=`\\ \uppercase{\if\noexpand~}\noexpand#1 \expandafter\ifx\csname SETtxiskipindexfileswithbackslash\endcsname\relax \errmessage{% -ERROR: A sorted index file in an obsolete format was skipped. +ERROR: A sorted index file in an obsolete format was skipped. To fix this problem, please upgrade your version of 'texi2dvi' or 'texi2pdf' to that at . -If you are using an old version of 'texindex' (part of the Texinfo +If you are using an old version of 'texindex' (part of the Texinfo distribution), you may also need to upgrade to a newer version (at least 6.0). You may be able to typeset the index if you run 'texindex \jobname.\indexname' yourself. -You could also try setting the 'txiindexescapeisbackslash' flag by +You could also try setting the 'txiindexescapeisbackslash' flag by running a command like -'texi2dvi -t "@set txiindexescapeisbackslash" \jobname.texi'. If you do +'texi2dvi -t "@set txiindexescapeisbackslash" \jobname.texi'. If you do this, Texinfo will try to use index files in the old format. -If you continue to have problems, deleting the index files and starting again +If you continue to have problems, deleting the index files and starting again might help (with 'rm \jobname.?? \jobname.??s')% }% \else @@ -5535,7 +5643,6 @@ might help (with 'rm \jobname.?? \jobname.??s')% \enddoublecolumns \fi \else - \message{trying to print index \indexname}% \begindoublecolumns \catcode`\\=0\relax \catcode`\@=12\relax @@ -5593,7 +5700,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % bottom of a column to reduce an increase in inter-line spacing. \nobreak \vskip 0pt plus 5\baselineskip - \penalty -300 + \penalty -300 \vskip 0pt plus -5\baselineskip % % Typeset the initial. Making this add up to a whole number of @@ -5709,7 +5816,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \advance\dimen@ii by 1\dimen@i \ifdim\wd\boxA > \dimen@ii % If the entry doesn't fit in one line \ifdim\dimen@ > 0.8\dimen@ii % due to long index text - % Try to split the text roughly evenly. \dimen@ will be the length of + % Try to split the text roughly evenly. \dimen@ will be the length of % the first line. \dimen@ = 0.7\dimen@ \dimen@ii = \hsize @@ -5856,7 +5963,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% } -% Finished with with double columns. +% Finished with double columns. \def\enddoublecolumns{% % The following penalty ensures that the page builder is exercised % _before_ we change the output routine. This is necessary in the @@ -5917,7 +6024,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \newbox\balancedcolumns \setbox\balancedcolumns=\vbox{shouldnt see this}% % -% Only called for the last of the double column material. \doublecolumnout +% Only called for the last of the double column material. \doublecolumnout % does the others. \def\balancecolumns{% \setbox0 = \vbox{\unvbox\PAGE}% like \box255 but more efficient, see p.120. @@ -5945,7 +6052,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% }% % Now the left column is in box 1, and the right column in box 3. % - % Check whether the left column has come out higher than the page itself. + % Check whether the left column has come out higher than the page itself. % (Note that we have doubled \vsize for the double columns, so % the actual height of the page is 0.5\vsize). \ifdim2\ht1>\vsize @@ -6242,7 +6349,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \let\top\unnumbered % Sections. -% +% \outer\parseargdef\numberedsec{\numhead1{#1}} % normally calls seczzz \def\seczzz#1{% \global\subsecno=0 \global\subsubsecno=0 \global\advance\secno by 1 @@ -6265,7 +6372,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% } % Subsections. -% +% % normally calls numberedsubseczzz: \outer\parseargdef\numberedsubsec{\numhead2{#1}} \def\numberedsubseczzz#1{% @@ -6290,7 +6397,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% } % Subsubsections. -% +% % normally numberedsubsubseczzz: \outer\parseargdef\numberedsubsubsec{\numhead3{#1}} \def\numberedsubsubseczzz#1{% @@ -6380,18 +6487,16 @@ might help (with 'rm \jobname.?? \jobname.??s')% \def\CHAPPAGoff{% \global\let\contentsalignmacro = \chappager \global\let\pchapsepmacro=\chapbreak -\global\let\pagealignmacro=\chappager} +\global\def\HEADINGSon{\HEADINGSsinglechapoff}} \def\CHAPPAGon{% \global\let\contentsalignmacro = \chappager \global\let\pchapsepmacro=\chappager -\global\let\pagealignmacro=\chappager \global\def\HEADINGSon{\HEADINGSsingle}} \def\CHAPPAGodd{% \global\let\contentsalignmacro = \chapoddpage \global\let\pchapsepmacro=\chapoddpage -\global\let\pagealignmacro=\chapoddpage \global\def\HEADINGSon{\HEADINGSdouble}} \CHAPPAGon @@ -6756,9 +6861,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % \def\startcontents#1{% % If @setchapternewpage on, and @headings double, the contents should - % start on an odd page, unlike chapters. Thus, we maintain - % \contentsalignmacro in parallel with \pagealignmacro. - % From: Torbjorn Granlund + % start on an odd page, unlike chapters. \contentsalignmacro \immediate\closeout\tocfile % @@ -6773,6 +6876,9 @@ might help (with 'rm \jobname.?? \jobname.??s')% % % Roman numerals for page numbers. \ifnum \pageno>0 \global\pageno = \lastnegativepageno \fi + \def\thistitle{}% no title in double-sided headings + % Record where the Roman numerals started. + \ifnum\romancount=0 \global\romancount=\pagecount \fi } % redefined for the two-volume lispref. We always output on @@ -6795,8 +6901,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \fi \closein 1 \endgroup - \lastnegativepageno = \pageno - \global\pageno = \savepageno + \contentsendroman } % And just the chapters. @@ -6831,10 +6936,20 @@ might help (with 'rm \jobname.?? \jobname.??s')% \vfill \eject \contentsalignmacro % in case @setchapternewpage odd is in effect \endgroup + \contentsendroman +} +\let\shortcontents = \summarycontents + +% Get ready to use Arabic numerals again +\def\contentsendroman{% \lastnegativepageno = \pageno \global\pageno = \savepageno + % + % If \romancount > \arabiccount, the contents are at the end of the + % document. Otherwise, advance where the Arabic numerals start for + % the page numbers. + \ifnum\romancount>\arabiccount\else\global\arabiccount=\pagecount\fi } -\let\shortcontents = \summarycontents % Typeset the label for a chapter or appendix for the short contents. % The arg is, e.g., `A' for an appendix, or `3' for a chapter. @@ -7348,7 +7463,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % @indentedblock is like @quotation, but indents only on the left and % has no optional argument. -% +% \makedispenvdef{indentedblock}{\indentedblockstart} % \def\indentedblockstart{% @@ -7423,13 +7538,9 @@ might help (with 'rm \jobname.?? \jobname.??s')% \newdimen\tabw \setbox0=\hbox{\tt\space} \tabw=8\wd0 % tab amount % % We typeset each line of the verbatim in an \hbox, so we can handle -% tabs. The \global is in case the verbatim line starts with an accent, -% or some other command that starts with a begin-group. Otherwise, the -% entire \verbbox would disappear at the corresponding end-group, before -% it is typeset. Meanwhile, we can't have nested verbatim commands -% (can we?), so the \global won't be overwriting itself. +% tabs. \newbox\verbbox -\def\starttabbox{\global\setbox\verbbox=\hbox\bgroup} +\def\starttabbox{\setbox\verbbox=\hbox\bgroup} % \begingroup \catcode`\^^I=\active @@ -7440,7 +7551,8 @@ might help (with 'rm \jobname.?? \jobname.??s')% \divide\dimen\verbbox by\tabw \multiply\dimen\verbbox by\tabw % compute previous multiple of \tabw \advance\dimen\verbbox by\tabw % advance to next multiple of \tabw - \wd\verbbox=\dimen\verbbox \box\verbbox \starttabbox + \wd\verbbox=\dimen\verbbox + \leavevmode\box\verbbox \starttabbox }% } \endgroup @@ -7450,9 +7562,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \let\nonarrowing = t% \nonfillstart \tt % easiest (and conventionally used) font for verbatim - % The \leavevmode here is for blank lines. Otherwise, we would - % never \starttabbox and the \egroup would end verbatim mode. - \def\par{\leavevmode\egroup\box\verbbox\endgraf}% + \def\par{\egroup\box\verbbox\endgraf\starttabbox}% \tabexpand \setupmarkupstyle{verbatim}% % Respect line breaks, @@ -7460,7 +7570,6 @@ might help (with 'rm \jobname.?? \jobname.??s')% % make each space count. % Must do in this order: \obeylines \uncatcodespecials \sepspaces - \everypar{\starttabbox}% } % Do the @verb magic: verbatim text is quoted by unique @@ -7495,9 +7604,12 @@ might help (with 'rm \jobname.?? \jobname.??s')% % ignore everything up to the first ^^M, that's the newline at the end % of the @verbatim input line itself. Otherwise we get an extra blank % line in the output. - \xdef\doverbatim#1^^M#2@end verbatim{#2\noexpand\end\gobble verbatim}% + \xdef\doverbatim#1^^M#2@end verbatim{% + \starttabbox#2\egroup\noexpand\end\gobble verbatim}% % We really want {...\end verbatim} in the body of the macro, but % without the active space; thus we have to use \xdef and \gobble. + % The \egroup ends the \verbbox started at the end of the last line in + % the block. \endgroup % \envdef\verbatim{% @@ -7519,7 +7631,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \wlog{texinfo.tex: doing @verbatiminclude of #1^^J}% \edef\tmp{\noexpand\input #1 } \expandafter - }\tmp + }\expandafter\starttabbox\tmp\egroup \afterenvbreak }% } @@ -7648,7 +7760,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % @deftypefnnewline on|off says whether the return type of typed functions % are printed on their own line. This affects @deftypefn, @deftypefun, % @deftypeop, and @deftypemethod. -% +% \parseargdef\deftypefnnewline{% \def\temp{#1}% \ifx\temp\onword @@ -7667,8 +7779,8 @@ might help (with 'rm \jobname.?? \jobname.??s')% % \dosubind {index}{topic}{subtopic} % % If SUBTOPIC is present, precede it with a space, and call \doind. -% (At some time during the 20th century, this made a two-level entry in an -% index such as the operation index. Nobody seemed to notice the change in +% (At some time during the 20th century, this made a two-level entry in an +% index such as the operation index. Nobody seemed to notice the change in % behaviour though.) \def\dosubind#1#2#3{% \def\thirdarg{#3}% @@ -7843,7 +7955,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \tclose{\temp}% typeset the return type \ifrettypeownline % put return type on its own line; prohibit line break following: - \hfil\vadjust{\nobreak}\break + \hfil\vadjust{\nobreak}\break \else \space % type on same line, so just followed by a space \fi @@ -7990,7 +8102,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \scantokens{#1@comment}% % % The \comment is to remove the \newlinechar added by \scantokens, and - % can be noticed by \parsearg. Note \c isn't used because this means cedilla + % can be noticed by \parsearg. Note \c isn't used because this means cedilla % in math mode. } @@ -8191,7 +8303,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % list to some hook where the argument is to be expanded. If there are % less than 10 arguments that hook is to be replaced by ##N where N % is the position in that list, that is to say the macro arguments are to be -% defined `a la TeX in the macro body. +% defined `a la TeX in the macro body. % % That gets used by \mbodybackslash (above). % @@ -8222,8 +8334,8 @@ might help (with 'rm \jobname.?? \jobname.??s')% % % Read recursive and nonrecursive macro bodies. (They're different since % rec and nonrec macros end differently.) -% -% We are in \macrobodyctxt, and the \xdef causes backslashshes in the macro +% +% We are in \macrobodyctxt, and the \xdef causes backslashshes in the macro % body to be transformed. % Set \macrobody to the body of the macro, and call \defmacro. % @@ -8257,7 +8369,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % twice the \macarg.BLAH macros does not cost too much processing power. \def\parsemmanyargdef@@#1,{% \if#1;\let\next=\relax - \else + \else \let\next=\parsemmanyargdef@@ \edef\tempb{\eatspaces{#1}}% \expandafter\def\expandafter\tempa @@ -8342,7 +8454,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % Replace arguments by their values in the macro body, and place the result % in macro \@tempa. -% +% \def\macvalstoargs@{% % To do this we use the property that token registers that are \the'ed % within an \edef expand only once. So we are going to place all argument @@ -8366,9 +8478,9 @@ might help (with 'rm \jobname.?? \jobname.??s')% \expandafter\def\expandafter\@tempa\expandafter{\@tempc}% } -% Define the named-macro outside of this group and then close this group. -% -\def\macargexpandinbody@{% +% Define the named-macro outside of this group and then close this group. +% +\def\macargexpandinbody@{% \expandafter \endgroup \macargdeflist@ @@ -8406,7 +8518,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% } % Trailing missing arguments are set to empty. -% +% \def\setemptyargvalues@{% \ifx\paramlist\nilm@ \let\next\macargexpandinbody@ @@ -8483,7 +8595,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \else % at most 9 \ifnum\paramno<10\relax % @MACNAME sets the context for reading the macro argument - % @MACNAME@@ gets the argument, processes backslashes and appends a + % @MACNAME@@ gets the argument, processes backslashes and appends a % comma. % @MACNAME@@@ removes braces surrounding the argument list. % @MACNAME@@@@ scans the macro body with arguments substituted. @@ -8527,11 +8639,11 @@ might help (with 'rm \jobname.?? \jobname.??s')% % Call #1 with a list of tokens #2, with any doubled backslashes in #2 % compressed to one. % -% This implementation works by expansion, and not execution (so we cannot use -% \def or similar). This reduces the risk of this failing in contexts where -% complete expansion is done with no execution (for example, in writing out to +% This implementation works by expansion, and not execution (so we cannot use +% \def or similar). This reduces the risk of this failing in contexts where +% complete expansion is done with no execution (for example, in writing out to % an auxiliary file for an index entry). -% +% % State is kept in the input stream: the argument passed to % @look_ahead, @gobble_and_check_finish and @add_segment is % @@ -8553,11 +8665,11 @@ might help (with 'rm \jobname.?? \jobname.??s')% % #3 - NEXT_TOKEN % #4 used to look ahead % -% If the next token is not a backslash, process the rest of the argument; +% If the next token is not a backslash, process the rest of the argument; % otherwise, remove the next token. @gdef@look_ahead#1!#2#3#4{% @ifx#4\% - @expandafter@gobble_and_check_finish + @expandafter@gobble_and_check_finish @else @expandafter@add_segment @fi#1!{#2}#4#4% @@ -8581,9 +8693,9 @@ might help (with 'rm \jobname.?? \jobname.??s')% % #3 - NEXT_TOKEN % #4 is input stream until next backslash % -% Input stream is either at the start of the argument, or just after a -% backslash sequence, either a lone backslash, or a doubled backslash. -% NEXT_TOKEN contains the first token in the input stream: if it is \finish, +% Input stream is either at the start of the argument, or just after a +% backslash sequence, either a lone backslash, or a doubled backslash. +% NEXT_TOKEN contains the first token in the input stream: if it is \finish, % finish; otherwise, append to ARG_RESULT the segment of the argument up until % the next backslash. PENDING_BACKSLASH contains a backslash to represent % a backslash just before the start of the input stream that has not been @@ -8595,13 +8707,13 @@ might help (with 'rm \jobname.?? \jobname.??s')% % append the pending backslash to the result, followed by the next segment @expandafter@is_fi@look_ahead#1#2#4!{\}@fi % this @fi is discarded by @look_ahead. - % we can't get rid of it with \expandafter because we don't know how + % we can't get rid of it with \expandafter because we don't know how % long #4 is. } % #1 - THE_MACRO % #2 - ARG_RESULT -% #3 discards the res of the conditional in @add_segment, and @is_fi ends the +% #3 discards the res of the conditional in @add_segment, and @is_fi ends the % conditional. @gdef@call_the_macro#1#2!#3@fi{@is_fi #1{#2}} @@ -8613,7 +8725,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % for reading the argument (slightly different in the two cases). Then, % to read the argument, in the whole-line case, it then calls the regular % \parsearg MAC; in the lbrace case, it calls \passargtomacro MAC. -% +% \def\braceorline#1{\let\macnamexxx=#1\futurelet\nchar\braceorlinexxx} \def\braceorlinexxx{% \ifx\nchar\bgroup @@ -8667,7 +8779,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % Used so that the @top node doesn't have to be wrapped in an @ifnottex % conditional. -% \doignore goes to more effort to skip nested conditionals but we don't need +% \doignore goes to more effort to skip nested conditionals but we don't need % that here. \def\omittopnode{% \ifx\lastnode\wordTop @@ -8675,7 +8787,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% } \def\wordTop{Top} -% Until the next @node or @bye command, divert output to a box that is not +% Until the next @node or @bye command, divert output to a box that is not % output. \def\ignorenode{\setbox\dummybox\vbox\bgroup\def\node{\egroup\node}% \ignorenodebye @@ -8742,7 +8854,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % automatically in xrefs, if the third arg is not explicitly specified. % This was provided as a "secret" @set xref-automatic-section-title % variable, now it's official. -% +% \parseargdef\xrefautomaticsectiontitle{% \def\temp{#1}% \ifx\temp\onword @@ -8758,7 +8870,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% \fi\fi } -% +% % @xref, @pxref, and @ref generate cross-references. For \xrefX, #1 is % the node name, #2 the name of the Info cross-reference, #3 the printed % node name, #4 the name of the Info file, #5 the name of the printed @@ -8911,40 +9023,34 @@ might help (with 'rm \jobname.?? \jobname.??s')% \fi \else % node/anchor (non-float) references. - % + % % If we use \unhbox to print the node names, TeX does not insert % empty discretionaries after hyphens, which means that it will not % find a line break at a hyphen in a node names. Since some manuals % are best written with fairly long node names, containing hyphens, % this is a loss. Therefore, we give the text of the node name % again, so it is as if TeX is seeing it for the first time. - % + % \ifdim \wd\printedmanualbox > 0pt % Cross-manual reference with a printed manual name. - % + % \crossmanualxref{\cite{\printedmanual\unskip}}% % \else\ifdim \wd\infofilenamebox > 0pt % Cross-manual reference with only an info filename (arg 4), no % printed manual name (arg 5). This is essentially the same as % the case above; we output the filename, since we have nothing else. - % + % \crossmanualxref{\code{\infofilename\unskip}}% % \else % Reference within this manual. % - % _ (for example) has to be the character _ for the purposes of the - % control sequence corresponding to the node, but it has to expand - % into the usual \leavevmode...\vrule stuff for purposes of - % printing. So we \turnoffactive for the \refx-snt, back on for the - % printing, back off for the \refx-pg. - {\turnoffactive - % Only output a following space if the -snt ref is nonempty; for - % @unnumbered and @anchor, it won't be. - \setbox2 = \hbox{\ignorespaces \refx{#1-snt}{}}% - \ifdim \wd2 > 0pt \refx{#1-snt}\space\fi - }% + % Only output a following space if the -snt ref is nonempty; for + % @unnumbered and @anchor, it won't be. + \setbox2 = \hbox{\ignorespaces \refx{#1-snt}{}}% + \ifdim \wd2 > 0pt \refx{#1-snt}\space\fi + % % output the `[mynode]' via the macro below so it can be overridden. \xrefprintnodename\printedrefname % @@ -8968,20 +9074,20 @@ might help (with 'rm \jobname.?? \jobname.??s')% \endgroup} % Output a cross-manual xref to #1. Used just above (twice). -% +% % Only include the text "Section ``foo'' in" if the foo is neither % missing or Top. Thus, @xref{,,,foo,The Foo Manual} outputs simply % "see The Foo Manual", the idea being to refer to the whole manual. -% +% % But, this being TeX, we can't easily compare our node name against the % string "Top" while ignoring the possible spaces before and after in % the input. By adding the arbitrary 7sp below, we make it much less % likely that a real node name would have the same width as "Top" (e.g., % in a monospaced font). Hopefully it will never happen in practice. -% +% % For the same basic reason, we retypeset the "Top" at every % reference, since the current font is indeterminate. -% +% \def\crossmanualxref#1{% \setbox\toprefbox = \hbox{Top\kern7sp}% \setbox2 = \hbox{\ignorespaces \printedrefname \unskip \kern7sp}% @@ -9028,13 +9134,13 @@ might help (with 'rm \jobname.?? \jobname.??s')% \fi\fi\fi } -% \refx{NAME}{SUFFIX} - reference a cross-reference string named NAME. SUFFIX +% \refx{NAME}{SUFFIX} - reference a cross-reference string named NAME. SUFFIX % is output afterwards if non-empty. \def\refx#1#2{% \requireauxfile {% \indexnofonts - \otherbackslash + \turnoffactive \def\value##1{##1}% \expandafter\global\expandafter\let\expandafter\thisrefX \csname XR#1\endcsname @@ -9060,9 +9166,9 @@ might help (with 'rm \jobname.?? \jobname.??s')% #2% Output the suffix in any case. } -% This is the macro invoked by entries in the aux file. Define a control -% sequence for a cross-reference target (we prepend XR to the control sequence -% name to avoid collisions). The value is the page number. If this is a float +% This is the macro invoked by entries in the aux file. Define a control +% sequence for a cross-reference target (we prepend XR to the control sequence +% name to avoid collisions). The value is the page number. If this is a float % type, we have more work to do. % \def\xrdef#1#2{% @@ -9078,10 +9184,10 @@ might help (with 'rm \jobname.?? \jobname.??s')% \bgroup \expandafter\gdef\csname XR\safexrefname\endcsname{#2}% \egroup - % We put the \gdef inside a group to avoid the definitions building up on - % TeX's save stack, which can cause it to run out of space for aux files with + % We put the \gdef inside a group to avoid the definitions building up on + % TeX's save stack, which can cause it to run out of space for aux files with % thousands of lines. \gdef doesn't use the save stack, but \csname does - % when it defines an unknown control sequence as \relax. + % when it defines an unknown control sequence as \relax. % % Was that xref control sequence that we just defined for a float? \expandafter\iffloat\csname XR\safexrefname\endcsname @@ -9440,7 +9546,7 @@ might help (with 'rm \jobname.?? \jobname.??s')% % \ifimagevmode \medskip % space after a standalone image - \fi + \fi \ifx\centersub\centerV \egroup \fi \endgroup} @@ -10271,7 +10377,7 @@ directory should work if nowhere else does.} \uppercase{.} \endgroup \else - \errhelp = \EMsimple + \errhelp = \EMsimple \errmessage{Unicode character U+#1 not supported, sorry}% \fi \else @@ -10304,7 +10410,7 @@ directory should work if nowhere else does.} \countUTFz = "#1\relax \begingroup \parseXMLCharref - + % Give \u8:... its definition. The sequence of seven \expandafter's % expands after the \gdef three times, e.g. % @@ -10316,7 +10422,7 @@ directory should work if nowhere else does.} \expandafter\expandafter \expandafter\expandafter \expandafter\gdef \UTFviiiTmp{#2}% - % + % \expandafter\ifx\csname uni:#1\endcsname \relax \else \message{Internal error, already defined: #1}% \fi @@ -10355,7 +10461,7 @@ directory should work if nowhere else does.} \divide\countUTFz by 64 \countUTFy = \countUTFz % Save to be the future value of \countUTFz. \multiply\countUTFz by 64 - + % \countUTFz is now \countUTFx with the last 5 bits cleared. Subtract % in order to get the last five bits. \advance\countUTFx by -\countUTFz @@ -10390,7 +10496,7 @@ directory should work if nowhere else does.} % U+0080..U+00FF = https://en.wikipedia.org/wiki/Latin-1_Supplement_(Unicode_block) % U+0100..U+017F = https://en.wikipedia.org/wiki/Latin_Extended-A % U+0180..U+024F = https://en.wikipedia.org/wiki/Latin_Extended-B -% +% % Many of our renditions are less than wonderful, and all the missing % characters are available somewhere. Loading the necessary fonts % awaits user request. We can't truly support Unicode without @@ -10691,6 +10797,8 @@ directory should work if nowhere else does.} \DeclareUnicodeCharacter{0233}{\=y}% \DeclareUnicodeCharacter{0237}{\dotless{j}}% % + \DeclareUnicodeCharacter{02BC}{'}% + % \DeclareUnicodeCharacter{02DB}{\ogonek{ }}% % % Greek letters upper case @@ -11428,9 +11536,9 @@ directory should work if nowhere else does.} \def\texinfochars{% \let< = \activeless \let> = \activegtr - \let~ = \activetilde + \let~ = \activetilde \let^ = \activehat - \markupsetuplqdefault \markupsetuprqdefault + \markupsetuplqdefault \markupsetuprqdefault \let\b = \strong \let\i = \smartitalic % in principle, all other definitions in \tex have to be undone too. diff --git a/build-aux/useless-if-before-free b/build-aux/useless-if-before-free index 6d6b8d4..c9a168f 100755 --- a/build-aux/useless-if-before-free +++ b/build-aux/useless-if-before-free @@ -1,32 +1,47 @@ -eval '(exit $?0)' && eval 'exec perl -wST "$0" "$@"' - & eval 'exec perl -wST "$0" $argv:q' - if 0; +#!/bin/sh +#! -*-perl-*- + # Detect instances of "if (p) free (p);". # Likewise "if (p != 0)", "if (0 != p)", or with NULL; and with braces. -my $VERSION = '2018-03-07 03:47'; # UTC -# The definition above must lie within the first 8 lines in order -# for the Emacs time-stamp write hook (at end) to update it. -# If you change this file with Emacs, please let the write hook -# do its job. Otherwise, update this string manually. - -# Copyright (C) 2008-2019 Free Software Foundation, Inc. - +# Copyright (C) 2008-2020 Free Software Foundation, Inc. +# # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. - +# # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. - +# # You should have received a copy of the GNU General Public License # along with this program. If not, see . - +# # Written by Jim Meyering +# This is a prologue that allows to run a perl script as an executable +# on systems that are compliant to a POSIX version before POSIX:2017. +# On such systems, the usual invocation of an executable through execlp() +# or execvp() fails with ENOEXEC if it is a script that does not start +# with a #! line. The script interpreter mentioned in the #! line has +# to be /bin/sh, because on GuixSD systems that is the only program that +# has a fixed file name. The second line is essential for perl and is +# also useful for editing this file in Emacs. The next two lines below +# are valid code in both sh and perl. When executed by sh, they re-execute +# the script through the perl program found in $PATH. The '-x' option +# is essential as well; without it, perl would re-execute the script +# through /bin/sh. When executed by perl, the next two lines are a no-op. +eval 'exec perl -wSx "$0" "$@"' + if 0; + +my $VERSION = '2020-04-04 15:07'; # UTC +# The definition above must lie within the first 8 lines in order +# for the Emacs time-stamp write hook (at end) to update it. +# If you change this file with Emacs, please let the write hook +# do its job. Otherwise, update this string manually. + use strict; use warnings; use Getopt::Long; @@ -203,6 +218,7 @@ EOF ## mode: perl ## indent-tabs-mode: nil ## eval: (add-hook 'before-save-hook 'time-stamp) +## time-stamp-line-limit: 50 ## time-stamp-start: "my $VERSION = '" ## time-stamp-format: "%:y-%02m-%02d %02H:%02M" ## time-stamp-time-zone: "UTC0" diff --git a/build-aux/vc-list-files b/build-aux/vc-list-files index af6b1c0..a8b8d9a 100755 --- a/build-aux/vc-list-files +++ b/build-aux/vc-list-files @@ -4,7 +4,7 @@ # Print a version string. scriptversion=2018-03-07.03; # UTC -# Copyright (C) 2006-2019 Free Software Foundation, Inc. +# Copyright (C) 2006-2020 Free Software Foundation, Inc. # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -25,7 +25,7 @@ scriptversion=2018-03-07.03; # UTC # list the version-controlled files in that directory. # If there's an argument, it must be a single, "."-relative directory name. -# cvsu is part of the cvsutils package: http://www.red-bean.com/cvsutils/ +# cvsu is part of the cvsutils package: https://www.red-bean.com/cvsutils/ postprocess= case $1 in diff --git a/cfg.mk b/cfg.mk index 200f421..3205378 100644 --- a/cfg.mk +++ b/cfg.mk @@ -35,6 +35,7 @@ local-checks-to-skip = sc_GPL_version sc_bindtextdomain \ sc_immutable_NEWS sc_program_name sc_prohibit_atoi_atof \ sc_prohibit_always_true_header_tests \ sc_prohibit_empty_lines_at_EOF sc_prohibit_hash_without_use \ + sc_prohibit_gnu_make_extensions \ sc_prohibit_have_config_h sc_prohibit_magic_number_exit \ sc_prohibit_strcmp sc_require_config_h \ sc_require_config_h_first sc_texinfo_acronym sc_trailing_blank \ @@ -42,20 +43,20 @@ local-checks-to-skip = sc_GPL_version sc_bindtextdomain \ sc_two_space_separator_in_usage VC_LIST_ALWAYS_EXCLUDE_REGEX = ^maint.mk|gtk-doc.make|m4/pkg|doc/fdl-1.3.texi|src/.*\.bak|src/crywrap/|(devel/perlasm/|lib/accelerated/x86/|build-aux/|gl/|src/libopts/|tests/suite/ecore/|doc/protocol/).*$$ -update-copyright-env = UPDATE_COPYRIGHT_USE_INTERVALS=1 # Explicit syntax-check exceptions. -exclude_file_name_regexp--sc_error_message_period = ^src/crywrap/crywrap.c$$ +exclude_file_name_regexp--sc_copyright_check = ^./gnulib/.*$$ exclude_file_name_regexp--sc_error_message_uppercase = ^doc/examples/ex-cxx.cpp|guile/src/core.c|src/certtool.c|src/ocsptool.c|src/crywrap/crywrap.c|tests/pkcs12_encode.c$$ exclude_file_name_regexp--sc_file_system = ^doc/doxygen/Doxyfile exclude_file_name_regexp--sc_prohibit_cvs_keyword = ^lib/nettle/.*$$ exclude_file_name_regexp--sc_prohibit_undesirable_word_seq = ^tests/nist-pkits/gnutls-nist-tests.html$$ -exclude_file_name_regexp--sc_space_tab = ^doc/.*.(pdf|png)|\.crl|\.pdf|\.zip|tests/nist-pkits/|tests/data/|devel/|tests/suite/x509paths/.*|fuzz/.*\.repro|fuzz/.*\.in/.*$$ +exclude_file_name_regexp--sc_space_tab = ^doc/.*.(pdf|png)|\.crl|\.pdf|\.zip|tests/nist-pkits/|tests/data/|tests/system-override-curves.sh|devel/|tests/suite/x509paths/.*|fuzz/.*\.repro|fuzz/.*\.in/.*$$ _makefile_at_at_check_exceptions = ' && !/CODE_COVERAGE_RULES/ && !/VERSION/' exclude_file_name_regexp--sc_m4_quote_check='lib/unistring/m4/absolute-header.m4' exclude_file_name_regexp--sc_makefile_at_at_check='lib/unistring/Makefile.am' exclude_file_name_regexp--sc_prohibit_stddef_without_use='u*-normalize.c' exclude_file_name_regexp--sc_prohibit_strncpy='unistr.in.h' +exclude_file_name_regexp--sc_prohibit_strncpy='lib/inih/ini.c' gl_public_submodule_commit = autoreconf: @@ -76,6 +77,12 @@ glimport: echo "If everything looks well, commit the gnulib update with:" echo " git commit -m "Update gnulib submodule" gnulib" +# Update Copyright year in tools and docs + +update-copyright-year: + $(AM_V_at)$(SED) -i "s/\"2000-[0-9]\{4,\}\"/\"2000-`date +%Y`\"/g" src/args-std.def.in + $(AM_V_at)$(SED) -i "s/ 2001-[0-9]\{4,\} / 2001-`date +%Y` /g" doc/gnutls.texi + # Code Coverage clang: @@ -130,20 +137,25 @@ ASM_SOURCES_XXX := \ lib/accelerated/aarch64/XXX/sha1-armv8.s \ lib/accelerated/aarch64/XXX/sha256-armv8.s \ lib/accelerated/aarch64/XXX/sha512-armv8.s \ - lib/accelerated/x86/XXX/cpuid-x86_64.s \ - lib/accelerated/x86/XXX/cpuid-x86.s \ lib/accelerated/x86/XXX/ghash-x86_64.s \ lib/accelerated/x86/XXX/aesni-x86_64.s \ lib/accelerated/x86/XXX/aesni-x86.s \ lib/accelerated/x86/XXX/sha1-ssse3-x86.s \ lib/accelerated/x86/XXX/sha1-ssse3-x86_64.s \ lib/accelerated/x86/XXX/sha256-ssse3-x86.s \ + lib/accelerated/x86/XXX/sha256-ssse3-x86_64.s \ lib/accelerated/x86/XXX/sha512-ssse3-x86.s \ lib/accelerated/x86/XXX/sha512-ssse3-x86_64.s \ lib/accelerated/x86/XXX/aesni-gcm-x86_64.s \ lib/accelerated/x86/XXX/aes-ssse3-x86.s \ lib/accelerated/x86/XXX/aes-ssse3-x86_64.s +# CRYPTOGAMS' perl-scripts can produce different output if -fPIC +# is passed as option. List the files that seem to need it: +PL_NEEDS_FPIC := aesni-x86.pl aes-ssse3-x86.pl e_padlock-x86.pl \ + ghash-x86.pl sha1-ssse3-x86.pl sha256-ssse3-x86.pl \ + sha512-ssse3-x86.pl + ASM_SOURCES_ELF := $(subst XXX,elf,$(ASM_SOURCES_XXX)) ASM_SOURCES_COFF := $(subst XXX,coff,$(ASM_SOURCES_XXX)) ASM_SOURCES_MACOSX := $(subst XXX,macosx,$(ASM_SOURCES_XXX)) @@ -153,12 +165,12 @@ asm-sources: $(ASM_SOURCES_ELF) $(ASM_SOURCES_COFF) $(ASM_SOURCES_MACOSX) lib/ac asm-sources-clean: rm -f $(ASM_SOURCES_ELF) $(ASM_SOURCES_COFF) $(ASM_SOURCES_MACOSX) lib/accelerated/x86/files.mk -X86_FILES=XXX/aesni-x86.s XXX/cpuid-x86.s XXX/sha1-ssse3-x86.s \ +X86_FILES=XXX/aesni-x86.s XXX/sha1-ssse3-x86.s \ XXX/sha256-ssse3-x86.s XXX/sha512-ssse3-x86.s XXX/aes-ssse3-x86.s -X86_64_FILES=XXX/aesni-x86_64.s XXX/cpuid-x86_64.s XXX/ghash-x86_64.s \ +X86_64_FILES=XXX/aesni-x86_64.s XXX/ghash-x86_64.s \ XXX/sha1-ssse3-x86_64.s XXX/sha512-ssse3-x86_64.s XXX/aes-ssse3-x86_64.s \ - XXX/aesni-gcm-x86_64.s + XXX/aesni-gcm-x86_64.s XXX/sha256-ssse3-x86_64.s X86_PADLOCK_FILES=XXX/e_padlock-x86.s X86_64_PADLOCK_FILES=XXX/e_padlock-x86_64.s @@ -194,33 +206,43 @@ lib/accelerated/x86/files.mk: $(ASM_SOURCES_ELF) # Appro's code lib/accelerated/x86/elf/%.s: devel/perlasm/%.pl .submodule.stamp - cat $<.license > $@ - CC=gcc perl $< elf >> $@ + CC=gcc perl $< elf \ + $(if $(findstring $( $@ && rm -f $@.tmp echo "" >> $@ echo ".section .note.GNU-stack,\"\",%progbits" >> $@ sed -i 's/OPENSSL_ia32cap_P/_gnutls_x86_cpuid_s/g' $@ lib/accelerated/x86/coff/%-x86.s: devel/perlasm/%-x86.pl .submodule.stamp - cat $<.license > $@ - CC=gcc perl $< coff >> $@ + CC=gcc perl $< coff \ + $(if $(findstring $( $@ && rm -f $@.tmp echo "" >> $@ sed -i 's/OPENSSL_ia32cap_P/_gnutls_x86_cpuid_s/g' $@ lib/accelerated/x86/coff/%-x86_64.s: devel/perlasm/%-x86_64.pl .submodule.stamp - cat $<.license > $@ - CC=gcc perl $< mingw64 >> $@ + CC=gcc perl $< mingw64 \ + $(if $(findstring $( $@ && rm -f $@.tmp echo "" >> $@ sed -i 's/OPENSSL_ia32cap_P/_gnutls_x86_cpuid_s/g' $@ lib/accelerated/x86/macosx/%.s: devel/perlasm/%.pl .submodule.stamp - cat $<.license > $@ - CC=gcc perl $< macosx >> $@ + CC=gcc perl $< macosx \ + $(if $(findstring $( $@ && rm -f $@.tmp echo "" >> $@ sed -i 's/OPENSSL_ia32cap_P/_gnutls_x86_cpuid_s/g' $@ lib/accelerated/aarch64/elf/%.s: devel/perlasm/%.pl .submodule.stamp rm -f $@tmp - CC=aarch64-linux-gnu-gcc perl $< linux64 $@.tmp + CC=aarch64-linux-gnu-gcc perl $< linux64 \ + $(if $(findstring $( $@.tmp.S echo "" >> $@.tmp.S sed -i 's/OPENSSL_armcap_P/_gnutls_arm_cpuid_s/g' $@.tmp.S @@ -232,7 +254,9 @@ lib/accelerated/aarch64/elf/%.s: devel/perlasm/%.pl .submodule.stamp lib/accelerated/aarch64/macosx/%.s: devel/perlasm/%.pl .submodule.stamp rm -f $@tmp - CC=aarch64-linux-gnu-gcc perl $< ios64 $@.tmp + CC=aarch64-linux-gnu-gcc perl $< ios64 \ + $(if $(findstring $( $@.tmp.S echo "" >> $@.tmp.S sed -i 's/OPENSSL_armcap_P/_gnutls_arm_cpuid_s/g' $@.tmp.S diff --git a/config.h.in b/config.h.in index 1d47455..5cb36c7 100644 --- a/config.h.in +++ b/config.h.in @@ -57,6 +57,12 @@ /* use the given pkcs11 uri as default trust store */ #undef DEFAULT_TRUST_STORE_PKCS11 +/* Whether to disable system configuration */ +#undef DISABLE_SYSTEM_CONFIG + +/* Dynamic use of ncrypt API (win32) */ +#undef DYN_NCRYPT + /* enable ALPN support */ #undef ENABLE_ALPN @@ -118,12 +124,10 @@ #undef FIPS_KEY /* Define to nothing if C supports flexible array members, and to 1 if it does - not. That way, with a declaration like 'struct s { int n; double + not. That way, with a declaration like 'struct s { int n; short d[FLEXIBLE_ARRAY_MEMBER]; };', the struct hack can be used with pre-C99 - compilers. When computing the size of such an object, don't use 'sizeof - (struct s)' as it overestimates the size. Use 'offsetof (struct s, d)' - instead. Don't use 'offsetof (struct s, d[0])', as this doesn't work with - MSVC and with C++ compilers. */ + compilers. Use 'FLEXSIZEOF (struct s, d, N * sizeof (short))' to calculate + the size in bytes of such a struct containing an N-element array. */ #undef FLEXIBLE_ARRAY_MEMBER /* fopen(3) accepts a 'b' in the mode flag */ @@ -132,6 +136,9 @@ /* fopen(3) accepts a 't' in the mode flag */ #undef FOPEN_TEXT_FLAG +/* Define to 1 if fopen() fails to recognize a trailing slash. */ +#undef FOPEN_TRAILING_SLASH_BUG + /* Define to 1 if the system's ftello function has the Solaris bug. */ #undef FTELLO_BROKEN_AFTER_SWITCHING_FROM_READ_TO_WRITE @@ -148,11 +155,22 @@ declaration of the second argument to gettimeofday. */ #undef GETTIMEOFDAY_TIMEZONE +/* The soname of gmp library */ +#undef GMP_LIBRARY_SONAME + +/* Define to a C preprocessor expression that evaluates to 1 or 0, depending + whether the gnulib module fopen-gnu shall be considered present. */ +#undef GNULIB_FOPEN_GNU + /* Define to a C preprocessor expression that evaluates to 1 or 0, depending whether the gnulib module fscanf shall be considered present. */ #undef GNULIB_FSCANF /* Define to a C preprocessor expression that evaluates to 1 or 0, depending + whether the gnulib module isblank shall be considered present. */ +#undef GNULIB_ISBLANK + +/* Define to a C preprocessor expression that evaluates to 1 or 0, depending whether the gnulib module lock shall be considered present. */ #undef GNULIB_LOCK @@ -201,12 +219,18 @@ /* Define to 1 when the gnulib module environ should be tested. */ #undef GNULIB_TEST_ENVIRON +/* Define to 1 when the gnulib module explicit_bzero should be tested. */ +#undef GNULIB_TEST_EXPLICIT_BZERO + /* Define to 1 when the gnulib module fcntl should be tested. */ #undef GNULIB_TEST_FCNTL /* Define to 1 when the gnulib module fdopen should be tested. */ #undef GNULIB_TEST_FDOPEN +/* Define to 1 when the gnulib module fopen should be tested. */ +#undef GNULIB_TEST_FOPEN + /* Define to 1 when the gnulib module fseek should be tested. */ #undef GNULIB_TEST_FSEEK @@ -291,6 +315,12 @@ /* Define to 1 when the gnulib module pipe should be tested. */ #undef GNULIB_TEST_PIPE +/* Define to 1 when the gnulib module pthread_sigmask should be tested. */ +#undef GNULIB_TEST_PTHREAD_SIGMASK + +/* Define to 1 when the gnulib module pthread-thread should be tested. */ +#undef GNULIB_TEST_PTHREAD_THREAD + /* Define to 1 when the gnulib module putenv should be tested. */ #undef GNULIB_TEST_PUTENV @@ -324,6 +354,9 @@ /* Define to 1 when the gnulib module setlocale should be tested. */ #undef GNULIB_TEST_SETLOCALE +/* Define to 1 when the gnulib module setlocale_null should be tested. */ +#undef GNULIB_TEST_SETLOCALE_NULL + /* Define to 1 when the gnulib module setsockopt should be tested. */ #undef GNULIB_TEST_SETSOCKOPT @@ -448,6 +481,9 @@ removed. */ #undef GNUTLS_INTERNAL_BUILD +/* The soname of gnutls library */ +#undef GNUTLS_LIBRARY_SONAME + /* Additional cast to bring void* to a type castable to int. */ #undef GNUTLS_POINTER_TO_INT_CAST @@ -462,6 +498,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_ARPA_INET_H +/* Define to 1 if the system has the type `BCRYPT_ALG_HANDLE'. */ +#undef HAVE_BCRYPT_ALG_HANDLE + /* Define to 1 if you have the header file. */ #undef HAVE_BP_SYM_H @@ -477,10 +516,6 @@ /* Define to 1 if you have the `catgets' function. */ #undef HAVE_CATGETS -/* Define to 1 if you have the Mac OS X function CFLocaleCopyCurrent in the - CoreFoundation framework. */ -#undef HAVE_CFLOCALECOPYCURRENT - /* Define to 1 if you have the Mac OS X function CFLocaleCopyPreferredLanguages in the CoreFoundation framework. */ #undef HAVE_CFLOCALECOPYPREFERREDLANGUAGES @@ -704,6 +739,9 @@ /* Define to 1 if you have the `explicit_bzero' function. */ #undef HAVE_EXPLICIT_BZERO +/* Define to 1 if you have the `explicit_memset' function. */ +#undef HAVE_EXPLICIT_MEMSET + /* Define if the locale_t type contains insufficient information, as on OpenBSD. */ #undef HAVE_FAKE_LOCALES @@ -744,6 +782,9 @@ /* Define to 1 if you have the `funlockfile' function. */ #undef HAVE_FUNLOCKFILE +/* Define to 1 if getaddrinfo exists, or to 0 otherwise. */ +#undef HAVE_GETADDRINFO + /* Define to 1 if you have the `getauxval' function. */ #undef HAVE_GETAUXVAL @@ -798,6 +839,9 @@ /* Define to 1 if you have the `getuid' function. */ #undef HAVE_GETUID +/* use __get_cpuid_count */ +#undef HAVE_GET_CPUID_COUNT + /* Define if you have the iconv() function and it works. */ #undef HAVE_ICONV @@ -849,6 +893,9 @@ /* Define to 1 if you have the `issetugid' function. */ #undef HAVE_ISSETUGID +/* Enable the BSD sysctl(KERN_ARND) function */ +#undef HAVE_KERN_ARND + /* Define if you have and nl_langinfo(CODESET). */ #undef HAVE_LANGINFO_CODESET @@ -864,6 +911,9 @@ /* Define if you have the libdl library. */ #undef HAVE_LIBDL +/* Define if you have the libev library. */ +#undef HAVE_LIBEV + /* Define to 1 if you have the `gen' library (-lgen). */ #undef HAVE_LIBGEN @@ -926,6 +976,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H +/* Define to 1 if you have the `memset_s' function. */ +#undef HAVE_MEMSET_S + /* Define to 1 if defines the MIN and MAX macros. */ #undef HAVE_MINMAX_IN_LIMITS_H @@ -938,6 +991,9 @@ /* Define to 1 if you have the `mprotect' function. */ #undef HAVE_MPROTECT +/* Define to 1 if you have the `mquery' function. */ +#undef HAVE_MQUERY + /* Define to 1 on MSVC platforms that have the "invalid parameter handler" concept. */ #undef HAVE_MSVC_INVALID_PARAMETER_HANDLER @@ -964,12 +1020,45 @@ /* Define to 1 if you have the `nettle_cfb8_encrypt' function. */ #undef HAVE_NETTLE_CFB8_ENCRYPT +/* Define to 1 if you have the `nettle_chacha_set_counter' function. */ +#undef HAVE_NETTLE_CHACHA_SET_COUNTER + /* Define to 1 if you have the `nettle_cmac128_update' function. */ #undef HAVE_NETTLE_CMAC128_UPDATE +/* Define to 1 if you have the `nettle_curve448_mul' function. */ +#undef HAVE_NETTLE_CURVE448_MUL + +/* Define to 1 if you have the `nettle_ed448_shake256_sign' function. */ +#undef HAVE_NETTLE_ED448_SHAKE256_SIGN + +/* Define to 1 if you have the `nettle_get_gost_gc256b' function. */ +#undef HAVE_NETTLE_GET_GOST_GC256B + +/* Define to 1 if you have the `nettle_get_gost_gc512a' function. */ +#undef HAVE_NETTLE_GET_GOST_GC512A + +/* Define to 1 if you have the `nettle_gost28147_set_key' function. */ +#undef HAVE_NETTLE_GOST28147_SET_KEY + +/* Define to 1 if you have the `nettle_gostdsa_sign' function. */ +#undef HAVE_NETTLE_GOSTDSA_SIGN + +/* Define to 1 if you have the `nettle_gosthash94cp_update' function. */ +#undef HAVE_NETTLE_GOSTHASH94CP_UPDATE + /* Define to 1 if you have the `nettle_rsa_sec_decrypt' function. */ #undef HAVE_NETTLE_RSA_SEC_DECRYPT +/* Define to 1 if you have the `nettle_siv_cmac_aes128_set_key' function. */ +#undef HAVE_NETTLE_SIV_CMAC_AES128_SET_KEY + +/* Define to 1 if you have the `nettle_streebog512_update' function. */ +#undef HAVE_NETTLE_STREEBOG512_UPDATE + +/* Define to 1 if you have the `nettle_xts_encrypt_message' function. */ +#undef HAVE_NETTLE_XTS_ENCRYPT_MESSAGE + /* Define to 1 if you have the `newlocale' function. */ #undef HAVE_NEWLOCALE @@ -985,6 +1074,18 @@ /* Define to 1 if you have the `pipe' function. */ #undef HAVE_PIPE +/* Define to 1 if you have the `pstat_getprocvm' function. */ +#undef HAVE_PSTAT_GETPROCVM + +/* Define if you have the header and the POSIX threads API. */ +#undef HAVE_PTHREAD_API + +/* Define to 1 if you have the `pthread_atfork' function. */ +#undef HAVE_PTHREAD_ATFORK + +/* Define to 1 if you have the header file. */ +#undef HAVE_PTHREAD_H + /* Define to 1 if you have the `pthread_mutex_lock' function. */ #undef HAVE_PTHREAD_MUTEX_LOCK @@ -998,6 +1099,15 @@ reader. */ #undef HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER +/* Define to 1 if the pthread_sigmask function can be used (despite bugs). */ +#undef HAVE_PTHREAD_SIGMASK + +/* Define to 1 if the system has the type `pthread_spinlock_t'. */ +#undef HAVE_PTHREAD_SPINLOCK_T + +/* Define to 1 if the system has the type `pthread_t'. */ +#undef HAVE_PTHREAD_T + /* Define to 1 if the system has the type `ptrdiff_t'. */ #undef HAVE_PTRDIFF_T @@ -1019,6 +1129,9 @@ /* Define to 1 if the system has the type `sa_family_t'. */ #undef HAVE_SA_FAMILY_T +/* Define to 1 if you have the header file. */ +#undef HAVE_SCHED_H + /* Define to 1 if you have the `scm_gc_malloc_pointerless' function. */ #undef HAVE_SCM_GC_MALLOC_POINTERLESS @@ -1199,6 +1312,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SYS_BITYPES_H +/* Define to 1 if you have the header file. */ +#undef HAVE_SYS_CDEFS_H + /* Define to 1 if you have the header file, and it defines `DIR'. */ #undef HAVE_SYS_DIR_H @@ -1264,6 +1380,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_TERMIOS_H +/* Define to 1 if you have the `thrd_create' function. */ +#undef HAVE_THRD_CREATE + /* Define to 1 if you have the header file. */ #undef HAVE_THREADS_H @@ -1308,6 +1427,9 @@ /* Define to 1 if the system has the type `uint_t'. */ #undef HAVE_UINT_T +/* Define to 1 if the system has the type `union nettle_block8'. */ +#undef HAVE_UNION_NETTLE_BLOCK8 + /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H @@ -1323,6 +1445,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_UTIME_H +/* Define to 1 if you have the header file. */ +#undef HAVE_VALGRIND_MEMCHECK_H + /* Define to 1 if you have the header file. */ #undef HAVE_VALUES_H @@ -1341,6 +1466,10 @@ /* Define to 1 if you have the header file. */ #undef HAVE_VFORK_H +/* Define to 1 or 0, depending whether the compiler supports simple visibility + declarations. */ +#undef HAVE_VISIBILITY + /* Define to 1 if you have the `vprintf' function. */ #undef HAVE_VPRINTF @@ -1362,6 +1491,10 @@ /* Define to 1 if you have the `wcsnlen' function. */ #undef HAVE_WCSNLEN +/* Define to 1 if the compiler and linker support weak declarations of + symbols. */ +#undef HAVE_WEAK_SYMBOLS + /* Define to 1 if you have the header file. */ #undef HAVE_WINSOCK2_H @@ -1389,9 +1522,6 @@ /* Define to 1 if you have the header file. */ #undef HAVE_XLOCALE_H -/* Define to 1 if you have the `xts_encrypt_message' function. */ -#undef HAVE_XTS_ENCRYPT_MESSAGE - /* Define to 1 if the system has the type `_Bool'. */ #undef HAVE__BOOL @@ -1429,6 +1559,24 @@ /* Define to 1 if you have the `__xpg_strerror_r' function. */ #undef HAVE___XPG_STRERROR_R +/* The soname of hogweed library */ +#undef HOGWEED_LIBRARY_SONAME + +/* whether to allowin inline comments */ +#undef INI_ALLOW_INLINE_COMMENTS + +/* The inline comment prefixes */ +#undef INI_INLINE_COMMENT_PREFIXES + +/* inih maximum line size */ +#undef INI_MAX_LINE + +/* The comment prefixes */ +#undef INI_START_COMMENT_PREFIXES + +/* whether to stop on first error */ +#undef INI_STOP_ON_FIRST_ERROR + /* Define to 1 if lseek does not detect pipes. */ #undef LSEEK_PIPE_BROKEN @@ -1451,6 +1599,9 @@ #endif +/* Use backported Curve448/GOST R 34.10 DSA support */ +#undef NEED_INT_ECC + /* Define if the compilation of mktime.c should define 'mktime_internal'. */ #undef NEED_MKTIME_INTERNAL @@ -1462,6 +1613,15 @@ algorithmic workarounds. */ #undef NEED_MKTIME_WORKING +/* Define to 1 to enable general improvements of setlocale. */ +#undef NEED_SETLOCALE_IMPROVED + +/* Define to 1 to enable a multithread-safety fix of setlocale. */ +#undef NEED_SETLOCALE_MTSAFE + +/* The soname of nettle library */ +#undef NETTLE_LIBRARY_SONAME + /* Define this if optional arguments are disallowed */ #undef NO_OPTIONAL_OPT_ARGS @@ -1499,9 +1659,22 @@ type mode_t. */ #undef PROMOTED_MODE_T +/* Define if pthread_create is an inline function. */ +#undef PTHREAD_CREATE_IS_INLINE + /* Define if the pthread_in_use() detection is hard. */ #undef PTHREAD_IN_USE_DETECTION_HARD +/* Define to 1 if pthread_sigmask(), when it fails, returns -1 and sets errno. + */ +#undef PTHREAD_SIGMASK_FAILS_WITH_ERRNO + +/* Define to 1 if pthread_sigmask may return 0 and have no effect. */ +#undef PTHREAD_SIGMASK_INEFFECTIVE + +/* Define to 1 if pthread_sigmask() unblocks signals incorrectly. */ +#undef PTHREAD_SIGMASK_UNBLOCK_BUG + /* Define to l, ll, u, ul, ull, etc., as suitable for constants of type 'ptrdiff_t'. */ #undef PTRDIFF_T_SUFFIX @@ -1519,6 +1692,12 @@ /* Define if vasnprintf exists but is overridden by gnulib. */ #undef REPLACE_VASNPRINTF +/* Define to 1 if setlocale (LC_ALL, NULL) is multithread-safe. */ +#undef SETLOCALE_NULL_ALL_MTSAFE + +/* Define to 1 if setlocale (category, NULL) is multithread-safe. */ +#undef SETLOCALE_NULL_ONE_MTSAFE + /* Define to l, ll, u, ul, ull, etc., as suitable for constants of type 'sig_atomic_t'. */ #undef SIG_ATOMIC_T_SUFFIX @@ -1574,7 +1753,10 @@ /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS -/* The system priority file */ +/* force strict DER time constraints */ +#undef STRICT_DER_TIME + +/* The system-wide gnutls configuration file */ #undef SYSTEM_PRIORITY_FILE /* Define to 1 if time_t is signed. */ @@ -1596,6 +1778,13 @@ /* The DNSSEC root key file */ #undef UNBOUND_ROOT_KEY_FILE +/* Define if the combination of the ISO C and POSIX multithreading APIs can be + used. */ +#undef USE_ISOC_AND_POSIX_THREADS + +/* Define if the ISO C multithreading library can be used. */ +#undef USE_ISOC_THREADS + /* Define if the POSIX multithreading library can be used. */ #undef USE_POSIX_THREADS @@ -1603,20 +1792,6 @@ weak. */ #undef USE_POSIX_THREADS_WEAK -/* Define if the GNU Pth multithreading library can be used. */ -#undef USE_PTH_THREADS - -/* Define if references to the GNU Pth multithreading library should be made - weak. */ -#undef USE_PTH_THREADS_WEAK - -/* Define if the old Solaris multithreading library can be used. */ -#undef USE_SOLARIS_THREADS - -/* Define if references to the old Solaris multithreading library should be - made weak. */ -#undef USE_SOLARIS_THREADS_WEAK - /* Enable extensions on AIX 3, Interix. */ #ifndef _ALL_SOURCE # undef _ALL_SOURCE @@ -1725,12 +1900,18 @@ # endif #endif -/* Enable large inode numbers on Mac OS X 10.5. */ -#undef _DARWIN_USE_64_BIT_INODE - /* Number of bits in a file offset, on hosts where this is settable. */ #undef _FILE_OFFSET_BITS +/* True if the compiler says it groks GNU C version MAJOR.MINOR. */ +#if defined __GNUC__ && defined __GNUC_MINOR__ +# define _GL_GNUC_PREREQ(major, minor) \ + ((major) < __GNUC__ + ((minor) <= __GNUC_MINOR__)) +#else +# define _GL_GNUC_PREREQ(major, minor) 0 +#endif + + /* Define to 1 to make fseeko visible on some hosts (e.g. glibc 2.2). */ #undef _LARGEFILE_SOURCE @@ -1750,13 +1931,23 @@ #ifndef _Noreturn # if (defined __cplusplus \ && ((201103 <= __cplusplus && !(__GNUC__ == 4 && __GNUC_MINOR__ == 7)) \ - || (defined _MSC_VER && 1900 <= _MSC_VER))) + || (defined _MSC_VER && 1900 <= _MSC_VER)) \ + && 0) + /* [[noreturn]] is not practically usable, because with it the syntax + extern _Noreturn void func (...); + would not be valid; such a declaration would only be valid with 'extern' + and '_Noreturn' swapped, or without the 'extern' keyword. However, some + AIX system header files and several gnulib header files use precisely + this syntax with 'extern'. */ # define _Noreturn [[noreturn]] # elif ((!defined __cplusplus || defined __clang__) \ && (201112 <= (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) \ - || 4 < __GNUC__ + (7 <= __GNUC_MINOR__))) + || _GL_GNUC_PREREQ (4, 7) \ + || (defined __apple_build_version__ \ + ? 6000000 <= __apple_build_version__ \ + : 3 < __clang_major__ + (5 <= __clang_minor__)))) /* _Noreturn works as-is. */ -# elif 2 < __GNUC__ + (8 <= __GNUC_MINOR__) || 0x5110 <= __SUNPRO_C +# elif _GL_GNUC_PREREQ (2, 8) || 0x5110 <= __SUNPRO_C # define _Noreturn __attribute__ ((__noreturn__)) # elif 1200 <= (defined _MSC_VER ? _MSC_VER : 0) # define _Noreturn __declspec (noreturn) @@ -1797,7 +1988,7 @@ invoked from such signal handlers. Such functions have some restrictions: * All functions that it calls should be marked _GL_ASYNC_SAFE as well, or should be listed as async-signal-safe in POSIX - + section 2.4.3. Note that malloc(), sprintf(), and fwrite(), in particular, are NOT async-signal-safe. * All memory locations (variables and struct fields) that these functions @@ -1819,6 +2010,206 @@ #define _GL_ASYNC_SAFE +/* Attributes. */ +#ifdef __has_attribute +# define _GL_HAS_ATTRIBUTE(attr) __has_attribute (__##attr##__) +#else +# define _GL_HAS_ATTRIBUTE(attr) _GL_ATTR_##attr +# define _GL_ATTR_alloc_size _GL_GNUC_PREREQ (4, 3) +# define _GL_ATTR_always_inline _GL_GNUC_PREREQ (3, 2) +# define _GL_ATTR_artificial _GL_GNUC_PREREQ (4, 3) +# define _GL_ATTR_cold _GL_GNUC_PREREQ (4, 3) +# define _GL_ATTR_const _GL_GNUC_PREREQ (2, 95) +# define _GL_ATTR_deprecated _GL_GNUC_PREREQ (3, 1) +# define _GL_ATTR_error _GL_GNUC_PREREQ (4, 3) +# define _GL_ATTR_externally_visible _GL_GNUC_PREREQ (4, 1) +# define _GL_ATTR_fallthrough _GL_GNUC_PREREQ (7, 0) +# define _GL_ATTR_format _GL_GNUC_PREREQ (2, 7) +# define _GL_ATTR_leaf _GL_GNUC_PREREQ (4, 6) +# ifdef _ICC +# define _GL_ATTR_may_alias 0 +# else +# define _GL_ATTR_may_alias _GL_GNUC_PREREQ (3, 3) +# endif +# define _GL_ATTR_malloc _GL_GNUC_PREREQ (3, 0) +# define _GL_ATTR_noinline _GL_GNUC_PREREQ (3, 1) +# define _GL_ATTR_nonnull _GL_GNUC_PREREQ (3, 3) +# define _GL_ATTR_nonstring _GL_GNUC_PREREQ (8, 0) +# define _GL_ATTR_nothrow _GL_GNUC_PREREQ (3, 3) +# define _GL_ATTR_packed _GL_GNUC_PREREQ (2, 7) +# define _GL_ATTR_pure _GL_GNUC_PREREQ (2, 96) +# define _GL_ATTR_returns_nonnull _GL_GNUC_PREREQ (4, 9) +# define _GL_ATTR_sentinel _GL_GNUC_PREREQ (4, 0) +# define _GL_ATTR_unused _GL_GNUC_PREREQ (2, 7) +# define _GL_ATTR_warn_unused_result _GL_GNUC_PREREQ (3, 4) +#endif + + +#if _GL_HAS_ATTRIBUTE (alloc_size) +# define _GL_ATTRIBUTE_ALLOC_SIZE(args) __attribute__ ((__alloc_size__ args)) +#else +# define _GL_ATTRIBUTE_ALLOC_SIZE(args) +#endif + +#if _GL_HAS_ATTRIBUTE (always_inline) +# define _GL_ATTRIBUTE_ALWAYS_INLINE __attribute__ ((__always_inline__)) +#else +# define _GL_ATTRIBUTE_ALWAYS_INLINE +#endif + +#if _GL_HAS_ATTRIBUTE (artificial) +# define _GL_ATTRIBUTE_ARTIFICIAL __attribute__ ((__artificial__)) +#else +# define _GL_ATTRIBUTE_ARTIFICIAL +#endif + +/* Avoid __attribute__ ((cold)) on MinGW; see thread starting at + . */ +#if _GL_HAS_ATTRIBUTE (cold) && !defined __MINGW32__ +# define _GL_ATTRIBUTE_COLD __attribute__ ((__cold__)) +#else +# define _GL_ATTRIBUTE_COLD +#endif + +#if _GL_HAS_ATTRIBUTE (const) +# define _GL_ATTRIBUTE_CONST __attribute__ ((__const__)) +#else +# define _GL_ATTRIBUTE_CONST +#endif + +#if 201710L < __STDC_VERSION__ +# define _GL_ATTRIBUTE_DEPRECATED [[__deprecated__]] +#elif _GL_HAS_ATTRIBUTE (deprecated) +# define _GL_ATTRIBUTE_DEPRECATED __attribute__ ((__deprecated__)) +#else +# define _GL_ATTRIBUTE_DEPRECATED +#endif + +#if _GL_HAS_ATTRIBUTE (error) +# define _GL_ATTRIBUTE_ERROR(msg) __attribute__ ((__error__ (msg))) +# define _GL_ATTRIBUTE_WARNING(msg) __attribute__ ((__warning__ (msg))) +#else +# define _GL_ATTRIBUTE_ERROR(msg) +# define _GL_ATTRIBUTE_WARNING(msg) +#endif + +#if _GL_HAS_ATTRIBUTE (externally_visible) +# define _GL_ATTRIBUTE_EXTERNALLY_VISIBLE __attribute__ ((externally_visible)) +#else +# define _GL_ATTRIBUTE_EXTERNALLY_VISIBLE +#endif + +/* FALLTHROUGH is special, because it always expands to something. */ +#if 201710L < __STDC_VERSION__ +# define _GL_ATTRIBUTE_FALLTHROUGH [[__fallthrough__]] +#elif _GL_HAS_ATTRIBUTE (fallthrough) +# define _GL_ATTRIBUTE_FALLTHROUGH __attribute__ ((__fallthrough__)) +#else +# define _GL_ATTRIBUTE_FALLTHROUGH ((void) 0) +#endif + +#if _GL_HAS_ATTRIBUTE (format) +# define _GL_ATTRIBUTE_FORMAT(spec) __attribute__ ((__format__ spec)) +#else +# define _GL_ATTRIBUTE_FORMAT(spec) +#endif + +#if _GL_HAS_ATTRIBUTE (leaf) +# define _GL_ATTRIBUTE_LEAF __attribute__ ((__leaf__)) +#else +# define _GL_ATTRIBUTE_LEAF +#endif + +#if _GL_HAS_ATTRIBUTE (may_alias) +# define _GL_ATTRIBUTE_MAY_ALIAS __attribute__ ((__may_alias__)) +#else +# define _GL_ATTRIBUTE_MAY_ALIAS +#endif + +#if 201710L < __STDC_VERSION__ +# define _GL_ATTRIBUTE_MAYBE_UNUSED [[__maybe_unused__]] +#elif _GL_HAS_ATTRIBUTE (unused) +# define _GL_ATTRIBUTE_MAYBE_UNUSED __attribute__ ((__unused__)) +#else +# define _GL_ATTRIBUTE_MAYBE_UNUSED +#endif +/* Earlier spellings of this macro. */ +#define _GL_UNUSED _GL_ATTRIBUTE_MAYBE_UNUSED +#define _UNUSED_PARAMETER_ _GL_ATTRIBUTE_MAYBE_UNUSED + +#if _GL_HAS_ATTRIBUTE (malloc) +# define _GL_ATTRIBUTE_MALLOC __attribute__ ((__malloc__)) +#else +# define _GL_ATTRIBUTE_MALLOC +#endif + +#if 201710L < __STDC_VERSION__ +# define _GL_ATTRIBUTE_NODISCARD [[__nodiscard__]] +#elif _GL_HAS_ATTRIBUTE (warn_unused_result) +# define _GL_ATTRIBUTE_NODISCARD __attribute__ ((__warn_unused_result__)) +#else +# define _GL_ATTRIBUTE_NODISCARD +#endif + +#if _GL_HAS_ATTRIBUTE (noinline) +# define _GL_ATTRIBUTE_NOINLINE __attribute__ ((__noinline__)) +#else +# define _GL_ATTRIBUTE_NOINLINE +#endif + +#if _GL_HAS_ATTRIBUTE (nonnull) +# define _GL_ATTRIBUTE_NONNULL(args) __attribute__ ((__nonnull__ args)) +#else +# define _GL_ATTRIBUTE_NONNULL(args) +#endif + +#if _GL_HAS_ATTRIBUTE (nonstring) +# define _GL_ATTRIBUTE_NONSTRING __attribute__ ((__nonstring__)) +#else +# define _GL_ATTRIBUTE_NONSTRING +#endif + +/* There is no _GL_ATTRIBUTE_NORETURN; use _Noreturn instead. */ + +#if _GL_HAS_ATTRIBUTE (nothrow) && !defined __cplusplus +# define _GL_ATTRIBUTE_NOTHROW __attribute__ ((__nothrow__)) +#else +# define _GL_ATTRIBUTE_NOTHROW +#endif + +#if _GL_HAS_ATTRIBUTE (packed) +# define _GL_ATTRIBUTE_PACKED __attribute__ ((__packed__)) +#else +# define _GL_ATTRIBUTE_PACKED +#endif + +#if _GL_HAS_ATTRIBUTE (pure) +# define _GL_ATTRIBUTE_PURE __attribute__ ((__pure__)) +#else +# define _GL_ATTRIBUTE_PURE +#endif + +#if _GL_HAS_ATTRIBUTE (returns_nonnull) +# define _GL_ATTRIBUTE_RETURNS_NONNULL __attribute__ ((__returns_nonnull__)) +#else +# define _GL_ATTRIBUTE_RETURNS_NONNULL +#endif + +#if _GL_HAS_ATTRIBUTE (sentinel) +# define _GL_ATTRIBUTE_SENTINEL(pos) __attribute__ ((__sentinel__ pos)) +#else +# define _GL_ATTRIBUTE_SENTINEL(pos) +#endif + + +/* To support C++ as well as C, use _GL_UNUSED_LABEL with trailing ';'. */ +#if !defined __cplusplus || _GL_GNUC_PREREQ (4, 5) +# define _GL_UNUSED_LABEL _GL_ATTRIBUTE_MAYBE_UNUSED +#else +# define _GL_UNUSED_LABEL +#endif + + /* Please see the Gnulib manual for how to use these macros. Suppress extern inline with HP-UX cc, as it appears to be broken; see @@ -1843,7 +2234,7 @@ https://lists.gnu.org/r/bug-gnulib/2012-12/msg00023.html DragonFly; see - http://muscles.dragonflybsd.org/bulk/bleeding-edge-potential/latest-per-pkg/ah-tty-0.3.12.log + http://muscles.dragonflybsd.org/bulk/clang-master-potential/20141111_102002/logs/ah-tty-0.3.12.log FreeBSD; see: https://lists.gnu.org/r/bug-gnulib/2014-07/msg00104.html @@ -1960,6 +2351,9 @@ /* Define to the type of st_nlink in struct stat, or a supertype. */ #undef nlink_t +/* Define to `long int' if does not define. */ +#undef off_t + /* Define to `int' if does not define. */ #undef pid_t @@ -1968,21 +2362,19 @@ #undef ptrdiff_t /* static lib rename */ -#undef read_binary_file - -/* static lib rename */ #undef read_file /* Define to the equivalent of the C99 'restrict' keyword, or to nothing if this is not supported. Do not define if restrict is supported directly. */ #undef restrict -/* Work around a bug in Sun C++: it does not support _Restrict or - __restrict__, even though the corresponding Sun C compiler ends up with - "#define restrict _Restrict" or "#define restrict __restrict__" in the - previous line. Perhaps some future version of Sun C++ will work with - restrict; if so, hopefully it defines __RESTRICT like Sun C does. */ -#if defined __SUNPRO_CC && !defined __RESTRICT +/* Work around a bug in older versions of Sun C++, which did not + #define __restrict__ or support _Restrict or __restrict__ + even though the corresponding Sun C compiler ended up with + "#define restrict _Restrict" or "#define restrict __restrict__" + in the previous line. This workaround can be removed once + we assume Oracle Developer Studio 12.5 (2016) or later. */ +#if defined __SUNPRO_CC && !defined __RESTRICT && !defined __restrict__ # define _Restrict # define __restrict__ #endif @@ -1999,49 +2391,5 @@ /* Define to `int' if doesn't define. */ #undef uid_t -/* Define as a marker that can be attached to declarations that might not - be used. This helps to reduce warnings, such as from - GCC -Wunused-parameter. */ -#if __GNUC__ >= 3 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 7) -# define _GL_UNUSED __attribute__ ((__unused__)) -#else -# define _GL_UNUSED -#endif -/* The name _UNUSED_PARAMETER_ is an earlier spelling, although the name - is a misnomer outside of parameter lists. */ -#define _UNUSED_PARAMETER_ _GL_UNUSED - -/* gcc supports the "unused" attribute on possibly unused labels, and - g++ has since version 4.5. Note to support C++ as well as C, - _GL_UNUSED_LABEL should be used with a trailing ; */ -#if !defined __cplusplus || __GNUC__ > 4 \ - || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) -# define _GL_UNUSED_LABEL _GL_UNUSED -#else -# define _GL_UNUSED_LABEL -#endif - -/* The __pure__ attribute was added in gcc 2.96. */ -#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 96) -# define _GL_ATTRIBUTE_PURE __attribute__ ((__pure__)) -#else -# define _GL_ATTRIBUTE_PURE /* empty */ -#endif - -/* The __const__ attribute was added in gcc 2.95. */ -#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 95) -# define _GL_ATTRIBUTE_CONST __attribute__ ((__const__)) -#else -# define _GL_ATTRIBUTE_CONST /* empty */ -#endif - -/* The __malloc__ attribute was added in gcc 3. */ -#if 3 <= __GNUC__ -# define _GL_ATTRIBUTE_MALLOC __attribute__ ((__malloc__)) -#else -# define _GL_ATTRIBUTE_MALLOC /* empty */ -#endif - - /* Define as `fork' if `vfork' does not work. */ #undef vfork diff --git a/configure b/configure index fe9de90..23a0ccc 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for GnuTLS 3.6.8. +# Generated by GNU Autoconf 2.69 for GnuTLS 3.6.14. # # Report bugs to . # @@ -590,8 +590,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='GnuTLS' PACKAGE_TARNAME='gnutls' -PACKAGE_VERSION='3.6.8' -PACKAGE_STRING='GnuTLS 3.6.8' +PACKAGE_VERSION='3.6.14' +PACKAGE_STRING='GnuTLS 3.6.14' PACKAGE_BUGREPORT='bugs@gnutls.org' PACKAGE_URL='' @@ -632,6 +632,7 @@ ac_includes_default="\ #endif" gl_use_threads_default= +gl_use_winpthreads_default= ac_header_list= gt_needs= ac_func_list= @@ -652,15 +653,17 @@ am__EXEEXT_FALSE am__EXEEXT_TRUE LTLIBOBJS LIBOBJS -YEAR NEEDS_LIBRT_FALSE NEEDS_LIBRT_TRUE LIBGNUTLS_CFLAGS LIBGNUTLS_LIBS +CROSS_COMPILING_FALSE +CROSS_COMPILING_TRUE HAVE_GUILD_FALSE HAVE_GUILD_TRUE HAVE_GUILE_FALSE HAVE_GUILE_TRUE +maybe_guileextensiondir GUILE_LDFLAGS GUILE_LTLIBS GUILE_LIBS @@ -705,12 +708,29 @@ P11KIT_0_23_11_API_FALSE P11KIT_0_23_11_API_TRUE P11_KIT_LIBS P11_KIT_CFLAGS +DISABLE_SYSTEM_CONFIG_FALSE +DISABLE_SYSTEM_CONFIG_TRUE ENABLE_DANE_FALSE ENABLE_DANE_TRUE UNBOUND_CFLAGS UNBOUND_LIBS +NEED_SIV_FALSE +NEED_SIV_TRUE +NEED_CHACHA_FALSE +NEED_CHACHA_TRUE +NEED_INT_ECC_FALSE +NEED_INT_ECC_TRUE +NEED_XTS_FALSE +NEED_XTS_TRUE +NEED_CMAC_FALSE +NEED_CMAC_TRUE +NEED_CFB_FALSE +NEED_CFB_TRUE ENABLE_NON_SUITEB_CURVES_FALSE ENABLE_NON_SUITEB_CURVES_TRUE +LIBBCRYPT +HAVE_BCRYPT_FALSE +HAVE_BCRYPT_TRUE HAVE_LIBIDN2_FALSE HAVE_LIBIDN2_TRUE LIBIDN2_LIBS @@ -735,7 +755,6 @@ NMEDIT DSYMUTIL MANIFEST_TOOL DLLTOOL -OBJDUMP NM ac_ct_DUMPBIN DUMPBIN @@ -746,6 +765,13 @@ LN_S WERROR_CFLAGS WARN_CFLAGS WSTACK_CFLAGS +LIBEV_LIBS +LIBEV_PREFIX +LTLIBEV +LIBEV +HAVE_LIBEV +ENABLE_OLDGNUTLS_INTEROP_FALSE +ENABLE_OLDGNUTLS_INTEROP_TRUE WANT_TEST_SUITE_FALSE WANT_TEST_SUITE_TRUE unistringtests_WITNESS @@ -908,6 +934,7 @@ LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_C_FALSE LIBUNISTRING_COMPILE_UNICTYPE_CATEGORY_C_TRUE LIBUNISTRING_UNICTYPE_H ggltests_WITNESS +PARSE_DATETIME_BISON GETADDRINFO_LIB SERVENT_LIB HOSTENT_LIB @@ -922,6 +949,19 @@ NEXT_SIGNAL_H LOCALE_ZH_CN LOCALE_JA LOCALE_FR_UTF8 +HAVE_VISIBILITY +CFLAG_VISIBILITY +LIB_SETLOCALE +LIB_SETLOCALE_NULL +HAVE_SYS_CDEFS_H +HAVE_STRUCT_SCHED_PARAM +HAVE_SCHED_H +NEXT_AS_FIRST_DIRECTIVE_SCHED_H +NEXT_SCHED_H +REPLACE_SCHED_YIELD +HAVE_SCHED_YIELD +GNULIB_SCHED_YIELD +LIB_PTHREAD_SIGMASK REPLACE_RAISE REPLACE_PTHREAD_SIGMASK HAVE_SIGHANDLER_T @@ -938,6 +978,126 @@ GNULIB_SIGPROCMASK GNULIB_SIGNAL_H_SIGPIPE GNULIB_RAISE GNULIB_PTHREAD_SIGMASK +LIB_PTHREAD +HAVE_PTHREAD_H +NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H +NEXT_PTHREAD_H +REPLACE_PTHREAD_SPIN_DESTROY +REPLACE_PTHREAD_SPIN_UNLOCK +REPLACE_PTHREAD_SPIN_TRYLOCK +REPLACE_PTHREAD_SPIN_LOCK +REPLACE_PTHREAD_SPIN_INIT +REPLACE_PTHREAD_KEY_DELETE +REPLACE_PTHREAD_GETSPECIFIC +REPLACE_PTHREAD_SETSPECIFIC +REPLACE_PTHREAD_KEY_CREATE +REPLACE_PTHREAD_COND_DESTROY +REPLACE_PTHREAD_COND_BROADCAST +REPLACE_PTHREAD_COND_SIGNAL +REPLACE_PTHREAD_COND_TIMEDWAIT +REPLACE_PTHREAD_COND_WAIT +REPLACE_PTHREAD_CONDATTR_DESTROY +REPLACE_PTHREAD_CONDATTR_INIT +REPLACE_PTHREAD_COND_INIT +REPLACE_PTHREAD_RWLOCK_DESTROY +REPLACE_PTHREAD_RWLOCK_UNLOCK +REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK +REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK +REPLACE_PTHREAD_RWLOCK_TRYWRLOCK +REPLACE_PTHREAD_RWLOCK_TRYRDLOCK +REPLACE_PTHREAD_RWLOCK_WRLOCK +REPLACE_PTHREAD_RWLOCK_RDLOCK +REPLACE_PTHREAD_RWLOCKATTR_DESTROY +REPLACE_PTHREAD_RWLOCKATTR_INIT +REPLACE_PTHREAD_RWLOCK_INIT +REPLACE_PTHREAD_MUTEX_DESTROY +REPLACE_PTHREAD_MUTEX_UNLOCK +REPLACE_PTHREAD_MUTEX_TIMEDLOCK +REPLACE_PTHREAD_MUTEX_TRYLOCK +REPLACE_PTHREAD_MUTEX_LOCK +REPLACE_PTHREAD_MUTEXATTR_DESTROY +REPLACE_PTHREAD_MUTEXATTR_SETROBUST +REPLACE_PTHREAD_MUTEXATTR_GETROBUST +REPLACE_PTHREAD_MUTEXATTR_SETTYPE +REPLACE_PTHREAD_MUTEXATTR_GETTYPE +REPLACE_PTHREAD_MUTEXATTR_INIT +REPLACE_PTHREAD_MUTEX_INIT +REPLACE_PTHREAD_ONCE +REPLACE_PTHREAD_EXIT +REPLACE_PTHREAD_JOIN +REPLACE_PTHREAD_DETACH +REPLACE_PTHREAD_EQUAL +REPLACE_PTHREAD_SELF +REPLACE_PTHREAD_ATTR_DESTROY +REPLACE_PTHREAD_ATTR_SETDETACHSTATE +REPLACE_PTHREAD_ATTR_GETDETACHSTATE +REPLACE_PTHREAD_ATTR_INIT +REPLACE_PTHREAD_CREATE +HAVE_PTHREAD_SPIN_DESTROY +HAVE_PTHREAD_SPIN_UNLOCK +HAVE_PTHREAD_SPIN_TRYLOCK +HAVE_PTHREAD_SPIN_LOCK +HAVE_PTHREAD_SPIN_INIT +HAVE_PTHREAD_KEY_DELETE +HAVE_PTHREAD_GETSPECIFIC +HAVE_PTHREAD_SETSPECIFIC +HAVE_PTHREAD_KEY_CREATE +HAVE_PTHREAD_COND_DESTROY +HAVE_PTHREAD_COND_BROADCAST +HAVE_PTHREAD_COND_SIGNAL +HAVE_PTHREAD_COND_TIMEDWAIT +HAVE_PTHREAD_COND_WAIT +HAVE_PTHREAD_CONDATTR_DESTROY +HAVE_PTHREAD_CONDATTR_INIT +HAVE_PTHREAD_COND_INIT +HAVE_PTHREAD_RWLOCK_DESTROY +HAVE_PTHREAD_RWLOCK_UNLOCK +HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK +HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK +HAVE_PTHREAD_RWLOCK_TRYWRLOCK +HAVE_PTHREAD_RWLOCK_TRYRDLOCK +HAVE_PTHREAD_RWLOCK_WRLOCK +HAVE_PTHREAD_RWLOCK_RDLOCK +HAVE_PTHREAD_RWLOCKATTR_DESTROY +HAVE_PTHREAD_RWLOCKATTR_INIT +HAVE_PTHREAD_RWLOCK_INIT +HAVE_PTHREAD_MUTEX_DESTROY +HAVE_PTHREAD_MUTEX_UNLOCK +HAVE_PTHREAD_MUTEX_TIMEDLOCK +HAVE_PTHREAD_MUTEX_TRYLOCK +HAVE_PTHREAD_MUTEX_LOCK +HAVE_PTHREAD_MUTEXATTR_DESTROY +HAVE_PTHREAD_MUTEXATTR_SETROBUST +HAVE_PTHREAD_MUTEXATTR_GETROBUST +HAVE_PTHREAD_MUTEXATTR_SETTYPE +HAVE_PTHREAD_MUTEXATTR_GETTYPE +HAVE_PTHREAD_MUTEXATTR_INIT +HAVE_PTHREAD_MUTEX_INIT +HAVE_PTHREAD_ONCE +HAVE_PTHREAD_EXIT +HAVE_PTHREAD_JOIN +HAVE_PTHREAD_DETACH +HAVE_PTHREAD_EQUAL +HAVE_PTHREAD_SELF +HAVE_PTHREAD_ATTR_DESTROY +HAVE_PTHREAD_ATTR_SETDETACHSTATE +HAVE_PTHREAD_ATTR_GETDETACHSTATE +HAVE_PTHREAD_ATTR_INIT +HAVE_PTHREAD_CREATE +HAVE_PTHREAD_PROCESS_SHARED +HAVE_PTHREAD_MUTEX_ROBUST +HAVE_PTHREAD_MUTEX_RECURSIVE +HAVE_PTHREAD_CREATE_DETACHED +HAVE_PTHREAD_SPINLOCK_T +HAVE_PTHREAD_T +GNULIB_PTHREAD_MUTEX_TIMEDLOCK +GNULIB_PTHREAD_SPIN +GNULIB_PTHREAD_TSS +GNULIB_PTHREAD_COND +GNULIB_PTHREAD_RWLOCK +GNULIB_PTHREAD_MUTEX +GNULIB_PTHREAD_ONCE +GNULIB_PTHREAD_THREAD LIB_NANOSLEEP LIB_SELECT HAVE_SYS_SELECT_H @@ -952,9 +1112,9 @@ LTLIBMULTITHREAD LIBMULTITHREAD LTLIBTHREAD LIBTHREAD -LIBPTH_PREFIX -LTLIBPTH -LIBPTH +LIBSTDTHREAD +LIB_SCHED_YIELD +LIBPMULTITHREAD NEXT_AS_FIRST_DIRECTIVE_LOCALE_H NEXT_LOCALE_H HAVE_XLOCALE_H @@ -969,6 +1129,7 @@ HAVE_DUPLOCALE HAVE_NEWLOCALE GNULIB_LOCALENAME GNULIB_DUPLOCALE +GNULIB_SETLOCALE_NULL GNULIB_SETLOCALE GNULIB_LOCALECONV HAVE_LANGINFO_YESEXPR @@ -982,36 +1143,6 @@ NEXT_LANGINFO_H REPLACE_NL_LANGINFO HAVE_NL_LANGINFO GNULIB_NL_LANGINFO -NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H -NEXT_INTTYPES_H -UINT64_MAX_EQ_ULONG_MAX -UINT32_MAX_LT_UINTMAX_MAX -PRIPTR_PREFIX -PRI_MACROS_BROKEN -INT64_MAX_EQ_LONG_MAX -INT32_MAX_LT_INTMAX_MAX -REPLACE_STRTOUMAX -REPLACE_STRTOIMAX -HAVE_IMAXDIV_T -HAVE_DECL_STRTOUMAX -HAVE_DECL_STRTOIMAX -HAVE_DECL_IMAXDIV -HAVE_DECL_IMAXABS -GNULIB_STRTOUMAX -GNULIB_STRTOIMAX -GNULIB_IMAXDIV -GNULIB_IMAXABS -NEXT_AS_FIRST_DIRECTIVE_FCNTL_H -NEXT_FCNTL_H -REPLACE_OPENAT -REPLACE_OPEN -REPLACE_FCNTL -HAVE_OPENAT -HAVE_FCNTL -GNULIB_OPENAT -GNULIB_OPEN -GNULIB_NONBLOCKING -GNULIB_FCNTL NEXT_AS_FIRST_DIRECTIVE_CTYPE_H NEXT_CTYPE_H HAVE_ISBLANK @@ -1023,6 +1154,7 @@ HAVE_CRTDEFS_H HAVE_WINT_T NEXT_AS_FIRST_DIRECTIVE_WCHAR_H NEXT_WCHAR_H +REPLACE_WCSTOK REPLACE_WCSFTIME REPLACE_WCSWIDTH REPLACE_WCWIDTH @@ -1143,34 +1275,6 @@ NEXT_AS_FIRST_DIRECTIVE_STDLIB_H NEXT_STDLIB_H NEXT_AS_FIRST_DIRECTIVE_STDIO_H NEXT_STDIO_H -GL_GENERATE_STDINT_H_FALSE -GL_GENERATE_STDINT_H_TRUE -STDINT_H -HAVE_SYS_INTTYPES_H -HAVE_SYS_BITYPES_H -HAVE_C99_STDINT_H -WINT_T_SUFFIX -WCHAR_T_SUFFIX -SIG_ATOMIC_T_SUFFIX -SIZE_T_SUFFIX -PTRDIFF_T_SUFFIX -HAVE_SIGNED_WINT_T -HAVE_SIGNED_WCHAR_T -HAVE_SIGNED_SIG_ATOMIC_T -BITSIZEOF_WINT_T -BITSIZEOF_WCHAR_T -BITSIZEOF_SIG_ATOMIC_T -BITSIZEOF_SIZE_T -BITSIZEOF_PTRDIFF_T -HAVE_STDINT_H -NEXT_AS_FIRST_DIRECTIVE_STDINT_H -NEXT_STDINT_H -HAVE_SYS_TYPES_H -HAVE_INTTYPES_H -HAVE_WCHAR_H -HAVE_UNSIGNED_LONG_LONG_INT -HAVE_LONG_LONG_INT -GNULIB_OVERRIDES_WINT_T NEXT_AS_FIRST_DIRECTIVE_STDDEF_H NEXT_STDDEF_H GL_GENERATE_STDDEF_H_FALSE @@ -1196,6 +1300,7 @@ NEXT_NETINET_IN_H HAVE_NETDB_H NEXT_AS_FIRST_DIRECTIVE_NETDB_H NEXT_NETDB_H +REPLACE_GETADDRINFO REPLACE_GAI_STRERROR HAVE_DECL_GETNAMEINFO HAVE_DECL_GETADDRINFO @@ -1203,83 +1308,6 @@ HAVE_DECL_GAI_STRERROR HAVE_DECL_FREEADDRINFO HAVE_STRUCT_ADDRINFO GNULIB_GETADDRINFO -APPLE_UNIVERSAL_BUILD -HAVE_MSVC_INVALID_PARAMETER_HANDLER -UNDEFINE_STRTOK_R -REPLACE_STRSIGNAL -REPLACE_STRERROR_R -REPLACE_STRERROR -REPLACE_STRTOK_R -REPLACE_STRCASESTR -REPLACE_STRSTR -REPLACE_STRNLEN -REPLACE_STRNDUP -REPLACE_STRNCAT -REPLACE_STRDUP -REPLACE_STRCHRNUL -REPLACE_STPNCPY -REPLACE_MEMMEM -REPLACE_MEMCHR -HAVE_STRVERSCMP -HAVE_DECL_STRSIGNAL -HAVE_DECL_STRERROR_R -HAVE_DECL_STRTOK_R -HAVE_STRCASESTR -HAVE_STRSEP -HAVE_STRPBRK -HAVE_DECL_STRNLEN -HAVE_DECL_STRNDUP -HAVE_DECL_STRDUP -HAVE_STRCHRNUL -HAVE_STPNCPY -HAVE_STPCPY -HAVE_RAWMEMCHR -HAVE_DECL_MEMRCHR -HAVE_MEMPCPY -HAVE_DECL_MEMMEM -HAVE_MEMCHR -HAVE_FFSLL -HAVE_FFSL -HAVE_EXPLICIT_BZERO -HAVE_MBSLEN -GNULIB_STRVERSCMP -GNULIB_STRSIGNAL -GNULIB_STRERROR_R -GNULIB_STRERROR -GNULIB_MBSTOK_R -GNULIB_MBSSEP -GNULIB_MBSSPN -GNULIB_MBSPBRK -GNULIB_MBSCSPN -GNULIB_MBSCASESTR -GNULIB_MBSPCASECMP -GNULIB_MBSNCASECMP -GNULIB_MBSCASECMP -GNULIB_MBSSTR -GNULIB_MBSRCHR -GNULIB_MBSCHR -GNULIB_MBSNLEN -GNULIB_MBSLEN -GNULIB_STRTOK_R -GNULIB_STRCASESTR -GNULIB_STRSTR -GNULIB_STRSEP -GNULIB_STRPBRK -GNULIB_STRNLEN -GNULIB_STRNDUP -GNULIB_STRNCAT -GNULIB_STRDUP -GNULIB_STRCHRNUL -GNULIB_STPNCPY -GNULIB_STPCPY -GNULIB_RAWMEMCHR -GNULIB_MEMRCHR -GNULIB_MEMPCPY -GNULIB_MEMMEM -GNULIB_MEMCHR -GNULIB_FFSLL -GNULIB_FFSL -GNULIB_EXPLICIT_BZERO REPLACE_WCTOMB REPLACE_UNSETENV REPLACE_STRTOLD @@ -1372,17 +1400,65 @@ GNULIB_CANONICALIZE_FILE_NAME GNULIB_CALLOC_POSIX GNULIB_ATOLL GNULIB__EXIT +HAVE_LD_VERSION_SCRIPT_FALSE +HAVE_LD_VERSION_SCRIPT_TRUE +HAVE_LD_OUTPUT_DEF_FALSE +HAVE_LD_OUTPUT_DEF_TRUE +LDDPOSTPROC +LDDPROG +OBJDUMP +NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H +NEXT_INTTYPES_H +UINT64_MAX_EQ_ULONG_MAX +UINT32_MAX_LT_UINTMAX_MAX +PRIPTR_PREFIX +PRI_MACROS_BROKEN +INT64_MAX_EQ_LONG_MAX +INT32_MAX_LT_INTMAX_MAX +REPLACE_STRTOUMAX +REPLACE_STRTOIMAX +HAVE_IMAXDIV_T +HAVE_DECL_STRTOUMAX +HAVE_DECL_STRTOIMAX +HAVE_DECL_IMAXDIV +HAVE_DECL_IMAXABS +GNULIB_STRTOUMAX +GNULIB_STRTOIMAX +GNULIB_IMAXDIV +GNULIB_IMAXABS +GL_GENERATE_STDINT_H_FALSE +GL_GENERATE_STDINT_H_TRUE +STDINT_H +HAVE_SYS_INTTYPES_H +HAVE_SYS_BITYPES_H +HAVE_C99_STDINT_H +WINT_T_SUFFIX +WCHAR_T_SUFFIX +SIG_ATOMIC_T_SUFFIX +SIZE_T_SUFFIX +PTRDIFF_T_SUFFIX +HAVE_SIGNED_WINT_T +HAVE_SIGNED_WCHAR_T +HAVE_SIGNED_SIG_ATOMIC_T +BITSIZEOF_WINT_T +BITSIZEOF_WCHAR_T +BITSIZEOF_SIG_ATOMIC_T +BITSIZEOF_SIZE_T +BITSIZEOF_PTRDIFF_T +APPLE_UNIVERSAL_BUILD +HAVE_STDINT_H +NEXT_AS_FIRST_DIRECTIVE_STDINT_H +NEXT_STDINT_H +HAVE_SYS_TYPES_H +HAVE_INTTYPES_H +HAVE_WCHAR_H +GNULIB_OVERRIDES_WINT_T GL_GENERATE_LIMITS_H_FALSE GL_GENERATE_LIMITS_H_TRUE LIMITS_H NEXT_AS_FIRST_DIRECTIVE_LIMITS_H NEXT_LIMITS_H -HAVE_LD_VERSION_SCRIPT_FALSE -HAVE_LD_VERSION_SCRIPT_TRUE -HAVE_LD_OUTPUT_DEF_FALSE -HAVE_LD_OUTPUT_DEF_TRUE INET_PTON_LIB -HAVE_WS2TCPIP_H HAVE_SYS_SOCKET_H NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H NEXT_SYS_SOCKET_H @@ -1443,107 +1519,6 @@ WINDOWS_STAT_INODES WINDOWS_64_BIT_OFF_T NEXT_AS_FIRST_DIRECTIVE_SYS_TYPES_H NEXT_SYS_TYPES_H -REPLACE_VSPRINTF -REPLACE_VSNPRINTF -REPLACE_VPRINTF -REPLACE_VFPRINTF -REPLACE_VDPRINTF -REPLACE_VASPRINTF -REPLACE_TMPFILE -REPLACE_STDIO_WRITE_FUNCS -REPLACE_STDIO_READ_FUNCS -REPLACE_SPRINTF -REPLACE_SNPRINTF -REPLACE_RENAMEAT -REPLACE_RENAME -REPLACE_REMOVE -REPLACE_PRINTF -REPLACE_POPEN -REPLACE_PERROR -REPLACE_OBSTACK_PRINTF -REPLACE_GETLINE -REPLACE_GETDELIM -REPLACE_FTELLO -REPLACE_FTELL -REPLACE_FSEEKO -REPLACE_FSEEK -REPLACE_FREOPEN -REPLACE_FPURGE -REPLACE_FPRINTF -REPLACE_FOPEN -REPLACE_FFLUSH -REPLACE_FDOPEN -REPLACE_FCLOSE -REPLACE_DPRINTF -HAVE_VDPRINTF -HAVE_VASPRINTF -HAVE_RENAMEAT -HAVE_POPEN -HAVE_PCLOSE -HAVE_FTELLO -HAVE_FSEEKO -HAVE_DPRINTF -HAVE_DECL_VSNPRINTF -HAVE_DECL_SNPRINTF -HAVE_DECL_OBSTACK_PRINTF -HAVE_DECL_GETLINE -HAVE_DECL_GETDELIM -HAVE_DECL_FTELLO -HAVE_DECL_FSEEKO -HAVE_DECL_FPURGE -GNULIB_VSPRINTF_POSIX -GNULIB_VSNPRINTF -GNULIB_VPRINTF_POSIX -GNULIB_VPRINTF -GNULIB_VFPRINTF_POSIX -GNULIB_VFPRINTF -GNULIB_VDPRINTF -GNULIB_VSCANF -GNULIB_VFSCANF -GNULIB_VASPRINTF -GNULIB_TMPFILE -GNULIB_STDIO_H_SIGPIPE -GNULIB_STDIO_H_NONBLOCKING -GNULIB_SPRINTF_POSIX -GNULIB_SNPRINTF -GNULIB_SCANF -GNULIB_RENAMEAT -GNULIB_RENAME -GNULIB_REMOVE -GNULIB_PUTS -GNULIB_PUTCHAR -GNULIB_PUTC -GNULIB_PRINTF_POSIX -GNULIB_PRINTF -GNULIB_POPEN -GNULIB_PERROR -GNULIB_PCLOSE -GNULIB_OBSTACK_PRINTF_POSIX -GNULIB_OBSTACK_PRINTF -GNULIB_GETLINE -GNULIB_GETDELIM -GNULIB_GETCHAR -GNULIB_GETC -GNULIB_FWRITE -GNULIB_FTELLO -GNULIB_FTELL -GNULIB_FSEEKO -GNULIB_FSEEK -GNULIB_FSCANF -GNULIB_FREOPEN -GNULIB_FREAD -GNULIB_FPUTS -GNULIB_FPUTC -GNULIB_FPURGE -GNULIB_FPRINTF_POSIX -GNULIB_FPRINTF -GNULIB_FOPEN -GNULIB_FGETS -GNULIB_FGETC -GNULIB_FFLUSH -GNULIB_FDOPEN -GNULIB_FCLOSE -GNULIB_DPRINTF WINDOWS_64_BIT_ST_SIZE WINDOWS_STAT_TIMESPEC NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H @@ -1557,6 +1532,7 @@ REPLACE_LSTAT REPLACE_FUTIMENS REPLACE_FSTATAT REPLACE_FSTAT +REPLACE_FCHMODAT HAVE_UTIMENSAT HAVE_MKNODAT HAVE_MKNOD @@ -1582,12 +1558,201 @@ GNULIB_FUTIMENS GNULIB_FSTATAT GNULIB_FSTAT GNULIB_FCHMODAT +REPLACE_VSPRINTF +REPLACE_VSNPRINTF +REPLACE_VPRINTF +REPLACE_VFPRINTF +REPLACE_VDPRINTF +REPLACE_VASPRINTF +REPLACE_TMPFILE +REPLACE_STDIO_WRITE_FUNCS +REPLACE_STDIO_READ_FUNCS +REPLACE_SPRINTF +REPLACE_SNPRINTF +REPLACE_RENAMEAT +REPLACE_RENAME +REPLACE_REMOVE +REPLACE_PRINTF +REPLACE_POPEN +REPLACE_PERROR +REPLACE_OBSTACK_PRINTF +REPLACE_GETLINE +REPLACE_GETDELIM +REPLACE_FTELLO +REPLACE_FTELL +REPLACE_FSEEKO +REPLACE_FSEEK +REPLACE_FREOPEN +REPLACE_FPURGE +REPLACE_FPRINTF +REPLACE_FOPEN +REPLACE_FFLUSH +REPLACE_FDOPEN +REPLACE_FCLOSE +REPLACE_DPRINTF +HAVE_VDPRINTF +HAVE_VASPRINTF +HAVE_RENAMEAT +HAVE_POPEN +HAVE_PCLOSE +HAVE_FTELLO +HAVE_FSEEKO +HAVE_DPRINTF +HAVE_DECL_VSNPRINTF +HAVE_DECL_SNPRINTF +HAVE_DECL_OBSTACK_PRINTF +HAVE_DECL_GETLINE +HAVE_DECL_GETDELIM +HAVE_DECL_FTELLO +HAVE_DECL_FSEEKO +HAVE_DECL_FPURGE +GNULIB_VSPRINTF_POSIX +GNULIB_VSNPRINTF +GNULIB_VPRINTF_POSIX +GNULIB_VPRINTF +GNULIB_VFPRINTF_POSIX +GNULIB_VFPRINTF +GNULIB_VDPRINTF +GNULIB_VSCANF +GNULIB_VFSCANF +GNULIB_VASPRINTF +GNULIB_TMPFILE +GNULIB_STDIO_H_SIGPIPE +GNULIB_STDIO_H_NONBLOCKING +GNULIB_SPRINTF_POSIX +GNULIB_SNPRINTF +GNULIB_SCANF +GNULIB_RENAMEAT +GNULIB_RENAME +GNULIB_REMOVE +GNULIB_PUTS +GNULIB_PUTCHAR +GNULIB_PUTC +GNULIB_PRINTF_POSIX +GNULIB_PRINTF +GNULIB_POPEN +GNULIB_PERROR +GNULIB_PCLOSE +GNULIB_OBSTACK_PRINTF_POSIX +GNULIB_OBSTACK_PRINTF +GNULIB_GETLINE +GNULIB_GETDELIM +GNULIB_GETCHAR +GNULIB_GETC +GNULIB_FWRITE +GNULIB_FTELLO +GNULIB_FTELL +GNULIB_FSEEKO +GNULIB_FSEEK +GNULIB_FSCANF +GNULIB_FREOPEN +GNULIB_FREAD +GNULIB_FPUTS +GNULIB_FPUTC +GNULIB_FPURGE +GNULIB_FPRINTF_POSIX +GNULIB_FPRINTF +GNULIB_FOPEN +GNULIB_FGETS +GNULIB_FGETC +GNULIB_FFLUSH +GNULIB_FDOPEN +GNULIB_FCLOSE +GNULIB_DPRINTF REPLACE_ITOLD GL_GENERATE_FLOAT_H_FALSE GL_GENERATE_FLOAT_H_TRUE FLOAT_H NEXT_AS_FIRST_DIRECTIVE_FLOAT_H NEXT_FLOAT_H +NEXT_AS_FIRST_DIRECTIVE_FCNTL_H +NEXT_FCNTL_H +REPLACE_OPENAT +REPLACE_OPEN +REPLACE_FCNTL +REPLACE_CREAT +HAVE_OPENAT +HAVE_FCNTL +GNULIB_OPENAT +GNULIB_OPEN +GNULIB_NONBLOCKING +GNULIB_FCNTL +GNULIB_CREAT +UNDEFINE_STRTOK_R +REPLACE_STRSIGNAL +REPLACE_STRERROR_R +REPLACE_STRERROR +REPLACE_STRTOK_R +REPLACE_STRCASESTR +REPLACE_STRSTR +REPLACE_STRNLEN +REPLACE_STRNDUP +REPLACE_STRNCAT +REPLACE_STRDUP +REPLACE_STRCHRNUL +REPLACE_STPNCPY +REPLACE_MEMMEM +REPLACE_MEMCHR +HAVE_STRVERSCMP +HAVE_DECL_STRSIGNAL +HAVE_DECL_STRERROR_R +HAVE_DECL_STRTOK_R +HAVE_STRCASESTR +HAVE_STRSEP +HAVE_STRPBRK +HAVE_DECL_STRNLEN +HAVE_DECL_STRNDUP +HAVE_DECL_STRDUP +HAVE_STRCHRNUL +HAVE_STPNCPY +HAVE_STPCPY +HAVE_RAWMEMCHR +HAVE_DECL_MEMRCHR +HAVE_MEMPCPY +HAVE_DECL_MEMMEM +HAVE_MEMCHR +HAVE_FFSLL +HAVE_FFSL +HAVE_EXPLICIT_BZERO +HAVE_MBSLEN +GNULIB_STRVERSCMP +GNULIB_STRSIGNAL +GNULIB_STRERROR_R +GNULIB_STRERROR +GNULIB_MBSTOK_R +GNULIB_MBSSEP +GNULIB_MBSSPN +GNULIB_MBSPBRK +GNULIB_MBSCSPN +GNULIB_MBSCASESTR +GNULIB_MBSPCASECMP +GNULIB_MBSNCASECMP +GNULIB_MBSCASECMP +GNULIB_MBSSTR +GNULIB_MBSRCHR +GNULIB_MBSCHR +GNULIB_MBSNLEN +GNULIB_MBSLEN +GNULIB_STRTOK_R +GNULIB_STRCASESTR +GNULIB_STRSTR +GNULIB_STRSEP +GNULIB_STRPBRK +GNULIB_STRNLEN +GNULIB_STRNDUP +GNULIB_STRNCAT +GNULIB_STRDUP +GNULIB_STRCHRNUL +GNULIB_STPNCPY +GNULIB_STPCPY +GNULIB_RAWMEMCHR +GNULIB_MEMRCHR +GNULIB_MEMPCPY +GNULIB_MEMMEM +GNULIB_MEMCHR +GNULIB_FFSLL +GNULIB_FFSL +GNULIB_EXPLICIT_BZERO EOVERFLOW_VALUE EOVERFLOW_HIDDEN ENOLINK_VALUE @@ -1599,9 +1764,11 @@ GL_GENERATE_ERRNO_H_TRUE ERRNO_H NEXT_AS_FIRST_DIRECTIVE_ERRNO_H NEXT_ERRNO_H +HAVE_MSVC_INVALID_PARAMETER_HANDLER GL_GENERATE_BYTESWAP_H_FALSE GL_GENERATE_BYTESWAP_H_TRUE BYTESWAP_H +HAVE_WS2TCPIP_H HAVE_FEATURES_H NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H NEXT_ARPA_INET_H @@ -1729,6 +1896,7 @@ REPLACE_DUP2 REPLACE_DUP REPLACE_CLOSE REPLACE_CHOWN +REPLACE_ACCESS HAVE_SYS_PARAM_H HAVE_OS_H HAVE_DECL_TTYNAME_R @@ -1758,11 +1926,13 @@ HAVE_LINKAT HAVE_LINK HAVE_LCHOWN HAVE_GROUP_MEMBER +HAVE_GETRANDOM HAVE_GETPASS HAVE_GETPAGESIZE HAVE_GETLOGIN HAVE_GETHOSTNAME HAVE_GETGROUPS +HAVE_GETENTROPY HAVE_GETDTABLESIZE HAVE_FTRUNCATE HAVE_FSYNC @@ -1773,6 +1943,7 @@ HAVE_FACCESSAT HAVE_EUIDACCESS HAVE_DUP3 HAVE_DUP2 +HAVE_COPY_FILE_RANGE HAVE_CHOWN GNULIB_WRITE GNULIB_USLEEP @@ -1801,12 +1972,15 @@ GNULIB_LCHOWN GNULIB_ISATTY GNULIB_GROUP_MEMBER GNULIB_GETUSERSHELL +GNULIB_GETRANDOM GNULIB_GETPASS GNULIB_GETPAGESIZE +GNULIB_GETOPT_POSIX GNULIB_GETLOGIN_R GNULIB_GETLOGIN GNULIB_GETHOSTNAME GNULIB_GETGROUPS +GNULIB_GETENTROPY GNULIB_GETDTABLESIZE GNULIB_GETDOMAINNAME GNULIB_GETCWD @@ -1821,9 +1995,11 @@ GNULIB_ENVIRON GNULIB_DUP3 GNULIB_DUP2 GNULIB_DUP +GNULIB_COPY_FILE_RANGE GNULIB_CLOSE GNULIB_CHOWN GNULIB_CHDIR +GNULIB_ACCESS ENABLE_OPENSSL_FALSE ENABLE_OPENSSL_TRUE ENABLE_OCSP_FALSE @@ -1852,6 +2028,8 @@ ENABLE_SSL3_FALSE ENABLE_SSL3_TRUE ALLOW_SHA1_FALSE ALLOW_SHA1_TRUE +STRICT_DER_TIME_FALSE +STRICT_DER_TIME_TRUE ENABLE_MINITASN1_FALSE ENABLE_MINITASN1_TRUE LIBTASN1_LIBS @@ -1884,6 +2062,8 @@ LT_REVISION LT_CURRENT HAVE_GETENTROPY_FALSE HAVE_GETENTROPY_TRUE +HAVE_KERN_ARND_FALSE +HAVE_KERN_ARND_TRUE HAVE_GCC_FALSE HAVE_GCC_TRUE HAVE_GCC_GNU89_INLINE_OPTION_FALSE @@ -1911,6 +2091,8 @@ WINDOWS_FALSE WINDOWS_TRUE ANDROID_FALSE ANDROID_TRUE +LIBNCRYPT +LIB_CRYPT32 ENABLE_CXX_FALSE ENABLE_CXX_TRUE NUMBER_VERSION @@ -2034,7 +2216,6 @@ infodir docdir oldincludedir includedir -runstatedir localstatedir sharedstatedir sysconfdir @@ -2070,11 +2251,13 @@ enable_doc enable_manpages enable_tools enable_cxx +enable_dyn_ncrypt enable_hardware_acceleration enable_tls13_interop enable_padlock with_nettle_mini with_included_libtasn1 +enable_strict_der_time enable_sha1_support enable_ssl3_support enable_ssl2_support @@ -2107,10 +2290,12 @@ with_libcrypto_prefix with_librt_prefix with_libpthread_prefix with_included_unistring +enable_cross_guesses enable_ld_version_script enable_valgrind_tests -with_libpth_prefix enable_full_test_suite +enable_oldgnutls_interop +with_libev_prefix enable_gcc_warnings enable_static enable_shared @@ -2182,6 +2367,8 @@ LT_SYS_LIBRARY_PATH CXXCPP CMOCKA_CFLAGS CMOCKA_LIBS +LIBIDN2_CFLAGS +LIBIDN2_LIBS P11_KIT_CFLAGS P11_KIT_LIBS GUILE_CFLAGS @@ -2224,7 +2411,6 @@ datadir='${datarootdir}' sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' -runstatedir='${localstatedir}/run' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' @@ -2477,15 +2663,6 @@ do | -silent | --silent | --silen | --sile | --sil) silent=yes ;; - -runstatedir | --runstatedir | --runstatedi | --runstated \ - | --runstate | --runstat | --runsta | --runst | --runs \ - | --run | --ru | --r) - ac_prev=runstatedir ;; - -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ - | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ - | --run=* | --ru=* | --r=*) - runstatedir=$ac_optarg ;; - -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ @@ -2623,7 +2800,7 @@ fi for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ - libdir localedir mandir runstatedir + libdir localedir mandir do eval ac_val=\$$ac_var # Remove trailing slashes. @@ -2736,7 +2913,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures GnuTLS 3.6.8 to adapt to many kinds of systems. +\`configure' configures GnuTLS 3.6.14 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -2776,7 +2953,6 @@ Fine tuning of the installation directories: --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] - --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] @@ -2807,7 +2983,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of GnuTLS 3.6.8:";; + short | recursive ) echo "Configuration of GnuTLS 3.6.14:";; esac cat <<\_ACEOF @@ -2822,7 +2998,7 @@ Optional Features: --disable-dependency-tracking speeds up one-time build --disable-largefile omit support for large files - --enable-threads={posix|solaris|pth|windows} + --enable-threads={isoc|posix|isoc+posix|windows} specify multithreading API --disable-threads build without multithread safety --enable-code-coverage Whether to enable code coverage support @@ -2834,10 +3010,13 @@ Optional Features: --enable-manpages install manpages even if disable-doc is given --disable-tools don't compile any tools --disable-cxx unconditionally disable the C++ library + --enable-dyn-ncrypt use ncrypt dynamically --disable-hardware-acceleration unconditionally disable hardware acceleration --disable-tls13-interop disable TLS1.3 interoperability testing with openssl --disable-padlock unconditionally disable padlock acceleration + --disable-strict-der-time + allow non compliant DER time values --enable-sha1-support allow SHA1 as an acceptable hash for cert digital signatures --enable-ssl3-support enable support for the SSL 3.0 protocol @@ -2869,12 +3048,17 @@ Optional Features: --disable-nls do not use Native Language Support --disable-rpath do not hardcode runtime library paths --enable-seccomp-tests unconditionally enable tests with seccomp + --enable-cross-guesses={conservative|risky} + specify policy for cross-compilation guesses --enable-ld-version-script enable linker version script (default is enabled when possible) --enable-valgrind-tests try to run self tests under valgrind --disable-full-test-suite disable running very slow components of test suite + --enable-oldgnutls-interop + enable interoperability testing with old gnutls + version --disable-gcc-warnings turn off lots of GCC warnings (for developers) --enable-static[=PKGS] build static libraries [default=no] --enable-shared[=PKGS] build shared libraries [default=yes] @@ -2915,8 +3099,8 @@ Optional Packages: --without-libpthread-prefix don't search for libpthread in includedir and libdir --with-included-unistring disable linking with system libunistring - --with-libpth-prefix[=DIR] search for libpth in DIR/include and DIR/lib - --without-libpth-prefix don't search for libpth in includedir and libdir + --with-libev-prefix[=DIR] search for libev in DIR/include and DIR/lib + --without-libev-prefix don't search for libev in includedir and libdir --with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use both] --with-aix-soname=aix|svr4|both @@ -2932,9 +3116,11 @@ Optional Packages: --with-unbound-root-key-file specify the unbound root key file --with-system-priority-file - specify the system priority file + specify the system-wide config file (set empty to + disable) --with-default-priority-string - specify the default priority string (e.g. @SYSTEM) + specify the default priority string used by + gnutls_set_default_priority (default is NORMAL) --without-p11-kit Build without p11-kit and PKCS#11 support --without-tpm Disable TPM (trousers) support. --with-trousers-lib=LIB set the location of the trousers library @@ -3010,6 +3196,10 @@ Some influential environment variables: CMOCKA_CFLAGS C compiler flags for CMOCKA, overriding pkg-config CMOCKA_LIBS linker flags for CMOCKA, overriding pkg-config + LIBIDN2_CFLAGS + C compiler flags for LIBIDN2, overriding pkg-config + LIBIDN2_LIBS + linker flags for LIBIDN2, overriding pkg-config P11_KIT_CFLAGS C compiler flags for P11_KIT, overriding pkg-config P11_KIT_LIBS @@ -3084,7 +3274,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -GnuTLS configure 3.6.8 +GnuTLS configure 3.6.14 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -3788,6 +3978,10 @@ $as_echo "$ac_res" >&6; } # accordingly. ac_fn_c_check_decl () { + ac_save_ac_compile="$ac_compile" + if test -n "$ac_compile_for_check_decl"; then + ac_compile="$ac_compile_for_check_decl" + fi as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack as_decl_name=`echo $2|sed 's/ *(.*//'` as_decl_use=`echo $2|sed -e 's/(/((/' -e 's/)/) 0&/' -e 's/,/) 0& (/g'` @@ -3825,6 +4019,7 @@ eval ac_res=\$$3 { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 $as_echo "$ac_res" >&6; } eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + ac_compile="$ac_save_ac_compile" } # ac_fn_c_check_decl @@ -3914,7 +4109,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by GnuTLS $as_me 3.6.8, which was +It was created by GnuTLS $as_me 3.6.14, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -4198,17 +4393,26 @@ as_fn_append ac_header_list " sys/socket.h" gt_needs="$gt_needs " as_fn_append ac_header_list " arpa/inet.h" as_fn_append ac_header_list " features.h" +as_fn_append ac_func_list " _set_invalid_parameter_handler" +as_fn_append ac_func_list " explicit_bzero" +as_fn_append ac_func_list " memset_s" +as_fn_append ac_func_list " fcntl" +as_fn_append ac_header_list " unistd.h" +as_fn_append ac_func_list " symlink" as_fn_append ac_header_list " sys/stat.h" as_fn_append ac_func_list " getdelim" +as_fn_append ac_func_list " getdtablesize" as_fn_append ac_header_list " sys/time.h" as_fn_append ac_func_list " gettimeofday" as_fn_append ac_header_list " netdb.h" as_fn_append ac_header_list " netinet/in.h" as_fn_append ac_header_list " limits.h" -as_fn_append ac_header_list " unistd.h" +as_fn_append ac_header_list " wchar.h" +as_fn_append ac_header_list " stdint.h" +as_fn_append ac_header_list " inttypes.h" as_fn_append ac_header_list " sys/mman.h" as_fn_append ac_func_list " mprotect" -as_fn_append ac_func_list " _set_invalid_parameter_handler" +as_fn_append ac_func_list " lstat" as_fn_append ac_header_list " sys/param.h" as_fn_append ac_func_list " secure_getenv" as_fn_append ac_func_list " getuid" @@ -4216,8 +4420,6 @@ as_fn_append ac_func_list " geteuid" as_fn_append ac_func_list " getgid" as_fn_append ac_func_list " getegid" as_fn_append ac_func_list " snprintf" -as_fn_append ac_header_list " wchar.h" -as_fn_append ac_header_list " stdint.h" as_fn_append ac_func_list " strdup" as_fn_append ac_header_list " strings.h" as_fn_append ac_func_list " strndup" @@ -4225,11 +4427,7 @@ as_fn_append ac_header_list " sys/uio.h" as_fn_append ac_func_list " localtime_r" as_fn_append ac_func_list " vasnprintf" as_fn_append ac_header_list " crtdefs.h" -as_fn_append ac_func_list " fcntl" -as_fn_append ac_func_list " symlink" as_fn_append ac_func_list " ftruncate" -as_fn_append ac_func_list " getdtablesize" -as_fn_append ac_header_list " inttypes.h" as_fn_append ac_func_list " isblank" as_fn_append ac_header_list " langinfo.h" as_fn_append ac_header_list " xlocale.h" @@ -4237,11 +4435,14 @@ as_fn_append ac_func_list " newlocale" as_fn_append ac_func_list " uselocale" as_fn_append ac_func_list " duplocale" as_fn_append ac_func_list " freelocale" -as_fn_append ac_func_list " lstat" +as_fn_append ac_header_list " threads.h" as_fn_append ac_header_list " sys/select.h" as_fn_append ac_func_list " strerror_r" as_fn_append ac_func_list " __xpg_strerror_r" as_fn_append ac_func_list " pipe" +as_fn_append ac_header_list " pthread.h" +as_fn_append ac_func_list " pthread_sigmask" +as_fn_append ac_header_list " sys/cdefs.h" as_fn_append ac_header_list " sys/wait.h" as_fn_append ac_func_list " setenv" as_fn_append ac_func_list " sigaction" @@ -4251,6 +4452,8 @@ as_fn_append ac_func_list " sleep" as_fn_append ac_func_list " catgets" as_fn_append ac_header_list " sys/ioctl.h" as_fn_append ac_func_list " shutdown" +as_fn_append ac_func_list " mquery" +as_fn_append ac_func_list " pstat_getprocvm" as_fn_append ac_func_list " getpass" as_fn_append ac_header_list " stdio_ext.h" as_fn_append ac_header_list " termios.h" @@ -4913,7 +5116,7 @@ fi # Define the identity of the package. PACKAGE='gnutls' - VERSION='3.6.8' + VERSION='3.6.14' cat >>confdefs.h <<_ACEOF @@ -5471,6 +5674,100 @@ esac fi fi +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}clang", so it can be a program name with args. +set dummy ${ac_tool_prefix}clang; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}clang" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "clang", so it can be a program name with args. +set dummy clang; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="clang" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +else + CC="$ac_cv_prog_CC" +fi + +fi test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 @@ -5482,7 +5779,7 @@ See \`config.log' for more details" "$LINENO" 5; } $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 set X $ac_compile ac_compiler=$2 -for ac_option in --version -v -V -qversion; do +for ac_option in --version -v -V -qversion -version; do { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; @@ -5868,8 +6165,420 @@ else CFLAGS= fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 -$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C11 features" >&5 +$as_echo_n "checking for $CC option to enable C11 features... " >&6; } +if ${ac_cv_prog_cc_c11+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_prog_cc_c11=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#include +#include +#include +#include + +// Check varargs macros. These examples are taken from C99 6.10.3.5. +#define debug(...) fprintf (stderr, __VA_ARGS__) +#define showlist(...) puts (#__VA_ARGS__) +#define report(test,...) ((test) ? puts (#test) : printf (__VA_ARGS__)) +static void +test_varargs_macros (void) +{ + int x = 1234; + int y = 5678; + debug ("Flag"); + debug ("X = %d\n", x); + showlist (The first, second, and third items.); + report (x>y, "x is %d but y is %d", x, y); +} + +// Check long long types. +#define BIG64 18446744073709551615ull +#define BIG32 4294967295ul +#define BIG_OK (BIG64 / BIG32 == 4294967297ull && BIG64 % BIG32 == 0) +#if !BIG_OK + your preprocessor is broken; +#endif +#if BIG_OK +#else + your preprocessor is broken; +#endif +static long long int bignum = -9223372036854775807LL; +static unsigned long long int ubignum = BIG64; + +struct incomplete_array +{ + int datasize; + double data[]; +}; + +struct named_init { + int number; + const wchar_t *name; + double average; +}; + +typedef const char *ccp; + +static inline int +test_restrict (ccp restrict text) +{ + // See if C++-style comments work. + // Iterate through items via the restricted pointer. + // Also check for declarations in for loops. + for (unsigned int i = 0; *(text+i) != '\0'; ++i) + continue; + return 0; +} + +// Check varargs and va_copy. +static bool +test_varargs (const char *format, ...) +{ + va_list args; + va_start (args, format); + va_list args_copy; + va_copy (args_copy, args); + + const char *str = ""; + int number = 0; + float fnumber = 0; + + while (*format) + { + switch (*format++) + { + case 's': // string + str = va_arg (args_copy, const char *); + break; + case 'd': // int + number = va_arg (args_copy, int); + break; + case 'f': // float + fnumber = va_arg (args_copy, double); + break; + default: + break; + } + } + va_end (args_copy); + va_end (args); + + return *str && number && fnumber; +} +// Check _Alignas. +char _Alignas (double) aligned_as_double; +char _Alignas (0) no_special_alignment; +extern char aligned_as_int; +char _Alignas (0) _Alignas (int) aligned_as_int; + +// Check _Alignof. +enum +{ + int_alignment = _Alignof (int), + int_array_alignment = _Alignof (int[100]), + char_alignment = _Alignof (char) +}; +_Static_assert (0 < -_Alignof (int), "_Alignof is signed"); + +// Check _Noreturn. +int _Noreturn does_not_return (void) { for (;;) continue; } + +// Check _Static_assert. +struct test_static_assert +{ + int x; + _Static_assert (sizeof (int) <= sizeof (long int), + "_Static_assert does not work in struct"); + long int y; +}; + +// Check UTF-8 literals. +#define u8 syntax error! +char const utf8_literal[] = u8"happens to be ASCII" "another string"; + +// Check duplicate typedefs. +typedef long *long_ptr; +typedef long int *long_ptr; +typedef long_ptr long_ptr; + +// Anonymous structures and unions -- taken from C11 6.7.2.1 Example 1. +struct anonymous +{ + union { + struct { int i; int j; }; + struct { int k; long int l; } w; + }; + int m; +} v1; + +int +main () +{ + + // Check bool. + _Bool success = false; + + // Check restrict. + if (test_restrict ("String literal") == 0) + success = true; + char *restrict newvar = "Another string"; + + // Check varargs. + success &= test_varargs ("s, d' f .", "string", 65, 34.234); + test_varargs_macros (); + + // Check flexible array members. + struct incomplete_array *ia = + malloc (sizeof (struct incomplete_array) + (sizeof (double) * 10)); + ia->datasize = 10; + for (int i = 0; i < ia->datasize; ++i) + ia->data[i] = i * 1.234; + + // Check named initializers. + struct named_init ni = { + .number = 34, + .name = L"Test wide string", + .average = 543.34343, + }; + + ni.number = 58; + + int dynamic_array[ni.number]; + dynamic_array[ni.number - 1] = 543; + + // work around unused variable warnings + return (!success || bignum == 0LL || ubignum == 0uLL || newvar[0] == 'x' + || dynamic_array[ni.number - 1] != 543); + + v1.i = 2; + v1.w.k = 5; + _Static_assert ((offsetof (struct anonymous, i) + == offsetof (struct anonymous, w.k)), + "Anonymous union alignment botch"); + + ; + return 0; +} +_ACEOF +for ac_arg in '' -std=gnu11 +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_c11=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cc_c11" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC + +fi +# AC_CACHE_VAL +ac_prog_cc_stdc_options= +case "x$ac_cv_prog_cc_c11" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + ac_prog_cc_stdc_options=" $ac_cv_prog_cc_c11" + CC=$CC$ac_prog_cc_stdc_options + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c11" >&5 +$as_echo "$ac_cv_prog_cc_c11" >&6; } ;; +esac +if test "x$ac_cv_prog_cc_c11" != xno; then : + ac_prog_cc_stdc=c11 + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c11 +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C99 features" >&5 +$as_echo_n "checking for $CC option to enable C99 features... " >&6; } +if ${ac_cv_prog_cc_c99+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_prog_cc_c99=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#include +#include +#include +#include + +// Check varargs macros. These examples are taken from C99 6.10.3.5. +#define debug(...) fprintf (stderr, __VA_ARGS__) +#define showlist(...) puts (#__VA_ARGS__) +#define report(test,...) ((test) ? puts (#test) : printf (__VA_ARGS__)) +static void +test_varargs_macros (void) +{ + int x = 1234; + int y = 5678; + debug ("Flag"); + debug ("X = %d\n", x); + showlist (The first, second, and third items.); + report (x>y, "x is %d but y is %d", x, y); +} + +// Check long long types. +#define BIG64 18446744073709551615ull +#define BIG32 4294967295ul +#define BIG_OK (BIG64 / BIG32 == 4294967297ull && BIG64 % BIG32 == 0) +#if !BIG_OK + your preprocessor is broken; +#endif +#if BIG_OK +#else + your preprocessor is broken; +#endif +static long long int bignum = -9223372036854775807LL; +static unsigned long long int ubignum = BIG64; + +struct incomplete_array +{ + int datasize; + double data[]; +}; + +struct named_init { + int number; + const wchar_t *name; + double average; +}; + +typedef const char *ccp; + +static inline int +test_restrict (ccp restrict text) +{ + // See if C++-style comments work. + // Iterate through items via the restricted pointer. + // Also check for declarations in for loops. + for (unsigned int i = 0; *(text+i) != '\0'; ++i) + continue; + return 0; +} + +// Check varargs and va_copy. +static bool +test_varargs (const char *format, ...) +{ + va_list args; + va_start (args, format); + va_list args_copy; + va_copy (args_copy, args); + + const char *str = ""; + int number = 0; + float fnumber = 0; + + while (*format) + { + switch (*format++) + { + case 's': // string + str = va_arg (args_copy, const char *); + break; + case 'd': // int + number = va_arg (args_copy, int); + break; + case 'f': // float + fnumber = va_arg (args_copy, double); + break; + default: + break; + } + } + va_end (args_copy); + va_end (args); + + return *str && number && fnumber; +} +int +main () +{ + + // Check bool. + _Bool success = false; + + // Check restrict. + if (test_restrict ("String literal") == 0) + success = true; + char *restrict newvar = "Another string"; + + // Check varargs. + success &= test_varargs ("s, d' f .", "string", 65, 34.234); + test_varargs_macros (); + + // Check flexible array members. + struct incomplete_array *ia = + malloc (sizeof (struct incomplete_array) + (sizeof (double) * 10)); + ia->datasize = 10; + for (int i = 0; i < ia->datasize; ++i) + ia->data[i] = i * 1.234; + + // Check named initializers. + struct named_init ni = { + .number = 34, + .name = L"Test wide string", + .average = 543.34343, + }; + + ni.number = 58; + + int dynamic_array[ni.number]; + dynamic_array[ni.number - 1] = 543; + + // work around unused variable warnings + return (!success || bignum == 0LL || ubignum == 0uLL || newvar[0] == 'x' + || dynamic_array[ni.number - 1] != 543); + + ; + return 0; +} +_ACEOF +for ac_arg in '' -std=gnu99 -std=c99 -c99 -AC99 -D_STDC_C99= -qlanglvl=extc1x -qlanglvl=extc99 +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_c99=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cc_c99" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC + +fi +# AC_CACHE_VAL +ac_prog_cc_stdc_options= +case "x$ac_cv_prog_cc_c99" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + ac_prog_cc_stdc_options=" $ac_cv_prog_cc_c99" + CC=$CC$ac_prog_cc_stdc_options + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 +$as_echo "$ac_cv_prog_cc_c99" >&6; } ;; +esac +if test "x$ac_cv_prog_cc_c99" != xno; then : + ac_prog_cc_stdc=c99 + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c99 +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to enable C89 features" >&5 +$as_echo_n "checking for $CC option to enable C89 features... " >&6; } if ${ac_cv_prog_cc_c89+:} false; then : $as_echo_n "(cached) " >&6 else @@ -5942,6 +6651,7 @@ CC=$ac_save_CC fi # AC_CACHE_VAL +ac_prog_cc_stdc_options= case "x$ac_cv_prog_cc_c89" in x) { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 @@ -5950,33 +6660,42 @@ $as_echo "none needed" >&6; } ;; { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 $as_echo "unsupported" >&6; } ;; *) - CC="$CC $ac_cv_prog_cc_c89" + ac_prog_cc_stdc_options=" $ac_cv_prog_cc_c89" + CC=$CC$ac_prog_cc_stdc_options { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 $as_echo "$ac_cv_prog_cc_c89" >&6; } ;; esac if test "x$ac_cv_prog_cc_c89" != xno; then : + ac_prog_cc_stdc=c89 + ac_cv_prog_cc_stdc=$ac_cv_prog_cc_c89 +else + ac_prog_cc_stdc=no + ac_cv_prog_cc_stdc=no +fi fi -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu +fi ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 -$as_echo_n "checking whether $CC understands -c and -o together... " >&6; } -if ${am_cv_prog_cc_c_o+:} false; then : + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the compiler is clang" >&5 +$as_echo_n "checking whether the compiler is clang... " >&6; } +if ${gl_cv_compiler_clang+:} false; then : $as_echo_n "(cached) " >&6 else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ + #ifdef __clang__ + barfbarf + #endif + int main () { @@ -5984,43 +6703,58 @@ main () ; return 0; } + _ACEOF - # Make sure it works both with $CC and with simple cc. - # Following AC_PROG_CC_C_O, we do the test twice because some - # compilers refuse to overwrite an existing .o file with -o, - # though they will create one. - am_cv_prog_cc_c_o=yes - for am_i in 1 2; do - if { echo "$as_me:$LINENO: $CC -c conftest.$ac_ext -o conftest2.$ac_objext" >&5 - ($CC -c conftest.$ac_ext -o conftest2.$ac_objext) >&5 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } \ - && test -f conftest2.$ac_objext; then - : OK - else - am_cv_prog_cc_c_o=no - break - fi - done - rm -f core conftest* - unset am_i -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 -$as_echo "$am_cv_prog_cc_c_o" >&6; } -if test "$am_cv_prog_cc_c_o" != yes; then - # Losing compiler, so override with the script. - # FIXME: It is wrong to rewrite CC. - # But if we don't then we get into trouble of one sort or another. - # A longer-term fix would be to have automake use am__CC in this case, - # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" - CC="$am_aux_dir/compile $CC" +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_compiler_clang=no +else + gl_cv_compiler_clang=yes fi -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_compiler_clang" >&5 +$as_echo "$gl_cv_compiler_clang" >&6; } + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for compiler option needed when checking for declarations" >&5 +$as_echo_n "checking for compiler option needed when checking for declarations... " >&6; } +if ${gl_cv_compiler_check_decl_option+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test $gl_cv_compiler_clang = yes; then + save_ac_compile="$ac_compile" + ac_compile="$ac_compile -Werror=implicit-function-declaration" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_compiler_check_decl_option='-Werror=implicit-function-declaration' +else + gl_cv_compiler_check_decl_option=none +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_compile="$save_ac_compile" + else + gl_cv_compiler_check_decl_option=none + fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_compiler_check_decl_option" >&5 +$as_echo "$gl_cv_compiler_check_decl_option" >&6; } + if test "x$gl_cv_compiler_check_decl_option" != xnone; then + ac_compile_for_check_decl="$ac_compile $gl_cv_compiler_check_decl_option" + else + ac_compile_for_check_decl="$ac_compile" + fi DEPDIR="${am__leading_dot}deps" @@ -7190,7 +7924,9 @@ fi ;; esac -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for _LARGEFILE_SOURCE value needed for large files" >&5 + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _LARGEFILE_SOURCE value needed for large files" >&5 $as_echo_n "checking for _LARGEFILE_SOURCE value needed for large files... " >&6; } if ${ac_cv_sys_largefile_source+:} false; then : $as_echo_n "(cached) " >&6 @@ -7258,6 +7994,14 @@ $as_echo "#define HAVE_FSEEKO 1" >>confdefs.h fi + case "$host_os" in + hpux*) + +$as_echo "#define _LARGEFILE_SOURCE 1" >>confdefs.h + + ;; + esac + # Check whether --enable-largefile was given. if test "${enable_largefile+set}" = set; then : enableval=$enable_largefile; @@ -7454,10 +8198,6 @@ _ACEOF esac rm -rf conftest* fi - - -$as_echo "#define _DARWIN_USE_64_BIT_INODE 1" >>confdefs.h - fi @@ -7465,6 +8205,7 @@ fi + # Check whether --enable-threads was given. if test "${enable_threads+set}" = set; then : enableval=$enable_threads; gl_use_threads=$enableval @@ -7473,21 +8214,34 @@ else gl_use_threads="$gl_use_threads_default" else case "$host_os" in - osf*) gl_use_threads=no ;; - cygwin*) + osf*) gl_use_threads=no ;; + cygwin*) case `uname -r` in 1.[0-5].*) gl_use_threads=no ;; *) gl_use_threads=yes ;; esac ;; + mingw*) + case "$gl_use_winpthreads_default" in + yes) gl_use_threads=posix ;; + no) gl_use_threads=windows ;; + *) gl_use_threads=yes ;; + esac + ;; *) gl_use_threads=yes ;; esac fi fi - if test "$gl_use_threads" = yes || test "$gl_use_threads" = posix; then - # For using : + if test "$gl_use_threads" = yes \ + || test "$gl_use_threads" = isoc \ + || test "$gl_use_threads" = posix \ + || test "$gl_use_threads" = isoc+posix; then + # For using or : + + + if test -z "$gl_anythreadlib_early_done"; then case "$host_os" in osf*) # On OSF/1, the compiler needs the flag -D_REENTRANT so that it @@ -7506,6 +8260,9 @@ fi aix* | freebsd*) CPPFLAGS="$CPPFLAGS -D_THREAD_SAFE" ;; solaris*) CPPFLAGS="$CPPFLAGS -D_REENTRANT" ;; esac + gl_anythreadlib_early_done=done + fi + fi @@ -7522,10 +8279,13 @@ fi # Code from module alloca-opt-tests: # Code from module arpa_inet: # Code from module arpa_inet-tests: + # Code from module attribute: # Code from module binary-io: # Code from module binary-io-tests: # Code from module bind: # Code from module bind-tests: + # Code from module bitrotate: + # Code from module bitrotate-tests: # Code from module builtin-expect: # Code from module byteswap: # Code from module byteswap-tests: @@ -7533,6 +8293,7 @@ fi # Code from module c-ctype-tests: # Code from module c-strcase: # Code from module c-strcase-tests: + # Code from module c99: # Code from module cloexec: # Code from module cloexec-tests: # Code from module close: @@ -7541,13 +8302,14 @@ fi # Code from module connect-tests: # Code from module ctype: # Code from module ctype-tests: - # Code from module dosname: # Code from module dup2: # Code from module dup2-tests: # Code from module environ: # Code from module environ-tests: # Code from module errno: # Code from module errno-tests: + # Code from module explicit_bzero: + # Code from module explicit_bzero-tests: # Code from module extensions: # Code from module extern-inline: # Code from module fcntl: @@ -7562,6 +8324,10 @@ fi # Code from module flexmember: # Code from module float: # Code from module float-tests: + # Code from module fopen: + # Code from module fopen-gnu: + # Code from module fopen-gnu-tests: + # Code from module fopen-tests: # Code from module fpieee: # Code from module fpucw: @@ -7593,7 +8359,10 @@ fi # Code from module gettimeofday: # Code from module gettimeofday-tests: # Code from module gnumakefile: + # Code from module hash: + # Code from module hash-pjw: # Code from module hash-pjw-bare: + # Code from module hash-tests: # Code from module havelib: # Code from module ignore-value: # Code from module ignore-value-tests: @@ -7604,6 +8373,8 @@ fi # Code from module inet_pton-tests: # Code from module intprops: # Code from module intprops-tests: + # Code from module inttostr: + # Code from module inttostr-tests: # Code from module inttypes: # Code from module inttypes-incomplete: # Code from module inttypes-tests: @@ -7615,8 +8386,10 @@ fi # Code from module langinfo-tests: # Code from module largefile: + # Code from module ldd: # Code from module lib-msvc-compat: # Code from module lib-symbol-versions: + # Code from module libc-config: # Code from module limits-h: # Code from module limits-h-tests: # Code from module listen: @@ -7657,6 +8430,36 @@ fi # Code from module pipe-posix: # Code from module pipe-posix-tests: # Code from module pmccabe2html: + # Code from module pthread-h: + + + if test -z "$gl_anythreadlib_early_done"; then + case "$host_os" in + osf*) + # On OSF/1, the compiler needs the flag -D_REENTRANT so that it + # groks . cc also understands the flag -pthread, but + # we don't use it because 1. gcc-2.95 doesn't understand -pthread, + # 2. putting a flag into CPPFLAGS that has an effect on the linker + # causes the AC_LINK_IFELSE test below to succeed unexpectedly, + # leading to wrong values of LIBTHREAD and LTLIBTHREAD. + CPPFLAGS="$CPPFLAGS -D_REENTRANT" + ;; + esac + # Some systems optimize for single-threaded programs by default, and + # need special flags to disable these optimizations. For example, the + # definition of 'errno' in . + case "$host_os" in + aix* | freebsd*) CPPFLAGS="$CPPFLAGS -D_THREAD_SAFE" ;; + solaris*) CPPFLAGS="$CPPFLAGS -D_REENTRANT" ;; + esac + gl_anythreadlib_early_done=done + fi + + # Code from module pthread-h-tests: + # Code from module pthread-thread: + # Code from module pthread-thread-tests: + # Code from module pthread_sigmask: + # Code from module pthread_sigmask-tests: # Code from module putenv: # Code from module raise: # Code from module raise-tests: @@ -7664,12 +8467,16 @@ fi # Code from module read-file-tests: # Code from module realloc-posix: # Code from module same-inode: + # Code from module sched: + # Code from module sched-tests: # Code from module secure_getenv: # Code from module select: # Code from module select-tests: # Code from module setenv: # Code from module setenv-tests: # Code from module setlocale: + # Code from module setlocale-null: + # Code from module setlocale-null-tests: # Code from module setlocale-tests: # Code from module setsockopt: # Code from module setsockopt-tests: @@ -7698,6 +8505,7 @@ fi # Code from module stat-tests: # Code from module stat-time: # Code from module stat-time-tests: + # Code from module std-gnu11: # Code from module stdalign: # Code from module stdalign-tests: # Code from module stdbool: @@ -7745,6 +8553,8 @@ fi # Code from module sys_uio-tests: # Code from module test-framework-sh: # Code from module test-framework-sh-tests: + # Code from module thread: + # Code from module thread-tests: # Code from module threadlib: @@ -7766,11 +8576,18 @@ fi # Code from module vc-list-files-tests: # Code from module verify: # Code from module verify-tests: + # Code from module vma-iter: # Code from module vsnprintf: # Code from module vsnprintf-tests: # Code from module warnings: # Code from module wchar: # Code from module wchar-tests: + # Code from module windows-mutex: + # Code from module windows-once: + # Code from module windows-recmutex: + # Code from module windows-rwlock: + # Code from module windows-thread: + # Code from module windows-tls: # Code from module xalloc-oversized: # Code from module xsize: @@ -7785,19 +8602,29 @@ fi # Code from module alloca: # Code from module alloca-opt: # Code from module arpa_inet: + # Code from module attribute: # Code from module bind: + # Code from module bison: # Code from module c-ctype: + # Code from module c99: # Code from module clock-time: + # Code from module cloexec: # Code from module close: # Code from module connect: # Code from module dup2: # Code from module environ: # Code from module errno: + # Code from module explicit_bzero: # Code from module extensions: # Code from module extern-inline: + # Code from module fcntl: + # Code from module fcntl-h: # Code from module fd-hook: + # Code from module filename: # Code from module flexmember: # Code from module float: + # Code from module fopen: + # Code from module fopen-gnu: # Code from module fseek: # Code from module fseeko: @@ -7807,6 +8634,7 @@ fi # Code from module getaddrinfo: # Code from module getdelim: + # Code from module getdtablesize: # Code from module getline: # Code from module getpass: # Code from module getpeername: @@ -7839,6 +8667,7 @@ fi # Code from module netdb: # Code from module netinet_in: # Code from module nstrftime: + # Code from module open: # Code from module parse-datetime: # Code from module pathmax: # Code from module progname: @@ -7865,7 +8694,9 @@ fi # Code from module sockets: # Code from module socklen: # Code from module ssize_t: + # Code from module stat: # Code from module stat-time: + # Code from module std-gnu11: # Code from module stdalign: # Code from module stdbool: # Code from module stddef: @@ -7903,6 +8734,7 @@ fi # Code from module absolute-header: # Code from module array-mergesort: + # Code from module attribute: # Code from module gperf: # Code from module include_next: # Code from module inline: @@ -8314,7 +9146,7 @@ if test -z "$CXX"; then CXX=$CCC else if test -n "$ac_tool_prefix"; then - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC + for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC clang++ do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 @@ -8358,7 +9190,7 @@ fi fi if test -z "$CXX"; then ac_ct_CXX=$CXX - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC + for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC clang++ do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 @@ -8555,6 +9387,421 @@ else CXXFLAGS= fi fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CXX option to enable C++11 features" >&5 +$as_echo_n "checking for $CXX option to enable C++11 features... " >&6; } +ac_ext=cpp +ac_cpp='$CXXCPP $CPPFLAGS' +ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu +if ${ac_cv_prog_cxx_cxx11+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_prog_cxx_cxx11=no +ac_save_CXX=$CXX +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +#include +#include + +namespace cxx11test +{ + typedef std::shared_ptr sptr; + typedef std::weak_ptr wptr; + + typedef std::tuple tp; + typedef std::array int_array; + + constexpr int get_val() { return 20; } + + struct testinit + { + int i; + double d; + }; + + class delegate { + public: + delegate(int n) : n(n) {} + delegate(): delegate(2354) {} + + virtual int getval() { return this->n; }; + protected: + int n; + }; + + class overridden : public delegate { + public: + overridden(int n): delegate(n) {} + virtual int getval() override final { return this->n * 2; } + }; + + class nocopy { + public: + nocopy(int i): i(i) {} + nocopy() = default; + nocopy(const nocopy&) = delete; + nocopy & operator=(const nocopy&) = delete; + private: + int i; + }; +} + + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +namespace test { + typedef std::vector string_vec; + typedef std::pair map_value; + typedef std::map map_type; + typedef std::set set_type; + + template + class printer { + public: + printer(std::ostringstream& os): os(os) {} + void operator() (T elem) { os << elem << std::endl; } + private: + std::ostringstream& os; + }; +} + +int +main () +{ + +{ + // Test auto and decltype + std::deque d; + d.push_front(43); + d.push_front(484); + d.push_front(3); + d.push_front(844); + int total = 0; + for (auto i = d.begin(); i != d.end(); ++i) { total += *i; } + + auto a1 = 6538; + auto a2 = 48573953.4; + auto a3 = "String literal"; + + decltype(a2) a4 = 34895.034; +} +{ + // Test constexpr + short sa[cxx11test::get_val()] = { 0 }; +} +{ + // Test initializer lists + cxx11test::testinit il = { 4323, 435234.23544 }; +} +{ + // Test range-based for and lambda + cxx11test::int_array array = {9, 7, 13, 15, 4, 18, 12, 10, 5, 3, 14, 19, 17, 8, 6, 20, 16, 2, 11, 1}; + for (int &x : array) { x += 23; } + std::for_each(array.begin(), array.end(), [](int v1){ std::cout << v1; }); +} +{ + using cxx11test::sptr; + using cxx11test::wptr; + + sptr sp(new std::string("ASCII string")); + wptr wp(sp); + sptr sp2(wp); +} +{ + cxx11test::tp tuple("test", 54, 45.53434); + double d = std::get<2>(tuple); + std::string s; + int i; + std::tie(s,i,d) = tuple; +} +{ + static std::regex filename_regex("^_?([a-z0-9_.]+-)+[a-z0-9]+$"); + std::string testmatch("Test if this string matches"); + bool match = std::regex_search(testmatch, filename_regex); +} +{ + cxx11test::int_array array = {9, 7, 13, 15, 4, 18, 12, 10, 5, 3, 14, 19, 17, 8, 6, 20, 16, 2, 11, 1}; + cxx11test::int_array::size_type size = array.size(); +} +{ + // Test constructor delegation + cxx11test::delegate d1; + cxx11test::delegate d2(); + cxx11test::delegate d3(45); +} +{ + // Test override and final + cxx11test::overridden o1(55464); +} +{ + // Test nullptr + char *c = nullptr; +} +{ + // Test template brackets + std::vector> v1; +} +{ + // Unicode literals + char const *utf8 = u8"UTF-8 string \u2500"; + char16_t const *utf16 = u"UTF-8 string \u2500"; + char32_t const *utf32 = U"UTF-32 string \u2500"; +} + + + +try { + // Basic string. + std::string teststr("ASCII text"); + teststr += " string"; + + // Simple vector. + test::string_vec testvec; + testvec.push_back(teststr); + testvec.push_back("foo"); + testvec.push_back("bar"); + if (testvec.size() != 3) { + throw std::runtime_error("vector size is not 1"); + } + + // Dump vector into stringstream and obtain string. + std::ostringstream os; + for (test::string_vec::const_iterator i = testvec.begin(); + i != testvec.end(); ++i) { + if (i + 1 != testvec.end()) { + os << teststr << '\n'; + } + } + // Check algorithms work. + std::for_each(testvec.begin(), testvec.end(), test::printer(os)); + std::string os_out = os.str(); + + // Test pair and map. + test::map_type testmap; + testmap.insert(std::make_pair(std::string("key"), + std::make_pair(53,false))); + + // Test set. + int values[] = {9, 7, 13, 15, 4, 18, 12, 10, 5, 3, 14, 19, 17, 8, 6, 20, 16, 2, 11, 1}; + test::set_type testset(values, values + sizeof(values)/sizeof(values[0])); + std::list testlist(testset.begin(), testset.end()); + std::copy(testset.begin(), testset.end(), std::back_inserter(testlist)); +} catch (const std::exception& e) { + std::cerr << "Caught exception: " << e.what() << std::endl; + + // Test fstream + std::ofstream of("test.txt"); + of << "Test ASCII text\n" << std::flush; + of << "N= " << std::hex << std::setw(8) << std::left << 534 << std::endl; + of.close(); +} +std::exit(0); + + ; + return 0; +} +_ACEOF +for ac_arg in '' -std=gnu++11 -std=c++11 -std=gnu++0x -std=c++0x -qlanglvl=extended0x -AA +do + CXX="$ac_save_CXX $ac_arg" + if ac_fn_cxx_try_compile "$LINENO"; then : + ac_cv_prog_cxx_cxx11=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cxx_cxx11" != "xno" && break +done +rm -f conftest.$ac_ext +CXX=$ac_save_CXX + +fi +# AC_CACHE_VAL +ac_prog_cxx_stdcxx_options= +case "x$ac_cv_prog_cxx_cxx11" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + ac_prog_cxx_stdcxx_options=" $ac_cv_prog_cxx_cxx11" + CXX=$CXX$ac_prog_cxx_stdcxx_options + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_cxx11" >&5 +$as_echo "$ac_cv_prog_cxx_cxx11" >&6; } ;; +esac +ac_ext=cpp +ac_cpp='$CXXCPP $CPPFLAGS' +ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu +if test "x$ac_cv_prog_cxx_cxx11" != xno; then : + ac_prog_cxx_stdcxx=cxx11 + ac_cv_prog_cxx_stdcxx=$ac_cv_prog_cxx_cxx11 + ac_cv_prog_cxx_cxx98=$ac_cv_prog_cxx_cxx11 +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CXX option to enable C++98 features" >&5 +$as_echo_n "checking for $CXX option to enable C++98 features... " >&6; } +ac_ext=cpp +ac_cpp='$CXXCPP $CPPFLAGS' +ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu +if ${ac_cv_prog_cxx_cxx98+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_prog_cxx_cxx98=no +ac_save_CXX=$CXX +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +namespace test { + typedef std::vector string_vec; + typedef std::pair map_value; + typedef std::map map_type; + typedef std::set set_type; + + template + class printer { + public: + printer(std::ostringstream& os): os(os) {} + void operator() (T elem) { os << elem << std::endl; } + private: + std::ostringstream& os; + }; +} + +int +main () +{ + + +try { + // Basic string. + std::string teststr("ASCII text"); + teststr += " string"; + + // Simple vector. + test::string_vec testvec; + testvec.push_back(teststr); + testvec.push_back("foo"); + testvec.push_back("bar"); + if (testvec.size() != 3) { + throw std::runtime_error("vector size is not 1"); + } + + // Dump vector into stringstream and obtain string. + std::ostringstream os; + for (test::string_vec::const_iterator i = testvec.begin(); + i != testvec.end(); ++i) { + if (i + 1 != testvec.end()) { + os << teststr << '\n'; + } + } + // Check algorithms work. + std::for_each(testvec.begin(), testvec.end(), test::printer(os)); + std::string os_out = os.str(); + + // Test pair and map. + test::map_type testmap; + testmap.insert(std::make_pair(std::string("key"), + std::make_pair(53,false))); + + // Test set. + int values[] = {9, 7, 13, 15, 4, 18, 12, 10, 5, 3, 14, 19, 17, 8, 6, 20, 16, 2, 11, 1}; + test::set_type testset(values, values + sizeof(values)/sizeof(values[0])); + std::list testlist(testset.begin(), testset.end()); + std::copy(testset.begin(), testset.end(), std::back_inserter(testlist)); +} catch (const std::exception& e) { + std::cerr << "Caught exception: " << e.what() << std::endl; + + // Test fstream + std::ofstream of("test.txt"); + of << "Test ASCII text\n" << std::flush; + of << "N= " << std::hex << std::setw(8) << std::left << 534 << std::endl; + of.close(); +} +std::exit(0); + + ; + return 0; +} +_ACEOF +for ac_arg in '' -std=gnu++98 -std=c++98 -qlanglvl=extended -AA +do + CXX="$ac_save_CXX $ac_arg" + if ac_fn_cxx_try_compile "$LINENO"; then : + ac_cv_prog_cxx_cxx98=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cxx_cxx98" != "xno" && break +done +rm -f conftest.$ac_ext +CXX=$ac_save_CXX + +fi +# AC_CACHE_VAL +ac_prog_cxx_stdcxx_options= +case "x$ac_cv_prog_cxx_cxx98" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + ac_prog_cxx_stdcxx_options=" $ac_cv_prog_cxx_cxx98" + CXX=$CXX$ac_prog_cxx_stdcxx_options + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_cxx98" >&5 +$as_echo "$ac_cv_prog_cxx_cxx98" >&6; } ;; +esac +ac_ext=cpp +ac_cpp='$CXXCPP $CPPFLAGS' +ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu +if test "x$ac_cv_prog_cxx_cxx98" != xno; then : + ac_prog_cxx_stdcxx=cxx98 + ac_cv_prog_cxx_stdcxx=$ac_cv_prog_cxx_cxx98 +else + ac_prog_cxx_stdcxx=no + ac_cv_prog_cxx_stdcxx=no +fi + +fi + ac_ext=c ac_cpp='$CPP $CPPFLAGS' ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' @@ -8808,182 +10055,6 @@ $as_echo "$ac_cv_path_SED" >&6; } # # Require C99 support # - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C99" >&5 -$as_echo_n "checking for $CC option to accept ISO C99... " >&6; } -if ${ac_cv_prog_cc_c99+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_prog_cc_c99=no -ac_save_CC=$CC -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#include -#include -#include - -// Check varargs macros. These examples are taken from C99 6.10.3.5. -#define debug(...) fprintf (stderr, __VA_ARGS__) -#define showlist(...) puts (#__VA_ARGS__) -#define report(test,...) ((test) ? puts (#test) : printf (__VA_ARGS__)) -static void -test_varargs_macros (void) -{ - int x = 1234; - int y = 5678; - debug ("Flag"); - debug ("X = %d\n", x); - showlist (The first, second, and third items.); - report (x>y, "x is %d but y is %d", x, y); -} - -// Check long long types. -#define BIG64 18446744073709551615ull -#define BIG32 4294967295ul -#define BIG_OK (BIG64 / BIG32 == 4294967297ull && BIG64 % BIG32 == 0) -#if !BIG_OK - your preprocessor is broken; -#endif -#if BIG_OK -#else - your preprocessor is broken; -#endif -static long long int bignum = -9223372036854775807LL; -static unsigned long long int ubignum = BIG64; - -struct incomplete_array -{ - int datasize; - double data[]; -}; - -struct named_init { - int number; - const wchar_t *name; - double average; -}; - -typedef const char *ccp; - -static inline int -test_restrict (ccp restrict text) -{ - // See if C++-style comments work. - // Iterate through items via the restricted pointer. - // Also check for declarations in for loops. - for (unsigned int i = 0; *(text+i) != '\0'; ++i) - continue; - return 0; -} - -// Check varargs and va_copy. -static void -test_varargs (const char *format, ...) -{ - va_list args; - va_start (args, format); - va_list args_copy; - va_copy (args_copy, args); - - const char *str; - int number; - float fnumber; - - while (*format) - { - switch (*format++) - { - case 's': // string - str = va_arg (args_copy, const char *); - break; - case 'd': // int - number = va_arg (args_copy, int); - break; - case 'f': // float - fnumber = va_arg (args_copy, double); - break; - default: - break; - } - } - va_end (args_copy); - va_end (args); -} - -int -main () -{ - - // Check bool. - _Bool success = false; - - // Check restrict. - if (test_restrict ("String literal") == 0) - success = true; - char *restrict newvar = "Another string"; - - // Check varargs. - test_varargs ("s, d' f .", "string", 65, 34.234); - test_varargs_macros (); - - // Check flexible array members. - struct incomplete_array *ia = - malloc (sizeof (struct incomplete_array) + (sizeof (double) * 10)); - ia->datasize = 10; - for (int i = 0; i < ia->datasize; ++i) - ia->data[i] = i * 1.234; - - // Check named initializers. - struct named_init ni = { - .number = 34, - .name = L"Test wide string", - .average = 543.34343, - }; - - ni.number = 58; - - int dynamic_array[ni.number]; - dynamic_array[ni.number - 1] = 543; - - // work around unused variable warnings - return (!success || bignum == 0LL || ubignum == 0uLL || newvar[0] == 'x' - || dynamic_array[ni.number - 1] != 543); - - ; - return 0; -} -_ACEOF -for ac_arg in '' -std=gnu99 -std=c99 -c99 -AC99 -D_STDC_C99= -qlanglvl=extc99 -do - CC="$ac_save_CC $ac_arg" - if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_prog_cc_c99=$ac_arg -fi -rm -f core conftest.err conftest.$ac_objext - test "x$ac_cv_prog_cc_c99" != "xno" && break -done -rm -f conftest.$ac_ext -CC=$ac_save_CC - -fi -# AC_CACHE_VAL -case "x$ac_cv_prog_cc_c99" in - x) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 -$as_echo "none needed" >&6; } ;; - xno) - { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 -$as_echo "unsupported" >&6; } ;; - *) - CC="$CC $ac_cv_prog_cc_c99" - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c99" >&5 -$as_echo "$ac_cv_prog_cc_c99" >&6; } ;; -esac -if test "x$ac_cv_prog_cc_c99" != xno; then : - -fi - if test "$ac_cv_prog_cc_c99" = "no"; then { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Compiler does not support C99. It may not be able to compile the project." >&5 @@ -9645,6 +10716,7 @@ fi use_accel=yes +have_vista_dynamic=yes case "$host" in *android*) have_android=yes @@ -9655,6 +10727,45 @@ case "$host" in $as_echo "#define _UNICODE 1" >>confdefs.h + LIB_CRYPT32="-lcrypt32" + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0600 + # error Vista APIs allowed statically + #endif + +int +main () +{ +; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + have_vista_dynamic=yes +else + have_vista_dynamic=no +fi +rm -f conftest.err conftest.i conftest.$ac_ext + # Check whether --enable-dyn_ncrypt was given. +if test "${enable_dyn_ncrypt+set}" = set; then : + enableval=$enable_dyn_ncrypt; enable_dyn_ncrypt=$enableval +else + enable_dyn_ncrypt=$have_vista_dynamic + +fi + + if test "x$enable_dyn_ncrypt" = "xyes"; then + +$as_echo "#define DYN_NCRYPT 1" >>confdefs.h + + else + LIBNCRYPT="-lncrypt" + fi + ;; *darwin*) have_macosx=yes @@ -9664,11 +10775,11 @@ $as_echo "#define _UNICODE 1" >>confdefs.h $as_echo_n "checking whether the linker supports -Wl,-no_weak_imports... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ - +#include int main () { - +fd_set rfds; FD_ZERO(&rfds); FD_SET(0, &rfds); ; return 0; } @@ -9778,6 +10889,29 @@ done ;; esac +# check for gcc's __get_cpuid_count functionality +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for __get_cpuid_count" >&5 +$as_echo_n "checking for __get_cpuid_count... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + int main(void) { unsigned t1; return __get_cpuid_count(7, 0, &t1, &t1, &t1, &t1); } + +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + +$as_echo "#define HAVE_GET_CPUID_COUNT 1" >>confdefs.h + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + fi # Check whether --enable-tls13-interop was given. @@ -9930,6 +11064,19 @@ fi done +for ac_header in valgrind/memcheck.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "valgrind/memcheck.h" "ac_cv_header_valgrind_memcheck_h" "$ac_includes_default" +if test "x$ac_cv_header_valgrind_memcheck_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_VALGRIND_MEMCHECK_H 1 +_ACEOF + +fi + +done + + # Check whether --enable-padlock was given. if test "${enable_padlock+set}" = set; then : enableval=$enable_padlock; use_padlock=$enableval @@ -10030,6 +11177,50 @@ fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for KERN_ARND" >&5 +$as_echo_n "checking for KERN_ARND... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #ifdef __linux__ + #error 1 + #endif + static int name = {CTL_KERN, KERN_ARND}; + +int +main () +{ + + sysctl(0, 0, 0, 0, 0, 0); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + +$as_echo "#define HAVE_KERN_ARND 1" >>confdefs.h + + rnd_variant=kern_arnd +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + + if test "$rnd_variant" = "kern_arnd"; then + HAVE_KERN_ARND_TRUE= + HAVE_KERN_ARND_FALSE='#' +else + HAVE_KERN_ARND_TRUE='#' + HAVE_KERN_ARND_FALSE= +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getentropy" >&5 $as_echo_n "checking for getentropy... " >&6; } cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -10084,11 +11275,11 @@ fi # in CONTRIBUTION.md for more info. # # Interfaces removed: AGE=0 (+bump all symbol versions in .map) - LT_CURRENT=54 + LT_CURRENT=58 LT_REVISION=0 - LT_AGE=24 + LT_AGE=28 LT_SSL_CURRENT=27 @@ -10512,6 +11703,33 @@ $as_echo "$as_me: WARNING: C99 macros not supported. This may affect compiling." fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_strict_der_time=yes + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to disable strict DER time encodings for backwards compatibility" >&5 +$as_echo_n "checking whether to disable strict DER time encodings for backwards compatibility... " >&6; } + # Check whether --enable-strict-der-time was given. +if test "${enable_strict_der_time+set}" = set; then : + enableval=$enable_strict_der_time; ac_strict_der_time=$enableval +fi + + if test x$ac_strict_der_time != xno; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + +$as_echo "#define STRICT_DER_TIME 1" >>confdefs.h + + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + fi + if test "$ac_strict_der_time" != "no"; then + STRICT_DER_TIME_TRUE= + STRICT_DER_TIME_FALSE='#' +else + STRICT_DER_TIME_TRUE='#' + STRICT_DER_TIME_FALSE= +fi + + ac_allow_sha1=no { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to allow SHA1 as an acceptable hash for cert digital signatures" >&5 $as_echo_n "checking whether to allow SHA1 as an acceptable hash for cert digital signatures... " >&6; } @@ -11049,9 +12267,11 @@ $as_echo "#define GNUTLS_POINTER_TO_INT_CAST (long long)" >>confdefs.h + GNULIB_ACCESS=0; GNULIB_CHDIR=0; GNULIB_CHOWN=0; GNULIB_CLOSE=0; + GNULIB_COPY_FILE_RANGE=0; GNULIB_DUP=0; GNULIB_DUP2=0; GNULIB_DUP3=0; @@ -11066,12 +12286,15 @@ $as_echo "#define GNUTLS_POINTER_TO_INT_CAST (long long)" >>confdefs.h GNULIB_GETCWD=0; GNULIB_GETDOMAINNAME=0; GNULIB_GETDTABLESIZE=0; + GNULIB_GETENTROPY=0; GNULIB_GETGROUPS=0; GNULIB_GETHOSTNAME=0; GNULIB_GETLOGIN=0; GNULIB_GETLOGIN_R=0; + GNULIB_GETOPT_POSIX=0; GNULIB_GETPAGESIZE=0; GNULIB_GETPASS=0; + GNULIB_GETRANDOM=0; GNULIB_GETUSERSHELL=0; GNULIB_GROUP_MEMBER=0; GNULIB_ISATTY=0; @@ -11100,6 +12323,7 @@ $as_echo "#define GNUTLS_POINTER_TO_INT_CAST (long long)" >>confdefs.h GNULIB_USLEEP=0; GNULIB_WRITE=0; HAVE_CHOWN=1; + HAVE_COPY_FILE_RANGE=1; HAVE_DUP2=1; HAVE_DUP3=1; HAVE_EUIDACCESS=1; @@ -11110,11 +12334,13 @@ $as_echo "#define GNUTLS_POINTER_TO_INT_CAST (long long)" >>confdefs.h HAVE_FSYNC=1; HAVE_FTRUNCATE=1; HAVE_GETDTABLESIZE=1; + HAVE_GETENTROPY=1; HAVE_GETGROUPS=1; HAVE_GETHOSTNAME=1; HAVE_GETLOGIN=1; HAVE_GETPAGESIZE=1; HAVE_GETPASS=1; + HAVE_GETRANDOM=1; HAVE_GROUP_MEMBER=1; HAVE_LCHOWN=1; HAVE_LINK=1; @@ -11144,6 +12370,7 @@ $as_echo "#define GNUTLS_POINTER_TO_INT_CAST (long long)" >>confdefs.h HAVE_DECL_TTYNAME_R=1; HAVE_OS_H=0; HAVE_SYS_PARAM_H=0; + REPLACE_ACCESS=0; REPLACE_CHOWN=0; REPLACE_CLOSE=0; REPLACE_DUP=0; @@ -12373,13 +13600,41 @@ else case "$gl_cv_host_cpu_c_abi" in i386 | x86_64-x32 | arm | armhf | arm64-ilp32 | hppa | ia64-ilp32 | mips | mipsn32 | powerpc | riscv*-ilp32* | s390 | sparc) gl_cv_host_cpu_c_abi_32bit=yes ;; - *) + x86_64 | alpha | arm64 | hppa64 | ia64 | mips64 | powerpc64 | powerpc64-elfv2 | riscv*-lp64* | s390x | sparc64 ) gl_cv_host_cpu_c_abi_32bit=no ;; + *) + gl_cv_host_cpu_c_abi_32bit=unknown ;; esac else case "$host_cpu" in - i[4567]86 ) + # CPUs that only support a 32-bit ABI. + arc \ + | bfin \ + | cris* \ + | csky \ + | epiphany \ + | ft32 \ + | h8300 \ + | m68k \ + | microblaze | microblazeel \ + | nds32 | nds32le | nds32be \ + | nios2 | nios2eb | nios2el \ + | or1k* \ + | or32 \ + | sh | sh1234 | sh1234elb \ + | tic6x \ + | xtensa* ) + gl_cv_host_cpu_c_abi_32bit=yes + ;; + + # CPUs that only support a 64-bit ABI. + alpha | alphaev[4-8] | alphaev56 | alphapca5[67] | alphaev6[78] \ + | mmix ) + gl_cv_host_cpu_c_abi_32bit=no + ;; + + i[34567]86 ) gl_cv_host_cpu_c_abi_32bit=yes ;; @@ -12583,7 +13838,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ;; *) - gl_cv_host_cpu_c_abi_32bit=no + gl_cv_host_cpu_c_abi_32bit=unknown ;; esac fi @@ -12598,90 +13853,150 @@ $as_echo "$gl_cv_host_cpu_c_abi_32bit" >&6; } - case "$host_os" in - solaris*) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for 64-bit host" >&5 -$as_echo_n "checking for 64-bit host... " >&6; } -if ${gl_cv_solaris_64bit+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ELF binary format" >&5 +$as_echo_n "checking for ELF binary format... " >&6; } +if ${gl_cv_elf+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#ifdef _LP64 - int ok; - #else - error fail - #endif +#ifdef __ELF__ + Extensible Linking Format + #endif _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_solaris_64bit=yes +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "Extensible Linking Format" >/dev/null 2>&1; then : + gl_cv_elf=yes else - gl_cv_solaris_64bit=no + gl_cv_elf=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f conftest* + fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_solaris_64bit" >&5 -$as_echo "$gl_cv_solaris_64bit" >&6; };; - esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_elf" >&5 +$as_echo "$gl_cv_elf" >&6; } + if test $gl_cv_elf; then + # Extract the ELF class of a file (5th byte) in decimal. + # Cf. https://en.wikipedia.org/wiki/Executable_and_Linkable_Format#File_header + if od -A x < /dev/null >/dev/null 2>/dev/null; then + # Use POSIX od. + func_elfclass () + { + od -A n -t d1 -j 4 -N 1 + } + else + # Use BSD hexdump. + func_elfclass () + { + dd bs=1 count=1 skip=4 2>/dev/null | hexdump -e '1/1 "%3d "' + echo + } + fi + case $HOST_CPU_C_ABI_32BIT in + yes) + # 32-bit ABI. + acl_is_expected_elfclass () + { + test "`func_elfclass | sed -e 's/[ ]//g'`" = 1 + } + ;; + no) + # 64-bit ABI. + acl_is_expected_elfclass () + { + test "`func_elfclass | sed -e 's/[ ]//g'`" = 2 + } + ;; + *) + # Unknown. + acl_is_expected_elfclass () + { + : + } + ;; + esac + else + acl_is_expected_elfclass () + { + : + } + fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for the common suffixes of directories in the library search path" >&5 $as_echo_n "checking for the common suffixes of directories in the library search path... " >&6; } if ${acl_cv_libdirstems+:} false; then : $as_echo_n "(cached) " >&6 else - acl_libdirstem=lib + acl_libdirstem=lib acl_libdirstem2= + acl_libdirstem3= case "$host_os" in solaris*) - if test $gl_cv_solaris_64bit = yes; then - acl_libdirstem=lib/64 + if test $HOST_CPU_C_ABI_32BIT = no; then + acl_libdirstem2=lib/64 case "$host_cpu" in - sparc*) acl_libdirstem2=lib/sparcv9 ;; - i*86 | x86_64) acl_libdirstem2=lib/amd64 ;; + sparc*) acl_libdirstem3=lib/sparcv9 ;; + i*86 | x86_64) acl_libdirstem3=lib/amd64 ;; esac fi ;; *) - if test "$HOST_CPU_C_ABI_32BIT" != yes; then - searchpath=`(if test -f /usr/bin/gcc \ - && LC_ALL=C /usr/bin/gcc -print-search-dirs >/dev/null 2>/dev/null; then \ - LC_ALL=C /usr/bin/gcc -print-search-dirs; \ - else \ - LC_ALL=C $CC -print-search-dirs; \ - fi) 2>/dev/null \ - | sed -n -e 's,^libraries: ,,p' | sed -e 's,^=,,'` - if test -n "$searchpath"; then - acl_save_IFS="${IFS= }"; IFS=":" - for searchdir in $searchpath; do - if test -d "$searchdir"; then - case "$searchdir" in - */lib64/ | */lib64 ) acl_libdirstem=lib64 ;; - */../ | */.. ) - # Better ignore directories of this form. They are misleading. - ;; - *) searchdir=`cd "$searchdir" && pwd` - case "$searchdir" in - */lib64 ) acl_libdirstem=lib64 ;; - esac ;; - esac - fi - done - IFS="$acl_save_IFS" + searchpath=`(LC_ALL=C $CC $CPPFLAGS $CFLAGS -print-search-dirs) 2>/dev/null \ + | sed -n -e 's,^libraries: ,,p' | sed -e 's,^=,,'` + if test $HOST_CPU_C_ABI_32BIT != no; then + # 32-bit or unknown ABI. + if test -d /usr/lib32; then + acl_libdirstem2=lib32 + fi + fi + if test $HOST_CPU_C_ABI_32BIT != yes; then + # 64-bit or unknown ABI. + if test -d /usr/lib64; then + acl_libdirstem3=lib64 + fi + fi + if test -n "$searchpath"; then + acl_save_IFS="${IFS= }"; IFS=":" + for searchdir in $searchpath; do + if test -d "$searchdir"; then + case "$searchdir" in + */lib32/ | */lib32 ) acl_libdirstem2=lib32 ;; + */lib64/ | */lib64 ) acl_libdirstem3=lib64 ;; + */../ | */.. ) + # Better ignore directories of this form. They are misleading. + ;; + *) searchdir=`cd "$searchdir" && pwd` + case "$searchdir" in + */lib32 ) acl_libdirstem2=lib32 ;; + */lib64 ) acl_libdirstem3=lib64 ;; + esac ;; + esac + fi + done + IFS="$acl_save_IFS" + if test $HOST_CPU_C_ABI_32BIT = yes; then + # 32-bit ABI. + acl_libdirstem3= + fi + if test $HOST_CPU_C_ABI_32BIT = no; then + # 64-bit ABI. + acl_libdirstem2= fi fi ;; esac test -n "$acl_libdirstem2" || acl_libdirstem2="$acl_libdirstem" - acl_cv_libdirstems="$acl_libdirstem,$acl_libdirstem2" + test -n "$acl_libdirstem3" || acl_libdirstem3="$acl_libdirstem" + acl_cv_libdirstems="$acl_libdirstem,$acl_libdirstem2,$acl_libdirstem3" fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $acl_cv_libdirstems" >&5 $as_echo "$acl_cv_libdirstems" >&6; } - # Decompose acl_cv_libdirstems into acl_libdirstem and acl_libdirstem2. - acl_libdirstem=`echo "$acl_cv_libdirstems" | sed -e 's/,.*//'` - acl_libdirstem2=`echo "$acl_cv_libdirstems" | sed -e '/,/s/.*,//'` + acl_libdirstem=`echo "$acl_cv_libdirstems" | sed -e 's/,.*//'` + acl_libdirstem2=`echo "$acl_cv_libdirstems" | sed -e 's/^[^,]*,//' -e 's/,.*//'` + acl_libdirstem3=`echo "$acl_cv_libdirstems" | sed -e 's/^[^,]*,[^,]*,//' -e 's/,.*//'` @@ -12702,6 +14017,8 @@ $as_echo "$acl_cv_libdirstems" >&6; } eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -12722,6 +14039,8 @@ if test "${with_libiconv_prefix+set}" = set; then : eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -12729,15 +14048,19 @@ if test "${with_libiconv_prefix+set}" = set; then : else additional_includedir="$withval/include" additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && test ! -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi + additional_libdir2="$withval/$acl_libdirstem2" + additional_libdir3="$withval/$acl_libdirstem3" fi fi fi + if test "X$additional_libdir2" = "X$additional_libdir"; then + additional_libdir2= + fi + if test "X$additional_libdir3" = "X$additional_libdir"; then + additional_libdir3= + fi LIBICONV= LTLIBICONV= INCICONV= @@ -12783,45 +14106,51 @@ fi shrext= fi if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" + for additional_libdir_variable in additional_libdir additional_libdir2 additional_libdir3; do + if test "X$found_dir" = "X"; then + eval dir=\$$additional_libdir_variable + if test -n "$dir"; then + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" - found_so="$dir/$f" - break + found_a="$dir/$libname.$acl_libext" fi - done + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi fi fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi + done fi if test "X$found_dir" = "X"; then for x in $LDFLAGS $LTLIBICONV; do @@ -12838,7 +14167,7 @@ fi -L*) dir=`echo "X$x" | sed -e 's/^X-L//'` if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then found_dir="$dir" found_so="$dir/$libname$shrext" else @@ -12848,14 +14177,14 @@ fi | sed -e "s,^$libname$shrext\\\\.,," \ | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then found_dir="$dir" found_so="$dir/$libname$shrext.$ver" fi else eval library_names=\"$acl_library_names_spec\" for f in $library_names; do - if test -f "$dir/$f"; then + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then found_dir="$dir" found_so="$dir/$f" break @@ -12865,7 +14194,7 @@ fi fi fi if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" found_a="$dir/$libname.$acl_libext" fi @@ -12887,7 +14216,8 @@ fi if test "X$found_so" != "X"; then if test "$enable_rpath" = no \ || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then + || test "X$found_dir" = "X/usr/$acl_libdirstem2" \ + || test "X$found_dir" = "X/usr/$acl_libdirstem3"; then LIBICONV="${LIBICONV}${LIBICONV:+ }$found_so" else haveit= @@ -12966,6 +14296,13 @@ fi fi additional_includedir="$basedir/include" ;; + */$acl_libdirstem3 | */$acl_libdirstem3/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem3/"'*$,,'` + if test "$name" = 'iconv'; then + LIBICONV_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; esac if test "X$additional_includedir" != "X"; then if test "X$additional_includedir" != "X/usr/include"; then @@ -13011,12 +14348,14 @@ fi for dep in $dependency_libs; do case "$dep" in -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then + dependency_libdir=`echo "X$dep" | sed -e 's/^X-L//'` + if test "X$dependency_libdir" != "X/usr/$acl_libdirstem" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem2" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem3"; then haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then + if test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem2" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem3"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; @@ -13035,14 +14374,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBICONV="${LIBICONV}${LIBICONV:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LIBICONV="${LIBICONV}${LIBICONV:+ }-L$dependency_libdir" fi fi haveit= @@ -13056,14 +14395,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LTLIBICONV="${LTLIBICONV}${LTLIBICONV:+ }-L$dependency_libdir" fi fi fi @@ -13205,41 +14544,7 @@ $as_echo "$gt_cv_func_CFPreferencesCopyAppValue" >&6; } $as_echo "#define HAVE_CFPREFERENCESCOPYAPPVALUE 1" >>confdefs.h fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for CFLocaleCopyCurrent" >&5 -$as_echo_n "checking for CFLocaleCopyCurrent... " >&6; } -if ${gt_cv_func_CFLocaleCopyCurrent+:} false; then : - $as_echo_n "(cached) " >&6 -else - gt_save_LIBS="$LIBS" - LIBS="$LIBS -Wl,-framework -Wl,CoreFoundation" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -CFLocaleCopyCurrent(); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - gt_cv_func_CFLocaleCopyCurrent=yes -else - gt_cv_func_CFLocaleCopyCurrent=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LIBS="$gt_save_LIBS" -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_func_CFLocaleCopyCurrent" >&5 -$as_echo "$gt_cv_func_CFLocaleCopyCurrent" >&6; } - if test $gt_cv_func_CFLocaleCopyCurrent = yes; then - -$as_echo "#define HAVE_CFLOCALECOPYCURRENT 1" >>confdefs.h - - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for CFLocaleCopyPreferredLanguages" >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for CFLocaleCopyPreferredLanguages" >&5 $as_echo_n "checking for CFLocaleCopyPreferredLanguages... " >&6; } if ${gt_cv_func_CFLocaleCopyPreferredLanguages+:} false; then : $as_echo_n "(cached) " >&6 @@ -13275,7 +14580,6 @@ $as_echo "#define HAVE_CFLOCALECOPYPREFERREDLANGUAGES 1" >>confdefs.h fi INTL_MACOSX_LIBS= if test $gt_cv_func_CFPreferencesCopyAppValue = yes \ - || test $gt_cv_func_CFLocaleCopyCurrent = yes \ || test $gt_cv_func_CFLocaleCopyPreferredLanguages = yes; then INTL_MACOSX_LIBS="-Wl,-framework -Wl,CoreFoundation" fi @@ -13620,6 +14924,8 @@ $as_echo "$LIBICONV" >&6; } eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -13640,6 +14946,8 @@ if test "${with_libintl_prefix+set}" = set; then : eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -13647,15 +14955,19 @@ if test "${with_libintl_prefix+set}" = set; then : else additional_includedir="$withval/include" additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && test ! -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi + additional_libdir2="$withval/$acl_libdirstem2" + additional_libdir3="$withval/$acl_libdirstem3" fi fi fi + if test "X$additional_libdir2" = "X$additional_libdir"; then + additional_libdir2= + fi + if test "X$additional_libdir3" = "X$additional_libdir"; then + additional_libdir3= + fi LIBINTL= LTLIBINTL= INCINTL= @@ -13701,62 +15013,12 @@ fi shrext= fi if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - fi - if test "X$found_dir" = "X"; then - for x in $LDFLAGS $LTLIBINTL; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - case "$x" in - -L*) - dir=`echo "X$x" | sed -e 's/^X-L//'` - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then + for additional_libdir_variable in additional_libdir additional_libdir2 additional_libdir3; do + if test "X$found_dir" = "X"; then + eval dir=\$$additional_libdir_variable + if test -n "$dir"; then + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then found_dir="$dir" found_so="$dir/$libname$shrext" else @@ -13766,14 +15028,14 @@ fi | sed -e "s,^$libname$shrext\\\\.,," \ | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then found_dir="$dir" found_so="$dir/$libname$shrext.$ver" fi else eval library_names=\"$acl_library_names_spec\" for f in $library_names; do - if test -f "$dir/$f"; then + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then found_dir="$dir" found_so="$dir/$f" break @@ -13783,7 +15045,63 @@ fi fi fi if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then + found_dir="$dir" + found_a="$dir/$libname.$acl_libext" + fi + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi + fi + fi + done + fi + if test "X$found_dir" = "X"; then + for x in $LDFLAGS $LTLIBINTL; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + case "$x" in + -L*) + dir=`echo "X$x" | sed -e 's/^X-L//'` + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi + fi + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" found_a="$dir/$libname.$acl_libext" fi @@ -13805,7 +15123,8 @@ fi if test "X$found_so" != "X"; then if test "$enable_rpath" = no \ || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then + || test "X$found_dir" = "X/usr/$acl_libdirstem2" \ + || test "X$found_dir" = "X/usr/$acl_libdirstem3"; then LIBINTL="${LIBINTL}${LIBINTL:+ }$found_so" else haveit= @@ -13884,6 +15203,13 @@ fi fi additional_includedir="$basedir/include" ;; + */$acl_libdirstem3 | */$acl_libdirstem3/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem3/"'*$,,'` + if test "$name" = 'intl'; then + LIBINTL_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; esac if test "X$additional_includedir" != "X"; then if test "X$additional_includedir" != "X/usr/include"; then @@ -13929,12 +15255,14 @@ fi for dep in $dependency_libs; do case "$dep" in -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then + dependency_libdir=`echo "X$dep" | sed -e 's/^X-L//'` + if test "X$dependency_libdir" != "X/usr/$acl_libdirstem" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem2" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem3"; then haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then + if test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem2" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem3"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; @@ -13953,14 +15281,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBINTL="${LIBINTL}${LIBINTL:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LIBINTL="${LIBINTL}${LIBINTL:+ }-L$dependency_libdir" fi fi haveit= @@ -13974,14 +15302,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LTLIBINTL="${LTLIBINTL}${LTLIBINTL:+ }-L$dependency_libdir" fi fi fi @@ -14600,6 +15928,8 @@ fi eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -14620,6 +15950,8 @@ if test "${with_libseccomp_prefix+set}" = set; then : eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -14627,15 +15959,19 @@ if test "${with_libseccomp_prefix+set}" = set; then : else additional_includedir="$withval/include" additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && test ! -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi + additional_libdir2="$withval/$acl_libdirstem2" + additional_libdir3="$withval/$acl_libdirstem3" fi fi fi + if test "X$additional_libdir2" = "X$additional_libdir"; then + additional_libdir2= + fi + if test "X$additional_libdir3" = "X$additional_libdir"; then + additional_libdir3= + fi LIBSECCOMP= LTLIBSECCOMP= INCSECCOMP= @@ -14681,45 +16017,51 @@ fi shrext= fi if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" + for additional_libdir_variable in additional_libdir additional_libdir2 additional_libdir3; do + if test "X$found_dir" = "X"; then + eval dir=\$$additional_libdir_variable + if test -n "$dir"; then + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" - found_so="$dir/$f" - break + found_a="$dir/$libname.$acl_libext" fi - done + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi fi fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi + done fi if test "X$found_dir" = "X"; then for x in $LDFLAGS $LTLIBSECCOMP; do @@ -14736,7 +16078,7 @@ fi -L*) dir=`echo "X$x" | sed -e 's/^X-L//'` if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then found_dir="$dir" found_so="$dir/$libname$shrext" else @@ -14746,14 +16088,14 @@ fi | sed -e "s,^$libname$shrext\\\\.,," \ | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then found_dir="$dir" found_so="$dir/$libname$shrext.$ver" fi else eval library_names=\"$acl_library_names_spec\" for f in $library_names; do - if test -f "$dir/$f"; then + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then found_dir="$dir" found_so="$dir/$f" break @@ -14763,7 +16105,7 @@ fi fi fi if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" found_a="$dir/$libname.$acl_libext" fi @@ -14785,7 +16127,8 @@ fi if test "X$found_so" != "X"; then if test "$enable_rpath" = no \ || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then + || test "X$found_dir" = "X/usr/$acl_libdirstem2" \ + || test "X$found_dir" = "X/usr/$acl_libdirstem3"; then LIBSECCOMP="${LIBSECCOMP}${LIBSECCOMP:+ }$found_so" else haveit= @@ -14864,6 +16207,13 @@ fi fi additional_includedir="$basedir/include" ;; + */$acl_libdirstem3 | */$acl_libdirstem3/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem3/"'*$,,'` + if test "$name" = 'seccomp'; then + LIBSECCOMP_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; esac if test "X$additional_includedir" != "X"; then if test "X$additional_includedir" != "X/usr/include"; then @@ -14909,12 +16259,14 @@ fi for dep in $dependency_libs; do case "$dep" in -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then + dependency_libdir=`echo "X$dep" | sed -e 's/^X-L//'` + if test "X$dependency_libdir" != "X/usr/$acl_libdirstem" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem2" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem3"; then haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then + if test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem2" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem3"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; @@ -14933,14 +16285,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBSECCOMP="${LIBSECCOMP}${LIBSECCOMP:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LIBSECCOMP="${LIBSECCOMP}${LIBSECCOMP:+ }-L$dependency_libdir" fi fi haveit= @@ -14954,14 +16306,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBSECCOMP="${LTLIBSECCOMP}${LTLIBSECCOMP:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LTLIBSECCOMP="${LTLIBSECCOMP}${LTLIBSECCOMP:+ }-L$dependency_libdir" fi fi fi @@ -15151,6 +16503,8 @@ $as_echo "$LIBSECCOMP" >&6; } eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -15171,6 +16525,8 @@ if test "${with_libcrypto_prefix+set}" = set; then : eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -15178,15 +16534,19 @@ if test "${with_libcrypto_prefix+set}" = set; then : else additional_includedir="$withval/include" additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && test ! -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi + additional_libdir2="$withval/$acl_libdirstem2" + additional_libdir3="$withval/$acl_libdirstem3" fi fi fi + if test "X$additional_libdir2" = "X$additional_libdir"; then + additional_libdir2= + fi + if test "X$additional_libdir3" = "X$additional_libdir"; then + additional_libdir3= + fi LIBCRYPTO= LTLIBCRYPTO= INCCRYPTO= @@ -15232,45 +16592,51 @@ fi shrext= fi if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" + for additional_libdir_variable in additional_libdir additional_libdir2 additional_libdir3; do + if test "X$found_dir" = "X"; then + eval dir=\$$additional_libdir_variable + if test -n "$dir"; then + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" - found_so="$dir/$f" - break + found_a="$dir/$libname.$acl_libext" fi - done + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi fi fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi + done fi if test "X$found_dir" = "X"; then for x in $LDFLAGS $LTLIBCRYPTO; do @@ -15287,7 +16653,7 @@ fi -L*) dir=`echo "X$x" | sed -e 's/^X-L//'` if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then found_dir="$dir" found_so="$dir/$libname$shrext" else @@ -15297,14 +16663,14 @@ fi | sed -e "s,^$libname$shrext\\\\.,," \ | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then found_dir="$dir" found_so="$dir/$libname$shrext.$ver" fi else eval library_names=\"$acl_library_names_spec\" for f in $library_names; do - if test -f "$dir/$f"; then + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then found_dir="$dir" found_so="$dir/$f" break @@ -15314,7 +16680,7 @@ fi fi fi if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" found_a="$dir/$libname.$acl_libext" fi @@ -15336,7 +16702,8 @@ fi if test "X$found_so" != "X"; then if test "$enable_rpath" = no \ || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then + || test "X$found_dir" = "X/usr/$acl_libdirstem2" \ + || test "X$found_dir" = "X/usr/$acl_libdirstem3"; then LIBCRYPTO="${LIBCRYPTO}${LIBCRYPTO:+ }$found_so" else haveit= @@ -15415,6 +16782,13 @@ fi fi additional_includedir="$basedir/include" ;; + */$acl_libdirstem3 | */$acl_libdirstem3/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem3/"'*$,,'` + if test "$name" = 'crypto'; then + LIBCRYPTO_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; esac if test "X$additional_includedir" != "X"; then if test "X$additional_includedir" != "X/usr/include"; then @@ -15460,12 +16834,14 @@ fi for dep in $dependency_libs; do case "$dep" in -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then + dependency_libdir=`echo "X$dep" | sed -e 's/^X-L//'` + if test "X$dependency_libdir" != "X/usr/$acl_libdirstem" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem2" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem3"; then haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then + if test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem2" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem3"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; @@ -15484,14 +16860,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBCRYPTO="${LIBCRYPTO}${LIBCRYPTO:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LIBCRYPTO="${LIBCRYPTO}${LIBCRYPTO:+ }-L$dependency_libdir" fi fi haveit= @@ -15505,14 +16881,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBCRYPTO="${LTLIBCRYPTO}${LTLIBCRYPTO:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LTLIBCRYPTO="${LTLIBCRYPTO}${LTLIBCRYPTO:+ }-L$dependency_libdir" fi fi fi @@ -15710,6 +17086,8 @@ fi eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -15730,6 +17108,8 @@ if test "${with_librt_prefix+set}" = set; then : eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -15737,15 +17117,19 @@ if test "${with_librt_prefix+set}" = set; then : else additional_includedir="$withval/include" additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && test ! -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi + additional_libdir2="$withval/$acl_libdirstem2" + additional_libdir3="$withval/$acl_libdirstem3" fi fi fi + if test "X$additional_libdir2" = "X$additional_libdir"; then + additional_libdir2= + fi + if test "X$additional_libdir3" = "X$additional_libdir"; then + additional_libdir3= + fi LIBRT= LTLIBRT= INCRT= @@ -15791,45 +17175,51 @@ fi shrext= fi if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" + for additional_libdir_variable in additional_libdir additional_libdir2 additional_libdir3; do + if test "X$found_dir" = "X"; then + eval dir=\$$additional_libdir_variable + if test -n "$dir"; then + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" - found_so="$dir/$f" - break + found_a="$dir/$libname.$acl_libext" fi - done + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi fi fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi + done fi if test "X$found_dir" = "X"; then for x in $LDFLAGS $LTLIBRT; do @@ -15846,7 +17236,7 @@ fi -L*) dir=`echo "X$x" | sed -e 's/^X-L//'` if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then found_dir="$dir" found_so="$dir/$libname$shrext" else @@ -15856,14 +17246,14 @@ fi | sed -e "s,^$libname$shrext\\\\.,," \ | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then found_dir="$dir" found_so="$dir/$libname$shrext.$ver" fi else eval library_names=\"$acl_library_names_spec\" for f in $library_names; do - if test -f "$dir/$f"; then + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then found_dir="$dir" found_so="$dir/$f" break @@ -15873,7 +17263,7 @@ fi fi fi if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" found_a="$dir/$libname.$acl_libext" fi @@ -15895,7 +17285,8 @@ fi if test "X$found_so" != "X"; then if test "$enable_rpath" = no \ || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then + || test "X$found_dir" = "X/usr/$acl_libdirstem2" \ + || test "X$found_dir" = "X/usr/$acl_libdirstem3"; then LIBRT="${LIBRT}${LIBRT:+ }$found_so" else haveit= @@ -15974,6 +17365,13 @@ fi fi additional_includedir="$basedir/include" ;; + */$acl_libdirstem3 | */$acl_libdirstem3/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem3/"'*$,,'` + if test "$name" = 'rt'; then + LIBRT_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; esac if test "X$additional_includedir" != "X"; then if test "X$additional_includedir" != "X/usr/include"; then @@ -16019,12 +17417,14 @@ fi for dep in $dependency_libs; do case "$dep" in -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then + dependency_libdir=`echo "X$dep" | sed -e 's/^X-L//'` + if test "X$dependency_libdir" != "X/usr/$acl_libdirstem" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem2" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem3"; then haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then + if test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem2" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem3"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; @@ -16043,14 +17443,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBRT="${LIBRT}${LIBRT:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LIBRT="${LIBRT}${LIBRT:+ }-L$dependency_libdir" fi fi haveit= @@ -16064,14 +17464,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBRT="${LTLIBRT}${LTLIBRT:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LTLIBRT="${LTLIBRT}${LTLIBRT:+ }-L$dependency_libdir" fi fi fi @@ -16274,6 +17674,8 @@ done eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -16294,6 +17696,8 @@ if test "${with_libpthread_prefix+set}" = set; then : eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -16301,15 +17705,19 @@ if test "${with_libpthread_prefix+set}" = set; then : else additional_includedir="$withval/include" additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && test ! -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi + additional_libdir2="$withval/$acl_libdirstem2" + additional_libdir3="$withval/$acl_libdirstem3" fi fi fi + if test "X$additional_libdir2" = "X$additional_libdir"; then + additional_libdir2= + fi + if test "X$additional_libdir3" = "X$additional_libdir"; then + additional_libdir3= + fi LIBPTHREAD= LTLIBPTHREAD= INCPTHREAD= @@ -16355,45 +17763,51 @@ fi shrext= fi if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" + for additional_libdir_variable in additional_libdir additional_libdir2 additional_libdir3; do + if test "X$found_dir" = "X"; then + eval dir=\$$additional_libdir_variable + if test -n "$dir"; then + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" - found_so="$dir/$f" - break + found_a="$dir/$libname.$acl_libext" fi - done + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi fi fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi + done fi if test "X$found_dir" = "X"; then for x in $LDFLAGS $LTLIBPTHREAD; do @@ -16410,7 +17824,7 @@ fi -L*) dir=`echo "X$x" | sed -e 's/^X-L//'` if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then found_dir="$dir" found_so="$dir/$libname$shrext" else @@ -16420,14 +17834,14 @@ fi | sed -e "s,^$libname$shrext\\\\.,," \ | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then found_dir="$dir" found_so="$dir/$libname$shrext.$ver" fi else eval library_names=\"$acl_library_names_spec\" for f in $library_names; do - if test -f "$dir/$f"; then + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then found_dir="$dir" found_so="$dir/$f" break @@ -16437,7 +17851,7 @@ fi fi fi if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" found_a="$dir/$libname.$acl_libext" fi @@ -16459,7 +17873,8 @@ fi if test "X$found_so" != "X"; then if test "$enable_rpath" = no \ || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then + || test "X$found_dir" = "X/usr/$acl_libdirstem2" \ + || test "X$found_dir" = "X/usr/$acl_libdirstem3"; then LIBPTHREAD="${LIBPTHREAD}${LIBPTHREAD:+ }$found_so" else haveit= @@ -16538,6 +17953,13 @@ fi fi additional_includedir="$basedir/include" ;; + */$acl_libdirstem3 | */$acl_libdirstem3/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem3/"'*$,,'` + if test "$name" = 'pthread'; then + LIBPTHREAD_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; esac if test "X$additional_includedir" != "X"; then if test "X$additional_includedir" != "X/usr/include"; then @@ -16583,12 +18005,14 @@ fi for dep in $dependency_libs; do case "$dep" in -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then + dependency_libdir=`echo "X$dep" | sed -e 's/^X-L//'` + if test "X$dependency_libdir" != "X/usr/$acl_libdirstem" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem2" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem3"; then haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then + if test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem2" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem3"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; @@ -16607,14 +18031,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBPTHREAD="${LIBPTHREAD}${LIBPTHREAD:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LIBPTHREAD="${LIBPTHREAD}${LIBPTHREAD:+ }-L$dependency_libdir" fi fi haveit= @@ -16628,14 +18052,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBPTHREAD="${LTLIBPTHREAD}${LTLIBPTHREAD:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LTLIBPTHREAD="${LTLIBPTHREAD}${LTLIBPTHREAD:+ }-L$dependency_libdir" fi fi fi @@ -16826,6 +18250,8 @@ if test "$ac_cv_func_nanosleep" != "yes";then eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -16846,6 +18272,8 @@ if test "${with_librt_prefix+set}" = set; then : eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -16853,15 +18281,19 @@ if test "${with_librt_prefix+set}" = set; then : else additional_includedir="$withval/include" additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && test ! -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi + additional_libdir2="$withval/$acl_libdirstem2" + additional_libdir3="$withval/$acl_libdirstem3" fi fi fi + if test "X$additional_libdir2" = "X$additional_libdir"; then + additional_libdir2= + fi + if test "X$additional_libdir3" = "X$additional_libdir"; then + additional_libdir3= + fi LIBRT= LTLIBRT= INCRT= @@ -16907,62 +18339,12 @@ fi shrext= fi if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - fi - if test "X$found_dir" = "X"; then - for x in $LDFLAGS $LTLIBRT; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - case "$x" in - -L*) - dir=`echo "X$x" | sed -e 's/^X-L//'` - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then + for additional_libdir_variable in additional_libdir additional_libdir2 additional_libdir3; do + if test "X$found_dir" = "X"; then + eval dir=\$$additional_libdir_variable + if test -n "$dir"; then + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then found_dir="$dir" found_so="$dir/$libname$shrext" else @@ -16972,14 +18354,14 @@ fi | sed -e "s,^$libname$shrext\\\\.,," \ | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then found_dir="$dir" found_so="$dir/$libname$shrext.$ver" fi else eval library_names=\"$acl_library_names_spec\" for f in $library_names; do - if test -f "$dir/$f"; then + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then found_dir="$dir" found_so="$dir/$f" break @@ -16989,7 +18371,63 @@ fi fi fi if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then + found_dir="$dir" + found_a="$dir/$libname.$acl_libext" + fi + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi + fi + fi + done + fi + if test "X$found_dir" = "X"; then + for x in $LDFLAGS $LTLIBRT; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + case "$x" in + -L*) + dir=`echo "X$x" | sed -e 's/^X-L//'` + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi + fi + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" found_a="$dir/$libname.$acl_libext" fi @@ -17011,7 +18449,8 @@ fi if test "X$found_so" != "X"; then if test "$enable_rpath" = no \ || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then + || test "X$found_dir" = "X/usr/$acl_libdirstem2" \ + || test "X$found_dir" = "X/usr/$acl_libdirstem3"; then LIBRT="${LIBRT}${LIBRT:+ }$found_so" else haveit= @@ -17090,6 +18529,13 @@ fi fi additional_includedir="$basedir/include" ;; + */$acl_libdirstem3 | */$acl_libdirstem3/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem3/"'*$,,'` + if test "$name" = 'rt'; then + LIBRT_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; esac if test "X$additional_includedir" != "X"; then if test "X$additional_includedir" != "X/usr/include"; then @@ -17135,12 +18581,14 @@ fi for dep in $dependency_libs; do case "$dep" in -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then + dependency_libdir=`echo "X$dep" | sed -e 's/^X-L//'` + if test "X$dependency_libdir" != "X/usr/$acl_libdirstem" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem2" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem3"; then haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then + if test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem2" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem3"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; @@ -17159,14 +18607,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBRT="${LIBRT}${LIBRT:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LIBRT="${LIBRT}${LIBRT:+ }-L$dependency_libdir" fi fi haveit= @@ -17180,14 +18628,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBRT="${LTLIBRT}${LTLIBRT:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LTLIBRT="${LTLIBRT}${LTLIBRT:+ }-L$dependency_libdir" fi fi fi @@ -17378,6 +18826,8 @@ if test "$ac_cv_func_clock_gettime" != "yes";then eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -17398,6 +18848,8 @@ if test "${with_librt_prefix+set}" = set; then : eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -17405,15 +18857,19 @@ if test "${with_librt_prefix+set}" = set; then : else additional_includedir="$withval/include" additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && test ! -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi + additional_libdir2="$withval/$acl_libdirstem2" + additional_libdir3="$withval/$acl_libdirstem3" fi fi fi + if test "X$additional_libdir2" = "X$additional_libdir"; then + additional_libdir2= + fi + if test "X$additional_libdir3" = "X$additional_libdir"; then + additional_libdir3= + fi LIBRT= LTLIBRT= INCRT= @@ -17459,45 +18915,51 @@ fi shrext= fi if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" + for additional_libdir_variable in additional_libdir additional_libdir2 additional_libdir3; do + if test "X$found_dir" = "X"; then + eval dir=\$$additional_libdir_variable + if test -n "$dir"; then + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" - found_so="$dir/$f" - break + found_a="$dir/$libname.$acl_libext" fi - done + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi fi fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi + done fi if test "X$found_dir" = "X"; then for x in $LDFLAGS $LTLIBRT; do @@ -17514,7 +18976,7 @@ fi -L*) dir=`echo "X$x" | sed -e 's/^X-L//'` if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then found_dir="$dir" found_so="$dir/$libname$shrext" else @@ -17524,14 +18986,14 @@ fi | sed -e "s,^$libname$shrext\\\\.,," \ | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then found_dir="$dir" found_so="$dir/$libname$shrext.$ver" fi else eval library_names=\"$acl_library_names_spec\" for f in $library_names; do - if test -f "$dir/$f"; then + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then found_dir="$dir" found_so="$dir/$f" break @@ -17541,7 +19003,7 @@ fi fi fi if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" found_a="$dir/$libname.$acl_libext" fi @@ -17563,7 +19025,8 @@ fi if test "X$found_so" != "X"; then if test "$enable_rpath" = no \ || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then + || test "X$found_dir" = "X/usr/$acl_libdirstem2" \ + || test "X$found_dir" = "X/usr/$acl_libdirstem3"; then LIBRT="${LIBRT}${LIBRT:+ }$found_so" else haveit= @@ -17642,6 +19105,13 @@ fi fi additional_includedir="$basedir/include" ;; + */$acl_libdirstem3 | */$acl_libdirstem3/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem3/"'*$,,'` + if test "$name" = 'rt'; then + LIBRT_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; esac if test "X$additional_includedir" != "X"; then if test "X$additional_includedir" != "X/usr/include"; then @@ -17687,12 +19157,14 @@ fi for dep in $dependency_libs; do case "$dep" in -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then + dependency_libdir=`echo "X$dep" | sed -e 's/^X-L//'` + if test "X$dependency_libdir" != "X/usr/$acl_libdirstem" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem2" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem3"; then haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then + if test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem2" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem3"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; @@ -17711,14 +19183,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBRT="${LIBRT}${LIBRT:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LIBRT="${LIBRT}${LIBRT:+ }-L$dependency_libdir" fi fi haveit= @@ -17732,14 +19204,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBRT="${LTLIBRT}${LTLIBRT:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LTLIBRT="${LTLIBRT}${LTLIBRT:+ }-L$dependency_libdir" fi fi fi @@ -18008,9 +19480,30 @@ fi + + # Check whether --enable-cross-guesses was given. +if test "${enable_cross_guesses+set}" = set; then : + enableval=$enable_cross_guesses; if test "x$enableval" != xconservative && test "x$enableval" != xrisky; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: invalid argument supplied to --enable-cross-guesses" >&5 +$as_echo "$as_me: WARNING: invalid argument supplied to --enable-cross-guesses" >&2;} + enableval=conservative + fi + gl_cross_guesses="$enableval" +else + gl_cross_guesses=conservative +fi + + if test $gl_cross_guesses = risky; then + gl_cross_guess_normal="guessing yes" + gl_cross_guess_inverted="guessing no" + else + gl_cross_guess_normal="guessing no" + gl_cross_guess_inverted="guessing yes" + fi LIBC_FATAL_STDERR_=1 export LIBC_FATAL_STDERR_ + ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" if test "x$ac_cv_type_size_t" = xyes; then : @@ -18348,6 +19841,51 @@ $as_echo "$gl_cv_pragma_columns" >&6; } + if test $ac_cv_header_sys_socket_h = no; then + for ac_header in ws2tcpip.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "ws2tcpip.h" "ac_cv_header_ws2tcpip_h" "$ac_includes_default" +if test "x$ac_cv_header_ws2tcpip_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_WS2TCPIP_H 1 +_ACEOF + +fi + +done + + fi + + + + + for ac_func in $ac_func_list +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + + + + + if test $ac_cv_func__set_invalid_parameter_handler = yes; then + HAVE_MSVC_INVALID_PARAMETER_HANDLER=1 + +$as_echo "#define HAVE_MSVC_INVALID_PARAMETER_HANDLER 1" >>confdefs.h + + else + HAVE_MSVC_INVALID_PARAMETER_HANDLER=0 + fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for complete errno.h" >&5 $as_echo_n "checking for complete errno.h... " >&6; } @@ -18724,288 +20262,281 @@ $as_echo "$gl_cv_header_errno_h_EOVERFLOW" >&6; } + GNULIB_EXPLICIT_BZERO=0; + GNULIB_FFSL=0; + GNULIB_FFSLL=0; + GNULIB_MEMCHR=0; + GNULIB_MEMMEM=0; + GNULIB_MEMPCPY=0; + GNULIB_MEMRCHR=0; + GNULIB_RAWMEMCHR=0; + GNULIB_STPCPY=0; + GNULIB_STPNCPY=0; + GNULIB_STRCHRNUL=0; + GNULIB_STRDUP=0; + GNULIB_STRNCAT=0; + GNULIB_STRNDUP=0; + GNULIB_STRNLEN=0; + GNULIB_STRPBRK=0; + GNULIB_STRSEP=0; + GNULIB_STRSTR=0; + GNULIB_STRCASESTR=0; + GNULIB_STRTOK_R=0; + GNULIB_MBSLEN=0; + GNULIB_MBSNLEN=0; + GNULIB_MBSCHR=0; + GNULIB_MBSRCHR=0; + GNULIB_MBSSTR=0; + GNULIB_MBSCASECMP=0; + GNULIB_MBSNCASECMP=0; + GNULIB_MBSPCASECMP=0; + GNULIB_MBSCASESTR=0; + GNULIB_MBSCSPN=0; + GNULIB_MBSPBRK=0; + GNULIB_MBSSPN=0; + GNULIB_MBSSEP=0; + GNULIB_MBSTOK_R=0; + GNULIB_STRERROR=0; + GNULIB_STRERROR_R=0; + GNULIB_STRSIGNAL=0; + GNULIB_STRVERSCMP=0; + HAVE_MBSLEN=0; + HAVE_EXPLICIT_BZERO=1; + HAVE_FFSL=1; + HAVE_FFSLL=1; + HAVE_MEMCHR=1; + HAVE_DECL_MEMMEM=1; + HAVE_MEMPCPY=1; + HAVE_DECL_MEMRCHR=1; + HAVE_RAWMEMCHR=1; + HAVE_STPCPY=1; + HAVE_STPNCPY=1; + HAVE_STRCHRNUL=1; + HAVE_DECL_STRDUP=1; + HAVE_DECL_STRNDUP=1; + HAVE_DECL_STRNLEN=1; + HAVE_STRPBRK=1; + HAVE_STRSEP=1; + HAVE_STRCASESTR=1; + HAVE_DECL_STRTOK_R=1; + HAVE_DECL_STRERROR_R=1; + HAVE_DECL_STRSIGNAL=1; + HAVE_STRVERSCMP=1; + REPLACE_MEMCHR=0; + REPLACE_MEMMEM=0; + REPLACE_STPNCPY=0; + REPLACE_STRCHRNUL=0; + REPLACE_STRDUP=0; + REPLACE_STRNCAT=0; + REPLACE_STRNDUP=0; + REPLACE_STRNLEN=0; + REPLACE_STRSTR=0; + REPLACE_STRCASESTR=0; + REPLACE_STRTOK_R=0; + REPLACE_STRERROR=0; + REPLACE_STRERROR_R=0; + REPLACE_STRSIGNAL=0; + UNDEFINE_STRTOK_R=0; - GNULIB_FCHMODAT=0; - GNULIB_FSTAT=0; - GNULIB_FSTATAT=0; - GNULIB_FUTIMENS=0; - GNULIB_LCHMOD=0; - GNULIB_LSTAT=0; - GNULIB_MKDIRAT=0; - GNULIB_MKFIFO=0; - GNULIB_MKFIFOAT=0; - GNULIB_MKNOD=0; - GNULIB_MKNODAT=0; - GNULIB_STAT=0; - GNULIB_UTIMENSAT=0; - GNULIB_OVERRIDES_STRUCT_STAT=0; - HAVE_FCHMODAT=1; - HAVE_FSTATAT=1; - HAVE_FUTIMENS=1; - HAVE_LCHMOD=1; - HAVE_LSTAT=1; - HAVE_MKDIRAT=1; - HAVE_MKFIFO=1; - HAVE_MKFIFOAT=1; - HAVE_MKNOD=1; - HAVE_MKNODAT=1; - HAVE_UTIMENSAT=1; - REPLACE_FSTAT=0; - REPLACE_FSTATAT=0; - REPLACE_FUTIMENS=0; - REPLACE_LSTAT=0; - REPLACE_MKDIR=0; - REPLACE_MKFIFO=0; - REPLACE_MKNOD=0; - REPLACE_STAT=0; - REPLACE_UTIMENSAT=0; -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stat file-mode macros are broken" >&5 -$as_echo_n "checking whether stat file-mode macros are broken... " >&6; } -if ${ac_cv_header_stat_broken+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#if defined S_ISBLK && defined S_IFDIR -extern char c1[S_ISBLK (S_IFDIR) ? -1 : 1]; -#endif -#if defined S_ISBLK && defined S_IFCHR -extern char c2[S_ISBLK (S_IFCHR) ? -1 : 1]; -#endif -#if defined S_ISLNK && defined S_IFREG -extern char c3[S_ISLNK (S_IFREG) ? -1 : 1]; -#endif -#if defined S_ISSOCK && defined S_IFREG -extern char c4[S_ISSOCK (S_IFREG) ? -1 : 1]; -#endif -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_stat_broken=no -else - ac_cv_header_stat_broken=yes -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stat_broken" >&5 -$as_echo "$ac_cv_header_stat_broken" >&6; } -if test $ac_cv_header_stat_broken = yes; then + GNULIB_CREAT=0; + GNULIB_FCNTL=0; + GNULIB_NONBLOCKING=0; + GNULIB_OPEN=0; + GNULIB_OPENAT=0; + HAVE_FCNTL=1; + HAVE_OPENAT=1; + REPLACE_CREAT=0; + REPLACE_FCNTL=0; + REPLACE_OPEN=0; + REPLACE_OPENAT=0; -$as_echo "#define STAT_MACROS_BROKEN 1" >>confdefs.h -fi -ac_fn_c_check_type "$LINENO" "mode_t" "ac_cv_type_mode_t" "$ac_includes_default" -if test "x$ac_cv_type_mode_t" = xyes; then : -else -cat >>confdefs.h <<_ACEOF -#define mode_t int -_ACEOF -fi - case "$host_os" in - mingw*) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for 64-bit off_t" >&5 -$as_echo_n "checking for 64-bit off_t... " >&6; } -if ${gl_cv_type_off_t_64+:} false; then : + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working fcntl.h" >&5 +$as_echo_n "checking for working fcntl.h... " >&6; } +if ${gl_cv_header_working_fcntl_h+:} false; then : $as_echo_n "(cached) " >&6 else + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess 'no' on native Windows. + mingw*) gl_cv_header_working_fcntl_h='no' ;; + *) gl_cv_header_working_fcntl_h=cross-compiling ;; + esac + +else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include - int verify_off_t_size[sizeof (off_t) >= 8 ? 1 : -1]; + #include + #if HAVE_UNISTD_H + # include + #else /* on Windows with MSVC */ + # include + # include + # defined sleep(n) _sleep ((n) * 1000) + #endif + #include + #ifndef O_NOATIME + #define O_NOATIME 0 + #endif + #ifndef O_NOFOLLOW + #define O_NOFOLLOW 0 + #endif + static int const constants[] = + { + O_CREAT, O_EXCL, O_NOCTTY, O_TRUNC, O_APPEND, + O_NONBLOCK, O_SYNC, O_ACCMODE, O_RDONLY, O_RDWR, O_WRONLY + }; int main () { + int result = !constants; + #if HAVE_SYMLINK + { + static char const sym[] = "conftest.sym"; + if (symlink ("/dev/null", sym) != 0) + result |= 2; + else + { + int fd = open (sym, O_WRONLY | O_NOFOLLOW | O_CREAT, 0); + if (fd >= 0) + { + close (fd); + result |= 4; + } + } + if (unlink (sym) != 0 || symlink (".", sym) != 0) + result |= 2; + else + { + int fd = open (sym, O_RDONLY | O_NOFOLLOW); + if (fd >= 0) + { + close (fd); + result |= 4; + } + } + unlink (sym); + } + #endif + { + static char const file[] = "confdefs.h"; + int fd = open (file, O_RDONLY | O_NOATIME); + if (fd < 0) + result |= 8; + else + { + struct stat st0; + if (fstat (fd, &st0) != 0) + result |= 16; + else + { + char c; + sleep (1); + if (read (fd, &c, 1) != 1) + result |= 24; + else + { + if (close (fd) != 0) + result |= 32; + else + { + struct stat st1; + if (stat (file, &st1) != 0) + result |= 40; + else + if (st0.st_atime != st1.st_atime) + result |= 64; + } + } + } + } + } + return result; ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_type_off_t_64=yes +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_header_working_fcntl_h=yes else - gl_cv_type_off_t_64=no + case $? in #( + 4) gl_cv_header_working_fcntl_h='no (bad O_NOFOLLOW)';; #( + 64) gl_cv_header_working_fcntl_h='no (bad O_NOATIME)';; #( + 68) gl_cv_header_working_fcntl_h='no (bad O_NOATIME, O_NOFOLLOW)';; #( + *) gl_cv_header_working_fcntl_h='no';; + esac fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_type_off_t_64" >&5 -$as_echo "$gl_cv_type_off_t_64" >&6; } - if test $gl_cv_type_off_t_64 = no; then - WINDOWS_64_BIT_OFF_T=1 - else - WINDOWS_64_BIT_OFF_T=0 - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for 64-bit st_size" >&5 -$as_echo_n "checking for 64-bit st_size... " >&6; } -if ${gl_cv_member_st_size_64+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - struct stat buf; - int verify_st_size_size[sizeof (buf.st_size) >= 8 ? 1 : -1]; -int -main () -{ - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_member_st_size_64=yes -else - gl_cv_member_st_size_64=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_working_fcntl_h" >&5 +$as_echo "$gl_cv_header_working_fcntl_h" >&6; } -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_member_st_size_64" >&5 -$as_echo "$gl_cv_member_st_size_64" >&6; } - if test $gl_cv_member_st_size_64 = no; then - WINDOWS_64_BIT_ST_SIZE=1 - else - WINDOWS_64_BIT_ST_SIZE=0 - fi - ;; - *) - WINDOWS_64_BIT_OFF_T=0 - WINDOWS_64_BIT_ST_SIZE=0 - ;; + case $gl_cv_header_working_fcntl_h in #( + *O_NOATIME* | no | cross-compiling) ac_val=0;; #( + *) ac_val=1;; esac +cat >>confdefs.h <<_ACEOF +#define HAVE_WORKING_O_NOATIME $ac_val +_ACEOF + case $gl_cv_header_working_fcntl_h in #( + *O_NOFOLLOW* | no | cross-compiling) ac_val=0;; #( + *) ac_val=1;; + esac +cat >>confdefs.h <<_ACEOF +#define HAVE_WORKING_O_NOFOLLOW $ac_val +_ACEOF +ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default" +if test "x$ac_cv_type_pid_t" = xyes; then : +else +cat >>confdefs.h <<_ACEOF +#define pid_t int +_ACEOF +fi +ac_fn_c_check_type "$LINENO" "mode_t" "ac_cv_type_mode_t" "$ac_includes_default" +if test "x$ac_cv_type_mode_t" = xyes; then : +else +cat >>confdefs.h <<_ACEOF +#define mode_t int +_ACEOF - - - if test $gl_cv_have_include_next = yes; then - gl_cv_next_sys_stat_h='<'sys/stat.h'>' - else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 -$as_echo_n "checking absolute name of ... " >&6; } -if ${gl_cv_next_sys_stat_h+:} false; then : - $as_echo_n "(cached) " >&6 -else - - if test $ac_cv_header_sys_stat_h = yes; then - - - - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF - case "$host_os" in - aix*) gl_absname_cpp="$ac_cpp -C" ;; - *) gl_absname_cpp="$ac_cpp" ;; - esac - - case "$host_os" in - mingw*) - gl_dirsep_regex='[/\\]' - ;; - *) - gl_dirsep_regex='\/' - ;; - esac - gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' - gl_header_literal_regex=`echo 'sys/stat.h' \ - | sed -e "$gl_make_literal_regex_sed"` - gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ - s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ - s|^/[^/]|//&| - p - q - }' - - gl_cv_absolute_sys_stat_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | - sed -n "$gl_absolute_header_sed"` - - gl_header=$gl_cv_absolute_sys_stat_h - gl_cv_next_sys_stat_h='"'$gl_header'"' - else - gl_cv_next_sys_stat_h='<'sys/stat.h'>' - fi - - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_sys_stat_h" >&5 -$as_echo "$gl_cv_next_sys_stat_h" >&6; } - fi - NEXT_SYS_STAT_H=$gl_cv_next_sys_stat_h - - if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then - # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'sys/stat.h'>' - else - # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_sys_stat_h - fi - NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H=$gl_next_as_first_directive - - - - - - - - - WINDOWS_STAT_TIMESPEC=0 - - - - - - - - - ac_fn_c_check_type "$LINENO" "nlink_t" "ac_cv_type_nlink_t" "#include - #include -" -if test "x$ac_cv_type_nlink_t" = xyes; then : - -else - -$as_echo "#define nlink_t int" >>confdefs.h - -fi - - - - - +fi GNULIB_DPRINTF=0; @@ -19111,6 +20642,327 @@ fi REPLACE_VSPRINTF=0; + GNULIB_FCHMODAT=0; + GNULIB_FSTAT=0; + GNULIB_FSTATAT=0; + GNULIB_FUTIMENS=0; + GNULIB_LCHMOD=0; + GNULIB_LSTAT=0; + GNULIB_MKDIRAT=0; + GNULIB_MKFIFO=0; + GNULIB_MKFIFOAT=0; + GNULIB_MKNOD=0; + GNULIB_MKNODAT=0; + GNULIB_STAT=0; + GNULIB_UTIMENSAT=0; + GNULIB_OVERRIDES_STRUCT_STAT=0; + HAVE_FCHMODAT=1; + HAVE_FSTATAT=1; + HAVE_FUTIMENS=1; + HAVE_LCHMOD=1; + HAVE_LSTAT=1; + HAVE_MKDIRAT=1; + HAVE_MKFIFO=1; + HAVE_MKFIFOAT=1; + HAVE_MKNOD=1; + HAVE_MKNODAT=1; + HAVE_UTIMENSAT=1; + REPLACE_FCHMODAT=0; + REPLACE_FSTAT=0; + REPLACE_FSTATAT=0; + REPLACE_FUTIMENS=0; + REPLACE_LSTAT=0; + REPLACE_MKDIR=0; + REPLACE_MKFIFO=0; + REPLACE_MKNOD=0; + REPLACE_STAT=0; + REPLACE_UTIMENSAT=0; + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stat file-mode macros are broken" >&5 +$as_echo_n "checking whether stat file-mode macros are broken... " >&6; } +if ${ac_cv_header_stat_broken+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include + +#if defined S_ISBLK && defined S_IFDIR +extern char c1[S_ISBLK (S_IFDIR) ? -1 : 1]; +#endif + +#if defined S_ISBLK && defined S_IFCHR +extern char c2[S_ISBLK (S_IFCHR) ? -1 : 1]; +#endif + +#if defined S_ISLNK && defined S_IFREG +extern char c3[S_ISLNK (S_IFREG) ? -1 : 1]; +#endif + +#if defined S_ISSOCK && defined S_IFREG +extern char c4[S_ISSOCK (S_IFREG) ? -1 : 1]; +#endif + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_header_stat_broken=no +else + ac_cv_header_stat_broken=yes +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stat_broken" >&5 +$as_echo "$ac_cv_header_stat_broken" >&6; } +if test $ac_cv_header_stat_broken = yes; then + +$as_echo "#define STAT_MACROS_BROKEN 1" >>confdefs.h + +fi + + + + + + case "$host_os" in + mingw*) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for 64-bit off_t" >&5 +$as_echo_n "checking for 64-bit off_t... " >&6; } +if ${gl_cv_type_off_t_64+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + int verify_off_t_size[sizeof (off_t) >= 8 ? 1 : -1]; + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_type_off_t_64=yes +else + gl_cv_type_off_t_64=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_type_off_t_64" >&5 +$as_echo "$gl_cv_type_off_t_64" >&6; } + if test $gl_cv_type_off_t_64 = no; then + WINDOWS_64_BIT_OFF_T=1 + else + WINDOWS_64_BIT_OFF_T=0 + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for 64-bit st_size" >&5 +$as_echo_n "checking for 64-bit st_size... " >&6; } +if ${gl_cv_member_st_size_64+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + struct stat buf; + int verify_st_size_size[sizeof (buf.st_size) >= 8 ? 1 : -1]; + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_member_st_size_64=yes +else + gl_cv_member_st_size_64=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_member_st_size_64" >&5 +$as_echo "$gl_cv_member_st_size_64" >&6; } + if test $gl_cv_member_st_size_64 = no; then + WINDOWS_64_BIT_ST_SIZE=1 + else + WINDOWS_64_BIT_ST_SIZE=0 + fi + ;; + *) + WINDOWS_64_BIT_OFF_T=0 + WINDOWS_64_BIT_ST_SIZE=0 + ;; + esac + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C/C++ restrict keyword" >&5 +$as_echo_n "checking for C/C++ restrict keyword... " >&6; } +if ${ac_cv_c_restrict+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_c_restrict=no + # The order here caters to the fact that C++ does not require restrict. + for ac_kw in __restrict __restrict__ _Restrict restrict; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +typedef int *int_ptr; + int foo (int_ptr $ac_kw ip) { return ip[0]; } + int bar (int [$ac_kw]); /* Catch GCC bug 14050. */ + int bar (int ip[$ac_kw]) { return ip[0]; } + +int +main () +{ +int s[1]; + int *$ac_kw t = s; + t[0] = 0; + return foo (t) + bar (t); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_restrict=$ac_kw +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + test "$ac_cv_c_restrict" != no && break + done + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_restrict" >&5 +$as_echo "$ac_cv_c_restrict" >&6; } + + case $ac_cv_c_restrict in + restrict) ;; + no) $as_echo "#define restrict /**/" >>confdefs.h + ;; + *) cat >>confdefs.h <<_ACEOF +#define restrict $ac_cv_c_restrict +_ACEOF + ;; + esac + + + + + + + + + + + + + + + + if test $gl_cv_have_include_next = yes; then + gl_cv_next_sys_stat_h='<'sys/stat.h'>' + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_sys_stat_h+:} false; then : + $as_echo_n "(cached) " >&6 +else + + if test $ac_cv_header_sys_stat_h = yes; then + + + + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF + case "$host_os" in + aix*) gl_absname_cpp="$ac_cpp -C" ;; + *) gl_absname_cpp="$ac_cpp" ;; + esac + + case "$host_os" in + mingw*) + gl_dirsep_regex='[/\\]' + ;; + *) + gl_dirsep_regex='\/' + ;; + esac + gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' + gl_header_literal_regex=`echo 'sys/stat.h' \ + | sed -e "$gl_make_literal_regex_sed"` + gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ + s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ + s|^/[^/]|//&| + p + q + }' + + gl_cv_absolute_sys_stat_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + sed -n "$gl_absolute_header_sed"` + + gl_header=$gl_cv_absolute_sys_stat_h + gl_cv_next_sys_stat_h='"'$gl_header'"' + else + gl_cv_next_sys_stat_h='<'sys/stat.h'>' + fi + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_sys_stat_h" >&5 +$as_echo "$gl_cv_next_sys_stat_h" >&6; } + fi + NEXT_SYS_STAT_H=$gl_cv_next_sys_stat_h + + if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' + gl_next_as_first_directive='<'sys/stat.h'>' + else + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' + gl_next_as_first_directive=$gl_cv_next_sys_stat_h + fi + NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H=$gl_next_as_first_directive + + + + + + + + + WINDOWS_STAT_TIMESPEC=0 + + + + + + + + + ac_fn_c_check_type "$LINENO" "nlink_t" "ac_cv_type_nlink_t" "#include + #include +" +if test "x$ac_cv_type_nlink_t" = xyes; then : + +else + +$as_echo "#define nlink_t int" >>confdefs.h + +fi + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stdin defaults to large file offsets" >&5 $as_echo_n "checking whether stdin defaults to large file offsets... " >&6; } if ${gl_cv_var_stdin_large_offset+:} false; then : @@ -19148,17 +21000,6 @@ $as_echo "$gl_cv_var_stdin_large_offset" >&6; } -ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default" -if test "x$ac_cv_type_pid_t" = xyes; then : - -else - -cat >>confdefs.h <<_ACEOF -#define pid_t int -_ACEOF - -fi - @@ -19434,19 +21275,17 @@ _ACEOF - for ac_func in $ac_func_list -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF +ac_fn_c_check_decl "$LINENO" "getdtablesize" "ac_cv_have_decl_getdtablesize" "$ac_includes_default" +if test "x$ac_cv_have_decl_getdtablesize" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 fi -done - +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_GETDTABLESIZE $ac_have_decl +_ACEOF ac_fn_c_check_decl "$LINENO" "getline" "ac_cv_have_decl_getline" "$ac_includes_default" if test "x$ac_cv_have_decl_getline" = xyes; then : @@ -19467,54 +21306,6 @@ _ACEOF REPLACE_GETTIMEOFDAY=0; REPLACE_STRUCT_TIMEVAL=0; -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C/C++ restrict keyword" >&5 -$as_echo_n "checking for C/C++ restrict keyword... " >&6; } -if ${ac_cv_c_restrict+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_c_restrict=no - # The order here caters to the fact that C++ does not require restrict. - for ac_kw in __restrict __restrict__ _Restrict restrict; do - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -typedef int *int_ptr; - int foo (int_ptr $ac_kw ip) { return ip[0]; } - int bar (int [$ac_kw]); /* Catch GCC bug 14050. */ - int bar (int ip[$ac_kw]) { return ip[0]; } - -int -main () -{ -int s[1]; - int *$ac_kw t = s; - t[0] = 0; - return foo (t) + bar (t); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_c_restrict=$ac_kw -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - test "$ac_cv_c_restrict" != no && break - done - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_restrict" >&5 -$as_echo "$ac_cv_c_restrict" >&6; } - - case $ac_cv_c_restrict in - restrict) ;; - no) $as_echo "#define restrict /**/" >>confdefs.h - ;; - *) cat >>confdefs.h <<_ACEOF -#define restrict $ac_cv_c_restrict -_ACEOF - ;; - esac - @@ -19775,22 +21566,6 @@ $as_echo "$gl_cv_sys_struct_timeval_tv_sec" >&6; } HAVE_ACCEPT4=1; - if test $ac_cv_header_sys_socket_h = no; then - for ac_header in ws2tcpip.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "ws2tcpip.h" "ac_cv_header_ws2tcpip_h" "$ac_includes_default" -if test "x$ac_cv_header_ws2tcpip_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_WS2TCPIP_H 1 -_ACEOF - -fi - -done - - fi - - @@ -19957,9 +21732,15 @@ $as_echo "$gl_cv_next_sys_socket_h" >&6; } if test $ac_cv_header_sys_socket_h = yes; then HAVE_SYS_SOCKET_H=1 - HAVE_WS2TCPIP_H=0 else HAVE_SYS_SOCKET_H=0 + fi + + + + if test $ac_cv_header_sys_socket_h = yes; then + HAVE_WS2TCPIP_H=0 + else if test $ac_cv_header_ws2tcpip_h = yes; then HAVE_WS2TCPIP_H=1 else @@ -20082,6 +21863,8 @@ done + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for IPv4 sockets" >&5 $as_echo_n "checking for IPv4 sockets... " >&6; } if ${gl_cv_socket_ipv4+:} false; then : @@ -20297,454 +22080,65 @@ fi - - - GNULIB__EXIT=0; - GNULIB_ATOLL=0; - GNULIB_CALLOC_POSIX=0; - GNULIB_CANONICALIZE_FILE_NAME=0; - GNULIB_GETLOADAVG=0; - GNULIB_GETSUBOPT=0; - GNULIB_GRANTPT=0; - GNULIB_MALLOC_POSIX=0; - GNULIB_MBTOWC=0; - GNULIB_MKDTEMP=0; - GNULIB_MKOSTEMP=0; - GNULIB_MKOSTEMPS=0; - GNULIB_MKSTEMP=0; - GNULIB_MKSTEMPS=0; - GNULIB_POSIX_OPENPT=0; - GNULIB_PTSNAME=0; - GNULIB_PTSNAME_R=0; - GNULIB_PUTENV=0; - GNULIB_QSORT_R=0; - GNULIB_RANDOM=0; - GNULIB_RANDOM_R=0; - GNULIB_REALLOCARRAY=0; - GNULIB_REALLOC_POSIX=0; - GNULIB_REALPATH=0; - GNULIB_RPMATCH=0; - GNULIB_SECURE_GETENV=0; - GNULIB_SETENV=0; - GNULIB_STRTOD=0; - GNULIB_STRTOLD=0; - GNULIB_STRTOLL=0; - GNULIB_STRTOULL=0; - GNULIB_SYSTEM_POSIX=0; - GNULIB_UNLOCKPT=0; - GNULIB_UNSETENV=0; - GNULIB_WCTOMB=0; - HAVE__EXIT=1; - HAVE_ATOLL=1; - HAVE_CANONICALIZE_FILE_NAME=1; - HAVE_DECL_GETLOADAVG=1; - HAVE_GETSUBOPT=1; - HAVE_GRANTPT=1; - HAVE_INITSTATE=1; - HAVE_DECL_INITSTATE=1; - HAVE_MBTOWC=1; - HAVE_MKDTEMP=1; - HAVE_MKOSTEMP=1; - HAVE_MKOSTEMPS=1; - HAVE_MKSTEMP=1; - HAVE_MKSTEMPS=1; - HAVE_POSIX_OPENPT=1; - HAVE_PTSNAME=1; - HAVE_PTSNAME_R=1; - HAVE_QSORT_R=1; - HAVE_RANDOM=1; - HAVE_RANDOM_H=1; - HAVE_RANDOM_R=1; - HAVE_REALLOCARRAY=1; - HAVE_REALPATH=1; - HAVE_RPMATCH=1; - HAVE_SECURE_GETENV=1; - HAVE_SETENV=1; - HAVE_DECL_SETENV=1; - HAVE_SETSTATE=1; - HAVE_DECL_SETSTATE=1; - HAVE_STRTOD=1; - HAVE_STRTOLD=1; - HAVE_STRTOLL=1; - HAVE_STRTOULL=1; - HAVE_STRUCT_RANDOM_DATA=1; - HAVE_SYS_LOADAVG_H=0; - HAVE_UNLOCKPT=1; - HAVE_DECL_UNSETENV=1; - REPLACE_CALLOC=0; - REPLACE_CANONICALIZE_FILE_NAME=0; - REPLACE_INITSTATE=0; - REPLACE_MALLOC=0; - REPLACE_MBTOWC=0; - REPLACE_MKSTEMP=0; - REPLACE_PTSNAME=0; - REPLACE_PTSNAME_R=0; - REPLACE_PUTENV=0; - REPLACE_QSORT_R=0; - REPLACE_RANDOM=0; - REPLACE_RANDOM_R=0; - REPLACE_REALLOC=0; - REPLACE_REALPATH=0; - REPLACE_SETENV=0; - REPLACE_SETSTATE=0; - REPLACE_STRTOD=0; - REPLACE_STRTOLD=0; - REPLACE_UNSETENV=0; - REPLACE_WCTOMB=0; - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether malloc, realloc, calloc are POSIX compliant" >&5 -$as_echo_n "checking whether malloc, realloc, calloc are POSIX compliant... " >&6; } -if ${gl_cv_func_malloc_posix+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for wint_t" >&5 +$as_echo_n "checking for wint_t... " >&6; } +if ${gt_cv_c_wint_t+:} false; then : $as_echo_n "(cached) " >&6 else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +/* Tru64 with Desktop Toolkit C has a bug: must be included before + . + BSD/OS 4.0.1 has a bug: , and must be included + before . */ +#include +#include +#include +#include + wint_t foo = (wchar_t)'\0'; int main () { -#if defined _WIN32 && ! defined __CYGWIN__ - choke me - #endif ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_func_malloc_posix=yes + gt_cv_c_wint_t=yes else - gl_cv_func_malloc_posix=no + gt_cv_c_wint_t=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_malloc_posix" >&5 -$as_echo "$gl_cv_func_malloc_posix" >&6; } - - - - - - - GNULIB_EXPLICIT_BZERO=0; - GNULIB_FFSL=0; - GNULIB_FFSLL=0; - GNULIB_MEMCHR=0; - GNULIB_MEMMEM=0; - GNULIB_MEMPCPY=0; - GNULIB_MEMRCHR=0; - GNULIB_RAWMEMCHR=0; - GNULIB_STPCPY=0; - GNULIB_STPNCPY=0; - GNULIB_STRCHRNUL=0; - GNULIB_STRDUP=0; - GNULIB_STRNCAT=0; - GNULIB_STRNDUP=0; - GNULIB_STRNLEN=0; - GNULIB_STRPBRK=0; - GNULIB_STRSEP=0; - GNULIB_STRSTR=0; - GNULIB_STRCASESTR=0; - GNULIB_STRTOK_R=0; - GNULIB_MBSLEN=0; - GNULIB_MBSNLEN=0; - GNULIB_MBSCHR=0; - GNULIB_MBSRCHR=0; - GNULIB_MBSSTR=0; - GNULIB_MBSCASECMP=0; - GNULIB_MBSNCASECMP=0; - GNULIB_MBSPCASECMP=0; - GNULIB_MBSCASESTR=0; - GNULIB_MBSCSPN=0; - GNULIB_MBSPBRK=0; - GNULIB_MBSSPN=0; - GNULIB_MBSSEP=0; - GNULIB_MBSTOK_R=0; - GNULIB_STRERROR=0; - GNULIB_STRERROR_R=0; - GNULIB_STRSIGNAL=0; - GNULIB_STRVERSCMP=0; - HAVE_MBSLEN=0; - HAVE_EXPLICIT_BZERO=1; - HAVE_FFSL=1; - HAVE_FFSLL=1; - HAVE_MEMCHR=1; - HAVE_DECL_MEMMEM=1; - HAVE_MEMPCPY=1; - HAVE_DECL_MEMRCHR=1; - HAVE_RAWMEMCHR=1; - HAVE_STPCPY=1; - HAVE_STPNCPY=1; - HAVE_STRCHRNUL=1; - HAVE_DECL_STRDUP=1; - HAVE_DECL_STRNDUP=1; - HAVE_DECL_STRNLEN=1; - HAVE_STRPBRK=1; - HAVE_STRSEP=1; - HAVE_STRCASESTR=1; - HAVE_DECL_STRTOK_R=1; - HAVE_DECL_STRERROR_R=1; - HAVE_DECL_STRSIGNAL=1; - HAVE_STRVERSCMP=1; - REPLACE_MEMCHR=0; - REPLACE_MEMMEM=0; - REPLACE_STPNCPY=0; - REPLACE_STRCHRNUL=0; - REPLACE_STRDUP=0; - REPLACE_STRNCAT=0; - REPLACE_STRNDUP=0; - REPLACE_STRNLEN=0; - REPLACE_STRSTR=0; - REPLACE_STRCASESTR=0; - REPLACE_STRTOK_R=0; - REPLACE_STRERROR=0; - REPLACE_STRERROR_R=0; - REPLACE_STRSIGNAL=0; - UNDEFINE_STRTOK_R=0; - - - - - - - # Check for mmap(). Don't use AC_FUNC_MMAP, because it checks too much: it - # fails on HP-UX 11, because MAP_FIXED mappings do not work. But this is - # irrelevant for anonymous mappings. - ac_fn_c_check_func "$LINENO" "mmap" "ac_cv_func_mmap" -if test "x$ac_cv_func_mmap" = xyes; then : - gl_have_mmap=yes -else - gl_have_mmap=no -fi - - - # Try to allow MAP_ANONYMOUS. - gl_have_mmap_anonymous=no - if test $gl_have_mmap = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for MAP_ANONYMOUS" >&5 -$as_echo_n "checking for MAP_ANONYMOUS... " >&6; } - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#ifdef MAP_ANONYMOUS - I cannot identify this map -#endif - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "I cannot identify this map" >/dev/null 2>&1; then : - gl_have_mmap_anonymous=yes -fi -rm -f conftest* - - if test $gl_have_mmap_anonymous != yes; then - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#ifdef MAP_ANON - I cannot identify this map -#endif - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "I cannot identify this map" >/dev/null 2>&1; then : - -$as_echo "#define MAP_ANONYMOUS MAP_ANON" >>confdefs.h - - gl_have_mmap_anonymous=yes fi -rm -f conftest* - - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_have_mmap_anonymous" >&5 -$as_echo "$gl_have_mmap_anonymous" >&6; } - if test $gl_have_mmap_anonymous = yes; then - -$as_echo "#define HAVE_MAP_ANONYMOUS 1" >>confdefs.h - - fi - fi - - - +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_c_wint_t" >&5 +$as_echo "$gt_cv_c_wint_t" >&6; } + if test $gt_cv_c_wint_t = yes; then +$as_echo "#define HAVE_WINT_T 1" >>confdefs.h - if test $HAVE_MEMCHR = 1; then - # Detect platform-specific bugs in some versions of glibc: - # memchr should not dereference anything with length 0 - # https://bugzilla.redhat.com/show_bug.cgi?id=499689 - # memchr should not dereference overestimated length after a match - # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521737 - # https://sourceware.org/bugzilla/show_bug.cgi?id=10162 - # memchr should cast the second argument to 'unsigned char'. - # This bug exists in Android 4.3. - # Assume that memchr works on platforms that lack mprotect. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether memchr works" >&5 -$as_echo_n "checking whether memchr works... " >&6; } -if ${gl_cv_func_memchr_works+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether wint_t is too small" >&5 +$as_echo_n "checking whether wint_t is too small... " >&6; } +if ${gl_cv_type_wint_t_too_small+:} false; then : $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then : - case "$host_os" in - # Guess no on Android. - linux*-android*) gl_cv_func_memchr_works="guessing no" ;; - # Guess yes on native Windows. - mingw*) gl_cv_func_memchr_works="guessing yes" ;; - # Be pessimistic for now. - *) gl_cv_func_memchr_works="guessing no" ;; - esac - -else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -#if HAVE_SYS_MMAN_H -# include -# include -# include -# include -# ifndef MAP_FILE -# define MAP_FILE 0 -# endif -#endif - -int -main () -{ - - int result = 0; - char *fence = NULL; -#if HAVE_SYS_MMAN_H && HAVE_MPROTECT -# if HAVE_MAP_ANONYMOUS - const int flags = MAP_ANONYMOUS | MAP_PRIVATE; - const int fd = -1; -# else /* !HAVE_MAP_ANONYMOUS */ - const int flags = MAP_FILE | MAP_PRIVATE; - int fd = open ("/dev/zero", O_RDONLY, 0666); - if (fd >= 0) -# endif - { - int pagesize = getpagesize (); - char *two_pages = - (char *) mmap (NULL, 2 * pagesize, PROT_READ | PROT_WRITE, - flags, fd, 0); - if (two_pages != (char *)(-1) - && mprotect (two_pages + pagesize, pagesize, PROT_NONE) == 0) - fence = two_pages + pagesize; - } +/* Tru64 with Desktop Toolkit C has a bug: must be included before + . + BSD/OS 4.0.1 has a bug: , and must be + included before . */ +#if !(defined __GLIBC__ && !defined __UCLIBC__) +# include +# include +# include #endif - if (fence) - { - if (memchr (fence, 0, 0)) - result |= 1; - strcpy (fence - 9, "12345678"); - if (memchr (fence - 9, 0, 79) != fence - 1) - result |= 2; - if (memchr (fence - 1, 0, 3) != fence - 1) - result |= 4; - } - /* Test against bug on Android 4.3. */ - { - char input[3]; - input[0] = 'a'; - input[1] = 'b'; - input[2] = 'c'; - if (memchr (input, 0x789abc00 | 'b', 3) != input + 1) - result |= 8; - } - return result; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_memchr_works=yes -else - gl_cv_func_memchr_works=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_memchr_works" >&5 -$as_echo "$gl_cv_func_memchr_works" >&6; } - case "$gl_cv_func_memchr_works" in - *yes) ;; - *) REPLACE_MEMCHR=1 ;; - esac - fi - -ac_fn_c_check_decl "$LINENO" "memmem" "ac_cv_have_decl_memmem" "$ac_includes_default" -if test "x$ac_cv_have_decl_memmem" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_MEMMEM $ac_have_decl -_ACEOF - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether defines MIN and MAX" >&5 -$as_echo_n "checking whether defines MIN and MAX... " >&6; } -if ${gl_cv_minmax_in_limits_h+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - int x = MIN (42, 17); -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_minmax_in_limits_h=yes -else - gl_cv_minmax_in_limits_h=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_minmax_in_limits_h" >&5 -$as_echo "$gl_cv_minmax_in_limits_h" >&6; } - if test $gl_cv_minmax_in_limits_h = yes; then - -$as_echo "#define HAVE_MINMAX_IN_LIMITS_H 1" >>confdefs.h - - fi - - - - - +#include + int verify[sizeof (wint_t) < sizeof (int) ? -1 : 1]; - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether defines MIN and MAX" >&5 -$as_echo_n "checking whether defines MIN and MAX... " >&6; } -if ${gl_cv_minmax_in_sys_param_h+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - int x = MIN (42, 17); int main () { @@ -20754,34 +22148,21 @@ main () } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_minmax_in_sys_param_h=yes + gl_cv_type_wint_t_too_small=no else - gl_cv_minmax_in_sys_param_h=no + gl_cv_type_wint_t_too_small=yes fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_minmax_in_sys_param_h" >&5 -$as_echo "$gl_cv_minmax_in_sys_param_h" >&6; } - if test $gl_cv_minmax_in_sys_param_h = yes; then - -$as_echo "#define HAVE_MINMAX_IN_SYS_PARAM_H 1" >>confdefs.h - - fi - - - - - - - - - if test $ac_cv_func__set_invalid_parameter_handler = yes; then - HAVE_MSVC_INVALID_PARAMETER_HANDLER=1 - -$as_echo "#define HAVE_MSVC_INVALID_PARAMETER_HANDLER 1" >>confdefs.h - +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_type_wint_t_too_small" >&5 +$as_echo "$gl_cv_type_wint_t_too_small" >&6; } + if test $gl_cv_type_wint_t_too_small = yes; then + GNULIB_OVERRIDES_WINT_T=1 + else + GNULIB_OVERRIDES_WINT_T=0 + fi else - HAVE_MSVC_INVALID_PARAMETER_HANDLER=0 + GNULIB_OVERRIDES_WINT_T=0 fi @@ -20789,6 +22170,7 @@ $as_echo "#define HAVE_MSVC_INVALID_PARAMETER_HANDLER 1" >>confdefs.h + gl_cv_c_multiarch=no cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -20831,517 +22213,23 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - GNULIB_GETADDRINFO=0; - HAVE_STRUCT_ADDRINFO=1; - HAVE_DECL_FREEADDRINFO=1; - HAVE_DECL_GAI_STRERROR=1; - HAVE_DECL_GETADDRINFO=1; - HAVE_DECL_GETNAMEINFO=1; - REPLACE_GAI_STRERROR=0; - - - - +$as_echo "#define HAVE_LONG_LONG_INT 1" >>confdefs.h +$as_echo "#define HAVE_UNSIGNED_LONG_LONG_INT 1" >>confdefs.h - - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether snprintf returns a byte count as in C99" >&5 -$as_echo_n "checking whether snprintf returns a byte count as in C99... " >&6; } -if ${gl_cv_func_snprintf_retval_c99+:} false; then : - $as_echo_n "(cached) " >&6 -else - - if test "$cross_compiling" = yes; then : - case "$host_os" in - # Guess yes on glibc systems. - *-gnu* | gnu*) gl_cv_func_snprintf_retval_c99="guessing yes";; - # Guess yes on musl systems. - *-musl*) gl_cv_func_snprintf_retval_c99="guessing yes";; - # Guess yes on FreeBSD >= 5. - freebsd[1-4].*) gl_cv_func_snprintf_retval_c99="guessing no";; - freebsd* | kfreebsd*) gl_cv_func_snprintf_retval_c99="guessing yes";; - # Guess yes on Mac OS X >= 10.3. - darwin[1-6].*) gl_cv_func_snprintf_retval_c99="guessing no";; - darwin*) gl_cv_func_snprintf_retval_c99="guessing yes";; - # Guess yes on OpenBSD >= 3.9. - openbsd[1-2].* | openbsd3.[0-8] | openbsd3.[0-8].*) - gl_cv_func_snprintf_retval_c99="guessing no";; - openbsd*) gl_cv_func_snprintf_retval_c99="guessing yes";; - # Guess yes on Solaris >= 2.10. - solaris2.[1-9][0-9]*) gl_cv_func_printf_sizes_c99="guessing yes";; - solaris*) gl_cv_func_printf_sizes_c99="guessing no";; - # Guess yes on AIX >= 4. - aix[1-3]*) gl_cv_func_snprintf_retval_c99="guessing no";; - aix*) gl_cv_func_snprintf_retval_c99="guessing yes";; - # Guess yes on NetBSD >= 3. - netbsd[1-2]* | netbsdelf[1-2]* | netbsdaout[1-2]* | netbsdcoff[1-2]*) - gl_cv_func_snprintf_retval_c99="guessing no";; - netbsd*) gl_cv_func_snprintf_retval_c99="guessing yes";; - # Guess yes on BeOS. - beos*) gl_cv_func_snprintf_retval_c99="guessing yes";; - # Guess yes on Android. - linux*-android*) gl_cv_func_snprintf_retval_c99="guessing yes";; - # Guess yes on MSVC, no on mingw. - mingw*) cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#ifdef _MSC_VER - Known -#endif - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "Known" >/dev/null 2>&1; then : - gl_cv_func_snprintf_retval_c99="guessing yes" -else - gl_cv_func_snprintf_retval_c99="guessing no" -fi -rm -f conftest* - - ;; - # If we don't know, assume the worst. - *) gl_cv_func_snprintf_retval_c99="guessing no";; - esac - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#include -#if HAVE_SNPRINTF -# define my_snprintf snprintf -#else -# include -static int my_snprintf (char *buf, int size, const char *format, ...) -{ - va_list args; - int ret; - va_start (args, format); - ret = vsnprintf (buf, size, format, args); - va_end (args); - return ret; -} -#endif -static char buf[100]; -int main () -{ - strcpy (buf, "ABCDEF"); - if (my_snprintf (buf, 3, "%d %d", 4567, 89) != 7) - return 1; - if (my_snprintf (buf, 0, "%d %d", 4567, 89) != 7) - return 2; - if (my_snprintf (NULL, 0, "%d %d", 4567, 89) != 7) - return 3; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_snprintf_retval_c99=yes -else - gl_cv_func_snprintf_retval_c99=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_snprintf_retval_c99" >&5 -$as_echo "$gl_cv_func_snprintf_retval_c99" >&6; } - -ac_fn_c_check_decl "$LINENO" "snprintf" "ac_cv_have_decl_snprintf" "$ac_includes_default" -if test "x$ac_cv_have_decl_snprintf" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_SNPRINTF $ac_have_decl -_ACEOF - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdbool.h that conforms to C99" >&5 -$as_echo_n "checking for stdbool.h that conforms to C99... " >&6; } -if ${ac_cv_header_stdbool_h+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - - #ifdef __cplusplus - typedef bool Bool; - #else - typedef _Bool Bool; - #ifndef bool - "error: bool is not defined" - #endif - #ifndef false - "error: false is not defined" - #endif - #if false - "error: false is not 0" - #endif - #ifndef true - "error: true is not defined" - #endif - #if true != 1 - "error: true is not 1" - #endif - #endif - - #ifndef __bool_true_false_are_defined - "error: __bool_true_false_are_defined is not defined" - #endif - - struct s { Bool s: 1; Bool t; bool u: 1; bool v; } s; - - char a[true == 1 ? 1 : -1]; - char b[false == 0 ? 1 : -1]; - char c[__bool_true_false_are_defined == 1 ? 1 : -1]; - char d[(bool) 0.5 == true ? 1 : -1]; - /* See body of main program for 'e'. */ - char f[(Bool) 0.0 == false ? 1 : -1]; - char g[true]; - char h[sizeof (Bool)]; - char i[sizeof s.t]; - enum { j = false, k = true, l = false * true, m = true * 256 }; - /* The following fails for - HP aC++/ANSI C B3910B A.05.55 [Dec 04 2003]. */ - Bool n[m]; - char o[sizeof n == m * sizeof n[0] ? 1 : -1]; - char p[-1 - (Bool) 0 < 0 && -1 - (bool) 0 < 0 ? 1 : -1]; - /* Catch a bug in an HP-UX C compiler. See - https://gcc.gnu.org/ml/gcc-patches/2003-12/msg02303.html - https://lists.gnu.org/r/bug-coreutils/2005-11/msg00161.html - */ - Bool q = true; - Bool *pq = &q; - bool *qq = &q; - -int -main () -{ - - bool e = &s; - *pq |= q; *pq |= ! q; - *qq |= q; *qq |= ! q; - /* Refer to every declared value, to avoid compiler optimizations. */ - return (!a + !b + !c + !d + !e + !f + !g + !h + !i + !!j + !k + !!l - + !m + !n + !o + !p + !q + !pq + !qq); - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_header_stdbool_h=yes -else - ac_cv_header_stdbool_h=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdbool_h" >&5 -$as_echo "$ac_cv_header_stdbool_h" >&6; } - ac_fn_c_check_type "$LINENO" "_Bool" "ac_cv_type__Bool" "$ac_includes_default" -if test "x$ac_cv_type__Bool" = xyes; then : - -cat >>confdefs.h <<_ACEOF -#define HAVE__BOOL 1 -_ACEOF - - -fi - - - - REPLACE_NULL=0; - HAVE_MAX_ALIGN_T=1; - HAVE_WCHAR_T=1; - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for wchar_t" >&5 -$as_echo_n "checking for wchar_t... " >&6; } -if ${gt_cv_c_wchar_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - wchar_t foo = (wchar_t)'\0'; -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gt_cv_c_wchar_t=yes -else - gt_cv_c_wchar_t=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_c_wchar_t" >&5 -$as_echo "$gt_cv_c_wchar_t" >&6; } - if test $gt_cv_c_wchar_t = yes; then - -$as_echo "#define HAVE_WCHAR_T 1" >>confdefs.h - - fi - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for wint_t" >&5 -$as_echo_n "checking for wint_t... " >&6; } -if ${gt_cv_c_wint_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Tru64 with Desktop Toolkit C has a bug: must be included before - . - BSD/OS 4.0.1 has a bug: , and must be included - before . */ -#include -#include -#include -#include - wint_t foo = (wchar_t)'\0'; -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gt_cv_c_wint_t=yes -else - gt_cv_c_wint_t=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_c_wint_t" >&5 -$as_echo "$gt_cv_c_wint_t" >&6; } - if test $gt_cv_c_wint_t = yes; then - -$as_echo "#define HAVE_WINT_T 1" >>confdefs.h - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether wint_t is too small" >&5 -$as_echo_n "checking whether wint_t is too small... " >&6; } -if ${gl_cv_type_wint_t_too_small+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -/* Tru64 with Desktop Toolkit C has a bug: must be included before - . - BSD/OS 4.0.1 has a bug: , and must be - included before . */ -#if !(defined __GLIBC__ && !defined __UCLIBC__) -# include -# include -# include -#endif -#include - int verify[sizeof (wint_t) < sizeof (int) ? -1 : 1]; - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_type_wint_t_too_small=no -else - gl_cv_type_wint_t_too_small=yes -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_type_wint_t_too_small" >&5 -$as_echo "$gl_cv_type_wint_t_too_small" >&6; } - if test $gl_cv_type_wint_t_too_small = yes; then - GNULIB_OVERRIDES_WINT_T=1 - else - GNULIB_OVERRIDES_WINT_T=0 - fi - else - GNULIB_OVERRIDES_WINT_T=0 - fi - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for unsigned long long int" >&5 -$as_echo_n "checking for unsigned long long int... " >&6; } -if ${ac_cv_type_unsigned_long_long_int+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_type_unsigned_long_long_int=yes - if test "x${ac_cv_prog_cc_c99-no}" = xno; then - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - /* For now, do not test the preprocessor; as of 2007 there are too many - implementations with broken preprocessors. Perhaps this can - be revisited in 2012. In the meantime, code should not expect - #if to work with literals wider than 32 bits. */ - /* Test literals. */ - long long int ll = 9223372036854775807ll; - long long int nll = -9223372036854775807LL; - unsigned long long int ull = 18446744073709551615ULL; - /* Test constant expressions. */ - typedef int a[((-9223372036854775807LL < 0 && 0 < 9223372036854775807ll) - ? 1 : -1)]; - typedef int b[(18446744073709551615ULL <= (unsigned long long int) -1 - ? 1 : -1)]; - int i = 63; -int -main () -{ -/* Test availability of runtime routines for shift and division. */ - long long int llmax = 9223372036854775807ll; - unsigned long long int ullmax = 18446744073709551615ull; - return ((ll << 63) | (ll >> 63) | (ll < i) | (ll > i) - | (llmax / ll) | (llmax % ll) - | (ull << 63) | (ull >> 63) | (ull << i) | (ull >> i) - | (ullmax / ull) | (ullmax % ull)); - ; - return 0; -} - -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - -else - ac_cv_type_unsigned_long_long_int=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_unsigned_long_long_int" >&5 -$as_echo "$ac_cv_type_unsigned_long_long_int" >&6; } - if test $ac_cv_type_unsigned_long_long_int = yes; then - -$as_echo "#define HAVE_UNSIGNED_LONG_LONG_INT 1" >>confdefs.h - - fi - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for long long int" >&5 -$as_echo_n "checking for long long int... " >&6; } -if ${ac_cv_type_long_long_int+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_type_long_long_int=yes - if test "x${ac_cv_prog_cc_c99-no}" = xno; then - ac_cv_type_long_long_int=$ac_cv_type_unsigned_long_long_int - if test $ac_cv_type_long_long_int = yes; then - if test "$cross_compiling" = yes; then : - : -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - #ifndef LLONG_MAX - # define HALF \ - (1LL << (sizeof (long long int) * CHAR_BIT - 2)) - # define LLONG_MAX (HALF - 1 + HALF) - #endif -int -main () -{ -long long int n = 1; - int i; - for (i = 0; ; i++) - { - long long int m = n << i; - if (m >> i != n) - return 1; - if (LLONG_MAX / 2 < m) - break; - } - return 0; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - -else - ac_cv_type_long_long_int=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - fi - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_long_long_int" >&5 -$as_echo "$ac_cv_type_long_long_int" >&6; } - if test $ac_cv_type_long_long_int = yes; then - -$as_echo "#define HAVE_LONG_LONG_INT 1" >>confdefs.h - - fi - - - - - - - - - - - - if test $ac_cv_type_long_long_int = yes; then - HAVE_LONG_LONG_INT=1 - else - HAVE_LONG_LONG_INT=0 - fi - - - if test $ac_cv_type_unsigned_long_long_int = yes; then - HAVE_UNSIGNED_LONG_LONG_INT=1 - else - HAVE_UNSIGNED_LONG_LONG_INT=0 - fi - - - - if test $ac_cv_header_wchar_h = yes; then - HAVE_WCHAR_H=1 - else - HAVE_WCHAR_H=0 - fi + if test $ac_cv_header_wchar_h = yes; then + HAVE_WCHAR_H=1 + else + HAVE_WCHAR_H=0 + fi if test $ac_cv_header_inttypes_h = yes; then @@ -22182,23 +23070,28 @@ fi - GNULIB_FFS=0; - HAVE_FFS=1; - HAVE_STRCASECMP=1; - HAVE_DECL_STRNCASECMP=1; + GNULIB_IMAXABS=0; + GNULIB_IMAXDIV=0; + GNULIB_STRTOIMAX=0; + GNULIB_STRTOUMAX=0; + HAVE_DECL_IMAXABS=1; + HAVE_DECL_IMAXDIV=1; + HAVE_DECL_STRTOIMAX=1; + HAVE_DECL_STRTOUMAX=1; + HAVE_IMAXDIV_T=1; + REPLACE_STRTOIMAX=0; + REPLACE_STRTOUMAX=0; + INT32_MAX_LT_INTMAX_MAX=1; + INT64_MAX_EQ_LONG_MAX='defined _LP64'; + PRI_MACROS_BROKEN=0; + PRIPTR_PREFIX=__PRIPTR_PREFIX; + UINT32_MAX_LT_UINTMAX_MAX=1; + UINT64_MAX_EQ_ULONG_MAX='defined _LP64'; + -ac_fn_c_check_decl "$LINENO" "strdup" "ac_cv_have_decl_strdup" "$ac_includes_default" -if test "x$ac_cv_have_decl_strdup" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_STRDUP $ac_have_decl -_ACEOF @@ -22212,19 +23105,22 @@ _ACEOF if test $gl_cv_have_include_next = yes; then - gl_cv_next_string_h='<'string.h'>' + gl_cv_next_inttypes_h='<'inttypes.h'>' else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 -$as_echo_n "checking absolute name of ... " >&6; } -if ${gl_cv_next_string_h+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_inttypes_h+:} false; then : $as_echo_n "(cached) " >&6 else + if test $ac_cv_header_inttypes_h = yes; then + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +#include _ACEOF case "$host_os" in aix*) gl_absname_cpp="$ac_cpp -C" ;; @@ -22240,7 +23136,7 @@ _ACEOF ;; esac gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' - gl_header_literal_regex=`echo 'string.h' \ + gl_header_literal_regex=`echo 'inttypes.h' \ | sed -e "$gl_make_literal_regex_sed"` gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ @@ -22249,37 +23145,30 @@ _ACEOF q }' - gl_cv_absolute_string_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + gl_cv_absolute_inttypes_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | sed -n "$gl_absolute_header_sed"` - gl_header=$gl_cv_absolute_string_h - gl_cv_next_string_h='"'$gl_header'"' + gl_header=$gl_cv_absolute_inttypes_h + gl_cv_next_inttypes_h='"'$gl_header'"' + else + gl_cv_next_inttypes_h='<'inttypes.h'>' + fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_string_h" >&5 -$as_echo "$gl_cv_next_string_h" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_inttypes_h" >&5 +$as_echo "$gl_cv_next_inttypes_h" >&6; } fi - NEXT_STRING_H=$gl_cv_next_string_h + NEXT_INTTYPES_H=$gl_cv_next_inttypes_h if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'string.h'>' + gl_next_as_first_directive='<'inttypes.h'>' else # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_string_h + gl_next_as_first_directive=$gl_cv_next_inttypes_h fi - NEXT_AS_FIRST_DIRECTIVE_STRING_H=$gl_next_as_first_directive - - - - - - - - - - + NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H=$gl_next_as_first_directive @@ -22293,257 +23182,476 @@ $as_echo "$gl_cv_next_string_h" >&6; } - if test $gl_cv_have_include_next = yes; then - gl_cv_next_strings_h='<'strings.h'>' - else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 -$as_echo_n "checking absolute name of ... " >&6; } -if ${gl_cv_next_strings_h+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test $ac_cv_header_strings_h = yes; then + GNULIB__EXIT=0; + GNULIB_ATOLL=0; + GNULIB_CALLOC_POSIX=0; + GNULIB_CANONICALIZE_FILE_NAME=0; + GNULIB_GETLOADAVG=0; + GNULIB_GETSUBOPT=0; + GNULIB_GRANTPT=0; + GNULIB_MALLOC_POSIX=0; + GNULIB_MBTOWC=0; + GNULIB_MKDTEMP=0; + GNULIB_MKOSTEMP=0; + GNULIB_MKOSTEMPS=0; + GNULIB_MKSTEMP=0; + GNULIB_MKSTEMPS=0; + GNULIB_POSIX_OPENPT=0; + GNULIB_PTSNAME=0; + GNULIB_PTSNAME_R=0; + GNULIB_PUTENV=0; + GNULIB_QSORT_R=0; + GNULIB_RANDOM=0; + GNULIB_RANDOM_R=0; + GNULIB_REALLOCARRAY=0; + GNULIB_REALLOC_POSIX=0; + GNULIB_REALPATH=0; + GNULIB_RPMATCH=0; + GNULIB_SECURE_GETENV=0; + GNULIB_SETENV=0; + GNULIB_STRTOD=0; + GNULIB_STRTOLD=0; + GNULIB_STRTOLL=0; + GNULIB_STRTOULL=0; + GNULIB_SYSTEM_POSIX=0; + GNULIB_UNLOCKPT=0; + GNULIB_UNSETENV=0; + GNULIB_WCTOMB=0; + HAVE__EXIT=1; + HAVE_ATOLL=1; + HAVE_CANONICALIZE_FILE_NAME=1; + HAVE_DECL_GETLOADAVG=1; + HAVE_GETSUBOPT=1; + HAVE_GRANTPT=1; + HAVE_INITSTATE=1; + HAVE_DECL_INITSTATE=1; + HAVE_MBTOWC=1; + HAVE_MKDTEMP=1; + HAVE_MKOSTEMP=1; + HAVE_MKOSTEMPS=1; + HAVE_MKSTEMP=1; + HAVE_MKSTEMPS=1; + HAVE_POSIX_OPENPT=1; + HAVE_PTSNAME=1; + HAVE_PTSNAME_R=1; + HAVE_QSORT_R=1; + HAVE_RANDOM=1; + HAVE_RANDOM_H=1; + HAVE_RANDOM_R=1; + HAVE_REALLOCARRAY=1; + HAVE_REALPATH=1; + HAVE_RPMATCH=1; + HAVE_SECURE_GETENV=1; + HAVE_SETENV=1; + HAVE_DECL_SETENV=1; + HAVE_SETSTATE=1; + HAVE_DECL_SETSTATE=1; + HAVE_STRTOD=1; + HAVE_STRTOLD=1; + HAVE_STRTOLL=1; + HAVE_STRTOULL=1; + HAVE_STRUCT_RANDOM_DATA=1; + HAVE_SYS_LOADAVG_H=0; + HAVE_UNLOCKPT=1; + HAVE_DECL_UNSETENV=1; + REPLACE_CALLOC=0; + REPLACE_CANONICALIZE_FILE_NAME=0; + REPLACE_INITSTATE=0; + REPLACE_MALLOC=0; + REPLACE_MBTOWC=0; + REPLACE_MKSTEMP=0; + REPLACE_PTSNAME=0; + REPLACE_PTSNAME_R=0; + REPLACE_PUTENV=0; + REPLACE_QSORT_R=0; + REPLACE_RANDOM=0; + REPLACE_RANDOM_R=0; + REPLACE_REALLOC=0; + REPLACE_REALPATH=0; + REPLACE_SETENV=0; + REPLACE_SETSTATE=0; + REPLACE_STRTOD=0; + REPLACE_STRTOLD=0; + REPLACE_UNSETENV=0; + REPLACE_WCTOMB=0; + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether malloc, realloc, calloc are POSIX compliant" >&5 +$as_echo_n "checking whether malloc, realloc, calloc are POSIX compliant... " >&6; } +if ${gl_cv_func_malloc_posix+:} false; then : + $as_echo_n "(cached) " >&6 +else + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ +#if defined _WIN32 && ! defined __CYGWIN__ + choke me + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_func_malloc_posix=yes +else + gl_cv_func_malloc_posix=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_malloc_posix" >&5 +$as_echo "$gl_cv_func_malloc_posix" >&6; } + + + + for ac_header in stdlib.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "stdlib.h" "ac_cv_header_stdlib_h" "$ac_includes_default" +if test "x$ac_cv_header_stdlib_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_STDLIB_H 1 +_ACEOF +fi +done + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU libc compatible malloc" >&5 +$as_echo_n "checking for GNU libc compatible malloc... " >&6; } +if ${ac_cv_func_malloc_0_nonnull+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess yes on platforms where we know the result. + *-gnu* | gnu* | *-musl* | freebsd* | netbsd* | openbsd* \ + | hpux* | solaris* | cygwin* | mingw*) + ac_cv_func_malloc_0_nonnull="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) ac_cv_func_malloc_0_nonnull="$gl_cross_guess_normal" ;; + esac +else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +#if defined STDC_HEADERS || defined HAVE_STDLIB_H + # include + #else + char *malloc (); + #endif + +int +main () +{ +char *p = malloc (0); + int result = !p; + free (p); + return result; + ; + return 0; +} + _ACEOF - case "$host_os" in - aix*) gl_absname_cpp="$ac_cpp -C" ;; - *) gl_absname_cpp="$ac_cpp" ;; - esac +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_func_malloc_0_nonnull=yes +else + ac_cv_func_malloc_0_nonnull=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi - case "$host_os" in - mingw*) - gl_dirsep_regex='[/\\]' + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_malloc_0_nonnull" >&5 +$as_echo "$ac_cv_func_malloc_0_nonnull" >&6; } + case "$ac_cv_func_malloc_0_nonnull" in + *yes) + gl_cv_func_malloc_0_nonnull=1 ;; *) - gl_dirsep_regex='\/' + gl_cv_func_malloc_0_nonnull=0 ;; esac - gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' - gl_header_literal_regex=`echo 'strings.h' \ - | sed -e "$gl_make_literal_regex_sed"` - gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ - s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ - s|^/[^/]|//&| - p - q - }' - - gl_cv_absolute_strings_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | - sed -n "$gl_absolute_header_sed"` - - gl_header=$gl_cv_absolute_strings_h - gl_cv_next_strings_h='"'$gl_header'"' - else - gl_cv_next_strings_h='<'strings.h'>' - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_strings_h" >&5 -$as_echo "$gl_cv_next_strings_h" >&6; } - fi - NEXT_STRINGS_H=$gl_cv_next_strings_h +cat >>confdefs.h <<_ACEOF +#define MALLOC_0_IS_NONNULL $gl_cv_func_malloc_0_nonnull +_ACEOF - if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then - # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'strings.h'>' - else - # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_strings_h - fi - NEXT_AS_FIRST_DIRECTIVE_STRINGS_H=$gl_next_as_first_directive - if test $ac_cv_header_strings_h = yes; then - HAVE_STRINGS_H=1 - else - HAVE_STRINGS_H=0 - fi -ac_fn_c_check_decl "$LINENO" "strndup" "ac_cv_have_decl_strndup" "$ac_includes_default" -if test "x$ac_cv_have_decl_strndup" = xyes; then : - ac_have_decl=1 + # Check for mmap(). Don't use AC_FUNC_MMAP, because it checks too much: it + # fails on HP-UX 11, because MAP_FIXED mappings do not work. But this is + # irrelevant for anonymous mappings. + ac_fn_c_check_func "$LINENO" "mmap" "ac_cv_func_mmap" +if test "x$ac_cv_func_mmap" = xyes; then : + gl_have_mmap=yes else - ac_have_decl=0 + gl_have_mmap=no fi -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_STRNDUP $ac_have_decl -_ACEOF + # Try to allow MAP_ANONYMOUS. + gl_have_mmap_anonymous=no + if test $gl_have_mmap = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for MAP_ANONYMOUS" >&5 +$as_echo_n "checking for MAP_ANONYMOUS... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#ifdef MAP_ANONYMOUS + I cannot identify this map +#endif -ac_fn_c_check_decl "$LINENO" "strnlen" "ac_cv_have_decl_strnlen" "$ac_includes_default" -if test "x$ac_cv_have_decl_strnlen" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "I cannot identify this map" >/dev/null 2>&1; then : + gl_have_mmap_anonymous=yes fi +rm -f conftest* + + if test $gl_have_mmap_anonymous != yes; then + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#ifdef MAP_ANON + I cannot identify this map +#endif -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_STRNLEN $ac_have_decl _ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "I cannot identify this map" >/dev/null 2>&1; then : -ac_fn_c_check_decl "$LINENO" "strtok_r" "ac_cv_have_decl_strtok_r" "$ac_includes_default" -if test "x$ac_cv_have_decl_strtok_r" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 +$as_echo "#define MAP_ANONYMOUS MAP_ANON" >>confdefs.h + + gl_have_mmap_anonymous=yes fi +rm -f conftest* -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_STRTOK_R $ac_have_decl -_ACEOF + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_have_mmap_anonymous" >&5 +$as_echo "$gl_have_mmap_anonymous" >&6; } + if test $gl_have_mmap_anonymous = yes; then + +$as_echo "#define HAVE_MAP_ANONYMOUS 1" >>confdefs.h + fi + fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct timespec in " >&5 -$as_echo_n "checking for struct timespec in ... " >&6; } -if ${gl_cv_sys_struct_timespec_in_time_h+:} false; then : + if test $HAVE_MEMCHR = 1; then + # Detect platform-specific bugs in some versions of glibc: + # memchr should not dereference anything with length 0 + # https://bugzilla.redhat.com/show_bug.cgi?id=499689 + # memchr should not dereference overestimated length after a match + # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521737 + # https://sourceware.org/bugzilla/show_bug.cgi?id=10162 + # memchr should cast the second argument to 'unsigned char'. + # This bug exists in Android 4.3. + # Assume that memchr works on platforms that lack mprotect. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether memchr works" >&5 +$as_echo_n "checking whether memchr works... " >&6; } +if ${gl_cv_func_memchr_works+:} false; then : $as_echo_n "(cached) " >&6 else + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess no on Android. + linux*-android*) gl_cv_func_memchr_works="guessing no" ;; + # Guess yes on native Windows. + mingw*) gl_cv_func_memchr_works="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_memchr_works="$gl_cross_guess_normal" ;; + esac + +else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include + +#include +#if HAVE_SYS_MMAN_H +# include +# include +# include +# include +# ifndef MAP_FILE +# define MAP_FILE 0 +# endif +#endif int main () { -static struct timespec x; x.tv_sec = x.tv_nsec; + + int result = 0; + char *fence = NULL; +#if HAVE_SYS_MMAN_H && HAVE_MPROTECT +# if HAVE_MAP_ANONYMOUS + const int flags = MAP_ANONYMOUS | MAP_PRIVATE; + const int fd = -1; +# else /* !HAVE_MAP_ANONYMOUS */ + const int flags = MAP_FILE | MAP_PRIVATE; + int fd = open ("/dev/zero", O_RDONLY, 0666); + if (fd >= 0) +# endif + { + int pagesize = getpagesize (); + char *two_pages = + (char *) mmap (NULL, 2 * pagesize, PROT_READ | PROT_WRITE, + flags, fd, 0); + if (two_pages != (char *)(-1) + && mprotect (two_pages + pagesize, pagesize, PROT_NONE) == 0) + fence = two_pages + pagesize; + } +#endif + if (fence) + { + if (memchr (fence, 0, 0)) + result |= 1; + strcpy (fence - 9, "12345678"); + if (memchr (fence - 9, 0, 79) != fence - 1) + result |= 2; + if (memchr (fence - 1, 0, 3) != fence - 1) + result |= 4; + } + /* Test against bug on Android 4.3. */ + { + char input[3]; + input[0] = 'a'; + input[1] = 'b'; + input[2] = 'c'; + if (memchr (input, 0x789abc00 | 'b', 3) != input + 1) + result |= 8; + } + return result; + ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_sys_struct_timespec_in_time_h=yes +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_memchr_works=yes else - gl_cv_sys_struct_timespec_in_time_h=no + gl_cv_func_memchr_works=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_sys_struct_timespec_in_time_h" >&5 -$as_echo "$gl_cv_sys_struct_timespec_in_time_h" >&6; } - TIME_H_DEFINES_STRUCT_TIMESPEC=0 - SYS_TIME_H_DEFINES_STRUCT_TIMESPEC=0 - PTHREAD_H_DEFINES_STRUCT_TIMESPEC=0 - UNISTD_H_DEFINES_STRUCT_TIMESPEC=0 - if test $gl_cv_sys_struct_timespec_in_time_h = yes; then - TIME_H_DEFINES_STRUCT_TIMESPEC=1 - else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct timespec in " >&5 -$as_echo_n "checking for struct timespec in ... " >&6; } -if ${gl_cv_sys_struct_timespec_in_sys_time_h+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -static struct timespec x; x.tv_sec = x.tv_nsec; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_sys_struct_timespec_in_sys_time_h=yes -else - gl_cv_sys_struct_timespec_in_sys_time_h=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_memchr_works" >&5 +$as_echo "$gl_cv_func_memchr_works" >&6; } + case "$gl_cv_func_memchr_works" in + *yes) ;; + *) REPLACE_MEMCHR=1 ;; + esac + fi + +ac_fn_c_check_decl "$LINENO" "memmem" "ac_cv_have_decl_memmem" "$ac_includes_default" +if test "x$ac_cv_have_decl_memmem" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_sys_struct_timespec_in_sys_time_h" >&5 -$as_echo "$gl_cv_sys_struct_timespec_in_sys_time_h" >&6; } - if test $gl_cv_sys_struct_timespec_in_sys_time_h = yes; then - SYS_TIME_H_DEFINES_STRUCT_TIMESPEC=1 - else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct timespec in " >&5 -$as_echo_n "checking for struct timespec in ... " >&6; } -if ${gl_cv_sys_struct_timespec_in_pthread_h+:} false; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_MEMMEM $ac_have_decl +_ACEOF + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether defines MIN and MAX" >&5 +$as_echo_n "checking whether defines MIN and MAX... " >&6; } +if ${gl_cv_minmax_in_limits_h+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include - +#include + int x = MIN (42, 17); int main () { -static struct timespec x; x.tv_sec = x.tv_nsec; + ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_sys_struct_timespec_in_pthread_h=yes + gl_cv_minmax_in_limits_h=yes else - gl_cv_sys_struct_timespec_in_pthread_h=no + gl_cv_minmax_in_limits_h=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_sys_struct_timespec_in_pthread_h" >&5 -$as_echo "$gl_cv_sys_struct_timespec_in_pthread_h" >&6; } - if test $gl_cv_sys_struct_timespec_in_pthread_h = yes; then - PTHREAD_H_DEFINES_STRUCT_TIMESPEC=1 - else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct timespec in " >&5 -$as_echo_n "checking for struct timespec in ... " >&6; } -if ${gl_cv_sys_struct_timespec_in_unistd_h+:} false; then : +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_minmax_in_limits_h" >&5 +$as_echo "$gl_cv_minmax_in_limits_h" >&6; } + if test $gl_cv_minmax_in_limits_h = yes; then + +$as_echo "#define HAVE_MINMAX_IN_LIMITS_H 1" >>confdefs.h + + fi + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether defines MIN and MAX" >&5 +$as_echo_n "checking whether defines MIN and MAX... " >&6; } +if ${gl_cv_minmax_in_sys_param_h+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include - +#include + int x = MIN (42, 17); int main () { -static struct timespec x; x.tv_sec = x.tv_nsec; + ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_sys_struct_timespec_in_unistd_h=yes + gl_cv_minmax_in_sys_param_h=yes else - gl_cv_sys_struct_timespec_in_unistd_h=no + gl_cv_minmax_in_sys_param_h=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_sys_struct_timespec_in_unistd_h" >&5 -$as_echo "$gl_cv_sys_struct_timespec_in_unistd_h" >&6; } - if test $gl_cv_sys_struct_timespec_in_unistd_h = yes; then - UNISTD_H_DEFINES_STRUCT_TIMESPEC=1 - fi - fi - fi - fi - - - - +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_minmax_in_sys_param_h" >&5 +$as_echo "$gl_cv_minmax_in_sys_param_h" >&6; } + if test $gl_cv_minmax_in_sys_param_h = yes; then +$as_echo "#define HAVE_MINMAX_IN_SYS_PARAM_H 1" >>confdefs.h + fi @@ -22552,884 +23660,3073 @@ $as_echo "$gl_cv_sys_struct_timespec_in_unistd_h" >&6; } + GNULIB_GETADDRINFO=0; + HAVE_STRUCT_ADDRINFO=1; + HAVE_DECL_FREEADDRINFO=1; + HAVE_DECL_GAI_STRERROR=1; + HAVE_DECL_GETADDRINFO=1; + HAVE_DECL_GETNAMEINFO=1; + REPLACE_GAI_STRERROR=0; + REPLACE_GETADDRINFO=0; - if test $gl_cv_have_include_next = yes; then - gl_cv_next_time_h='<'time.h'>' - else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 -$as_echo_n "checking absolute name of ... " >&6; } -if ${gl_cv_next_time_h+:} false; then : - $as_echo_n "(cached) " >&6 -else - - - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF - case "$host_os" in - aix*) gl_absname_cpp="$ac_cpp -C" ;; - *) gl_absname_cpp="$ac_cpp" ;; - esac - - case "$host_os" in - mingw*) - gl_dirsep_regex='[/\\]' - ;; - *) - gl_dirsep_regex='\/' - ;; - esac - gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' - gl_header_literal_regex=`echo 'time.h' \ - | sed -e "$gl_make_literal_regex_sed"` - gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ - s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ - s|^/[^/]|//&| - p - q - }' - - gl_cv_absolute_time_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | - sed -n "$gl_absolute_header_sed"` - - gl_header=$gl_cv_absolute_time_h - gl_cv_next_time_h='"'$gl_header'"' - - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_time_h" >&5 -$as_echo "$gl_cv_next_time_h" >&6; } - fi - NEXT_TIME_H=$gl_cv_next_time_h - - if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then - # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'time.h'>' - else - # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_time_h - fi - NEXT_AS_FIRST_DIRECTIVE_TIME_H=$gl_next_as_first_directive - - - - - - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for inttypes.h" >&5 -$as_echo_n "checking for inttypes.h... " >&6; } -if ${gl_cv_header_inttypes_h+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for O_CLOEXEC" >&5 +$as_echo_n "checking for O_CLOEXEC... " >&6; } +if ${gl_cv_macro_O_CLOEXEC+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ - -#include -#include +#include + #ifndef O_CLOEXEC + choke me; + #endif int main () { -uintmax_t i = (uintmax_t) -1; return !i; +return O_CLOEXEC; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_header_inttypes_h=yes + gl_cv_macro_O_CLOEXEC=yes else - gl_cv_header_inttypes_h=no + gl_cv_macro_O_CLOEXEC=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_inttypes_h" >&5 -$as_echo "$gl_cv_header_inttypes_h" >&6; } - if test $gl_cv_header_inttypes_h = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_macro_O_CLOEXEC" >&5 +$as_echo "$gl_cv_macro_O_CLOEXEC" >&6; } -cat >>confdefs.h <<_ACEOF -#define HAVE_INTTYPES_H_WITH_UINTMAX 1 -_ACEOF - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdint.h" >&5 -$as_echo_n "checking for stdint.h... " >&6; } -if ${gl_cv_header_stdint_h+:} false; then : + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for promoted mode_t type" >&5 +$as_echo_n "checking for promoted mode_t type... " >&6; } +if ${gl_cv_promoted_mode_t+:} false; then : $as_echo_n "(cached) " >&6 else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include - #include int main () { -uintmax_t i = (uintmax_t) -1; return !i; +typedef int array[2 * (sizeof (mode_t) < sizeof (int)) - 1]; ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_header_stdint_h=yes + gl_cv_promoted_mode_t='int' else - gl_cv_header_stdint_h=no + gl_cv_promoted_mode_t='mode_t' fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_stdint_h" >&5 -$as_echo "$gl_cv_header_stdint_h" >&6; } - if test $gl_cv_header_stdint_h = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_promoted_mode_t" >&5 +$as_echo "$gl_cv_promoted_mode_t" >&6; } cat >>confdefs.h <<_ACEOF -#define HAVE_STDINT_H_WITH_UINTMAX 1 +#define PROMOTED_MODE_T $gl_cv_promoted_mode_t _ACEOF - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for intmax_t" >&5 -$as_echo_n "checking for intmax_t... " >&6; } -if ${gt_cv_c_intmax_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#if HAVE_STDINT_H_WITH_UINTMAX -#include -#endif -#if HAVE_INTTYPES_H_WITH_UINTMAX -#include -#endif -int -main () -{ -intmax_t x = -1; return !x; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gt_cv_c_intmax_t=yes -else - gt_cv_c_intmax_t=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_c_intmax_t" >&5 -$as_echo "$gt_cv_c_intmax_t" >&6; } - if test $gt_cv_c_intmax_t = yes; then -$as_echo "#define HAVE_INTMAX_T 1" >>confdefs.h - else - test $ac_cv_type_long_long_int = yes \ - && ac_type='long long' \ - || ac_type='long' -cat >>confdefs.h <<_ACEOF -#define intmax_t $ac_type -_ACEOF - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking where to find the exponent in a 'double'" >&5 -$as_echo_n "checking where to find the exponent in a 'double'... " >&6; } -if ${gl_cv_cc_double_expbit0+:} false; then : + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether snprintf returns a byte count as in C99" >&5 +$as_echo_n "checking whether snprintf returns a byte count as in C99... " >&6; } +if ${gl_cv_func_snprintf_retval_c99+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + case "$host_os" in + # Guess yes on glibc systems. + *-gnu* | gnu*) gl_cv_func_snprintf_retval_c99="guessing yes";; + # Guess yes on musl systems. + *-musl*) gl_cv_func_snprintf_retval_c99="guessing yes";; + # Guess yes on FreeBSD >= 5. + freebsd[1-4].*) gl_cv_func_snprintf_retval_c99="guessing no";; + freebsd* | kfreebsd*) gl_cv_func_snprintf_retval_c99="guessing yes";; + # Guess yes on Mac OS X >= 10.3. + darwin[1-6].*) gl_cv_func_snprintf_retval_c99="guessing no";; + darwin*) gl_cv_func_snprintf_retval_c99="guessing yes";; + # Guess yes on OpenBSD >= 3.9. + openbsd[1-2].* | openbsd3.[0-8] | openbsd3.[0-8].*) + gl_cv_func_snprintf_retval_c99="guessing no";; + openbsd*) gl_cv_func_snprintf_retval_c99="guessing yes";; + # Guess yes on Solaris >= 2.10. + solaris2.[1-9][0-9]*) gl_cv_func_printf_sizes_c99="guessing yes";; + solaris*) gl_cv_func_printf_sizes_c99="guessing no";; + # Guess yes on AIX >= 4. + aix[1-3]*) gl_cv_func_snprintf_retval_c99="guessing no";; + aix*) gl_cv_func_snprintf_retval_c99="guessing yes";; + # Guess yes on NetBSD >= 3. + netbsd[1-2]* | netbsdelf[1-2]* | netbsdaout[1-2]* | netbsdcoff[1-2]*) + gl_cv_func_snprintf_retval_c99="guessing no";; + netbsd*) gl_cv_func_snprintf_retval_c99="guessing yes";; + # Guess yes on BeOS. + beos*) gl_cv_func_snprintf_retval_c99="guessing yes";; + # Guess yes on Android. + linux*-android*) gl_cv_func_snprintf_retval_c99="guessing yes";; + # Guess yes on MSVC, no on mingw. + mingw*) cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#if defined arm || defined __arm || defined __arm__ - mixed_endianness +#ifdef _MSC_VER + Known #endif _ACEOF if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "mixed_endianness" >/dev/null 2>&1; then : - gl_cv_cc_double_expbit0="unknown" -else - - : -if ${ac_cv_c_bigendian+:} false; then : - $as_echo_n "(cached) " >&6 + $EGREP "Known" >/dev/null 2>&1; then : + gl_cv_func_snprintf_retval_c99="guessing yes" else - ac_cv_c_bigendian=unknown - # See if we're dealing with a universal compiler. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#ifndef __APPLE_CC__ - not a universal capable compiler - #endif - typedef int dummy; + gl_cv_func_snprintf_retval_c99="guessing no" +fi +rm -f conftest* -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : + ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_snprintf_retval_c99="$gl_cross_guess_normal";; + esac - # Check for potential -arch flags. It is not universal unless - # there are at least two -arch flags with different values. - ac_arch= - ac_prev= - for ac_word in $CC $CFLAGS $CPPFLAGS $LDFLAGS; do - if test -n "$ac_prev"; then - case $ac_word in - i?86 | x86_64 | ppc | ppc64) - if test -z "$ac_arch" || test "$ac_arch" = "$ac_word"; then - ac_arch=$ac_word - else - ac_cv_c_bigendian=universal - break - fi - ;; - esac - ac_prev= - elif test "x$ac_word" = "x-arch"; then - ac_prev=arch - fi - done -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - if test $ac_cv_c_bigendian = unknown; then - # See if sys/param.h defines the BYTE_ORDER macro. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include - #include -int -main () +#include +#include +#if HAVE_SNPRINTF +# define my_snprintf snprintf +#else +# include +static int my_snprintf (char *buf, int size, const char *format, ...) { -#if ! (defined BYTE_ORDER && defined BIG_ENDIAN \ - && defined LITTLE_ENDIAN && BYTE_ORDER && BIG_ENDIAN \ - && LITTLE_ENDIAN) - bogus endian macros - #endif - - ; - return 0; + va_list args; + int ret; + va_start (args, format); + ret = vsnprintf (buf, size, format, args); + va_end (args); + return ret; } -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - # It does; now see whether it defined to BIG_ENDIAN or not. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - #include - -int -main () +#endif +static char buf[100]; +int main () { -#if BYTE_ORDER != BIG_ENDIAN - not big endian - #endif - - ; + strcpy (buf, "ABCDEF"); + if (my_snprintf (buf, 3, "%d %d", 4567, 89) != 7) + return 1; + if (my_snprintf (buf, 0, "%d %d", 4567, 89) != 7) + return 2; + if (my_snprintf (NULL, 0, "%d %d", 4567, 89) != 7) + return 3; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_c_bigendian=yes +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_snprintf_retval_c99=yes else - ac_cv_c_bigendian=no + gl_cv_func_snprintf_retval_c99=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - fi - if test $ac_cv_c_bigendian = unknown; then - # See if defines _LITTLE_ENDIAN or _BIG_ENDIAN (e.g., Solaris). - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -#if ! (defined _LITTLE_ENDIAN || defined _BIG_ENDIAN) - bogus endian macros - #endif - ; - return 0; -} +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_snprintf_retval_c99" >&5 +$as_echo "$gl_cv_func_snprintf_retval_c99" >&6; } + +ac_fn_c_check_decl "$LINENO" "snprintf" "ac_cv_have_decl_snprintf" "$ac_includes_default" +if test "x$ac_cv_have_decl_snprintf" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_SNPRINTF $ac_have_decl _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - # It does; now see whether it defined to _BIG_ENDIAN or not. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdbool.h that conforms to C99" >&5 +$as_echo_n "checking for stdbool.h that conforms to C99... " >&6; } +if ${ac_cv_header_stdbool_h+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include + + #include + + #ifdef __cplusplus + typedef bool Bool; + #else + typedef _Bool Bool; + #ifndef bool + "error: bool is not defined" + #endif + #ifndef false + "error: false is not defined" + #endif + #if false + "error: false is not 0" + #endif + #ifndef true + "error: true is not defined" + #endif + #if true != 1 + "error: true is not 1" + #endif + #endif + + #ifndef __bool_true_false_are_defined + "error: __bool_true_false_are_defined is not defined" + #endif + + struct s { Bool s: 1; Bool t; bool u: 1; bool v; } s; + + char a[true == 1 ? 1 : -1]; + char b[false == 0 ? 1 : -1]; + char c[__bool_true_false_are_defined == 1 ? 1 : -1]; + char d[(bool) 0.5 == true ? 1 : -1]; + /* See body of main program for 'e'. */ + char f[(Bool) 0.0 == false ? 1 : -1]; + char g[true]; + char h[sizeof (Bool)]; + char i[sizeof s.t]; + enum { j = false, k = true, l = false * true, m = true * 256 }; + /* The following fails for + HP aC++/ANSI C B3910B A.05.55 [Dec 04 2003]. */ + Bool n[m]; + char o[sizeof n == m * sizeof n[0] ? 1 : -1]; + char p[-1 - (Bool) 0 < 0 && -1 - (bool) 0 < 0 ? 1 : -1]; + /* Catch a bug in an HP-UX C compiler. See + https://gcc.gnu.org/ml/gcc-patches/2003-12/msg02303.html + https://lists.gnu.org/r/bug-coreutils/2005-11/msg00161.html + */ + Bool q = true; + Bool *pq = &q; + bool *qq = &q; int main () { -#ifndef _BIG_ENDIAN - not big endian - #endif + + bool e = &s; + *pq |= q; *pq |= ! q; + *qq |= q; *qq |= ! q; + /* Refer to every declared value, to avoid compiler optimizations. */ + return (!a + !b + !c + !d + !e + !f + !g + !h + !i + !!j + !k + !!l + + !m + !n + !o + !p + !q + !pq + !qq); ; return 0; } _ACEOF if ac_fn_c_try_compile "$LINENO"; then : - ac_cv_c_bigendian=yes + ac_cv_header_stdbool_h=yes else - ac_cv_c_bigendian=no + ac_cv_header_stdbool_h=no fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - fi - if test $ac_cv_c_bigendian = unknown; then - # Compile a test program. - if test "$cross_compiling" = yes; then : - # Try to guess by grepping values from an object file. - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -short int ascii_mm[] = - { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; - short int ascii_ii[] = - { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; - int use_ascii (int i) { - return ascii_mm[i] + ascii_ii[i]; - } - short int ebcdic_ii[] = - { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; - short int ebcdic_mm[] = - { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; - int use_ebcdic (int i) { - return ebcdic_mm[i] + ebcdic_ii[i]; - } - extern int foo; +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdbool_h" >&5 +$as_echo "$ac_cv_header_stdbool_h" >&6; } + ac_fn_c_check_type "$LINENO" "_Bool" "ac_cv_type__Bool" "$ac_includes_default" +if test "x$ac_cv_type__Bool" = xyes; then : -int -main () -{ -return use_ascii (foo) == use_ebcdic (foo); - ; - return 0; -} +cat >>confdefs.h <<_ACEOF +#define HAVE__BOOL 1 _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - if grep BIGenDianSyS conftest.$ac_objext >/dev/null; then - ac_cv_c_bigendian=yes - fi - if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then - if test "$ac_cv_c_bigendian" = unknown; then - ac_cv_c_bigendian=no - else - # finding both strings is unlikely to happen, but who knows? - ac_cv_c_bigendian=unknown - fi - fi + + fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + + + + REPLACE_NULL=0; + HAVE_MAX_ALIGN_T=1; + HAVE_WCHAR_T=1; + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for wchar_t" >&5 +$as_echo_n "checking for wchar_t... " >&6; } +if ${gt_cv_c_wchar_t+:} false; then : + $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default +#include + wchar_t foo = (wchar_t)'\0'; int main () { - /* Are we little or big endian? From Harbison&Steele. */ - union - { - long int l; - char c[sizeof (long int)]; - } u; - u.l = 1; - return u.c[sizeof (long int) - 1] == 1; - ; return 0; } _ACEOF -if ac_fn_c_try_run "$LINENO"; then : - ac_cv_c_bigendian=no +if ac_fn_c_try_compile "$LINENO"; then : + gt_cv_c_wchar_t=yes else - ac_cv_c_bigendian=yes + gt_cv_c_wchar_t=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_c_wchar_t" >&5 +$as_echo "$gt_cv_c_wchar_t" >&6; } + if test $gt_cv_c_wchar_t = yes; then - fi -fi -: - case $ac_cv_c_bigendian in #( - yes) - gl_cv_cc_double_expbit0="word 0 bit 20";; #( - no) - gl_cv_cc_double_expbit0="word 1 bit 20" ;; #( - universal) +$as_echo "#define HAVE_WCHAR_T 1" >>confdefs.h -$as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h + fi + + + GNULIB_FFS=0; + HAVE_FFS=1; + HAVE_STRCASECMP=1; + HAVE_DECL_STRNCASECMP=1; - ;; #( - *) - gl_cv_cc_double_expbit0="unknown" ;; - esac +ac_fn_c_check_decl "$LINENO" "strdup" "ac_cv_have_decl_strdup" "$ac_includes_default" +if test "x$ac_cv_have_decl_strdup" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 fi -rm -f conftest* + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_STRDUP $ac_have_decl +_ACEOF + + + + + + + + + + if test $gl_cv_have_include_next = yes; then + gl_cv_next_string_h='<'string.h'>' + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_string_h+:} false; then : + $as_echo_n "(cached) " >&6 else + + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ - -#include -#include -#include #include -#define NWORDS \ - ((sizeof (double) + sizeof (unsigned int) - 1) / sizeof (unsigned int)) -typedef union { double value; unsigned int word[NWORDS]; } memory_double; -static unsigned int ored_words[NWORDS]; -static unsigned int anded_words[NWORDS]; -static void add_to_ored_words (double x) -{ - memory_double m; - size_t i; - /* Clear it first, in case sizeof (double) < sizeof (memory_double). */ - memset (&m, 0, sizeof (memory_double)); - m.value = x; - for (i = 0; i < NWORDS; i++) - { - ored_words[i] |= m.word[i]; - anded_words[i] &= m.word[i]; - } -} -int main () -{ - size_t j; - FILE *fp = fopen ("conftest.out", "w"); - if (fp == NULL) - return 1; - for (j = 0; j < NWORDS; j++) - anded_words[j] = ~ (unsigned int) 0; - add_to_ored_words (0.25); - add_to_ored_words (0.5); - add_to_ored_words (1.0); - add_to_ored_words (2.0); - add_to_ored_words (4.0); - /* Remove bits that are common (e.g. if representation of the first mantissa - bit is explicit). */ - for (j = 0; j < NWORDS; j++) - ored_words[j] &= ~anded_words[j]; - /* Now find the nonzero word. */ - for (j = 0; j < NWORDS; j++) - if (ored_words[j] != 0) - break; - if (j < NWORDS) - { - size_t i; - for (i = j + 1; i < NWORDS; i++) - if (ored_words[i] != 0) - { - fprintf (fp, "unknown"); - return (fclose (fp) != 0); - } - for (i = 0; ; i++) - if ((ored_words[j] >> i) & 1) - { - fprintf (fp, "word %d bit %d", (int) j, (int) i); - return (fclose (fp) != 0); - } - } - fprintf (fp, "unknown"); - return (fclose (fp) != 0); -} - _ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_cc_double_expbit0=`cat conftest.out` -else - gl_cv_cc_double_expbit0="unknown" -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi + case "$host_os" in + aix*) gl_absname_cpp="$ac_cpp -C" ;; + *) gl_absname_cpp="$ac_cpp" ;; + esac + + case "$host_os" in + mingw*) + gl_dirsep_regex='[/\\]' + ;; + *) + gl_dirsep_regex='\/' + ;; + esac + gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' + gl_header_literal_regex=`echo 'string.h' \ + | sed -e "$gl_make_literal_regex_sed"` + gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ + s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ + s|^/[^/]|//&| + p + q + }' + + gl_cv_absolute_string_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + sed -n "$gl_absolute_header_sed"` + + gl_header=$gl_cv_absolute_string_h + gl_cv_next_string_h='"'$gl_header'"' - rm -f conftest.out fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_cc_double_expbit0" >&5 -$as_echo "$gl_cv_cc_double_expbit0" >&6; } - case "$gl_cv_cc_double_expbit0" in - word*bit*) - word=`echo "$gl_cv_cc_double_expbit0" | sed -e 's/word //' -e 's/ bit.*//'` - bit=`echo "$gl_cv_cc_double_expbit0" | sed -e 's/word.*bit //'` +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_string_h" >&5 +$as_echo "$gl_cv_next_string_h" >&6; } + fi + NEXT_STRING_H=$gl_cv_next_string_h -cat >>confdefs.h <<_ACEOF -#define DBL_EXPBIT0_WORD $word -_ACEOF + if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' + gl_next_as_first_directive='<'string.h'>' + else + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' + gl_next_as_first_directive=$gl_cv_next_string_h + fi + NEXT_AS_FIRST_DIRECTIVE_STRING_H=$gl_next_as_first_directive -cat >>confdefs.h <<_ACEOF -#define DBL_EXPBIT0_BIT $bit -_ACEOF - ;; - esac - for ac_func in snprintf strnlen wcslen wcsnlen mbrtowc wcrtomb -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF -fi -done - ac_fn_c_check_decl "$LINENO" "_snprintf" "ac_cv_have_decl__snprintf" "#include -" -if test "x$ac_cv_have_decl__snprintf" = xyes; then : - ac_have_decl=1 + + + + + + + + + + + + + + + if test $gl_cv_have_include_next = yes; then + gl_cv_next_strings_h='<'strings.h'>' + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_strings_h+:} false; then : + $as_echo_n "(cached) " >&6 else - ac_have_decl=0 -fi -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL__SNPRINTF $ac_have_decl -_ACEOF + if test $ac_cv_header_strings_h = yes; then - case "$gl_cv_func_snprintf_retval_c99" in - *yes) -$as_echo "#define HAVE_SNPRINTF_RETVAL_C99 1" >>confdefs.h + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF + case "$host_os" in + aix*) gl_absname_cpp="$ac_cpp -C" ;; + *) gl_absname_cpp="$ac_cpp" ;; + esac + case "$host_os" in + mingw*) + gl_dirsep_regex='[/\\]' + ;; + *) + gl_dirsep_regex='\/' ;; esac + gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' + gl_header_literal_regex=`echo 'strings.h' \ + | sed -e "$gl_make_literal_regex_sed"` + gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ + s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ + s|^/[^/]|//&| + p + q + }' + gl_cv_absolute_strings_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + sed -n "$gl_absolute_header_sed"` - XGETTEXT_EXTRA_OPTIONS= + gl_header=$gl_cv_absolute_strings_h + gl_cv_next_strings_h='"'$gl_header'"' + else + gl_cv_next_strings_h='<'strings.h'>' + fi -ac_fn_c_check_decl "$LINENO" "vsnprintf" "ac_cv_have_decl_vsnprintf" "$ac_includes_default" -if test "x$ac_cv_have_decl_vsnprintf" = xyes; then : + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_strings_h" >&5 +$as_echo "$gl_cv_next_strings_h" >&6; } + fi + NEXT_STRINGS_H=$gl_cv_next_strings_h + + if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' + gl_next_as_first_directive='<'strings.h'>' + else + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' + gl_next_as_first_directive=$gl_cv_next_strings_h + fi + NEXT_AS_FIRST_DIRECTIVE_STRINGS_H=$gl_next_as_first_directive + + + + + if test $ac_cv_header_strings_h = yes; then + HAVE_STRINGS_H=1 + else + HAVE_STRINGS_H=0 + fi + + + + + + +ac_fn_c_check_decl "$LINENO" "strndup" "ac_cv_have_decl_strndup" "$ac_includes_default" +if test "x$ac_cv_have_decl_strndup" = xyes; then : ac_have_decl=1 else ac_have_decl=0 fi cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_VSNPRINTF $ac_have_decl +#define HAVE_DECL_STRNDUP $ac_have_decl _ACEOF - GNULIB_BTOWC=0; - GNULIB_WCTOB=0; - GNULIB_MBSINIT=0; - GNULIB_MBRTOWC=0; - GNULIB_MBRLEN=0; - GNULIB_MBSRTOWCS=0; - GNULIB_MBSNRTOWCS=0; - GNULIB_WCRTOMB=0; - GNULIB_WCSRTOMBS=0; - GNULIB_WCSNRTOMBS=0; - GNULIB_WCWIDTH=0; - GNULIB_WMEMCHR=0; - GNULIB_WMEMCMP=0; - GNULIB_WMEMCPY=0; - GNULIB_WMEMMOVE=0; - GNULIB_WMEMSET=0; - GNULIB_WCSLEN=0; - GNULIB_WCSNLEN=0; - GNULIB_WCSCPY=0; - GNULIB_WCPCPY=0; - GNULIB_WCSNCPY=0; - GNULIB_WCPNCPY=0; - GNULIB_WCSCAT=0; - GNULIB_WCSNCAT=0; - GNULIB_WCSCMP=0; - GNULIB_WCSNCMP=0; - GNULIB_WCSCASECMP=0; - GNULIB_WCSNCASECMP=0; - GNULIB_WCSCOLL=0; - GNULIB_WCSXFRM=0; - GNULIB_WCSDUP=0; - GNULIB_WCSCHR=0; - GNULIB_WCSRCHR=0; - GNULIB_WCSCSPN=0; - GNULIB_WCSSPN=0; - GNULIB_WCSPBRK=0; - GNULIB_WCSSTR=0; - GNULIB_WCSTOK=0; - GNULIB_WCSWIDTH=0; - GNULIB_WCSFTIME=0; - HAVE_BTOWC=1; - HAVE_MBSINIT=1; - HAVE_MBRTOWC=1; - HAVE_MBRLEN=1; - HAVE_MBSRTOWCS=1; - HAVE_MBSNRTOWCS=1; - HAVE_WCRTOMB=1; - HAVE_WCSRTOMBS=1; - HAVE_WCSNRTOMBS=1; - HAVE_WMEMCHR=1; - HAVE_WMEMCMP=1; - HAVE_WMEMCPY=1; - HAVE_WMEMMOVE=1; - HAVE_WMEMSET=1; - HAVE_WCSLEN=1; - HAVE_WCSNLEN=1; - HAVE_WCSCPY=1; - HAVE_WCPCPY=1; - HAVE_WCSNCPY=1; - HAVE_WCPNCPY=1; - HAVE_WCSCAT=1; - HAVE_WCSNCAT=1; - HAVE_WCSCMP=1; - HAVE_WCSNCMP=1; - HAVE_WCSCASECMP=1; - HAVE_WCSNCASECMP=1; - HAVE_WCSCOLL=1; - HAVE_WCSXFRM=1; - HAVE_WCSDUP=1; - HAVE_WCSCHR=1; - HAVE_WCSRCHR=1; - HAVE_WCSCSPN=1; - HAVE_WCSSPN=1; - HAVE_WCSPBRK=1; - HAVE_WCSSTR=1; - HAVE_WCSTOK=1; - HAVE_WCSWIDTH=1; - HAVE_WCSFTIME=1; - HAVE_DECL_WCTOB=1; - HAVE_DECL_WCWIDTH=1; - REPLACE_MBSTATE_T=0; - REPLACE_BTOWC=0; - REPLACE_WCTOB=0; - REPLACE_MBSINIT=0; - REPLACE_MBRTOWC=0; - REPLACE_MBRLEN=0; - REPLACE_MBSRTOWCS=0; - REPLACE_MBSNRTOWCS=0; - REPLACE_WCRTOMB=0; - REPLACE_WCSRTOMBS=0; - REPLACE_WCSNRTOMBS=0; - REPLACE_WCWIDTH=0; - REPLACE_WCSWIDTH=0; - REPLACE_WCSFTIME=0; - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether uses 'inline' correctly" >&5 -$as_echo_n "checking whether uses 'inline' correctly... " >&6; } -if ${gl_cv_header_wchar_h_correct_inline+:} false; then : - $as_echo_n "(cached) " >&6 +ac_fn_c_check_decl "$LINENO" "strnlen" "ac_cv_have_decl_strnlen" "$ac_includes_default" +if test "x$ac_cv_have_decl_strnlen" = xyes; then : + ac_have_decl=1 else - gl_cv_header_wchar_h_correct_inline=yes - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #define wcstod renamed_wcstod -/* Tru64 with Desktop Toolkit C has a bug: must be included before - . - BSD/OS 4.0.1 has a bug: , and must be - included before . */ -#include -#include -#include -#include -extern int zero (void); -int main () { return zero(); } - -_ACEOF - save_ac_compile="$ac_compile" - ac_compile=`echo "$save_ac_compile" | sed s/conftest/conftest1/` - if echo '#include "conftest.c"' >conftest1.c && - { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #define wcstod renamed_wcstod -/* Tru64 with Desktop Toolkit C has a bug: must be included before - . - BSD/OS 4.0.1 has a bug: , and must be - included before . */ -#include -#include -#include -#include -int zero (void) { return 0; } + ac_have_decl=0 +fi +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_STRNLEN $ac_have_decl _ACEOF - ac_compile=`echo "$save_ac_compile" | sed s/conftest/conftest2/` - if echo '#include "conftest.c"' >conftest2.c && - { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; then - if $CC -o conftest$ac_exeext $CFLAGS $LDFLAGS conftest1.$ac_objext conftest2.$ac_objext $LIBS >&5 2>&1; then - : - else - gl_cv_header_wchar_h_correct_inline=no - fi - fi - fi - ac_compile="$save_ac_compile" - rm -f conftest12.c conftest12.$ac_objext conftest$ac_exeext +ac_fn_c_check_decl "$LINENO" "strtok_r" "ac_cv_have_decl_strtok_r" "$ac_includes_default" +if test "x$ac_cv_have_decl_strtok_r" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_wchar_h_correct_inline" >&5 -$as_echo "$gl_cv_header_wchar_h_correct_inline" >&6; } - if test $gl_cv_header_wchar_h_correct_inline = no; then - as_fn_error $? " cannot be used with this compiler ($CC $CFLAGS $CPPFLAGS). -This is a known interoperability problem of glibc <= 2.5 with gcc >= 4.3 in -C99 mode. You have four options: - - Add the flag -fgnu89-inline to CC and reconfigure, or - - Fix your include files, using parts of - , or - - Use a gcc version older than 4.3, or - - Don't use the flags -std=c99 or -std=gnu99. -Configuration aborted." "$LINENO" 5 - fi +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_STRTOK_R $ac_have_decl +_ACEOF - if test $ac_cv_header_crtdefs_h = yes; then - HAVE_CRTDEFS_H=1 - else - HAVE_CRTDEFS_H=0 - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for nl_langinfo and CODESET" >&5 -$as_echo_n "checking for nl_langinfo and CODESET... " >&6; } -if ${am_cv_langinfo_codeset+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct timespec in " >&5 +$as_echo_n "checking for struct timespec in ... " >&6; } +if ${gl_cv_sys_struct_timespec_in_time_h+:} false; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +#include + int main () { -char* cs = nl_langinfo(CODESET); return !cs; +static struct timespec x; x.tv_sec = x.tv_nsec; ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : - am_cv_langinfo_codeset=yes +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_sys_struct_timespec_in_time_h=yes else - am_cv_langinfo_codeset=no + gl_cv_sys_struct_timespec_in_time_h=no fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_langinfo_codeset" >&5 -$as_echo "$am_cv_langinfo_codeset" >&6; } - if test $am_cv_langinfo_codeset = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_sys_struct_timespec_in_time_h" >&5 +$as_echo "$gl_cv_sys_struct_timespec_in_time_h" >&6; } + + TIME_H_DEFINES_STRUCT_TIMESPEC=0 + SYS_TIME_H_DEFINES_STRUCT_TIMESPEC=0 + PTHREAD_H_DEFINES_STRUCT_TIMESPEC=0 + UNISTD_H_DEFINES_STRUCT_TIMESPEC=0 + if test $gl_cv_sys_struct_timespec_in_time_h = yes; then + TIME_H_DEFINES_STRUCT_TIMESPEC=1 + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct timespec in " >&5 +$as_echo_n "checking for struct timespec in ... " >&6; } +if ${gl_cv_sys_struct_timespec_in_sys_time_h+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main () +{ +static struct timespec x; x.tv_sec = x.tv_nsec; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_sys_struct_timespec_in_sys_time_h=yes +else + gl_cv_sys_struct_timespec_in_sys_time_h=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_sys_struct_timespec_in_sys_time_h" >&5 +$as_echo "$gl_cv_sys_struct_timespec_in_sys_time_h" >&6; } + if test $gl_cv_sys_struct_timespec_in_sys_time_h = yes; then + SYS_TIME_H_DEFINES_STRUCT_TIMESPEC=1 + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct timespec in " >&5 +$as_echo_n "checking for struct timespec in ... " >&6; } +if ${gl_cv_sys_struct_timespec_in_pthread_h+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main () +{ +static struct timespec x; x.tv_sec = x.tv_nsec; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_sys_struct_timespec_in_pthread_h=yes +else + gl_cv_sys_struct_timespec_in_pthread_h=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_sys_struct_timespec_in_pthread_h" >&5 +$as_echo "$gl_cv_sys_struct_timespec_in_pthread_h" >&6; } + if test $gl_cv_sys_struct_timespec_in_pthread_h = yes; then + PTHREAD_H_DEFINES_STRUCT_TIMESPEC=1 + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for struct timespec in " >&5 +$as_echo_n "checking for struct timespec in ... " >&6; } +if ${gl_cv_sys_struct_timespec_in_unistd_h+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main () +{ +static struct timespec x; x.tv_sec = x.tv_nsec; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_sys_struct_timespec_in_unistd_h=yes +else + gl_cv_sys_struct_timespec_in_unistd_h=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_sys_struct_timespec_in_unistd_h" >&5 +$as_echo "$gl_cv_sys_struct_timespec_in_unistd_h" >&6; } + if test $gl_cv_sys_struct_timespec_in_unistd_h = yes; then + UNISTD_H_DEFINES_STRUCT_TIMESPEC=1 + fi + fi + fi + fi + + + + + + + + + + + + + + + + + if test $gl_cv_have_include_next = yes; then + gl_cv_next_time_h='<'time.h'>' + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_time_h+:} false; then : + $as_echo_n "(cached) " >&6 +else + + + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF + case "$host_os" in + aix*) gl_absname_cpp="$ac_cpp -C" ;; + *) gl_absname_cpp="$ac_cpp" ;; + esac + + case "$host_os" in + mingw*) + gl_dirsep_regex='[/\\]' + ;; + *) + gl_dirsep_regex='\/' + ;; + esac + gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' + gl_header_literal_regex=`echo 'time.h' \ + | sed -e "$gl_make_literal_regex_sed"` + gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ + s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ + s|^/[^/]|//&| + p + q + }' + + gl_cv_absolute_time_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + sed -n "$gl_absolute_header_sed"` + + gl_header=$gl_cv_absolute_time_h + gl_cv_next_time_h='"'$gl_header'"' + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_time_h" >&5 +$as_echo "$gl_cv_next_time_h" >&6; } + fi + NEXT_TIME_H=$gl_cv_next_time_h + + if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' + gl_next_as_first_directive='<'time.h'>' + else + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' + gl_next_as_first_directive=$gl_cv_next_time_h + fi + NEXT_AS_FIRST_DIRECTIVE_TIME_H=$gl_next_as_first_directive + + + + + + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for inttypes.h" >&5 +$as_echo_n "checking for inttypes.h... " >&6; } +if ${gl_cv_header_inttypes_h+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include + +int +main () +{ +uintmax_t i = (uintmax_t) -1; return !i; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_header_inttypes_h=yes +else + gl_cv_header_inttypes_h=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_inttypes_h" >&5 +$as_echo "$gl_cv_header_inttypes_h" >&6; } + if test $gl_cv_header_inttypes_h = yes; then + +cat >>confdefs.h <<_ACEOF +#define HAVE_INTTYPES_H_WITH_UINTMAX 1 +_ACEOF + + fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for stdint.h" >&5 +$as_echo_n "checking for stdint.h... " >&6; } +if ${gl_cv_header_stdint_h+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include +int +main () +{ +uintmax_t i = (uintmax_t) -1; return !i; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_header_stdint_h=yes +else + gl_cv_header_stdint_h=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_stdint_h" >&5 +$as_echo "$gl_cv_header_stdint_h" >&6; } + if test $gl_cv_header_stdint_h = yes; then + +cat >>confdefs.h <<_ACEOF +#define HAVE_STDINT_H_WITH_UINTMAX 1 +_ACEOF + + fi + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for intmax_t" >&5 +$as_echo_n "checking for intmax_t... " >&6; } +if ${gt_cv_c_intmax_t+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#if HAVE_STDINT_H_WITH_UINTMAX +#include +#endif +#if HAVE_INTTYPES_H_WITH_UINTMAX +#include +#endif + +int +main () +{ +intmax_t x = -1; return !x; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gt_cv_c_intmax_t=yes +else + gt_cv_c_intmax_t=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_c_intmax_t" >&5 +$as_echo "$gt_cv_c_intmax_t" >&6; } + if test $gt_cv_c_intmax_t = yes; then + +$as_echo "#define HAVE_INTMAX_T 1" >>confdefs.h + + else + +cat >>confdefs.h <<_ACEOF +#define intmax_t long long +_ACEOF + + fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking where to find the exponent in a 'double'" >&5 +$as_echo_n "checking where to find the exponent in a 'double'... " >&6; } +if ${gl_cv_cc_double_expbit0+:} false; then : + $as_echo_n "(cached) " >&6 +else + + if test "$cross_compiling" = yes; then : + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#if defined arm || defined __arm || defined __arm__ + mixed_endianness +#endif + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "mixed_endianness" >/dev/null 2>&1; then : + gl_cv_cc_double_expbit0="unknown" +else + + : +if ${ac_cv_c_bigendian+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_c_bigendian=unknown + # See if we're dealing with a universal compiler. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifndef __APPLE_CC__ + not a universal capable compiler + #endif + typedef int dummy; + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + + # Check for potential -arch flags. It is not universal unless + # there are at least two -arch flags with different values. + ac_arch= + ac_prev= + for ac_word in $CC $CFLAGS $CPPFLAGS $LDFLAGS; do + if test -n "$ac_prev"; then + case $ac_word in + i?86 | x86_64 | ppc | ppc64) + if test -z "$ac_arch" || test "$ac_arch" = "$ac_word"; then + ac_arch=$ac_word + else + ac_cv_c_bigendian=universal + break + fi + ;; + esac + ac_prev= + elif test "x$ac_word" = "x-arch"; then + ac_prev=arch + fi + done +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + if test $ac_cv_c_bigendian = unknown; then + # See if sys/param.h defines the BYTE_ORDER macro. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + +int +main () +{ +#if ! (defined BYTE_ORDER && defined BIG_ENDIAN \ + && defined LITTLE_ENDIAN && BYTE_ORDER && BIG_ENDIAN \ + && LITTLE_ENDIAN) + bogus endian macros + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + # It does; now see whether it defined to BIG_ENDIAN or not. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + +int +main () +{ +#if BYTE_ORDER != BIG_ENDIAN + not big endian + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_bigendian=yes +else + ac_cv_c_bigendian=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + fi + if test $ac_cv_c_bigendian = unknown; then + # See if defines _LITTLE_ENDIAN or _BIG_ENDIAN (e.g., Solaris). + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main () +{ +#if ! (defined _LITTLE_ENDIAN || defined _BIG_ENDIAN) + bogus endian macros + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + # It does; now see whether it defined to _BIG_ENDIAN or not. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main () +{ +#ifndef _BIG_ENDIAN + not big endian + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_bigendian=yes +else + ac_cv_c_bigendian=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + fi + if test $ac_cv_c_bigendian = unknown; then + # Compile a test program. + if test "$cross_compiling" = yes; then : + # Try to guess by grepping values from an object file. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +short int ascii_mm[] = + { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; + short int ascii_ii[] = + { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; + int use_ascii (int i) { + return ascii_mm[i] + ascii_ii[i]; + } + short int ebcdic_ii[] = + { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; + short int ebcdic_mm[] = + { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; + int use_ebcdic (int i) { + return ebcdic_mm[i] + ebcdic_ii[i]; + } + extern int foo; + +int +main () +{ +return use_ascii (foo) == use_ebcdic (foo); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + if grep BIGenDianSyS conftest.$ac_objext >/dev/null; then + ac_cv_c_bigendian=yes + fi + if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then + if test "$ac_cv_c_bigendian" = unknown; then + ac_cv_c_bigendian=no + else + # finding both strings is unlikely to happen, but who knows? + ac_cv_c_bigendian=unknown + fi + fi +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +int +main () +{ + + /* Are we little or big endian? From Harbison&Steele. */ + union + { + long int l; + char c[sizeof (long int)]; + } u; + u.l = 1; + return u.c[sizeof (long int) - 1] == 1; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_c_bigendian=no +else + ac_cv_c_bigendian=yes +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + fi +fi +: + case $ac_cv_c_bigendian in #( + yes) + gl_cv_cc_double_expbit0="word 0 bit 20";; #( + no) + gl_cv_cc_double_expbit0="word 1 bit 20" ;; #( + universal) + +$as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h + + ;; #( + *) + gl_cv_cc_double_expbit0="unknown" ;; + esac + + +fi +rm -f conftest* + + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#define NWORDS \ + ((sizeof (double) + sizeof (unsigned int) - 1) / sizeof (unsigned int)) +typedef union { double value; unsigned int word[NWORDS]; } memory_double; +static unsigned int ored_words[NWORDS]; +static unsigned int anded_words[NWORDS]; +static void add_to_ored_words (double x) +{ + memory_double m; + size_t i; + /* Clear it first, in case sizeof (double) < sizeof (memory_double). */ + memset (&m, 0, sizeof (memory_double)); + m.value = x; + for (i = 0; i < NWORDS; i++) + { + ored_words[i] |= m.word[i]; + anded_words[i] &= m.word[i]; + } +} +int main () +{ + size_t j; + FILE *fp = fopen ("conftest.out", "w"); + if (fp == NULL) + return 1; + for (j = 0; j < NWORDS; j++) + anded_words[j] = ~ (unsigned int) 0; + add_to_ored_words (0.25); + add_to_ored_words (0.5); + add_to_ored_words (1.0); + add_to_ored_words (2.0); + add_to_ored_words (4.0); + /* Remove bits that are common (e.g. if representation of the first mantissa + bit is explicit). */ + for (j = 0; j < NWORDS; j++) + ored_words[j] &= ~anded_words[j]; + /* Now find the nonzero word. */ + for (j = 0; j < NWORDS; j++) + if (ored_words[j] != 0) + break; + if (j < NWORDS) + { + size_t i; + for (i = j + 1; i < NWORDS; i++) + if (ored_words[i] != 0) + { + fprintf (fp, "unknown"); + return (fclose (fp) != 0); + } + for (i = 0; ; i++) + if ((ored_words[j] >> i) & 1) + { + fprintf (fp, "word %d bit %d", (int) j, (int) i); + return (fclose (fp) != 0); + } + } + fprintf (fp, "unknown"); + return (fclose (fp) != 0); +} + +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_cc_double_expbit0=`cat conftest.out` +else + gl_cv_cc_double_expbit0="unknown" +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + rm -f conftest.out + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_cc_double_expbit0" >&5 +$as_echo "$gl_cv_cc_double_expbit0" >&6; } + case "$gl_cv_cc_double_expbit0" in + word*bit*) + word=`echo "$gl_cv_cc_double_expbit0" | sed -e 's/word //' -e 's/ bit.*//'` + bit=`echo "$gl_cv_cc_double_expbit0" | sed -e 's/word.*bit //'` + +cat >>confdefs.h <<_ACEOF +#define DBL_EXPBIT0_WORD $word +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define DBL_EXPBIT0_BIT $bit +_ACEOF + + ;; + esac + + + + + + for ac_func in snprintf strnlen wcslen wcsnlen mbrtowc wcrtomb +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + + ac_fn_c_check_decl "$LINENO" "_snprintf" "ac_cv_have_decl__snprintf" "#include +" +if test "x$ac_cv_have_decl__snprintf" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL__SNPRINTF $ac_have_decl +_ACEOF + + + + case "$gl_cv_func_snprintf_retval_c99" in + *yes) + +$as_echo "#define HAVE_SNPRINTF_RETVAL_C99 1" >>confdefs.h + + ;; + esac + + + XGETTEXT_EXTRA_OPTIONS= + +ac_fn_c_check_decl "$LINENO" "vsnprintf" "ac_cv_have_decl_vsnprintf" "$ac_includes_default" +if test "x$ac_cv_have_decl_vsnprintf" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_VSNPRINTF $ac_have_decl +_ACEOF + + + GNULIB_BTOWC=0; + GNULIB_WCTOB=0; + GNULIB_MBSINIT=0; + GNULIB_MBRTOWC=0; + GNULIB_MBRLEN=0; + GNULIB_MBSRTOWCS=0; + GNULIB_MBSNRTOWCS=0; + GNULIB_WCRTOMB=0; + GNULIB_WCSRTOMBS=0; + GNULIB_WCSNRTOMBS=0; + GNULIB_WCWIDTH=0; + GNULIB_WMEMCHR=0; + GNULIB_WMEMCMP=0; + GNULIB_WMEMCPY=0; + GNULIB_WMEMMOVE=0; + GNULIB_WMEMSET=0; + GNULIB_WCSLEN=0; + GNULIB_WCSNLEN=0; + GNULIB_WCSCPY=0; + GNULIB_WCPCPY=0; + GNULIB_WCSNCPY=0; + GNULIB_WCPNCPY=0; + GNULIB_WCSCAT=0; + GNULIB_WCSNCAT=0; + GNULIB_WCSCMP=0; + GNULIB_WCSNCMP=0; + GNULIB_WCSCASECMP=0; + GNULIB_WCSNCASECMP=0; + GNULIB_WCSCOLL=0; + GNULIB_WCSXFRM=0; + GNULIB_WCSDUP=0; + GNULIB_WCSCHR=0; + GNULIB_WCSRCHR=0; + GNULIB_WCSCSPN=0; + GNULIB_WCSSPN=0; + GNULIB_WCSPBRK=0; + GNULIB_WCSSTR=0; + GNULIB_WCSTOK=0; + GNULIB_WCSWIDTH=0; + GNULIB_WCSFTIME=0; + HAVE_BTOWC=1; + HAVE_MBSINIT=1; + HAVE_MBRTOWC=1; + HAVE_MBRLEN=1; + HAVE_MBSRTOWCS=1; + HAVE_MBSNRTOWCS=1; + HAVE_WCRTOMB=1; + HAVE_WCSRTOMBS=1; + HAVE_WCSNRTOMBS=1; + HAVE_WMEMCHR=1; + HAVE_WMEMCMP=1; + HAVE_WMEMCPY=1; + HAVE_WMEMMOVE=1; + HAVE_WMEMSET=1; + HAVE_WCSLEN=1; + HAVE_WCSNLEN=1; + HAVE_WCSCPY=1; + HAVE_WCPCPY=1; + HAVE_WCSNCPY=1; + HAVE_WCPNCPY=1; + HAVE_WCSCAT=1; + HAVE_WCSNCAT=1; + HAVE_WCSCMP=1; + HAVE_WCSNCMP=1; + HAVE_WCSCASECMP=1; + HAVE_WCSNCASECMP=1; + HAVE_WCSCOLL=1; + HAVE_WCSXFRM=1; + HAVE_WCSDUP=1; + HAVE_WCSCHR=1; + HAVE_WCSRCHR=1; + HAVE_WCSCSPN=1; + HAVE_WCSSPN=1; + HAVE_WCSPBRK=1; + HAVE_WCSSTR=1; + HAVE_WCSTOK=1; + HAVE_WCSWIDTH=1; + HAVE_WCSFTIME=1; + HAVE_DECL_WCTOB=1; + HAVE_DECL_WCWIDTH=1; + REPLACE_MBSTATE_T=0; + REPLACE_BTOWC=0; + REPLACE_WCTOB=0; + REPLACE_MBSINIT=0; + REPLACE_MBRTOWC=0; + REPLACE_MBRLEN=0; + REPLACE_MBSRTOWCS=0; + REPLACE_MBSNRTOWCS=0; + REPLACE_WCRTOMB=0; + REPLACE_WCSRTOMBS=0; + REPLACE_WCSNRTOMBS=0; + REPLACE_WCWIDTH=0; + REPLACE_WCSWIDTH=0; + REPLACE_WCSFTIME=0; + REPLACE_WCSTOK=0; + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether uses 'inline' correctly" >&5 +$as_echo_n "checking whether uses 'inline' correctly... " >&6; } +if ${gl_cv_header_wchar_h_correct_inline+:} false; then : + $as_echo_n "(cached) " >&6 +else + gl_cv_header_wchar_h_correct_inline=yes + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #define wcstod renamed_wcstod +/* Tru64 with Desktop Toolkit C has a bug: must be included before + . + BSD/OS 4.0.1 has a bug: , and must be + included before . */ +#include +#include +#include +#include +extern int zero (void); +int main () { return zero(); } + +_ACEOF + save_ac_compile="$ac_compile" + ac_compile=`echo "$save_ac_compile" | sed s/conftest/conftest1/` + if echo '#include "conftest.c"' >conftest1.c && + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #define wcstod renamed_wcstod +/* Tru64 with Desktop Toolkit C has a bug: must be included before + . + BSD/OS 4.0.1 has a bug: , and must be + included before . */ +#include +#include +#include +#include +int zero (void) { return 0; } + +_ACEOF + ac_compile=`echo "$save_ac_compile" | sed s/conftest/conftest2/` + if echo '#include "conftest.c"' >conftest2.c && + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + if $CC -o conftest$ac_exeext $CFLAGS $LDFLAGS conftest1.$ac_objext conftest2.$ac_objext $LIBS >&5 2>&1; then + : + else + gl_cv_header_wchar_h_correct_inline=no + fi + fi + fi + ac_compile="$save_ac_compile" + rm -f conftest12.c conftest12.$ac_objext conftest$ac_exeext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_wchar_h_correct_inline" >&5 +$as_echo "$gl_cv_header_wchar_h_correct_inline" >&6; } + if test $gl_cv_header_wchar_h_correct_inline = no; then + as_fn_error $? " cannot be used with this compiler ($CC $CFLAGS $CPPFLAGS). +This is a known interoperability problem of glibc <= 2.5 with gcc >= 4.3 in +C99 mode. You have four options: + - Add the flag -fgnu89-inline to CC and reconfigure, or + - Fix your include files, using parts of + , or + - Use a gcc version older than 4.3, or + - Don't use the flags -std=c99 or -std=gnu99. +Configuration aborted." "$LINENO" 5 + fi + + + + + + if test $ac_cv_header_crtdefs_h = yes; then + HAVE_CRTDEFS_H=1 + else + HAVE_CRTDEFS_H=0 + fi + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for nl_langinfo and CODESET" >&5 +$as_echo_n "checking for nl_langinfo and CODESET... " >&6; } +if ${am_cv_langinfo_codeset+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +char* cs = nl_langinfo(CODESET); return !cs; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + am_cv_langinfo_codeset=yes +else + am_cv_langinfo_codeset=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_langinfo_codeset" >&5 +$as_echo "$am_cv_langinfo_codeset" >&6; } + if test $am_cv_langinfo_codeset = yes; then $as_echo "#define HAVE_LANGINFO_CODESET 1" >>confdefs.h fi - GNULIB_ISBLANK=0; - HAVE_ISBLANK=1; + GNULIB_ISBLANK=0; + HAVE_ISBLANK=1; + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if environ is properly declared" >&5 +$as_echo_n "checking if environ is properly declared... " >&6; } +if ${gt_cv_var_environ_declaration+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#if HAVE_UNISTD_H + #include + #endif + /* mingw, BeOS, Haiku declare environ in , not in . */ + #include + + extern struct { int foo; } environ; +int +main () +{ +environ.foo = 1; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gt_cv_var_environ_declaration=no +else + gt_cv_var_environ_declaration=yes +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_var_environ_declaration" >&5 +$as_echo "$gt_cv_var_environ_declaration" >&6; } + if test $gt_cv_var_environ_declaration = yes; then + +$as_echo "#define HAVE_ENVIRON_DECL 1" >>confdefs.h + + fi + + + if test $gt_cv_var_environ_declaration != yes; then + HAVE_DECL_ENVIRON=0 + fi + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ungetc works on arbitrary bytes" >&5 +$as_echo_n "checking whether ungetc works on arbitrary bytes... " >&6; } +if ${gl_cv_func_ungetc_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess yes on glibc systems. + *-gnu* | gnu*) gl_cv_func_ungetc_works="guessing yes" ;; + # Guess yes on musl systems. + *-musl*) gl_cv_func_ungetc_works="guessing yes" ;; + # Guess yes on bionic systems. + *-android*) gl_cv_func_ungetc_works="guessing yes" ;; + # Guess yes on native Windows. + mingw*) gl_cv_func_ungetc_works="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_ungetc_works="$gl_cross_guess_normal" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include + +int +main () +{ +FILE *f; + if (!(f = fopen ("conftest.tmp", "w+"))) + return 1; + if (fputs ("abc", f) < 0) + { fclose (f); return 2; } + rewind (f); + if (fgetc (f) != 'a') + { fclose (f); return 3; } + if (fgetc (f) != 'b') + { fclose (f); return 4; } + if (ungetc ('d', f) != 'd') + { fclose (f); return 5; } + if (ftell (f) != 1) + { fclose (f); return 6; } + if (fgetc (f) != 'd') + { fclose (f); return 7; } + if (ftell (f) != 2) + { fclose (f); return 8; } + if (fseek (f, 0, SEEK_CUR) != 0) + { fclose (f); return 9; } + if (ftell (f) != 2) + { fclose (f); return 10; } + if (fgetc (f) != 'c') + { fclose (f); return 11; } + fclose (f); + remove ("conftest.tmp"); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_ungetc_works=yes +else + gl_cv_func_ungetc_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_ungetc_works" >&5 +$as_echo "$gl_cv_func_ungetc_works" >&6; } + case "$gl_cv_func_ungetc_works" in + *yes) ;; + *) + +$as_echo "#define FUNC_UNGETC_BROKEN 1" >>confdefs.h + + ;; + esac + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getcwd (NULL, 0) allocates memory for result" >&5 +$as_echo_n "checking whether getcwd (NULL, 0) allocates memory for result... " >&6; } +if ${gl_cv_func_getcwd_null+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess yes on glibc systems. + *-gnu* | gnu*) gl_cv_func_getcwd_null="guessing yes";; + # Guess yes on musl systems. + *-musl*) gl_cv_func_getcwd_null="guessing yes";; + # Guess yes on Cygwin. + cygwin*) gl_cv_func_getcwd_null="guessing yes";; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_getcwd_null="$gl_cross_guess_normal";; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +# include +# if HAVE_UNISTD_H +# include +# else /* on Windows with MSVC */ +# include +# endif +# ifndef getcwd + char *getcwd (); +# endif + +int +main () +{ + +#if defined _WIN32 && ! defined __CYGWIN__ +/* mingw cwd does not start with '/', but getcwd does allocate. + However, mingw fails to honor non-zero size. */ +#else + if (chdir ("/") != 0) + return 1; + else + { + char *f = getcwd (NULL, 0); + if (! f) + return 2; + if (f[0] != '/') + { free (f); return 3; } + if (f[1] != '\0') + { free (f); return 4; } + free (f); + return 0; + } +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_getcwd_null=yes +else + gl_cv_func_getcwd_null=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_getcwd_null" >&5 +$as_echo "$gl_cv_func_getcwd_null" >&6; } + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getcwd with POSIX signature" >&5 +$as_echo_n "checking for getcwd with POSIX signature... " >&6; } +if ${gl_cv_func_getcwd_posix_signature+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +extern + #ifdef __cplusplus + "C" + #endif + char *getcwd (char *, size_t); + + ; + return 0; +} + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_func_getcwd_posix_signature=yes +else + gl_cv_func_getcwd_posix_signature=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_getcwd_posix_signature" >&5 +$as_echo "$gl_cv_func_getcwd_posix_signature" >&6; } + +ac_fn_c_check_type "$LINENO" "off_t" "ac_cv_type_off_t" "$ac_includes_default" +if test "x$ac_cv_type_off_t" = xyes; then : + +else + +cat >>confdefs.h <<_ACEOF +#define off_t long int +_ACEOF + +fi + + + for ac_header in inttypes.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "inttypes.h" "ac_cv_header_inttypes_h" "$ac_includes_default" +if test "x$ac_cv_header_inttypes_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_INTTYPES_H 1 +_ACEOF + +fi + +done + + if test $ac_cv_header_inttypes_h = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the inttypes.h PRIxNN macros are broken" >&5 +$as_echo_n "checking whether the inttypes.h PRIxNN macros are broken... " >&6; } +if ${gt_cv_inttypes_pri_broken+:} false; then : + $as_echo_n "(cached) " >&6 +else + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#ifdef PRId32 +char *p = PRId32; +#endif + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gt_cv_inttypes_pri_broken=no +else + gt_cv_inttypes_pri_broken=yes +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_inttypes_pri_broken" >&5 +$as_echo "$gt_cv_inttypes_pri_broken" >&6; } + fi + if test "$gt_cv_inttypes_pri_broken" = yes; then + +cat >>confdefs.h <<_ACEOF +#define PRI_MACROS_BROKEN 1 +_ACEOF + + PRI_MACROS_BROKEN=1 + else + PRI_MACROS_BROKEN=0 + fi + + + + + + GNULIB_NL_LANGINFO=0; + HAVE_NL_LANGINFO=1; + REPLACE_NL_LANGINFO=0; + + + + + GNULIB_LOCALECONV=0; + GNULIB_SETLOCALE=0; + GNULIB_SETLOCALE_NULL=0; + GNULIB_DUPLOCALE=0; + GNULIB_LOCALENAME=0; + HAVE_NEWLOCALE=1; + HAVE_DUPLOCALE=1; + HAVE_FREELOCALE=1; + REPLACE_LOCALECONV=0; + REPLACE_SETLOCALE=0; + REPLACE_NEWLOCALE=0; + REPLACE_DUPLOCALE=0; + REPLACE_FREELOCALE=0; + REPLACE_STRUCT_LCONV=0; + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether locale.h defines locale_t" >&5 +$as_echo_n "checking whether locale.h defines locale_t... " >&6; } +if ${gl_cv_header_locale_has_locale_t+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + locale_t x; +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_header_locale_has_locale_t=yes +else + gl_cv_header_locale_has_locale_t=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_locale_has_locale_t" >&5 +$as_echo "$gl_cv_header_locale_has_locale_t" >&6; } + + + if test $ac_cv_header_xlocale_h = yes; then + HAVE_XLOCALE_H=1 + if test $gl_cv_header_locale_has_locale_t = yes; then + gl_cv_header_locale_h_needs_xlocale_h=no + else + gl_cv_header_locale_h_needs_xlocale_h=yes + fi + HAVE_LOCALE_T=1 + else + HAVE_XLOCALE_H=0 + gl_cv_header_locale_h_needs_xlocale_h=no + if test $gl_cv_header_locale_has_locale_t = yes; then + HAVE_LOCALE_T=1 + else + HAVE_LOCALE_T=0 + fi + fi + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for LC_MESSAGES" >&5 +$as_echo_n "checking for LC_MESSAGES... " >&6; } +if ${gt_cv_val_LC_MESSAGES+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +return LC_MESSAGES + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gt_cv_val_LC_MESSAGES=yes +else + gt_cv_val_LC_MESSAGES=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_val_LC_MESSAGES" >&5 +$as_echo "$gt_cv_val_LC_MESSAGES" >&6; } + if test $gt_cv_val_LC_MESSAGES = yes; then + +$as_echo "#define HAVE_LC_MESSAGES 1" >>confdefs.h + + fi + + + + + + + + + + + + + + + if test $ac_cv_func_uselocale = yes; then + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether uselocale works" >&5 +$as_echo_n "checking whether uselocale works... " >&6; } +if ${gt_cv_func_uselocale_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + # Guess no on AIX and z/OS, yes otherwise. + case "$host_os" in + aix* | openedition*) gt_cv_func_uselocale_works="guessing no" ;; + *) gt_cv_func_uselocale_works="guessing yes" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#if HAVE_XLOCALE_H +# include +#endif +locale_t loc1; +int main () +{ + uselocale (NULL); + setlocale (LC_ALL, "en_US.UTF-8"); + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gt_cv_func_uselocale_works=yes +else + gt_cv_func_uselocale_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_func_uselocale_works" >&5 +$as_echo "$gt_cv_func_uselocale_works" >&6; } + else + gt_cv_func_uselocale_works=no + fi + case "$gt_cv_func_uselocale_works" in + *yes) + +$as_echo "#define HAVE_WORKING_USELOCALE 1" >>confdefs.h + + ;; + esac + + + case "$gt_cv_func_uselocale_works" in + *yes) + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for fake locale system (OpenBSD)" >&5 +$as_echo_n "checking for fake locale system (OpenBSD)... " >&6; } +if ${gt_cv_locale_fake+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + case "$host_os" in + openbsd*) gt_cv_locale_fake="guessing yes" ;; + *) gt_cv_locale_fake="guessing no" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#if HAVE_XLOCALE_H +# include +#endif +int main () +{ + locale_t loc1, loc2; + if (setlocale (LC_ALL, "de_DE.UTF-8") == NULL) return 1; + if (setlocale (LC_ALL, "fr_FR.UTF-8") == NULL) return 1; + loc1 = newlocale (LC_ALL_MASK, "de_DE.UTF-8", (locale_t)0); + loc2 = newlocale (LC_ALL_MASK, "fr_FR.UTF-8", (locale_t)0); + return !(loc1 == loc2); +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gt_cv_locale_fake=yes +else + gt_cv_locale_fake=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_locale_fake" >&5 +$as_echo "$gt_cv_locale_fake" >&6; } + ;; + *) gt_cv_locale_fake=no ;; + esac + case "$gt_cv_locale_fake" in + *yes) + +$as_echo "#define HAVE_FAKE_LOCALES 1" >>confdefs.h + + ;; + esac + + case "$gt_cv_func_uselocale_works" in + *yes) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for Solaris 11.4 locale system" >&5 +$as_echo_n "checking for Solaris 11.4 locale system... " >&6; } +if ${gt_cv_locale_solaris114+:} false; then : + $as_echo_n "(cached) " >&6 +else + case "$host_os" in + solaris*) + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + struct _LC_locale_t *x; + locale_t y; + +int +main () +{ +*y = x; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gt_cv_locale_solaris114=yes +else + gt_cv_locale_solaris114=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ;; + *) gt_cv_locale_solaris114=no ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_locale_solaris114" >&5 +$as_echo "$gt_cv_locale_solaris114" >&6; } + ;; + *) gt_cv_locale_solaris114=no ;; + esac + if test $gt_cv_locale_solaris114 = yes; then + +$as_echo "#define HAVE_SOLARIS114_LOCALES 1" >>confdefs.h + + fi + + case "$gt_cv_func_uselocale_works" in + *yes) + for ac_func in getlocalename_l +do : + ac_fn_c_check_func "$LINENO" "getlocalename_l" "ac_cv_func_getlocalename_l" +if test "x$ac_cv_func_getlocalename_l" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GETLOCALENAME_L 1 +_ACEOF + +fi +done + + ;; + esac + + gt_nameless_locales=no + case "$host_os" in + aix*) + gt_nameless_locales=yes + +$as_echo "#define HAVE_NAMELESS_LOCALES 1" >>confdefs.h + + ;; + esac + + + + + + + + + + gl_threads_api=none + LIBTHREAD= + LTLIBTHREAD= + LIBMULTITHREAD= + LTLIBMULTITHREAD= + if test "$gl_use_threads" != no; then + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether imported symbols can be declared weak" >&5 +$as_echo_n "checking whether imported symbols can be declared weak... " >&6; } +if ${gl_cv_have_weak+:} false; then : + $as_echo_n "(cached) " >&6 +else + gl_cv_have_weak=no + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +extern void xyzzy (); +#pragma weak xyzzy +int +main () +{ +xyzzy(); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gl_cv_have_weak=maybe +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test $gl_cv_have_weak = maybe; then + if test "$cross_compiling" = yes; then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __ELF__ + Extensible Linking Format + #endif + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "Extensible Linking Format" >/dev/null 2>&1; then : + gl_cv_have_weak="guessing yes" +else + gl_cv_have_weak="guessing no" +fi +rm -f conftest* + + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#pragma weak fputs +int main () +{ + return (fputs == NULL); +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_have_weak=yes +else + gl_cv_have_weak=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + fi + case " $LDFLAGS " in + *" -static "*) gl_cv_have_weak=no ;; + esac + case "$gl_cv_have_weak" in + *yes) + case "$host_os" in + freebsd* | dragonfly*) + : > conftest1.c + $CC $CPPFLAGS $CFLAGS $LDFLAGS -fPIC -shared -o libempty.so conftest1.c -lpthread >&5 2>&1 + cat < conftest2.c +#include +#pragma weak pthread_mutexattr_gettype +int main () +{ + return (pthread_mutexattr_gettype != NULL); +} +EOF + $CC $CPPFLAGS $CFLAGS $LDFLAGS -o conftest conftest2.c libempty.so >&5 2>&1 \ + || gl_cv_have_weak=no + rm -f conftest1.c libempty.so conftest2.c conftest + ;; + esac + ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_have_weak" >&5 +$as_echo "$gl_cv_have_weak" >&6; } + case "$gl_cv_have_weak" in + *yes) + +$as_echo "#define HAVE_WEAK_SYMBOLS 1" >>confdefs.h + + ;; + esac + + if case "$gl_cv_have_weak" in *yes) true;; *) false;; esac; then + + : + fi + if test "$gl_use_threads" = isoc || test "$gl_use_threads" = isoc+posix; then + + gl_have_isoc_threads="$ac_cv_header_threads_h" + fi + if test "$gl_use_threads" = yes \ + || test "$gl_use_threads" = posix \ + || test "$gl_use_threads" = isoc+posix; then + + + if test -z "$gl_pthreadlib_body_done"; then + gl_pthread_api=no + LIBPTHREAD= + LIBPMULTITHREAD= + # On OSF/1, the compiler needs the flag -pthread or -D_REENTRANT so that + # it groks . It's added above, in gl_ANYTHREADLIB_EARLY. + ac_fn_c_check_header_mongrel "$LINENO" "pthread.h" "ac_cv_header_pthread_h" "$ac_includes_default" +if test "x$ac_cv_header_pthread_h" = xyes; then : + gl_have_pthread_h=yes +else + gl_have_pthread_h=no +fi + + + if test "$gl_have_pthread_h" = yes; then + # Other possible tests: + # -lpthreads (FSU threads, PCthreads) + # -lgthreads + # Test whether both pthread_mutex_lock and pthread_mutexattr_init exist + # in libc. IRIX 6.5 has the first one in both libc and libpthread, but + # the second one only in libpthread, and lock.c needs it. + # + # If -pthread works, prefer it to -lpthread, since Ubuntu 14.04 + # needs -pthread for some reason. See: + # https://lists.gnu.org/r/bug-gnulib/2014-09/msg00023.html + save_LIBS=$LIBS + for gl_pthread in '' '-pthread'; do + LIBS="$LIBS $gl_pthread" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + pthread_mutex_t m; + pthread_mutexattr_t ma; + +int +main () +{ +pthread_mutex_lock (&m); + pthread_mutexattr_init (&ma); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gl_pthread_api=yes + LIBPTHREAD=$gl_pthread + LIBPMULTITHREAD=$gl_pthread +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LIBS=$save_LIBS + test $gl_pthread_api = yes && break + done + + # Test for libpthread by looking for pthread_kill. (Not pthread_self, + # since it is defined as a macro on OSF/1.) + if test $gl_pthread_api = yes && test -z "$LIBPTHREAD"; then + # The program links fine without libpthread. But it may actually + # need to link with libpthread in order to create multiple threads. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lpthread" >&5 +$as_echo_n "checking for pthread_kill in -lpthread... " >&6; } +if ${ac_cv_lib_pthread_pthread_kill+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpthread $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pthread_kill (); +int +main () +{ +return pthread_kill (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_pthread_pthread_kill=yes +else + ac_cv_lib_pthread_pthread_kill=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pthread_pthread_kill" >&5 +$as_echo "$ac_cv_lib_pthread_pthread_kill" >&6; } +if test "x$ac_cv_lib_pthread_pthread_kill" = xyes; then : + LIBPMULTITHREAD=-lpthread + # On Solaris and HP-UX, most pthread functions exist also in libc. + # Therefore pthread_in_use() needs to actually try to create a + # thread: pthread_create from libc will fail, whereas + # pthread_create will actually create a thread. + # On Solaris 10 or newer, this test is no longer needed, because + # libc contains the fully functional pthread functions. + case "$host_os" in + solaris | solaris2.1-9 | solaris2.1-9.* | hpux*) + +$as_echo "#define PTHREAD_IN_USE_DETECTION_HARD 1" >>confdefs.h + + esac + +fi + + elif test $gl_pthread_api != yes; then + # Some library is needed. Try libpthread and libc_r. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lpthread" >&5 +$as_echo_n "checking for pthread_kill in -lpthread... " >&6; } +if ${ac_cv_lib_pthread_pthread_kill+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpthread $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pthread_kill (); +int +main () +{ +return pthread_kill (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_pthread_pthread_kill=yes +else + ac_cv_lib_pthread_pthread_kill=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pthread_pthread_kill" >&5 +$as_echo "$ac_cv_lib_pthread_pthread_kill" >&6; } +if test "x$ac_cv_lib_pthread_pthread_kill" = xyes; then : + gl_pthread_api=yes + LIBPTHREAD=-lpthread + LIBPMULTITHREAD=-lpthread +fi + + if test $gl_pthread_api != yes; then + # For FreeBSD 4. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lc_r" >&5 +$as_echo_n "checking for pthread_kill in -lc_r... " >&6; } +if ${ac_cv_lib_c_r_pthread_kill+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lc_r $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pthread_kill (); +int +main () +{ +return pthread_kill (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_c_r_pthread_kill=yes +else + ac_cv_lib_c_r_pthread_kill=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_c_r_pthread_kill" >&5 +$as_echo "$ac_cv_lib_c_r_pthread_kill" >&6; } +if test "x$ac_cv_lib_c_r_pthread_kill" = xyes; then : + gl_pthread_api=yes + LIBPTHREAD=-lc_r + LIBPMULTITHREAD=-lc_r +fi + + fi + fi + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether POSIX threads API is available" >&5 +$as_echo_n "checking whether POSIX threads API is available... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_pthread_api" >&5 +$as_echo "$gl_pthread_api" >&6; } + + + if test $gl_pthread_api = yes; then + +$as_echo "#define HAVE_PTHREAD_API 1" >>confdefs.h + + fi + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +sched_yield (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + LIB_SCHED_YIELD= + +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sched_yield in -lrt" >&5 +$as_echo_n "checking for sched_yield in -lrt... " >&6; } +if ${ac_cv_lib_rt_sched_yield+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lrt $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char sched_yield (); +int +main () +{ +return sched_yield (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_rt_sched_yield=yes +else + ac_cv_lib_rt_sched_yield=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_rt_sched_yield" >&5 +$as_echo "$ac_cv_lib_rt_sched_yield" >&6; } +if test "x$ac_cv_lib_rt_sched_yield" = xyes; then : + LIB_SCHED_YIELD=-lrt +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sched_yield in -lposix4" >&5 +$as_echo_n "checking for sched_yield in -lposix4... " >&6; } +if ${ac_cv_lib_posix4_sched_yield+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lposix4 $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char sched_yield (); +int +main () +{ +return sched_yield (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_posix4_sched_yield=yes +else + ac_cv_lib_posix4_sched_yield=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_posix4_sched_yield" >&5 +$as_echo "$ac_cv_lib_posix4_sched_yield" >&6; } +if test "x$ac_cv_lib_posix4_sched_yield" = xyes; then : + LIB_SCHED_YIELD=-lposix4 +fi + +fi + + +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + + + gl_pthreadlib_body_done=done + fi + + LIBTHREAD=$LIBPTHREAD LTLIBTHREAD=$LIBPTHREAD + LIBMULTITHREAD=$LIBPMULTITHREAD LTLIBMULTITHREAD=$LIBPMULTITHREAD + if test $gl_pthread_api = yes; then + if test "$gl_use_threads" = isoc+posix && test "$gl_have_isoc_threads" = yes; then + gl_threads_api='isoc+posix' + +$as_echo "#define USE_ISOC_AND_POSIX_THREADS 1" >>confdefs.h + + LIBTHREAD= LTLIBTHREAD= + else + gl_threads_api=posix + +$as_echo "#define USE_POSIX_THREADS 1" >>confdefs.h + + if test -n "$LIBMULTITHREAD" || test -n "$LTLIBMULTITHREAD"; then + if case "$gl_cv_have_weak" in *yes) true;; *) false;; esac; then + +$as_echo "#define USE_POSIX_THREADS_WEAK 1" >>confdefs.h + + LIBTHREAD= LTLIBTHREAD= + fi + fi + fi + fi + fi + if test $gl_threads_api = none; then + if test "$gl_use_threads" = isoc && test "$gl_have_isoc_threads" = yes; then + + + + if test -z "$gl_stdthreadlib_body_done"; then + + + case "$host_os" in + mingw*) + LIBSTDTHREAD= + ;; + *) + + + if test -z "$gl_pthreadlib_body_done"; then + gl_pthread_api=no + LIBPTHREAD= + LIBPMULTITHREAD= + # On OSF/1, the compiler needs the flag -pthread or -D_REENTRANT so that + # it groks . It's added above, in gl_ANYTHREADLIB_EARLY. + ac_fn_c_check_header_mongrel "$LINENO" "pthread.h" "ac_cv_header_pthread_h" "$ac_includes_default" +if test "x$ac_cv_header_pthread_h" = xyes; then : + gl_have_pthread_h=yes +else + gl_have_pthread_h=no +fi + + + if test "$gl_have_pthread_h" = yes; then + # Other possible tests: + # -lpthreads (FSU threads, PCthreads) + # -lgthreads + # Test whether both pthread_mutex_lock and pthread_mutexattr_init exist + # in libc. IRIX 6.5 has the first one in both libc and libpthread, but + # the second one only in libpthread, and lock.c needs it. + # + # If -pthread works, prefer it to -lpthread, since Ubuntu 14.04 + # needs -pthread for some reason. See: + # https://lists.gnu.org/r/bug-gnulib/2014-09/msg00023.html + save_LIBS=$LIBS + for gl_pthread in '' '-pthread'; do + LIBS="$LIBS $gl_pthread" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + pthread_mutex_t m; + pthread_mutexattr_t ma; + +int +main () +{ +pthread_mutex_lock (&m); + pthread_mutexattr_init (&ma); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gl_pthread_api=yes + LIBPTHREAD=$gl_pthread + LIBPMULTITHREAD=$gl_pthread +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LIBS=$save_LIBS + test $gl_pthread_api = yes && break + done + + # Test for libpthread by looking for pthread_kill. (Not pthread_self, + # since it is defined as a macro on OSF/1.) + if test $gl_pthread_api = yes && test -z "$LIBPTHREAD"; then + # The program links fine without libpthread. But it may actually + # need to link with libpthread in order to create multiple threads. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lpthread" >&5 +$as_echo_n "checking for pthread_kill in -lpthread... " >&6; } +if ${ac_cv_lib_pthread_pthread_kill+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpthread $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pthread_kill (); +int +main () +{ +return pthread_kill (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_pthread_pthread_kill=yes +else + ac_cv_lib_pthread_pthread_kill=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pthread_pthread_kill" >&5 +$as_echo "$ac_cv_lib_pthread_pthread_kill" >&6; } +if test "x$ac_cv_lib_pthread_pthread_kill" = xyes; then : + LIBPMULTITHREAD=-lpthread + # On Solaris and HP-UX, most pthread functions exist also in libc. + # Therefore pthread_in_use() needs to actually try to create a + # thread: pthread_create from libc will fail, whereas + # pthread_create will actually create a thread. + # On Solaris 10 or newer, this test is no longer needed, because + # libc contains the fully functional pthread functions. + case "$host_os" in + solaris | solaris2.1-9 | solaris2.1-9.* | hpux*) + +$as_echo "#define PTHREAD_IN_USE_DETECTION_HARD 1" >>confdefs.h + + esac + +fi + + elif test $gl_pthread_api != yes; then + # Some library is needed. Try libpthread and libc_r. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lpthread" >&5 +$as_echo_n "checking for pthread_kill in -lpthread... " >&6; } +if ${ac_cv_lib_pthread_pthread_kill+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpthread $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pthread_kill (); +int +main () +{ +return pthread_kill (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_pthread_pthread_kill=yes +else + ac_cv_lib_pthread_pthread_kill=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pthread_pthread_kill" >&5 +$as_echo "$ac_cv_lib_pthread_pthread_kill" >&6; } +if test "x$ac_cv_lib_pthread_pthread_kill" = xyes; then : + gl_pthread_api=yes + LIBPTHREAD=-lpthread + LIBPMULTITHREAD=-lpthread +fi + + if test $gl_pthread_api != yes; then + # For FreeBSD 4. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lc_r" >&5 +$as_echo_n "checking for pthread_kill in -lc_r... " >&6; } +if ${ac_cv_lib_c_r_pthread_kill+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lc_r $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pthread_kill (); +int +main () +{ +return pthread_kill (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_c_r_pthread_kill=yes +else + ac_cv_lib_c_r_pthread_kill=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_c_r_pthread_kill" >&5 +$as_echo "$ac_cv_lib_c_r_pthread_kill" >&6; } +if test "x$ac_cv_lib_c_r_pthread_kill" = xyes; then : + gl_pthread_api=yes + LIBPTHREAD=-lc_r + LIBPMULTITHREAD=-lc_r +fi + + fi + fi + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether POSIX threads API is available" >&5 +$as_echo_n "checking whether POSIX threads API is available... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_pthread_api" >&5 +$as_echo "$gl_pthread_api" >&6; } + + + if test $gl_pthread_api = yes; then + +$as_echo "#define HAVE_PTHREAD_API 1" >>confdefs.h + + fi + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +sched_yield (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + LIB_SCHED_YIELD= + +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sched_yield in -lrt" >&5 +$as_echo_n "checking for sched_yield in -lrt... " >&6; } +if ${ac_cv_lib_rt_sched_yield+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lrt $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char sched_yield (); +int +main () +{ +return sched_yield (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_rt_sched_yield=yes +else + ac_cv_lib_rt_sched_yield=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_rt_sched_yield" >&5 +$as_echo "$ac_cv_lib_rt_sched_yield" >&6; } +if test "x$ac_cv_lib_rt_sched_yield" = xyes; then : + LIB_SCHED_YIELD=-lrt +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sched_yield in -lposix4" >&5 +$as_echo_n "checking for sched_yield in -lposix4... " >&6; } +if ${ac_cv_lib_posix4_sched_yield+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lposix4 $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char sched_yield (); +int +main () +{ +return sched_yield (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_posix4_sched_yield=yes +else + ac_cv_lib_posix4_sched_yield=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_posix4_sched_yield" >&5 +$as_echo "$ac_cv_lib_posix4_sched_yield" >&6; } +if test "x$ac_cv_lib_posix4_sched_yield" = xyes; then : + LIB_SCHED_YIELD=-lposix4 +fi +fi +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + gl_pthreadlib_body_done=done + fi + if test $ac_cv_header_threads_h = yes; then + for ac_func in thrd_create +do : + ac_fn_c_check_func "$LINENO" "thrd_create" "ac_cv_func_thrd_create" +if test "x$ac_cv_func_thrd_create" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_THRD_CREATE 1 +_ACEOF +fi +done - { $as_echo "$as_me:${as_lineno-$LINENO}: checking if environ is properly declared" >&5 -$as_echo_n "checking if environ is properly declared... " >&6; } -if ${gt_cv_var_environ_declaration+:} false; then : + if test $ac_cv_func_thrd_create = yes; then + LIBSTDTHREAD= + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for thrd_create in -lstdthreads" >&5 +$as_echo_n "checking for thrd_create in -lstdthreads... " >&6; } +if ${ac_cv_lib_stdthreads_thrd_create+:} false; then : $as_echo_n "(cached) " >&6 else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + ac_check_lib_save_LIBS=$LIBS +LIBS="-lstdthreads $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#if HAVE_UNISTD_H - #include - #endif - /* mingw, BeOS, Haiku declare environ in , not in . */ - #include - extern struct { int foo; } environ; +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char thrd_create (); int main () { -environ.foo = 1; +return thrd_create (); ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gt_cv_var_environ_declaration=no +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_stdthreads_thrd_create=yes else - gt_cv_var_environ_declaration=yes + ac_cv_lib_stdthreads_thrd_create=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_var_environ_declaration" >&5 -$as_echo "$gt_cv_var_environ_declaration" >&6; } - if test $gt_cv_var_environ_declaration = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_stdthreads_thrd_create" >&5 +$as_echo "$ac_cv_lib_stdthreads_thrd_create" >&6; } +if test "x$ac_cv_lib_stdthreads_thrd_create" = xyes; then : -$as_echo "#define HAVE_ENVIRON_DECL 1" >>confdefs.h + LIBSTDTHREAD='-lstdthreads -lpthread' - fi +else + LIBSTDTHREAD="$LIBPMULTITHREAD" - if test $gt_cv_var_environ_declaration != yes; then - HAVE_DECL_ENVIRON=0 +fi + + fi + else + LIBSTDTHREAD="$LIBPMULTITHREAD $LIB_SCHED_YIELD" + fi + ;; + esac + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ISO C threads API is available" >&5 +$as_echo_n "checking whether ISO C threads API is available... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_threads_h" >&5 +$as_echo "$ac_cv_header_threads_h" >&6; } + gl_stdthreadlib_body_done=done fi + LIBTHREAD=$LIBSTDTHREAD LTLIBTHREAD=$LIBSTDTHREAD + LIBMULTITHREAD=$LIBSTDTHREAD LTLIBMULTITHREAD=$LIBSTDTHREAD + gl_threads_api=isoc - GNULIB_FCNTL=0; - GNULIB_NONBLOCKING=0; - GNULIB_OPEN=0; - GNULIB_OPENAT=0; - HAVE_FCNTL=1; - HAVE_OPENAT=1; - REPLACE_FCNTL=0; - REPLACE_OPEN=0; - REPLACE_OPENAT=0; +$as_echo "#define USE_ISOC_THREADS 1" >>confdefs.h + + fi + fi + if test $gl_threads_api = none; then + case "$gl_use_threads" in + yes | windows | win32) # The 'win32' is for backward compatibility. + if { case "$host_os" in + mingw*) true;; + *) false;; + esac + }; then + gl_threads_api=windows +$as_echo "#define USE_WINDOWS_THREADS 1" >>confdefs.h + + fi + ;; + esac + fi + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for multithread API to use" >&5 +$as_echo_n "checking for multithread API to use... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_threads_api" >&5 +$as_echo "$gl_threads_api" >&6; } @@ -23439,385 +26736,166 @@ $as_echo "#define HAVE_ENVIRON_DECL 1" >>confdefs.h - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working fcntl.h" >&5 -$as_echo_n "checking for working fcntl.h... " >&6; } -if ${gl_cv_header_working_fcntl_h+:} false; then : + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether lstat correctly handles trailing slash" >&5 +$as_echo_n "checking whether lstat correctly handles trailing slash... " >&6; } +if ${gl_cv_func_lstat_dereferences_slashed_symlink+:} false; then : $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then : + rm -f conftest.sym conftest.file + echo >conftest.file + if test "$cross_compiling" = yes; then : case "$host_os" in - # Guess 'no' on native Windows. - mingw*) gl_cv_header_working_fcntl_h='no' ;; - *) gl_cv_header_working_fcntl_h=cross-compiling ;; + linux-* | linux) + # Guess yes on Linux systems. + gl_cv_func_lstat_dereferences_slashed_symlink="guessing yes" ;; + *-gnu* | gnu*) + # Guess yes on glibc systems. + gl_cv_func_lstat_dereferences_slashed_symlink="guessing yes" ;; + mingw*) + # Guess no on native Windows. + gl_cv_func_lstat_dereferences_slashed_symlink="guessing no" ;; + *) + # If we don't know, obey --enable-cross-guesses. + gl_cv_func_lstat_dereferences_slashed_symlink="$gl_cross_guess_normal" ;; esac else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include - #include - #if HAVE_UNISTD_H - # include - #else /* on Windows with MSVC */ - # include - # include - # defined sleep(n) _sleep ((n) * 1000) - #endif - #include - #ifndef O_NOATIME - #define O_NOATIME 0 - #endif - #ifndef O_NOFOLLOW - #define O_NOFOLLOW 0 - #endif - static int const constants[] = - { - O_CREAT, O_EXCL, O_NOCTTY, O_TRUNC, O_APPEND, - O_NONBLOCK, O_SYNC, O_ACCMODE, O_RDONLY, O_RDWR, O_WRONLY - }; - +$ac_includes_default int main () { +struct stat sbuf; + if (symlink ("conftest.file", "conftest.sym") != 0) + return 1; + /* Linux will dereference the symlink and fail, as required by + POSIX. That is better in the sense that it means we will not + have to compile and use the lstat wrapper. */ + return lstat ("conftest.sym/", &sbuf) == 0; - int result = !constants; - #if HAVE_SYMLINK - { - static char const sym[] = "conftest.sym"; - if (symlink ("/dev/null", sym) != 0) - result |= 2; - else - { - int fd = open (sym, O_WRONLY | O_NOFOLLOW | O_CREAT, 0); - if (fd >= 0) - { - close (fd); - result |= 4; - } - } - if (unlink (sym) != 0 || symlink (".", sym) != 0) - result |= 2; - else - { - int fd = open (sym, O_RDONLY | O_NOFOLLOW); - if (fd >= 0) - { - close (fd); - result |= 4; - } - } - unlink (sym); - } - #endif - { - static char const file[] = "confdefs.h"; - int fd = open (file, O_RDONLY | O_NOATIME); - if (fd < 0) - result |= 8; - else - { - struct stat st0; - if (fstat (fd, &st0) != 0) - result |= 16; - else - { - char c; - sleep (1); - if (read (fd, &c, 1) != 1) - result |= 24; - else - { - if (close (fd) != 0) - result |= 32; - else - { - struct stat st1; - if (stat (file, &st1) != 0) - result |= 40; - else - if (st0.st_atime != st1.st_atime) - result |= 64; - } - } - } - } - } - return result; ; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : - gl_cv_header_working_fcntl_h=yes + gl_cv_func_lstat_dereferences_slashed_symlink=yes else - case $? in #( - 4) gl_cv_header_working_fcntl_h='no (bad O_NOFOLLOW)';; #( - 64) gl_cv_header_working_fcntl_h='no (bad O_NOATIME)';; #( - 68) gl_cv_header_working_fcntl_h='no (bad O_NOATIME, O_NOFOLLOW)';; #( - *) gl_cv_header_working_fcntl_h='no';; - esac + gl_cv_func_lstat_dereferences_slashed_symlink=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi + rm -f conftest.sym conftest.file fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_working_fcntl_h" >&5 -$as_echo "$gl_cv_header_working_fcntl_h" >&6; } - - case $gl_cv_header_working_fcntl_h in #( - *O_NOATIME* | no | cross-compiling) ac_val=0;; #( - *) ac_val=1;; - esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_lstat_dereferences_slashed_symlink" >&5 +$as_echo "$gl_cv_func_lstat_dereferences_slashed_symlink" >&6; } + case "$gl_cv_func_lstat_dereferences_slashed_symlink" in + *yes) cat >>confdefs.h <<_ACEOF -#define HAVE_WORKING_O_NOATIME $ac_val +#define LSTAT_FOLLOWS_SLASHED_SYMLINK 1 _ACEOF - - case $gl_cv_header_working_fcntl_h in #( - *O_NOFOLLOW* | no | cross-compiling) ac_val=0;; #( - *) ac_val=1;; + ;; esac -cat >>confdefs.h <<_ACEOF -#define HAVE_WORKING_O_NOFOLLOW $ac_val -_ACEOF + + GNULIB_PSELECT=0; + GNULIB_SELECT=0; + HAVE_PSELECT=1; + REPLACE_PSELECT=0; + REPLACE_SELECT=0; - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ungetc works on arbitrary bytes" >&5 -$as_echo_n "checking whether ungetc works on arbitrary bytes... " >&6; } -if ${gl_cv_func_ungetc_works+:} false; then : + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether is self-contained" >&5 +$as_echo_n "checking whether is self-contained... " >&6; } +if ${gl_cv_header_sys_select_h_selfcontained+:} false; then : $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then : - case "$host_os" in - # Guess yes on glibc systems. - *-gnu* | gnu*) gl_cv_func_ungetc_works="guessing yes" ;; - # Guess yes on musl systems. - *-musl*) gl_cv_func_ungetc_works="guessing yes" ;; - # Guess yes on bionic systems. - *-android*) gl_cv_func_ungetc_works="guessing yes" ;; - # Guess yes on native Windows. - mingw*) gl_cv_func_ungetc_works="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_ungetc_works="guessing no" ;; - esac -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ - -#include - +#include int main () { -FILE *f; - if (!(f = fopen ("conftest.tmp", "w+"))) - return 1; - if (fputs ("abc", f) < 0) - { fclose (f); return 2; } - rewind (f); - if (fgetc (f) != 'a') - { fclose (f); return 3; } - if (fgetc (f) != 'b') - { fclose (f); return 4; } - if (ungetc ('d', f) != 'd') - { fclose (f); return 5; } - if (ftell (f) != 1) - { fclose (f); return 6; } - if (fgetc (f) != 'd') - { fclose (f); return 7; } - if (ftell (f) != 2) - { fclose (f); return 8; } - if (fseek (f, 0, SEEK_CUR) != 0) - { fclose (f); return 9; } - if (ftell (f) != 2) - { fclose (f); return 10; } - if (fgetc (f) != 'c') - { fclose (f); return 11; } - fclose (f); - remove ("conftest.tmp"); +struct timeval b; ; return 0; } _ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_ungetc_works=yes +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_header_sys_select_h_selfcontained=yes else - gl_cv_func_ungetc_works=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - + gl_cv_header_sys_select_h_selfcontained=no fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_ungetc_works" >&5 -$as_echo "$gl_cv_func_ungetc_works" >&6; } - case "$gl_cv_func_ungetc_works" in - *yes) ;; - *) - -$as_echo "#define FUNC_UNGETC_BROKEN 1" >>confdefs.h - - ;; - esac - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getcwd (NULL, 0) allocates memory for result" >&5 -$as_echo_n "checking whether getcwd (NULL, 0) allocates memory for result... " >&6; } -if ${gl_cv_func_getcwd_null+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - case "$host_os" in - # Guess yes on glibc systems. - *-gnu* | gnu*) gl_cv_func_getcwd_null="guessing yes";; - # Guess yes on musl systems. - *-musl*) gl_cv_func_getcwd_null="guessing yes";; - # Guess yes on Cygwin. - cygwin*) gl_cv_func_getcwd_null="guessing yes";; - # If we don't know, assume the worst. - *) gl_cv_func_getcwd_null="guessing no";; - esac - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + if test $gl_cv_header_sys_select_h_selfcontained = yes; then + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ - -# include -# if HAVE_UNISTD_H -# include -# else /* on Windows with MSVC */ -# include -# endif -# ifndef getcwd - char *getcwd (); -# endif - +#include int main () { - -#if defined _WIN32 && ! defined __CYGWIN__ -/* mingw cwd does not start with '/', but getcwd does allocate. - However, mingw fails to honor non-zero size. */ -#else - if (chdir ("/") != 0) - return 1; - else - { - char *f = getcwd (NULL, 0); - if (! f) - return 2; - if (f[0] != '/') - { free (f); return 3; } - if (f[1] != '\0') - { free (f); return 4; } - free (f); - return 0; - } -#endif - +int memset; int bzero; ; return 0; } -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_getcwd_null=yes -else - gl_cv_func_getcwd_null=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_getcwd_null" >&5 -$as_echo "$gl_cv_func_getcwd_null" >&6; } - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getcwd with POSIX signature" >&5 -$as_echo_n "checking for getcwd with POSIX signature... " >&6; } -if ${gl_cv_func_getcwd_posix_signature+:} false; then : - $as_echo_n "(cached) " >&6 -else +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +#include int main () { -extern - #ifdef __cplusplus - "C" - #endif - char *getcwd (char *, size_t); + + #undef memset + #define memset nonexistent_memset + extern + #ifdef __cplusplus + "C" + #endif + void *memset (void *, int, unsigned long); + #undef bzero + #define bzero nonexistent_bzero + extern + #ifdef __cplusplus + "C" + #endif + void bzero (void *, unsigned long); + fd_set fds; + FD_ZERO (&fds); ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_func_getcwd_posix_signature=yes +if ac_fn_c_try_link "$LINENO"; then : + else - gl_cv_func_getcwd_posix_signature=no + gl_cv_header_sys_select_h_selfcontained=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_getcwd_posix_signature" >&5 -$as_echo "$gl_cv_func_getcwd_posix_signature" >&6; } - - +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + fi -ac_fn_c_check_decl "$LINENO" "getdtablesize" "ac_cv_have_decl_getdtablesize" "$ac_includes_default" -if test "x$ac_cv_have_decl_getdtablesize" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_GETDTABLESIZE $ac_have_decl -_ACEOF - - - - - GNULIB_IMAXABS=0; - GNULIB_IMAXDIV=0; - GNULIB_STRTOIMAX=0; - GNULIB_STRTOUMAX=0; - HAVE_DECL_IMAXABS=1; - HAVE_DECL_IMAXDIV=1; - HAVE_DECL_STRTOIMAX=1; - HAVE_DECL_STRTOUMAX=1; - HAVE_IMAXDIV_T=1; - REPLACE_STRTOIMAX=0; - REPLACE_STRTOUMAX=0; - INT32_MAX_LT_INTMAX_MAX=1; - INT64_MAX_EQ_LONG_MAX='defined _LP64'; - PRI_MACROS_BROKEN=0; - PRIPTR_PREFIX=__PRIPTR_PREFIX; - UINT32_MAX_LT_UINTMAX_MAX=1; - UINT64_MAX_EQ_ULONG_MAX='defined _LP64'; - - - - - - +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_sys_select_h_selfcontained" >&5 +$as_echo "$gl_cv_header_sys_select_h_selfcontained" >&6; } @@ -23828,22 +26906,22 @@ _ACEOF if test $gl_cv_have_include_next = yes; then - gl_cv_next_inttypes_h='<'inttypes.h'>' + gl_cv_next_sys_select_h='<'sys/select.h'>' else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 -$as_echo_n "checking absolute name of ... " >&6; } -if ${gl_cv_next_inttypes_h+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_sys_select_h+:} false; then : $as_echo_n "(cached) " >&6 else - if test $ac_cv_header_inttypes_h = yes; then + if test $ac_cv_header_sys_select_h = yes; then cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +#include _ACEOF case "$host_os" in aix*) gl_absname_cpp="$ac_cpp -C" ;; @@ -23859,7 +26937,7 @@ _ACEOF ;; esac gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' - gl_header_literal_regex=`echo 'inttypes.h' \ + gl_header_literal_regex=`echo 'sys/select.h' \ | sed -e "$gl_make_literal_regex_sed"` gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ @@ -23868,206 +26946,181 @@ _ACEOF q }' - gl_cv_absolute_inttypes_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + gl_cv_absolute_sys_select_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | sed -n "$gl_absolute_header_sed"` - gl_header=$gl_cv_absolute_inttypes_h - gl_cv_next_inttypes_h='"'$gl_header'"' + gl_header=$gl_cv_absolute_sys_select_h + gl_cv_next_sys_select_h='"'$gl_header'"' else - gl_cv_next_inttypes_h='<'inttypes.h'>' + gl_cv_next_sys_select_h='<'sys/select.h'>' fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_inttypes_h" >&5 -$as_echo "$gl_cv_next_inttypes_h" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_sys_select_h" >&5 +$as_echo "$gl_cv_next_sys_select_h" >&6; } fi - NEXT_INTTYPES_H=$gl_cv_next_inttypes_h + NEXT_SYS_SELECT_H=$gl_cv_next_sys_select_h if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'inttypes.h'>' + gl_next_as_first_directive='<'sys/select.h'>' else # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_inttypes_h - fi - NEXT_AS_FIRST_DIRECTIVE_INTTYPES_H=$gl_next_as_first_directive - - - + gl_next_as_first_directive=$gl_cv_next_sys_select_h + fi + NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H=$gl_next_as_first_directive + if test $ac_cv_header_sys_select_h = yes; then + HAVE_SYS_SELECT_H=1 + else + HAVE_SYS_SELECT_H=0 + fi - for ac_header in inttypes.h + if test $ac_cv_header_sys_socket_h != yes; then + for ac_header in winsock2.h do : - ac_fn_c_check_header_mongrel "$LINENO" "inttypes.h" "ac_cv_header_inttypes_h" "$ac_includes_default" -if test "x$ac_cv_header_inttypes_h" = xyes; then : + ac_fn_c_check_header_mongrel "$LINENO" "winsock2.h" "ac_cv_header_winsock2_h" "$ac_includes_default" +if test "x$ac_cv_header_winsock2_h" = xyes; then : cat >>confdefs.h <<_ACEOF -#define HAVE_INTTYPES_H 1 +#define HAVE_WINSOCK2_H 1 _ACEOF fi done - if test $ac_cv_header_inttypes_h = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the inttypes.h PRIxNN macros are broken" >&5 -$as_echo_n "checking whether the inttypes.h PRIxNN macros are broken... " >&6; } -if ${gt_cv_inttypes_pri_broken+:} false; then : - $as_echo_n "(cached) " >&6 -else - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#ifdef PRId32 -char *p = PRId32; -#endif - -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gt_cv_inttypes_pri_broken=no -else - gt_cv_inttypes_pri_broken=yes -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_inttypes_pri_broken" >&5 -$as_echo "$gt_cv_inttypes_pri_broken" >&6; } fi - if test "$gt_cv_inttypes_pri_broken" = yes; then - -cat >>confdefs.h <<_ACEOF -#define PRI_MACROS_BROKEN 1 -_ACEOF - - PRI_MACROS_BROKEN=1 + if test "$ac_cv_header_winsock2_h" = yes; then + HAVE_WINSOCK2_H=1 + UNISTD_H_HAVE_WINSOCK2_H=1 + SYS_IOCTL_H_HAVE_WINSOCK2_H=1 else - PRI_MACROS_BROKEN=0 + HAVE_WINSOCK2_H=0 fi - GNULIB_NL_LANGINFO=0; - HAVE_NL_LANGINFO=1; - REPLACE_NL_LANGINFO=0; - GNULIB_LOCALECONV=0; - GNULIB_SETLOCALE=0; - GNULIB_DUPLOCALE=0; - GNULIB_LOCALENAME=0; - HAVE_NEWLOCALE=1; - HAVE_DUPLOCALE=1; - HAVE_FREELOCALE=1; - REPLACE_LOCALECONV=0; - REPLACE_SETLOCALE=0; - REPLACE_NEWLOCALE=0; - REPLACE_DUPLOCALE=0; - REPLACE_FREELOCALE=0; - REPLACE_STRUCT_LCONV=0; + if test "$ac_cv_header_winsock2_h" = yes; then + REPLACE_SELECT=1 + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether select supports a 0 argument" >&5 +$as_echo_n "checking whether select supports a 0 argument... " >&6; } +if ${gl_cv_func_select_supports0+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess no on Interix. + interix*) gl_cv_func_select_supports0="guessing no";; + # Guess yes otherwise. + *) gl_cv_func_select_supports0="guessing yes";; + esac - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for LC_MESSAGES" >&5 -$as_echo_n "checking for LC_MESSAGES... " >&6; } -if ${gt_cv_val_LC_MESSAGES+:} false; then : - $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -int -main () + +#include +#include +#if HAVE_SYS_SELECT_H +#include +#endif +int main () { -return LC_MESSAGES - ; - return 0; + struct timeval timeout; + timeout.tv_sec = 0; + timeout.tv_usec = 5; + return select (0, (fd_set *)0, (fd_set *)0, (fd_set *)0, &timeout) < 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : - gt_cv_val_LC_MESSAGES=yes +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_select_supports0=yes else - gt_cv_val_LC_MESSAGES=no + gl_cv_func_select_supports0=no fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_val_LC_MESSAGES" >&5 -$as_echo "$gt_cv_val_LC_MESSAGES" >&6; } - if test $gt_cv_val_LC_MESSAGES = yes; then - -$as_echo "#define HAVE_LC_MESSAGES 1" >>confdefs.h - - fi - - - - +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_select_supports0" >&5 +$as_echo "$gl_cv_func_select_supports0" >&6; } + case "$gl_cv_func_select_supports0" in + *yes) ;; + *) REPLACE_SELECT=1 ;; + esac - - - - - - - if test $ac_cv_func_uselocale = yes; then - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether uselocale works" >&5 -$as_echo_n "checking whether uselocale works... " >&6; } -if ${gt_cv_func_uselocale_works+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether select detects invalid fds" >&5 +$as_echo_n "checking whether select detects invalid fds... " >&6; } +if ${gl_cv_func_select_detects_ebadf+:} false; then : $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then : - # Guess no on AIX, yes otherwise. - case "$host_os" in - aix*) gt_cv_func_uselocale_works="guessing no" ;; - *) gt_cv_func_uselocale_works="guessing yes" ;; - esac + + if test "$cross_compiling" = yes; then : + + case "$host_os" in + # Guess yes on Linux systems. + linux-* | linux) gl_cv_func_select_detects_ebadf="guessing yes" ;; + # Guess yes on glibc systems. + *-gnu* | gnu*) gl_cv_func_select_detects_ebadf="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_select_detects_ebadf="$gl_cross_guess_normal" ;; + esac else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -#if HAVE_XLOCALE_H -# include +#include +#include +#if HAVE_SYS_SELECT_H +# include #endif -int main () +#include +#include + +int +main () { - uselocale (NULL); - setlocale (LC_ALL, "en_US.UTF-8"); + + fd_set set; + dup2(0, 16); + FD_ZERO(&set); + FD_SET(16, &set); + close(16); + struct timeval timeout; + timeout.tv_sec = 0; + timeout.tv_usec = 5; + return select (17, &set, NULL, NULL, &timeout) != -1 || errno != EBADF; + + ; return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : - gt_cv_func_uselocale_works=yes + gl_cv_func_select_detects_ebadf=yes else - gt_cv_func_uselocale_works=no + gl_cv_func_select_detects_ebadf=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext @@ -24075,145 +27128,119 @@ fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_func_uselocale_works" >&5 -$as_echo "$gt_cv_func_uselocale_works" >&6; } - else - gt_cv_func_uselocale_works=no +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_select_detects_ebadf" >&5 +$as_echo "$gl_cv_func_select_detects_ebadf" >&6; } + case $gl_cv_func_select_detects_ebadf in + *yes) ;; + *) REPLACE_SELECT=1 ;; + esac fi - case "$gt_cv_func_uselocale_works" in - *yes) - -$as_echo "#define HAVE_WORKING_USELOCALE 1" >>confdefs.h - - ;; - esac - - - case "$gt_cv_func_uselocale_works" in - *yes) - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for fake locale system (OpenBSD)" >&5 -$as_echo_n "checking for fake locale system (OpenBSD)... " >&6; } -if ${gt_cv_locale_fake+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - case "$host_os" in - openbsd*) gt_cv_locale_fake="guessing yes" ;; - *) gt_cv_locale_fake="guessing no" ;; - esac -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + LIB_SELECT="$LIBSOCKET" + if test $REPLACE_SELECT = 1; then + case "$host_os" in + mingw*) + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -#if HAVE_XLOCALE_H -# include -#endif -int main () +#define WIN32_LEAN_AND_MEAN +#include +int +main () { - locale_t loc1, loc2; - if (setlocale (LC_ALL, "de_DE.UTF-8") == NULL) return 1; - if (setlocale (LC_ALL, "fr_FR.UTF-8") == NULL) return 1; - loc1 = newlocale (LC_ALL_MASK, "de_DE.UTF-8", (locale_t)0); - loc2 = newlocale (LC_ALL_MASK, "fr_FR.UTF-8", (locale_t)0); - return !(loc1 == loc2); + MsgWaitForMultipleObjects (0, NULL, 0, 0, 0); + return 0; } _ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gt_cv_locale_fake=yes +if ac_fn_c_try_link "$LINENO"; then : + else - gt_cv_locale_fake=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext + LIB_SELECT="$LIB_SELECT -luser32" fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + ;; + esac + fi +ac_fn_c_check_decl "$LINENO" "alarm" "ac_cv_have_decl_alarm" "$ac_includes_default" +if test "x$ac_cv_have_decl_alarm" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_locale_fake" >&5 -$as_echo "$gt_cv_locale_fake" >&6; } - ;; - *) gt_cv_locale_fake=no ;; - esac - case "$gt_cv_locale_fake" in - *yes) -$as_echo "#define HAVE_FAKE_LOCALES 1" >>confdefs.h +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_ALARM $ac_have_decl +_ACEOF - ;; - esac - case "$gt_cv_func_uselocale_works" in - *yes) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for Solaris 11.4 locale system" >&5 -$as_echo_n "checking for Solaris 11.4 locale system... " >&6; } -if ${gt_cv_locale_solaris114+:} false; then : + REPLACE_STRERROR_0=0 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether strerror(0) succeeds" >&5 +$as_echo_n "checking whether strerror(0) succeeds... " >&6; } +if ${gl_cv_func_strerror_0_works+:} false; then : $as_echo_n "(cached) " >&6 else + if test "$cross_compiling" = yes; then : case "$host_os" in - solaris*) - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ + # Guess yes on glibc systems. + *-gnu* | gnu*) gl_cv_func_strerror_0_works="guessing yes" ;; + # Guess yes on musl systems. + *-musl*) gl_cv_func_strerror_0_works="guessing yes" ;; + # Guess yes on native Windows. + mingw*) gl_cv_func_strerror_0_works="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_strerror_0_works="$gl_cross_guess_normal" ;; + esac - #include - struct _LC_locale_t *x; - locale_t y; +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include int main () { -*y = x; +int result = 0; + char *str; + errno = 0; + str = strerror (0); + if (!*str) result |= 1; + if (errno) result |= 2; + if (strstr (str, "nknown") || strstr (str, "ndefined")) + result |= 4; + return result; ; return 0; } _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gt_cv_locale_solaris114=yes +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_strerror_0_works=yes else - gt_cv_locale_solaris114=no + gl_cv_func_strerror_0_works=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ;; - *) gt_cv_locale_solaris114=no ;; - esac - +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_locale_solaris114" >&5 -$as_echo "$gt_cv_locale_solaris114" >&6; } - ;; - *) gt_cv_locale_solaris114=no ;; - esac - if test $gt_cv_locale_solaris114 = yes; then -$as_echo "#define HAVE_SOLARIS114_LOCALES 1" >>confdefs.h - - fi - - case "$gt_cv_func_uselocale_works" in - *yes) - for ac_func in getlocalename_l -do : - ac_fn_c_check_func "$LINENO" "getlocalename_l" "ac_cv_func_getlocalename_l" -if test "x$ac_cv_func_getlocalename_l" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_GETLOCALENAME_L 1 -_ACEOF fi -done +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_strerror_0_works" >&5 +$as_echo "$gl_cv_func_strerror_0_works" >&6; } + case "$gl_cv_func_strerror_0_works" in + *yes) ;; + *) + REPLACE_STRERROR_0=1 + +$as_echo "#define REPLACE_STRERROR_0 1" >>confdefs.h ;; esac - gt_nameless_locales=no - if false; then - gt_nameless_locales=yes -$as_echo "#define HAVE_NAMELESS_LOCALES 1" >>confdefs.h - fi @@ -24221,85 +27248,333 @@ $as_echo "#define HAVE_NAMELESS_LOCALES 1" >>confdefs.h - gl_threads_api=none - LIBTHREAD= - LTLIBTHREAD= - LIBMULTITHREAD= - LTLIBMULTITHREAD= - if test "$gl_use_threads" != no; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether imported symbols can be declared weak" >&5 -$as_echo_n "checking whether imported symbols can be declared weak... " >&6; } -if ${gl_cv_have_weak+:} false; then : + if test $ac_cv_func_strerror_r = yes; then + if test "$ERRNO_H:$REPLACE_STRERROR_0" = :0; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for strerror_r with POSIX signature" >&5 +$as_echo_n "checking for strerror_r with POSIX signature... " >&6; } +if ${gl_cv_func_strerror_r_posix_signature+:} false; then : $as_echo_n "(cached) " >&6 else - gl_cv_have_weak=no - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -extern void xyzzy (); -#pragma weak xyzzy +#include + int strerror_r (int, char *, size_t); + int main () { -xyzzy(); + ; return 0; } _ACEOF -if ac_fn_c_try_link "$LINENO"; then : - gl_cv_have_weak=maybe +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_func_strerror_r_posix_signature=yes +else + gl_cv_func_strerror_r_posix_signature=no fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - if test $gl_cv_have_weak = maybe; then - if test "$cross_compiling" = yes; then : - cat confdefs.h - <<_ACEOF >conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_strerror_r_posix_signature" >&5 +$as_echo "$gl_cv_func_strerror_r_posix_signature" >&6; } + if test $gl_cv_func_strerror_r_posix_signature = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether strerror_r works" >&5 +$as_echo_n "checking whether strerror_r works... " >&6; } +if ${gl_cv_func_strerror_r_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + + case "$host_os" in + # Guess no on AIX. + aix*) gl_cv_func_strerror_r_works="guessing no";; + # Guess no on HP-UX. + hpux*) gl_cv_func_strerror_r_works="guessing no";; + # Guess no on BSD variants. + *bsd*) gl_cv_func_strerror_r_works="guessing no";; + # Guess yes otherwise. + *) gl_cv_func_strerror_r_works="guessing yes";; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#ifdef __ELF__ - Extensible Linking Format - #endif +#include + #include + +int +main () +{ +int result = 0; + char buf[79]; + if (strerror_r (EACCES, buf, 0) < 0) + result |= 1; + errno = 0; + if (strerror_r (EACCES, buf, sizeof buf) != 0) + result |= 2; + strcpy (buf, "Unknown"); + if (strerror_r (0, buf, sizeof buf) != 0) + result |= 4; + if (errno) + result |= 8; + if (strstr (buf, "nknown") || strstr (buf, "ndefined")) + result |= 0x10; + errno = 0; + *buf = 0; + if (strerror_r (-3, buf, sizeof buf) < 0) + result |= 0x20; + if (errno) + result |= 0x40; + if (!*buf) + result |= 0x80; + return result; + ; + return 0; +} _ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "Extensible Linking Format" >/dev/null 2>&1; then : - gl_cv_have_weak="guessing yes" +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_strerror_r_works=yes else - gl_cv_have_weak="guessing no" + gl_cv_func_strerror_r_works=no fi -rm -f conftest* +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_strerror_r_works" >&5 +$as_echo "$gl_cv_func_strerror_r_works" >&6; } + else + if test $ac_cv_func___xpg_strerror_r = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether __xpg_strerror_r works" >&5 +$as_echo_n "checking whether __xpg_strerror_r works... " >&6; } +if ${gl_cv_func_strerror_r_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + gl_cv_func_strerror_r_works="$gl_cross_guess_normal" else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#include + #include + extern + #ifdef __cplusplus + "C" + #endif + int __xpg_strerror_r(int, char *, size_t); -#include -#pragma weak fputs -int main () +int +main () { - return (fputs == NULL); +int result = 0; + char buf[256] = "^"; + char copy[256]; + char *str = strerror (-1); + strcpy (copy, str); + if (__xpg_strerror_r (-2, buf, 1) == 0) + result |= 1; + if (*buf) + result |= 2; + __xpg_strerror_r (-2, buf, 256); + if (strcmp (str, copy)) + result |= 4; + return result; + + ; + return 0; } _ACEOF if ac_fn_c_try_run "$LINENO"; then : - gl_cv_have_weak=yes + gl_cv_func_strerror_r_works=yes else - gl_cv_have_weak=no + gl_cv_func_strerror_r_works=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi - fi - case " $LDFLAGS " in - *" -static "*) gl_cv_have_weak=no ;; - esac fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_have_weak" >&5 -$as_echo "$gl_cv_have_weak" >&6; } - if test "$gl_use_threads" = yes || test "$gl_use_threads" = posix; then - # On OSF/1, the compiler needs the flag -pthread or -D_REENTRANT so that - # it groks . It's added above, in gl_THREADLIB_EARLY_BODY. - ac_fn_c_check_header_mongrel "$LINENO" "pthread.h" "ac_cv_header_pthread_h" "$ac_includes_default" +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_strerror_r_works" >&5 +$as_echo "$gl_cv_func_strerror_r_works" >&6; } + fi + fi + fi + fi + +ac_fn_c_check_decl "$LINENO" "strerror_r" "ac_cv_have_decl_strerror_r" "$ac_includes_default" +if test "x$ac_cv_have_decl_strerror_r" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_STRERROR_R $ac_have_decl +_ACEOF + + + + + + + + + if test $ac_cv_have_decl_strerror_r = no; then + HAVE_DECL_STRERROR_R=0 + fi + + if test $ac_cv_func_strerror_r = yes; then + if test "$ERRNO_H:$REPLACE_STRERROR_0" = :0; then + if test $gl_cv_func_strerror_r_posix_signature = yes; then + case "$gl_cv_func_strerror_r_works" in + *no) REPLACE_STRERROR_R=1 ;; + esac + else + REPLACE_STRERROR_R=1 + fi + else + REPLACE_STRERROR_R=1 + fi + fi + + + + + GNULIB_PTHREAD_THREAD=0; + GNULIB_PTHREAD_ONCE=0; + GNULIB_PTHREAD_MUTEX=0; + GNULIB_PTHREAD_RWLOCK=0; + GNULIB_PTHREAD_COND=0; + GNULIB_PTHREAD_TSS=0; + GNULIB_PTHREAD_SPIN=0; + GNULIB_PTHREAD_MUTEX_TIMEDLOCK=0; + HAVE_PTHREAD_T=1; + HAVE_PTHREAD_SPINLOCK_T=1; + HAVE_PTHREAD_CREATE_DETACHED=1; + HAVE_PTHREAD_MUTEX_RECURSIVE=1; + HAVE_PTHREAD_MUTEX_ROBUST=1; + HAVE_PTHREAD_PROCESS_SHARED=1; + HAVE_PTHREAD_CREATE=1; + HAVE_PTHREAD_ATTR_INIT=1; + HAVE_PTHREAD_ATTR_GETDETACHSTATE=1; + HAVE_PTHREAD_ATTR_SETDETACHSTATE=1; + HAVE_PTHREAD_ATTR_DESTROY=1; + HAVE_PTHREAD_SELF=1; + HAVE_PTHREAD_EQUAL=1; + HAVE_PTHREAD_DETACH=1; + HAVE_PTHREAD_JOIN=1; + HAVE_PTHREAD_EXIT=1; + HAVE_PTHREAD_ONCE=1; + HAVE_PTHREAD_MUTEX_INIT=1; + HAVE_PTHREAD_MUTEXATTR_INIT=1; + HAVE_PTHREAD_MUTEXATTR_GETTYPE=1; + HAVE_PTHREAD_MUTEXATTR_SETTYPE=1; + HAVE_PTHREAD_MUTEXATTR_GETROBUST=1; + HAVE_PTHREAD_MUTEXATTR_SETROBUST=1; + HAVE_PTHREAD_MUTEXATTR_DESTROY=1; + HAVE_PTHREAD_MUTEX_LOCK=1; + HAVE_PTHREAD_MUTEX_TRYLOCK=1; + HAVE_PTHREAD_MUTEX_TIMEDLOCK=1; + HAVE_PTHREAD_MUTEX_UNLOCK=1; + HAVE_PTHREAD_MUTEX_DESTROY=1; + HAVE_PTHREAD_RWLOCK_INIT=1; + HAVE_PTHREAD_RWLOCKATTR_INIT=1; + HAVE_PTHREAD_RWLOCKATTR_DESTROY=1; + HAVE_PTHREAD_RWLOCK_RDLOCK=1; + HAVE_PTHREAD_RWLOCK_WRLOCK=1; + HAVE_PTHREAD_RWLOCK_TRYRDLOCK=1; + HAVE_PTHREAD_RWLOCK_TRYWRLOCK=1; + HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK=1; + HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK=1; + HAVE_PTHREAD_RWLOCK_UNLOCK=1; + HAVE_PTHREAD_RWLOCK_DESTROY=1; + HAVE_PTHREAD_COND_INIT=1; + HAVE_PTHREAD_CONDATTR_INIT=1; + HAVE_PTHREAD_CONDATTR_DESTROY=1; + HAVE_PTHREAD_COND_WAIT=1; + HAVE_PTHREAD_COND_TIMEDWAIT=1; + HAVE_PTHREAD_COND_SIGNAL=1; + HAVE_PTHREAD_COND_BROADCAST=1; + HAVE_PTHREAD_COND_DESTROY=1; + HAVE_PTHREAD_KEY_CREATE=1; + HAVE_PTHREAD_SETSPECIFIC=1; + HAVE_PTHREAD_GETSPECIFIC=1; + HAVE_PTHREAD_KEY_DELETE=1; + HAVE_PTHREAD_SPIN_INIT=1; + HAVE_PTHREAD_SPIN_LOCK=1; + HAVE_PTHREAD_SPIN_TRYLOCK=1; + HAVE_PTHREAD_SPIN_UNLOCK=1; + HAVE_PTHREAD_SPIN_DESTROY=1; + REPLACE_PTHREAD_CREATE=0; + REPLACE_PTHREAD_ATTR_INIT=0; + REPLACE_PTHREAD_ATTR_GETDETACHSTATE=0; + REPLACE_PTHREAD_ATTR_SETDETACHSTATE=0; + REPLACE_PTHREAD_ATTR_DESTROY=0; + REPLACE_PTHREAD_SELF=0; + REPLACE_PTHREAD_EQUAL=0; + REPLACE_PTHREAD_DETACH=0; + REPLACE_PTHREAD_JOIN=0; + REPLACE_PTHREAD_EXIT=0; + REPLACE_PTHREAD_ONCE=0; + REPLACE_PTHREAD_MUTEX_INIT=0; + REPLACE_PTHREAD_MUTEXATTR_INIT=0; + REPLACE_PTHREAD_MUTEXATTR_GETTYPE=0; + REPLACE_PTHREAD_MUTEXATTR_SETTYPE=0; + REPLACE_PTHREAD_MUTEXATTR_GETROBUST=0; + REPLACE_PTHREAD_MUTEXATTR_SETROBUST=0; + REPLACE_PTHREAD_MUTEXATTR_DESTROY=0; + REPLACE_PTHREAD_MUTEX_LOCK=0; + REPLACE_PTHREAD_MUTEX_TRYLOCK=0; + REPLACE_PTHREAD_MUTEX_TIMEDLOCK=0; + REPLACE_PTHREAD_MUTEX_UNLOCK=0; + REPLACE_PTHREAD_MUTEX_DESTROY=0; + REPLACE_PTHREAD_RWLOCK_INIT=0; + REPLACE_PTHREAD_RWLOCKATTR_INIT=0; + REPLACE_PTHREAD_RWLOCKATTR_DESTROY=0; + REPLACE_PTHREAD_RWLOCK_RDLOCK=0; + REPLACE_PTHREAD_RWLOCK_WRLOCK=0; + REPLACE_PTHREAD_RWLOCK_TRYRDLOCK=0; + REPLACE_PTHREAD_RWLOCK_TRYWRLOCK=0; + REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK=0; + REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK=0; + REPLACE_PTHREAD_RWLOCK_UNLOCK=0; + REPLACE_PTHREAD_RWLOCK_DESTROY=0; + REPLACE_PTHREAD_COND_INIT=0; + REPLACE_PTHREAD_CONDATTR_INIT=0; + REPLACE_PTHREAD_CONDATTR_DESTROY=0; + REPLACE_PTHREAD_COND_WAIT=0; + REPLACE_PTHREAD_COND_TIMEDWAIT=0; + REPLACE_PTHREAD_COND_SIGNAL=0; + REPLACE_PTHREAD_COND_BROADCAST=0; + REPLACE_PTHREAD_COND_DESTROY=0; + REPLACE_PTHREAD_KEY_CREATE=0; + REPLACE_PTHREAD_SETSPECIFIC=0; + REPLACE_PTHREAD_GETSPECIFIC=0; + REPLACE_PTHREAD_KEY_DELETE=0; + REPLACE_PTHREAD_SPIN_INIT=0; + REPLACE_PTHREAD_SPIN_LOCK=0; + REPLACE_PTHREAD_SPIN_TRYLOCK=0; + REPLACE_PTHREAD_SPIN_UNLOCK=0; + REPLACE_PTHREAD_SPIN_DESTROY=0; + + + + + + if test -z "$gl_pthreadlib_body_done"; then + gl_pthread_api=no + LIBPTHREAD= + LIBPMULTITHREAD= + # On OSF/1, the compiler needs the flag -pthread or -D_REENTRANT so that + # it groks . It's added above, in gl_ANYTHREADLIB_EARLY. + ac_fn_c_check_header_mongrel "$LINENO" "pthread.h" "ac_cv_header_pthread_h" "$ac_includes_default" if test "x$ac_cv_header_pthread_h" = xyes; then : gl_have_pthread_h=yes else @@ -24307,53 +27582,52 @@ else fi - if test "$gl_have_pthread_h" = yes; then - # Other possible tests: - # -lpthreads (FSU threads, PCthreads) - # -lgthreads - gl_have_pthread= - # Test whether both pthread_mutex_lock and pthread_mutexattr_init exist - # in libc. IRIX 6.5 has the first one in both libc and libpthread, but - # the second one only in libpthread, and lock.c needs it. - # - # If -pthread works, prefer it to -lpthread, since Ubuntu 14.04 - # needs -pthread for some reason. See: - # https://lists.gnu.org/r/bug-gnulib/2014-09/msg00023.html - save_LIBS=$LIBS - for gl_pthread in '' '-pthread'; do - LIBS="$LIBS $gl_pthread" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + if test "$gl_have_pthread_h" = yes; then + # Other possible tests: + # -lpthreads (FSU threads, PCthreads) + # -lgthreads + # Test whether both pthread_mutex_lock and pthread_mutexattr_init exist + # in libc. IRIX 6.5 has the first one in both libc and libpthread, but + # the second one only in libpthread, and lock.c needs it. + # + # If -pthread works, prefer it to -lpthread, since Ubuntu 14.04 + # needs -pthread for some reason. See: + # https://lists.gnu.org/r/bug-gnulib/2014-09/msg00023.html + save_LIBS=$LIBS + for gl_pthread in '' '-pthread'; do + LIBS="$LIBS $gl_pthread" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include - pthread_mutex_t m; - pthread_mutexattr_t ma; + pthread_mutex_t m; + pthread_mutexattr_t ma; int main () { pthread_mutex_lock (&m); - pthread_mutexattr_init (&ma); + pthread_mutexattr_init (&ma); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : - gl_have_pthread=yes - LIBTHREAD=$gl_pthread LTLIBTHREAD=$gl_pthread - LIBMULTITHREAD=$gl_pthread LTLIBMULTITHREAD=$gl_pthread + gl_pthread_api=yes + LIBPTHREAD=$gl_pthread + LIBPMULTITHREAD=$gl_pthread fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext - LIBS=$save_LIBS - test -n "$gl_have_pthread" && break - done - - # Test for libpthread by looking for pthread_kill. (Not pthread_self, - # since it is defined as a macro on OSF/1.) - if test -n "$gl_have_pthread" && test -z "$LIBTHREAD"; then - # The program links fine without libpthread. But it may actually - # need to link with libpthread in order to create multiple threads. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lpthread" >&5 + LIBS=$save_LIBS + test $gl_pthread_api = yes && break + done + + # Test for libpthread by looking for pthread_kill. (Not pthread_self, + # since it is defined as a macro on OSF/1.) + if test $gl_pthread_api = yes && test -z "$LIBPTHREAD"; then + # The program links fine without libpthread. But it may actually + # need to link with libpthread in order to create multiple threads. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lpthread" >&5 $as_echo_n "checking for pthread_kill in -lpthread... " >&6; } if ${ac_cv_lib_pthread_pthread_kill+:} false; then : $as_echo_n "(cached) " >&6 @@ -24390,25 +27664,25 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pthread_pthread_kill" >&5 $as_echo "$ac_cv_lib_pthread_pthread_kill" >&6; } if test "x$ac_cv_lib_pthread_pthread_kill" = xyes; then : - LIBMULTITHREAD=-lpthread LTLIBMULTITHREAD=-lpthread - # On Solaris and HP-UX, most pthread functions exist also in libc. - # Therefore pthread_in_use() needs to actually try to create a - # thread: pthread_create from libc will fail, whereas - # pthread_create will actually create a thread. - # On Solaris 10 or newer, this test is no longer needed, because - # libc contains the fully functional pthread functions. - case "$host_os" in - solaris | solaris2.1-9 | solaris2.1-9.* | hpux*) + LIBPMULTITHREAD=-lpthread + # On Solaris and HP-UX, most pthread functions exist also in libc. + # Therefore pthread_in_use() needs to actually try to create a + # thread: pthread_create from libc will fail, whereas + # pthread_create will actually create a thread. + # On Solaris 10 or newer, this test is no longer needed, because + # libc contains the fully functional pthread functions. + case "$host_os" in + solaris | solaris2.1-9 | solaris2.1-9.* | hpux*) $as_echo "#define PTHREAD_IN_USE_DETECTION_HARD 1" >>confdefs.h - esac + esac fi - elif test -z "$gl_have_pthread"; then - # Some library is needed. Try libpthread and libc_r. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lpthread" >&5 + elif test $gl_pthread_api != yes; then + # Some library is needed. Try libpthread and libc_r. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lpthread" >&5 $as_echo_n "checking for pthread_kill in -lpthread... " >&6; } if ${ac_cv_lib_pthread_pthread_kill+:} false; then : $as_echo_n "(cached) " >&6 @@ -24445,14 +27719,14 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pthread_pthread_kill" >&5 $as_echo "$ac_cv_lib_pthread_pthread_kill" >&6; } if test "x$ac_cv_lib_pthread_pthread_kill" = xyes; then : - gl_have_pthread=yes - LIBTHREAD=-lpthread LTLIBTHREAD=-lpthread - LIBMULTITHREAD=-lpthread LTLIBMULTITHREAD=-lpthread + gl_pthread_api=yes + LIBPTHREAD=-lpthread + LIBPMULTITHREAD=-lpthread fi - if test -z "$gl_have_pthread"; then - # For FreeBSD 4. - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lc_r" >&5 + if test $gl_pthread_api != yes; then + # For FreeBSD 4. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_kill in -lc_r" >&5 $as_echo_n "checking for pthread_kill in -lc_r... " >&6; } if ${ac_cv_lib_c_r_pthread_kill+:} false; then : $as_echo_n "(cached) " >&6 @@ -24489,656 +27763,234 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_c_r_pthread_kill" >&5 $as_echo "$ac_cv_lib_c_r_pthread_kill" >&6; } if test "x$ac_cv_lib_c_r_pthread_kill" = xyes; then : - gl_have_pthread=yes - LIBTHREAD=-lc_r LTLIBTHREAD=-lc_r - LIBMULTITHREAD=-lc_r LTLIBMULTITHREAD=-lc_r + gl_pthread_api=yes + LIBPTHREAD=-lc_r + LIBPMULTITHREAD=-lc_r fi - fi fi - if test -n "$gl_have_pthread"; then - gl_threads_api=posix + fi + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether POSIX threads API is available" >&5 +$as_echo_n "checking whether POSIX threads API is available... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_pthread_api" >&5 +$as_echo "$gl_pthread_api" >&6; } -$as_echo "#define USE_POSIX_THREADS 1" >>confdefs.h - if test -n "$LIBMULTITHREAD" || test -n "$LTLIBMULTITHREAD"; then - if case "$gl_cv_have_weak" in *yes) true;; *) false;; esac; then + if test $gl_pthread_api = yes; then -$as_echo "#define USE_POSIX_THREADS_WEAK 1" >>confdefs.h +$as_echo "#define HAVE_PTHREAD_API 1" >>confdefs.h - LIBTHREAD= - LTLIBTHREAD= - fi - fi - fi - fi fi - if test -z "$gl_have_pthread"; then - if test "$gl_use_threads" = yes || test "$gl_use_threads" = solaris; then - gl_have_solaristhread= - gl_save_LIBS="$LIBS" - LIBS="$LIBS -lthread" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +#include +int +main () +{ +sched_yield (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + LIB_SCHED_YIELD= -#include -#include +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sched_yield in -lrt" >&5 +$as_echo_n "checking for sched_yield in -lrt... " >&6; } +if ${ac_cv_lib_rt_sched_yield+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lrt $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char sched_yield (); int main () { -thr_self(); +return sched_yield (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : - gl_have_solaristhread=yes + ac_cv_lib_rt_sched_yield=yes +else + ac_cv_lib_rt_sched_yield=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext - LIBS="$gl_save_LIBS" - if test -n "$gl_have_solaristhread"; then - gl_threads_api=solaris - LIBTHREAD=-lthread - LTLIBTHREAD=-lthread - LIBMULTITHREAD="$LIBTHREAD" - LTLIBMULTITHREAD="$LTLIBTHREAD" - -$as_echo "#define USE_SOLARIS_THREADS 1" >>confdefs.h - - if case "$gl_cv_have_weak" in *yes) true;; *) false;; esac; then - -$as_echo "#define USE_SOLARIS_THREADS_WEAK 1" >>confdefs.h - - LIBTHREAD= - LTLIBTHREAD= - fi - fi - fi - fi - if test "$gl_use_threads" = pth; then - gl_save_CPPFLAGS="$CPPFLAGS" - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to link with libpth" >&5 -$as_echo_n "checking how to link with libpth... " >&6; } -if ${ac_cv_libpth_libs+:} false; then : +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_rt_sched_yield" >&5 +$as_echo "$ac_cv_lib_rt_sched_yield" >&6; } +if test "x$ac_cv_lib_rt_sched_yield" = xyes; then : + LIB_SCHED_YIELD=-lrt +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sched_yield in -lposix4" >&5 +$as_echo_n "checking for sched_yield in -lposix4... " >&6; } +if ${ac_cv_lib_posix4_sched_yield+:} false; then : $as_echo_n "(cached) " >&6 else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lposix4 $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ - - - - - - - use_additional=yes - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - -# Check whether --with-libpth-prefix was given. -if test "${with_libpth_prefix+set}" = set; then : - withval=$with_libpth_prefix; - if test "X$withval" = "Xno"; then - use_additional=no - else - if test "X$withval" = "X"; then - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - - eval additional_includedir=\"$includedir\" - eval additional_libdir=\"$libdir\" - - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - - else - additional_includedir="$withval/include" - additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && test ! -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi - fi - fi - +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char sched_yield (); +int +main () +{ +return sched_yield (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_posix4_sched_yield=yes +else + ac_cv_lib_posix4_sched_yield=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_posix4_sched_yield" >&5 +$as_echo "$ac_cv_lib_posix4_sched_yield" >&6; } +if test "x$ac_cv_lib_posix4_sched_yield" = xyes; then : + LIB_SCHED_YIELD=-lposix4 fi - LIBPTH= - LTLIBPTH= - INCPTH= - LIBPTH_PREFIX= - HAVE_LIBPTH= - rpathdirs= - ltrpathdirs= - names_already_handled= - names_next_round='pth ' - while test -n "$names_next_round"; do - names_this_round="$names_next_round" - names_next_round= - for name in $names_this_round; do - already_handled= - for n in $names_already_handled; do - if test "$n" = "$name"; then - already_handled=yes - break - fi - done - if test -z "$already_handled"; then - names_already_handled="$names_already_handled $name" - uppername=`echo "$name" | sed -e 'y|abcdefghijklmnopqrstuvwxyz./+-|ABCDEFGHIJKLMNOPQRSTUVWXYZ____|'` - eval value=\"\$HAVE_LIB$uppername\" - if test -n "$value"; then - if test "$value" = yes; then - eval value=\"\$LIB$uppername\" - test -z "$value" || LIBPTH="${LIBPTH}${LIBPTH:+ }$value" - eval value=\"\$LTLIB$uppername\" - test -z "$value" || LTLIBPTH="${LTLIBPTH}${LTLIBPTH:+ }$value" - else - : - fi - else - found_dir= - found_la= - found_so= - found_a= - eval libname=\"$acl_libname_spec\" # typically: libname=lib$name - if test -n "$acl_shlibext"; then - shrext=".$acl_shlibext" # typically: shrext=.so - else - shrext= - fi - if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - fi - if test "X$found_dir" = "X"; then - for x in $LDFLAGS $LTLIBPTH; do - - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" +fi - case "$x" in - -L*) - dir=`echo "X$x" | sed -e 's/^X-L//'` - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" - fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then - found_dir="$dir" - found_so="$dir/$f" - break - fi - done - fi - fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi - ;; - esac - if test "X$found_dir" != "X"; then - break - fi - done - fi - if test "X$found_dir" != "X"; then - LTLIBPTH="${LTLIBPTH}${LTLIBPTH:+ }-L$found_dir -l$name" - if test "X$found_so" != "X"; then - if test "$enable_rpath" = no \ - || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then - LIBPTH="${LIBPTH}${LIBPTH:+ }$found_so" - else - haveit= - for x in $ltrpathdirs; do - if test "X$x" = "X$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - ltrpathdirs="$ltrpathdirs $found_dir" - fi - if test "$acl_hardcode_direct" = yes; then - LIBPTH="${LIBPTH}${LIBPTH:+ }$found_so" - else - if test -n "$acl_hardcode_libdir_flag_spec" && test "$acl_hardcode_minus_L" = no; then - LIBPTH="${LIBPTH}${LIBPTH:+ }$found_so" - haveit= - for x in $rpathdirs; do - if test "X$x" = "X$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - rpathdirs="$rpathdirs $found_dir" - fi - else - haveit= - for x in $LDFLAGS $LIBPTH; do - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext - if test "X$x" = "X-L$found_dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - LIBPTH="${LIBPTH}${LIBPTH:+ }-L$found_dir" - fi - if test "$acl_hardcode_minus_L" != no; then - LIBPTH="${LIBPTH}${LIBPTH:+ }$found_so" - else - LIBPTH="${LIBPTH}${LIBPTH:+ }-l$name" - fi - fi - fi - fi - else - if test "X$found_a" != "X"; then - LIBPTH="${LIBPTH}${LIBPTH:+ }$found_a" - else - LIBPTH="${LIBPTH}${LIBPTH:+ }-L$found_dir -l$name" - fi - fi - additional_includedir= - case "$found_dir" in - */$acl_libdirstem | */$acl_libdirstem/) - basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'` - if test "$name" = 'pth'; then - LIBPTH_PREFIX="$basedir" - fi - additional_includedir="$basedir/include" - ;; - */$acl_libdirstem2 | */$acl_libdirstem2/) - basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem2/"'*$,,'` - if test "$name" = 'pth'; then - LIBPTH_PREFIX="$basedir" - fi - additional_includedir="$basedir/include" - ;; - esac - if test "X$additional_includedir" != "X"; then - if test "X$additional_includedir" != "X/usr/include"; then - haveit= - if test "X$additional_includedir" = "X/usr/local/include"; then - if test -n "$GCC"; then - case $host_os in - linux* | gnu* | k*bsd*-gnu) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - for x in $CPPFLAGS $INCPTH; do - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" + gl_pthreadlib_body_done=done + fi - if test "X$x" = "X-I$additional_includedir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_includedir"; then - INCPTH="${INCPTH}${INCPTH:+ }-I$additional_includedir" - fi - fi - fi - fi - fi - if test -n "$found_la"; then - save_libdir="$libdir" - case "$found_la" in - */* | *\\*) . "$found_la" ;; - *) . "./$found_la" ;; - esac - libdir="$save_libdir" - for dep in $dependency_libs; do - case "$dep" in - -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then - haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then - if test -n "$GCC"; then - case $host_os in - linux* | gnu* | k*bsd*-gnu) haveit=yes;; - esac - fi - fi - if test -z "$haveit"; then - haveit= - for x in $LDFLAGS $LIBPTH; do - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBPTH="${LIBPTH}${LIBPTH:+ }-L$additional_libdir" - fi - fi - haveit= - for x in $LDFLAGS $LTLIBPTH; do - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBPTH="${LTLIBPTH}${LTLIBPTH:+ }-L$additional_libdir" - fi - fi - fi - fi - ;; - -R*) - dir=`echo "X$dep" | sed -e 's/^X-R//'` - if test "$enable_rpath" != no; then - haveit= - for x in $rpathdirs; do - if test "X$x" = "X$dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - rpathdirs="$rpathdirs $dir" - fi - haveit= - for x in $ltrpathdirs; do - if test "X$x" = "X$dir"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - ltrpathdirs="$ltrpathdirs $dir" - fi - fi - ;; - -l*) - names_next_round="$names_next_round "`echo "X$dep" | sed -e 's/^X-l//'` - ;; - *.la) - names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'` - ;; - *) - LIBPTH="${LIBPTH}${LIBPTH:+ }$dep" - LTLIBPTH="${LTLIBPTH}${LTLIBPTH:+ }$dep" - ;; - esac - done - fi - else - LIBPTH="${LIBPTH}${LIBPTH:+ }-l$name" - LTLIBPTH="${LTLIBPTH}${LTLIBPTH:+ }-l$name" - fi - fi - fi - done - done - if test "X$rpathdirs" != "X"; then - if test -n "$acl_hardcode_libdir_separator"; then - alldirs= - for found_dir in $rpathdirs; do - alldirs="${alldirs}${alldirs:+$acl_hardcode_libdir_separator}$found_dir" - done - acl_save_libdir="$libdir" - libdir="$alldirs" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIBPTH="${LIBPTH}${LIBPTH:+ }$flag" - else - for found_dir in $rpathdirs; do - acl_save_libdir="$libdir" - libdir="$found_dir" - eval flag=\"$acl_hardcode_libdir_flag_spec\" - libdir="$acl_save_libdir" - LIBPTH="${LIBPTH}${LIBPTH:+ }$flag" - done - fi - fi - if test "X$ltrpathdirs" != "X"; then - for found_dir in $ltrpathdirs; do - LTLIBPTH="${LTLIBPTH}${LTLIBPTH:+ }-R$found_dir" - done - fi + GNULIB_PTHREAD_SIGMASK=0; + GNULIB_RAISE=0; + GNULIB_SIGNAL_H_SIGPIPE=0; + GNULIB_SIGPROCMASK=0; + GNULIB_SIGACTION=0; + HAVE_POSIX_SIGNALBLOCKING=1; + HAVE_PTHREAD_SIGMASK=1; + HAVE_RAISE=1; + HAVE_SIGSET_T=1; + HAVE_SIGINFO_T=1; + HAVE_SIGACTION=1; + HAVE_STRUCT_SIGACTION_SA_SIGACTION=1; + HAVE_TYPE_VOLATILE_SIG_ATOMIC_T=1; + HAVE_SIGHANDLER_T=1; + REPLACE_PTHREAD_SIGMASK=0; + REPLACE_RAISE=0; - ac_cv_libpth_libs="$LIBPTH" - ac_cv_libpth_ltlibs="$LTLIBPTH" - ac_cv_libpth_cppflags="$INCPTH" - ac_cv_libpth_prefix="$LIBPTH_PREFIX" -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libpth_libs" >&5 -$as_echo "$ac_cv_libpth_libs" >&6; } - LIBPTH="$ac_cv_libpth_libs" - LTLIBPTH="$ac_cv_libpth_ltlibs" - INCPTH="$ac_cv_libpth_cppflags" - LIBPTH_PREFIX="$ac_cv_libpth_prefix" + ac_fn_c_check_type "$LINENO" "sigset_t" "ac_cv_type_sigset_t" " + #include + /* Mingw defines sigset_t not in , but in . */ + #include - for element in $INCPTH; do - haveit= - for x in $CPPFLAGS; do +" +if test "x$ac_cv_type_sigset_t" = xyes; then : - acl_save_prefix="$prefix" - prefix="$acl_final_prefix" - acl_save_exec_prefix="$exec_prefix" - exec_prefix="$acl_final_exec_prefix" - eval x=\"$x\" - exec_prefix="$acl_save_exec_prefix" - prefix="$acl_save_prefix" +cat >>confdefs.h <<_ACEOF +#define HAVE_SIGSET_T 1 +_ACEOF - if test "X$x" = "X$element"; then - haveit=yes - break - fi - done - if test -z "$haveit"; then - CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }$element" - fi - done +gl_cv_type_sigset_t=yes +else + gl_cv_type_sigset_t=no +fi + if test $gl_cv_type_sigset_t != yes; then + HAVE_SIGSET_T=0 + fi + GNULIB_SCHED_YIELD=0; + HAVE_SCHED_YIELD=1; + REPLACE_SCHED_YIELD=0; - HAVE_LIBPTH=yes - gl_have_pth= - gl_save_LIBS="$LIBS" - LIBS="$LIBS $LIBPTH" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -pth_self(); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - gl_have_pth=yes + +ac_fn_c_check_decl "$LINENO" "setenv" "ac_cv_have_decl_setenv" "$ac_includes_default" +if test "x$ac_cv_have_decl_setenv" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - LIBS="$gl_save_LIBS" - if test -n "$gl_have_pth"; then - gl_threads_api=pth - LIBTHREAD="$LIBPTH" - LTLIBTHREAD="$LTLIBPTH" - LIBMULTITHREAD="$LIBTHREAD" - LTLIBMULTITHREAD="$LTLIBTHREAD" -$as_echo "#define USE_PTH_THREADS 1" >>confdefs.h +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_SETENV $ac_have_decl +_ACEOF - if test -n "$LIBMULTITHREAD" || test -n "$LTLIBMULTITHREAD"; then - if case "$gl_cv_have_weak" in *yes) true;; *) false;; esac; then -$as_echo "#define USE_PTH_THREADS_WEAK 1" >>confdefs.h - LIBTHREAD= - LTLIBTHREAD= - fi - fi - else - CPPFLAGS="$gl_save_CPPFLAGS" - fi - fi - if test -z "$gl_have_pthread"; then - case "$gl_use_threads" in - yes | windows | win32) # The 'win32' is for backward compatibility. - if { case "$host_os" in - mingw*) true;; - *) false;; - esac - }; then - gl_threads_api=windows -$as_echo "#define USE_WINDOWS_THREADS 1" >>confdefs.h - fi - ;; - esac - fi + + if test $ac_cv_have_decl_setenv = no; then + HAVE_DECL_SETENV=0 fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for multithread API to use" >&5 -$as_echo_n "checking for multithread API to use... " >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_threads_api" >&5 -$as_echo "$gl_threads_api" >&6; } + for ac_header in search.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "search.h" "ac_cv_header_search_h" "$ac_includes_default" +if test "x$ac_cv_header_search_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SEARCH_H 1 +_ACEOF + +fi + +done + + for ac_func in tsearch +do : + ac_fn_c_check_func "$LINENO" "tsearch" "ac_cv_func_tsearch" +if test "x$ac_cv_func_tsearch" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_TSEARCH 1 +_ACEOF + +fi +done + @@ -25146,243 +27998,352 @@ $as_echo "$gl_threads_api" >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether lstat correctly handles trailing slash" >&5 -$as_echo_n "checking whether lstat correctly handles trailing slash... " >&6; } -if ${gl_cv_func_lstat_dereferences_slashed_symlink+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether setlocale (LC_ALL, NULL) is multithread-safe" >&5 +$as_echo_n "checking whether setlocale (LC_ALL, NULL) is multithread-safe... " >&6; } +if ${gl_cv_func_setlocale_null_all_mtsafe+:} false; then : $as_echo_n "(cached) " >&6 else - rm -f conftest.sym conftest.file - echo >conftest.file - if test "$cross_compiling" = yes; then : case "$host_os" in - linux-* | linux) - # Guess yes on Linux systems. - gl_cv_func_lstat_dereferences_slashed_symlink="guessing yes" ;; - *-gnu* | gnu*) - # Guess yes on glibc systems. - gl_cv_func_lstat_dereferences_slashed_symlink="guessing yes" ;; - mingw*) - # Guess no on native Windows. - gl_cv_func_lstat_dereferences_slashed_symlink="guessing no" ;; - *) - # If we don't know, assume the worst. - gl_cv_func_lstat_dereferences_slashed_symlink="guessing no" ;; - esac + # Guess no on musl libc, macOS, FreeBSD, NetBSD, OpenBSD, AIX, Haiku, Cygwin. + *-musl* | darwin* | freebsd* | netbsd* | openbsd* | aix* | haiku* | cygwin*) + gl_cv_func_setlocale_null_all_mtsafe=no ;; + # Guess yes on glibc, HP-UX, IRIX, Solaris, native Windows. + *-gnu* | gnu* | hpux* | irix* | solaris* | mingw*) + gl_cv_func_setlocale_null_all_mtsafe=yes ;; + # If we don't know, obey --enable-cross-guesses. + *) + gl_cv_func_setlocale_null_all_mtsafe="$gl_cross_guess_normal" ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_setlocale_null_all_mtsafe" >&5 +$as_echo "$gl_cv_func_setlocale_null_all_mtsafe" >&6; } + case "$host_os" in + mingw*) ;; + *) + if test $gl_pthread_api = no && test $ac_cv_header_threads_h = no; then + gl_cv_func_setlocale_null_all_mtsafe="trivially yes" + fi + ;; + esac + case "$gl_cv_func_setlocale_null_all_mtsafe" in + *yes) SETLOCALE_NULL_ALL_MTSAFE=1 ;; + *) SETLOCALE_NULL_ALL_MTSAFE=0 ;; + esac +cat >>confdefs.h <<_ACEOF +#define SETLOCALE_NULL_ALL_MTSAFE $SETLOCALE_NULL_ALL_MTSAFE +_ACEOF + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether setlocale (category, NULL) is multithread-safe" >&5 +$as_echo_n "checking whether setlocale (category, NULL) is multithread-safe... " >&6; } +if ${gl_cv_func_setlocale_null_one_mtsafe+:} false; then : + $as_echo_n "(cached) " >&6 else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + case "$host_os" in + # Guess no on OpenBSD, AIX. + openbsd* | aix*) + gl_cv_func_setlocale_null_one_mtsafe=no ;; + # Guess yes on glibc, musl libc, macOS, FreeBSD, NetBSD, HP-UX, IRIX, Solaris, Haiku, Cygwin, native Windows. + *-gnu* | gnu* | *-musl* | darwin* | freebsd* | netbsd* | hpux* | irix* | solaris* | haiku* | cygwin* | mingw*) + gl_cv_func_setlocale_null_one_mtsafe=yes ;; + # If we don't know, obey --enable-cross-guesses. + *) + gl_cv_func_setlocale_null_one_mtsafe="$gl_cross_guess_normal" ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_setlocale_null_one_mtsafe" >&5 +$as_echo "$gl_cv_func_setlocale_null_one_mtsafe" >&6; } + case "$host_os" in + mingw*) ;; + *) + if test $gl_pthread_api = no && test $ac_cv_header_threads_h = no; then + gl_cv_func_setlocale_null_one_mtsafe="trivially yes" + fi + ;; + esac + case "$gl_cv_func_setlocale_null_one_mtsafe" in + *yes) SETLOCALE_NULL_ONE_MTSAFE=1 ;; + *) SETLOCALE_NULL_ONE_MTSAFE=0 ;; + esac + +cat >>confdefs.h <<_ACEOF +#define SETLOCALE_NULL_ONE_MTSAFE $SETLOCALE_NULL_ONE_MTSAFE +_ACEOF + + + if test $SETLOCALE_NULL_ALL_MTSAFE = 0 || test $SETLOCALE_NULL_ONE_MTSAFE = 0; then + case "$host_os" in + mingw*) LIB_SETLOCALE_NULL= ;; + *) + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether imported symbols can be declared weak" >&5 +$as_echo_n "checking whether imported symbols can be declared weak... " >&6; } +if ${gl_cv_have_weak+:} false; then : + $as_echo_n "(cached) " >&6 +else + gl_cv_have_weak=no + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default +extern void xyzzy (); +#pragma weak xyzzy int main () { -struct stat sbuf; - if (symlink ("conftest.file", "conftest.sym") != 0) - return 1; - /* Linux will dereference the symlink and fail, as required by - POSIX. That is better in the sense that it means we will not - have to compile and use the lstat wrapper. */ - return lstat ("conftest.sym/", &sbuf) == 0; - +xyzzy(); ; return 0; } _ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gl_cv_have_weak=maybe +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test $gl_cv_have_weak = maybe; then + if test "$cross_compiling" = yes; then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __ELF__ + Extensible Linking Format + #endif + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "Extensible Linking Format" >/dev/null 2>&1; then : + gl_cv_have_weak="guessing yes" +else + gl_cv_have_weak="guessing no" +fi +rm -f conftest* + + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#pragma weak fputs +int main () +{ + return (fputs == NULL); +} +_ACEOF if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_lstat_dereferences_slashed_symlink=yes + gl_cv_have_weak=yes else - gl_cv_func_lstat_dereferences_slashed_symlink=no + gl_cv_have_weak=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi - rm -f conftest.sym conftest.file + fi + case " $LDFLAGS " in + *" -static "*) gl_cv_have_weak=no ;; + esac + case "$gl_cv_have_weak" in + *yes) + case "$host_os" in + freebsd* | dragonfly*) + : > conftest1.c + $CC $CPPFLAGS $CFLAGS $LDFLAGS -fPIC -shared -o libempty.so conftest1.c -lpthread >&5 2>&1 + cat < conftest2.c +#include +#pragma weak pthread_mutexattr_gettype +int main () +{ + return (pthread_mutexattr_gettype != NULL); +} +EOF + $CC $CPPFLAGS $CFLAGS $LDFLAGS -o conftest conftest2.c libempty.so >&5 2>&1 \ + || gl_cv_have_weak=no + rm -f conftest1.c libempty.so conftest2.c conftest + ;; + esac + ;; + esac fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_lstat_dereferences_slashed_symlink" >&5 -$as_echo "$gl_cv_func_lstat_dereferences_slashed_symlink" >&6; } - case "$gl_cv_func_lstat_dereferences_slashed_symlink" in +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_have_weak" >&5 +$as_echo "$gl_cv_have_weak" >&6; } + case "$gl_cv_have_weak" in *yes) -cat >>confdefs.h <<_ACEOF -#define LSTAT_FOLLOWS_SLASHED_SYMLINK 1 -_ACEOF +$as_echo "#define HAVE_WEAK_SYMBOLS 1" >>confdefs.h ;; esac + case "$gl_cv_have_weak" in + *yes) LIB_SETLOCALE_NULL= ;; + *) LIB_SETLOCALE_NULL="$LIBPTHREAD" ;; + esac + ;; + esac + else + LIB_SETLOCALE_NULL= + fi - for ac_header in stdlib.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "stdlib.h" "ac_cv_header_stdlib_h" "$ac_includes_default" -if test "x$ac_cv_header_stdlib_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_STDLIB_H 1 -_ACEOF - -fi -done - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU libc compatible malloc" >&5 -$as_echo_n "checking for GNU libc compatible malloc... " >&6; } -if ${ac_cv_func_malloc_0_nonnull+:} false; then : +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for uid_t in sys/types.h" >&5 +$as_echo_n "checking for uid_t in sys/types.h... " >&6; } +if ${ac_cv_type_uid_t+:} false; then : $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then : - case "$host_os" in - # Guess yes on platforms where we know the result. - *-gnu* | gnu* | *-musl* | freebsd* | netbsd* | openbsd* \ - | hpux* | solaris* | cygwin* | mingw*) - ac_cv_func_malloc_0_nonnull="guessing yes" ;; - # If we don't know, assume the worst. - *) ac_cv_func_malloc_0_nonnull="guessing no" ;; - esac - -else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#if defined STDC_HEADERS || defined HAVE_STDLIB_H - # include - #else - char *malloc (); - #endif - -int -main () -{ -char *p = malloc (0); - int result = !p; - free (p); - return result; - ; - return 0; -} +#include _ACEOF -if ac_fn_c_try_run "$LINENO"; then : - ac_cv_func_malloc_0_nonnull=yes +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "uid_t" >/dev/null 2>&1; then : + ac_cv_type_uid_t=yes else - ac_cv_func_malloc_0_nonnull=no + ac_cv_type_uid_t=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext +rm -f conftest* + fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_uid_t" >&5 +$as_echo "$ac_cv_type_uid_t" >&6; } +if test $ac_cv_type_uid_t = no; then + +$as_echo "#define uid_t int" >>confdefs.h + +$as_echo "#define gid_t int" >>confdefs.h fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_malloc_0_nonnull" >&5 -$as_echo "$ac_cv_func_malloc_0_nonnull" >&6; } - case "$ac_cv_func_malloc_0_nonnull" in - *yes) - gl_cv_func_malloc_0_nonnull=1 - ;; - *) - gl_cv_func_malloc_0_nonnull=0 - ;; - esac + + + + + + + + + + + +ac_fn_c_check_decl "$LINENO" "unsetenv" "ac_cv_have_decl_unsetenv" "$ac_includes_default" +if test "x$ac_cv_have_decl_unsetenv" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 +fi + cat >>confdefs.h <<_ACEOF -#define MALLOC_0_IS_NONNULL $gl_cv_func_malloc_0_nonnull +#define HAVE_DECL_UNSETENV $ac_have_decl _ACEOF - GNULIB_PSELECT=0; - GNULIB_SELECT=0; - HAVE_PSELECT=1; - REPLACE_PSELECT=0; - REPLACE_SELECT=0; + + + + if true; then + GL_COND_LIBTOOL_TRUE= + GL_COND_LIBTOOL_FALSE='#' +else + GL_COND_LIBTOOL_TRUE='#' + GL_COND_LIBTOOL_FALSE= +fi + + gl_cond_libtool=true + gl_m4_base='m4' - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether is self-contained" >&5 -$as_echo_n "checking whether is self-contained... " >&6; } -if ${gl_cv_header_sys_select_h_selfcontained+:} false; then : + + + + + gl_source_base='gl' +LTALLOCA=`echo "$ALLOCA" | sed -e 's/\.[^.]* /.lo /g;s/\.[^.]*$/.lo/'` + + + + if test $ac_cv_func_alloca_works = no; then + : + fi + + # Define an additional variable used in the Makefile substitution. + if test $ac_cv_working_alloca_h = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for alloca as a compiler built-in" >&5 +$as_echo_n "checking for alloca as a compiler built-in... " >&6; } +if ${gl_cv_rpl_alloca+:} false; then : $as_echo_n "(cached) " >&6 else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -int -main () -{ -struct timeval b; - ; - return 0; -} + +#if defined __GNUC__ || defined _AIX || defined _MSC_VER + Need own alloca +#endif + _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_header_sys_select_h_selfcontained=yes +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "Need own alloca" >/dev/null 2>&1; then : + gl_cv_rpl_alloca=yes else - gl_cv_header_sys_select_h_selfcontained=no + gl_cv_rpl_alloca=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - if test $gl_cv_header_sys_select_h_selfcontained = yes; then - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -int memset; int bzero; - ; - return 0; -} +rm -f conftest* -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ - #undef memset - #define memset nonexistent_memset - extern - #ifdef __cplusplus - "C" - #endif - void *memset (void *, int, unsigned long); - #undef bzero - #define bzero nonexistent_bzero - extern - #ifdef __cplusplus - "C" - #endif - void bzero (void *, unsigned long); - fd_set fds; - FD_ZERO (&fds); +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_rpl_alloca" >&5 +$as_echo "$gl_cv_rpl_alloca" >&6; } + if test $gl_cv_rpl_alloca = yes; then - ; - return 0; -} +$as_echo "#define HAVE_ALLOCA 1" >>confdefs.h -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : + ALLOCA_H=alloca.h + else + ALLOCA_H= + fi + else + ALLOCA_H=alloca.h + fi + if test -n "$ALLOCA_H"; then + GL_GENERATE_ALLOCA_H_TRUE= + GL_GENERATE_ALLOCA_H_FALSE='#' else - gl_cv_header_sys_select_h_selfcontained=no + GL_GENERATE_ALLOCA_H_TRUE='#' + GL_GENERATE_ALLOCA_H_FALSE= fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_sys_select_h_selfcontained" >&5 -$as_echo "$gl_cv_header_sys_select_h_selfcontained" >&6; } + if test $ac_cv_working_alloca_h = yes; then + HAVE_ALLOCA_H=1 + else + HAVE_ALLOCA_H=0 + fi + + + + + + + if test $ac_cv_header_arpa_inet_h = yes; then + HAVE_ARPA_INET_H=1 + else + HAVE_ARPA_INET_H=0 + fi + @@ -25393,22 +28354,22 @@ $as_echo "$gl_cv_header_sys_select_h_selfcontained" >&6; } if test $gl_cv_have_include_next = yes; then - gl_cv_next_sys_select_h='<'sys/select.h'>' + gl_cv_next_arpa_inet_h='<'arpa/inet.h'>' else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 -$as_echo_n "checking absolute name of ... " >&6; } -if ${gl_cv_next_sys_select_h+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_arpa_inet_h+:} false; then : $as_echo_n "(cached) " >&6 else - if test $ac_cv_header_sys_select_h = yes; then + if test $ac_cv_header_arpa_inet_h = yes; then cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +#include _ACEOF case "$host_os" in aix*) gl_absname_cpp="$ac_cpp -C" ;; @@ -25424,7 +28385,7 @@ _ACEOF ;; esac gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' - gl_header_literal_regex=`echo 'sys/select.h' \ + gl_header_literal_regex=`echo 'arpa/inet.h' \ | sed -e "$gl_make_literal_regex_sed"` gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ @@ -25433,64 +28394,47 @@ _ACEOF q }' - gl_cv_absolute_sys_select_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + gl_cv_absolute_arpa_inet_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | sed -n "$gl_absolute_header_sed"` - gl_header=$gl_cv_absolute_sys_select_h - gl_cv_next_sys_select_h='"'$gl_header'"' + gl_header=$gl_cv_absolute_arpa_inet_h + gl_cv_next_arpa_inet_h='"'$gl_header'"' else - gl_cv_next_sys_select_h='<'sys/select.h'>' + gl_cv_next_arpa_inet_h='<'arpa/inet.h'>' fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_sys_select_h" >&5 -$as_echo "$gl_cv_next_sys_select_h" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_arpa_inet_h" >&5 +$as_echo "$gl_cv_next_arpa_inet_h" >&6; } fi - NEXT_SYS_SELECT_H=$gl_cv_next_sys_select_h + NEXT_ARPA_INET_H=$gl_cv_next_arpa_inet_h if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'sys/select.h'>' + gl_next_as_first_directive='<'arpa/inet.h'>' else # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_sys_select_h + gl_next_as_first_directive=$gl_cv_next_arpa_inet_h fi - NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H=$gl_next_as_first_directive - - - + NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H=$gl_next_as_first_directive - if test $ac_cv_header_sys_select_h = yes; then - HAVE_SYS_SELECT_H=1 - else - HAVE_SYS_SELECT_H=0 - fi - if test $ac_cv_header_sys_socket_h != yes; then - for ac_header in winsock2.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "winsock2.h" "ac_cv_header_winsock2_h" "$ac_includes_default" -if test "x$ac_cv_header_winsock2_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_WINSOCK2_H 1 -_ACEOF -fi -done - fi - if test "$ac_cv_header_winsock2_h" = yes; then - HAVE_WINSOCK2_H=1 - UNISTD_H_HAVE_WINSOCK2_H=1 - SYS_IOCTL_H_HAVE_WINSOCK2_H=1 + if test $ac_cv_header_sys_socket_h = yes; then + HAVE_WS2TCPIP_H=0 else - HAVE_WINSOCK2_H=0 + if test $ac_cv_header_ws2tcpip_h = yes; then + HAVE_WS2TCPIP_H=1 + else + HAVE_WS2TCPIP_H=0 + fi fi @@ -25501,452 +28445,261 @@ done - - - if test "$ac_cv_header_winsock2_h" = yes; then - REPLACE_SELECT=1 - else - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether select supports a 0 argument" >&5 -$as_echo_n "checking whether select supports a 0 argument... " >&6; } -if ${gl_cv_func_select_supports0+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for __builtin_expect" >&5 +$as_echo_n "checking for __builtin_expect... " >&6; } +if ${gl_cv___builtin_expect+:} false; then : $as_echo_n "(cached) " >&6 else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ - if test "$cross_compiling" = yes; then : - - case "$host_os" in - # Guess no on Interix. - interix*) gl_cv_func_select_supports0="guessing no";; - # Guess yes otherwise. - *) gl_cv_func_select_supports0="guessing yes";; - esac - + int + main (int argc, char **argv) + { + argc = __builtin_expect (argc, 100); + return argv[argc != 100][0]; + } +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gl_cv___builtin_expect=yes else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include -#include -#if HAVE_SYS_SELECT_H -#include -#endif -int main () -{ - struct timeval timeout; - timeout.tv_sec = 0; - timeout.tv_usec = 5; - return select (0, (fd_set *)0, (fd_set *)0, (fd_set *)0, &timeout) < 0; -} + #include + int + main (int argc, char **argv) + { + argc = __builtin_expect (argc, 100); + return argv[argc != 100][0]; + } _ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_select_supports0=yes +if ac_fn_c_try_link "$LINENO"; then : + gl_cv___builtin_expect="in " else - gl_cv_func_select_supports0=no + gl_cv___builtin_expect=no fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv___builtin_expect" >&5 +$as_echo "$gl_cv___builtin_expect" >&6; } + if test "$gl_cv___builtin_expect" = yes; then + $as_echo "#define HAVE___BUILTIN_EXPECT 1" >>confdefs.h + elif test "$gl_cv___builtin_expect" = "in "; then + $as_echo "#define HAVE___BUILTIN_EXPECT 2" >>confdefs.h -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_select_supports0" >&5 -$as_echo "$gl_cv_func_select_supports0" >&6; } - case "$gl_cv_func_select_supports0" in - *yes) ;; - *) REPLACE_SELECT=1 ;; - esac + fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether select detects invalid fds" >&5 -$as_echo_n "checking whether select detects invalid fds... " >&6; } -if ${gl_cv_func_select_detects_ebadf+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - case "$host_os" in - # Guess yes on Linux systems. - linux-* | linux) gl_cv_func_select_detects_ebadf="guessing yes" ;; - # Guess yes on glibc systems. - *-gnu* | gnu*) gl_cv_func_select_detects_ebadf="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_select_detects_ebadf="guessing no" ;; - esac + for ac_header in byteswap.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "byteswap.h" "ac_cv_header_byteswap_h" "$ac_includes_default" +if test "x$ac_cv_header_byteswap_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_BYTESWAP_H 1 +_ACEOF + + BYTESWAP_H='' else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#if HAVE_SYS_SELECT_H -# include -#endif -#include -#include + BYTESWAP_H='byteswap.h' -int -main () -{ +fi - fd_set set; - dup2(0, 16); - FD_ZERO(&set); - FD_SET(16, &set); - close(16); - struct timeval timeout; - timeout.tv_sec = 0; - timeout.tv_usec = 5; - return select (17, &set, NULL, NULL, &timeout) != -1 || errno != EBADF; +done - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_select_detects_ebadf=yes + + if test -n "$BYTESWAP_H"; then + GL_GENERATE_BYTESWAP_H_TRUE= + GL_GENERATE_BYTESWAP_H_FALSE='#' else - gl_cv_func_select_detects_ebadf=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext + GL_GENERATE_BYTESWAP_H_TRUE='#' + GL_GENERATE_BYTESWAP_H_FALSE= fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_select_detects_ebadf" >&5 -$as_echo "$gl_cv_func_select_detects_ebadf" >&6; } - case $gl_cv_func_select_detects_ebadf in - *yes) ;; - *) REPLACE_SELECT=1 ;; - esac - fi - LIB_SELECT="$LIBSOCKET" - if test $REPLACE_SELECT = 1; then - case "$host_os" in - mingw*) - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#define WIN32_LEAN_AND_MEAN -#include -int -main () -{ - MsgWaitForMultipleObjects (0, NULL, 0, 0, 0); - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : +$as_echo "#define GNULIB_TEST_CLOEXEC 1" >>confdefs.h -else - LIB_SELECT="$LIB_SELECT -luser32" -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - ;; - esac - fi -ac_fn_c_check_decl "$LINENO" "alarm" "ac_cv_have_decl_alarm" "$ac_includes_default" -if test "x$ac_cv_have_decl_alarm" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_ALARM $ac_have_decl -_ACEOF - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for O_CLOEXEC" >&5 -$as_echo_n "checking for O_CLOEXEC... " >&6; } -if ${gl_cv_macro_O_CLOEXEC+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - #ifndef O_CLOEXEC - choke me; - #endif + if test $HAVE_MSVC_INVALID_PARAMETER_HANDLER = 1; then + REPLACE_CLOSE=1 + fi -int -main () -{ -return O_CLOEXEC; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_macro_O_CLOEXEC=yes -else - gl_cv_macro_O_CLOEXEC=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_macro_O_CLOEXEC" >&5 -$as_echo "$gl_cv_macro_O_CLOEXEC" >&6; } - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for promoted mode_t type" >&5 -$as_echo_n "checking for promoted mode_t type... " >&6; } -if ${gl_cv_promoted_mode_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -typedef int array[2 * (sizeof (mode_t) < sizeof (int)) - 1]; - ; - return 0; -} + + if test $ac_cv_header_sys_socket_h != yes; then + for ac_header in winsock2.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "winsock2.h" "ac_cv_header_winsock2_h" "$ac_includes_default" +if test "x$ac_cv_header_winsock2_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_WINSOCK2_H 1 _ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_promoted_mode_t='int' -else - gl_cv_promoted_mode_t='mode_t' -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_promoted_mode_t" >&5 -$as_echo "$gl_cv_promoted_mode_t" >&6; } -cat >>confdefs.h <<_ACEOF -#define PROMOTED_MODE_T $gl_cv_promoted_mode_t -_ACEOF +done + fi + if test "$ac_cv_header_winsock2_h" = yes; then + HAVE_WINSOCK2_H=1 + UNISTD_H_HAVE_WINSOCK2_H=1 + SYS_IOCTL_H_HAVE_WINSOCK2_H=1 + else + HAVE_WINSOCK2_H=0 + fi - REPLACE_STRERROR_0=0 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether strerror(0) succeeds" >&5 -$as_echo_n "checking whether strerror(0) succeeds... " >&6; } -if ${gl_cv_func_strerror_0_works+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - case "$host_os" in - # Guess yes on glibc systems. - *-gnu* | gnu*) gl_cv_func_strerror_0_works="guessing yes" ;; - # Guess yes on musl systems. - *-musl*) gl_cv_func_strerror_0_works="guessing yes" ;; - # Guess yes on native Windows. - mingw*) gl_cv_func_strerror_0_works="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_strerror_0_works="guessing no" ;; - esac + if test $UNISTD_H_HAVE_WINSOCK2_H = 1; then + REPLACE_CLOSE=1 + fi -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - #include -int -main () -{ -int result = 0; - char *str; - errno = 0; - str = strerror (0); - if (!*str) result |= 1; - if (errno) result |= 2; - if (strstr (str, "nknown") || strstr (str, "ndefined")) - result |= 4; - return result; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_strerror_0_works=yes -else - gl_cv_func_strerror_0_works=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi + if test $REPLACE_CLOSE = 1; then -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_strerror_0_works" >&5 -$as_echo "$gl_cv_func_strerror_0_works" >&6; } - case "$gl_cv_func_strerror_0_works" in - *yes) ;; - *) - REPLACE_STRERROR_0=1 -$as_echo "#define REPLACE_STRERROR_0 1" >>confdefs.h - ;; - esac + gl_LIBOBJS="$gl_LIBOBJS close.$ac_objext" + fi - if test $ac_cv_func_strerror_r = yes; then - if test "$ERRNO_H:$REPLACE_STRERROR_0" = :0; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for strerror_r with POSIX signature" >&5 -$as_echo_n "checking for strerror_r with POSIX signature... " >&6; } -if ${gl_cv_func_strerror_r_posix_signature+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - int strerror_r (int, char *, size_t); -int -main () -{ + GNULIB_CLOSE=1 - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_func_strerror_r_posix_signature=yes -else - gl_cv_func_strerror_r_posix_signature=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_strerror_r_posix_signature" >&5 -$as_echo "$gl_cv_func_strerror_r_posix_signature" >&6; } - if test $gl_cv_func_strerror_r_posix_signature = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether strerror_r works" >&5 -$as_echo_n "checking whether strerror_r works... " >&6; } -if ${gl_cv_func_strerror_r_works+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - case "$host_os" in - # Guess no on AIX. - aix*) gl_cv_func_strerror_r_works="guessing no";; - # Guess no on HP-UX. - hpux*) gl_cv_func_strerror_r_works="guessing no";; - # Guess no on BSD variants. - *bsd*) gl_cv_func_strerror_r_works="guessing no";; - # Guess yes otherwise. - *) gl_cv_func_strerror_r_works="guessing yes";; - esac -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - #include -int -main () -{ -int result = 0; - char buf[79]; - if (strerror_r (EACCES, buf, 0) < 0) - result |= 1; - errno = 0; - if (strerror_r (EACCES, buf, sizeof buf) != 0) - result |= 2; - strcpy (buf, "Unknown"); - if (strerror_r (0, buf, sizeof buf) != 0) - result |= 4; - if (errno) - result |= 8; - if (strstr (buf, "nknown") || strstr (buf, "ndefined")) - result |= 0x10; - errno = 0; - *buf = 0; - if (strerror_r (-3, buf, sizeof buf) < 0) - result |= 0x20; - if (errno) - result |= 0x40; - if (!*buf) - result |= 0x80; - return result; +$as_echo "#define GNULIB_TEST_CLOSE 1" >>confdefs.h - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_strerror_r_works=yes -else - gl_cv_func_strerror_r_works=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_strerror_r_works" >&5 -$as_echo "$gl_cv_func_strerror_r_works" >&6; } - else - if test $ac_cv_func___xpg_strerror_r = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether __xpg_strerror_r works" >&5 -$as_echo_n "checking whether __xpg_strerror_r works... " >&6; } -if ${gl_cv_func_strerror_r_works+:} false; then : + + + + +$as_echo "#define HAVE_DUP2 1" >>confdefs.h + + + if test $HAVE_DUP2 = 1; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether dup2 works" >&5 +$as_echo_n "checking whether dup2 works... " >&6; } +if ${gl_cv_func_dup2_works+:} false; then : $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : - gl_cv_func_strerror_r_works="guessing no" - + case "$host_os" in + mingw*) # on this platform, dup2 always returns 0 for success + gl_cv_func_dup2_works="guessing no" ;; + cygwin*) # on cygwin 1.5.x, dup2(1,1) returns 0 + gl_cv_func_dup2_works="guessing no" ;; + aix* | freebsd*) + # on AIX 7.1 and FreeBSD 6.1, dup2 (1,toobig) gives EMFILE, + # not EBADF. + gl_cv_func_dup2_works="guessing no" ;; + haiku*) # on Haiku alpha 2, dup2(1, 1) resets FD_CLOEXEC. + gl_cv_func_dup2_works="guessing no" ;; + *-android*) # implemented using dup3(), which fails if oldfd == newfd + gl_cv_func_dup2_works="guessing no" ;; + os2*) # on OS/2 kLIBC, dup2() does not work on a directory fd. + gl_cv_func_dup2_works="guessing no" ;; + *) gl_cv_func_dup2_works="guessing yes" ;; + esac else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include - #include - extern - #ifdef __cplusplus - "C" - #endif - int __xpg_strerror_r(int, char *, size_t); + + #include + #include + #include + #include + #include + #ifndef RLIM_SAVED_CUR + # define RLIM_SAVED_CUR RLIM_INFINITY + #endif + #ifndef RLIM_SAVED_MAX + # define RLIM_SAVED_MAX RLIM_INFINITY + #endif int main () { int result = 0; - char buf[256] = "^"; - char copy[256]; - char *str = strerror (-1); - strcpy (copy, str); - if (__xpg_strerror_r (-2, buf, 1) == 0) - result |= 1; - if (*buf) - result |= 2; - __xpg_strerror_r (-2, buf, 256); - if (strcmp (str, copy)) - result |= 4; - return result; + int bad_fd = INT_MAX; + struct rlimit rlim; + if (getrlimit (RLIMIT_NOFILE, &rlim) == 0 + && 0 <= rlim.rlim_cur && rlim.rlim_cur <= INT_MAX + && rlim.rlim_cur != RLIM_INFINITY + && rlim.rlim_cur != RLIM_SAVED_MAX + && rlim.rlim_cur != RLIM_SAVED_CUR) + bad_fd = rlim.rlim_cur; + #ifdef FD_CLOEXEC + if (fcntl (1, F_SETFD, FD_CLOEXEC) == -1) + result |= 1; + #endif + if (dup2 (1, 1) != 1) + result |= 2; + #ifdef FD_CLOEXEC + if (fcntl (1, F_GETFD) != FD_CLOEXEC) + result |= 4; + #endif + close (0); + if (dup2 (0, 0) != -1) + result |= 8; + /* Many gnulib modules require POSIX conformance of EBADF. */ + if (dup2 (2, bad_fd) == -1 && errno != EBADF) + result |= 16; + /* Flush out some cygwin core dumps. */ + if (dup2 (2, -1) != -1 || errno != EBADF) + result |= 32; + dup2 (2, 255); + dup2 (2, 256); + /* On OS/2 kLIBC, dup2() does not work on a directory fd. */ + { + int fd = open (".", O_RDONLY); + if (fd == -1) + result |= 64; + else if (dup2 (fd, fd + 1) == -1) + result |= 128; + close (fd); + } + return result; ; return 0; } + _ACEOF if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_strerror_r_works=yes + gl_cv_func_dup2_works=yes else - gl_cv_func_strerror_r_works=no + gl_cv_func_dup2_works=no fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext @@ -25954,137 +28707,85 @@ fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_strerror_r_works" >&5 -$as_echo "$gl_cv_func_strerror_r_works" >&6; } - fi - fi - fi - fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_dup2_works" >&5 +$as_echo "$gl_cv_func_dup2_works" >&6; } + case "$gl_cv_func_dup2_works" in + *yes) ;; + *) + REPLACE_DUP2=1 + for ac_func in setdtablesize +do : + ac_fn_c_check_func "$LINENO" "setdtablesize" "ac_cv_func_setdtablesize" +if test "x$ac_cv_func_setdtablesize" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SETDTABLESIZE 1 +_ACEOF -ac_fn_c_check_decl "$LINENO" "strerror_r" "ac_cv_have_decl_strerror_r" "$ac_includes_default" -if test "x$ac_cv_have_decl_strerror_r" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 fi +done -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_STRERROR_R $ac_have_decl -_ACEOF + ;; + esac + fi + if test $HAVE_DUP2 = 0 || test $REPLACE_DUP2 = 1; then - if test $ac_cv_have_decl_strerror_r = no; then - HAVE_DECL_STRERROR_R=0 - fi - if test $ac_cv_func_strerror_r = yes; then - if test "$ERRNO_H:$REPLACE_STRERROR_0" = :0; then - if test $gl_cv_func_strerror_r_posix_signature = yes; then - case "$gl_cv_func_strerror_r_works" in - *no) REPLACE_STRERROR_R=1 ;; - esac - else - REPLACE_STRERROR_R=1 - fi - else - REPLACE_STRERROR_R=1 - fi - fi + gl_LIBOBJS="$gl_LIBOBJS dup2.$ac_objext" + fi - GNULIB_PTHREAD_SIGMASK=0; - GNULIB_RAISE=0; - GNULIB_SIGNAL_H_SIGPIPE=0; - GNULIB_SIGPROCMASK=0; - GNULIB_SIGACTION=0; - HAVE_POSIX_SIGNALBLOCKING=1; - HAVE_PTHREAD_SIGMASK=1; - HAVE_RAISE=1; - HAVE_SIGSET_T=1; - HAVE_SIGINFO_T=1; - HAVE_SIGACTION=1; - HAVE_STRUCT_SIGACTION_SA_SIGACTION=1; - HAVE_TYPE_VOLATILE_SIG_ATOMIC_T=1; - HAVE_SIGHANDLER_T=1; - REPLACE_PTHREAD_SIGMASK=0; - REPLACE_RAISE=0; - ac_fn_c_check_type "$LINENO" "sigset_t" "ac_cv_type_sigset_t" " - #include - /* Mingw defines sigset_t not in , but in . */ - #include + GNULIB_DUP2=1 -" -if test "x$ac_cv_type_sigset_t" = xyes; then : -cat >>confdefs.h <<_ACEOF -#define HAVE_SIGSET_T 1 -_ACEOF -gl_cv_type_sigset_t=yes -else - gl_cv_type_sigset_t=no -fi - if test $gl_cv_type_sigset_t != yes; then - HAVE_SIGSET_T=0 - fi +$as_echo "#define GNULIB_TEST_DUP2 1" >>confdefs.h -ac_fn_c_check_decl "$LINENO" "setenv" "ac_cv_have_decl_setenv" "$ac_includes_default" -if test "x$ac_cv_have_decl_setenv" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_SETENV $ac_have_decl -_ACEOF - if test $ac_cv_have_decl_setenv = no; then - HAVE_DECL_SETENV=0 + + if test $ac_cv_func_explicit_bzero = no; then + HAVE_EXPLICIT_BZERO=0 fi + if test $HAVE_EXPLICIT_BZERO = 0; then - for ac_header in search.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "search.h" "ac_cv_header_search_h" "$ac_includes_default" -if test "x$ac_cv_header_search_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SEARCH_H 1 -_ACEOF -fi -done - for ac_func in tsearch + + gl_LIBOBJS="$gl_LIBOBJS explicit_bzero.$ac_objext" + + + for ac_func in explicit_memset do : - ac_fn_c_check_func "$LINENO" "tsearch" "ac_cv_func_tsearch" -if test "x$ac_cv_func_tsearch" = xyes; then : + ac_fn_c_check_func "$LINENO" "explicit_memset" "ac_cv_func_explicit_memset" +if test "x$ac_cv_func_explicit_memset" = xyes; then : cat >>confdefs.h <<_ACEOF -#define HAVE_TSEARCH 1 +#define HAVE_EXPLICIT_MEMSET 1 _ACEOF fi @@ -26092,39 +28793,19 @@ done + fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for uid_t in sys/types.h" >&5 -$as_echo_n "checking for uid_t in sys/types.h... " >&6; } -if ${ac_cv_type_uid_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "uid_t" >/dev/null 2>&1; then : - ac_cv_type_uid_t=yes -else - ac_cv_type_uid_t=no -fi -rm -f conftest* -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_uid_t" >&5 -$as_echo "$ac_cv_type_uid_t" >&6; } -if test $ac_cv_type_uid_t = no; then -$as_echo "#define uid_t int" >>confdefs.h + GNULIB_EXPLICIT_BZERO=1 -$as_echo "#define gid_t int" >>confdefs.h -fi +$as_echo "#define GNULIB_TEST_EXPLICIT_BZERO 1" >>confdefs.h @@ -26134,113 +28815,197 @@ fi + if test $ac_cv_func_fcntl = no; then -ac_fn_c_check_decl "$LINENO" "unsetenv" "ac_cv_have_decl_unsetenv" "$ac_includes_default" -if test "x$ac_cv_have_decl_unsetenv" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_UNSETENV $ac_have_decl -_ACEOF + if test $ac_cv_func_fcntl = no; then + HAVE_FCNTL=0 + else + REPLACE_FCNTL=1 + fi + + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fcntl handles F_DUPFD correctly" >&5 +$as_echo_n "checking whether fcntl handles F_DUPFD correctly... " >&6; } +if ${gl_cv_func_fcntl_f_dupfd_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + case $host_os in + aix* | cygwin* | haiku*) + gl_cv_func_fcntl_f_dupfd_works="guessing no" ;; + *) gl_cv_func_fcntl_f_dupfd_works="guessing yes" ;; + esac +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + #include + #include + #include + #ifndef RLIM_SAVED_CUR + # define RLIM_SAVED_CUR RLIM_INFINITY + #endif + #ifndef RLIM_SAVED_MAX + # define RLIM_SAVED_MAX RLIM_INFINITY + #endif +int +main () +{ +int result = 0; + int bad_fd = INT_MAX; + struct rlimit rlim; + if (getrlimit (RLIMIT_NOFILE, &rlim) == 0 + && 0 <= rlim.rlim_cur && rlim.rlim_cur <= INT_MAX + && rlim.rlim_cur != RLIM_INFINITY + && rlim.rlim_cur != RLIM_SAVED_MAX + && rlim.rlim_cur != RLIM_SAVED_CUR) + bad_fd = rlim.rlim_cur; + if (fcntl (0, F_DUPFD, -1) != -1) result |= 1; + if (errno != EINVAL) result |= 2; + if (fcntl (0, F_DUPFD, bad_fd) != -1) result |= 4; + if (errno != EINVAL) result |= 8; + /* On OS/2 kLIBC, F_DUPFD does not work on a directory fd */ + { + int fd; + fd = open (".", O_RDONLY); + if (fd == -1) + result |= 16; + else if (fcntl (fd, F_DUPFD, STDERR_FILENO + 1) == -1) + result |= 32; - if true; then - GL_COND_LIBTOOL_TRUE= - GL_COND_LIBTOOL_FALSE='#' + close (fd); + } + return result; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_fcntl_f_dupfd_works=yes else - GL_COND_LIBTOOL_TRUE='#' - GL_COND_LIBTOOL_FALSE= + gl_cv_func_fcntl_f_dupfd_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext fi - gl_cond_libtool=true - gl_m4_base='m4' +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fcntl_f_dupfd_works" >&5 +$as_echo "$gl_cv_func_fcntl_f_dupfd_works" >&6; } + case $gl_cv_func_fcntl_f_dupfd_works in + *yes) ;; + *) + + + if test $ac_cv_func_fcntl = no; then + HAVE_FCNTL=0 + else + REPLACE_FCNTL=1 + fi +$as_echo "#define FCNTL_DUPFD_BUGGY 1" >>confdefs.h + ;; + esac + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fcntl understands F_DUPFD_CLOEXEC" >&5 +$as_echo_n "checking whether fcntl understands F_DUPFD_CLOEXEC... " >&6; } +if ${gl_cv_func_fcntl_f_dupfd_cloexec+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#ifndef F_DUPFD_CLOEXEC +choke me +#endif +int +main () +{ + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __linux__ +/* The Linux kernel only added F_DUPFD_CLOEXEC in 2.6.24, so we always replace + it to support the semantics on older kernels that failed with EINVAL. */ +choke me +#endif +int +main () +{ - gl_source_base='gl' -LTALLOCA=`echo "$ALLOCA" | sed -e 's/\.[^.]* /.lo /g;s/\.[^.]*$/.lo/'` + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_func_fcntl_f_dupfd_cloexec=yes +else + gl_cv_func_fcntl_f_dupfd_cloexec="needs runtime check" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +else + gl_cv_func_fcntl_f_dupfd_cloexec=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fcntl_f_dupfd_cloexec" >&5 +$as_echo "$gl_cv_func_fcntl_f_dupfd_cloexec" >&6; } + if test "$gl_cv_func_fcntl_f_dupfd_cloexec" != yes; then - if test $ac_cv_func_alloca_works = no; then - : + if test $ac_cv_func_fcntl = no; then + HAVE_FCNTL=0 + else + REPLACE_FCNTL=1 fi - # Define an additional variable used in the Makefile substitution. - if test $ac_cv_working_alloca_h = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for alloca as a compiler built-in" >&5 -$as_echo_n "checking for alloca as a compiler built-in... " >&6; } -if ${gl_cv_rpl_alloca+:} false; then : - $as_echo_n "(cached) " >&6 -else + fi + fi - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#if defined __GNUC__ || defined _AIX || defined _MSC_VER - Need own alloca -#endif + if test $HAVE_FCNTL = 0 || test $REPLACE_FCNTL = 1; then -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "Need own alloca" >/dev/null 2>&1; then : - gl_cv_rpl_alloca=yes -else - gl_cv_rpl_alloca=no -fi -rm -f conftest* -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_rpl_alloca" >&5 -$as_echo "$gl_cv_rpl_alloca" >&6; } - if test $gl_cv_rpl_alloca = yes; then -$as_echo "#define HAVE_ALLOCA 1" >>confdefs.h - ALLOCA_H=alloca.h - else - ALLOCA_H= - fi - else - ALLOCA_H=alloca.h - fi - if test -n "$ALLOCA_H"; then - GL_GENERATE_ALLOCA_H_TRUE= - GL_GENERATE_ALLOCA_H_FALSE='#' -else - GL_GENERATE_ALLOCA_H_TRUE='#' - GL_GENERATE_ALLOCA_H_FALSE= -fi - if test $ac_cv_working_alloca_h = yes; then - HAVE_ALLOCA_H=1 - else - HAVE_ALLOCA_H=0 + gl_LIBOBJS="$gl_LIBOBJS fcntl.$ac_objext" + fi + GNULIB_FCNTL=1 + + + + + +$as_echo "#define GNULIB_TEST_FCNTL 1" >>confdefs.h + + + - if test $ac_cv_header_arpa_inet_h = yes; then - HAVE_ARPA_INET_H=1 - else - HAVE_ARPA_INET_H=0 - fi @@ -26252,22 +29017,19 @@ fi if test $gl_cv_have_include_next = yes; then - gl_cv_next_arpa_inet_h='<'arpa/inet.h'>' + gl_cv_next_fcntl_h='<'fcntl.h'>' else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 -$as_echo_n "checking absolute name of ... " >&6; } -if ${gl_cv_next_arpa_inet_h+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_fcntl_h+:} false; then : $as_echo_n "(cached) " >&6 else - if test $ac_cv_header_arpa_inet_h = yes; then - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +#include _ACEOF case "$host_os" in aix*) gl_absname_cpp="$ac_cpp -C" ;; @@ -26283,7 +29045,7 @@ _ACEOF ;; esac gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' - gl_header_literal_regex=`echo 'arpa/inet.h' \ + gl_header_literal_regex=`echo 'fcntl.h' \ | sed -e "$gl_make_literal_regex_sed"` gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ @@ -26292,121 +29054,36 @@ _ACEOF q }' - gl_cv_absolute_arpa_inet_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + gl_cv_absolute_fcntl_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | sed -n "$gl_absolute_header_sed"` - gl_header=$gl_cv_absolute_arpa_inet_h - gl_cv_next_arpa_inet_h='"'$gl_header'"' - else - gl_cv_next_arpa_inet_h='<'arpa/inet.h'>' - fi + gl_header=$gl_cv_absolute_fcntl_h + gl_cv_next_fcntl_h='"'$gl_header'"' fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_arpa_inet_h" >&5 -$as_echo "$gl_cv_next_arpa_inet_h" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_fcntl_h" >&5 +$as_echo "$gl_cv_next_fcntl_h" >&6; } fi - NEXT_ARPA_INET_H=$gl_cv_next_arpa_inet_h + NEXT_FCNTL_H=$gl_cv_next_fcntl_h if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'arpa/inet.h'>' + gl_next_as_first_directive='<'fcntl.h'>' else # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_arpa_inet_h + gl_next_as_first_directive=$gl_cv_next_fcntl_h fi - NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H=$gl_next_as_first_directive - - - - - - - - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for __builtin_expect" >&5 -$as_echo_n "checking for __builtin_expect... " >&6; } -if ${gl_cv___builtin_expect+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - int - main (int argc, char **argv) - { - argc = __builtin_expect (argc, 100); - return argv[argc != 100][0]; - } -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - gl_cv___builtin_expect=yes -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include - int - main (int argc, char **argv) - { - argc = __builtin_expect (argc, 100); - return argv[argc != 100][0]; - } -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - gl_cv___builtin_expect="in " -else - gl_cv___builtin_expect=no -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv___builtin_expect" >&5 -$as_echo "$gl_cv___builtin_expect" >&6; } - if test "$gl_cv___builtin_expect" = yes; then - $as_echo "#define HAVE___BUILTIN_EXPECT 1" >>confdefs.h - - elif test "$gl_cv___builtin_expect" = "in "; then - $as_echo "#define HAVE___BUILTIN_EXPECT 2" >>confdefs.h - - fi - + NEXT_AS_FIRST_DIRECTIVE_FCNTL_H=$gl_next_as_first_directive - for ac_header in byteswap.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "byteswap.h" "ac_cv_header_byteswap_h" "$ac_includes_default" -if test "x$ac_cv_header_byteswap_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_BYTESWAP_H 1 -_ACEOF - BYTESWAP_H='' -else - BYTESWAP_H='byteswap.h' -fi -done - if test -n "$BYTESWAP_H"; then - GL_GENERATE_BYTESWAP_H_TRUE= - GL_GENERATE_BYTESWAP_H_FALSE='#' -else - GL_GENERATE_BYTESWAP_H_TRUE='#' - GL_GENERATE_BYTESWAP_H_FALSE= -fi @@ -26638,6 +29315,235 @@ fi + case "$host_os" in + mingw* | pw*) + REPLACE_FOPEN=1 + gl_cv_func_fopen_slash="guessing no" + ;; + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fopen recognizes a trailing slash" >&5 +$as_echo_n "checking whether fopen recognizes a trailing slash... " >&6; } +if ${gl_cv_func_fopen_slash+:} false; then : + $as_echo_n "(cached) " >&6 +else + + if test "$cross_compiling" = yes; then : + + case "$host_os" in + aix* | hpux* | solaris2.[0-9] | solaris2.[0-9].*) + gl_cv_func_fopen_slash="guessing no" ;; + *) + gl_cv_func_fopen_slash="guessing yes" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +int main () +{ + FILE *fp = fopen ("conftest.sl/", "w"); + int result = (fp != NULL); + if (fp != NULL) + fclose (fp); + return result; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_fopen_slash=yes +else + gl_cv_func_fopen_slash=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + rm -f conftest.sl + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fopen_slash" >&5 +$as_echo "$gl_cv_func_fopen_slash" >&6; } + ;; + esac + case "$gl_cv_func_fopen_slash" in + *no) + +$as_echo "#define FOPEN_TRAILING_SLASH_BUG 1" >>confdefs.h + + REPLACE_FOPEN=1 + ;; + esac + + if test $REPLACE_FOPEN = 1; then + + + + + + + + + gl_LIBOBJS="$gl_LIBOBJS fopen.$ac_objext" + + : + fi + + + + + + GNULIB_FOPEN=1 + + + + + +$as_echo "#define GNULIB_TEST_FOPEN 1" >>confdefs.h + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fopen supports the mode character 'x'" >&5 +$as_echo_n "checking whether fopen supports the mode character 'x'... " >&6; } +if ${gl_cv_func_fopen_mode_x+:} false; then : + $as_echo_n "(cached) " >&6 +else + rm -f conftest.x + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess yes on glibc and musl systems. + linux*-gnu* | gnu* | kfreebsd*-gnu | *-musl*) + gl_cv_func_fopen_mode_x="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) + gl_cv_func_fopen_mode_x="$gl_cross_guess_normal" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +int main () +{ + FILE *fp; + fp = fopen ("conftest.x", "w"); + fclose (fp); + fp = fopen ("conftest.x", "wx"); + if (fp != NULL) + /* 'x' ignored */ + return 1; + else if (errno == EEXIST) + return 0; + else + /* 'x' rejected */ + return 2; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_fopen_mode_x=yes +else + gl_cv_func_fopen_mode_x=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + rm -f conftest.x + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fopen_mode_x" >&5 +$as_echo "$gl_cv_func_fopen_mode_x" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fopen supports the mode character 'e'" >&5 +$as_echo_n "checking whether fopen supports the mode character 'e'... " >&6; } +if ${gl_cv_func_fopen_mode_e+:} false; then : + $as_echo_n "(cached) " >&6 +else + echo foo > conftest.x + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess yes on glibc and musl systems. + linux*-gnu* | gnu* | kfreebsd*-gnu | *-musl*) + gl_cv_func_fopen_mode_e="guessing yes" ;; + # Guess no on native Windows. + mingw*) + gl_cv_func_fopen_mode_e="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) + gl_cv_func_fopen_mode_e="$gl_cross_guess_normal" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +int main () +{ + FILE *fp = fopen ("conftest.x", "re"); + if (fp != NULL) + { + if (fcntl (fileno (fp), F_GETFD) & FD_CLOEXEC) + return 0; + else + /* 'e' ignored */ + return 1; + } + else + /* 'e' rejected */ + return 2; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_fopen_mode_e=yes +else + gl_cv_func_fopen_mode_e=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + rm -f conftest.x + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fopen_mode_e" >&5 +$as_echo "$gl_cv_func_fopen_mode_e" >&6; } + case "$gl_cv_func_fopen_mode_x" in + *no) REPLACE_FOPEN=1 ;; + esac + case "$gl_cv_func_fopen_mode_e" in + *no) REPLACE_FOPEN=1 ;; + esac + + if test $REPLACE_FOPEN = 1; then + + + + + + + + + gl_LIBOBJS="$gl_LIBOBJS fopen.$ac_objext" + + : + fi + + +cat >>confdefs.h <<_ACEOF +#define GNULIB_FOPEN_GNU 1 +_ACEOF + + + + + case "$host_os" in mingw* | solaris*) @@ -26987,7 +29893,7 @@ if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | else case "$host_os" in *-musl*) gl_cv_func_working_getdelim="guessing yes" ;; - *) gl_cv_func_working_getdelim="guessing no" ;; + *) gl_cv_func_working_getdelim="$gl_cross_guess_normal" ;; esac fi @@ -27014,6 +29920,7 @@ else int len = getdelim (&line, &siz, '\n', in); if (!(len == 4 && line && strcmp (line, "foo\n") == 0)) { free (line); fclose (in); return 2; } + free (line); } { /* Test result for a NULL buffer and a non-zero size. @@ -27111,6 +30018,97 @@ $as_echo "#define GNULIB_TEST_GETDELIM 1" >>confdefs.h + if test $ac_cv_func_getdtablesize = yes && + test $ac_cv_have_decl_getdtablesize = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getdtablesize works" >&5 +$as_echo_n "checking whether getdtablesize works... " >&6; } +if ${gl_cv_func_getdtablesize_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + case "$host_os" in + vms*) gl_cv_func_getdtablesize_works="no (limitation)" ;; + *) + if test "$cross_compiling" = yes; then : + case "$host_os" in + cygwin*) # on cygwin 1.5.25, getdtablesize() automatically grows + gl_cv_func_getdtablesize_works="guessing no" ;; + *) gl_cv_func_getdtablesize_works="guessing yes" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include +int +main () +{ +int size = getdtablesize(); + if (dup2 (0, getdtablesize()) != -1) + return 1; + if (size != getdtablesize()) + return 2; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_getdtablesize_works=yes +else + gl_cv_func_getdtablesize_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_getdtablesize_works" >&5 +$as_echo "$gl_cv_func_getdtablesize_works" >&6; } + case "$gl_cv_func_getdtablesize_works" in + *yes | "no (limitation)") ;; + *) REPLACE_GETDTABLESIZE=1 ;; + esac + else + HAVE_GETDTABLESIZE=0 + fi + + if test $HAVE_GETDTABLESIZE = 0 || test $REPLACE_GETDTABLESIZE = 1; then + + + + + + + + + gl_LIBOBJS="$gl_LIBOBJS getdtablesize.$ac_objext" + + : + fi + + + + + + GNULIB_GETDTABLESIZE=1 + + + + + +$as_echo "#define GNULIB_TEST_GETDTABLESIZE 1" >>confdefs.h + + + + + + + + gl_getline_needs_run_time_check=no @@ -27146,7 +30144,7 @@ if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | else case "$host_os" in *-musl*) am_cv_func_working_getline="guessing yes" ;; - *) am_cv_func_working_getline="guessing no" ;; + *) am_cv_func_working_getline="$gl_cross_guess_normal" ;; esac fi @@ -27276,8 +30274,8 @@ else *-musl*) gl_cv_func_gettimeofday_clobber="guessing no" ;; # Guess no on native Windows. mingw*) gl_cv_func_gettimeofday_clobber="guessing no" ;; - # If we don't know, assume the worst. - *) gl_cv_func_gettimeofday_clobber="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_gettimeofday_clobber="$gl_cross_guess_inverted" ;; esac else @@ -27480,6 +30478,7 @@ done if test $HAVE_WINSOCK2_H = 1; then + REPLACE_INET_NTOP=1 ac_fn_c_check_decl "$LINENO" "inet_ntop" "ac_cv_have_decl_inet_ntop" "#include " if test "x$ac_cv_have_decl_inet_ntop" = xyes; then : @@ -27493,11 +30492,9 @@ cat >>confdefs.h <<_ACEOF _ACEOF if test $ac_cv_have_decl_inet_ntop = yes; then - REPLACE_INET_NTOP=1 INET_NTOP_LIB="-lws2_32" else HAVE_DECL_INET_NTOP=0 - HAVE_INET_NTOP=0 fi else gl_save_LIBS=$LIBS @@ -27665,6 +30662,7 @@ done if test $HAVE_WINSOCK2_H = 1; then + REPLACE_INET_PTON=1 ac_fn_c_check_decl "$LINENO" "inet_pton" "ac_cv_have_decl_inet_pton" "#include " if test "x$ac_cv_have_decl_inet_pton" = xyes; then : @@ -27678,11 +30676,9 @@ cat >>confdefs.h <<_ACEOF _ACEOF if test $ac_cv_have_decl_inet_pton = yes; then - REPLACE_INET_PTON=1 INET_PTON_LIB="-lws2_32" else HAVE_DECL_INET_PTON=0 - HAVE_INET_PTON=0 fi else gl_save_LIBS=$LIBS @@ -27788,7 +30784,7 @@ _ACEOF fi - if test $HAVE_INET_PTON = 0 || test $REPLACE_INET_NTOP = 1; then + if test $HAVE_INET_PTON = 0 || test $REPLACE_INET_PTON = 1; then @@ -27815,6 +30811,149 @@ _ACEOF + + + + LDDPROG=':' + LDDPOSTPROC= + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. +set dummy ${ac_tool_prefix}objdump; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_OBJDUMP+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$OBJDUMP"; then + ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +OBJDUMP=$ac_cv_prog_OBJDUMP +if test -n "$OBJDUMP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 +$as_echo "$OBJDUMP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_OBJDUMP"; then + ac_ct_OBJDUMP=$OBJDUMP + # Extract the first word of "objdump", so it can be a program name with args. +set dummy objdump; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_OBJDUMP+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_OBJDUMP"; then + ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_OBJDUMP="objdump" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP +if test -n "$ac_ct_OBJDUMP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 +$as_echo "$ac_ct_OBJDUMP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_OBJDUMP" = x; then + OBJDUMP="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OBJDUMP=$ac_ct_OBJDUMP + fi +else + OBJDUMP="$ac_cv_prog_OBJDUMP" +fi + + if test "$OBJDUMP" != "false"; then + LDDPROG="$OBJDUMP -p" + LDDPOSTPROC="2>/dev/null | sed -n -e 's,^ NEEDED *\\([^ ].*\\)\$,\\1,p'" + else + if test "$cross_compiling" = no; then + case "$host_os" in + aix*) + LDDPROG="dump -H" + LDDPOSTPROC="2>/dev/null | sed -e '/^[^0-9]/d' -e '/^0x/d' | sed -n -e 's,^[0-9]* *\\([^ ]*\\).*\$,\\1,p' | sed -e 's,^.*/,,'" + ;; + darwin*) + LDDPROG="otool -L" + LDDPOSTPROC="2>/dev/null | sed -n -e 's,^ \\([^ ]*\\).*\$,\\1,p' | sed -e 's,^.*/,,'" + ;; + hpux*) + LDDPROG="chatr" + LDDPOSTPROC="2>/dev/null | sed -e '1,/shared library list:/d' -e '/shared library binding:/,\$d' | sed -e 's,^.*[ ]\\([^ ][^ ]*\\)\$,\\1,' | sed -e 's,^.*/,,'" + ;; + irix*) + LDDPROG="elfdump -Dl" + LDDPOSTPROC="2>/dev/null | sed -n -e 's,^[[][0-9]*[]].* 0x[^ ]* [^ ][^ ]* \\([^ ][^ ]*\\).*\$,\\1,p' | sed -e 's,^.*/,,'" + ;; + linux* | gnu* | kfreebsd*-gnu | knetbsd*-gnu) # glibc-based systems + LDDPROG="ldd" + LDDPOSTPROC="2>/dev/null | sed -n -e 's,^ \\([^ ][^ ]*\\).*\$,\\1,p' | sed -e 's,^.*/,,'" + ;; + osf*) + LDDPROG="odump -Dl" + LDDPOSTPROC="2>/dev/null | sed -n -e 's,^ \\([^ ][^ ]*\\).*,\\1,p' | sed -e '/^Name\$/d' | sed -e 's,^.*/,,'" + ;; + solaris*) + LDDPROG="ldd" + LDDPOSTPROC="2>/dev/null | sed -n -e 's,^ \\([^ ].*\\)\$,\\1,p' | sed -e 's, =>.*\$,,' | sed -e 's,^.*/,,'" + ;; + esac + fi + fi + if test "$LDDPROG" != ":"; then + LDDPROG="LC_ALL=C $LDDPROG" + fi + + + + ac_config_files="$ac_config_files ldd.sh:build-aux/ldd.sh.in" + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if gcc/ld supports -Wl,--output-def" >&5 $as_echo_n "checking if gcc/ld supports -Wl,--output-def... " >&6; } if ${gl_cv_ld_output_def+:} false; then : @@ -27932,6 +31071,39 @@ fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the compiler supports the __inline keyword" >&5 +$as_echo_n "checking whether the compiler supports the __inline keyword... " >&6; } +if ${gl_cv_c___inline+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +typedef int foo_t; + static __inline foo_t foo (void) { return 0; } +int +main () +{ +return foo (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_c___inline=yes +else + gl_cv_c___inline=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_c___inline" >&5 +$as_echo "$gl_cv_c___inline" >&6; } + if test $gl_cv_c___inline = yes; then + +$as_echo "#define HAVE___INLINE 1" >>confdefs.h + + fi + + @@ -28100,6 +31272,9 @@ $as_echo "#define GNULIB_TEST_MALLOC_POSIX 1" >>confdefs.h + + + if test $HAVE_MEMCHR = 0 || test $REPLACE_MEMCHR = 1; then @@ -28196,7 +31371,7 @@ if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | $EGREP "Lucky user" >/dev/null 2>&1; then : gl_cv_func_memmem_works_always="guessing yes" else - gl_cv_func_memmem_works_always="guessing no" + gl_cv_func_memmem_works_always="$gl_cross_guess_normal" fi rm -f conftest* @@ -28220,7 +31395,7 @@ main () /* Check for empty needle behavior. */ { const char *haystack = "AAA"; - if (memmem (haystack, 3, NULL, 0) != haystack) + if (memmem (haystack, 3, (const char *) 1, 0) != haystack) result |= 2; } return result; @@ -28549,6 +31724,122 @@ fi + case "$host_os" in + mingw* | pw*) + REPLACE_OPEN=1 + ;; + *) + + if test "$gl_cv_macro_O_CLOEXEC" != yes; then + REPLACE_OPEN=1 + fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether open recognizes a trailing slash" >&5 +$as_echo_n "checking whether open recognizes a trailing slash... " >&6; } +if ${gl_cv_func_open_slash+:} false; then : + $as_echo_n "(cached) " >&6 +else + # Assume that if we have lstat, we can also check symlinks. + if test $ac_cv_func_lstat = yes; then + touch conftest.tmp + ln -s conftest.tmp conftest.lnk + fi + if test "$cross_compiling" = yes; then : + + case "$host_os" in + freebsd* | aix* | hpux* | solaris2.[0-9] | solaris2.[0-9].*) + gl_cv_func_open_slash="guessing no" ;; + *) + gl_cv_func_open_slash="guessing yes" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#if HAVE_UNISTD_H +# include +#endif +int main () +{ + int result = 0; +#if HAVE_LSTAT + if (open ("conftest.lnk/", O_RDONLY) != -1) + result |= 1; +#endif + if (open ("conftest.sl/", O_CREAT, 0600) >= 0) + result |= 2; + return result; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_open_slash=yes +else + gl_cv_func_open_slash=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + rm -f conftest.sl conftest.tmp conftest.lnk + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_open_slash" >&5 +$as_echo "$gl_cv_func_open_slash" >&6; } + case "$gl_cv_func_open_slash" in + *no) + +$as_echo "#define OPEN_TRAILING_SLASH_BUG 1" >>confdefs.h + + ;; + esac + + case "$gl_cv_func_open_slash" in + *no) + REPLACE_OPEN=1 + ;; + esac + ;; + esac + + + + if test $REPLACE_OPEN = 1; then + + + + + + + + + gl_LIBOBJS="$gl_LIBOBJS open.$ac_objext" + + + + : + + fi + + + + + + GNULIB_OPEN=1 + + + + + +$as_echo "#define GNULIB_TEST_OPEN 1" >>confdefs.h + + + + + + # Extract the first word of "pmccabe", so it can be a program name with args. set dummy pmccabe; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 @@ -29105,6 +32396,129 @@ $as_echo "#define ssize_t int" >>confdefs.h + case "$host_os" in + mingw*) + REPLACE_STAT=1 + ;; + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stat handles trailing slashes on files" >&5 +$as_echo_n "checking whether stat handles trailing slashes on files... " >&6; } +if ${gl_cv_func_stat_file_slash+:} false; then : + $as_echo_n "(cached) " >&6 +else + touch conftest.tmp + # Assume that if we have lstat, we can also check symlinks. + if test $ac_cv_func_lstat = yes; then + ln -s conftest.tmp conftest.lnk + fi + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess yes on Linux systems. + linux-* | linux) gl_cv_func_stat_file_slash="guessing yes" ;; + # Guess yes on glibc systems. + *-gnu* | gnu*) gl_cv_func_stat_file_slash="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_stat_file_slash="$gl_cross_guess_normal" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main () +{ +int result = 0; + struct stat st; + if (!stat ("conftest.tmp/", &st)) + result |= 1; +#if HAVE_LSTAT + if (!stat ("conftest.lnk/", &st)) + result |= 2; +#endif + return result; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_stat_file_slash=yes +else + gl_cv_func_stat_file_slash=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + rm -f conftest.tmp conftest.lnk +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_stat_file_slash" >&5 +$as_echo "$gl_cv_func_stat_file_slash" >&6; } + case $gl_cv_func_stat_file_slash in + *no) + REPLACE_STAT=1 + +$as_echo "#define REPLACE_FUNC_STAT_FILE 1" >>confdefs.h +;; + esac + case $host_os in + solaris*) + REPLACE_FSTAT=1 ;; + esac + ;; + esac + + if test $REPLACE_STAT = 1; then + + + + + + + + + gl_LIBOBJS="$gl_LIBOBJS stat.$ac_objext" + + case "$host_os" in + mingw*) + + + + + + + + + gl_LIBOBJS="$gl_LIBOBJS stat-w32.$ac_objext" + + ;; + esac + + + : + + fi + + + + + + GNULIB_STAT=1 + + + + + +$as_echo "#define GNULIB_TEST_STAT 1" >>confdefs.h + + + + + + + ac_fn_c_check_member "$LINENO" "struct stat" "st_atim.tv_nsec" "ac_cv_member_struct_stat_st_atim_tv_nsec" "#include #include " @@ -29314,10 +32728,20 @@ fi - # Define two additional variables used in the Makefile substitution. - if test "$ac_cv_header_stdbool_h" = yes; then - STDBOOL_H='' + if test "$ac_cv_header_stdbool_h" = yes; then + case "$host_os" in + solaris*) + if test -z "$GCC"; then + STDBOOL_H='stdbool.h' + else + STDBOOL_H='' + fi + ;; + *) + STDBOOL_H='' + ;; + esac else STDBOOL_H='stdbool.h' fi @@ -29670,6 +33094,8 @@ _ACEOF + + if test $gl_cv_have_include_next = yes; then gl_cv_next_stdlib_h='<'stdlib.h'>' else @@ -29741,6 +33167,8 @@ $as_echo "$gl_cv_next_stdlib_h" >&6; } + + for ac_func in strcasecmp do : ac_fn_c_check_func "$LINENO" "strcasecmp" "ac_cv_func_strcasecmp" @@ -30359,6 +33787,8 @@ fi + + if test $gl_cv_have_include_next = yes; then gl_cv_next_sys_uio_h='<'sys/uio.h'>' else @@ -30413,595 +33843,156 @@ _ACEOF fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_sys_uio_h" >&5 $as_echo "$gl_cv_next_sys_uio_h" >&6; } - fi - NEXT_SYS_UIO_H=$gl_cv_next_sys_uio_h - - if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then - # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'sys/uio.h'>' - else - # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_sys_uio_h - fi - NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H=$gl_next_as_first_directive - - - - - if test $ac_cv_header_sys_uio_h = yes; then - HAVE_SYS_UIO_H=1 - else - HAVE_SYS_UIO_H=0 - fi - - - - - - - - - - - - - ac_fn_c_check_decl "$LINENO" "localtime_r" "ac_cv_have_decl_localtime_r" "#include -" -if test "x$ac_cv_have_decl_localtime_r" = xyes; then : - ac_have_decl=1 -else - ac_have_decl=0 -fi - -cat >>confdefs.h <<_ACEOF -#define HAVE_DECL_LOCALTIME_R $ac_have_decl -_ACEOF - - if test $ac_cv_have_decl_localtime_r = no; then - HAVE_DECL_LOCALTIME_R=0 - fi - - - if test $ac_cv_func_localtime_r = yes; then - HAVE_LOCALTIME_R=1 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether localtime_r is compatible with its POSIX signature" >&5 -$as_echo_n "checking whether localtime_r is compatible with its POSIX signature... " >&6; } -if ${gl_cv_time_r_posix+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -int -main () -{ -/* We don't need to append 'restrict's to the argument types, - even though the POSIX signature has the 'restrict's, - since C99 says they can't affect type compatibility. */ - struct tm * (*ptr) (time_t const *, struct tm *) = localtime_r; - if (ptr) return 0; - /* Check the return type is a pointer. - On HP-UX 10 it is 'int'. */ - *localtime_r (0, 0); - ; - return 0; -} - -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_time_r_posix=yes -else - gl_cv_time_r_posix=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_time_r_posix" >&5 -$as_echo "$gl_cv_time_r_posix" >&6; } - if test $gl_cv_time_r_posix = yes; then - REPLACE_LOCALTIME_R=0 - else - REPLACE_LOCALTIME_R=1 - fi - else - HAVE_LOCALTIME_R=0 - fi - - if test $HAVE_LOCALTIME_R = 0 || test $REPLACE_LOCALTIME_R = 1; then - - - - - - - - - gl_LIBOBJS="$gl_LIBOBJS time_r.$ac_objext" - - - : - - fi - - - - - - GNULIB_TIME_R=1 - - - - - -$as_echo "#define GNULIB_TEST_TIME_R 1" >>confdefs.h - - - - - - - - - - - - - - - - if test $gl_cv_have_include_next = yes; then - gl_cv_next_unistd_h='<'unistd.h'>' - else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 -$as_echo_n "checking absolute name of ... " >&6; } -if ${gl_cv_next_unistd_h+:} false; then : - $as_echo_n "(cached) " >&6 -else - - if test $ac_cv_header_unistd_h = yes; then - - - - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -_ACEOF - case "$host_os" in - aix*) gl_absname_cpp="$ac_cpp -C" ;; - *) gl_absname_cpp="$ac_cpp" ;; - esac - - case "$host_os" in - mingw*) - gl_dirsep_regex='[/\\]' - ;; - *) - gl_dirsep_regex='\/' - ;; - esac - gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' - gl_header_literal_regex=`echo 'unistd.h' \ - | sed -e "$gl_make_literal_regex_sed"` - gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ - s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ - s|^/[^/]|//&| - p - q - }' - - gl_cv_absolute_unistd_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | - sed -n "$gl_absolute_header_sed"` - - gl_header=$gl_cv_absolute_unistd_h - gl_cv_next_unistd_h='"'$gl_header'"' - else - gl_cv_next_unistd_h='<'unistd.h'>' - fi - - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_unistd_h" >&5 -$as_echo "$gl_cv_next_unistd_h" >&6; } - fi - NEXT_UNISTD_H=$gl_cv_next_unistd_h - - if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then - # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'unistd.h'>' - else - # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_unistd_h - fi - NEXT_AS_FIRST_DIRECTIVE_UNISTD_H=$gl_next_as_first_directive - - - - - if test $ac_cv_header_unistd_h = yes; then - HAVE_UNISTD_H=1 - else - HAVE_UNISTD_H=0 - fi - - - - - - - - - - - - # Check whether --enable-valgrind-tests was given. -if test "${enable_valgrind_tests+set}" = set; then : - enableval=$enable_valgrind_tests; opt_valgrind_tests=$enableval -else - opt_valgrind_tests=no -fi - - - # Run self-tests under valgrind? - if test "$opt_valgrind_tests" = "yes" && test "$cross_compiling" = no; then - for ac_prog in valgrind -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_VALGRIND+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test -n "$VALGRIND"; then - ac_cv_prog_VALGRIND="$VALGRIND" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_prog_VALGRIND="$ac_prog" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done - done -IFS=$as_save_IFS - -fi -fi -VALGRIND=$ac_cv_prog_VALGRIND -if test -n "$VALGRIND"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $VALGRIND" >&5 -$as_echo "$VALGRIND" >&6; } -else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } -fi - - - test -n "$VALGRIND" && break -done - - - if test "$VALGRIND"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for valgrind options for tests" >&5 -$as_echo_n "checking for valgrind options for tests... " >&6; } -if ${gl_cv_opt_valgrind_tests+:} false; then : - $as_echo_n "(cached) " >&6 -else - gl_cv_opt_valgrind_tests="-q --error-exitcode=1 --leak-check=full --suppressions=\$(srcdir)/suppressions.valgrind" - $VALGRIND $gl_valgrind_opts ls > /dev/null 2>&1 || - gl_cv_opt_valgrind_tests=no -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_opt_valgrind_tests" >&5 -$as_echo "$gl_cv_opt_valgrind_tests" >&6; } - - if test "$gl_cv_opt_valgrind_tests" != no; then - VALGRIND="$VALGRIND $gl_cv_opt_valgrind_tests" - else - VALGRIND= - fi - fi - fi - - - - if test $ac_cv_func_vasnprintf = no; then - - - - - - - - - - - gl_LIBOBJS="$gl_LIBOBJS vasnprintf.$ac_objext" - - - - - - - - - - gl_LIBOBJS="$gl_LIBOBJS printf-args.$ac_objext" - - - - - - - - - - gl_LIBOBJS="$gl_LIBOBJS printf-parse.$ac_objext" - - - - - - - - - - gl_LIBOBJS="$gl_LIBOBJS asnprintf.$ac_objext" - - if test $ac_cv_func_vasnprintf = yes; then - -$as_echo "#define REPLACE_VASNPRINTF 1" >>confdefs.h - - fi - - - - - - - - - - - - ac_fn_c_check_type "$LINENO" "ptrdiff_t" "ac_cv_type_ptrdiff_t" "$ac_includes_default" -if test "x$ac_cv_type_ptrdiff_t" = xyes; then : - -else - -$as_echo "#define ptrdiff_t long" >>confdefs.h - - -fi - - - - - - - - fi - - - for ac_func in vasprintf -do : - ac_fn_c_check_func "$LINENO" "vasprintf" "ac_cv_func_vasprintf" -if test "x$ac_cv_func_vasprintf" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_VASPRINTF 1 -_ACEOF - -fi -done - - if test $ac_cv_func_vasprintf = no; then - - - - - - - - - - gl_LIBOBJS="$gl_LIBOBJS vasprintf.$ac_objext" - - - - - - - - - - gl_LIBOBJS="$gl_LIBOBJS asprintf.$ac_objext" - - - if test $ac_cv_func_vasprintf = yes; then - REPLACE_VASPRINTF=1 - else - HAVE_VASPRINTF=0 - fi - - - - - - - - - fi - - - - - + fi + NEXT_SYS_UIO_H=$gl_cv_next_sys_uio_h - GNULIB_VASPRINTF=1 + if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' + gl_next_as_first_directive='<'sys/uio.h'>' + else + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' + gl_next_as_first_directive=$gl_cv_next_sys_uio_h + fi + NEXT_AS_FIRST_DIRECTIVE_SYS_UIO_H=$gl_next_as_first_directive + if test $ac_cv_header_sys_uio_h = yes; then + HAVE_SYS_UIO_H=1 + else + HAVE_SYS_UIO_H=0 + fi -$as_echo "#define GNULIB_TEST_VASPRINTF 1" >>confdefs.h - XGETTEXT_EXTRA_OPTIONS="$XGETTEXT_EXTRA_OPTIONS --flag=asprintf:2:c-format" - XGETTEXT_EXTRA_OPTIONS="$XGETTEXT_EXTRA_OPTIONS --flag=vasprintf:2:c-format" - gl_cv_func_vsnprintf_usable=no - for ac_func in vsnprintf -do : - ac_fn_c_check_func "$LINENO" "vsnprintf" "ac_cv_func_vsnprintf" -if test "x$ac_cv_func_vsnprintf" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_VSNPRINTF 1 -_ACEOF + ac_fn_c_check_decl "$LINENO" "localtime_r" "ac_cv_have_decl_localtime_r" "/* mingw's provides the functions asctime_r, ctime_r, + gmtime_r, localtime_r only if or has + been included before. */ + #if defined __MINGW32__ + # include + #endif + #include +" +if test "x$ac_cv_have_decl_localtime_r" = xyes; then : + ac_have_decl=1 +else + ac_have_decl=0 fi -done - if test $ac_cv_func_vsnprintf = yes; then +cat >>confdefs.h <<_ACEOF +#define HAVE_DECL_LOCALTIME_R $ac_have_decl +_ACEOF + if test $ac_cv_have_decl_localtime_r = no; then + HAVE_DECL_LOCALTIME_R=0 + fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether snprintf respects a size of 1" >&5 -$as_echo_n "checking whether snprintf respects a size of 1... " >&6; } -if ${gl_cv_func_snprintf_size1+:} false; then : + if test $ac_cv_func_localtime_r = yes; then + HAVE_LOCALTIME_R=1 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether localtime_r is compatible with its POSIX signature" >&5 +$as_echo_n "checking whether localtime_r is compatible with its POSIX signature... " >&6; } +if ${gl_cv_time_r_posix+:} false; then : $as_echo_n "(cached) " >&6 else - - if test "$cross_compiling" = yes; then : - case "$host_os" in - # Guess yes on Android. - linux*-android*) gl_cv_func_snprintf_size1="guessing yes" ;; - # Guess yes on native Windows. - mingw*) gl_cv_func_snprintf_size1="guessing yes" ;; - *) gl_cv_func_snprintf_size1="guessing yes" ;; - esac - -else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +/* mingw's provides the functions asctime_r, ctime_r, + gmtime_r, localtime_r only if or has + been included before. */ + #if defined __MINGW32__ + # include + #endif + #include -#include -#if HAVE_SNPRINTF -# define my_snprintf snprintf -#else -# include -static int my_snprintf (char *buf, int size, const char *format, ...) -{ - va_list args; - int ret; - va_start (args, format); - ret = vsnprintf (buf, size, format, args); - va_end (args); - return ret; -} -#endif -int main() +int +main () { - static char buf[8] = { 'D', 'E', 'A', 'D', 'B', 'E', 'E', 'F' }; - my_snprintf (buf, 1, "%d", 12345); - return buf[1] != 'E'; +/* We don't need to append 'restrict's to the argument types, + even though the POSIX signature has the 'restrict's, + since C99 says they can't affect type compatibility. */ + struct tm * (*ptr) (time_t const *, struct tm *) = localtime_r; + if (ptr) return 0; + /* Check the return type is a pointer. + On HP-UX 10 it is 'int'. */ + *localtime_r (0, 0); + ; + return 0; } + _ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_snprintf_size1=yes +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_time_r_posix=yes else - gl_cv_func_snprintf_size1=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext + gl_cv_time_r_posix=no fi - +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_snprintf_size1" >&5 -$as_echo "$gl_cv_func_snprintf_size1" >&6; } - - case "$gl_cv_func_snprintf_size1" in - *yes) - - case "$gl_cv_func_snprintf_retval_c99" in - *yes) - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether printf supports POSIX/XSI format strings with positions" >&5 -$as_echo_n "checking whether printf supports POSIX/XSI format strings with positions... " >&6; } -if ${gl_cv_func_printf_positions+:} false; then : +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_time_r_posix" >&5 +$as_echo "$gl_cv_time_r_posix" >&6; } + if test $gl_cv_time_r_posix = yes; then + REPLACE_LOCALTIME_R=0 + else + REPLACE_LOCALTIME_R=1 + fi + else + HAVE_LOCALTIME_R=0 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether localtime_r exists as an inline function" >&5 +$as_echo_n "checking whether localtime_r exists as an inline function... " >&6; } +if ${gl_cv_func_localtime_r_inline+:} false; then : $as_echo_n "(cached) " >&6 else - - if test "$cross_compiling" = yes; then : - - case "$host_os" in - netbsd[1-3]* | netbsdelf[1-3]* | netbsdaout[1-3]* | netbsdcoff[1-3]*) - gl_cv_func_printf_positions="guessing no";; - beos*) gl_cv_func_printf_positions="guessing no";; - # Guess yes on Android. - linux*-android*) gl_cv_func_printf_positions="guessing yes";; - # Guess no on native Windows. - mingw* | pw*) gl_cv_func_printf_positions="guessing no";; - *) gl_cv_func_printf_positions="guessing yes";; - esac - -else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +/* mingw's provides the functions asctime_r, ctime_r, + gmtime_r, localtime_r only if or has + been included before. */ + #if defined __MINGW32__ + # include + #endif + #include -#include -#include -/* The string "%2$d %1$d", with dollar characters protected from the shell's - dollar expansion (possibly an autoconf bug). */ -static char format[] = { '%', '2', '$', 'd', ' ', '%', '1', '$', 'd', '\0' }; -static char buf[100]; -int main () +int +main () { - sprintf (buf, format, 33, 55); - return (strcmp (buf, "55 33") != 0); +time_t a; + struct tm r; + localtime_r (&a, &r); + + ; + return 0; } + _ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_printf_positions=yes +if ac_fn_c_try_link "$LINENO"; then : + gl_cv_func_localtime_r_inline=yes else - gl_cv_func_printf_positions=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext + gl_cv_func_localtime_r_inline=no fi - +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_printf_positions" >&5 -$as_echo "$gl_cv_func_printf_positions" >&6; } - - case "$gl_cv_func_printf_positions" in - *yes) - gl_cv_func_vsnprintf_usable=yes - ;; - esac - ;; - esac - ;; - esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_localtime_r_inline" >&5 +$as_echo "$gl_cv_func_localtime_r_inline" >&6; } + if test $gl_cv_func_localtime_r_inline = yes; then + REPLACE_LOCALTIME_R=1 + fi fi - if test $gl_cv_func_vsnprintf_usable = no; then - + if test $HAVE_LOCALTIME_R = 0 || test $REPLACE_LOCALTIME_R = 1; then @@ -31010,36 +34001,24 @@ $as_echo "$gl_cv_func_printf_positions" >&6; } - gl_LIBOBJS="$gl_LIBOBJS vsnprintf.$ac_objext" + gl_LIBOBJS="$gl_LIBOBJS time_r.$ac_objext" - if test $ac_cv_func_vsnprintf = yes; then - REPLACE_VSNPRINTF=1 - else - if test $ac_cv_have_decl_vsnprintf = yes; then - REPLACE_VSNPRINTF=1 - fi - fi : fi - if test $ac_cv_have_decl_vsnprintf = no; then - HAVE_DECL_VSNPRINTF=0 - fi - - - GNULIB_VSNPRINTF=1 + GNULIB_TIME_R=1 -$as_echo "#define GNULIB_TEST_VSNPRINTF 1" >>confdefs.h +$as_echo "#define GNULIB_TEST_TIME_R 1" >>confdefs.h @@ -31056,22 +34035,22 @@ $as_echo "#define GNULIB_TEST_VSNPRINTF 1" >>confdefs.h if test $gl_cv_have_include_next = yes; then - gl_cv_next_wchar_h='<'wchar.h'>' + gl_cv_next_unistd_h='<'unistd.h'>' else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 -$as_echo_n "checking absolute name of ... " >&6; } -if ${gl_cv_next_wchar_h+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_unistd_h+:} false; then : $as_echo_n "(cached) " >&6 else - if test $ac_cv_header_wchar_h = yes; then + if test $ac_cv_header_unistd_h = yes; then cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +#include _ACEOF case "$host_os" in aix*) gl_absname_cpp="$ac_cpp -C" ;; @@ -31087,7 +34066,7 @@ _ACEOF ;; esac gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' - gl_header_literal_regex=`echo 'wchar.h' \ + gl_header_literal_regex=`echo 'unistd.h' \ | sed -e "$gl_make_literal_regex_sed"` gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ @@ -31096,52 +34075,44 @@ _ACEOF q }' - gl_cv_absolute_wchar_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + gl_cv_absolute_unistd_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | sed -n "$gl_absolute_header_sed"` - gl_header=$gl_cv_absolute_wchar_h - gl_cv_next_wchar_h='"'$gl_header'"' + gl_header=$gl_cv_absolute_unistd_h + gl_cv_next_unistd_h='"'$gl_header'"' else - gl_cv_next_wchar_h='<'wchar.h'>' + gl_cv_next_unistd_h='<'unistd.h'>' fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_wchar_h" >&5 -$as_echo "$gl_cv_next_wchar_h" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_unistd_h" >&5 +$as_echo "$gl_cv_next_unistd_h" >&6; } fi - NEXT_WCHAR_H=$gl_cv_next_wchar_h + NEXT_UNISTD_H=$gl_cv_next_unistd_h if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'wchar.h'>' + gl_next_as_first_directive='<'unistd.h'>' else # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_wchar_h + gl_next_as_first_directive=$gl_cv_next_unistd_h fi - NEXT_AS_FIRST_DIRECTIVE_WCHAR_H=$gl_next_as_first_directive + NEXT_AS_FIRST_DIRECTIVE_UNISTD_H=$gl_next_as_first_directive - if test $ac_cv_header_wchar_h = yes; then - HAVE_WCHAR_H=1 + if test $ac_cv_header_unistd_h = yes; then + HAVE_UNISTD_H=1 else - HAVE_WCHAR_H=0 + HAVE_UNISTD_H=0 fi - if test $gt_cv_c_wint_t = yes; then - HAVE_WINT_T=1 - else - HAVE_WINT_T=0 - fi - - - @@ -31149,81 +34120,88 @@ $as_echo "$gl_cv_next_wchar_h" >&6; } - for ac_header in stdint.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "stdint.h" "ac_cv_header_stdint_h" "$ac_includes_default" -if test "x$ac_cv_header_stdint_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_STDINT_H 1 -_ACEOF + # Check whether --enable-valgrind-tests was given. +if test "${enable_valgrind_tests+set}" = set; then : + enableval=$enable_valgrind_tests; opt_valgrind_tests=$enableval +else + opt_valgrind_tests=no fi -done - - - # End of code from modules - - - - - - - - - - gltests_libdeps= - gltests_ltlibdeps= - - - - - - - - - - gl_source_base='gl/tests' - gltests_WITNESS=IN_`echo "${PACKAGE-$PACKAGE_TARNAME}" | LC_ALL=C tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ | LC_ALL=C sed -e 's/[^A-Z0-9_]/_/g'`_GNULIB_TESTS - - gl_module_indicator_condition=$gltests_WITNESS - - - if test "$ac_cv_header_winsock2_h" = yes; then - - - - - - - - - gltests_LIBOBJS="$gltests_LIBOBJS accept.$ac_objext" + # Run self-tests under valgrind? + if test "$opt_valgrind_tests" = "yes" && test "$cross_compiling" = no; then + for ac_prog in valgrind +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_VALGRIND+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$VALGRIND"; then + ac_cv_prog_VALGRIND="$VALGRIND" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_VALGRIND="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 fi +done + done +IFS=$as_save_IFS +fi +fi +VALGRIND=$ac_cv_prog_VALGRIND +if test -n "$VALGRIND"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $VALGRIND" >&5 +$as_echo "$VALGRIND" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + test -n "$VALGRIND" && break +done - if test "$GNULIB_ACCEPT" != 1; then - if test "$GNULIB_ACCEPT" = 0; then - GNULIB_ACCEPT=$gl_module_indicator_condition - else - GNULIB_ACCEPT="($GNULIB_ACCEPT || $gl_module_indicator_condition)" + if test "$VALGRIND"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for valgrind options for tests" >&5 +$as_echo_n "checking for valgrind options for tests... " >&6; } +if ${gl_cv_opt_valgrind_tests+:} false; then : + $as_echo_n "(cached) " >&6 +else + gl_cv_opt_valgrind_tests="-q --error-exitcode=1 --leak-check=full --track-origins=yes --gen-suppressions=all --suppressions=\$(srcdir)/suppressions.valgrind" + $VALGRIND $gl_valgrind_opts ls > /dev/null 2>&1 || + gl_cv_opt_valgrind_tests=no +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_opt_valgrind_tests" >&5 +$as_echo "$gl_cv_opt_valgrind_tests" >&6; } + + if test "$gl_cv_opt_valgrind_tests" != no; then + VALGRIND="$VALGRIND $gl_cv_opt_valgrind_tests" + else + VALGRIND= + fi fi fi - -$as_echo "#define GNULIB_TEST_ACCEPT 1" >>confdefs.h - + if test $ac_cv_func_vasnprintf = no; then - if test "$ac_cv_header_winsock2_h" = yes; then @@ -31231,351 +34209,93 @@ $as_echo "#define GNULIB_TEST_ACCEPT 1" >>confdefs.h + gl_LIBOBJS="$gl_LIBOBJS vasnprintf.$ac_objext" - gltests_LIBOBJS="$gltests_LIBOBJS bind.$ac_objext" - fi - if test "$GNULIB_BIND" != 1; then - if test "$GNULIB_BIND" = 0; then - GNULIB_BIND=$gl_module_indicator_condition - else - GNULIB_BIND="($GNULIB_BIND || $gl_module_indicator_condition)" - fi - fi + gl_LIBOBJS="$gl_LIBOBJS printf-args.$ac_objext" -$as_echo "#define GNULIB_TEST_BIND 1" >>confdefs.h - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a traditional french locale" >&5 -$as_echo_n "checking for a traditional french locale... " >&6; } -if ${gt_cv_locale_fr+:} false; then : - $as_echo_n "(cached) " >&6 -else + gl_LIBOBJS="$gl_LIBOBJS printf-parse.$ac_objext" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include -#include -#if HAVE_LANGINFO_CODESET -# include -#endif -#include -#include -struct tm t; -char buf[16]; -int main () { - /* On BeOS and Haiku, locales are not implemented in libc. Rather, libintl - imitates locale dependent behaviour by looking at the environment - variables, and all locales use the UTF-8 encoding. */ -#if defined __BEOS__ || defined __HAIKU__ - return 1; -#else - /* Check whether the given locale name is recognized by the system. */ -# if defined _WIN32 && !defined __CYGWIN__ - /* On native Windows, setlocale(category, "") looks at the system settings, - not at the environment variables. Also, when an encoding suffix such - as ".65001" or ".54936" is specified, it succeeds but sets the LC_CTYPE - category of the locale to "C". */ - if (setlocale (LC_ALL, getenv ("LC_ALL")) == NULL - || strcmp (setlocale (LC_CTYPE, NULL), "C") == 0) - return 1; -# else - if (setlocale (LC_ALL, "") == NULL) return 1; -# endif - /* Check whether nl_langinfo(CODESET) is nonempty and not "ASCII" or "646". - On Mac OS X 10.3.5 (Darwin 7.5) in the fr_FR locale, nl_langinfo(CODESET) - is empty, and the behaviour of Tcl 8.4 in this locale is not useful. - On OpenBSD 4.0, when an unsupported locale is specified, setlocale() - succeeds but then nl_langinfo(CODESET) is "646". In this situation, - some unit tests fail. - On MirBSD 10, when an unsupported locale is specified, setlocale() - succeeds but then nl_langinfo(CODESET) is "UTF-8". */ -# if HAVE_LANGINFO_CODESET - { - const char *cs = nl_langinfo (CODESET); - if (cs[0] == '\0' || strcmp (cs, "ASCII") == 0 || strcmp (cs, "646") == 0 - || strcmp (cs, "UTF-8") == 0) - return 1; - } -# endif -# ifdef __CYGWIN__ - /* On Cygwin, avoid locale names without encoding suffix, because the - locale_charset() function relies on the encoding suffix. Note that - LC_ALL is set on the command line. */ - if (strchr (getenv ("LC_ALL"), '.') == NULL) return 1; -# endif - /* Check whether in the abbreviation of the second month, the second - character (should be U+00E9: LATIN SMALL LETTER E WITH ACUTE) is only - one byte long. This excludes the UTF-8 encoding. */ - t.tm_year = 1975 - 1900; t.tm_mon = 2 - 1; t.tm_mday = 4; - if (strftime (buf, sizeof (buf), "%b", &t) < 3 || buf[2] != 'v') return 1; -# if !defined __BIONIC__ /* Bionic libc's 'struct lconv' is just a dummy. */ - /* Check whether the decimal separator is a comma. - On NetBSD 3.0 in the fr_FR.ISO8859-1 locale, localeconv()->decimal_point - are nl_langinfo(RADIXCHAR) are both ".". */ - if (localeconv () ->decimal_point[0] != ',') return 1; -# endif - return 0; -#endif -} -_ACEOF - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 - (eval $ac_link) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && test -s conftest$ac_exeext; then - case "$host_os" in - # Handle native Windows specially, because there setlocale() interprets - # "ar" as "Arabic" or "Arabic_Saudi Arabia.1256", - # "fr" or "fra" as "French" or "French_France.1252", - # "ge"(!) or "deu"(!) as "German" or "German_Germany.1252", - # "ja" as "Japanese" or "Japanese_Japan.932", - # and similar. - mingw*) - # Test for the native Windows locale name. - if (LC_ALL=French_France.1252 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then - gt_cv_locale_fr=French_France.1252 - else - # None found. - gt_cv_locale_fr=none - fi - ;; - *) - # Setting LC_ALL is not enough. Need to set LC_TIME to empty, because - # otherwise on Mac OS X 10.3.5 the LC_TIME=C from the beginning of the - # configure script would override the LC_ALL setting. Likewise for - # LC_CTYPE, which is also set at the beginning of the configure script. - # Test for the usual locale name. - if (LC_ALL=fr_FR LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then - gt_cv_locale_fr=fr_FR - else - # Test for the locale name with explicit encoding suffix. - if (LC_ALL=fr_FR.ISO-8859-1 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then - gt_cv_locale_fr=fr_FR.ISO-8859-1 - else - # Test for the AIX, OSF/1, FreeBSD, NetBSD, OpenBSD locale name. - if (LC_ALL=fr_FR.ISO8859-1 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then - gt_cv_locale_fr=fr_FR.ISO8859-1 - else - # Test for the HP-UX locale name. - if (LC_ALL=fr_FR.iso88591 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then - gt_cv_locale_fr=fr_FR.iso88591 - else - # Test for the Solaris 7 locale name. - if (LC_ALL=fr LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then - gt_cv_locale_fr=fr - else - # None found. - gt_cv_locale_fr=none - fi - fi - fi - fi - fi - ;; - esac - fi - rm -fr conftest* -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_locale_fr" >&5 -$as_echo "$gt_cv_locale_fr" >&6; } - LOCALE_FR=$gt_cv_locale_fr - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a turkish Unicode locale" >&5 -$as_echo_n "checking for a turkish Unicode locale... " >&6; } -if ${gt_cv_locale_tr_utf8+:} false; then : - $as_echo_n "(cached) " >&6 -else + gl_LIBOBJS="$gl_LIBOBJS asnprintf.$ac_objext" - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ + if test $ac_cv_func_vasnprintf = yes; then -#include -#include -#if HAVE_LANGINFO_CODESET -# include -#endif -#include -#include -struct tm t; -char buf[16]; -int main () { - /* On BeOS, locales are not implemented in libc. Rather, libintl - imitates locale dependent behaviour by looking at the environment - variables, and all locales use the UTF-8 encoding. But BeOS does not - implement the Turkish upper-/lowercase mappings. Therefore, let this - program return 1 on BeOS. */ - /* Check whether the given locale name is recognized by the system. */ -#if defined _WIN32 && !defined __CYGWIN__ - /* On native Windows, setlocale(category, "") looks at the system settings, - not at the environment variables. Also, when an encoding suffix such - as ".65001" or ".54936" is specified, it succeeds but sets the LC_CTYPE - category of the locale to "C". */ - if (setlocale (LC_ALL, getenv ("LC_ALL")) == NULL - || strcmp (setlocale (LC_CTYPE, NULL), "C") == 0) - return 1; -#else - if (setlocale (LC_ALL, "") == NULL) return 1; -#endif - /* Check whether nl_langinfo(CODESET) is nonempty and not "ASCII" or "646". - On Mac OS X 10.3.5 (Darwin 7.5) in the tr_TR locale, nl_langinfo(CODESET) - is empty, and the behaviour of Tcl 8.4 in this locale is not useful. - On OpenBSD 4.0, when an unsupported locale is specified, setlocale() - succeeds but then nl_langinfo(CODESET) is "646". In this situation, - some unit tests fail. */ -#if HAVE_LANGINFO_CODESET - { - const char *cs = nl_langinfo (CODESET); - if (cs[0] == '\0' || strcmp (cs, "ASCII") == 0 || strcmp (cs, "646") == 0) - return 1; - } -#endif -#ifdef __CYGWIN__ - /* On Cygwin, avoid locale names without encoding suffix, because the - locale_charset() function relies on the encoding suffix. Note that - LC_ALL is set on the command line. */ - if (strchr (getenv ("LC_ALL"), '.') == NULL) return 1; -#endif - /* Check whether in the abbreviation of the eighth month, the second - character (should be U+011F: LATIN SMALL LETTER G WITH BREVE) is - two bytes long, with UTF-8 encoding. */ - t.tm_year = 1992 - 1900; t.tm_mon = 8 - 1; t.tm_mday = 19; - if (strftime (buf, sizeof (buf), "%b", &t) < 4 - || buf[1] != (char) 0xc4 || buf[2] != (char) 0x9f) - return 1; - /* Check whether the upper-/lowercase mappings are as expected for - Turkish. */ - if (towupper ('i') != 0x0130 || towlower (0x0130) != 'i' - || towupper(0x0131) != 'I' || towlower ('I') != 0x0131) - return 1; - return 0; -} +$as_echo "#define REPLACE_VASNPRINTF 1" >>confdefs.h -_ACEOF - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 - (eval $ac_link) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && test -s conftest$ac_exeext; then - case "$host_os" in - # Handle native Windows specially, because there setlocale() interprets - # "ar" as "Arabic" or "Arabic_Saudi Arabia.1256", - # "fr" or "fra" as "French" or "French_France.1252", - # "ge"(!) or "deu"(!) as "German" or "German_Germany.1252", - # "ja" as "Japanese" or "Japanese_Japan.932", - # and similar. - mingw*) - # Test for the hypothetical native Windows locale name. - if (LC_ALL=Turkish_Turkey.65001 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then - gt_cv_locale_tr_utf8=Turkish_Turkey.65001 - else - # None found. - gt_cv_locale_tr_utf8=none - fi - ;; - *) - # Setting LC_ALL is not enough. Need to set LC_TIME to empty, because - # otherwise on Mac OS X 10.3.5 the LC_TIME=C from the beginning of the - # configure script would override the LC_ALL setting. Likewise for - # LC_CTYPE, which is also set at the beginning of the configure script. - # Test for the usual locale name. - if (LC_ALL=tr_TR LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then - gt_cv_locale_tr_utf8=tr_TR - else - # Test for the locale name with explicit encoding suffix. - if (LC_ALL=tr_TR.UTF-8 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then - gt_cv_locale_tr_utf8=tr_TR.UTF-8 - else - # Test for the Solaris 7 locale name. - if (LC_ALL=tr.UTF-8 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then - gt_cv_locale_tr_utf8=tr.UTF-8 - else - # None found. - gt_cv_locale_tr_utf8=none - fi - fi - fi - ;; - esac - else - gt_cv_locale_tr_utf8=none - fi - rm -fr conftest* + fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_locale_tr_utf8" >&5 -$as_echo "$gt_cv_locale_tr_utf8" >&6; } - LOCALE_TR_UTF8=$gt_cv_locale_tr_utf8 -$as_echo "#define GNULIB_TEST_CLOEXEC 1" >>confdefs.h + ac_fn_c_check_type "$LINENO" "ptrdiff_t" "ac_cv_type_ptrdiff_t" "$ac_includes_default" +if test "x$ac_cv_type_ptrdiff_t" = xyes; then : +else - if test $HAVE_MSVC_INVALID_PARAMETER_HANDLER = 1; then - REPLACE_CLOSE=1 - fi +$as_echo "#define ptrdiff_t long" >>confdefs.h +fi - if test $ac_cv_header_sys_socket_h != yes; then - for ac_header in winsock2.h + + + + fi + + + for ac_func in vasprintf do : - ac_fn_c_check_header_mongrel "$LINENO" "winsock2.h" "ac_cv_header_winsock2_h" "$ac_includes_default" -if test "x$ac_cv_header_winsock2_h" = xyes; then : + ac_fn_c_check_func "$LINENO" "vasprintf" "ac_cv_func_vasprintf" +if test "x$ac_cv_func_vasprintf" = xyes; then : cat >>confdefs.h <<_ACEOF -#define HAVE_WINSOCK2_H 1 +#define HAVE_VASPRINTF 1 _ACEOF fi - done - fi - if test "$ac_cv_header_winsock2_h" = yes; then - HAVE_WINSOCK2_H=1 - UNISTD_H_HAVE_WINSOCK2_H=1 - SYS_IOCTL_H_HAVE_WINSOCK2_H=1 - else - HAVE_WINSOCK2_H=0 - fi + if test $ac_cv_func_vasprintf = no; then + - if test $UNISTD_H_HAVE_WINSOCK2_H = 1; then - REPLACE_CLOSE=1 - fi - if test $REPLACE_CLOSE = 1; then + + + + gl_LIBOBJS="$gl_LIBOBJS vasprintf.$ac_objext" @@ -31584,61 +34304,229 @@ done - gltests_LIBOBJS="$gltests_LIBOBJS close.$ac_objext" + gl_LIBOBJS="$gl_LIBOBJS asprintf.$ac_objext" + + + if test $ac_cv_func_vasprintf = yes; then + REPLACE_VASPRINTF=1 + else + HAVE_VASPRINTF=0 fi - if test "$GNULIB_CLOSE" != 1; then - if test "$GNULIB_CLOSE" = 0; then - GNULIB_CLOSE=$gl_module_indicator_condition - else - GNULIB_CLOSE="($GNULIB_CLOSE || $gl_module_indicator_condition)" - fi + + + fi -$as_echo "#define GNULIB_TEST_CLOSE 1" >>confdefs.h + + GNULIB_VASPRINTF=1 - if test "$ac_cv_header_winsock2_h" = yes; then + +$as_echo "#define GNULIB_TEST_VASPRINTF 1" >>confdefs.h + XGETTEXT_EXTRA_OPTIONS="$XGETTEXT_EXTRA_OPTIONS --flag=asprintf:2:c-format" - gltests_LIBOBJS="$gltests_LIBOBJS connect.$ac_objext" + XGETTEXT_EXTRA_OPTIONS="$XGETTEXT_EXTRA_OPTIONS --flag=vasprintf:2:c-format" + + + + gl_cv_func_vsnprintf_usable=no + for ac_func in vsnprintf +do : + ac_fn_c_check_func "$LINENO" "vsnprintf" "ac_cv_func_vsnprintf" +if test "x$ac_cv_func_vsnprintf" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_VSNPRINTF 1 +_ACEOF + +fi +done + + if test $ac_cv_func_vsnprintf = yes; then + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether snprintf respects a size of 1" >&5 +$as_echo_n "checking whether snprintf respects a size of 1... " >&6; } +if ${gl_cv_func_snprintf_size1+:} false; then : + $as_echo_n "(cached) " >&6 +else + + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess yes on Android. + linux*-android*) gl_cv_func_snprintf_size1="guessing yes" ;; + # Guess yes on native Windows. + mingw*) gl_cv_func_snprintf_size1="guessing yes" ;; + *) gl_cv_func_snprintf_size1="guessing yes" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#if HAVE_SNPRINTF +# define my_snprintf snprintf +#else +# include +static int my_snprintf (char *buf, int size, const char *format, ...) +{ + va_list args; + int ret; + va_start (args, format); + ret = vsnprintf (buf, size, format, args); + va_end (args); + return ret; +} +#endif +int main() +{ + static char buf[8] = { 'D', 'E', 'A', 'D', 'B', 'E', 'E', 'F' }; + my_snprintf (buf, 1, "%d", 12345); + return buf[1] != 'E'; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_snprintf_size1=yes +else + gl_cv_func_snprintf_size1=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_snprintf_size1" >&5 +$as_echo "$gl_cv_func_snprintf_size1" >&6; } + + case "$gl_cv_func_snprintf_size1" in + *yes) + + case "$gl_cv_func_snprintf_retval_c99" in + *yes) + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether printf supports POSIX/XSI format strings with positions" >&5 +$as_echo_n "checking whether printf supports POSIX/XSI format strings with positions... " >&6; } +if ${gl_cv_func_printf_positions+:} false; then : + $as_echo_n "(cached) " >&6 +else + + if test "$cross_compiling" = yes; then : + + case "$host_os" in + netbsd[1-3]* | netbsdelf[1-3]* | netbsdaout[1-3]* | netbsdcoff[1-3]*) + gl_cv_func_printf_positions="guessing no";; + beos*) gl_cv_func_printf_positions="guessing no";; + # Guess yes on Android. + linux*-android*) gl_cv_func_printf_positions="guessing yes";; + # Guess no on native Windows. + mingw* | pw*) gl_cv_func_printf_positions="guessing no";; + *) gl_cv_func_printf_positions="guessing yes";; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +/* The string "%2$d %1$d", with dollar characters protected from the shell's + dollar expansion (possibly an autoconf bug). */ +static char format[] = { '%', '2', '$', 'd', ' ', '%', '1', '$', 'd', '\0' }; +static char buf[100]; +int main () +{ + sprintf (buf, format, 33, 55); + return (strcmp (buf, "55 33") != 0); +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_printf_positions=yes +else + gl_cv_func_printf_positions=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_printf_positions" >&5 +$as_echo "$gl_cv_func_printf_positions" >&6; } + case "$gl_cv_func_printf_positions" in + *yes) + gl_cv_func_vsnprintf_usable=yes + ;; + esac + ;; + esac + ;; + esac fi + if test $gl_cv_func_vsnprintf_usable = no; then - if test "$GNULIB_CONNECT" != 1; then - if test "$GNULIB_CONNECT" = 0; then - GNULIB_CONNECT=$gl_module_indicator_condition - else - GNULIB_CONNECT="($GNULIB_CONNECT || $gl_module_indicator_condition)" + + + + + + gl_LIBOBJS="$gl_LIBOBJS vsnprintf.$ac_objext" + + if test $ac_cv_func_vsnprintf = yes; then + REPLACE_VSNPRINTF=1 + else + + if test $ac_cv_have_decl_vsnprintf = yes; then + REPLACE_VSNPRINTF=1 fi fi + : + + fi + + if test $ac_cv_have_decl_vsnprintf = no; then + HAVE_DECL_VSNPRINTF=0 + fi -$as_echo "#define GNULIB_TEST_CONNECT 1" >>confdefs.h + + GNULIB_VSNPRINTF=1 + + + + + +$as_echo "#define GNULIB_TEST_VSNPRINTF 1" >>confdefs.h + @@ -31654,19 +34542,22 @@ $as_echo "#define GNULIB_TEST_CONNECT 1" >>confdefs.h if test $gl_cv_have_include_next = yes; then - gl_cv_next_ctype_h='<'ctype.h'>' + gl_cv_next_wchar_h='<'wchar.h'>' else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 -$as_echo_n "checking absolute name of ... " >&6; } -if ${gl_cv_next_ctype_h+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_wchar_h+:} false; then : $as_echo_n "(cached) " >&6 else + if test $ac_cv_header_wchar_h = yes; then + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +#include _ACEOF case "$host_os" in aix*) gl_absname_cpp="$ac_cpp -C" ;; @@ -31682,7 +34573,7 @@ _ACEOF ;; esac gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' - gl_header_literal_regex=`echo 'ctype.h' \ + gl_header_literal_regex=`echo 'wchar.h' \ | sed -e "$gl_make_literal_regex_sed"` gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ @@ -31691,167 +34582,77 @@ _ACEOF q }' - gl_cv_absolute_ctype_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + gl_cv_absolute_wchar_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | sed -n "$gl_absolute_header_sed"` - gl_header=$gl_cv_absolute_ctype_h - gl_cv_next_ctype_h='"'$gl_header'"' + gl_header=$gl_cv_absolute_wchar_h + gl_cv_next_wchar_h='"'$gl_header'"' + else + gl_cv_next_wchar_h='<'wchar.h'>' + fi fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_ctype_h" >&5 -$as_echo "$gl_cv_next_ctype_h" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_wchar_h" >&5 +$as_echo "$gl_cv_next_wchar_h" >&6; } fi - NEXT_CTYPE_H=$gl_cv_next_ctype_h + NEXT_WCHAR_H=$gl_cv_next_wchar_h if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'ctype.h'>' + gl_next_as_first_directive='<'wchar.h'>' else # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_ctype_h + gl_next_as_first_directive=$gl_cv_next_wchar_h fi - NEXT_AS_FIRST_DIRECTIVE_CTYPE_H=$gl_next_as_first_directive - - - - - + NEXT_AS_FIRST_DIRECTIVE_WCHAR_H=$gl_next_as_first_directive + if test $ac_cv_header_wchar_h = yes; then + HAVE_WCHAR_H=1 + else + HAVE_WCHAR_H=0 + fi -$as_echo "#define HAVE_DUP2 1" >>confdefs.h + if test $gt_cv_c_wint_t = yes; then + HAVE_WINT_T=1 + else + HAVE_WINT_T=0 + fi - if test $HAVE_DUP2 = 1; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether dup2 works" >&5 -$as_echo_n "checking whether dup2 works... " >&6; } -if ${gl_cv_func_dup2_works+:} false; then : - $as_echo_n "(cached) " >&6 -else - if test "$cross_compiling" = yes; then : - case "$host_os" in - mingw*) # on this platform, dup2 always returns 0 for success - gl_cv_func_dup2_works="guessing no" ;; - cygwin*) # on cygwin 1.5.x, dup2(1,1) returns 0 - gl_cv_func_dup2_works="guessing no" ;; - aix* | freebsd*) - # on AIX 7.1 and FreeBSD 6.1, dup2 (1,toobig) gives EMFILE, - # not EBADF. - gl_cv_func_dup2_works="guessing no" ;; - haiku*) # on Haiku alpha 2, dup2(1, 1) resets FD_CLOEXEC. - gl_cv_func_dup2_works="guessing no" ;; - *-android*) # implemented using dup3(), which fails if oldfd == newfd - gl_cv_func_dup2_works="guessing no" ;; - os2*) # on OS/2 kLIBC, dup2() does not work on a directory fd. - gl_cv_func_dup2_works="guessing no" ;; - *) gl_cv_func_dup2_works="guessing yes" ;; - esac -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - #include - #include - #include - #include - #include - #ifndef RLIM_SAVED_CUR - # define RLIM_SAVED_CUR RLIM_INFINITY - #endif - #ifndef RLIM_SAVED_MAX - # define RLIM_SAVED_MAX RLIM_INFINITY - #endif -int -main () -{ -int result = 0; - int bad_fd = INT_MAX; - struct rlimit rlim; - if (getrlimit (RLIMIT_NOFILE, &rlim) == 0 - && 0 <= rlim.rlim_cur && rlim.rlim_cur <= INT_MAX - && rlim.rlim_cur != RLIM_INFINITY - && rlim.rlim_cur != RLIM_SAVED_MAX - && rlim.rlim_cur != RLIM_SAVED_CUR) - bad_fd = rlim.rlim_cur; - #ifdef FD_CLOEXEC - if (fcntl (1, F_SETFD, FD_CLOEXEC) == -1) - result |= 1; - #endif - if (dup2 (1, 1) != 1) - result |= 2; - #ifdef FD_CLOEXEC - if (fcntl (1, F_GETFD) != FD_CLOEXEC) - result |= 4; - #endif - close (0); - if (dup2 (0, 0) != -1) - result |= 8; - /* Many gnulib modules require POSIX conformance of EBADF. */ - if (dup2 (2, bad_fd) == -1 && errno != EBADF) - result |= 16; - /* Flush out some cygwin core dumps. */ - if (dup2 (2, -1) != -1 || errno != EBADF) - result |= 32; - dup2 (2, 255); - dup2 (2, 256); - /* On OS/2 kLIBC, dup2() does not work on a directory fd. */ - { - int fd = open (".", O_RDONLY); - if (fd == -1) - result |= 64; - else if (dup2 (fd, fd + 1) == -1) - result |= 128; - close (fd); - } - return result; - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_dup2_works=yes -else - gl_cv_func_dup2_works=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_dup2_works" >&5 -$as_echo "$gl_cv_func_dup2_works" >&6; } - case "$gl_cv_func_dup2_works" in - *yes) ;; - *) - REPLACE_DUP2=1 - for ac_func in setdtablesize + + + + + for ac_header in stdint.h do : - ac_fn_c_check_func "$LINENO" "setdtablesize" "ac_cv_func_setdtablesize" -if test "x$ac_cv_func_setdtablesize" = xyes; then : + ac_fn_c_check_header_mongrel "$LINENO" "stdint.h" "ac_cv_header_stdint_h" "$ac_includes_default" +if test "x$ac_cv_header_stdint_h" = xyes; then : cat >>confdefs.h <<_ACEOF -#define HAVE_SETDTABLESIZE 1 +#define HAVE_STDINT_H 1 _ACEOF fi + done - ;; - esac - fi + + # End of code from modules - if test $HAVE_DUP2 = 0 || test $REPLACE_DUP2 = 1; then @@ -31859,29 +34660,25 @@ done + gltests_libdeps= + gltests_ltlibdeps= - gltests_LIBOBJS="$gltests_LIBOBJS dup2.$ac_objext" - fi - if test "$GNULIB_DUP2" != 1; then - if test "$GNULIB_DUP2" = 0; then - GNULIB_DUP2=$gl_module_indicator_condition - else - GNULIB_DUP2="($GNULIB_DUP2 || $gl_module_indicator_condition)" - fi - fi + gl_source_base='gl/tests' + gltests_WITNESS=IN_`echo "${PACKAGE-$PACKAGE_TARNAME}" | LC_ALL=C tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ | LC_ALL=C sed -e 's/[^A-Z0-9_]/_/g'`_GNULIB_TESTS + gl_module_indicator_condition=$gltests_WITNESS -$as_echo "#define GNULIB_TEST_DUP2 1" >>confdefs.h + if test "$ac_cv_header_winsock2_h" = yes; then @@ -31890,12 +34687,19 @@ $as_echo "#define GNULIB_TEST_DUP2 1" >>confdefs.h + gltests_LIBOBJS="$gltests_LIBOBJS accept.$ac_objext" - if test "$GNULIB_ENVIRON" != 1; then - if test "$GNULIB_ENVIRON" = 0; then - GNULIB_ENVIRON=$gl_module_indicator_condition + fi + + + + + + if test "$GNULIB_ACCEPT" != 1; then + if test "$GNULIB_ACCEPT" = 0; then + GNULIB_ACCEPT=$gl_module_indicator_condition else - GNULIB_ENVIRON="($GNULIB_ENVIRON || $gl_module_indicator_condition)" + GNULIB_ACCEPT="($GNULIB_ACCEPT || $gl_module_indicator_condition)" fi fi @@ -31903,179 +34707,319 @@ $as_echo "#define GNULIB_TEST_DUP2 1" >>confdefs.h -$as_echo "#define GNULIB_TEST_ENVIRON 1" >>confdefs.h +$as_echo "#define GNULIB_TEST_ACCEPT 1" >>confdefs.h + if test "$ac_cv_header_winsock2_h" = yes; then - if test $ac_cv_func_fcntl = no; then - if test $ac_cv_func_fcntl = no; then - HAVE_FCNTL=0 - else - REPLACE_FCNTL=1 + + gltests_LIBOBJS="$gltests_LIBOBJS bind.$ac_objext" + fi - else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fcntl handles F_DUPFD correctly" >&5 -$as_echo_n "checking whether fcntl handles F_DUPFD correctly... " >&6; } -if ${gl_cv_func_fcntl_f_dupfd_works+:} false; then : + + + + + if test "$GNULIB_BIND" != 1; then + if test "$GNULIB_BIND" = 0; then + GNULIB_BIND=$gl_module_indicator_condition + else + GNULIB_BIND="($GNULIB_BIND || $gl_module_indicator_condition)" + fi + fi + + + + + +$as_echo "#define GNULIB_TEST_BIND 1" >>confdefs.h + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a traditional french locale" >&5 +$as_echo_n "checking for a traditional french locale... " >&6; } +if ${gt_cv_locale_fr+:} false; then : $as_echo_n "(cached) " >&6 else - if test "$cross_compiling" = yes; then : - case $host_os in - aix* | cygwin* | haiku*) - gl_cv_func_fcntl_f_dupfd_works="guessing no" ;; - *) gl_cv_func_fcntl_f_dupfd_works="guessing yes" ;; - esac -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - #include - #include - #include - #include - #ifndef RLIM_SAVED_CUR - # define RLIM_SAVED_CUR RLIM_INFINITY - #endif - #ifndef RLIM_SAVED_MAX - # define RLIM_SAVED_MAX RLIM_INFINITY - #endif -int -main () -{ -int result = 0; - int bad_fd = INT_MAX; - struct rlimit rlim; - if (getrlimit (RLIMIT_NOFILE, &rlim) == 0 - && 0 <= rlim.rlim_cur && rlim.rlim_cur <= INT_MAX - && rlim.rlim_cur != RLIM_INFINITY - && rlim.rlim_cur != RLIM_SAVED_MAX - && rlim.rlim_cur != RLIM_SAVED_CUR) - bad_fd = rlim.rlim_cur; - if (fcntl (0, F_DUPFD, -1) != -1) result |= 1; - if (errno != EINVAL) result |= 2; - if (fcntl (0, F_DUPFD, bad_fd) != -1) result |= 4; - if (errno != EINVAL) result |= 8; - /* On OS/2 kLIBC, F_DUPFD does not work on a directory fd */ - { - int fd; - fd = open (".", O_RDONLY); - if (fd == -1) - result |= 16; - else if (fcntl (fd, F_DUPFD, STDERR_FILENO + 1) == -1) - result |= 32; + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ - close (fd); - } - return result; - ; +#include +#include +#if HAVE_LANGINFO_CODESET +# include +#endif +#include +#include +struct tm t; +char buf[16]; +int main () { + /* On BeOS and Haiku, locales are not implemented in libc. Rather, libintl + imitates locale dependent behaviour by looking at the environment + variables, and all locales use the UTF-8 encoding. */ +#if defined __BEOS__ || defined __HAIKU__ + return 1; +#else + /* Check whether the given locale name is recognized by the system. */ +# if defined _WIN32 && !defined __CYGWIN__ + /* On native Windows, setlocale(category, "") looks at the system settings, + not at the environment variables. Also, when an encoding suffix such + as ".65001" or ".54936" is specified, it succeeds but sets the LC_CTYPE + category of the locale to "C". */ + if (setlocale (LC_ALL, getenv ("LC_ALL")) == NULL + || strcmp (setlocale (LC_CTYPE, NULL), "C") == 0) + return 1; +# else + if (setlocale (LC_ALL, "") == NULL) return 1; +# endif + /* Check whether nl_langinfo(CODESET) is nonempty and not "ASCII" or "646". + On Mac OS X 10.3.5 (Darwin 7.5) in the fr_FR locale, nl_langinfo(CODESET) + is empty, and the behaviour of Tcl 8.4 in this locale is not useful. + On OpenBSD 4.0, when an unsupported locale is specified, setlocale() + succeeds but then nl_langinfo(CODESET) is "646". In this situation, + some unit tests fail. + On MirBSD 10, when an unsupported locale is specified, setlocale() + succeeds but then nl_langinfo(CODESET) is "UTF-8". */ +# if HAVE_LANGINFO_CODESET + { + const char *cs = nl_langinfo (CODESET); + if (cs[0] == '\0' || strcmp (cs, "ASCII") == 0 || strcmp (cs, "646") == 0 + || strcmp (cs, "UTF-8") == 0) + return 1; + } +# endif +# ifdef __CYGWIN__ + /* On Cygwin, avoid locale names without encoding suffix, because the + locale_charset() function relies on the encoding suffix. Note that + LC_ALL is set on the command line. */ + if (strchr (getenv ("LC_ALL"), '.') == NULL) return 1; +# endif + /* Check whether in the abbreviation of the second month, the second + character (should be U+00E9: LATIN SMALL LETTER E WITH ACUTE) is only + one byte long. This excludes the UTF-8 encoding. */ + t.tm_year = 1975 - 1900; t.tm_mon = 2 - 1; t.tm_mday = 4; + if (strftime (buf, sizeof (buf), "%b", &t) < 3 || buf[2] != 'v') return 1; +# if !defined __BIONIC__ /* Bionic libc's 'struct lconv' is just a dummy. */ + /* Check whether the decimal separator is a comma. + On NetBSD 3.0 in the fr_FR.ISO8859-1 locale, localeconv()->decimal_point + are nl_langinfo(RADIXCHAR) are both ".". */ + if (localeconv () ->decimal_point[0] != ',') return 1; +# endif return 0; +#endif } + _ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_fcntl_f_dupfd_works=yes -else - gl_cv_func_fcntl_f_dupfd_works=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 + (eval $ac_link) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s conftest$ac_exeext; then + case "$host_os" in + # Handle native Windows specially, because there setlocale() interprets + # "ar" as "Arabic" or "Arabic_Saudi Arabia.1256", + # "fr" or "fra" as "French" or "French_France.1252", + # "ge"(!) or "deu"(!) as "German" or "German_Germany.1252", + # "ja" as "Japanese" or "Japanese_Japan.932", + # and similar. + mingw*) + # Test for the native Windows locale name. + if (LC_ALL=French_France.1252 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then + gt_cv_locale_fr=French_France.1252 + else + # None found. + gt_cv_locale_fr=none + fi + ;; + *) + # Setting LC_ALL is not enough. Need to set LC_TIME to empty, because + # otherwise on Mac OS X 10.3.5 the LC_TIME=C from the beginning of the + # configure script would override the LC_ALL setting. Likewise for + # LC_CTYPE, which is also set at the beginning of the configure script. + # Test for the usual locale name. + if (LC_ALL=fr_FR LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then + gt_cv_locale_fr=fr_FR + else + # Test for the locale name with explicit encoding suffix. + if (LC_ALL=fr_FR.ISO-8859-1 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then + gt_cv_locale_fr=fr_FR.ISO-8859-1 + else + # Test for the AIX, OSF/1, FreeBSD, NetBSD, OpenBSD locale name. + if (LC_ALL=fr_FR.ISO8859-1 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then + gt_cv_locale_fr=fr_FR.ISO8859-1 + else + # Test for the HP-UX locale name. + if (LC_ALL=fr_FR.iso88591 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then + gt_cv_locale_fr=fr_FR.iso88591 + else + # Test for the Solaris 7 locale name. + if (LC_ALL=fr LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then + gt_cv_locale_fr=fr + else + # None found. + gt_cv_locale_fr=none + fi + fi + fi + fi + fi + ;; + esac + fi + rm -fr conftest* fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fcntl_f_dupfd_works" >&5 -$as_echo "$gl_cv_func_fcntl_f_dupfd_works" >&6; } - case $gl_cv_func_fcntl_f_dupfd_works in - *yes) ;; - *) +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_locale_fr" >&5 +$as_echo "$gt_cv_locale_fr" >&6; } + LOCALE_FR=$gt_cv_locale_fr - if test $ac_cv_func_fcntl = no; then - HAVE_FCNTL=0 - else - REPLACE_FCNTL=1 - fi -$as_echo "#define FCNTL_DUPFD_BUGGY 1" >>confdefs.h - ;; - esac - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fcntl understands F_DUPFD_CLOEXEC" >&5 -$as_echo_n "checking whether fcntl understands F_DUPFD_CLOEXEC... " >&6; } -if ${gl_cv_func_fcntl_f_dupfd_cloexec+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a turkish Unicode locale" >&5 +$as_echo_n "checking for a turkish Unicode locale... " >&6; } +if ${gt_cv_locale_tr_utf8+:} false; then : $as_echo_n "(cached) " >&6 else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#ifndef F_DUPFD_CLOEXEC -choke me -#endif - -int -main () -{ - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - cat confdefs.h - <<_ACEOF >conftest.$ac_ext + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#ifdef __linux__ -/* The Linux kernel only added F_DUPFD_CLOEXEC in 2.6.24, so we always replace - it to support the semantics on older kernels that failed with EINVAL. */ -choke me +#include +#include +#if HAVE_LANGINFO_CODESET +# include #endif - -int -main () -{ - - ; +#include +#include +#include +struct tm t; +char buf[16]; +int main () { + /* On BeOS, locales are not implemented in libc. Rather, libintl + imitates locale dependent behaviour by looking at the environment + variables, and all locales use the UTF-8 encoding. But BeOS does not + implement the Turkish upper-/lowercase mappings. Therefore, let this + program return 1 on BeOS. */ + /* Check whether the given locale name is recognized by the system. */ +#if defined _WIN32 && !defined __CYGWIN__ + /* On native Windows, setlocale(category, "") looks at the system settings, + not at the environment variables. Also, when an encoding suffix such + as ".65001" or ".54936" is specified, it succeeds but sets the LC_CTYPE + category of the locale to "C". */ + if (setlocale (LC_ALL, getenv ("LC_ALL")) == NULL + || strcmp (setlocale (LC_CTYPE, NULL), "C") == 0) + return 1; +#else + if (setlocale (LC_ALL, "") == NULL) return 1; +#endif + /* Check whether nl_langinfo(CODESET) is nonempty and not "ASCII" or "646". + On Mac OS X 10.3.5 (Darwin 7.5) in the tr_TR locale, nl_langinfo(CODESET) + is empty, and the behaviour of Tcl 8.4 in this locale is not useful. + On OpenBSD 4.0, when an unsupported locale is specified, setlocale() + succeeds but then nl_langinfo(CODESET) is "646". In this situation, + some unit tests fail. */ +#if HAVE_LANGINFO_CODESET + { + const char *cs = nl_langinfo (CODESET); + if (cs[0] == '\0' || strcmp (cs, "ASCII") == 0 || strcmp (cs, "646") == 0) + return 1; + } +#endif +#ifdef __CYGWIN__ + /* On Cygwin, avoid locale names without encoding suffix, because the + locale_charset() function relies on the encoding suffix. Note that + LC_ALL is set on the command line. */ + if (strchr (getenv ("LC_ALL"), '.') == NULL) return 1; +#endif + /* Check whether in the abbreviation of the eighth month, the second + character (should be U+011F: LATIN SMALL LETTER G WITH BREVE) is + two bytes long, with UTF-8 encoding. */ + t.tm_year = 1992 - 1900; t.tm_mon = 8 - 1; t.tm_mday = 19; + if (strftime (buf, sizeof (buf), "%b", &t) < 4 + || buf[1] != (char) 0xc4 || buf[2] != (char) 0x9f) + return 1; + /* Check whether the upper-/lowercase mappings are as expected for + Turkish. */ + if (towupper ('i') != 0x0130 || towlower (0x0130) != 'i' + || towupper(0x0131) != 'I' || towlower ('I') != 0x0131) + return 1; return 0; } -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_func_fcntl_f_dupfd_cloexec=yes -else - gl_cv_func_fcntl_f_dupfd_cloexec="needs runtime check" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -else - gl_cv_func_fcntl_f_dupfd_cloexec=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fcntl_f_dupfd_cloexec" >&5 -$as_echo "$gl_cv_func_fcntl_f_dupfd_cloexec" >&6; } - if test "$gl_cv_func_fcntl_f_dupfd_cloexec" != yes; then - +_ACEOF + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 + (eval $ac_link) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s conftest$ac_exeext; then + case "$host_os" in + # Handle native Windows specially, because there setlocale() interprets + # "ar" as "Arabic" or "Arabic_Saudi Arabia.1256", + # "fr" or "fra" as "French" or "French_France.1252", + # "ge"(!) or "deu"(!) as "German" or "German_Germany.1252", + # "ja" as "Japanese" or "Japanese_Japan.932", + # and similar. + mingw*) + # Test for the hypothetical native Windows locale name. + if (LC_ALL=Turkish_Turkey.65001 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then + gt_cv_locale_tr_utf8=Turkish_Turkey.65001 + else + # None found. + gt_cv_locale_tr_utf8=none + fi + ;; + *) + # Setting LC_ALL is not enough. Need to set LC_TIME to empty, because + # otherwise on Mac OS X 10.3.5 the LC_TIME=C from the beginning of the + # configure script would override the LC_ALL setting. Likewise for + # LC_CTYPE, which is also set at the beginning of the configure script. + # Test for the usual locale name. + if (LC_ALL=tr_TR LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then + gt_cv_locale_tr_utf8=tr_TR + else + # Test for the locale name with explicit encoding suffix. + if (LC_ALL=tr_TR.UTF-8 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then + gt_cv_locale_tr_utf8=tr_TR.UTF-8 + else + # Test for the Solaris 7 locale name. + if (LC_ALL=tr.UTF-8 LC_TIME= LC_CTYPE= ./conftest; exit) 2>/dev/null; then + gt_cv_locale_tr_utf8=tr.UTF-8 + else + # None found. + gt_cv_locale_tr_utf8=none + fi + fi + fi + ;; + esac + else + gt_cv_locale_tr_utf8=none + fi + rm -fr conftest* - if test $ac_cv_func_fcntl = no; then - HAVE_FCNTL=0 - else - REPLACE_FCNTL=1 - fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gt_cv_locale_tr_utf8" >&5 +$as_echo "$gt_cv_locale_tr_utf8" >&6; } + LOCALE_TR_UTF8=$gt_cv_locale_tr_utf8 - fi - fi - if test $HAVE_FCNTL = 0 || test $REPLACE_FCNTL = 1; then + if test "$ac_cv_header_winsock2_h" = yes; then @@ -32084,7 +35028,7 @@ $as_echo "$gl_cv_func_fcntl_f_dupfd_cloexec" >&6; } - gltests_LIBOBJS="$gltests_LIBOBJS fcntl.$ac_objext" + gltests_LIBOBJS="$gltests_LIBOBJS connect.$ac_objext" fi @@ -32092,11 +35036,11 @@ $as_echo "$gl_cv_func_fcntl_f_dupfd_cloexec" >&6; } - if test "$GNULIB_FCNTL" != 1; then - if test "$GNULIB_FCNTL" = 0; then - GNULIB_FCNTL=$gl_module_indicator_condition + if test "$GNULIB_CONNECT" != 1; then + if test "$GNULIB_CONNECT" = 0; then + GNULIB_CONNECT=$gl_module_indicator_condition else - GNULIB_FCNTL="($GNULIB_FCNTL || $gl_module_indicator_condition)" + GNULIB_CONNECT="($GNULIB_CONNECT || $gl_module_indicator_condition)" fi fi @@ -32104,7 +35048,7 @@ $as_echo "$gl_cv_func_fcntl_f_dupfd_cloexec" >&6; } -$as_echo "#define GNULIB_TEST_FCNTL 1" >>confdefs.h +$as_echo "#define GNULIB_TEST_CONNECT 1" >>confdefs.h @@ -32120,11 +35064,11 @@ $as_echo "#define GNULIB_TEST_FCNTL 1" >>confdefs.h if test $gl_cv_have_include_next = yes; then - gl_cv_next_fcntl_h='<'fcntl.h'>' + gl_cv_next_ctype_h='<'ctype.h'>' else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 -$as_echo_n "checking absolute name of ... " >&6; } -if ${gl_cv_next_fcntl_h+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_ctype_h+:} false; then : $as_echo_n "(cached) " >&6 else @@ -32132,7 +35076,7 @@ else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +#include _ACEOF case "$host_os" in aix*) gl_absname_cpp="$ac_cpp -C" ;; @@ -32148,7 +35092,7 @@ _ACEOF ;; esac gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' - gl_header_literal_regex=`echo 'fcntl.h' \ + gl_header_literal_regex=`echo 'ctype.h' \ | sed -e "$gl_make_literal_regex_sed"` gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ @@ -32157,27 +35101,29 @@ _ACEOF q }' - gl_cv_absolute_fcntl_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + gl_cv_absolute_ctype_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | sed -n "$gl_absolute_header_sed"` - gl_header=$gl_cv_absolute_fcntl_h - gl_cv_next_fcntl_h='"'$gl_header'"' + gl_header=$gl_cv_absolute_ctype_h + gl_cv_next_ctype_h='"'$gl_header'"' fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_fcntl_h" >&5 -$as_echo "$gl_cv_next_fcntl_h" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_ctype_h" >&5 +$as_echo "$gl_cv_next_ctype_h" >&6; } fi - NEXT_FCNTL_H=$gl_cv_next_fcntl_h + NEXT_CTYPE_H=$gl_cv_next_ctype_h if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' - gl_next_as_first_directive='<'fcntl.h'>' + gl_next_as_first_directive='<'ctype.h'>' else # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' - gl_next_as_first_directive=$gl_cv_next_fcntl_h + gl_next_as_first_directive=$gl_cv_next_ctype_h fi - NEXT_AS_FIRST_DIRECTIVE_FCNTL_H=$gl_next_as_first_directive + NEXT_AS_FIRST_DIRECTIVE_CTYPE_H=$gl_next_as_first_directive + + @@ -32191,6 +35137,22 @@ $as_echo "$gl_cv_next_fcntl_h" >&6; } + if test "$GNULIB_ENVIRON" != 1; then + if test "$GNULIB_ENVIRON" = 0; then + GNULIB_ENVIRON=$gl_module_indicator_condition + else + GNULIB_ENVIRON="($GNULIB_ENVIRON || $gl_module_indicator_condition)" + fi + fi + + + + + +$as_echo "#define GNULIB_TEST_ENVIRON 1" >>confdefs.h + + + @@ -32441,103 +35403,6 @@ $as_echo "#define GNULIB_TEST_GETCWD 1" >>confdefs.h - - if test $ac_cv_func_getdtablesize = yes && - test $ac_cv_have_decl_getdtablesize = yes; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getdtablesize works" >&5 -$as_echo_n "checking whether getdtablesize works... " >&6; } -if ${gl_cv_func_getdtablesize_works+:} false; then : - $as_echo_n "(cached) " >&6 -else - case "$host_os" in - vms*) gl_cv_func_getdtablesize_works="no (limitation)" ;; - *) - if test "$cross_compiling" = yes; then : - case "$host_os" in - cygwin*) # on cygwin 1.5.25, getdtablesize() automatically grows - gl_cv_func_getdtablesize_works="guessing no" ;; - *) gl_cv_func_getdtablesize_works="guessing yes" ;; - esac - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - - #include -int -main () -{ -int size = getdtablesize(); - if (dup2 (0, getdtablesize()) != -1) - return 1; - if (size != getdtablesize()) - return 2; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_getdtablesize_works=yes -else - gl_cv_func_getdtablesize_works=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - ;; - esac - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_getdtablesize_works" >&5 -$as_echo "$gl_cv_func_getdtablesize_works" >&6; } - case "$gl_cv_func_getdtablesize_works" in - *yes | "no (limitation)") ;; - *) REPLACE_GETDTABLESIZE=1 ;; - esac - else - HAVE_GETDTABLESIZE=0 - fi - - if test $HAVE_GETDTABLESIZE = 0 || test $REPLACE_GETDTABLESIZE = 1; then - - - - - - - - - gltests_LIBOBJS="$gltests_LIBOBJS getdtablesize.$ac_objext" - - : - fi - - - - - - if test "$GNULIB_GETDTABLESIZE" != 1; then - if test "$GNULIB_GETDTABLESIZE" = 0; then - GNULIB_GETDTABLESIZE=$gl_module_indicator_condition - else - GNULIB_GETDTABLESIZE="($GNULIB_GETDTABLESIZE || $gl_module_indicator_condition)" - fi - fi - - - - - -$as_echo "#define GNULIB_TEST_GETDTABLESIZE 1" >>confdefs.h - - - - - - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getpagesize" >&5 $as_echo_n "checking for getpagesize... " >&6; } if ${gl_cv_func_getpagesize+:} false; then : @@ -33097,6 +35962,16 @@ $as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h + : + + : + : + : + : + + + + PRIPTR_PREFIX= @@ -33153,10 +36028,8 @@ else #if defined INT32_MAX && defined INTMAX_MAX #define CONDITION (INT32_MAX < INTMAX_MAX) - #elif HAVE_LONG_LONG_INT - #define CONDITION (sizeof (int) < sizeof (long long int)) #else - #define CONDITION 0 + #define CONDITION (sizeof (int) < sizeof (long long int)) #endif int test[CONDITION ? 1 : -1]; int @@ -33205,10 +36078,8 @@ else #if defined INT64_MAX #define CONDITION (INT64_MAX == LONG_MAX) - #elif HAVE_LONG_LONG_INT - #define CONDITION (sizeof (long long int) == sizeof (long int)) #else - #define CONDITION 0 + #define CONDITION (sizeof (long long int) == sizeof (long int)) #endif int test[CONDITION ? 1 : -1]; int @@ -33259,10 +36130,8 @@ else #if defined UINT32_MAX && defined UINTMAX_MAX #define CONDITION (UINT32_MAX < UINTMAX_MAX) - #elif HAVE_LONG_LONG_INT - #define CONDITION (sizeof (unsigned int) < sizeof (unsigned long long int)) #else - #define CONDITION 0 + #define CONDITION (sizeof (unsigned int) < sizeof (unsigned long long int)) #endif int test[CONDITION ? 1 : -1]; int @@ -33311,10 +36180,8 @@ else #if defined UINT64_MAX #define CONDITION (UINT64_MAX == ULONG_MAX) - #elif HAVE_LONG_LONG_INT - #define CONDITION (sizeof (unsigned long long int) == sizeof (unsigned long int)) #else - #define CONDITION 0 + #define CONDITION (sizeof (unsigned long long int) == sizeof (unsigned long int)) #endif int test[CONDITION ? 1 : -1]; int @@ -33349,7 +36216,6 @@ $as_echo "$gl_cv_test_UINT64_MAX_EQ_ULONG_MAX" >&6; } - HAVE_IOCTL=1 if test "$ac_cv_header_winsock2_h" = yes; then HAVE_IOCTL=0 @@ -33461,6 +36327,13 @@ $as_echo "#define GNULIB_TEST_IOCTL 1" >>confdefs.h fi +cat >>confdefs.h <<_ACEOF +#define GNULIB_ISBLANK $gl_module_indicator_condition +_ACEOF + + + + @@ -33778,6 +36651,8 @@ $as_echo "#define GNULIB_TEST_LISTEN 1" >>confdefs.h + + case "$host_os" in solaris*) @@ -33814,47 +36689,6 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_locale_h_posix2001" >&5 $as_echo "$gl_cv_header_locale_h_posix2001" >&6; } - - if test $ac_cv_header_xlocale_h = yes; then - HAVE_XLOCALE_H=1 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether locale.h defines locale_t" >&5 -$as_echo_n "checking whether locale.h defines locale_t... " >&6; } -if ${gl_cv_header_locale_has_locale_t+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - locale_t x; -int -main () -{ - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - gl_cv_header_locale_has_locale_t=yes -else - gl_cv_header_locale_has_locale_t=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_locale_has_locale_t" >&5 -$as_echo "$gl_cv_header_locale_has_locale_t" >&6; } - if test $gl_cv_header_locale_has_locale_t = yes; then - gl_cv_header_locale_h_needs_xlocale_h=no - else - gl_cv_header_locale_h_needs_xlocale_h=yes - fi - else - HAVE_XLOCALE_H=0 - gl_cv_header_locale_h_needs_xlocale_h=no - fi - - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether struct lconv is properly defined" >&5 $as_echo_n "checking whether struct lconv is properly defined... " >&6; } if ${gl_cv_sys_struct_lconv_ok+:} false; then : @@ -33885,7 +36719,27 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_sys_struct_lconv_ok" >&5 $as_echo "$gl_cv_sys_struct_lconv_ok" >&6; } if test $gl_cv_sys_struct_lconv_ok = no; then - REPLACE_STRUCT_LCONV=1 + case "$host_os" in + mingw*) + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#ifdef _MSC_VER + Special +#endif + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "Special" >/dev/null 2>&1; then : + +else + REPLACE_STRUCT_LCONV=1 +fi +rm -f conftest* + + ;; + *) REPLACE_STRUCT_LCONV=1 ;; + esac fi @@ -33972,13 +36826,23 @@ $as_echo "$gl_cv_next_locale_h" >&6; } - if test $ac_cv_func_newlocale != yes; then + if test $HAVE_LOCALE_T = 1; then + + gl_func_newlocale="$ac_cv_func_newlocale" + gl_func_duplocale="$ac_cv_func_duplocale" + gl_func_freelocale="$ac_cv_func_freelocale" + else + gl_func_newlocale=no + gl_func_duplocale=no + gl_func_freelocale=no + fi + if test $gl_func_newlocale != yes; then HAVE_NEWLOCALE=0 fi - if test $ac_cv_func_duplocale != yes; then + if test $gl_func_duplocale != yes; then HAVE_DUPLOCALE=0 fi - if test $ac_cv_func_freelocale != yes; then + if test $gl_func_freelocale != yes; then HAVE_FREELOCALE=0 fi if test $gt_nameless_locales = yes; then @@ -34027,7 +36891,7 @@ fi if $has_rwlock; then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthread_rwlock_rdlock prefers a writer to a reader" >&5 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthread_rwlock_rdlock prefers a writer to a reader" >&5 $as_echo_n "checking whether pthread_rwlock_rdlock prefers a writer to a reader... " >&6; } if ${gl_cv_pthread_rwlock_rdlock_prefer_writer+:} false; then : $as_echo_n "(cached) " >&6 @@ -34035,7 +36899,25 @@ else save_LIBS="$LIBS" LIBS="$LIBS $LIBMULTITHREAD" if test "$cross_compiling" = yes; then : - gl_cv_pthread_rwlock_rdlock_prefer_writer="guessing yes" + case "$host_os" in + # Guess no on glibc systems. + *-gnu* | gnu*) gl_cv_pthread_rwlock_rdlock_prefer_writer="guessing no" ;; + # Guess no on musl systems. + *-musl*) gl_cv_pthread_rwlock_rdlock_prefer_writer="guessing no" ;; + # Guess no on bionic systems. + *-android*) gl_cv_pthread_rwlock_rdlock_prefer_writer="guessing no" ;; + # Guess yes on native Windows with the mingw-w64 winpthreads library. + # Guess no on native Windows with the gnulib windows-rwlock module. + mingw*) if test "$gl_use_threads" = yes || test "$gl_use_threads" = posix; then + gl_cv_pthread_rwlock_rdlock_prefer_writer="guessing yes" + else + gl_cv_pthread_rwlock_rdlock_prefer_writer="guessing no" + fi + ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_pthread_rwlock_rdlock_prefer_writer="$gl_cross_guess_normal" ;; + esac + else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ @@ -34266,10 +37148,6 @@ $as_echo "#define GNULIB_TEST_LSTAT 1" >>confdefs.h - - - - # Check for mmap(). Don't use AC_FUNC_MMAP, because it checks too much: it # fails on HP-UX 11, because MAP_FIXED mappings do not work. But this is # irrelevant for anonymous mappings. @@ -34427,8 +37305,8 @@ else gl_cv_func_nanosleep='guessing no (mishandles large arguments)' ;; mingw*) # Guess no on native Windows. gl_cv_func_nanosleep='guessing no' ;; - *) # If we don't know, assume the worst. - gl_cv_func_nanosleep='guessing no' ;; + *) # If we don't know, obey --enable-cross-guesses. + gl_cv_func_nanosleep="$gl_cross_guess_normal" ;; esac else @@ -34496,165 +37374,49 @@ else } _ACEOF if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_nanosleep=yes -else - case $? in 4|5|6) gl_cv_func_nanosleep='no (mishandles large arguments)';; *) gl_cv_func_nanosleep=no;; - esac -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_nanosleep" >&5 -$as_echo "$gl_cv_func_nanosleep" >&6; } - case "$gl_cv_func_nanosleep" in - *yes) - REPLACE_NANOSLEEP=0 - ;; - *) - REPLACE_NANOSLEEP=1 - case "$gl_cv_func_nanosleep" in - *"mishandles large arguments"*) - -$as_echo "#define HAVE_BUG_BIG_NANOSLEEP 1" >>confdefs.h - - ;; - *) - # The replacement uses select(). Add $LIBSOCKET to $LIB_NANOSLEEP. - for ac_lib in $LIBSOCKET; do - case " $LIB_NANOSLEEP " in - *" $ac_lib "*) ;; - *) LIB_NANOSLEEP="$LIB_NANOSLEEP $ac_lib";; - esac - done - ;; - esac - ;; - esac - else - HAVE_NANOSLEEP=0 - fi - LIBS=$nanosleep_save_libs - - if test $HAVE_NANOSLEEP = 0 || test $REPLACE_NANOSLEEP = 1; then - - - - - - - - - gltests_LIBOBJS="$gltests_LIBOBJS nanosleep.$ac_objext" - - - - : - - fi - - - - - - if test "$GNULIB_NANOSLEEP" != 1; then - if test "$GNULIB_NANOSLEEP" = 0; then - GNULIB_NANOSLEEP=$gl_module_indicator_condition - else - GNULIB_NANOSLEEP="($GNULIB_NANOSLEEP || $gl_module_indicator_condition)" - fi - fi - - - - - -$as_echo "#define GNULIB_TEST_NANOSLEEP 1" >>confdefs.h - - - - - - - - case "$host_os" in - mingw* | pw*) - REPLACE_OPEN=1 - ;; - *) - - if test "$gl_cv_macro_O_CLOEXEC" != yes; then - REPLACE_OPEN=1 - fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether open recognizes a trailing slash" >&5 -$as_echo_n "checking whether open recognizes a trailing slash... " >&6; } -if ${gl_cv_func_open_slash+:} false; then : - $as_echo_n "(cached) " >&6 -else - # Assume that if we have lstat, we can also check symlinks. - if test $ac_cv_func_lstat = yes; then - touch conftest.tmp - ln -s conftest.tmp conftest.lnk - fi - if test "$cross_compiling" = yes; then : - - case "$host_os" in - freebsd* | aix* | hpux* | solaris2.[0-9] | solaris2.[0-9].*) - gl_cv_func_open_slash="guessing no" ;; - *) - gl_cv_func_open_slash="guessing yes" ;; - esac - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -#include -#if HAVE_UNISTD_H -# include -#endif -int main () -{ - int result = 0; -#if HAVE_LSTAT - if (open ("conftest.lnk/", O_RDONLY) != -1) - result |= 1; -#endif - if (open ("conftest.sl/", O_CREAT, 0600) >= 0) - result |= 2; - return result; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_open_slash=yes + gl_cv_func_nanosleep=yes else - gl_cv_func_open_slash=no + case $? in 4|5|6) gl_cv_func_nanosleep='no (mishandles large arguments)';; *) gl_cv_func_nanosleep=no;; + esac fi rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ conftest.$ac_objext conftest.beam conftest.$ac_ext fi - rm -f conftest.sl conftest.tmp conftest.lnk fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_open_slash" >&5 -$as_echo "$gl_cv_func_open_slash" >&6; } - case "$gl_cv_func_open_slash" in - *no) - -$as_echo "#define OPEN_TRAILING_SLASH_BUG 1" >>confdefs.h - - REPLACE_OPEN=1 - ;; - esac - ;; - esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_nanosleep" >&5 +$as_echo "$gl_cv_func_nanosleep" >&6; } + case "$gl_cv_func_nanosleep" in + *yes) + REPLACE_NANOSLEEP=0 + ;; + *) + REPLACE_NANOSLEEP=1 + case "$gl_cv_func_nanosleep" in + *"mishandles large arguments"*) +$as_echo "#define HAVE_BUG_BIG_NANOSLEEP 1" >>confdefs.h + ;; + *) + # The replacement uses select(). Add $LIBSOCKET to $LIB_NANOSLEEP. + for ac_lib in $LIBSOCKET; do + case " $LIB_NANOSLEEP " in + *" $ac_lib "*) ;; + *) LIB_NANOSLEEP="$LIB_NANOSLEEP $ac_lib";; + esac + done + ;; + esac + ;; + esac + else + HAVE_NANOSLEEP=0 + fi + LIBS=$nanosleep_save_libs - if test $REPLACE_OPEN = 1; then + if test $HAVE_NANOSLEEP = 0 || test $REPLACE_NANOSLEEP = 1; then @@ -34663,7 +37425,7 @@ $as_echo "#define OPEN_TRAILING_SLASH_BUG 1" >>confdefs.h - gltests_LIBOBJS="$gltests_LIBOBJS open.$ac_objext" + gltests_LIBOBJS="$gltests_LIBOBJS nanosleep.$ac_objext" @@ -34675,11 +37437,11 @@ $as_echo "#define OPEN_TRAILING_SLASH_BUG 1" >>confdefs.h - if test "$GNULIB_OPEN" != 1; then - if test "$GNULIB_OPEN" = 0; then - GNULIB_OPEN=$gl_module_indicator_condition + if test "$GNULIB_NANOSLEEP" != 1; then + if test "$GNULIB_NANOSLEEP" = 0; then + GNULIB_NANOSLEEP=$gl_module_indicator_condition else - GNULIB_OPEN="($GNULIB_OPEN || $gl_module_indicator_condition)" + GNULIB_NANOSLEEP="($GNULIB_NANOSLEEP || $gl_module_indicator_condition)" fi fi @@ -34687,7 +37449,8 @@ $as_echo "#define OPEN_TRAILING_SLASH_BUG 1" >>confdefs.h -$as_echo "#define GNULIB_TEST_OPEN 1" >>confdefs.h +$as_echo "#define GNULIB_TEST_NANOSLEEP 1" >>confdefs.h + @@ -34712,8 +37475,8 @@ else *-musl*) gl_cv_func_perror_works="guessing yes" ;; # Guess yes on native Windows. mingw*) gl_cv_func_perror_works="guessing yes" ;; - # Otherwise guess no. - *) gl_cv_func_perror_works="guessing no" ;; + # Otherwise obey --enable-cross-guesses. + *) gl_cv_func_perror_works="$gl_cross_guess_normal" ;; esac else @@ -34844,6 +37607,714 @@ $as_echo "#define GNULIB_TEST_PIPE 1" >>confdefs.h + + + + + + + + + + + + + + if test $gl_cv_have_include_next = yes; then + gl_cv_next_pthread_h='<'pthread.h'>' + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_pthread_h+:} false; then : + $as_echo_n "(cached) " >&6 +else + + if test $ac_cv_header_pthread_h = yes; then + + + + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF + case "$host_os" in + aix*) gl_absname_cpp="$ac_cpp -C" ;; + *) gl_absname_cpp="$ac_cpp" ;; + esac + + case "$host_os" in + mingw*) + gl_dirsep_regex='[/\\]' + ;; + *) + gl_dirsep_regex='\/' + ;; + esac + gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' + gl_header_literal_regex=`echo 'pthread.h' \ + | sed -e "$gl_make_literal_regex_sed"` + gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ + s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ + s|^/[^/]|//&| + p + q + }' + + gl_cv_absolute_pthread_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + sed -n "$gl_absolute_header_sed"` + + gl_header=$gl_cv_absolute_pthread_h + gl_cv_next_pthread_h='"'$gl_header'"' + else + gl_cv_next_pthread_h='<'pthread.h'>' + fi + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_pthread_h" >&5 +$as_echo "$gl_cv_next_pthread_h" >&6; } + fi + NEXT_PTHREAD_H=$gl_cv_next_pthread_h + + if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' + gl_next_as_first_directive='<'pthread.h'>' + else + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' + gl_next_as_first_directive=$gl_cv_next_pthread_h + fi + NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H=$gl_next_as_first_directive + + + + + if test $ac_cv_header_pthread_h = yes; then + HAVE_PTHREAD_H=1 + + + if { case "$host_os" in mingw*) true;; *) false;; esac; } \ + && test $gl_threads_api = windows; then + HAVE_PTHREAD_H=0 + fi + + else + HAVE_PTHREAD_H=0 + fi + + + ac_fn_c_check_type "$LINENO" "pthread_t" "ac_cv_type_pthread_t" "$ac_includes_default + #if HAVE_PTHREAD_H + #include + #endif +" +if test "x$ac_cv_type_pthread_t" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_PTHREAD_T 1 +_ACEOF + + +fi +ac_fn_c_check_type "$LINENO" "pthread_spinlock_t" "ac_cv_type_pthread_spinlock_t" "$ac_includes_default + #if HAVE_PTHREAD_H + #include + #endif +" +if test "x$ac_cv_type_pthread_spinlock_t" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_PTHREAD_SPINLOCK_T 1 +_ACEOF + + +fi + + if test $ac_cv_type_pthread_t != yes; then + HAVE_PTHREAD_T=0 + fi + if test $ac_cv_type_pthread_spinlock_t != yes; then + HAVE_PTHREAD_SPINLOCK_T=0 + fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for PTHREAD_CREATE_DETACHED" >&5 +$as_echo_n "checking for PTHREAD_CREATE_DETACHED... " >&6; } +if ${gl_cv_const_PTHREAD_CREATE_DETACHED+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + int x = PTHREAD_CREATE_DETACHED; + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_const_PTHREAD_CREATE_DETACHED=yes +else + gl_cv_const_PTHREAD_CREATE_DETACHED=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_const_PTHREAD_CREATE_DETACHED" >&5 +$as_echo "$gl_cv_const_PTHREAD_CREATE_DETACHED" >&6; } + if test $gl_cv_const_PTHREAD_CREATE_DETACHED != yes; then + HAVE_PTHREAD_CREATE_DETACHED=0 + fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for PTHREAD_MUTEX_RECURSIVE" >&5 +$as_echo_n "checking for PTHREAD_MUTEX_RECURSIVE... " >&6; } +if ${gl_cv_const_PTHREAD_MUTEX_RECURSIVE+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + int x = PTHREAD_MUTEX_RECURSIVE; + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_const_PTHREAD_MUTEX_RECURSIVE=yes +else + gl_cv_const_PTHREAD_MUTEX_RECURSIVE=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_const_PTHREAD_MUTEX_RECURSIVE" >&5 +$as_echo "$gl_cv_const_PTHREAD_MUTEX_RECURSIVE" >&6; } + if test $gl_cv_const_PTHREAD_MUTEX_RECURSIVE != yes; then + HAVE_PTHREAD_MUTEX_RECURSIVE=0 + fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for PTHREAD_MUTEX_ROBUST" >&5 +$as_echo_n "checking for PTHREAD_MUTEX_ROBUST... " >&6; } +if ${gl_cv_const_PTHREAD_MUTEX_ROBUST+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + int x = PTHREAD_MUTEX_ROBUST; + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_const_PTHREAD_MUTEX_ROBUST=yes +else + gl_cv_const_PTHREAD_MUTEX_ROBUST=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_const_PTHREAD_MUTEX_ROBUST" >&5 +$as_echo "$gl_cv_const_PTHREAD_MUTEX_ROBUST" >&6; } + if test $gl_cv_const_PTHREAD_MUTEX_ROBUST != yes; then + HAVE_PTHREAD_MUTEX_ROBUST=0 + fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for PTHREAD_PROCESS_SHARED" >&5 +$as_echo_n "checking for PTHREAD_PROCESS_SHARED... " >&6; } +if ${gl_cv_const_PTHREAD_PROCESS_SHARED+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + int x = PTHREAD_PROCESS_SHARED; + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_const_PTHREAD_PROCESS_SHARED=yes +else + gl_cv_const_PTHREAD_PROCESS_SHARED=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_const_PTHREAD_PROCESS_SHARED" >&5 +$as_echo "$gl_cv_const_PTHREAD_PROCESS_SHARED" >&6; } + if test $gl_cv_const_PTHREAD_PROCESS_SHARED != yes; then + HAVE_PTHREAD_PROCESS_SHARED=0 + fi + + + + + + + + LIB_PTHREAD="$LIBPMULTITHREAD" + + + + + + + if { case "$host_os" in mingw*) true;; *) false;; esac; } \ + && test $gl_threads_api = windows; then + REPLACE_PTHREAD_CREATE=1 + REPLACE_PTHREAD_ATTR_INIT=1 + REPLACE_PTHREAD_ATTR_GETDETACHSTATE=1 + REPLACE_PTHREAD_ATTR_SETDETACHSTATE=1 + REPLACE_PTHREAD_ATTR_DESTROY=1 + REPLACE_PTHREAD_SELF=1 + REPLACE_PTHREAD_EQUAL=1 + REPLACE_PTHREAD_DETACH=1 + REPLACE_PTHREAD_JOIN=1 + REPLACE_PTHREAD_EXIT=1 + else + if test $HAVE_PTHREAD_H = 0; then + HAVE_PTHREAD_CREATE=0 + HAVE_PTHREAD_ATTR_INIT=0 + HAVE_PTHREAD_ATTR_GETDETACHSTATE=0 + HAVE_PTHREAD_ATTR_SETDETACHSTATE=0 + HAVE_PTHREAD_ATTR_DESTROY=0 + HAVE_PTHREAD_SELF=0 + HAVE_PTHREAD_EQUAL=0 + HAVE_PTHREAD_DETACH=0 + HAVE_PTHREAD_JOIN=0 + HAVE_PTHREAD_EXIT=0 + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthread_create exists as a global function" >&5 +$as_echo_n "checking whether pthread_create exists as a global function... " >&6; } +if ${gl_cv_func_pthread_create+:} false; then : + $as_echo_n "(cached) " >&6 +else + saved_LIBS="$LIBS" + LIBS="$LIBS $LIBPMULTITHREAD" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +extern + #ifdef __cplusplus + "C" + #endif + int pthread_create (void); + int main () + { + return pthread_create (); + } + +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gl_cv_func_pthread_create=yes +else + gl_cv_func_pthread_create=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LIBS="$saved_LIBS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_pthread_create" >&5 +$as_echo "$gl_cv_func_pthread_create" >&6; } + if test $gl_cv_func_pthread_create = no; then + REPLACE_PTHREAD_CREATE=1 + REPLACE_PTHREAD_ATTR_INIT=1 + +$as_echo "#define PTHREAD_CREATE_IS_INLINE 1" >>confdefs.h + + fi + fi + fi + + if test $HAVE_PTHREAD_CREATE = 0 || test $REPLACE_PTHREAD_CREATE = 1; then + + + + + + + + + gltests_LIBOBJS="$gltests_LIBOBJS pthread-thread.$ac_objext" + + fi + + + + + + if test "$GNULIB_PTHREAD_THREAD" != 1; then + if test "$GNULIB_PTHREAD_THREAD" = 0; then + GNULIB_PTHREAD_THREAD=$gl_module_indicator_condition + else + GNULIB_PTHREAD_THREAD="($GNULIB_PTHREAD_THREAD || $gl_module_indicator_condition)" + fi + fi + + + + + +$as_echo "#define GNULIB_TEST_PTHREAD_THREAD 1" >>confdefs.h + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthread_sigmask is a macro" >&5 +$as_echo_n "checking whether pthread_sigmask is a macro... " >&6; } +if ${gl_cv_func_pthread_sigmask_macro+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#ifdef pthread_sigmask + headers_define_pthread_sigmask +#endif +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "headers_define_pthread_sigmask" >/dev/null 2>&1; then : + gl_cv_func_pthread_sigmask_macro=yes +else + gl_cv_func_pthread_sigmask_macro=no +fi +rm -f conftest* + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_pthread_sigmask_macro" >&5 +$as_echo "$gl_cv_func_pthread_sigmask_macro" >&6; } + + LIB_PTHREAD_SIGMASK= + + if test $gl_cv_func_pthread_sigmask_macro = yes; then + HAVE_PTHREAD_SIGMASK=0 + REPLACE_PTHREAD_SIGMASK=1 + else + + + + if test "$gl_threads_api" = posix; then + if test $ac_cv_func_pthread_sigmask = yes; then + : + else + if test -n "$LIBMULTITHREAD"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_sigmask in $LIBMULTITHREAD" >&5 +$as_echo_n "checking for pthread_sigmask in $LIBMULTITHREAD... " >&6; } +if ${gl_cv_func_pthread_sigmask_in_LIBMULTITHREAD+:} false; then : + $as_echo_n "(cached) " >&6 +else + gl_save_LIBS="$LIBS" + LIBS="$LIBS $LIBMULTITHREAD" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + +int +main () +{ +return pthread_sigmask (0, (sigset_t *) 0, (sigset_t *) 0); + ; + return 0; +} + +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gl_cv_func_pthread_sigmask_in_LIBMULTITHREAD=yes +else + gl_cv_func_pthread_sigmask_in_LIBMULTITHREAD=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LIBS="$gl_save_LIBS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_pthread_sigmask_in_LIBMULTITHREAD" >&5 +$as_echo "$gl_cv_func_pthread_sigmask_in_LIBMULTITHREAD" >&6; } + if test $gl_cv_func_pthread_sigmask_in_LIBMULTITHREAD = yes; then + LIB_PTHREAD_SIGMASK="$LIBMULTITHREAD" + else + HAVE_PTHREAD_SIGMASK=0 + fi + else + HAVE_PTHREAD_SIGMASK=0 + fi + fi + else + if test $ac_cv_func_pthread_sigmask = yes; then + REPLACE_PTHREAD_SIGMASK=1 + else + HAVE_PTHREAD_SIGMASK=0 + fi + fi + + fi + + + + if test $HAVE_PTHREAD_SIGMASK = 1; then + + + if test -z "$LIB_PTHREAD_SIGMASK"; then + case " $LIBS " in + *' -pthread '*) ;; + *' -lpthread '*) ;; + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthread_sigmask works without -lpthread" >&5 +$as_echo_n "checking whether pthread_sigmask works without -lpthread... " >&6; } +if ${gl_cv_func_pthread_sigmask_in_libc_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + + if test "$cross_compiling" = yes; then : + + case "$host_os" in + freebsd* | hpux* | solaris | solaris2.[2-9]*) + gl_cv_func_pthread_sigmask_in_libc_works="guessing no";; + *) + gl_cv_func_pthread_sigmask_in_libc_works="guessing yes";; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include + #include + #include + int main () + { + sigset_t set; + sigemptyset (&set); + return pthread_sigmask (1729, &set, NULL) != 0; + } +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_pthread_sigmask_in_libc_works=no +else + gl_cv_func_pthread_sigmask_in_libc_works=yes +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_pthread_sigmask_in_libc_works" >&5 +$as_echo "$gl_cv_func_pthread_sigmask_in_libc_works" >&6; } + case "$gl_cv_func_pthread_sigmask_in_libc_works" in + *no) + REPLACE_PTHREAD_SIGMASK=1 + +$as_echo "#define PTHREAD_SIGMASK_INEFFECTIVE 1" >>confdefs.h + + ;; + esac;; + esac + fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthread_sigmask returns error numbers" >&5 +$as_echo_n "checking whether pthread_sigmask returns error numbers... " >&6; } +if ${gl_cv_func_pthread_sigmask_return_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + + gl_save_LIBS="$LIBS" + LIBS="$LIBS $LIB_PTHREAD_SIGMASK" + if test "$cross_compiling" = yes; then : + case "$host_os" in + cygwin*) + gl_cv_func_pthread_sigmask_return_works="guessing no";; + *) + gl_cv_func_pthread_sigmask_return_works="guessing yes";; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +int main () +{ + sigset_t set; + sigemptyset (&set); + if (pthread_sigmask (1729, &set, NULL) == -1) + return 1; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_pthread_sigmask_return_works=yes +else + gl_cv_func_pthread_sigmask_return_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + LIBS="$gl_save_LIBS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_pthread_sigmask_return_works" >&5 +$as_echo "$gl_cv_func_pthread_sigmask_return_works" >&6; } + case "$gl_cv_func_pthread_sigmask_return_works" in + *no) + REPLACE_PTHREAD_SIGMASK=1 + +$as_echo "#define PTHREAD_SIGMASK_FAILS_WITH_ERRNO 1" >>confdefs.h + + ;; + esac + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthread_sigmask unblocks signals correctly" >&5 +$as_echo_n "checking whether pthread_sigmask unblocks signals correctly... " >&6; } +if ${gl_cv_func_pthread_sigmask_unblock_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + + case "$host_os" in + irix*) + gl_cv_func_pthread_sigmask_unblock_works="guessing no";; + *) + gl_cv_func_pthread_sigmask_unblock_works="guessing yes";; + esac + gl_save_LIBS=$LIBS + LIBS="$LIBS $LIBMULTITHREAD" + if test "$cross_compiling" = yes; then : + : +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +#include +#include +static volatile int sigint_occurred; +static void +sigint_handler (int sig) +{ + sigint_occurred++; +} +int main () +{ + sigset_t set; + int pid = getpid (); + char command[80]; + signal (SIGINT, sigint_handler); + sigemptyset (&set); + sigaddset (&set, SIGINT); + if (!(pthread_sigmask (SIG_BLOCK, &set, NULL) == 0)) + return 1; + sprintf (command, "sh -c 'sleep 1; kill -%d %d' &", SIGINT, pid); + if (!(system (command) == 0)) + return 2; + sleep (2); + if (!(sigint_occurred == 0)) + return 3; + if (!(pthread_sigmask (SIG_UNBLOCK, &set, NULL) == 0)) + return 4; + if (!(sigint_occurred == 1)) /* This fails on IRIX. */ + return 5; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + : +else + gl_cv_func_pthread_sigmask_unblock_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + LIBS=$gl_save_LIBS + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_pthread_sigmask_unblock_works" >&5 +$as_echo "$gl_cv_func_pthread_sigmask_unblock_works" >&6; } + case "$gl_cv_func_pthread_sigmask_unblock_works" in + *no) + REPLACE_PTHREAD_SIGMASK=1 + +$as_echo "#define PTHREAD_SIGMASK_UNBLOCK_BUG 1" >>confdefs.h + + ;; + esac + fi + + if test $HAVE_PTHREAD_SIGMASK = 0 || test $REPLACE_PTHREAD_SIGMASK = 1; then + + + + + + + + + gltests_LIBOBJS="$gltests_LIBOBJS pthread_sigmask.$ac_objext" + + + if test $HAVE_PTHREAD_SIGMASK = 1; then + +$as_echo "#define HAVE_PTHREAD_SIGMASK 1" >>confdefs.h + + fi + + fi + + + + + + if test "$GNULIB_PTHREAD_SIGMASK" != 1; then + if test "$GNULIB_PTHREAD_SIGMASK" = 0; then + GNULIB_PTHREAD_SIGMASK=$gl_module_indicator_condition + else + GNULIB_PTHREAD_SIGMASK="($GNULIB_PTHREAD_SIGMASK || $gl_module_indicator_condition)" + fi + fi + + + + + +$as_echo "#define GNULIB_TEST_PTHREAD_SIGMASK 1" >>confdefs.h + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for putenv compatible with GNU and SVID" >&5 $as_echo_n "checking for putenv compatible with GNU and SVID... " >&6; } if ${gl_cv_func_svid_putenv+:} false; then : @@ -34857,8 +38328,8 @@ else *-musl*) gl_cv_func_svid_putenv="guessing yes" ;; # Guess no on native Windows. mingw*) gl_cv_func_svid_putenv="guessing no" ;; - # If we don't know, assume the worst. - *) gl_cv_func_svid_putenv="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_svid_putenv="$gl_cross_guess_normal" ;; esac else @@ -35035,6 +38506,156 @@ $as_echo "#define GNULIB_TEST_RAISE 1" >>confdefs.h + + + for ac_header in sched.h +do : + ac_fn_c_check_header_compile "$LINENO" "sched.h" "ac_cv_header_sched_h" "#if HAVE_SYS_CDEFS_H + #include + #endif + +" +if test "x$ac_cv_header_sched_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SCHED_H 1 +_ACEOF + +fi + +done + + + + + + + + + + if test $gl_cv_have_include_next = yes; then + gl_cv_next_sched_h='<'sched.h'>' + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_sched_h+:} false; then : + $as_echo_n "(cached) " >&6 +else + + + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF + case "$host_os" in + aix*) gl_absname_cpp="$ac_cpp -C" ;; + *) gl_absname_cpp="$ac_cpp" ;; + esac + + case "$host_os" in + mingw*) + gl_dirsep_regex='[/\\]' + ;; + *) + gl_dirsep_regex='\/' + ;; + esac + gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' + gl_header_literal_regex=`echo 'sched.h' \ + | sed -e "$gl_make_literal_regex_sed"` + gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ + s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ + s|^/[^/]|//&| + p + q + }' + + gl_cv_absolute_sched_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + sed -n "$gl_absolute_header_sed"` + + gl_header=$gl_cv_absolute_sched_h + gl_cv_next_sched_h='"'$gl_header'"' + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_sched_h" >&5 +$as_echo "$gl_cv_next_sched_h" >&6; } + fi + NEXT_SCHED_H=$gl_cv_next_sched_h + + if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' + gl_next_as_first_directive='<'sched.h'>' + else + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' + gl_next_as_first_directive=$gl_cv_next_sched_h + fi + NEXT_AS_FIRST_DIRECTIVE_SCHED_H=$gl_next_as_first_directive + + + + + + if test "$ac_cv_header_sched_h" = yes; then + HAVE_SCHED_H=1 + else + HAVE_SCHED_H=0 + fi + + + if test "$HAVE_SCHED_H" = 1; then + ac_fn_c_check_type "$LINENO" "struct sched_param" "ac_cv_type_struct_sched_param" "#if HAVE_SYS_CDEFS_H + #include + #endif + #include + +" +if test "x$ac_cv_type_struct_sched_param" = xyes; then : + HAVE_STRUCT_SCHED_PARAM=1 +else + HAVE_STRUCT_SCHED_PARAM=0 +fi + + else + HAVE_STRUCT_SCHED_PARAM=0 + case "$host_os" in + os2*) + ac_fn_c_check_type "$LINENO" "struct sched_param" "ac_cv_type_struct_sched_param" "#include +" +if test "x$ac_cv_type_struct_sched_param" = xyes; then : + HAVE_STRUCT_SCHED_PARAM=1 +fi + + ;; + vms) + ac_fn_c_check_type "$LINENO" "struct sched_param" "ac_cv_type_struct_sched_param" "#include +" +if test "x$ac_cv_type_struct_sched_param" = xyes; then : + HAVE_STRUCT_SCHED_PARAM=1 +fi + + ;; + esac + fi + + + if test "$ac_cv_header_sys_cdefs_h" = yes; then + HAVE_SYS_CDEFS_H=1 + else + HAVE_SYS_CDEFS_H=0 + fi + + + + + + + + + + + + if test "$ac_cv_header_winsock2_h" = yes; then REPLACE_SELECT=1 else @@ -35102,8 +38723,8 @@ else linux-* | linux) gl_cv_func_select_detects_ebadf="guessing yes" ;; # Guess yes on glibc systems. *-gnu* | gnu*) gl_cv_func_select_detects_ebadf="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_select_detects_ebadf="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_select_detects_ebadf="$gl_cross_guess_normal" ;; esac else @@ -35233,8 +38854,8 @@ else *-gnu* | gnu*) gl_cv_func_setenv_works="guessing yes" ;; # Guess yes on musl systems. *-musl*) gl_cv_func_setenv_works="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_setenv_works="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_setenv_works="$gl_cross_guess_normal" ;; esac else @@ -35324,11 +38945,14 @@ $as_echo "#define GNULIB_TEST_SETENV 1" >>confdefs.h + + + NEED_SETLOCALE_IMPROVED=0 case "$host_os" in - mingw*) REPLACE_SETLOCALE=1 ;; + mingw*) NEED_SETLOCALE_IMPROVED=1 ;; cygwin*) case `uname -r` in - 1.5.*) REPLACE_SETLOCALE=1 ;; + 1.5.*) NEED_SETLOCALE_IMPROVED=1 ;; esac ;; *) @@ -35370,11 +38994,37 @@ fi $as_echo "$gl_cv_func_setlocale_works" >&6; } case "$gl_cv_func_setlocale_works" in *yes) ;; - *) REPLACE_SETLOCALE=1 ;; + *) NEED_SETLOCALE_IMPROVED=1 ;; esac ;; esac +cat >>confdefs.h <<_ACEOF +#define NEED_SETLOCALE_IMPROVED $NEED_SETLOCALE_IMPROVED +_ACEOF + + + NEED_SETLOCALE_MTSAFE=0 + if test $SETLOCALE_NULL_ALL_MTSAFE = 0 || test $SETLOCALE_NULL_ONE_MTSAFE = 0; then + NEED_SETLOCALE_MTSAFE=1 + fi + +cat >>confdefs.h <<_ACEOF +#define NEED_SETLOCALE_MTSAFE $NEED_SETLOCALE_MTSAFE +_ACEOF + + + if test $NEED_SETLOCALE_IMPROVED = 1 || test $NEED_SETLOCALE_MTSAFE = 1; then + REPLACE_SETLOCALE=1 + fi + + if test $NEED_SETLOCALE_MTSAFE = 1; then + LIB_SETLOCALE="$LIB_SETLOCALE_NULL" + else + LIB_SETLOCALE= + fi + + if test $REPLACE_SETLOCALE = 1; then @@ -35414,6 +39064,321 @@ $as_echo "#define GNULIB_TEST_SETLOCALE 1" >>confdefs.h + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether setlocale (LC_ALL, NULL) is multithread-safe" >&5 +$as_echo_n "checking whether setlocale (LC_ALL, NULL) is multithread-safe... " >&6; } +if ${gl_cv_func_setlocale_null_all_mtsafe+:} false; then : + $as_echo_n "(cached) " >&6 +else + case "$host_os" in + # Guess no on musl libc, macOS, FreeBSD, NetBSD, OpenBSD, AIX, Haiku, Cygwin. + *-musl* | darwin* | freebsd* | netbsd* | openbsd* | aix* | haiku* | cygwin*) + gl_cv_func_setlocale_null_all_mtsafe=no ;; + # Guess yes on glibc, HP-UX, IRIX, Solaris, native Windows. + *-gnu* | gnu* | hpux* | irix* | solaris* | mingw*) + gl_cv_func_setlocale_null_all_mtsafe=yes ;; + # If we don't know, obey --enable-cross-guesses. + *) + gl_cv_func_setlocale_null_all_mtsafe="$gl_cross_guess_normal" ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_setlocale_null_all_mtsafe" >&5 +$as_echo "$gl_cv_func_setlocale_null_all_mtsafe" >&6; } + case "$host_os" in + mingw*) ;; + *) + if test $gl_pthread_api = no && test $ac_cv_header_threads_h = no; then + gl_cv_func_setlocale_null_all_mtsafe="trivially yes" + fi + ;; + esac + case "$gl_cv_func_setlocale_null_all_mtsafe" in + *yes) SETLOCALE_NULL_ALL_MTSAFE=1 ;; + *) SETLOCALE_NULL_ALL_MTSAFE=0 ;; + esac + +cat >>confdefs.h <<_ACEOF +#define SETLOCALE_NULL_ALL_MTSAFE $SETLOCALE_NULL_ALL_MTSAFE +_ACEOF + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether setlocale (category, NULL) is multithread-safe" >&5 +$as_echo_n "checking whether setlocale (category, NULL) is multithread-safe... " >&6; } +if ${gl_cv_func_setlocale_null_one_mtsafe+:} false; then : + $as_echo_n "(cached) " >&6 +else + case "$host_os" in + # Guess no on OpenBSD, AIX. + openbsd* | aix*) + gl_cv_func_setlocale_null_one_mtsafe=no ;; + # Guess yes on glibc, musl libc, macOS, FreeBSD, NetBSD, HP-UX, IRIX, Solaris, Haiku, Cygwin, native Windows. + *-gnu* | gnu* | *-musl* | darwin* | freebsd* | netbsd* | hpux* | irix* | solaris* | haiku* | cygwin* | mingw*) + gl_cv_func_setlocale_null_one_mtsafe=yes ;; + # If we don't know, obey --enable-cross-guesses. + *) + gl_cv_func_setlocale_null_one_mtsafe="$gl_cross_guess_normal" ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_setlocale_null_one_mtsafe" >&5 +$as_echo "$gl_cv_func_setlocale_null_one_mtsafe" >&6; } + case "$host_os" in + mingw*) ;; + *) + if test $gl_pthread_api = no && test $ac_cv_header_threads_h = no; then + gl_cv_func_setlocale_null_one_mtsafe="trivially yes" + fi + ;; + esac + case "$gl_cv_func_setlocale_null_one_mtsafe" in + *yes) SETLOCALE_NULL_ONE_MTSAFE=1 ;; + *) SETLOCALE_NULL_ONE_MTSAFE=0 ;; + esac + +cat >>confdefs.h <<_ACEOF +#define SETLOCALE_NULL_ONE_MTSAFE $SETLOCALE_NULL_ONE_MTSAFE +_ACEOF + + + if test $SETLOCALE_NULL_ALL_MTSAFE = 0 || test $SETLOCALE_NULL_ONE_MTSAFE = 0; then + case "$host_os" in + mingw*) LIB_SETLOCALE_NULL= ;; + *) + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether imported symbols can be declared weak" >&5 +$as_echo_n "checking whether imported symbols can be declared weak... " >&6; } +if ${gl_cv_have_weak+:} false; then : + $as_echo_n "(cached) " >&6 +else + gl_cv_have_weak=no + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +extern void xyzzy (); +#pragma weak xyzzy +int +main () +{ +xyzzy(); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gl_cv_have_weak=maybe +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test $gl_cv_have_weak = maybe; then + if test "$cross_compiling" = yes; then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __ELF__ + Extensible Linking Format + #endif + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "Extensible Linking Format" >/dev/null 2>&1; then : + gl_cv_have_weak="guessing yes" +else + gl_cv_have_weak="guessing no" +fi +rm -f conftest* + + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#pragma weak fputs +int main () +{ + return (fputs == NULL); +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_have_weak=yes +else + gl_cv_have_weak=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + fi + case " $LDFLAGS " in + *" -static "*) gl_cv_have_weak=no ;; + esac + case "$gl_cv_have_weak" in + *yes) + case "$host_os" in + freebsd* | dragonfly*) + : > conftest1.c + $CC $CPPFLAGS $CFLAGS $LDFLAGS -fPIC -shared -o libempty.so conftest1.c -lpthread >&5 2>&1 + cat < conftest2.c +#include +#pragma weak pthread_mutexattr_gettype +int main () +{ + return (pthread_mutexattr_gettype != NULL); +} +EOF + $CC $CPPFLAGS $CFLAGS $LDFLAGS -o conftest conftest2.c libempty.so >&5 2>&1 \ + || gl_cv_have_weak=no + rm -f conftest1.c libempty.so conftest2.c conftest + ;; + esac + ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_have_weak" >&5 +$as_echo "$gl_cv_have_weak" >&6; } + case "$gl_cv_have_weak" in + *yes) + +$as_echo "#define HAVE_WEAK_SYMBOLS 1" >>confdefs.h + + ;; + esac + + case "$gl_cv_have_weak" in + *yes) LIB_SETLOCALE_NULL= ;; + *) LIB_SETLOCALE_NULL="$LIBPTHREAD" ;; + esac + ;; + esac + else + LIB_SETLOCALE_NULL= + fi + + + if test $SETLOCALE_NULL_ALL_MTSAFE = 0 || test $SETLOCALE_NULL_ONE_MTSAFE = 0; then + + + + + + + + + gltests_LIBOBJS="$gltests_LIBOBJS setlocale-lock.$ac_objext" + + + + + CFLAG_VISIBILITY= + HAVE_VISIBILITY=0 + if test -n "$GCC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the -Werror option is usable" >&5 +$as_echo_n "checking whether the -Werror option is usable... " >&6; } +if ${gl_cv_cc_vis_werror+:} false; then : + $as_echo_n "(cached) " >&6 +else + gl_save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -Werror" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_cc_vis_werror=yes +else + gl_cv_cc_vis_werror=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS="$gl_save_CFLAGS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_cc_vis_werror" >&5 +$as_echo "$gl_cv_cc_vis_werror" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for simple visibility declarations" >&5 +$as_echo_n "checking for simple visibility declarations... " >&6; } +if ${gl_cv_cc_visibility+:} false; then : + $as_echo_n "(cached) " >&6 +else + gl_save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -fvisibility=hidden" + if test $gl_cv_cc_vis_werror = yes; then + CFLAGS="$CFLAGS -Werror" + fi + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +extern __attribute__((__visibility__("hidden"))) int hiddenvar; + extern __attribute__((__visibility__("default"))) int exportedvar; + extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void); + extern __attribute__((__visibility__("default"))) int exportedfunc (void); + void dummyfunc (void) {} + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_cc_visibility=yes +else + gl_cv_cc_visibility=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS="$gl_save_CFLAGS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_cc_visibility" >&5 +$as_echo "$gl_cv_cc_visibility" >&6; } + if test $gl_cv_cc_visibility = yes; then + CFLAG_VISIBILITY="-fvisibility=hidden" + HAVE_VISIBILITY=1 + fi + fi + + + +cat >>confdefs.h <<_ACEOF +#define HAVE_VISIBILITY $HAVE_VISIBILITY +_ACEOF + + + + fi + + + + + + if test "$GNULIB_SETLOCALE_NULL" != 1; then + if test "$GNULIB_SETLOCALE_NULL" = 0; then + GNULIB_SETLOCALE_NULL=$gl_module_indicator_condition + else + GNULIB_SETLOCALE_NULL="($GNULIB_SETLOCALE_NULL || $gl_module_indicator_condition)" + fi + fi + + + + + +$as_echo "#define GNULIB_TEST_SETLOCALE_NULL 1" >>confdefs.h + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a traditional french locale" >&5 $as_echo_n "checking for a traditional french locale... " >&6; } if ${gt_cv_locale_fr+:} false; then : @@ -36160,6 +40125,8 @@ fi + + if test $gl_cv_type_sigset_t = yes; then ac_fn_c_check_func "$LINENO" "sigprocmask" "ac_cv_func_sigprocmask" if test "x$ac_cv_func_sigprocmask" = xyes; then : @@ -36236,8 +40203,8 @@ else *-musl*) gl_cv_func_sleep_works="guessing yes" ;; # Guess no on native Windows. mingw*) gl_cv_func_sleep_works="guessing no" ;; - # If we don't know, assume the worst. - *) gl_cv_func_sleep_works="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_sleep_works="$gl_cross_guess_normal" ;; esac else @@ -36377,135 +40344,6 @@ $as_echo "#define GNULIB_TEST_SOCKET 1" >>confdefs.h - case "$host_os" in - mingw*) - REPLACE_STAT=1 - ;; - *) - { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stat handles trailing slashes on files" >&5 -$as_echo_n "checking whether stat handles trailing slashes on files... " >&6; } -if ${gl_cv_func_stat_file_slash+:} false; then : - $as_echo_n "(cached) " >&6 -else - touch conftest.tmp - # Assume that if we have lstat, we can also check symlinks. - if test $ac_cv_func_lstat = yes; then - ln -s conftest.tmp conftest.lnk - fi - if test "$cross_compiling" = yes; then : - case "$host_os" in - # Guess yes on Linux systems. - linux-* | linux) gl_cv_func_stat_file_slash="guessing yes" ;; - # Guess yes on glibc systems. - *-gnu* | gnu*) gl_cv_func_stat_file_slash="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_stat_file_slash="guessing no" ;; - esac - -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include - -int -main () -{ -int result = 0; - struct stat st; - if (!stat ("conftest.tmp/", &st)) - result |= 1; -#if HAVE_LSTAT - if (!stat ("conftest.lnk/", &st)) - result |= 2; -#endif - return result; - - ; - return 0; -} -_ACEOF -if ac_fn_c_try_run "$LINENO"; then : - gl_cv_func_stat_file_slash=yes -else - gl_cv_func_stat_file_slash=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ - conftest.$ac_objext conftest.beam conftest.$ac_ext -fi - - rm -f conftest.tmp conftest.lnk -fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_stat_file_slash" >&5 -$as_echo "$gl_cv_func_stat_file_slash" >&6; } - case $gl_cv_func_stat_file_slash in - *no) - REPLACE_STAT=1 - -$as_echo "#define REPLACE_FUNC_STAT_FILE 1" >>confdefs.h -;; - esac - case $host_os in - solaris*) - REPLACE_FSTAT=1 ;; - esac - ;; - esac - - if test $REPLACE_STAT = 1; then - - - - - - - - - gltests_LIBOBJS="$gltests_LIBOBJS stat.$ac_objext" - - case "$host_os" in - mingw*) - - - - - - - - - gltests_LIBOBJS="$gltests_LIBOBJS stat-w32.$ac_objext" - - ;; - esac - - - : - - fi - - - - - - if test "$GNULIB_STAT" != 1; then - if test "$GNULIB_STAT" = 0; then - GNULIB_STAT=$gl_module_indicator_condition - else - GNULIB_STAT="($GNULIB_STAT || $gl_module_indicator_condition)" - fi - fi - - - - - -$as_echo "#define GNULIB_TEST_STAT 1" >>confdefs.h - - - - - - - @@ -36523,8 +40361,8 @@ else *-gnu* | gnu*) gl_cv_func_working_strerror="guessing yes" ;; # Guess yes on musl systems. *-musl*) gl_cv_func_working_strerror="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_working_strerror="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_working_strerror="$gl_cross_guess_normal" ;; esac else @@ -36801,8 +40639,8 @@ else linux-* | linux) gl_cv_func_symlink_works="guessing yes" ;; # Guess yes on glibc systems. *-gnu* | gnu*) gl_cv_func_symlink_works="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_symlink_works="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_symlink_works="$gl_cross_guess_normal" ;; esac else @@ -37007,6 +40845,23 @@ $as_echo "$gl_cv_next_sys_ioctl_h" >&6; } + if test $gl_threads_api = posix; then + gl_save_LIBS="$LIBS" + LIBS="$LIBS $LIBMULTITHREAD" + for ac_func in pthread_atfork +do : + ac_fn_c_check_func "$LINENO" "pthread_atfork" "ac_cv_func_pthread_atfork" +if test "x$ac_cv_func_pthread_atfork" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_PTHREAD_ATFORK 1 +_ACEOF + +fi +done + + LIBS="$gl_save_LIBS" + fi + @@ -37079,8 +40934,8 @@ else case "$host_os" in # Guess yes on glibc systems. *-gnu*) gl_cv_func_unsetenv_works="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_unsetenv_works="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_unsetenv_works="$gl_cross_guess_normal" ;; esac else @@ -37232,7 +41087,7 @@ $as_echo_n "checking for valgrind options for tests... " >&6; } if ${gl_cv_opt_valgrind_tests+:} false; then : $as_echo_n "(cached) " >&6 else - gl_cv_opt_valgrind_tests="-q --error-exitcode=1 --leak-check=full --suppressions=\$(srcdir)/suppressions.valgrind" + gl_cv_opt_valgrind_tests="-q --error-exitcode=1 --leak-check=full --track-origins=yes --gen-suppressions=all --suppressions=\$(srcdir)/suppressions.valgrind" $VALGRIND $gl_valgrind_opts ls > /dev/null 2>&1 || gl_cv_opt_valgrind_tests=no fi @@ -37252,6 +41107,161 @@ $as_echo "$gl_cv_opt_valgrind_tests" >&6; } + # Check for mmap(). Don't use AC_FUNC_MMAP, because it checks too much: it + # fails on HP-UX 11, because MAP_FIXED mappings do not work. But this is + # irrelevant for anonymous mappings. + ac_fn_c_check_func "$LINENO" "mmap" "ac_cv_func_mmap" +if test "x$ac_cv_func_mmap" = xyes; then : + gl_have_mmap=yes +else + gl_have_mmap=no +fi + + + # Try to allow MAP_ANONYMOUS. + gl_have_mmap_anonymous=no + if test $gl_have_mmap = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for MAP_ANONYMOUS" >&5 +$as_echo_n "checking for MAP_ANONYMOUS... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#ifdef MAP_ANONYMOUS + I cannot identify this map +#endif + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "I cannot identify this map" >/dev/null 2>&1; then : + gl_have_mmap_anonymous=yes +fi +rm -f conftest* + + if test $gl_have_mmap_anonymous != yes; then + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#ifdef MAP_ANON + I cannot identify this map +#endif + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "I cannot identify this map" >/dev/null 2>&1; then : + +$as_echo "#define MAP_ANONYMOUS MAP_ANON" >>confdefs.h + + gl_have_mmap_anonymous=yes +fi +rm -f conftest* + + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_have_mmap_anonymous" >&5 +$as_echo "$gl_have_mmap_anonymous" >&6; } + if test $gl_have_mmap_anonymous = yes; then + +$as_echo "#define HAVE_MAP_ANONYMOUS 1" >>confdefs.h + + fi + fi + + + + + case "$host_os" in + mingw*) + + + + + + + + + gltests_LIBOBJS="$gltests_LIBOBJS windows-mutex.$ac_objext" + + ;; + esac + + case "$host_os" in + mingw*) + + + + + + + + + gltests_LIBOBJS="$gltests_LIBOBJS windows-once.$ac_objext" + + ;; + esac + + case "$host_os" in + mingw*) + + + + + + + + + gltests_LIBOBJS="$gltests_LIBOBJS windows-recmutex.$ac_objext" + + ;; + esac + + case "$host_os" in + mingw*) + + + + + + + + + gltests_LIBOBJS="$gltests_LIBOBJS windows-rwlock.$ac_objext" + + ;; + esac + + case "$host_os" in + mingw*) + + + + + + + + + gltests_LIBOBJS="$gltests_LIBOBJS windows-thread.$ac_objext" + + ;; + esac + + case "$host_os" in + mingw*) + + + + + + + + + gltests_LIBOBJS="$gltests_LIBOBJS windows-tls.$ac_objext" + + ;; + esac + + + @@ -37693,7 +41703,7 @@ else case "$host_os" in # Guess no on native Windows. mingw*) gl_cv_func_working_mktime="guessing no" ;; - *) gl_cv_func_working_mktime="guessing no" ;; + *) gl_cv_func_working_mktime="$gl_cross_guess_normal" ;; esac else @@ -38027,7 +42037,6 @@ fi - # parse-datetime.y works with bison only. : ${YACC='bison -o y.tab.c'} @@ -38085,6 +42094,7 @@ fi + gl_source_base='src/gl' if test "$ac_cv_header_winsock2_h" = yes; then @@ -38271,6 +42281,20 @@ $as_echo "$gl_cv_next_arpa_inet_h" >&6; } + if test $ac_cv_header_sys_socket_h = yes; then + HAVE_WS2TCPIP_H=0 + else + if test $ac_cv_header_ws2tcpip_h = yes; then + HAVE_WS2TCPIP_H=1 + else + HAVE_WS2TCPIP_H=0 + fi + fi + + + + + @@ -38302,6 +42326,7 @@ $as_echo "#define GNULIB_TEST_BIND 1" >>confdefs.h + # See the comments in bison.m4. @@ -38387,6 +42412,11 @@ done +$as_echo "#define GNULIB_TEST_CLOEXEC 1" >>confdefs.h + + + + if test $HAVE_MSVC_INVALID_PARAMETER_HANDLER = 1; then @@ -38659,6 +42689,335 @@ $as_echo "#define GNULIB_TEST_ENVIRON 1" >>confdefs.h + + + + + if test $ac_cv_func_explicit_bzero = no; then + HAVE_EXPLICIT_BZERO=0 + fi + + if test $HAVE_EXPLICIT_BZERO = 0; then + + + + + + + + + ggl_LIBOBJS="$ggl_LIBOBJS explicit_bzero.$ac_objext" + + + for ac_func in explicit_memset +do : + ac_fn_c_check_func "$LINENO" "explicit_memset" "ac_cv_func_explicit_memset" +if test "x$ac_cv_func_explicit_memset" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_EXPLICIT_MEMSET 1 +_ACEOF + +fi +done + + + + fi + + + + + + GNULIB_EXPLICIT_BZERO=1 + + + + + +$as_echo "#define GNULIB_TEST_EXPLICIT_BZERO 1" >>confdefs.h + + + + + + + + + + if test $ac_cv_func_fcntl = no; then + + + + if test $ac_cv_func_fcntl = no; then + HAVE_FCNTL=0 + else + REPLACE_FCNTL=1 + fi + + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fcntl handles F_DUPFD correctly" >&5 +$as_echo_n "checking whether fcntl handles F_DUPFD correctly... " >&6; } +if ${gl_cv_func_fcntl_f_dupfd_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "$cross_compiling" = yes; then : + case $host_os in + aix* | cygwin* | haiku*) + gl_cv_func_fcntl_f_dupfd_works="guessing no" ;; + *) gl_cv_func_fcntl_f_dupfd_works="guessing yes" ;; + esac +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + #include + #include + #include + #ifndef RLIM_SAVED_CUR + # define RLIM_SAVED_CUR RLIM_INFINITY + #endif + #ifndef RLIM_SAVED_MAX + # define RLIM_SAVED_MAX RLIM_INFINITY + #endif + +int +main () +{ +int result = 0; + int bad_fd = INT_MAX; + struct rlimit rlim; + if (getrlimit (RLIMIT_NOFILE, &rlim) == 0 + && 0 <= rlim.rlim_cur && rlim.rlim_cur <= INT_MAX + && rlim.rlim_cur != RLIM_INFINITY + && rlim.rlim_cur != RLIM_SAVED_MAX + && rlim.rlim_cur != RLIM_SAVED_CUR) + bad_fd = rlim.rlim_cur; + if (fcntl (0, F_DUPFD, -1) != -1) result |= 1; + if (errno != EINVAL) result |= 2; + if (fcntl (0, F_DUPFD, bad_fd) != -1) result |= 4; + if (errno != EINVAL) result |= 8; + /* On OS/2 kLIBC, F_DUPFD does not work on a directory fd */ + { + int fd; + fd = open (".", O_RDONLY); + if (fd == -1) + result |= 16; + else if (fcntl (fd, F_DUPFD, STDERR_FILENO + 1) == -1) + result |= 32; + + close (fd); + } + return result; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_fcntl_f_dupfd_works=yes +else + gl_cv_func_fcntl_f_dupfd_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fcntl_f_dupfd_works" >&5 +$as_echo "$gl_cv_func_fcntl_f_dupfd_works" >&6; } + case $gl_cv_func_fcntl_f_dupfd_works in + *yes) ;; + *) + + + if test $ac_cv_func_fcntl = no; then + HAVE_FCNTL=0 + else + REPLACE_FCNTL=1 + fi + + +$as_echo "#define FCNTL_DUPFD_BUGGY 1" >>confdefs.h + ;; + esac + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fcntl understands F_DUPFD_CLOEXEC" >&5 +$as_echo_n "checking whether fcntl understands F_DUPFD_CLOEXEC... " >&6; } +if ${gl_cv_func_fcntl_f_dupfd_cloexec+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#ifndef F_DUPFD_CLOEXEC +choke me +#endif + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#ifdef __linux__ +/* The Linux kernel only added F_DUPFD_CLOEXEC in 2.6.24, so we always replace + it to support the semantics on older kernels that failed with EINVAL. */ +choke me +#endif + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_func_fcntl_f_dupfd_cloexec=yes +else + gl_cv_func_fcntl_f_dupfd_cloexec="needs runtime check" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +else + gl_cv_func_fcntl_f_dupfd_cloexec=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fcntl_f_dupfd_cloexec" >&5 +$as_echo "$gl_cv_func_fcntl_f_dupfd_cloexec" >&6; } + if test "$gl_cv_func_fcntl_f_dupfd_cloexec" != yes; then + + + + if test $ac_cv_func_fcntl = no; then + HAVE_FCNTL=0 + else + REPLACE_FCNTL=1 + fi + + fi + fi + + + if test $HAVE_FCNTL = 0 || test $REPLACE_FCNTL = 1; then + + + + + + + + + ggl_LIBOBJS="$ggl_LIBOBJS fcntl.$ac_objext" + + fi + + + + + + GNULIB_FCNTL=1 + + + + + +$as_echo "#define GNULIB_TEST_FCNTL 1" >>confdefs.h + + + + + + + + + + + + + + + if test $gl_cv_have_include_next = yes; then + gl_cv_next_fcntl_h='<'fcntl.h'>' + else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking absolute name of " >&5 +$as_echo_n "checking absolute name of ... " >&6; } +if ${gl_cv_next_fcntl_h+:} false; then : + $as_echo_n "(cached) " >&6 +else + + + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF + case "$host_os" in + aix*) gl_absname_cpp="$ac_cpp -C" ;; + *) gl_absname_cpp="$ac_cpp" ;; + esac + + case "$host_os" in + mingw*) + gl_dirsep_regex='[/\\]' + ;; + *) + gl_dirsep_regex='\/' + ;; + esac + gl_make_literal_regex_sed='s,[]$^\\.*/[],\\&,g' + gl_header_literal_regex=`echo 'fcntl.h' \ + | sed -e "$gl_make_literal_regex_sed"` + gl_absolute_header_sed="/${gl_dirsep_regex}${gl_header_literal_regex}/"'{ + s/.*"\(.*'"${gl_dirsep_regex}${gl_header_literal_regex}"'\)".*/\1/ + s|^/[^/]|//&| + p + q + }' + + gl_cv_absolute_fcntl_h=`(eval "$gl_absname_cpp conftest.$ac_ext") 2>&5 | + sed -n "$gl_absolute_header_sed"` + + gl_header=$gl_cv_absolute_fcntl_h + gl_cv_next_fcntl_h='"'$gl_header'"' + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_next_fcntl_h" >&5 +$as_echo "$gl_cv_next_fcntl_h" >&6; } + fi + NEXT_FCNTL_H=$gl_cv_next_fcntl_h + + if test $gl_cv_have_include_next = yes || test $gl_cv_have_include_next = buggy; then + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include_next' + gl_next_as_first_directive='<'fcntl.h'>' + else + # INCLUDE_NEXT_AS_FIRST_DIRECTIVE='include' + gl_next_as_first_directive=$gl_cv_next_fcntl_h + fi + NEXT_AS_FIRST_DIRECTIVE_FCNTL_H=$gl_next_as_first_directive + + + + + + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for flexible array member" >&5 $as_echo_n "checking for flexible array member... " >&6; } if ${ac_cv_c_flexmember+:} false; then : @@ -38932,6 +43291,235 @@ fi + case "$host_os" in + mingw* | pw*) + REPLACE_FOPEN=1 + gl_cv_func_fopen_slash="guessing no" + ;; + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fopen recognizes a trailing slash" >&5 +$as_echo_n "checking whether fopen recognizes a trailing slash... " >&6; } +if ${gl_cv_func_fopen_slash+:} false; then : + $as_echo_n "(cached) " >&6 +else + + if test "$cross_compiling" = yes; then : + + case "$host_os" in + aix* | hpux* | solaris2.[0-9] | solaris2.[0-9].*) + gl_cv_func_fopen_slash="guessing no" ;; + *) + gl_cv_func_fopen_slash="guessing yes" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +int main () +{ + FILE *fp = fopen ("conftest.sl/", "w"); + int result = (fp != NULL); + if (fp != NULL) + fclose (fp); + return result; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_fopen_slash=yes +else + gl_cv_func_fopen_slash=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + rm -f conftest.sl + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fopen_slash" >&5 +$as_echo "$gl_cv_func_fopen_slash" >&6; } + ;; + esac + case "$gl_cv_func_fopen_slash" in + *no) + +$as_echo "#define FOPEN_TRAILING_SLASH_BUG 1" >>confdefs.h + + REPLACE_FOPEN=1 + ;; + esac + + if test $REPLACE_FOPEN = 1; then + + + + + + + + + ggl_LIBOBJS="$ggl_LIBOBJS fopen.$ac_objext" + + : + fi + + + + + + GNULIB_FOPEN=1 + + + + + +$as_echo "#define GNULIB_TEST_FOPEN 1" >>confdefs.h + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fopen supports the mode character 'x'" >&5 +$as_echo_n "checking whether fopen supports the mode character 'x'... " >&6; } +if ${gl_cv_func_fopen_mode_x+:} false; then : + $as_echo_n "(cached) " >&6 +else + rm -f conftest.x + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess yes on glibc and musl systems. + linux*-gnu* | gnu* | kfreebsd*-gnu | *-musl*) + gl_cv_func_fopen_mode_x="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) + gl_cv_func_fopen_mode_x="$gl_cross_guess_normal" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +int main () +{ + FILE *fp; + fp = fopen ("conftest.x", "w"); + fclose (fp); + fp = fopen ("conftest.x", "wx"); + if (fp != NULL) + /* 'x' ignored */ + return 1; + else if (errno == EEXIST) + return 0; + else + /* 'x' rejected */ + return 2; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_fopen_mode_x=yes +else + gl_cv_func_fopen_mode_x=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + rm -f conftest.x + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fopen_mode_x" >&5 +$as_echo "$gl_cv_func_fopen_mode_x" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether fopen supports the mode character 'e'" >&5 +$as_echo_n "checking whether fopen supports the mode character 'e'... " >&6; } +if ${gl_cv_func_fopen_mode_e+:} false; then : + $as_echo_n "(cached) " >&6 +else + echo foo > conftest.x + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess yes on glibc and musl systems. + linux*-gnu* | gnu* | kfreebsd*-gnu | *-musl*) + gl_cv_func_fopen_mode_e="guessing yes" ;; + # Guess no on native Windows. + mingw*) + gl_cv_func_fopen_mode_e="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) + gl_cv_func_fopen_mode_e="$gl_cross_guess_normal" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#include +#include +int main () +{ + FILE *fp = fopen ("conftest.x", "re"); + if (fp != NULL) + { + if (fcntl (fileno (fp), F_GETFD) & FD_CLOEXEC) + return 0; + else + /* 'e' ignored */ + return 1; + } + else + /* 'e' rejected */ + return 2; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_fopen_mode_e=yes +else + gl_cv_func_fopen_mode_e=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + rm -f conftest.x + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_fopen_mode_e" >&5 +$as_echo "$gl_cv_func_fopen_mode_e" >&6; } + case "$gl_cv_func_fopen_mode_x" in + *no) REPLACE_FOPEN=1 ;; + esac + case "$gl_cv_func_fopen_mode_e" in + *no) REPLACE_FOPEN=1 ;; + esac + + if test $REPLACE_FOPEN = 1; then + + + + + + + + + ggl_LIBOBJS="$ggl_LIBOBJS fopen.$ac_objext" + + : + fi + + +cat >>confdefs.h <<_ACEOF +#define GNULIB_FOPEN_GNU 1 +_ACEOF + + + + + if test $HAVE_FSEEKO = 0 || test $REPLACE_FSEEKO = 1; then REPLACE_FSEEK=1 fi @@ -39499,11 +44087,55 @@ $as_echo "$gl_cv_w32_getaddrinfo" >&6; } if test "$gl_cv_w32_getaddrinfo" = "yes"; then GETADDRINFO_LIB="-lws2_32" LIBS="$gai_saved_LIBS $GETADDRINFO_LIB" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getaddrinfo with POSIX signature" >&5 +$as_echo_n "checking for getaddrinfo with POSIX signature... " >&6; } +if ${gl_cv_func_getaddrinfo_posix_signature+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#ifdef HAVE_SYS_SOCKET_H +#include +#endif +#ifdef HAVE_NETDB_H +#include +#endif +#ifdef HAVE_WS2TCPIP_H +#include +#endif +#include +extern +#ifdef __cplusplus +"C" +#endif +int getaddrinfo (const char *, const char *, const struct addrinfo *, struct addrinfo **); + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_func_getaddrinfo_posix_signature=yes +else + gl_cv_func_getaddrinfo_posix_signature=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_getaddrinfo_posix_signature" >&5 +$as_echo "$gl_cv_func_getaddrinfo_posix_signature" >&6; } + if test $gl_cv_func_getaddrinfo_posix_signature = no; then + REPLACE_GETADDRINFO=1 + fi else HAVE_GETADDRINFO=0 fi fi +cat >>confdefs.h <<_ACEOF +#define HAVE_GETADDRINFO $HAVE_GETADDRINFO +_ACEOF + + # We can't use AC_REPLACE_FUNCS here because gai_strerror may be an # inline function declared in ws2tcpip.h, so we need to get that # header included somehow. @@ -39755,7 +44387,7 @@ fi - if test $HAVE_GETADDRINFO = 0; then + if test $HAVE_GETADDRINFO = 0 || test $REPLACE_GETADDRINFO = 1; then @@ -39828,7 +44460,7 @@ if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | else case "$host_os" in *-musl*) gl_cv_func_working_getdelim="guessing yes" ;; - *) gl_cv_func_working_getdelim="guessing no" ;; + *) gl_cv_func_working_getdelim="$gl_cross_guess_normal" ;; esac fi @@ -39855,6 +44487,7 @@ else int len = getdelim (&line, &siz, '\n', in); if (!(len == 4 && line && strcmp (line, "foo\n") == 0)) { free (line); fclose (in); return 2; } + free (line); } { /* Test result for a NULL buffer and a non-zero size. @@ -39952,6 +44585,97 @@ $as_echo "#define GNULIB_TEST_GETDELIM 1" >>confdefs.h + if test $ac_cv_func_getdtablesize = yes && + test $ac_cv_have_decl_getdtablesize = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether getdtablesize works" >&5 +$as_echo_n "checking whether getdtablesize works... " >&6; } +if ${gl_cv_func_getdtablesize_works+:} false; then : + $as_echo_n "(cached) " >&6 +else + case "$host_os" in + vms*) gl_cv_func_getdtablesize_works="no (limitation)" ;; + *) + if test "$cross_compiling" = yes; then : + case "$host_os" in + cygwin*) # on cygwin 1.5.25, getdtablesize() automatically grows + gl_cv_func_getdtablesize_works="guessing no" ;; + *) gl_cv_func_getdtablesize_works="guessing yes" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + #include +int +main () +{ +int size = getdtablesize(); + if (dup2 (0, getdtablesize()) != -1) + return 1; + if (size != getdtablesize()) + return 2; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_getdtablesize_works=yes +else + gl_cv_func_getdtablesize_works=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + ;; + esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_getdtablesize_works" >&5 +$as_echo "$gl_cv_func_getdtablesize_works" >&6; } + case "$gl_cv_func_getdtablesize_works" in + *yes | "no (limitation)") ;; + *) REPLACE_GETDTABLESIZE=1 ;; + esac + else + HAVE_GETDTABLESIZE=0 + fi + + if test $HAVE_GETDTABLESIZE = 0 || test $REPLACE_GETDTABLESIZE = 1; then + + + + + + + + + ggl_LIBOBJS="$ggl_LIBOBJS getdtablesize.$ac_objext" + + : + fi + + + + + + GNULIB_GETDTABLESIZE=1 + + + + + +$as_echo "#define GNULIB_TEST_GETDTABLESIZE 1" >>confdefs.h + + + + + + + + gl_getline_needs_run_time_check=no @@ -39987,7 +44711,7 @@ if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | else case "$host_os" in *-musl*) am_cv_func_working_getline="guessing yes" ;; - *) am_cv_func_working_getline="guessing no" ;; + *) am_cv_func_working_getline="$gl_cross_guess_normal" ;; esac fi @@ -40284,8 +45008,8 @@ else *-musl*) gl_cv_func_gettimeofday_clobber="guessing no" ;; # Guess no on native Windows. mingw*) gl_cv_func_gettimeofday_clobber="guessing no" ;; - # If we don't know, assume the worst. - *) gl_cv_func_gettimeofday_clobber="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_gettimeofday_clobber="$gl_cross_guess_inverted" ;; esac else @@ -40597,6 +45321,7 @@ done if test $HAVE_WINSOCK2_H = 1; then + REPLACE_INET_NTOP=1 ac_fn_c_check_decl "$LINENO" "inet_ntop" "ac_cv_have_decl_inet_ntop" "#include " if test "x$ac_cv_have_decl_inet_ntop" = xyes; then : @@ -40610,11 +45335,9 @@ cat >>confdefs.h <<_ACEOF _ACEOF if test $ac_cv_have_decl_inet_ntop = yes; then - REPLACE_INET_NTOP=1 INET_NTOP_LIB="-lws2_32" else HAVE_DECL_INET_NTOP=0 - HAVE_INET_NTOP=0 fi else gl_save_LIBS=$LIBS @@ -40782,6 +45505,7 @@ done if test $HAVE_WINSOCK2_H = 1; then + REPLACE_INET_PTON=1 ac_fn_c_check_decl "$LINENO" "inet_pton" "ac_cv_have_decl_inet_pton" "#include " if test "x$ac_cv_have_decl_inet_pton" = xyes; then : @@ -40795,11 +45519,9 @@ cat >>confdefs.h <<_ACEOF _ACEOF if test $ac_cv_have_decl_inet_pton = yes; then - REPLACE_INET_PTON=1 INET_PTON_LIB="-lws2_32" else HAVE_DECL_INET_PTON=0 - HAVE_INET_PTON=0 fi else gl_save_LIBS=$LIBS @@ -40905,7 +45627,7 @@ _ACEOF fi - if test $HAVE_INET_PTON = 0 || test $REPLACE_INET_NTOP = 1; then + if test $HAVE_INET_PTON = 0 || test $REPLACE_INET_PTON = 1; then @@ -40989,10 +45711,8 @@ else #if defined INT32_MAX && defined INTMAX_MAX #define CONDITION (INT32_MAX < INTMAX_MAX) - #elif HAVE_LONG_LONG_INT - #define CONDITION (sizeof (int) < sizeof (long long int)) #else - #define CONDITION 0 + #define CONDITION (sizeof (int) < sizeof (long long int)) #endif int test[CONDITION ? 1 : -1]; int @@ -41041,10 +45761,8 @@ else #if defined INT64_MAX #define CONDITION (INT64_MAX == LONG_MAX) - #elif HAVE_LONG_LONG_INT - #define CONDITION (sizeof (long long int) == sizeof (long int)) #else - #define CONDITION 0 + #define CONDITION (sizeof (long long int) == sizeof (long int)) #endif int test[CONDITION ? 1 : -1]; int @@ -41095,10 +45813,8 @@ else #if defined UINT32_MAX && defined UINTMAX_MAX #define CONDITION (UINT32_MAX < UINTMAX_MAX) - #elif HAVE_LONG_LONG_INT - #define CONDITION (sizeof (unsigned int) < sizeof (unsigned long long int)) #else - #define CONDITION 0 + #define CONDITION (sizeof (unsigned int) < sizeof (unsigned long long int)) #endif int test[CONDITION ? 1 : -1]; int @@ -41147,10 +45863,8 @@ else #if defined UINT64_MAX #define CONDITION (UINT64_MAX == ULONG_MAX) - #elif HAVE_LONG_LONG_INT - #define CONDITION (sizeof (unsigned long long int) == sizeof (unsigned long int)) #else - #define CONDITION 0 + #define CONDITION (sizeof (unsigned long long int) == sizeof (unsigned long int)) #endif int test[CONDITION ? 1 : -1]; int @@ -41414,7 +46128,6 @@ $as_echo "#define GNULIB_TEST_MALLOC_POSIX 1" >>confdefs.h - if test $HAVE_MEMCHR = 0 || test $REPLACE_MEMCHR = 1; then @@ -41806,6 +46519,8 @@ fi + + # This defines (or not) HAVE_TZNAME and HAVE_TM_ZONE. @@ -41820,6 +46535,195 @@ $as_echo "#define my_strftime nstrftime" >>confdefs.h + case "$host_os" in + mingw* | pw*) + REPLACE_OPEN=1 + ;; + *) + + if test "$gl_cv_macro_O_CLOEXEC" != yes; then + REPLACE_OPEN=1 + fi + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether open recognizes a trailing slash" >&5 +$as_echo_n "checking whether open recognizes a trailing slash... " >&6; } +if ${gl_cv_func_open_slash+:} false; then : + $as_echo_n "(cached) " >&6 +else + # Assume that if we have lstat, we can also check symlinks. + if test $ac_cv_func_lstat = yes; then + touch conftest.tmp + ln -s conftest.tmp conftest.lnk + fi + if test "$cross_compiling" = yes; then : + + case "$host_os" in + freebsd* | aix* | hpux* | solaris2.[0-9] | solaris2.[0-9].*) + gl_cv_func_open_slash="guessing no" ;; + *) + gl_cv_func_open_slash="guessing yes" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#if HAVE_UNISTD_H +# include +#endif +int main () +{ + int result = 0; +#if HAVE_LSTAT + if (open ("conftest.lnk/", O_RDONLY) != -1) + result |= 1; +#endif + if (open ("conftest.sl/", O_CREAT, 0600) >= 0) + result |= 2; + return result; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_open_slash=yes +else + gl_cv_func_open_slash=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + rm -f conftest.sl conftest.tmp conftest.lnk + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_open_slash" >&5 +$as_echo "$gl_cv_func_open_slash" >&6; } + case "$gl_cv_func_open_slash" in + *no) + +$as_echo "#define OPEN_TRAILING_SLASH_BUG 1" >>confdefs.h + + ;; + esac + + case "$gl_cv_func_open_slash" in + *no) + REPLACE_OPEN=1 + ;; + esac + ;; + esac + + + + if test $REPLACE_OPEN = 1; then + + + + + + + + + ggl_LIBOBJS="$ggl_LIBOBJS open.$ac_objext" + + + + : + + fi + + + + + + GNULIB_OPEN=1 + + + + + +$as_echo "#define GNULIB_TEST_OPEN 1" >>confdefs.h + + + + + + for ac_prog in bison +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_PARSE_DATETIME_BISON+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$PARSE_DATETIME_BISON"; then + ac_cv_prog_PARSE_DATETIME_BISON="$PARSE_DATETIME_BISON" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_PARSE_DATETIME_BISON="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +PARSE_DATETIME_BISON=$ac_cv_prog_PARSE_DATETIME_BISON +if test -n "$PARSE_DATETIME_BISON"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PARSE_DATETIME_BISON" >&5 +$as_echo "$PARSE_DATETIME_BISON" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$PARSE_DATETIME_BISON" && break +done + + if test -z "$PARSE_DATETIME_BISON"; then + ac_verc_fail=yes + else + cat >conftest.y <<_ACEOF +%require "2.4" +%% +exp: +_ACEOF + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for bison 2.4 or newer" >&5 +$as_echo_n "checking for bison 2.4 or newer... " >&6; } + ac_prog_version=`$PARSE_DATETIME_BISON --version 2>&1 | sed -n 's/^.*GNU Bison.* \([0-9]*\.[0-9.]*\).*$/\1/p'` + : ${ac_prog_version:='v. ?.??'} + if $PARSE_DATETIME_BISON conftest.y -o conftest.c 2>/dev/null; then + ac_prog_version="$ac_prog_version, ok" + ac_verc_fail=no + else + ac_prog_version="$ac_prog_version, bad" + ac_verc_fail=yes + fi + rm -f conftest.y conftest.c + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_prog_version" >&5 +$as_echo "$ac_prog_version" >&6; } + fi + if test $ac_verc_fail = yes; then + PARSE_DATETIME_BISON=: + fi + + + + + + @@ -42086,8 +46990,8 @@ else linux-* | linux) gl_cv_func_select_detects_ebadf="guessing yes" ;; # Guess yes on glibc systems. *-gnu* | gnu*) gl_cv_func_select_detects_ebadf="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_select_detects_ebadf="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_select_detects_ebadf="$gl_cross_guess_normal" ;; esac else @@ -42383,8 +47287,8 @@ else *-gnu* | gnu*) gl_cv_func_setenv_works="guessing yes" ;; # Guess yes on musl systems. *-musl*) gl_cv_func_setenv_works="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_setenv_works="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_setenv_works="$gl_cross_guess_normal" ;; esac else @@ -42630,6 +47534,8 @@ fi + + for ac_header in stdint.h do : ac_fn_c_check_header_mongrel "$LINENO" "stdint.h" "ac_cv_header_stdint_h" "$ac_includes_default" @@ -43052,6 +47958,129 @@ $as_echo "#define ssize_t int" >>confdefs.h + case "$host_os" in + mingw*) + REPLACE_STAT=1 + ;; + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stat handles trailing slashes on files" >&5 +$as_echo_n "checking whether stat handles trailing slashes on files... " >&6; } +if ${gl_cv_func_stat_file_slash+:} false; then : + $as_echo_n "(cached) " >&6 +else + touch conftest.tmp + # Assume that if we have lstat, we can also check symlinks. + if test $ac_cv_func_lstat = yes; then + ln -s conftest.tmp conftest.lnk + fi + if test "$cross_compiling" = yes; then : + case "$host_os" in + # Guess yes on Linux systems. + linux-* | linux) gl_cv_func_stat_file_slash="guessing yes" ;; + # Guess yes on glibc systems. + *-gnu* | gnu*) gl_cv_func_stat_file_slash="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_stat_file_slash="$gl_cross_guess_normal" ;; + esac + +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main () +{ +int result = 0; + struct stat st; + if (!stat ("conftest.tmp/", &st)) + result |= 1; +#if HAVE_LSTAT + if (!stat ("conftest.lnk/", &st)) + result |= 2; +#endif + return result; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + gl_cv_func_stat_file_slash=yes +else + gl_cv_func_stat_file_slash=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + rm -f conftest.tmp conftest.lnk +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_stat_file_slash" >&5 +$as_echo "$gl_cv_func_stat_file_slash" >&6; } + case $gl_cv_func_stat_file_slash in + *no) + REPLACE_STAT=1 + +$as_echo "#define REPLACE_FUNC_STAT_FILE 1" >>confdefs.h +;; + esac + case $host_os in + solaris*) + REPLACE_FSTAT=1 ;; + esac + ;; + esac + + if test $REPLACE_STAT = 1; then + + + + + + + + + ggl_LIBOBJS="$ggl_LIBOBJS stat.$ac_objext" + + case "$host_os" in + mingw*) + + + + + + + + + ggl_LIBOBJS="$ggl_LIBOBJS stat-w32.$ac_objext" + + ;; + esac + + + : + + fi + + + + + + GNULIB_STAT=1 + + + + + +$as_echo "#define GNULIB_TEST_STAT 1" >>confdefs.h + + + + + + + ac_fn_c_check_member "$LINENO" "struct stat" "st_atim.tv_nsec" "ac_cv_member_struct_stat_st_atim_tv_nsec" "#include #include " @@ -43261,10 +48290,20 @@ fi - # Define two additional variables used in the Makefile substitution. - if test "$ac_cv_header_stdbool_h" = yes; then - STDBOOL_H='' + if test "$ac_cv_header_stdbool_h" = yes; then + case "$host_os" in + solaris*) + if test -z "$GCC"; then + STDBOOL_H='stdbool.h' + else + STDBOOL_H='' + fi + ;; + *) + STDBOOL_H='' + ;; + esac else STDBOOL_H='stdbool.h' fi @@ -43617,6 +48656,8 @@ _ACEOF + + if test $gl_cv_have_include_next = yes; then gl_cv_next_stdlib_h='<'stdlib.h'>' else @@ -43689,6 +48730,8 @@ $as_echo "$gl_cv_next_stdlib_h" >&6; } + + if test $ac_cv_func_strdup = yes; then if test $gl_cv_func_malloc_posix != yes; then REPLACE_STRDUP=1 @@ -43864,6 +48907,8 @@ fi + + if test $gl_cv_have_include_next = yes; then gl_cv_next_sys_uio_h='<'sys/uio.h'>' else @@ -43950,7 +48995,14 @@ $as_echo "$gl_cv_next_sys_uio_h" >&6; } - ac_fn_c_check_decl "$LINENO" "localtime_r" "ac_cv_have_decl_localtime_r" "#include + ac_fn_c_check_decl "$LINENO" "localtime_r" "ac_cv_have_decl_localtime_r" "/* mingw's provides the functions asctime_r, ctime_r, + gmtime_r, localtime_r only if or has + been included before. */ + #if defined __MINGW32__ + # include + #endif + #include + " if test "x$ac_cv_have_decl_localtime_r" = xyes; then : ac_have_decl=1 @@ -43976,7 +49028,14 @@ if ${gl_cv_time_r_posix+:} false; then : else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include +/* mingw's provides the functions asctime_r, ctime_r, + gmtime_r, localtime_r only if or has + been included before. */ + #if defined __MINGW32__ + # include + #endif + #include + int main () { @@ -44010,6 +49069,47 @@ $as_echo "$gl_cv_time_r_posix" >&6; } fi else HAVE_LOCALTIME_R=0 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether localtime_r exists as an inline function" >&5 +$as_echo_n "checking whether localtime_r exists as an inline function... " >&6; } +if ${gl_cv_func_localtime_r_inline+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* mingw's provides the functions asctime_r, ctime_r, + gmtime_r, localtime_r only if or has + been included before. */ + #if defined __MINGW32__ + # include + #endif + #include + +int +main () +{ +time_t a; + struct tm r; + localtime_r (&a, &r); + + ; + return 0; +} + +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gl_cv_func_localtime_r_inline=yes +else + gl_cv_func_localtime_r_inline=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_func_localtime_r_inline" >&5 +$as_echo "$gl_cv_func_localtime_r_inline" >&6; } + if test $gl_cv_func_localtime_r_inline = yes; then + REPLACE_LOCALTIME_R=1 + fi fi if test $HAVE_LOCALTIME_R = 0 || test $REPLACE_LOCALTIME_R = 1; then @@ -44210,8 +49310,8 @@ else *-musl*) gl_cv_func_tzset_clobber="guessing no" ;; # Guess no on native Windows. mingw*) gl_cv_func_tzset_clobber="guessing no" ;; - # If we don't know, assume the worst. - *) gl_cv_func_tzset_clobber="guessing yes" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_tzset_clobber="$gl_cross_guess_inverted" ;; esac else @@ -44404,6 +49504,8 @@ $as_echo "$gl_cv_next_unistd_h" >&6; } + + if test $ac_cv_have_decl_unsetenv = no; then HAVE_DECL_UNSETENV=0 fi @@ -44472,8 +49574,8 @@ else case "$host_os" in # Guess yes on glibc systems. *-gnu*) gl_cv_func_unsetenv_works="guessing yes" ;; - # If we don't know, assume the worst. - *) gl_cv_func_unsetenv_works="guessing no" ;; + # If we don't know, obey --enable-cross-guesses. + *) gl_cv_func_unsetenv_works="$gl_cross_guess_normal" ;; esac else @@ -44561,6 +49663,7 @@ $as_echo "#define GNULIB_TEST_UNSETENV 1" >>confdefs.h + if test $ac_cv_func_vasnprintf = no; then @@ -44618,8 +49721,6 @@ $as_echo "#define REPLACE_VASNPRINTF 1" >>confdefs.h - - ac_fn_c_check_type "$LINENO" "ptrdiff_t" "ac_cv_type_ptrdiff_t" "$ac_includes_default" if test "x$ac_cv_type_ptrdiff_t" = xyes; then : @@ -44744,6 +49845,8 @@ $as_echo "$gl_cv_next_wchar_h" >&6; } + + for ac_header in stdint.h do : ac_fn_c_check_header_mongrel "$LINENO" "stdint.h" "ac_cv_header_stdint_h" "$ac_includes_default" @@ -44778,6 +49881,7 @@ done + gl_source_base='tests' ggltests_WITNESS=IN_`echo "${PACKAGE-$PACKAGE_TARNAME}" | LC_ALL=C tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ | LC_ALL=C sed -e 's/[^A-Z0-9_]/_/g'`_GNULIB_TESTS @@ -44841,6 +49945,7 @@ fi + gl_source_base='lib/unistring' @@ -44920,10 +50025,20 @@ $as_echo "#define ssize_t int" >>confdefs.h - # Define two additional variables used in the Makefile substitution. - if test "$ac_cv_header_stdbool_h" = yes; then - STDBOOL_H='' + if test "$ac_cv_header_stdbool_h" = yes; then + case "$host_os" in + solaris*) + if test -z "$GCC"; then + STDBOOL_H='stdbool.h' + else + STDBOOL_H='' + fi + ;; + *) + STDBOOL_H='' + ;; + esac else STDBOOL_H='stdbool.h' fi @@ -47251,180 +52366,784 @@ fi - test $LIBUNISTRING_VERSION_MAJOR -lt 0 \ - || { test $LIBUNISTRING_VERSION_MAJOR -eq 0 \ - && { test $LIBUNISTRING_VERSION_MINOR -lt 9 \ - || { test $LIBUNISTRING_VERSION_MINOR -eq 9 \ - && test $LIBUNISTRING_VERSION_SUBMINOR -lt 3 - } - } - } + test $LIBUNISTRING_VERSION_MAJOR -lt 0 \ + || { test $LIBUNISTRING_VERSION_MAJOR -eq 0 \ + && { test $LIBUNISTRING_VERSION_MINOR -lt 9 \ + || { test $LIBUNISTRING_VERSION_MINOR -eq 9 \ + && test $LIBUNISTRING_VERSION_SUBMINOR -lt 3 + } + } + } + + + + + } + }; then + LIBUNISTRING_COMPILE_UNISTR_U8_TO_U16_TRUE= + LIBUNISTRING_COMPILE_UNISTR_U8_TO_U16_FALSE='#' +else + LIBUNISTRING_COMPILE_UNISTR_U8_TO_U16_TRUE='#' + LIBUNISTRING_COMPILE_UNISTR_U8_TO_U16_FALSE= +fi + + + + + if { test "$HAVE_LIBUNISTRING" != yes \ + || { + + + + test $LIBUNISTRING_VERSION_MAJOR -lt 0 \ + || { test $LIBUNISTRING_VERSION_MAJOR -eq 0 \ + && { test $LIBUNISTRING_VERSION_MINOR -lt 9 \ + || { test $LIBUNISTRING_VERSION_MINOR -eq 9 \ + && test $LIBUNISTRING_VERSION_SUBMINOR -lt 3 + } + } + } + + + + + } + }; then + LIBUNISTRING_COMPILE_UNISTR_U8_TO_U32_TRUE= + LIBUNISTRING_COMPILE_UNISTR_U8_TO_U32_FALSE='#' +else + LIBUNISTRING_COMPILE_UNISTR_U8_TO_U32_TRUE='#' + LIBUNISTRING_COMPILE_UNISTR_U8_TO_U32_FALSE= +fi + + + + +cat >>confdefs.h <<_ACEOF +#define GNULIB_UNISTR_U8_UCTOMB 1 +_ACEOF + + + + + if { test "$HAVE_LIBUNISTRING" != yes \ + || { + + + + test $LIBUNISTRING_VERSION_MAJOR -lt 0 \ + || { test $LIBUNISTRING_VERSION_MAJOR -eq 0 \ + && { test $LIBUNISTRING_VERSION_MINOR -lt 9 \ + || { test $LIBUNISTRING_VERSION_MINOR -eq 9 \ + && test $LIBUNISTRING_VERSION_SUBMINOR -lt 0 + } + } + } + + + + + } + }; then + LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB_TRUE= + LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB_FALSE='#' +else + LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB_TRUE='#' + LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB_FALSE= +fi + + + + + if { test "$HAVE_LIBUNISTRING" != yes \ + || { + + + + test $LIBUNISTRING_VERSION_MAJOR -lt 0 \ + || { test $LIBUNISTRING_VERSION_MAJOR -eq 0 \ + && { test $LIBUNISTRING_VERSION_MINOR -lt 9 \ + || { test $LIBUNISTRING_VERSION_MINOR -eq 9 \ + && test $LIBUNISTRING_VERSION_SUBMINOR -lt 4 + } + } + } + + + + + } + }; then + LIBUNISTRING_UNITYPES_H='unitypes.h' + else + LIBUNISTRING_UNITYPES_H= + fi + + + # End of code from modules + + + + + + + + gltests_libdeps= + gltests_ltlibdeps= + + + + + + + + + + + gl_source_base='tests' + unistringtests_WITNESS=IN_`echo "${PACKAGE-$PACKAGE_TARNAME}" | LC_ALL=C tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ | LC_ALL=C sed -e 's/[^A-Z0-9_]/_/g'`_GNULIB_TESTS + + gl_module_indicator_condition=$unistringtests_WITNESS + + + + + + + + + + + +# disable the extended test suite at tests/suite if asked, or if we are not running in git master +# Check whether --enable-full-test-suite was given. +if test "${enable_full_test_suite+set}" = set; then : + enableval=$enable_full_test_suite; full_test_suite=$enableval +else + full_test_suite=yes +fi + + +# test if we are in git master or in release build. In release +# builds we do not use valgrind. +SUITE_FILE="${srcdir}/tests/suite/prime-check.c" +if test "$full_test_suite" = yes && test ! -f "$SUITE_FILE";then + full_test_suite=no +fi + + if test "$full_test_suite" = "yes"; then + WANT_TEST_SUITE_TRUE= + WANT_TEST_SUITE_FALSE='#' +else + WANT_TEST_SUITE_TRUE='#' + WANT_TEST_SUITE_FALSE= +fi + + +# Check whether --enable-oldgnutls-interop was given. +if test "${enable_oldgnutls_interop+set}" = set; then : + enableval=$enable_oldgnutls_interop; enable_oldgnutls_interop=$enableval +else + enable_oldgnutls_interop=no +fi + + +if test "$enable_oldgnutls_interop" != "no" && test "$full_test_suite" != yes;then + as_fn_error $? "cannot --enable-oldgnutls-interop without --enable-full-test-suite" "$LINENO" 5 +fi + + if test "$enable_oldgnutls_interop" != "no"; then + ENABLE_OLDGNUTLS_INTEROP_TRUE= + ENABLE_OLDGNUTLS_INTEROP_FALSE='#' +else + ENABLE_OLDGNUTLS_INTEROP_TRUE='#' + ENABLE_OLDGNUTLS_INTEROP_FALSE= +fi + + +# check for libev - used in full test suite + + + + + + + + + + + + + use_additional=yes + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + + eval additional_includedir=\"$includedir\" + eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" + + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + +# Check whether --with-libev-prefix was given. +if test "${with_libev_prefix+set}" = set; then : + withval=$with_libev_prefix; + if test "X$withval" = "Xno"; then + use_additional=no + else + if test "X$withval" = "X"; then + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + + eval additional_includedir=\"$includedir\" + eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" + + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + else + additional_includedir="$withval/include" + additional_libdir="$withval/$acl_libdirstem" + additional_libdir2="$withval/$acl_libdirstem2" + additional_libdir3="$withval/$acl_libdirstem3" + fi + fi + +fi + + if test "X$additional_libdir2" = "X$additional_libdir"; then + additional_libdir2= + fi + if test "X$additional_libdir3" = "X$additional_libdir"; then + additional_libdir3= + fi + LIBEV= + LTLIBEV= + INCEV= + LIBEV_PREFIX= + HAVE_LIBEV= + rpathdirs= + ltrpathdirs= + names_already_handled= + names_next_round='ev ' + while test -n "$names_next_round"; do + names_this_round="$names_next_round" + names_next_round= + for name in $names_this_round; do + already_handled= + for n in $names_already_handled; do + if test "$n" = "$name"; then + already_handled=yes + break + fi + done + if test -z "$already_handled"; then + names_already_handled="$names_already_handled $name" + uppername=`echo "$name" | sed -e 'y|abcdefghijklmnopqrstuvwxyz./+-|ABCDEFGHIJKLMNOPQRSTUVWXYZ____|'` + eval value=\"\$HAVE_LIB$uppername\" + if test -n "$value"; then + if test "$value" = yes; then + eval value=\"\$LIB$uppername\" + test -z "$value" || LIBEV="${LIBEV}${LIBEV:+ }$value" + eval value=\"\$LTLIB$uppername\" + test -z "$value" || LTLIBEV="${LTLIBEV}${LTLIBEV:+ }$value" + else + : + fi + else + found_dir= + found_la= + found_so= + found_a= + eval libname=\"$acl_libname_spec\" # typically: libname=lib$name + if test -n "$acl_shlibext"; then + shrext=".$acl_shlibext" # typically: shrext=.so + else + shrext= + fi + if test $use_additional = yes; then + for additional_libdir_variable in additional_libdir additional_libdir2 additional_libdir3; do + if test "X$found_dir" = "X"; then + eval dir=\$$additional_libdir_variable + if test -n "$dir"; then + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi + fi + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then + found_dir="$dir" + found_a="$dir/$libname.$acl_libext" + fi + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi + fi + fi + done + fi + if test "X$found_dir" = "X"; then + for x in $LDFLAGS $LTLIBEV; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + case "$x" in + -L*) + dir=`echo "X$x" | sed -e 's/^X-L//'` + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi + fi + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then + found_dir="$dir" + found_a="$dir/$libname.$acl_libext" + fi + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi + ;; + esac + if test "X$found_dir" != "X"; then + break + fi + done + fi + if test "X$found_dir" != "X"; then + LTLIBEV="${LTLIBEV}${LTLIBEV:+ }-L$found_dir -l$name" + if test "X$found_so" != "X"; then + if test "$enable_rpath" = no \ + || test "X$found_dir" = "X/usr/$acl_libdirstem" \ + || test "X$found_dir" = "X/usr/$acl_libdirstem2" \ + || test "X$found_dir" = "X/usr/$acl_libdirstem3"; then + LIBEV="${LIBEV}${LIBEV:+ }$found_so" + else + haveit= + for x in $ltrpathdirs; do + if test "X$x" = "X$found_dir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + ltrpathdirs="$ltrpathdirs $found_dir" + fi + if test "$acl_hardcode_direct" = yes; then + LIBEV="${LIBEV}${LIBEV:+ }$found_so" + else + if test -n "$acl_hardcode_libdir_flag_spec" && test "$acl_hardcode_minus_L" = no; then + LIBEV="${LIBEV}${LIBEV:+ }$found_so" + haveit= + for x in $rpathdirs; do + if test "X$x" = "X$found_dir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + rpathdirs="$rpathdirs $found_dir" + fi + else + haveit= + for x in $LDFLAGS $LIBEV; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + if test "X$x" = "X-L$found_dir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + LIBEV="${LIBEV}${LIBEV:+ }-L$found_dir" + fi + if test "$acl_hardcode_minus_L" != no; then + LIBEV="${LIBEV}${LIBEV:+ }$found_so" + else + LIBEV="${LIBEV}${LIBEV:+ }-l$name" + fi + fi + fi + fi + else + if test "X$found_a" != "X"; then + LIBEV="${LIBEV}${LIBEV:+ }$found_a" + else + LIBEV="${LIBEV}${LIBEV:+ }-L$found_dir -l$name" + fi + fi + additional_includedir= + case "$found_dir" in + */$acl_libdirstem | */$acl_libdirstem/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem/"'*$,,'` + if test "$name" = 'ev'; then + LIBEV_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; + */$acl_libdirstem2 | */$acl_libdirstem2/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem2/"'*$,,'` + if test "$name" = 'ev'; then + LIBEV_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; + */$acl_libdirstem3 | */$acl_libdirstem3/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem3/"'*$,,'` + if test "$name" = 'ev'; then + LIBEV_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; + esac + if test "X$additional_includedir" != "X"; then + if test "X$additional_includedir" != "X/usr/include"; then + haveit= + if test "X$additional_includedir" = "X/usr/local/include"; then + if test -n "$GCC"; then + case $host_os in + linux* | gnu* | k*bsd*-gnu) haveit=yes;; + esac + fi + fi + if test -z "$haveit"; then + for x in $CPPFLAGS $INCEV; do + + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + + if test "X$x" = "X-I$additional_includedir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + if test -d "$additional_includedir"; then + INCEV="${INCEV}${INCEV:+ }-I$additional_includedir" + fi + fi + fi + fi + fi + if test -n "$found_la"; then + save_libdir="$libdir" + case "$found_la" in + */* | *\\*) . "$found_la" ;; + *) . "./$found_la" ;; + esac + libdir="$save_libdir" + for dep in $dependency_libs; do + case "$dep" in + -L*) + dependency_libdir=`echo "X$dep" | sed -e 's/^X-L//'` + if test "X$dependency_libdir" != "X/usr/$acl_libdirstem" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem2" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem3"; then + haveit= + if test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem2" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem3"; then + if test -n "$GCC"; then + case $host_os in + linux* | gnu* | k*bsd*-gnu) haveit=yes;; + esac + fi + fi + if test -z "$haveit"; then + haveit= + for x in $LDFLAGS $LIBEV; do + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + if test "X$x" = "X-L$dependency_libdir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + if test -d "$dependency_libdir"; then + LIBEV="${LIBEV}${LIBEV:+ }-L$dependency_libdir" + fi + fi + haveit= + for x in $LDFLAGS $LTLIBEV; do + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" - } - }; then - LIBUNISTRING_COMPILE_UNISTR_U8_TO_U16_TRUE= - LIBUNISTRING_COMPILE_UNISTR_U8_TO_U16_FALSE='#' -else - LIBUNISTRING_COMPILE_UNISTR_U8_TO_U16_TRUE='#' - LIBUNISTRING_COMPILE_UNISTR_U8_TO_U16_FALSE= -fi + if test "X$x" = "X-L$dependency_libdir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + if test -d "$dependency_libdir"; then + LTLIBEV="${LTLIBEV}${LTLIBEV:+ }-L$dependency_libdir" + fi + fi + fi + fi + ;; + -R*) + dir=`echo "X$dep" | sed -e 's/^X-R//'` + if test "$enable_rpath" != no; then + haveit= + for x in $rpathdirs; do + if test "X$x" = "X$dir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + rpathdirs="$rpathdirs $dir" + fi + haveit= + for x in $ltrpathdirs; do + if test "X$x" = "X$dir"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + ltrpathdirs="$ltrpathdirs $dir" + fi + fi + ;; + -l*) + names_next_round="$names_next_round "`echo "X$dep" | sed -e 's/^X-l//'` + ;; + *.la) + names_next_round="$names_next_round "`echo "X$dep" | sed -e 's,^X.*/,,' -e 's,^lib,,' -e 's,\.la$,,'` + ;; + *) + LIBEV="${LIBEV}${LIBEV:+ }$dep" + LTLIBEV="${LTLIBEV}${LTLIBEV:+ }$dep" + ;; + esac + done + fi + else + LIBEV="${LIBEV}${LIBEV:+ }-l$name" + LTLIBEV="${LTLIBEV}${LTLIBEV:+ }-l$name" + fi + fi + fi + done + done + if test "X$rpathdirs" != "X"; then + if test -n "$acl_hardcode_libdir_separator"; then + alldirs= + for found_dir in $rpathdirs; do + alldirs="${alldirs}${alldirs:+$acl_hardcode_libdir_separator}$found_dir" + done + acl_save_libdir="$libdir" + libdir="$alldirs" + eval flag=\"$acl_hardcode_libdir_flag_spec\" + libdir="$acl_save_libdir" + LIBEV="${LIBEV}${LIBEV:+ }$flag" + else + for found_dir in $rpathdirs; do + acl_save_libdir="$libdir" + libdir="$found_dir" + eval flag=\"$acl_hardcode_libdir_flag_spec\" + libdir="$acl_save_libdir" + LIBEV="${LIBEV}${LIBEV:+ }$flag" + done + fi + fi + if test "X$ltrpathdirs" != "X"; then + for found_dir in $ltrpathdirs; do + LTLIBEV="${LTLIBEV}${LTLIBEV:+ }-R$found_dir" + done + fi - if { test "$HAVE_LIBUNISTRING" != yes \ - || { + ac_save_CPPFLAGS="$CPPFLAGS" - test $LIBUNISTRING_VERSION_MAJOR -lt 0 \ - || { test $LIBUNISTRING_VERSION_MAJOR -eq 0 \ - && { test $LIBUNISTRING_VERSION_MINOR -lt 9 \ - || { test $LIBUNISTRING_VERSION_MINOR -eq 9 \ - && test $LIBUNISTRING_VERSION_SUBMINOR -lt 3 - } - } - } + for element in $INCEV; do + haveit= + for x in $CPPFLAGS; do + acl_save_prefix="$prefix" + prefix="$acl_final_prefix" + acl_save_exec_prefix="$exec_prefix" + exec_prefix="$acl_final_exec_prefix" + eval x=\"$x\" + exec_prefix="$acl_save_exec_prefix" + prefix="$acl_save_prefix" + if test "X$x" = "X$element"; then + haveit=yes + break + fi + done + if test -z "$haveit"; then + CPPFLAGS="${CPPFLAGS}${CPPFLAGS:+ }$element" + fi + done - } - }; then - LIBUNISTRING_COMPILE_UNISTR_U8_TO_U32_TRUE= - LIBUNISTRING_COMPILE_UNISTR_U8_TO_U32_FALSE='#' + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libev" >&5 +$as_echo_n "checking for libev... " >&6; } +if ${ac_cv_libev+:} false; then : + $as_echo_n "(cached) " >&6 else - LIBUNISTRING_COMPILE_UNISTR_U8_TO_U32_TRUE='#' - LIBUNISTRING_COMPILE_UNISTR_U8_TO_U32_FALSE= -fi - - - -cat >>confdefs.h <<_ACEOF -#define GNULIB_UNISTR_U8_UCTOMB 1 + ac_save_LIBS="$LIBS" + case " $LIBEV" in + *" -l"*) LIBS="$LIBS $LIBEV" ;; + *) LIBS="$LIBEV $LIBS" ;; + esac + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +ev_run(0,0); + ; + return 0; +} _ACEOF - - - - - if { test "$HAVE_LIBUNISTRING" != yes \ - || { - - - - test $LIBUNISTRING_VERSION_MAJOR -lt 0 \ - || { test $LIBUNISTRING_VERSION_MAJOR -eq 0 \ - && { test $LIBUNISTRING_VERSION_MINOR -lt 9 \ - || { test $LIBUNISTRING_VERSION_MINOR -eq 9 \ - && test $LIBUNISTRING_VERSION_SUBMINOR -lt 0 - } - } - } - - - - - } - }; then - LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB_TRUE= - LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB_FALSE='#' +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_libev=yes else - LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB_TRUE='#' - LIBUNISTRING_COMPILE_UNISTR_U8_UCTOMB_FALSE= + ac_cv_libev='no' fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LIBS="$ac_save_LIBS" +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_libev" >&5 +$as_echo "$ac_cv_libev" >&6; } + if test "$ac_cv_libev" = yes; then + HAVE_LIBEV=yes +$as_echo "#define HAVE_LIBEV 1" >>confdefs.h - - if { test "$HAVE_LIBUNISTRING" != yes \ - || { - - - - test $LIBUNISTRING_VERSION_MAJOR -lt 0 \ - || { test $LIBUNISTRING_VERSION_MAJOR -eq 0 \ - && { test $LIBUNISTRING_VERSION_MINOR -lt 9 \ - || { test $LIBUNISTRING_VERSION_MINOR -eq 9 \ - && test $LIBUNISTRING_VERSION_SUBMINOR -lt 4 - } - } - } - - - - - } - }; then - LIBUNISTRING_UNITYPES_H='unitypes.h' + { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to link with libev" >&5 +$as_echo_n "checking how to link with libev... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBEV" >&5 +$as_echo "$LIBEV" >&6; } else - LIBUNISTRING_UNITYPES_H= + HAVE_LIBEV=no + CPPFLAGS="$ac_save_CPPFLAGS" + LIBEV= + LTLIBEV= + LIBEV_PREFIX= fi - # End of code from modules - - - - - - - - gltests_libdeps= - gltests_ltlibdeps= - - - - - - - - - - gl_source_base='tests' - unistringtests_WITNESS=IN_`echo "${PACKAGE-$PACKAGE_TARNAME}" | LC_ALL=C tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ | LC_ALL=C sed -e 's/[^A-Z0-9_]/_/g'`_GNULIB_TESTS - - gl_module_indicator_condition=$unistringtests_WITNESS - - - - - +if test "$ac_cv_libev" = yes; then + LIBEV_LIBS=$LIBEV -# disable the extended test suite at tests/suite if asked, or if we are not running in git master -# Check whether --enable-full-test-suite was given. -if test "${enable_full_test_suite+set}" = set; then : - enableval=$enable_full_test_suite; full_test_suite=$enableval -else - full_test_suite=yes -fi - - -# test if we are in git master or in release build. In release -# builds we do not use valgrind. -SUITE_FILE="${srcdir}/tests/suite/mini-eagain2.c" -if test "$full_test_suite" = yes && test ! -f "$SUITE_FILE";then - full_test_suite=no -fi - - if test "$full_test_suite" = "yes"; then - WANT_TEST_SUITE_TRUE= - WANT_TEST_SUITE_FALSE='#' -else - WANT_TEST_SUITE_TRUE='#' - WANT_TEST_SUITE_FALSE= +elif test "$full_test_suite" = yes;then + as_fn_error $? "*** +*** libev4 was not found. +***" "$LINENO" 5 fi - # Check whether --enable-gcc-warnings was given. if test "${enable_gcc_warnings+set}" = set; then : enableval=$enable_gcc_warnings; case $enableval in @@ -47679,6 +53398,23 @@ $as_echo "$gl_cv_cc_uninitialized_supported" >&6; } -Waddress-of-packed-member \ -Waggressive-loop-optimizations \ -Wall \ + -Wanalyzer-double-fclose \ + -Wanalyzer-double-free \ + -Wanalyzer-exposure-through-output-file \ + -Wanalyzer-file-leak \ + -Wanalyzer-free-of-non-heap \ + -Wanalyzer-malloc-leak \ + -Wanalyzer-null-argument \ + -Wanalyzer-null-dereference \ + -Wanalyzer-possible-null-argument \ + -Wanalyzer-possible-null-dereference \ + -Wanalyzer-stale-setjmp-buffer \ + -Wanalyzer-tainted-array-index \ + -Wanalyzer-too-complex \ + -Wanalyzer-unsafe-call-within-signal-handler \ + -Wanalyzer-use-after-free \ + -Wanalyzer-use-of-pointer-in-stale-stack-frame \ + -Warith-conversion \ -Wattribute-warning \ -Wattributes \ -Wbad-function-cast \ @@ -47712,9 +53448,11 @@ $as_echo "$gl_cv_cc_uninitialized_supported" >&6; } -Wempty-body \ -Wendif-labels \ -Wenum-compare \ + -Wenum-conversion \ -Wexpansion-to-defined \ -Wextra \ -Wformat-contains-nul \ + -Wformat-diag \ -Wformat-extra-args \ -Wformat-nonliteral \ -Wformat-security \ @@ -47793,6 +53531,7 @@ $as_echo "$gl_cv_cc_uninitialized_supported" >&6; } -Wstrict-aliasing \ -Wstrict-overflow \ -Wstrict-prototypes \ + -Wstring-compare \ -Wstringop-truncation \ -Wsuggest-attribute=cold \ -Wsuggest-attribute=const \ @@ -47804,6 +53543,7 @@ $as_echo "$gl_cv_cc_uninitialized_supported" >&6; } -Wsuggest-final-types \ -Wswitch \ -Wswitch-bool \ + -Wswitch-outside-range \ -Wswitch-unreachable \ -Wsync-nand \ -Wsystem-headers \ @@ -47831,6 +53571,7 @@ $as_echo "$gl_cv_cc_uninitialized_supported" >&6; } -Wvla \ -Wvolatile-register-var \ -Wwrite-strings \ + -Wzero-length-bounds \ \ ; do gl_manywarn_set="$gl_manywarn_set $gl_manywarn_item" @@ -48192,6 +53933,47 @@ fi fi +if test "$gl_cv_opt_valgrind_tests" != no; then + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler handles -fno-builtin-strcmp" >&5 +$as_echo_n "checking whether C compiler handles -fno-builtin-strcmp... " >&6; } +if ${gl_cv_warn_c__fno_builtin_strcmp+:} false; then : + $as_echo_n "(cached) " >&6 +else + + gl_save_compiler_FLAGS="$CFLAGS" + as_fn_append CFLAGS " $gl_unknown_warnings_are_errors -fno-builtin-strcmp" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gl_cv_warn_c__fno_builtin_strcmp=yes +else + gl_cv_warn_c__fno_builtin_strcmp=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + CFLAGS="$gl_save_compiler_FLAGS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_warn_c__fno_builtin_strcmp" >&5 +$as_echo "$gl_cv_warn_c__fno_builtin_strcmp" >&6; } +if test "x$gl_cv_warn_c__fno_builtin_strcmp" = xyes; then : + as_fn_append WARN_CFLAGS " -fno-builtin-strcmp" +fi + + +fi + @@ -49304,7 +55086,7 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) lt_cv_deplibs_check_method=pass_all ;; -netbsd* | netbsdelf*-gnu) +netbsd*) if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' else @@ -50167,8 +55949,11 @@ _LT_EOF test $ac_status = 0; }; then # Now try to grab the symbols. nlist=conftest.nm - $ECHO "$as_me:$LINENO: $NM conftest.$ac_objext | $lt_cv_sys_global_symbol_pipe > $nlist" >&5 - if eval "$NM" conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist 2>&5 && test -s "$nlist"; then + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5 + (eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s "$nlist"; then # Try sorting and uniquifying the output. if sort "$nlist" | uniq > "$nlist"T; then mv -f "$nlist"T "$nlist" @@ -52735,9 +58520,6 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie openbsd* | bitrig*) with_gnu_ld=no ;; - linux* | k*bsd*-gnu | gnu*) - link_all_deplibs=no - ;; esac ld_shlibs=yes @@ -52992,7 +58774,7 @@ _LT_EOF fi ;; - netbsd* | netbsdelf*-gnu) + netbsd*) if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' wlarc= @@ -53662,7 +59444,6 @@ $as_echo "$lt_cv_irix_exported_symbol" >&6; } if test yes = "$lt_cv_irix_exported_symbol"; then archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname `test -n "$verstring" && func_echo_all "$wl-set_version $wl$verstring"` $wl-update_registry $wl$output_objdir/so_locations $wl-exports_file $wl$export_symbols -o $lib' fi - link_all_deplibs=no else archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -o $lib' archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry $output_objdir/so_locations -exports_file $export_symbols -o $lib' @@ -53684,7 +59465,7 @@ $as_echo "$lt_cv_irix_exported_symbol" >&6; } esac ;; - netbsd* | netbsdelf*-gnu) + netbsd*) if echo __ELF__ | $CC -E - | $GREP __ELF__ >/dev/null; then archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' # a.out else @@ -54779,6 +60560,9 @@ fi # before this can be enabled. hardcode_into_libs=yes + # Add ABI-specific directories to the system library path. + sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /lib /usr/lib" + # Ideally, we could use ldconfig to report *all* directores which are # searched for libraries, however this is still not possible. Aside from not # being certain /sbin/ldconfig is available, command @@ -54787,7 +60571,7 @@ fi # appending ld.so.conf contents (and includes) to the search path. if test -f /etc/ld.so.conf; then lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" + sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec $lt_ld_extra" fi # We used to test for /lib/ld.so.1 and disable shared libraries on @@ -54799,18 +60583,6 @@ fi dynamic_linker='GNU/Linux ld.so' ;; -netbsdelf*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='NetBSD ld.elf_so' - ;; - netbsd*) version_type=sunos need_lib_prefix=no @@ -56201,7 +61973,7 @@ with_gnu_ld=$lt_cv_prog_gnu_ld # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' else GXX=no @@ -56693,7 +62465,7 @@ fi # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' ;; *) if test yes = "$GXX"; then @@ -56758,7 +62530,7 @@ fi # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' ;; *) if test yes = "$GXX"; then @@ -57097,7 +62869,7 @@ fi # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' else # FIXME: insert proper C++ library support @@ -57181,7 +62953,7 @@ fi # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' else # g++ 2.7 appears to require '-G' NOT '-shared' on this # platform. @@ -57192,7 +62964,7 @@ fi # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' + output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' fi hardcode_libdir_flag_spec_CXX='$wl-R $wl$libdir' @@ -57705,7 +63477,7 @@ lt_prog_compiler_static_CXX= ;; esac ;; - netbsd* | netbsdelf*-gnu) + netbsd*) ;; *qnx* | *nto*) # QNX uses GNU C++, but need to define -shared option too, otherwise @@ -58080,9 +63852,6 @@ $as_echo_n "checking whether the $compiler linker ($LD) supports shared librarie ;; esac ;; - linux* | k*bsd*-gnu | gnu*) - link_all_deplibs_CXX=no - ;; *) export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' ;; @@ -58756,6 +64525,9 @@ fi # before this can be enabled. hardcode_into_libs=yes + # Add ABI-specific directories to the system library path. + sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /lib /usr/lib" + # Ideally, we could use ldconfig to report *all* directores which are # searched for libraries, however this is still not possible. Aside from not # being certain /sbin/ldconfig is available, command @@ -58764,7 +64536,7 @@ fi # appending ld.so.conf contents (and includes) to the search path. if test -f /etc/ld.so.conf; then lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '` - sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra" + sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec $lt_ld_extra" fi # We used to test for /lib/ld.so.1 and disable shared libraries on @@ -58776,18 +64548,6 @@ fi dynamic_linker='GNU/Linux ld.so' ;; -netbsdelf*-gnu) - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - dynamic_linker='NetBSD ld.elf_so' - ;; - netbsd*) version_type=sunos need_lib_prefix=no @@ -59161,6 +64921,8 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -59181,6 +64943,8 @@ if test "${with_libdl_prefix+set}" = set; then : eval additional_includedir=\"$includedir\" eval additional_libdir=\"$libdir\" + eval additional_libdir2=\"$exec_prefix/$acl_libdirstem2\" + eval additional_libdir3=\"$exec_prefix/$acl_libdirstem3\" exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" @@ -59188,15 +64952,19 @@ if test "${with_libdl_prefix+set}" = set; then : else additional_includedir="$withval/include" additional_libdir="$withval/$acl_libdirstem" - if test "$acl_libdirstem2" != "$acl_libdirstem" \ - && test ! -d "$withval/$acl_libdirstem"; then - additional_libdir="$withval/$acl_libdirstem2" - fi + additional_libdir2="$withval/$acl_libdirstem2" + additional_libdir3="$withval/$acl_libdirstem3" fi fi fi + if test "X$additional_libdir2" = "X$additional_libdir"; then + additional_libdir2= + fi + if test "X$additional_libdir3" = "X$additional_libdir"; then + additional_libdir3= + fi LIBDL= LTLIBDL= INCDL= @@ -59242,45 +65010,51 @@ fi shrext= fi if test $use_additional = yes; then - dir="$additional_libdir" - if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then - found_dir="$dir" - found_so="$dir/$libname$shrext" - else - if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then - ver=`(cd "$dir" && \ - for f in "$libname$shrext".*; do echo "$f"; done \ - | sed -e "s,^$libname$shrext\\\\.,," \ - | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ - | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then - found_dir="$dir" - found_so="$dir/$libname$shrext.$ver" + for additional_libdir_variable in additional_libdir additional_libdir2 additional_libdir3; do + if test "X$found_dir" = "X"; then + eval dir=\$$additional_libdir_variable + if test -n "$dir"; then + if test -n "$acl_shlibext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then + found_dir="$dir" + found_so="$dir/$libname$shrext" + else + if test "$acl_library_names_spec" = '$libname$shrext$versuffix'; then + ver=`(cd "$dir" && \ + for f in "$libname$shrext".*; do echo "$f"; done \ + | sed -e "s,^$libname$shrext\\\\.,," \ + | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ + | sed 1q ) 2>/dev/null` + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then + found_dir="$dir" + found_so="$dir/$libname$shrext.$ver" + fi + else + eval library_names=\"$acl_library_names_spec\" + for f in $library_names; do + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then + found_dir="$dir" + found_so="$dir/$f" + break + fi + done + fi + fi fi - else - eval library_names=\"$acl_library_names_spec\" - for f in $library_names; do - if test -f "$dir/$f"; then + if test "X$found_dir" = "X"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" - found_so="$dir/$f" - break + found_a="$dir/$libname.$acl_libext" fi - done + fi + if test "X$found_dir" != "X"; then + if test -f "$dir/$libname.la"; then + found_la="$dir/$libname.la" + fi + fi fi fi - fi - if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then - found_dir="$dir" - found_a="$dir/$libname.$acl_libext" - fi - fi - if test "X$found_dir" != "X"; then - if test -f "$dir/$libname.la"; then - found_la="$dir/$libname.la" - fi - fi + done fi if test "X$found_dir" = "X"; then for x in $LDFLAGS $LTLIBDL; do @@ -59297,7 +65071,7 @@ fi -L*) dir=`echo "X$x" | sed -e 's/^X-L//'` if test -n "$acl_shlibext"; then - if test -f "$dir/$libname$shrext"; then + if test -f "$dir/$libname$shrext" && acl_is_expected_elfclass < "$dir/$libname$shrext"; then found_dir="$dir" found_so="$dir/$libname$shrext" else @@ -59307,14 +65081,14 @@ fi | sed -e "s,^$libname$shrext\\\\.,," \ | sort -t '.' -n -r -k1,1 -k2,2 -k3,3 -k4,4 -k5,5 \ | sed 1q ) 2>/dev/null` - if test -n "$ver" && test -f "$dir/$libname$shrext.$ver"; then + if test -n "$ver" && test -f "$dir/$libname$shrext.$ver" && acl_is_expected_elfclass < "$dir/$libname$shrext.$ver"; then found_dir="$dir" found_so="$dir/$libname$shrext.$ver" fi else eval library_names=\"$acl_library_names_spec\" for f in $library_names; do - if test -f "$dir/$f"; then + if test -f "$dir/$f" && acl_is_expected_elfclass < "$dir/$f"; then found_dir="$dir" found_so="$dir/$f" break @@ -59324,7 +65098,7 @@ fi fi fi if test "X$found_dir" = "X"; then - if test -f "$dir/$libname.$acl_libext"; then + if test -f "$dir/$libname.$acl_libext" && ${AR-ar} -p "$dir/$libname.$acl_libext" | acl_is_expected_elfclass; then found_dir="$dir" found_a="$dir/$libname.$acl_libext" fi @@ -59346,7 +65120,8 @@ fi if test "X$found_so" != "X"; then if test "$enable_rpath" = no \ || test "X$found_dir" = "X/usr/$acl_libdirstem" \ - || test "X$found_dir" = "X/usr/$acl_libdirstem2"; then + || test "X$found_dir" = "X/usr/$acl_libdirstem2" \ + || test "X$found_dir" = "X/usr/$acl_libdirstem3"; then LIBDL="${LIBDL}${LIBDL:+ }$found_so" else haveit= @@ -59425,6 +65200,13 @@ fi fi additional_includedir="$basedir/include" ;; + */$acl_libdirstem3 | */$acl_libdirstem3/) + basedir=`echo "X$found_dir" | sed -e 's,^X,,' -e "s,/$acl_libdirstem3/"'*$,,'` + if test "$name" = 'dl'; then + LIBDL_PREFIX="$basedir" + fi + additional_includedir="$basedir/include" + ;; esac if test "X$additional_includedir" != "X"; then if test "X$additional_includedir" != "X/usr/include"; then @@ -59470,12 +65252,14 @@ fi for dep in $dependency_libs; do case "$dep" in -L*) - additional_libdir=`echo "X$dep" | sed -e 's/^X-L//'` - if test "X$additional_libdir" != "X/usr/$acl_libdirstem" \ - && test "X$additional_libdir" != "X/usr/$acl_libdirstem2"; then + dependency_libdir=`echo "X$dep" | sed -e 's/^X-L//'` + if test "X$dependency_libdir" != "X/usr/$acl_libdirstem" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem2" \ + && test "X$dependency_libdir" != "X/usr/$acl_libdirstem3"; then haveit= - if test "X$additional_libdir" = "X/usr/local/$acl_libdirstem" \ - || test "X$additional_libdir" = "X/usr/local/$acl_libdirstem2"; then + if test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem2" \ + || test "X$dependency_libdir" = "X/usr/local/$acl_libdirstem3"; then if test -n "$GCC"; then case $host_os in linux* | gnu* | k*bsd*-gnu) haveit=yes;; @@ -59494,14 +65278,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LIBDL="${LIBDL}${LIBDL:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LIBDL="${LIBDL}${LIBDL:+ }-L$dependency_libdir" fi fi haveit= @@ -59515,14 +65299,14 @@ fi exec_prefix="$acl_save_exec_prefix" prefix="$acl_save_prefix" - if test "X$x" = "X-L$additional_libdir"; then + if test "X$x" = "X-L$dependency_libdir"; then haveit=yes break fi done if test -z "$haveit"; then - if test -d "$additional_libdir"; then - LTLIBDL="${LTLIBDL}${LTLIBDL:+ }-L$additional_libdir" + if test -d "$dependency_libdir"; then + LTLIBDL="${LTLIBDL}${LTLIBDL:+ }-L$dependency_libdir" fi fi fi @@ -59833,80 +65617,91 @@ idna_support=no with_libidn2=no if test "$try_libidn2" = yes;then - save_LIBS=$LIBS - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing idn2_lookup_u8" >&5 -$as_echo_n "checking for library containing idn2_lookup_u8... " >&6; } -if ${ac_cv_search_idn2_lookup_u8+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_func_search_save_LIBS=$LIBS -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char idn2_lookup_u8 (); -int -main () -{ -return idn2_lookup_u8 (); - ; - return 0; -} -_ACEOF -for ac_lib in '' idn2; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - if ac_fn_c_try_link "$LINENO"; then : - ac_cv_search_idn2_lookup_u8=$ac_res +pkg_failed=no +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for LIBIDN2" >&5 +$as_echo_n "checking for LIBIDN2... " >&6; } + +if test -n "$LIBIDN2_CFLAGS"; then + pkg_cv_LIBIDN2_CFLAGS="$LIBIDN2_CFLAGS" + elif test -n "$PKG_CONFIG"; then + if test -n "$PKG_CONFIG" && \ + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libidn2 >= 2.0.0\""; } >&5 + ($PKG_CONFIG --exists --print-errors "libidn2 >= 2.0.0") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + pkg_cv_LIBIDN2_CFLAGS=`$PKG_CONFIG --cflags "libidn2 >= 2.0.0" 2>/dev/null` + test "x$?" != "x0" && pkg_failed=yes +else + pkg_failed=yes fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext - if ${ac_cv_search_idn2_lookup_u8+:} false; then : - break + else + pkg_failed=untried fi -done -if ${ac_cv_search_idn2_lookup_u8+:} false; then : - +if test -n "$LIBIDN2_LIBS"; then + pkg_cv_LIBIDN2_LIBS="$LIBIDN2_LIBS" + elif test -n "$PKG_CONFIG"; then + if test -n "$PKG_CONFIG" && \ + { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libidn2 >= 2.0.0\""; } >&5 + ($PKG_CONFIG --exists --print-errors "libidn2 >= 2.0.0") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + pkg_cv_LIBIDN2_LIBS=`$PKG_CONFIG --libs "libidn2 >= 2.0.0" 2>/dev/null` + test "x$?" != "x0" && pkg_failed=yes else - ac_cv_search_idn2_lookup_u8=no + pkg_failed=yes fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS + else + pkg_failed=untried fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_idn2_lookup_u8" >&5 -$as_echo "$ac_cv_search_idn2_lookup_u8" >&6; } -ac_res=$ac_cv_search_idn2_lookup_u8 -if test "$ac_res" != no; then : - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - with_libidn2=yes; - idna_support="IDNA 2008 (libidn2)" -$as_echo "#define HAVE_LIBIDN2 1" >>confdefs.h +if test $pkg_failed = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } - LIBIDN2_LIBS=-lidn2 +if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then + _pkg_short_errors_supported=yes +else + _pkg_short_errors_supported=no +fi + if test $_pkg_short_errors_supported = yes; then + LIBIDN2_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libidn2 >= 2.0.0" 2>&1` + else + LIBIDN2_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libidn2 >= 2.0.0" 2>&1` + fi + # Put the nasty error message in config.log where it belongs + echo "$LIBIDN2_PKG_ERRORS" >&5 + with_libidn2=no +elif test $pkg_failed = untried; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + with_libidn2=no else + LIBIDN2_CFLAGS=$pkg_cv_LIBIDN2_CFLAGS + LIBIDN2_LIBS=$pkg_cv_LIBIDN2_LIBS + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + with_libidn2=yes +fi + if test "${with_libidn2}" = "yes";then + idna_support="IDNA 2008 (libidn2)" - with_libidn2=no; +$as_echo "#define HAVE_LIBIDN2 1" >>confdefs.h + + if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then + GNUTLS_REQUIRES_PRIVATE="Requires.private: libidn2" + else + GNUTLS_REQUIRES_PRIVATE="${GNUTLS_REQUIRES_PRIVATE}, libidn2" + fi + else { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** LIBIDN2 was not found. You will not be able to use IDN2008 support" >&5 $as_echo "$as_me: WARNING: *** LIBIDN2 was not found. You will not be able to use IDN2008 support" >&2;} - -fi - - LIBS=$save_LIBS -else - with_libidn2=no + fi fi if test "$with_libidn2" != "no"; then @@ -59918,6 +65713,30 @@ else fi +if test "x$have_vista_dynamic" = "xno"; then + ac_fn_c_check_type "$LINENO" "BCRYPT_ALG_HANDLE" "ac_cv_type_BCRYPT_ALG_HANDLE" "#include + #include +" +if test "x$ac_cv_type_BCRYPT_ALG_HANDLE" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_BCRYPT_ALG_HANDLE 1 +_ACEOF + +LIBBCRYPT="-lbcrypt" +fi + +fi + if test "$ac_cv_type_BCRYPT_ALG_HANDLE" = "yes"; then + HAVE_BCRYPT_TRUE= + HAVE_BCRYPT_FALSE='#' +else + HAVE_BCRYPT_TRUE='#' + HAVE_BCRYPT_FALSE= +fi + + + # Check whether --enable-non-suiteb-curves was given. if test "${enable_non_suiteb_curves+set}" = set; then : enableval=$enable_non_suiteb_curves; enable_non_suiteb=$enableval @@ -59927,9 +65746,9 @@ fi if test "$enable_non_suiteb" = "yes";then - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for nettle_secp_192r1 in -lhogweed" >&5 -$as_echo_n "checking for nettle_secp_192r1 in -lhogweed... " >&6; } -if ${ac_cv_lib_hogweed_nettle_secp_192r1+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for nettle_get_secp_192r1 in -lhogweed" >&5 +$as_echo_n "checking for nettle_get_secp_192r1 in -lhogweed... " >&6; } +if ${ac_cv_lib_hogweed_nettle_get_secp_192r1+:} false; then : $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS @@ -59943,27 +65762,27 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext #ifdef __cplusplus extern "C" #endif -char nettle_secp_192r1 (); +char nettle_get_secp_192r1 (); int main () { -return nettle_secp_192r1 (); +return nettle_get_secp_192r1 (); ; return 0; } _ACEOF if ac_fn_c_try_link "$LINENO"; then : - ac_cv_lib_hogweed_nettle_secp_192r1=yes + ac_cv_lib_hogweed_nettle_get_secp_192r1=yes else - ac_cv_lib_hogweed_nettle_secp_192r1=no + ac_cv_lib_hogweed_nettle_get_secp_192r1=no fi rm -f core conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_hogweed_nettle_secp_192r1" >&5 -$as_echo "$ac_cv_lib_hogweed_nettle_secp_192r1" >&6; } -if test "x$ac_cv_lib_hogweed_nettle_secp_192r1" = xyes; then : +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_hogweed_nettle_get_secp_192r1" >&5 +$as_echo "$ac_cv_lib_hogweed_nettle_get_secp_192r1" >&6; } +if test "x$ac_cv_lib_hogweed_nettle_get_secp_192r1" = xyes; then : enable_non_suiteb=yes else enable_non_suiteb=no @@ -60005,6 +65824,13 @@ done LIBS=$save_LIBS # Check if nettle has CFB8 support +if test -z "$ac_cv_func_nettle_cfb8_encrypt"; then + # nettle_cfb8_decrypt in nettle upto 3.6 is known to be broken + if ! $PKG_CONFIG --atleast-version=3.6 nettle; then + ac_cv_func_nettle_cfb8_encrypt=no + fi +fi + save_LIBS=$LIBS LIBS="$LIBS $NETTLE_LIBS" for ac_func in nettle_cfb8_encrypt @@ -60019,8 +65845,31 @@ fi done LIBS=$save_LIBS + if test "$ac_cv_func_nettle_cfb8_encrypt" != "yes"; then + NEED_CFB_TRUE= + NEED_CFB_FALSE='#' +else + NEED_CFB_TRUE='#' + NEED_CFB_FALSE= +fi + # Check if nettle has CMAC support +save_CFLAGS=$CFLAGS +CFLAGS="$CFLAGS $NETTLE_CFLAGS" +ac_fn_c_check_type "$LINENO" "union nettle_block8" "ac_cv_type_union_nettle_block8" "#include +" +if test "x$ac_cv_type_union_nettle_block8" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE_UNION_NETTLE_BLOCK8 1 +_ACEOF + + +fi + +CFLAGS=$save_CFLAGS + save_LIBS=$LIBS LIBS="$LIBS $NETTLE_LIBS" for ac_func in nettle_cmac128_update @@ -60035,22 +65884,277 @@ fi done LIBS=$save_LIBS + if test "$ac_cv_func_nettle_cmac128_update" != "yes"; then + NEED_CMAC_TRUE= + NEED_CMAC_FALSE='#' +else + NEED_CMAC_TRUE='#' + NEED_CMAC_FALSE= +fi + # Check if nettle has XTS support save_LIBS=$LIBS LIBS="$LIBS $NETTLE_LIBS" -for ac_func in xts_encrypt_message +for ac_func in nettle_xts_encrypt_message do : - ac_fn_c_check_func "$LINENO" "xts_encrypt_message" "ac_cv_func_xts_encrypt_message" -if test "x$ac_cv_func_xts_encrypt_message" = xyes; then : + ac_fn_c_check_func "$LINENO" "nettle_xts_encrypt_message" "ac_cv_func_nettle_xts_encrypt_message" +if test "x$ac_cv_func_nettle_xts_encrypt_message" = xyes; then : cat >>confdefs.h <<_ACEOF -#define HAVE_XTS_ENCRYPT_MESSAGE 1 +#define HAVE_NETTLE_XTS_ENCRYPT_MESSAGE 1 _ACEOF fi done LIBS=$save_LIBS + if test "$ac_cv_func_nettle_xts_encrypt_message" != "yes"; then + NEED_XTS_TRUE= + NEED_XTS_FALSE='#' +else + NEED_XTS_TRUE='#' + NEED_XTS_FALSE= +fi + + +# Check for Gosthash94 with CryptoPro S-box support +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +for ac_func in nettle_gosthash94cp_update +do : + ac_fn_c_check_func "$LINENO" "nettle_gosthash94cp_update" "ac_cv_func_nettle_gosthash94cp_update" +if test "x$ac_cv_func_nettle_gosthash94cp_update" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_NETTLE_GOSTHASH94CP_UPDATE 1 +_ACEOF + +fi +done + +LIBS=$save_LIBS + +# Check for GOST28147 +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +for ac_func in nettle_gost28147_set_key +do : + ac_fn_c_check_func "$LINENO" "nettle_gost28147_set_key" "ac_cv_func_nettle_gost28147_set_key" +if test "x$ac_cv_func_nettle_gost28147_set_key" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_NETTLE_GOST28147_SET_KEY 1 +_ACEOF + +fi +done + +LIBS=$save_LIBS + +# Check for Streebog support +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +for ac_func in nettle_streebog512_update +do : + ac_fn_c_check_func "$LINENO" "nettle_streebog512_update" "ac_cv_func_nettle_streebog512_update" +if test "x$ac_cv_func_nettle_streebog512_update" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_NETTLE_STREEBOG512_UPDATE 1 +_ACEOF + +fi +done + +LIBS=$save_LIBS + +# Check for Curve448 and Ed448 +have_new_ecc=yes +save_LIBS=$LIBS +LIBS="$LIBS $HOGWEED_LIBS $NETTLE_LIBS" +for ac_func in nettle_curve448_mul nettle_ed448_shake256_sign nettle_get_gost_gc256b nettle_get_gost_gc512a nettle_gostdsa_sign +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +else + have_new_ecc=no +fi +done + +LIBS=$save_LIBS +if test "$have_new_ecc" != "yes"; then : + +$as_echo "#define NEED_INT_ECC 1" >>confdefs.h + +fi + if test "$have_new_ecc" != "yes"; then + NEED_INT_ECC_TRUE= + NEED_INT_ECC_FALSE='#' +else + NEED_INT_ECC_TRUE='#' + NEED_INT_ECC_FALSE= +fi + + +# Check if nettle has ChaCha20 initial block counter support +have_chacha_set_counter=no +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +for ac_func in nettle_chacha_set_counter +do : + ac_fn_c_check_func "$LINENO" "nettle_chacha_set_counter" "ac_cv_func_nettle_chacha_set_counter" +if test "x$ac_cv_func_nettle_chacha_set_counter" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_NETTLE_CHACHA_SET_COUNTER 1 +_ACEOF + have_chacha_set_counter=yes +fi +done + +LIBS=$save_LIBS + if test "$have_chacha_set_counter" != "yes"; then + NEED_CHACHA_TRUE= + NEED_CHACHA_FALSE='#' +else + NEED_CHACHA_TRUE='#' + NEED_CHACHA_FALSE= +fi + + +# Check for SIV-CMAC +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +for ac_func in nettle_siv_cmac_aes128_set_key +do : + ac_fn_c_check_func "$LINENO" "nettle_siv_cmac_aes128_set_key" "ac_cv_func_nettle_siv_cmac_aes128_set_key" +if test "x$ac_cv_func_nettle_siv_cmac_aes128_set_key" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_NETTLE_SIV_CMAC_AES128_SET_KEY 1 +_ACEOF + +fi +done + +LIBS=$save_LIBS + if test "$ac_cv_func_nettle_siv_cmac_aes128_set_key" != "yes"; then + NEED_SIV_TRUE= + NEED_SIV_FALSE='#' +else + NEED_SIV_TRUE='#' + NEED_SIV_FALSE= +fi + + +# Check sonames of the linked libraries needed for FIPS selftests. +save_LIBS=$LIBS +LIBS="$LIBS $GMP_LIBS" +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking gmp soname" >&5 +$as_echo_n "checking gmp soname... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + gmp_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libgmp\.so'` +else + gmp_so=none +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +if test -z "$gmp_so"; then + gmp_so=none +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $gmp_so" >&5 +$as_echo "$gmp_so" >&6; } + +cat >>confdefs.h <<_ACEOF +#define GMP_LIBRARY_SONAME "$gmp_so" +_ACEOF + +LIBS=$save_LIBS + +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking nettle soname" >&5 +$as_echo_n "checking nettle soname... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + nettle_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libnettle\.so'` +else + nettle_so=none +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +if test -z "$nettle_so"; then + nettle_so=none +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $nettle_so" >&5 +$as_echo "$nettle_so" >&6; } + +cat >>confdefs.h <<_ACEOF +#define NETTLE_LIBRARY_SONAME "$nettle_so" +_ACEOF + +LIBS=$save_LIBS + +save_LIBS=$LIBS +LIBS="$LIBS $HOGWEED_LIBS" +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking hogweed soname" >&5 +$as_echo_n "checking hogweed soname... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + hogweed_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libhogweed\.so'` +else + hogweed_so=none +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +if test -z "$hogweed_so"; then + hogweed_so=none +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $hogweed_so" >&5 +$as_echo "$hogweed_so" >&6; } + +cat >>confdefs.h <<_ACEOF +#define HOGWEED_LIBRARY_SONAME "$hogweed_so" +_ACEOF + +LIBS=$save_LIBS + +gnutls_so=libgnutls.so.`expr "$LT_CURRENT" - "$LT_AGE"` + +cat >>confdefs.h <<_ACEOF +#define GNUTLS_LIBRARY_SONAME "$gnutls_so" +_ACEOF { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build libdane" >&5 @@ -60148,19 +66252,33 @@ cat >>confdefs.h <<_ACEOF _ACEOF +system_config_file="/etc/gnutls/config" # Check whether --with-system-priority-file was given. if test "${with_system_priority_file+set}" = set; then : - withval=$with_system_priority_file; system_priority_file="$withval" -else - system_priority_file="/etc/gnutls/default-priorities" + withval=$with_system_priority_file; system_config_file="$withval" fi + if test -z "${system_config_file}"; then + DISABLE_SYSTEM_CONFIG_TRUE= + DISABLE_SYSTEM_CONFIG_FALSE='#' +else + DISABLE_SYSTEM_CONFIG_TRUE='#' + DISABLE_SYSTEM_CONFIG_FALSE= +fi + + +if test -z "${system_config_file}";then + +$as_echo "#define DISABLE_SYSTEM_CONFIG 1" >>confdefs.h + +fi + cat >>confdefs.h <<_ACEOF -#define SYSTEM_PRIORITY_FILE "$system_priority_file" +#define SYSTEM_PRIORITY_FILE "$system_config_file" _ACEOF @@ -60449,7 +66567,7 @@ $as_echo "$as_me: WARNING: *** *** autogen not found. Will not link against system libopts. *** " >&2;} - enable_local_libopts=yes + included_libopts=yes fi @@ -60699,7 +66817,13 @@ fi done - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working stdnoreturn.h" >&5 + + case "$host_os" in + cygwin*) + STDNORETURN_H='stdnoreturn.h' + ;; + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working stdnoreturn.h" >&5 $as_echo_n "checking for working stdnoreturn.h... " >&6; } if ${gl_cv_header_working_stdnoreturn_h+:} false; then : $as_echo_n "(cached) " >&6 @@ -60707,18 +66831,19 @@ else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include - #include - /* Do not check for 'noreturn' after the return type. - C11 allows it, but it's rarely done that way - and circa-2012 bleeding-edge GCC rejects it when given - -Werror=old-style-declaration. */ - noreturn void foo1 (void) { exit (0); } - _Noreturn void foo2 (void) { exit (0); } - int testit (int argc, char **argv) { - if (argc & 1) - return 0; - (argv[0][0] ? foo1 : foo2) (); - } + #include + /* Do not check for 'noreturn' after the return type. + C11 allows it, but it's rarely done that way + and circa-2012 bleeding-edge GCC rejects it when given + -Werror=old-style-declaration. */ + noreturn void foo1 (void) { exit (0); } + _Noreturn void foo2 (void) { exit (0); } + int testit (int argc, char **argv) + { + if (argc & 1) + return 0; + (argv[0][0] ? foo1 : foo2) (); + } int main () @@ -60737,13 +66862,13 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_working_stdnoreturn_h" >&5 $as_echo "$gl_cv_header_working_stdnoreturn_h" >&6; } - - if test $gl_cv_header_working_stdnoreturn_h = yes; then - STDNORETURN_H='' - else - STDNORETURN_H='stdnoreturn.h' - fi - + if test $gl_cv_header_working_stdnoreturn_h = yes; then + STDNORETURN_H='' + else + STDNORETURN_H='stdnoreturn.h' + fi + ;; + esac if test -n "$STDNORETURN_H"; then GL_GENERATE_STDNORETURN_H_TRUE= @@ -61499,6 +67624,7 @@ $as_echo "$ac_cv_path_SED" >&6; } while : do + test -x "$POSIX_SHELL" && break POSIX_SHELL=`which bash` test -x "$POSIX_SHELL" && break POSIX_SHELL=`which dash` @@ -62132,7 +68258,13 @@ $as_echo "#define NO_OPTIONAL_OPT_ARGS 1" >>confdefs.h else # Need to ensure the relevant conditionals get set - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working stdnoreturn.h" >&5 + + case "$host_os" in + cygwin*) + STDNORETURN_H='stdnoreturn.h' + ;; + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for working stdnoreturn.h" >&5 $as_echo_n "checking for working stdnoreturn.h... " >&6; } if ${gl_cv_header_working_stdnoreturn_h+:} false; then : $as_echo_n "(cached) " >&6 @@ -62140,18 +68272,19 @@ else cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include - #include - /* Do not check for 'noreturn' after the return type. - C11 allows it, but it's rarely done that way - and circa-2012 bleeding-edge GCC rejects it when given - -Werror=old-style-declaration. */ - noreturn void foo1 (void) { exit (0); } - _Noreturn void foo2 (void) { exit (0); } - int testit (int argc, char **argv) { - if (argc & 1) - return 0; - (argv[0][0] ? foo1 : foo2) (); - } + #include + /* Do not check for 'noreturn' after the return type. + C11 allows it, but it's rarely done that way + and circa-2012 bleeding-edge GCC rejects it when given + -Werror=old-style-declaration. */ + noreturn void foo1 (void) { exit (0); } + _Noreturn void foo2 (void) { exit (0); } + int testit (int argc, char **argv) + { + if (argc & 1) + return 0; + (argv[0][0] ? foo1 : foo2) (); + } int main () @@ -62170,13 +68303,13 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_header_working_stdnoreturn_h" >&5 $as_echo "$gl_cv_header_working_stdnoreturn_h" >&6; } - - if test $gl_cv_header_working_stdnoreturn_h = yes; then - STDNORETURN_H='' - else - STDNORETURN_H='stdnoreturn.h' - fi - + if test $gl_cv_header_working_stdnoreturn_h = yes; then + STDNORETURN_H='' + else + STDNORETURN_H='stdnoreturn.h' + fi + ;; + esac if test -n "$STDNORETURN_H"; then GL_GENERATE_STDNORETURN_H_TRUE= @@ -62459,6 +68592,7 @@ fi +maybe_guileextensiondir="\"$guileextensiondir\"" if test "$opt_guile_bindings" = "yes"; then { $as_echo "$as_me:${as_lineno-$LINENO}: result: *** @@ -62675,7 +68809,7 @@ $as_echo "no" >&6; } PKG_CONFIG="" fi fi - _guile_versions_to_search="2.2 2.0 1.8" + _guile_versions_to_search="3.0 2.2 2.0 1.8" if test -n "$GUILE_EFFECTIVE_VERSION"; then _guile_tmp="" for v in $_guile_versions_to_search; do @@ -63111,7 +69245,8 @@ fi if test -n "$next"; then dir="$next" if test "X$dir" != "X/usr/$acl_libdirstem" \ - && test "X$dir" != "X/usr/$acl_libdirstem2"; then + && test "X$dir" != "X/usr/$acl_libdirstem2" \ + && test "X$dir" != "X/usr/$acl_libdirstem3"; then rpathdirs="$rpathdirs $dir" fi next= @@ -63120,7 +69255,8 @@ fi -L) next=yes ;; -L*) dir=`echo "X$opt" | sed -e 's,^X-L,,'` if test "X$dir" != "X/usr/$acl_libdirstem" \ - && test "X$dir" != "X/usr/$acl_libdirstem2"; then + && test "X$dir" != "X/usr/$acl_libdirstem2" \ + && test "X$dir" != "X/usr/$acl_libdirstem3"; then rpathdirs="$rpathdirs $dir" fi next= ;; @@ -63172,7 +69308,8 @@ fi if test -n "$next"; then dir="$next" if test "X$dir" != "X/usr/$acl_libdirstem" \ - && test "X$dir" != "X/usr/$acl_libdirstem2"; then + && test "X$dir" != "X/usr/$acl_libdirstem2" \ + && test "X$dir" != "X/usr/$acl_libdirstem3"; then rpathdirs="$rpathdirs $dir" fi next= @@ -63181,7 +69318,8 @@ fi -L) next=yes ;; -L*) dir=`echo "X$opt" | sed -e 's,^X-L,,'` if test "X$dir" != "X/usr/$acl_libdirstem" \ - && test "X$dir" != "X/usr/$acl_libdirstem2"; then + && test "X$dir" != "X/usr/$acl_libdirstem2" \ + && test "X$dir" != "X/usr/$acl_libdirstem3"; then rpathdirs="$rpathdirs $dir" fi next= ;; @@ -63331,6 +69469,14 @@ done CFLAGS="$save_CFLAGS" LIBS="$save_LIBS" + + # Do we need to hard-code $guileextensiondir in gnutls.scm? + # This is not necessary when $guileextensiondir is equal to + # Guile's 'extensiondir' as specified in 'guile-MAJOR.MINOR.pc'. + if test "$guileextensiondir" = "`$PKG_CONFIG guile-$GUILE_EFFECTIVE_VERSION --variable extensiondir`" \ + || test "$guileextensiondir" = '$(GUILE_EXTENSION)'; then + maybe_guileextensiondir='#f' + fi else { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 $as_echo "no" >&6; } @@ -63341,6 +69487,7 @@ $as_echo "$as_me: WARNING: A sufficiently recent GNU Guile not found. Guile bin fi fi + if test "$opt_guile_bindings" = "yes"; then HAVE_GUILE_TRUE= HAVE_GUILE_FALSE='#' @@ -63357,6 +69504,14 @@ else HAVE_GUILD_FALSE= fi + if test "x$cross_compiling" = "xyes"; then + CROSS_COMPILING_TRUE= + CROSS_COMPILING_FALSE='#' +else + CROSS_COMPILING_TRUE='#' + CROSS_COMPILING_FALSE= +fi + LIBGNUTLS_LIBS="-L${libdir} -lgnutls $LIBS" LIBGNUTLS_CFLAGS="-I${includedir}" @@ -63386,11 +69541,24 @@ $as_echo "#define fread_file _gnutls_fread_file" >>confdefs.h $as_echo "#define read_file _gnutls_read_file" >>confdefs.h -$as_echo "#define read_binary_file _gnutls_read_binary_file" >>confdefs.h + +$as_echo "#define INI_MAX_LINE 2048" >>confdefs.h + + +$as_echo "#define INI_ALLOW_INLINE_COMMENTS 1" >>confdefs.h + + +$as_echo "#define INI_STOP_ON_FIRST_ERROR 1" >>confdefs.h -YEAR=`date +%Y` -YEAR=$YEAR +cat >>confdefs.h <<_ACEOF +#define INI_INLINE_COMMENT_PREFIXES ";#" +_ACEOF + + +cat >>confdefs.h <<_ACEOF +#define INI_START_COMMENT_PREFIXES ";#" +_ACEOF ac_config_files="$ac_config_files guile/pre-inst-guile" @@ -63615,6 +69783,10 @@ if test -z "${HAVE_GCC_TRUE}" && test -z "${HAVE_GCC_FALSE}"; then as_fn_error $? "conditional \"HAVE_GCC\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${HAVE_KERN_ARND_TRUE}" && test -z "${HAVE_KERN_ARND_FALSE}"; then + as_fn_error $? "conditional \"HAVE_KERN_ARND\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${HAVE_GETENTROPY_TRUE}" && test -z "${HAVE_GETENTROPY_FALSE}"; then as_fn_error $? "conditional \"HAVE_GETENTROPY\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 @@ -63627,6 +69799,10 @@ if test -z "${ENABLE_MINITASN1_TRUE}" && test -z "${ENABLE_MINITASN1_FALSE}"; th as_fn_error $? "conditional \"ENABLE_MINITASN1\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${STRICT_DER_TIME_TRUE}" && test -z "${STRICT_DER_TIME_FALSE}"; then + as_fn_error $? "conditional \"STRICT_DER_TIME\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${ALLOW_SHA1_TRUE}" && test -z "${ALLOW_SHA1_FALSE}"; then as_fn_error $? "conditional \"ALLOW_SHA1\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 @@ -63752,6 +69928,18 @@ if test -z "${GL_GENERATE_FLOAT_H_TRUE}" && test -z "${GL_GENERATE_FLOAT_H_FALSE as_fn_error $? "conditional \"GL_GENERATE_FLOAT_H\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${GL_GENERATE_LIMITS_H_TRUE}" && test -z "${GL_GENERATE_LIMITS_H_FALSE}"; then + as_fn_error $? "conditional \"GL_GENERATE_LIMITS_H\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${GL_GENERATE_LIMITS_H_TRUE}" && test -z "${GL_GENERATE_LIMITS_H_FALSE}"; then + as_fn_error $? "conditional \"GL_GENERATE_LIMITS_H\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${GL_GENERATE_STDINT_H_TRUE}" && test -z "${GL_GENERATE_STDINT_H_FALSE}"; then + as_fn_error $? "conditional \"GL_GENERATE_STDINT_H\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${HAVE_LD_OUTPUT_DEF_TRUE}" && test -z "${HAVE_LD_OUTPUT_DEF_FALSE}"; then as_fn_error $? "conditional \"HAVE_LD_OUTPUT_DEF\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 @@ -63760,10 +69948,6 @@ if test -z "${HAVE_LD_VERSION_SCRIPT_TRUE}" && test -z "${HAVE_LD_VERSION_SCRIPT as_fn_error $? "conditional \"HAVE_LD_VERSION_SCRIPT\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${GL_GENERATE_LIMITS_H_TRUE}" && test -z "${GL_GENERATE_LIMITS_H_FALSE}"; then - as_fn_error $? "conditional \"GL_GENERATE_LIMITS_H\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi CONFIG_INCLUDE=config.h if test -z "${GL_GENERATE_NETINET_IN_H_TRUE}" && test -z "${GL_GENERATE_NETINET_IN_H_FALSE}"; then @@ -63782,14 +69966,6 @@ if test -z "${GL_GENERATE_STDDEF_H_TRUE}" && test -z "${GL_GENERATE_STDDEF_H_FAL as_fn_error $? "conditional \"GL_GENERATE_STDDEF_H\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${GL_GENERATE_LIMITS_H_TRUE}" && test -z "${GL_GENERATE_LIMITS_H_FALSE}"; then - as_fn_error $? "conditional \"GL_GENERATE_LIMITS_H\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi -if test -z "${GL_GENERATE_STDINT_H_TRUE}" && test -z "${GL_GENERATE_STDINT_H_FALSE}"; then - as_fn_error $? "conditional \"GL_GENERATE_STDINT_H\" was never defined. -Usually this means the macro was only invoked conditionally." "$LINENO" 5 -fi gl_libobjs= @@ -64237,6 +70413,10 @@ if test -z "${WANT_TEST_SUITE_TRUE}" && test -z "${WANT_TEST_SUITE_FALSE}"; then as_fn_error $? "conditional \"WANT_TEST_SUITE\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${ENABLE_OLDGNUTLS_INTEROP_TRUE}" && test -z "${ENABLE_OLDGNUTLS_INTEROP_FALSE}"; then + as_fn_error $? "conditional \"ENABLE_OLDGNUTLS_INTEROP\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${ENABLE_FIPS140_TRUE}" && test -z "${ENABLE_FIPS140_FALSE}"; then as_fn_error $? "conditional \"ENABLE_FIPS140\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 @@ -64249,14 +70429,46 @@ if test -z "${HAVE_LIBIDN2_TRUE}" && test -z "${HAVE_LIBIDN2_FALSE}"; then as_fn_error $? "conditional \"HAVE_LIBIDN2\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${HAVE_BCRYPT_TRUE}" && test -z "${HAVE_BCRYPT_FALSE}"; then + as_fn_error $? "conditional \"HAVE_BCRYPT\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${ENABLE_NON_SUITEB_CURVES_TRUE}" && test -z "${ENABLE_NON_SUITEB_CURVES_FALSE}"; then as_fn_error $? "conditional \"ENABLE_NON_SUITEB_CURVES\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${NEED_CFB_TRUE}" && test -z "${NEED_CFB_FALSE}"; then + as_fn_error $? "conditional \"NEED_CFB\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${NEED_CMAC_TRUE}" && test -z "${NEED_CMAC_FALSE}"; then + as_fn_error $? "conditional \"NEED_CMAC\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${NEED_XTS_TRUE}" && test -z "${NEED_XTS_FALSE}"; then + as_fn_error $? "conditional \"NEED_XTS\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${NEED_INT_ECC_TRUE}" && test -z "${NEED_INT_ECC_FALSE}"; then + as_fn_error $? "conditional \"NEED_INT_ECC\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${NEED_CHACHA_TRUE}" && test -z "${NEED_CHACHA_FALSE}"; then + as_fn_error $? "conditional \"NEED_CHACHA\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${NEED_SIV_TRUE}" && test -z "${NEED_SIV_FALSE}"; then + as_fn_error $? "conditional \"NEED_SIV\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${ENABLE_DANE_TRUE}" && test -z "${ENABLE_DANE_FALSE}"; then as_fn_error $? "conditional \"ENABLE_DANE\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${DISABLE_SYSTEM_CONFIG_TRUE}" && test -z "${DISABLE_SYSTEM_CONFIG_FALSE}"; then + as_fn_error $? "conditional \"DISABLE_SYSTEM_CONFIG\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${P11KIT_0_23_11_API_TRUE}" && test -z "${P11KIT_0_23_11_API_FALSE}"; then as_fn_error $? "conditional \"P11KIT_0_23_11_API\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 @@ -64305,6 +70517,10 @@ if test -z "${HAVE_GUILD_TRUE}" && test -z "${HAVE_GUILD_FALSE}"; then as_fn_error $? "conditional \"HAVE_GUILD\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${CROSS_COMPILING_TRUE}" && test -z "${CROSS_COMPILING_FALSE}"; then + as_fn_error $? "conditional \"CROSS_COMPILING\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${NEEDS_LIBRT_TRUE}" && test -z "${NEEDS_LIBRT_FALSE}"; then as_fn_error $? "conditional \"NEEDS_LIBRT\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 @@ -64706,7 +70922,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by GnuTLS $as_me 3.6.8, which was +This file was extended by GnuTLS $as_me 3.6.14, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -64776,7 +70992,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -GnuTLS config.status 3.6.8 +GnuTLS config.status 3.6.14 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" @@ -65298,6 +71514,7 @@ do "depfiles") CONFIG_COMMANDS="$CONFIG_COMMANDS depfiles" ;; "po-directories") CONFIG_COMMANDS="$CONFIG_COMMANDS po-directories" ;; "$GNUmakefile") CONFIG_LINKS="$CONFIG_LINKS $GNUmakefile:$GNUmakefile" ;; + "ldd.sh") CONFIG_FILES="$CONFIG_FILES ldd.sh:build-aux/ldd.sh.in" ;; "libtool") CONFIG_COMMANDS="$CONFIG_COMMANDS libtool" ;; "src/libopts/Makefile") CONFIG_FILES="$CONFIG_FILES src/libopts/Makefile" ;; "guile/pre-inst-guile") CONFIG_FILES="$CONFIG_FILES guile/pre-inst-guile" ;; @@ -66197,6 +72414,7 @@ See \`config.log' for more details" "$LINENO" 5; } cat <<_LT_EOF >> "$cfgfile" #! $SHELL # Generated automatically by $as_me ($PACKAGE) $VERSION +# Libtool was configured on host `(hostname || uname -n) 2>/dev/null | sed 1q`: # NOTE: Changes made to this file will be lost: look at ltmain.sh. # Provide generalized library-building support services. @@ -67011,6 +73229,7 @@ if features are disabled) IDNA support: $idna_support Non-SuiteB curves: $enable_non_suiteb FIPS140 mode: $enable_fips + Strict DER time: $ac_strict_der_time " >&5 $as_echo "$as_me: Optional features: (note that included applications might not compile properly @@ -67032,6 +73251,7 @@ if features are disabled) IDNA support: $idna_support Non-SuiteB curves: $enable_non_suiteb FIPS140 mode: $enable_fips + Strict DER time: $ac_strict_der_time " >&6;} { $as_echo "$as_me:${as_lineno-$LINENO}: Optional libraries: @@ -67056,7 +73276,7 @@ $as_echo "$as_me: Optional libraries: Trust store file: $with_default_trust_store_file Blacklist file: $with_default_blacklist_file CRL file: $with_default_crl_file - Priority file: $system_priority_file + Configuration file: $system_config_file DNSSEC root key file: $unbound_root_key_file " >&5 $as_echo "$as_me: System files: @@ -67066,7 +73286,7 @@ $as_echo "$as_me: System files: Trust store file: $with_default_trust_store_file Blacklist file: $with_default_blacklist_file CRL file: $with_default_crl_file - Priority file: $system_priority_file + Configuration file: $system_config_file DNSSEC root key file: $unbound_root_key_file " >&6;} diff --git a/configure.ac b/configure.ac index 2112606..d59553b 100644 --- a/configure.ac +++ b/configure.ac @@ -1,5 +1,5 @@ dnl Process this file with autoconf to produce a configure script. -# Copyright (C) 2000-2012, 2016 Free Software Foundation, Inc. +# Copyright (C) 2000-2012, 2016, 2019 Free Software Foundation, Inc. # # Author: Nikos Mavrogiannopoulos, Simon Josefsson # @@ -23,7 +23,7 @@ dnl Process this file with autoconf to produce a configure script. AC_PREREQ(2.63) dnl when updating version also update LT_REVISION in m4/hooks.m4 -AC_INIT([GnuTLS], [3.6.8], [bugs@gnutls.org]) +AC_INIT([GnuTLS], [3.6.14], [bugs@gnutls.org]) AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_MACRO_DIRS([m4 src/gl/m4 src/libopts/m4 lib/unistring/m4]) AC_CANONICAL_HOST @@ -111,6 +111,7 @@ AM_CONDITIONAL(ENABLE_CXX, test "$use_cxx" != "no") dnl Detect windows build use_accel=yes +have_vista_dynamic=yes case "$host" in *android*) have_android=yes @@ -119,6 +120,24 @@ case "$host" in *mingw32* | *mingw64*) have_win=yes AC_DEFINE([_UNICODE], [1], [Defined to 1 for Unicode (wide chars) APIs]) + LIB_CRYPT32="-lcrypt32" + AC_SUBST([LIB_CRYPT32]) + AC_PREPROC_IFELSE([AC_LANG_PROGRAM( + [[#include + #if defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0600 + # error Vista APIs allowed statically + #endif + ]],[[;]])],[have_vista_dynamic=yes],[have_vista_dynamic=no]) + AC_ARG_ENABLE(dyn_ncrypt, + AS_HELP_STRING([--enable-dyn-ncrypt], [use ncrypt dynamically]), + enable_dyn_ncrypt=$enableval, enable_dyn_ncrypt=$have_vista_dynamic + ) + if test "x$enable_dyn_ncrypt" = "xyes"; then + AC_DEFINE([DYN_NCRYPT], 1, [Dynamic use of ncrypt API (win32)]) + else + LIBNCRYPT="-lncrypt" + fi + AC_SUBST([LIBNCRYPT]) ;; *darwin*) have_macosx=yes @@ -128,7 +147,7 @@ case "$host" in dnl intended minimum runtime version. LDFLAGS="$LDFLAGS -Wl,-no_weak_imports" AC_MSG_CHECKING([whether the linker supports -Wl,-no_weak_imports]) - AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], + AC_LINK_IFELSE([AC_LANG_PROGRAM([#include ], [fd_set rfds; FD_ZERO(&rfds); FD_SET(0, &rfds);])], [AC_MSG_RESULT(yes)], [AC_MSG_RESULT(no); LDFLAGS="$save_LDFLAGS"]) ;; *solaris*) @@ -182,6 +201,17 @@ case $host_cpu in ;; esac +# check for gcc's __get_cpuid_count functionality +AC_MSG_CHECKING([for __get_cpuid_count]) +AC_LINK_IFELSE( + [AC_LANG_SOURCE([ + #include + int main(void) { unsigned t1; return __get_cpuid_count(7, 0, &t1, &t1, &t1, &t1); } + ])], + [AC_DEFINE([HAVE_GET_CPUID_COUNT], [1], [use __get_cpuid_count]) AC_MSG_RESULT([yes])], + [AC_MSG_RESULT([no])] +) + fi AC_ARG_ENABLE(tls13-interop, @@ -222,6 +252,8 @@ AS_IF([test "$ac_cv_search___atomic_load_4" = "none required" || test "$ac_cv_se dnl We use its presence to detect C11 threads AC_CHECK_HEADERS([threads.h]) +AC_CHECK_HEADERS([valgrind/memcheck.h]) + AC_ARG_ENABLE(padlock, AS_HELP_STRING([--disable-padlock], [unconditionally disable padlock acceleration]), use_padlock=$enableval) @@ -250,6 +282,23 @@ AC_LINK_IFELSE([AC_LANG_PROGRAM([ rnd_variant=getrandom], [AC_MSG_RESULT(no)]) +AC_MSG_CHECKING([for KERN_ARND]) +AC_LINK_IFELSE([AC_LANG_PROGRAM([ + #include + #ifdef __linux__ + #error 1 + #endif + static int name[] = {CTL_KERN, KERN_ARND}; + ],[ + sysctl(0, 0, 0, 0, 0, 0); + ])], + [AC_MSG_RESULT(yes) + AC_DEFINE([HAVE_KERN_ARND], 1, [Enable the BSD sysctl(KERN_ARND) function]) + rnd_variant=kern_arnd], + [AC_MSG_RESULT(no)]) + +AM_CONDITIONAL(HAVE_KERN_ARND, test "$rnd_variant" = "kern_arnd") + AC_MSG_CHECKING([for getentropy]) AC_LINK_IFELSE([AC_LANG_PROGRAM([ #include @@ -405,13 +454,33 @@ AC_ARG_ENABLE(full-test-suite, # test if we are in git master or in release build. In release # builds we do not use valgrind. -SUITE_FILE="${srcdir}/tests/suite/mini-eagain2.c" +SUITE_FILE="${srcdir}/tests/suite/prime-check.c" if test "$full_test_suite" = yes && test ! -f "$SUITE_FILE";then full_test_suite=no fi AM_CONDITIONAL(WANT_TEST_SUITE, test "$full_test_suite" = "yes") +AC_ARG_ENABLE(oldgnutls-interop, + AS_HELP_STRING([--enable-oldgnutls-interop], [enable interoperability testing with old gnutls version]), + enable_oldgnutls_interop=$enableval, enable_oldgnutls_interop=no) + +if test "$enable_oldgnutls_interop" != "no" && test "$full_test_suite" != yes;then + AC_MSG_ERROR([cannot --enable-oldgnutls-interop without --enable-full-test-suite]) +fi + +AM_CONDITIONAL(ENABLE_OLDGNUTLS_INTEROP, test "$enable_oldgnutls_interop" != "no") + +# check for libev - used in full test suite +AC_LIB_HAVE_LINKFLAGS(ev,, [#include ], [ev_run(0,0);]) +if test "$ac_cv_libev" = yes; then + AC_SUBST([LIBEV_LIBS], [$LIBEV]) +elif test "$full_test_suite" = yes;then + AC_MSG_ERROR([[*** +*** libev4 was not found. +***]]) +fi + dnl GCC warnings to enable AC_ARG_ENABLE([gcc-warnings], @@ -463,6 +532,10 @@ if test "$gl_gcc_warnings" = yes; then gl_WARN_ADD([-fdiagnostics-show-option]) fi +if test "$gl_cv_opt_valgrind_tests" != no; then + gl_WARN_ADD([-fno-builtin-strcmp]) +fi + AC_SUBST([WERROR_CFLAGS]) AC_SUBST([WSTACK_CFLAGS]) AC_SUBST([WARN_CFLAGS]) @@ -511,37 +584,36 @@ idna_support=no with_libidn2=no if test "$try_libidn2" = yes;then - save_LIBS=$LIBS - AC_SEARCH_LIBS(idn2_lookup_u8, idn2, [ - with_libidn2=yes; + PKG_CHECK_MODULES(LIBIDN2, [libidn2 >= 2.0.0], [with_libidn2=yes], [with_libidn2=no]) + if test "${with_libidn2}" = "yes";then idna_support="IDNA 2008 (libidn2)" AC_DEFINE([HAVE_LIBIDN2], 1, [Define if IDNA 2008 support is enabled.]) - AC_SUBST([LIBIDN2_CFLAGS], []) - AC_SUBST([LIBIDN2_LIBS], [-lidn2]) dnl used in gnutls.pc.in -dnl enable once libidn2.pc is widespread; and remove LIBIDN2_LIBS from gnutls.pc.in (Libs.private) -dnl if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then -dnl GNUTLS_REQUIRES_PRIVATE="Requires.private: libidn2" -dnl else -dnl GNUTLS_REQUIRES_PRIVATE="${GNUTLS_REQUIRES_PRIVATE}, libidn2" -dnl fi - ],[ - with_libidn2=no; + if test "x$GNUTLS_REQUIRES_PRIVATE" = "x"; then + GNUTLS_REQUIRES_PRIVATE="Requires.private: libidn2" + else + GNUTLS_REQUIRES_PRIVATE="${GNUTLS_REQUIRES_PRIVATE}, libidn2" + fi + else AC_MSG_WARN(*** LIBIDN2 was not found. You will not be able to use IDN2008 support) - ]) - LIBS=$save_LIBS -else - with_libidn2=no + fi fi AM_CONDITIONAL(HAVE_LIBIDN2, test "$with_libidn2" != "no") +if test "x$have_vista_dynamic" = "xno"; then + AC_CHECK_TYPES([BCRYPT_ALG_HANDLE],[LIBBCRYPT="-lbcrypt"],[],[#include + #include ]) +fi +AM_CONDITIONAL(HAVE_BCRYPT, test "$ac_cv_type_BCRYPT_ALG_HANDLE" = "yes") +AC_SUBST([LIBBCRYPT]) + AC_ARG_ENABLE(non-suiteb-curves, AS_HELP_STRING([--disable-non-suiteb-curves], [disable curves not in SuiteB]), enable_non_suiteb=$enableval, enable_non_suiteb=yes) if test "$enable_non_suiteb" = "yes";then dnl nettle_secp_192r1 is not really a function - AC_CHECK_LIB(hogweed, nettle_secp_192r1, enable_non_suiteb=yes, enable_non_suiteb=no, [$HOGWEED_LIBS $NETTLE_LIBS]) + AC_CHECK_LIB(hogweed, nettle_get_secp_192r1, enable_non_suiteb=yes, enable_non_suiteb=no, [$HOGWEED_LIBS $NETTLE_LIBS]) if test "$enable_non_suiteb" = "yes";then AC_DEFINE([ENABLE_NON_SUITEB_CURVES], 1, [Enable all curves]) @@ -559,23 +631,124 @@ AC_CHECK_FUNCS(nettle_rsa_sec_decrypt, LIBS=$save_LIBS # Check if nettle has CFB8 support +if test -z "$ac_cv_func_nettle_cfb8_encrypt"; then + # nettle_cfb8_decrypt in nettle upto 3.6 is known to be broken + if ! $PKG_CONFIG --atleast-version=3.6 nettle; then + ac_cv_func_nettle_cfb8_encrypt=no + fi +fi + save_LIBS=$LIBS LIBS="$LIBS $NETTLE_LIBS" AC_CHECK_FUNCS(nettle_cfb8_encrypt) LIBS=$save_LIBS +AM_CONDITIONAL(NEED_CFB, [test "$ac_cv_func_nettle_cfb8_encrypt" != "yes"]) # Check if nettle has CMAC support +save_CFLAGS=$CFLAGS +CFLAGS="$CFLAGS $NETTLE_CFLAGS" +AC_CHECK_TYPES([union nettle_block8], , , [[#include ]]) +CFLAGS=$save_CFLAGS + save_LIBS=$LIBS LIBS="$LIBS $NETTLE_LIBS" AC_CHECK_FUNCS(nettle_cmac128_update) LIBS=$save_LIBS +AM_CONDITIONAL(NEED_CMAC, [test "$ac_cv_func_nettle_cmac128_update" != "yes"]) # Check if nettle has XTS support save_LIBS=$LIBS LIBS="$LIBS $NETTLE_LIBS" -AC_CHECK_FUNCS(xts_encrypt_message) +AC_CHECK_FUNCS(nettle_xts_encrypt_message) LIBS=$save_LIBS +AM_CONDITIONAL(NEED_XTS, [test "$ac_cv_func_nettle_xts_encrypt_message" != "yes"]) +# Check for Gosthash94 with CryptoPro S-box support +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +AC_CHECK_FUNCS(nettle_gosthash94cp_update) +LIBS=$save_LIBS + +# Check for GOST28147 +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +AC_CHECK_FUNCS(nettle_gost28147_set_key) +LIBS=$save_LIBS + +# Check for Streebog support +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +AC_CHECK_FUNCS(nettle_streebog512_update) +LIBS=$save_LIBS + +# Check for Curve448 and Ed448 +have_new_ecc=yes +save_LIBS=$LIBS +LIBS="$LIBS $HOGWEED_LIBS $NETTLE_LIBS" +AC_CHECK_FUNCS([nettle_curve448_mul nettle_ed448_shake256_sign nettle_get_gost_gc256b nettle_get_gost_gc512a nettle_gostdsa_sign], + [], [have_new_ecc=no]) +LIBS=$save_LIBS +AS_IF([test "$have_new_ecc" != "yes"], AC_DEFINE([NEED_INT_ECC], 1, [Use backported Curve448/GOST R 34.10 DSA support])) +AM_CONDITIONAL(NEED_INT_ECC, test "$have_new_ecc" != "yes") + +# Check if nettle has ChaCha20 initial block counter support +have_chacha_set_counter=no +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +AC_CHECK_FUNCS([nettle_chacha_set_counter], + [have_chacha_set_counter=yes]) +LIBS=$save_LIBS +AM_CONDITIONAL(NEED_CHACHA, [test "$have_chacha_set_counter" != "yes"]) + +# Check for SIV-CMAC +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +AC_CHECK_FUNCS(nettle_siv_cmac_aes128_set_key) +LIBS=$save_LIBS +AM_CONDITIONAL(NEED_SIV, [test "$ac_cv_func_nettle_siv_cmac_aes128_set_key" != "yes"]) + +# Check sonames of the linked libraries needed for FIPS selftests. +save_LIBS=$LIBS +LIBS="$LIBS $GMP_LIBS" +AC_MSG_CHECKING([gmp soname]) +AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], + [gmp_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libgmp\.so'`], + [gmp_so=none]) +if test -z "$gmp_so"; then + gmp_so=none +fi +AC_MSG_RESULT($gmp_so) +AC_DEFINE_UNQUOTED([GMP_LIBRARY_SONAME], ["$gmp_so"], [The soname of gmp library]) +LIBS=$save_LIBS + +save_LIBS=$LIBS +LIBS="$LIBS $NETTLE_LIBS" +AC_MSG_CHECKING([nettle soname]) +AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], + [nettle_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libnettle\.so'`], + [nettle_so=none]) +if test -z "$nettle_so"; then + nettle_so=none +fi +AC_MSG_RESULT($nettle_so) +AC_DEFINE_UNQUOTED([NETTLE_LIBRARY_SONAME], ["$nettle_so"], [The soname of nettle library]) +LIBS=$save_LIBS + +save_LIBS=$LIBS +LIBS="$LIBS $HOGWEED_LIBS" +AC_MSG_CHECKING([hogweed soname]) +AC_LINK_IFELSE([AC_LANG_PROGRAM([], [])], + [hogweed_so=`(eval "$LDDPROG conftest$EXEEXT $LDDPOSTPROC") | grep '^libhogweed\.so'`], + [hogweed_so=none]) +if test -z "$hogweed_so"; then + hogweed_so=none +fi +AC_MSG_RESULT($hogweed_so) +AC_DEFINE_UNQUOTED([HOGWEED_LIBRARY_SONAME], ["$hogweed_so"], [The soname of hogweed library]) +LIBS=$save_LIBS + +gnutls_so=libgnutls.so.`expr "$LT_CURRENT" - "$LT_AGE"` +AC_DEFINE_UNQUOTED([GNUTLS_LIBRARY_SONAME], ["$gnutls_so"], [The soname of gnutls library]) AC_MSG_CHECKING([whether to build libdane]) AC_ARG_ENABLE(libdane, @@ -628,17 +801,23 @@ fi AC_DEFINE_UNQUOTED([UNBOUND_ROOT_KEY_FILE], ["$unbound_root_key_file"], [The DNSSEC root key file]) +system_config_file="/etc/gnutls/config" AC_ARG_WITH(system-priority-file, AS_HELP_STRING([--with-system-priority-file], - [specify the system priority file]), - system_priority_file="$withval", -system_priority_file="/etc/gnutls/default-priorities" + [specify the system-wide config file (set empty to disable)]), + system_config_file="$withval" ) +AM_CONDITIONAL(DISABLE_SYSTEM_CONFIG, test -z "${system_config_file}") + +if test -z "${system_config_file}";then + AC_DEFINE([DISABLE_SYSTEM_CONFIG], 1, [Whether to disable system configuration]) +fi + AC_DEFINE_UNQUOTED([SYSTEM_PRIORITY_FILE], - ["$system_priority_file"], [The system priority file]) + ["$system_config_file"], [The system-wide gnutls configuration file]) AC_ARG_WITH(default-priority-string, AS_HELP_STRING([--with-default-priority-string], - [specify the default priority string (e.g. @SYSTEM)]), + [specify the default priority string used by gnutls_set_default_priority (default is NORMAL)]), prio_string="$withval", prio_string="NORMAL") @@ -735,7 +914,7 @@ if test "$enable_tools" != "no" || test "$enable_doc" != "no"; then *** autogen not found. Will not link against system libopts. *** ]]) dnl simulate specifying option on the command line - enable_local_libopts=yes + included_libopts=yes fi LIBOPTS_CHECK([src/libopts]) if test "$NEED_LIBOPTS_DIR" = "true";then @@ -850,6 +1029,7 @@ AC_ARG_WITH([guile-extension-dir], AS_HELP_STRING([--with-guile-extension-dir=DI AC_SUBST([guilesitedir]) AC_SUBST([guilesiteccachedir]) AC_SUBST([guileextensiondir]) +maybe_guileextensiondir="\"$guileextensiondir\"" if test "$opt_guile_bindings" = "yes"; then AC_MSG_RESULT([*** @@ -866,7 +1046,7 @@ if test "$opt_guile_bindings" = "yes"; then AC_PATH_PROG([GUILD], [guild]) AC_SUBST([GUILD]) - GUILE_PKG + GUILE_PKG([3.0 2.2 2.0 1.8]) GUILE_PROGS GUILE_SITE_DIR GUILE_FLAGS @@ -921,6 +1101,14 @@ if test "$opt_guile_bindings" = "yes"; then AC_CHECK_FUNCS([scm_gc_malloc_pointerless]) CFLAGS="$save_CFLAGS" LIBS="$save_LIBS" + + # Do we need to hard-code $guileextensiondir in gnutls.scm? + # This is not necessary when $guileextensiondir is equal to + # Guile's 'extensiondir' as specified in 'guile-MAJOR.MINOR.pc'. + if test "$guileextensiondir" = "`$PKG_CONFIG guile-$GUILE_EFFECTIVE_VERSION --variable extensiondir`" \ + || test "$guileextensiondir" = '$(GUILE_EXTENSION)'; then + maybe_guileextensiondir='#f' + fi else AC_MSG_RESULT([no]) AC_MSG_WARN([A sufficiently recent GNU Guile not found. Guile bindings not built.]) @@ -929,8 +1117,10 @@ if test "$opt_guile_bindings" = "yes"; then fi fi +AC_SUBST([maybe_guileextensiondir]) AM_CONDITIONAL([HAVE_GUILE], [test "$opt_guile_bindings" = "yes"]) AM_CONDITIONAL([HAVE_GUILD], [test "x$GUILD" != "x"]) +AM_CONDITIONAL([CROSS_COMPILING], [test "x$cross_compiling" = "xyes"]) LIBGNUTLS_LIBS="-L${libdir} -lgnutls $LIBS" LIBGNUTLS_CFLAGS="-I${includedir}" @@ -944,11 +1134,13 @@ AC_DEFINE([GNUTLS_INTERNAL_BUILD], 1, [We allow temporarily usage of deprecated AC_DEFINE([fread_file], [_gnutls_fread_file], [static lib rename]) AC_DEFINE([read_file], [_gnutls_read_file], [static lib rename]) -AC_DEFINE([read_binary_file], [_gnutls_read_binary_file], [static lib rename]) -dnl Some variables needed in makefiles -YEAR=`date +%Y` -AC_SUBST([YEAR], $YEAR) +dnl configuration options for config file parsing (inih) +AC_DEFINE([INI_MAX_LINE], 2048, [inih maximum line size]) +AC_DEFINE([INI_ALLOW_INLINE_COMMENTS], 1, [whether to allowin inline comments]) +AC_DEFINE([INI_STOP_ON_FIRST_ERROR], 1, [whether to stop on first error]) +AC_DEFINE_UNQUOTED([INI_INLINE_COMMENT_PREFIXES], [";#"], [The inline comment prefixes]) +AC_DEFINE_UNQUOTED([INI_START_COMMENT_PREFIXES], [";#"], [The comment prefixes]) AC_CONFIG_FILES([guile/pre-inst-guile], [chmod +x guile/pre-inst-guile]) AC_CONFIG_FILES([ @@ -1055,6 +1247,7 @@ if features are disabled) IDNA support: $idna_support Non-SuiteB curves: $enable_non_suiteb FIPS140 mode: $enable_fips + Strict DER time: $ac_strict_der_time ]) AC_MSG_NOTICE([Optional libraries: @@ -1072,7 +1265,7 @@ AC_MSG_NOTICE([System files: Trust store file: $with_default_trust_store_file Blacklist file: $with_default_blacklist_file CRL file: $with_default_crl_file - Priority file: $system_priority_file + Configuration file: $system_config_file DNSSEC root key file: $unbound_root_key_file ]) diff --git a/doc/Makefile.am b/doc/Makefile.am index 773ab6d..01f7cd6 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1,5 +1,5 @@ ## Process this file with automake to produce Makefile.in -# Copyright (C) 2000-2012 Free Software Foundation, Inc. +# Copyright (C) 2000-2012, 2019 Free Software Foundation, Inc. # # Author: Nikos Mavrogiannopoulos # @@ -151,7 +151,7 @@ gnutls_TEXINFOS = gnutls.texi fdl-1.3.texi \ cha-library.texi cha-preface.texi cha-programs.texi \ sec-tls-app.texi cha-errors.texi cha-support.texi \ cha-shared-key.texi cha-gtls-examples.texi cha-upgrade.texi \ - cha-tokens.texi cha-crypto.texi cha-auth.texi + cha-tokens.texi cha-crypto.texi cha-auth.texi cha-config.texi AUTOGENED_DOC = invoke-gnutls-cli.texi invoke-gnutls-cli-debug.texi \ invoke-gnutls-serv.texi invoke-certtool.texi invoke-srptool.texi \ @@ -492,7 +492,7 @@ if HAVE_GUILE GUILE_FOR_BUILD = \ GUILE_AUTO_COMPILE=0 \ - $(GUILE) -L $(top_srcdir)/guile/modules + $(GUILE) -q -L $(top_srcdir)/guile/modules SNARF_CPPFLAGS = -I$(top_srcdir) -I$(top_builddir) \ -I$(top_srcdir)/lib/includes -I$(top_builddir)/lib/includes \ @@ -635,12 +635,16 @@ FUNCS += functions/dane_verify_session_crt FUNCS += functions/dane_verify_session_crt.short FUNCS += functions/gnutls_aead_cipher_decrypt FUNCS += functions/gnutls_aead_cipher_decrypt.short +FUNCS += functions/gnutls_aead_cipher_decryptv2 +FUNCS += functions/gnutls_aead_cipher_decryptv2.short FUNCS += functions/gnutls_aead_cipher_deinit FUNCS += functions/gnutls_aead_cipher_deinit.short FUNCS += functions/gnutls_aead_cipher_encrypt FUNCS += functions/gnutls_aead_cipher_encrypt.short FUNCS += functions/gnutls_aead_cipher_encryptv FUNCS += functions/gnutls_aead_cipher_encryptv.short +FUNCS += functions/gnutls_aead_cipher_encryptv2 +FUNCS += functions/gnutls_aead_cipher_encryptv2.short FUNCS += functions/gnutls_aead_cipher_init FUNCS += functions/gnutls_aead_cipher_init.short FUNCS += functions/gnutls_alert_get @@ -821,6 +825,10 @@ FUNCS += functions/gnutls_certificate_type_get_name FUNCS += functions/gnutls_certificate_type_get_name.short FUNCS += functions/gnutls_certificate_type_list FUNCS += functions/gnutls_certificate_type_list.short +FUNCS += functions/gnutls_certificate_verification_profile_get_id +FUNCS += functions/gnutls_certificate_verification_profile_get_id.short +FUNCS += functions/gnutls_certificate_verification_profile_get_name +FUNCS += functions/gnutls_certificate_verification_profile_get_name.short FUNCS += functions/gnutls_certificate_verification_status_print FUNCS += functions/gnutls_certificate_verification_status_print.short FUNCS += functions/gnutls_certificate_verify_peers @@ -1015,6 +1023,8 @@ FUNCS += functions/gnutls_ext_get_data FUNCS += functions/gnutls_ext_get_data.short FUNCS += functions/gnutls_ext_get_name FUNCS += functions/gnutls_ext_get_name.short +FUNCS += functions/gnutls_ext_get_name2 +FUNCS += functions/gnutls_ext_get_name2.short FUNCS += functions/gnutls_ext_raw_parse FUNCS += functions/gnutls_ext_raw_parse.short FUNCS += functions/gnutls_ext_register @@ -1027,6 +1037,8 @@ FUNCS += functions/gnutls_fips140_mode_enabled FUNCS += functions/gnutls_fips140_mode_enabled.short FUNCS += functions/gnutls_fips140_set_mode FUNCS += functions/gnutls_fips140_set_mode.short +FUNCS += functions/gnutls_get_system_config_file +FUNCS += functions/gnutls_get_system_config_file.short FUNCS += functions/gnutls_global_deinit FUNCS += functions/gnutls_global_deinit.short FUNCS += functions/gnutls_global_init @@ -1077,6 +1089,8 @@ FUNCS += functions/gnutls_handshake_set_timeout FUNCS += functions/gnutls_handshake_set_timeout.short FUNCS += functions/gnutls_hash FUNCS += functions/gnutls_hash.short +FUNCS += functions/gnutls_hash_copy +FUNCS += functions/gnutls_hash_copy.short FUNCS += functions/gnutls_hash_deinit FUNCS += functions/gnutls_hash_deinit.short FUNCS += functions/gnutls_hash_fast @@ -1109,12 +1123,20 @@ FUNCS += functions/gnutls_hex_encode FUNCS += functions/gnutls_hex_encode.short FUNCS += functions/gnutls_hex_encode2 FUNCS += functions/gnutls_hex_encode2.short +FUNCS += functions/gnutls_hkdf_expand +FUNCS += functions/gnutls_hkdf_expand.short +FUNCS += functions/gnutls_hkdf_extract +FUNCS += functions/gnutls_hkdf_extract.short FUNCS += functions/gnutls_hmac FUNCS += functions/gnutls_hmac.short +FUNCS += functions/gnutls_hmac_copy +FUNCS += functions/gnutls_hmac_copy.short FUNCS += functions/gnutls_hmac_deinit FUNCS += functions/gnutls_hmac_deinit.short FUNCS += functions/gnutls_hmac_fast FUNCS += functions/gnutls_hmac_fast.short +FUNCS += functions/gnutls_hmac_get_key_size +FUNCS += functions/gnutls_hmac_get_key_size.short FUNCS += functions/gnutls_hmac_get_len FUNCS += functions/gnutls_hmac_get_len.short FUNCS += functions/gnutls_hmac_init @@ -1261,6 +1283,8 @@ FUNCS += functions/gnutls_packet_deinit FUNCS += functions/gnutls_packet_deinit.short FUNCS += functions/gnutls_packet_get FUNCS += functions/gnutls_packet_get.short +FUNCS += functions/gnutls_pbkdf2 +FUNCS += functions/gnutls_pbkdf2.short FUNCS += functions/gnutls_pcert_deinit FUNCS += functions/gnutls_pcert_deinit.short FUNCS += functions/gnutls_pcert_export_openpgp @@ -1515,6 +1539,8 @@ FUNCS += functions/gnutls_pkcs7_init FUNCS += functions/gnutls_pkcs7_init.short FUNCS += functions/gnutls_pkcs7_print FUNCS += functions/gnutls_pkcs7_print.short +FUNCS += functions/gnutls_pkcs7_print_signature_info +FUNCS += functions/gnutls_pkcs7_print_signature_info.short FUNCS += functions/gnutls_pkcs7_set_crl FUNCS += functions/gnutls_pkcs7_set_crl.short FUNCS += functions/gnutls_pkcs7_set_crl_raw @@ -1551,6 +1577,8 @@ FUNCS += functions/gnutls_prf FUNCS += functions/gnutls_prf.short FUNCS += functions/gnutls_prf_early FUNCS += functions/gnutls_prf_early.short +FUNCS += functions/gnutls_prf_hash_get +FUNCS += functions/gnutls_prf_hash_get.short FUNCS += functions/gnutls_prf_raw FUNCS += functions/gnutls_prf_raw.short FUNCS += functions/gnutls_prf_rfc5705 @@ -1703,16 +1731,24 @@ FUNCS += functions/gnutls_psk_free_server_credentials FUNCS += functions/gnutls_psk_free_server_credentials.short FUNCS += functions/gnutls_psk_server_get_username FUNCS += functions/gnutls_psk_server_get_username.short +FUNCS += functions/gnutls_psk_server_get_username2 +FUNCS += functions/gnutls_psk_server_get_username2.short FUNCS += functions/gnutls_psk_set_client_credentials FUNCS += functions/gnutls_psk_set_client_credentials.short +FUNCS += functions/gnutls_psk_set_client_credentials2 +FUNCS += functions/gnutls_psk_set_client_credentials2.short FUNCS += functions/gnutls_psk_set_client_credentials_function FUNCS += functions/gnutls_psk_set_client_credentials_function.short +FUNCS += functions/gnutls_psk_set_client_credentials_function2 +FUNCS += functions/gnutls_psk_set_client_credentials_function2.short FUNCS += functions/gnutls_psk_set_params_function FUNCS += functions/gnutls_psk_set_params_function.short FUNCS += functions/gnutls_psk_set_server_credentials_file FUNCS += functions/gnutls_psk_set_server_credentials_file.short FUNCS += functions/gnutls_psk_set_server_credentials_function FUNCS += functions/gnutls_psk_set_server_credentials_function.short +FUNCS += functions/gnutls_psk_set_server_credentials_function2 +FUNCS += functions/gnutls_psk_set_server_credentials_function2.short FUNCS += functions/gnutls_psk_set_server_credentials_hint FUNCS += functions/gnutls_psk_set_server_credentials_hint.short FUNCS += functions/gnutls_psk_set_server_dh_params @@ -1907,6 +1943,8 @@ FUNCS += functions/gnutls_session_get_id FUNCS += functions/gnutls_session_get_id.short FUNCS += functions/gnutls_session_get_id2 FUNCS += functions/gnutls_session_get_id2.short +FUNCS += functions/gnutls_session_get_keylog_function +FUNCS += functions/gnutls_session_get_keylog_function.short FUNCS += functions/gnutls_session_get_master_secret FUNCS += functions/gnutls_session_get_master_secret.short FUNCS += functions/gnutls_session_get_ptr @@ -1925,6 +1963,8 @@ FUNCS += functions/gnutls_session_set_data FUNCS += functions/gnutls_session_set_data.short FUNCS += functions/gnutls_session_set_id FUNCS += functions/gnutls_session_set_id.short +FUNCS += functions/gnutls_session_set_keylog_function +FUNCS += functions/gnutls_session_set_keylog_function.short FUNCS += functions/gnutls_session_set_premaster FUNCS += functions/gnutls_session_set_premaster.short FUNCS += functions/gnutls_session_set_ptr diff --git a/doc/Makefile.in b/doc/Makefile.in index 5366d3c..61bddb6 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -14,7 +14,7 @@ @SET_MAKE@ -# Copyright (C) 2000-2012 Free Software Foundation, Inc. +# Copyright (C) 2000-2012, 2019 Free Software Foundation, Inc. # # Author: Nikos Mavrogiannopoulos # @@ -120,7 +120,6 @@ ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/lib/unistring/m4/inline.m4 \ $(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \ - $(top_srcdir)/src/gl/m4/__inline.m4 \ $(top_srcdir)/src/gl/m4/bison.m4 \ $(top_srcdir)/src/gl/m4/clock_time.m4 \ $(top_srcdir)/src/gl/m4/fseek.m4 \ @@ -140,7 +139,7 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/src/gl/m4/tzset.m4 \ $(top_srcdir)/src/libopts/m4/libopts.m4 \ $(top_srcdir)/src/libopts/m4/stdnoreturn.m4 \ - $(top_srcdir)/m4/00gnulib.m4 \ + $(top_srcdir)/m4/00gnulib.m4 $(top_srcdir)/m4/__inline.m4 \ $(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \ $(top_srcdir)/m4/arpa_inet_h.m4 \ $(top_srcdir)/m4/ax_ac_append_to_file.m4 \ @@ -155,18 +154,19 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/codeset.m4 $(top_srcdir)/m4/ctype.m4 \ $(top_srcdir)/m4/dup2.m4 $(top_srcdir)/m4/eealloc.m4 \ $(top_srcdir)/m4/environ.m4 $(top_srcdir)/m4/errno_h.m4 \ + $(top_srcdir)/m4/explicit_bzero.m4 \ $(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \ $(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \ $(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \ $(top_srcdir)/m4/fdopen.m4 $(top_srcdir)/m4/flexmember.m4 \ - $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fpieee.m4 \ - $(top_srcdir)/m4/fseeko.m4 $(top_srcdir)/m4/fstat.m4 \ - $(top_srcdir)/m4/ftell.m4 $(top_srcdir)/m4/ftello.m4 \ - $(top_srcdir)/m4/ftruncate.m4 $(top_srcdir)/m4/func.m4 \ - $(top_srcdir)/m4/getcwd.m4 $(top_srcdir)/m4/getdelim.m4 \ - $(top_srcdir)/m4/getdtablesize.m4 $(top_srcdir)/m4/getline.m4 \ - $(top_srcdir)/m4/getpagesize.m4 $(top_srcdir)/m4/gettext.m4 \ - $(top_srcdir)/m4/gettimeofday.m4 \ + $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \ + $(top_srcdir)/m4/fpieee.m4 $(top_srcdir)/m4/fseeko.m4 \ + $(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \ + $(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/ftruncate.m4 \ + $(top_srcdir)/m4/func.m4 $(top_srcdir)/m4/getcwd.m4 \ + $(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \ + $(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/getpagesize.m4 \ + $(top_srcdir)/m4/gettext.m4 $(top_srcdir)/m4/gettimeofday.m4 \ $(top_srcdir)/m4/gnulib-common.m4 \ $(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \ $(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \ @@ -175,12 +175,13 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/inet_pton.m4 \ $(top_srcdir)/m4/intl-thread-locale.m4 \ $(top_srcdir)/m4/intlmacosx.m4 $(top_srcdir)/m4/intmax_t.m4 \ - $(top_srcdir)/m4/inttypes-pri.m4 $(top_srcdir)/m4/inttypes.m4 \ - $(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/ioctl.m4 \ - $(top_srcdir)/m4/isblank.m4 $(top_srcdir)/m4/langinfo_h.m4 \ - $(top_srcdir)/m4/largefile.m4 $(top_srcdir)/m4/lcmessage.m4 \ + $(top_srcdir)/m4/inttostr.m4 $(top_srcdir)/m4/inttypes-pri.m4 \ + $(top_srcdir)/m4/inttypes.m4 $(top_srcdir)/m4/inttypes_h.m4 \ + $(top_srcdir)/m4/ioctl.m4 $(top_srcdir)/m4/isblank.m4 \ + $(top_srcdir)/m4/langinfo_h.m4 $(top_srcdir)/m4/largefile.m4 \ + $(top_srcdir)/m4/lcmessage.m4 \ $(top_srcdir)/m4/ld-output-def.m4 \ - $(top_srcdir)/m4/ld-version-script.m4 \ + $(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/locale-fr.m4 \ @@ -188,27 +189,32 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/locale-zh.m4 $(top_srcdir)/m4/locale_h.m4 \ $(top_srcdir)/m4/localename.m4 \ $(top_srcdir)/m4/localtime-buffer.m4 $(top_srcdir)/m4/lock.m4 \ - $(top_srcdir)/m4/longlong.m4 $(top_srcdir)/m4/lseek.m4 \ - $(top_srcdir)/m4/lstat.m4 $(top_srcdir)/m4/ltoptions.m4 \ - $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ - $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \ - $(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \ - $(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \ - $(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \ - $(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \ + $(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/lstat.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/malloc.m4 $(top_srcdir)/m4/malloca.m4 \ + $(top_srcdir)/m4/manywarnings.m4 $(top_srcdir)/m4/memchr.m4 \ + $(top_srcdir)/m4/memmem.m4 $(top_srcdir)/m4/minmax.m4 \ + $(top_srcdir)/m4/mmap-anon.m4 $(top_srcdir)/m4/mode_t.m4 \ + $(top_srcdir)/m4/msvc-inval.m4 \ $(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \ $(top_srcdir)/m4/nanosleep.m4 $(top_srcdir)/m4/netdb_h.m4 \ $(top_srcdir)/m4/netinet_in_h.m4 $(top_srcdir)/m4/nls.m4 \ $(top_srcdir)/m4/off_t.m4 $(top_srcdir)/m4/open-cloexec.m4 \ - $(top_srcdir)/m4/open.m4 $(top_srcdir)/m4/pathmax.m4 \ - $(top_srcdir)/m4/perror.m4 $(top_srcdir)/m4/pipe.m4 \ - $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/m4/po.m4 \ - $(top_srcdir)/m4/printf.m4 $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \ + $(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/perror.m4 \ + $(top_srcdir)/m4/pipe.m4 $(top_srcdir)/m4/pkg.m4 \ + $(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \ + $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/pthread-thread.m4 \ + $(top_srcdir)/m4/pthread_h.m4 \ $(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \ - $(top_srcdir)/m4/putenv.m4 $(top_srcdir)/m4/raise.m4 \ - $(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \ + $(top_srcdir)/m4/pthread_sigmask.m4 $(top_srcdir)/m4/putenv.m4 \ + $(top_srcdir)/m4/raise.m4 $(top_srcdir)/m4/read-file.m4 \ + $(top_srcdir)/m4/realloc.m4 $(top_srcdir)/m4/sched_h.m4 \ $(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/select.m4 \ $(top_srcdir)/m4/setenv.m4 $(top_srcdir)/m4/setlocale.m4 \ + $(top_srcdir)/m4/setlocale_null.m4 \ $(top_srcdir)/m4/sigaction.m4 $(top_srcdir)/m4/signal_h.m4 \ $(top_srcdir)/m4/signalblocking.m4 \ $(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/sleep.m4 \ @@ -216,29 +222,30 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/sockets.m4 $(top_srcdir)/m4/socklen.m4 \ $(top_srcdir)/m4/sockpfaf.m4 $(top_srcdir)/m4/ssize_t.m4 \ $(top_srcdir)/m4/stat-time.m4 $(top_srcdir)/m4/stat.m4 \ - $(top_srcdir)/m4/stdalign.m4 $(top_srcdir)/m4/stdbool.m4 \ - $(top_srcdir)/m4/stddef_h.m4 $(top_srcdir)/m4/stdint.m4 \ - $(top_srcdir)/m4/stdint_h.m4 $(top_srcdir)/m4/stdio_h.m4 \ - $(top_srcdir)/m4/stdlib_h.m4 $(top_srcdir)/m4/strcase.m4 \ - $(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/strerror.m4 \ - $(top_srcdir)/m4/strerror_r.m4 $(top_srcdir)/m4/string_h.m4 \ - $(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \ - $(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \ - $(top_srcdir)/m4/strverscmp.m4 $(top_srcdir)/m4/symlink.m4 \ - $(top_srcdir)/m4/sys_ioctl_h.m4 \ + $(top_srcdir)/m4/std-gnu11.m4 $(top_srcdir)/m4/stdalign.m4 \ + $(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \ + $(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \ + $(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \ + $(top_srcdir)/m4/strcase.m4 $(top_srcdir)/m4/strdup.m4 \ + $(top_srcdir)/m4/strerror.m4 $(top_srcdir)/m4/strerror_r.m4 \ + $(top_srcdir)/m4/string_h.m4 $(top_srcdir)/m4/strings_h.m4 \ + $(top_srcdir)/m4/strndup.m4 $(top_srcdir)/m4/strnlen.m4 \ + $(top_srcdir)/m4/strtok_r.m4 $(top_srcdir)/m4/strverscmp.m4 \ + $(top_srcdir)/m4/symlink.m4 $(top_srcdir)/m4/sys_ioctl_h.m4 \ $(top_srcdir)/m4/sys_select_h.m4 \ $(top_srcdir)/m4/sys_socket_h.m4 \ $(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \ $(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \ - $(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \ - $(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \ - $(top_srcdir)/m4/unistd_h.m4 \ + $(top_srcdir)/m4/thread.m4 $(top_srcdir)/m4/threadlib.m4 \ + $(top_srcdir)/m4/time_h.m4 $(top_srcdir)/m4/time_r.m4 \ + $(top_srcdir)/m4/ungetc.m4 $(top_srcdir)/m4/unistd_h.m4 \ $(top_srcdir)/m4/valgrind-tests.m4 \ $(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \ - $(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \ - $(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \ - $(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \ - $(top_srcdir)/m4/xsize.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/visibility.m4 $(top_srcdir)/m4/vsnprintf.m4 \ + $(top_srcdir)/m4/warn-on-use.m4 $(top_srcdir)/m4/warnings.m4 \ + $(top_srcdir)/m4/wchar_h.m4 $(top_srcdir)/m4/wchar_t.m4 \ + $(top_srcdir)/m4/wint_t.m4 $(top_srcdir)/m4/xsize.m4 \ + $(top_srcdir)/m4/zzgnulib.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/version.texi \ @@ -469,6 +476,7 @@ CCASDEPMODE = @CCASDEPMODE@ CCASFLAGS = @CCASFLAGS@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ +CFLAG_VISIBILITY = @CFLAG_VISIBILITY@ CMOCKA_CFLAGS = @CMOCKA_CFLAGS@ CMOCKA_LIBS = @CMOCKA_LIBS@ CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@ @@ -521,6 +529,7 @@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GNULIB_ACCEPT = @GNULIB_ACCEPT@ GNULIB_ACCEPT4 = @GNULIB_ACCEPT4@ +GNULIB_ACCESS = @GNULIB_ACCESS@ GNULIB_ATOLL = @GNULIB_ATOLL@ GNULIB_BIND = @GNULIB_BIND@ GNULIB_BTOWC = @GNULIB_BTOWC@ @@ -530,6 +539,8 @@ GNULIB_CHDIR = @GNULIB_CHDIR@ GNULIB_CHOWN = @GNULIB_CHOWN@ GNULIB_CLOSE = @GNULIB_CLOSE@ GNULIB_CONNECT = @GNULIB_CONNECT@ +GNULIB_COPY_FILE_RANGE = @GNULIB_COPY_FILE_RANGE@ +GNULIB_CREAT = @GNULIB_CREAT@ GNULIB_CTIME = @GNULIB_CTIME@ GNULIB_DPRINTF = @GNULIB_DPRINTF@ GNULIB_DUP = @GNULIB_DUP@ @@ -579,15 +590,18 @@ GNULIB_GETCWD = @GNULIB_GETCWD@ GNULIB_GETDELIM = @GNULIB_GETDELIM@ GNULIB_GETDOMAINNAME = @GNULIB_GETDOMAINNAME@ GNULIB_GETDTABLESIZE = @GNULIB_GETDTABLESIZE@ +GNULIB_GETENTROPY = @GNULIB_GETENTROPY@ GNULIB_GETGROUPS = @GNULIB_GETGROUPS@ GNULIB_GETHOSTNAME = @GNULIB_GETHOSTNAME@ GNULIB_GETLINE = @GNULIB_GETLINE@ GNULIB_GETLOADAVG = @GNULIB_GETLOADAVG@ GNULIB_GETLOGIN = @GNULIB_GETLOGIN@ GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@ +GNULIB_GETOPT_POSIX = @GNULIB_GETOPT_POSIX@ GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@ GNULIB_GETPASS = @GNULIB_GETPASS@ GNULIB_GETPEERNAME = @GNULIB_GETPEERNAME@ +GNULIB_GETRANDOM = @GNULIB_GETRANDOM@ GNULIB_GETSOCKNAME = @GNULIB_GETSOCKNAME@ GNULIB_GETSOCKOPT = @GNULIB_GETSOCKOPT@ GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@ @@ -667,7 +681,15 @@ GNULIB_PREAD = @GNULIB_PREAD@ GNULIB_PRINTF = @GNULIB_PRINTF@ GNULIB_PRINTF_POSIX = @GNULIB_PRINTF_POSIX@ GNULIB_PSELECT = @GNULIB_PSELECT@ +GNULIB_PTHREAD_COND = @GNULIB_PTHREAD_COND@ +GNULIB_PTHREAD_MUTEX = @GNULIB_PTHREAD_MUTEX@ +GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GNULIB_PTHREAD_MUTEX_TIMEDLOCK@ +GNULIB_PTHREAD_ONCE = @GNULIB_PTHREAD_ONCE@ +GNULIB_PTHREAD_RWLOCK = @GNULIB_PTHREAD_RWLOCK@ GNULIB_PTHREAD_SIGMASK = @GNULIB_PTHREAD_SIGMASK@ +GNULIB_PTHREAD_SPIN = @GNULIB_PTHREAD_SPIN@ +GNULIB_PTHREAD_THREAD = @GNULIB_PTHREAD_THREAD@ +GNULIB_PTHREAD_TSS = @GNULIB_PTHREAD_TSS@ GNULIB_PTSNAME = @GNULIB_PTSNAME@ GNULIB_PTSNAME_R = @GNULIB_PTSNAME_R@ GNULIB_PUTC = @GNULIB_PUTC@ @@ -694,6 +716,7 @@ GNULIB_RENAMEAT = @GNULIB_RENAMEAT@ GNULIB_RMDIR = @GNULIB_RMDIR@ GNULIB_RPMATCH = @GNULIB_RPMATCH@ GNULIB_SCANF = @GNULIB_SCANF@ +GNULIB_SCHED_YIELD = @GNULIB_SCHED_YIELD@ GNULIB_SECURE_GETENV = @GNULIB_SECURE_GETENV@ GNULIB_SELECT = @GNULIB_SELECT@ GNULIB_SEND = @GNULIB_SEND@ @@ -701,6 +724,7 @@ GNULIB_SENDTO = @GNULIB_SENDTO@ GNULIB_SETENV = @GNULIB_SETENV@ GNULIB_SETHOSTNAME = @GNULIB_SETHOSTNAME@ GNULIB_SETLOCALE = @GNULIB_SETLOCALE@ +GNULIB_SETLOCALE_NULL = @GNULIB_SETLOCALE_NULL@ GNULIB_SETSOCKOPT = @GNULIB_SETSOCKOPT@ GNULIB_SHUTDOWN = @GNULIB_SHUTDOWN@ GNULIB_SIGACTION = @GNULIB_SIGACTION@ @@ -830,6 +854,7 @@ HAVE_BTOWC = @HAVE_BTOWC@ HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@ HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@ HAVE_CHOWN = @HAVE_CHOWN@ +HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@ HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@ HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@ HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@ @@ -901,11 +926,13 @@ HAVE_FTELLO = @HAVE_FTELLO@ HAVE_FTRUNCATE = @HAVE_FTRUNCATE@ HAVE_FUTIMENS = @HAVE_FUTIMENS@ HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@ +HAVE_GETENTROPY = @HAVE_GETENTROPY@ HAVE_GETGROUPS = @HAVE_GETGROUPS@ HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@ HAVE_GETLOGIN = @HAVE_GETLOGIN@ HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@ HAVE_GETPASS = @HAVE_GETPASS@ +HAVE_GETRANDOM = @HAVE_GETRANDOM@ HAVE_GETSUBOPT = @HAVE_GETSUBOPT@ HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@ HAVE_GRANTPT = @HAVE_GRANTPT@ @@ -924,12 +951,12 @@ HAVE_LCHMOD = @HAVE_LCHMOD@ HAVE_LCHOWN = @HAVE_LCHOWN@ HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@ HAVE_LIBDL = @HAVE_LIBDL@ +HAVE_LIBEV = @HAVE_LIBEV@ HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@ HAVE_LIBRT = @HAVE_LIBRT@ HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@ HAVE_LINK = @HAVE_LINK@ HAVE_LINKAT = @HAVE_LINKAT@ -HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@ HAVE_LSTAT = @HAVE_LSTAT@ HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@ HAVE_MBRLEN = @HAVE_MBRLEN@ @@ -967,7 +994,65 @@ HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@ HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@ HAVE_PREAD = @HAVE_PREAD@ HAVE_PSELECT = @HAVE_PSELECT@ +HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@ +HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@ +HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@ +HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@ +HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@ +HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@ +HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@ +HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@ +HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@ +HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@ +HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@ +HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@ +HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@ +HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@ +HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@ +HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@ +HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@ +HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@ +HAVE_PTHREAD_H = @HAVE_PTHREAD_H@ +HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@ +HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@ +HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@ +HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@ +HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@ +HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@ +HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@ +HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@ +HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@ +HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@ +HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@ +HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@ +HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@ +HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@ +HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@ +HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@ +HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@ +HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@ +HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@ +HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@ +HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@ +HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@ +HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@ +HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@ +HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@ +HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@ +HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@ +HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@ +HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@ HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@ +HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@ +HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@ +HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@ +HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@ +HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@ +HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@ +HAVE_PTHREAD_T = @HAVE_PTHREAD_T@ HAVE_PTSNAME = @HAVE_PTSNAME@ HAVE_PTSNAME_R = @HAVE_PTSNAME_R@ HAVE_PWRITE = @HAVE_PWRITE@ @@ -984,6 +1069,8 @@ HAVE_REALPATH = @HAVE_REALPATH@ HAVE_RENAMEAT = @HAVE_RENAMEAT@ HAVE_RPMATCH = @HAVE_RPMATCH@ HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@ +HAVE_SCHED_H = @HAVE_SCHED_H@ +HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@ HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@ HAVE_SETENV = @HAVE_SETENV@ HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@ @@ -1012,6 +1099,7 @@ HAVE_STRTOLL = @HAVE_STRTOLL@ HAVE_STRTOULL = @HAVE_STRTOULL@ HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@ HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@ +HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@ HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@ HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@ HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@ @@ -1020,6 +1108,7 @@ HAVE_STRVERSCMP = @HAVE_STRVERSCMP@ HAVE_SYMLINK = @HAVE_SYMLINK@ HAVE_SYMLINKAT = @HAVE_SYMLINKAT@ HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@ +HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@ HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@ HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@ HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@ @@ -1036,11 +1125,11 @@ HAVE_TZSET = @HAVE_TZSET@ HAVE_UNISTD_H = @HAVE_UNISTD_H@ HAVE_UNLINKAT = @HAVE_UNLINKAT@ HAVE_UNLOCKPT = @HAVE_UNLOCKPT@ -HAVE_UNSIGNED_LONG_LONG_INT = @HAVE_UNSIGNED_LONG_LONG_INT@ HAVE_USLEEP = @HAVE_USLEEP@ HAVE_UTIMENSAT = @HAVE_UTIMENSAT@ HAVE_VASPRINTF = @HAVE_VASPRINTF@ HAVE_VDPRINTF = @HAVE_VDPRINTF@ +HAVE_VISIBILITY = @HAVE_VISIBILITY@ HAVE_WCHAR_H = @HAVE_WCHAR_H@ HAVE_WCHAR_T = @HAVE_WCHAR_T@ HAVE_WCPCPY = @HAVE_WCPCPY@ @@ -1100,12 +1189,18 @@ INTLLIBS = @INTLLIBS@ INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ LCOV = @LCOV@ LD = @LD@ +LDDPOSTPROC = @LDDPOSTPROC@ +LDDPROG = @LDDPROG@ LDFLAGS = @LDFLAGS@ LIBATOMIC_LIBS = @LIBATOMIC_LIBS@ +LIBBCRYPT = @LIBBCRYPT@ LIBCRYPTO = @LIBCRYPTO@ LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@ LIBDL = @LIBDL@ LIBDL_PREFIX = @LIBDL_PREFIX@ +LIBEV = @LIBEV@ +LIBEV_LIBS = @LIBEV_LIBS@ +LIBEV_PREFIX = @LIBEV_PREFIX@ LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@ LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@ LIBICONV = @LIBICONV@ @@ -1113,20 +1208,21 @@ LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@ LIBIDN2_LIBS = @LIBIDN2_LIBS@ LIBINTL = @LIBINTL@ LIBMULTITHREAD = @LIBMULTITHREAD@ +LIBNCRYPT = @LIBNCRYPT@ LIBOBJS = @LIBOBJS@ LIBOPTS_CFLAGS = @LIBOPTS_CFLAGS@ LIBOPTS_DIR = @LIBOPTS_DIR@ LIBOPTS_LDADD = @LIBOPTS_LDADD@ -LIBPTH = @LIBPTH@ +LIBPMULTITHREAD = @LIBPMULTITHREAD@ LIBPTHREAD = @LIBPTHREAD@ LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@ -LIBPTH_PREFIX = @LIBPTH_PREFIX@ LIBRT = @LIBRT@ LIBRT_PREFIX = @LIBRT_PREFIX@ LIBS = @LIBS@ LIBSECCOMP = @LIBSECCOMP@ LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@ LIBSOCKET = @LIBSOCKET@ +LIBSTDTHREAD = @LIBSTDTHREAD@ LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@ LIBTASN1_LIBS = @LIBTASN1_LIBS@ LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@ @@ -1138,8 +1234,14 @@ LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@ LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@ LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@ LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@ +LIB_CRYPT32 = @LIB_CRYPT32@ LIB_NANOSLEEP = @LIB_NANOSLEEP@ +LIB_PTHREAD = @LIB_PTHREAD@ +LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@ +LIB_SCHED_YIELD = @LIB_SCHED_YIELD@ LIB_SELECT = @LIB_SELECT@ +LIB_SETLOCALE = @LIB_SETLOCALE@ +LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@ LIMITS_H = @LIMITS_H@ LIPO = @LIPO@ LN_S = @LN_S@ @@ -1151,11 +1253,11 @@ LOCALE_ZH_CN = @LOCALE_ZH_CN@ LTALLOCA = @LTALLOCA@ LTLIBCRYPTO = @LTLIBCRYPTO@ LTLIBDL = @LTLIBDL@ +LTLIBEV = @LTLIBEV@ LTLIBICONV = @LTLIBICONV@ LTLIBINTL = @LTLIBINTL@ LTLIBMULTITHREAD = @LTLIBMULTITHREAD@ LTLIBOBJS = @LTLIBOBJS@ -LTLIBPTH = @LTLIBPTH@ LTLIBPTHREAD = @LTLIBPTHREAD@ LTLIBRT = @LTLIBRT@ LTLIBSECCOMP = @LTLIBSECCOMP@ @@ -1197,6 +1299,8 @@ NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@ NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@ NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@ NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@ +NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@ +NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@ NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@ NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@ NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@ @@ -1224,6 +1328,8 @@ NEXT_LIMITS_H = @NEXT_LIMITS_H@ NEXT_LOCALE_H = @NEXT_LOCALE_H@ NEXT_NETDB_H = @NEXT_NETDB_H@ NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@ +NEXT_PTHREAD_H = @NEXT_PTHREAD_H@ +NEXT_SCHED_H = @NEXT_SCHED_H@ NEXT_SIGNAL_H = @NEXT_SIGNAL_H@ NEXT_STDDEF_H = @NEXT_STDDEF_H@ NEXT_STDINT_H = @NEXT_STDINT_H@ @@ -1257,6 +1363,7 @@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ +PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@ PATCH_VERSION = @PATCH_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ @@ -1272,17 +1379,20 @@ PRI_MACROS_BROKEN = @PRI_MACROS_BROKEN@ PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@ PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@ RANLIB = @RANLIB@ +REPLACE_ACCESS = @REPLACE_ACCESS@ REPLACE_BTOWC = @REPLACE_BTOWC@ REPLACE_CALLOC = @REPLACE_CALLOC@ REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@ REPLACE_CHOWN = @REPLACE_CHOWN@ REPLACE_CLOSE = @REPLACE_CLOSE@ +REPLACE_CREAT = @REPLACE_CREAT@ REPLACE_CTIME = @REPLACE_CTIME@ REPLACE_DPRINTF = @REPLACE_DPRINTF@ REPLACE_DUP = @REPLACE_DUP@ REPLACE_DUP2 = @REPLACE_DUP2@ REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@ REPLACE_FACCESSAT = @REPLACE_FACCESSAT@ +REPLACE_FCHMODAT = @REPLACE_FCHMODAT@ REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@ REPLACE_FCLOSE = @REPLACE_FCLOSE@ REPLACE_FCNTL = @REPLACE_FCNTL@ @@ -1302,6 +1412,7 @@ REPLACE_FTELLO = @REPLACE_FTELLO@ REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@ REPLACE_FUTIMENS = @REPLACE_FUTIMENS@ REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@ +REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@ REPLACE_GETCWD = @REPLACE_GETCWD@ REPLACE_GETDELIM = @REPLACE_GETDELIM@ REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@ @@ -1354,7 +1465,58 @@ REPLACE_POPEN = @REPLACE_POPEN@ REPLACE_PREAD = @REPLACE_PREAD@ REPLACE_PRINTF = @REPLACE_PRINTF@ REPLACE_PSELECT = @REPLACE_PSELECT@ +REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@ +REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@ +REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@ +REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@ +REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@ +REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@ +REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@ +REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@ +REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@ +REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@ +REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@ +REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@ +REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@ +REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@ +REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@ +REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@ +REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@ +REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@ +REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@ +REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@ +REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@ +REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@ +REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@ +REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@ +REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@ +REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@ +REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@ +REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@ +REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@ +REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@ +REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@ +REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@ +REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@ +REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@ +REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@ +REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@ +REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@ +REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@ +REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@ +REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@ REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@ +REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@ +REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@ +REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@ +REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@ +REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@ REPLACE_PTSNAME = @REPLACE_PTSNAME@ REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@ REPLACE_PUTENV = @REPLACE_PUTENV@ @@ -1372,6 +1534,7 @@ REPLACE_REMOVE = @REPLACE_REMOVE@ REPLACE_RENAME = @REPLACE_RENAME@ REPLACE_RENAMEAT = @REPLACE_RENAMEAT@ REPLACE_RMDIR = @REPLACE_RMDIR@ +REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@ REPLACE_SELECT = @REPLACE_SELECT@ REPLACE_SETENV = @REPLACE_SETENV@ REPLACE_SETLOCALE = @REPLACE_SETLOCALE@ @@ -1423,6 +1586,7 @@ REPLACE_WCRTOMB = @REPLACE_WCRTOMB@ REPLACE_WCSFTIME = @REPLACE_WCSFTIME@ REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@ REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@ +REPLACE_WCSTOK = @REPLACE_WCSTOK@ REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@ REPLACE_WCTOB = @REPLACE_WCTOB@ REPLACE_WCTOMB = @REPLACE_WCTOMB@ @@ -1471,7 +1635,6 @@ XGETTEXT = @XGETTEXT@ XGETTEXT_015 = @XGETTEXT_015@ XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ YACC = @YACC@ -YEAR = @YEAR@ YFLAGS = @YFLAGS@ abs_aux_dir = @abs_aux_dir@ abs_builddir = @abs_builddir@ @@ -1531,13 +1694,13 @@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +maybe_guileextensiondir = @maybe_guileextensiondir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ -runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ @@ -1578,7 +1741,7 @@ gnutls_TEXINFOS = gnutls.texi fdl-1.3.texi cha-bib.texi \ cha-preface.texi cha-programs.texi sec-tls-app.texi \ cha-errors.texi cha-support.texi cha-shared-key.texi \ cha-gtls-examples.texi cha-upgrade.texi cha-tokens.texi \ - cha-crypto.texi cha-auth.texi stamp_functions \ + cha-crypto.texi cha-auth.texi cha-config.texi stamp_functions \ examples/ex-client-anon.c examples/ex-session-info.c \ examples/ex-verify.c examples/ex-cert-select.c \ examples/ex-client-resume.c examples/ex-client-srp.c \ @@ -1641,7 +1804,7 @@ BUILT_SOURCES = $(guile_texi) guile_TEXINFOS = gnutls-guile.texi $(guile_texi) @HAVE_GUILE_TRUE@GUILE_FOR_BUILD = \ @HAVE_GUILE_TRUE@ GUILE_AUTO_COMPILE=0 \ -@HAVE_GUILE_TRUE@ $(GUILE) -L $(top_srcdir)/guile/modules +@HAVE_GUILE_TRUE@ $(GUILE) -q -L $(top_srcdir)/guile/modules @HAVE_GUILE_TRUE@SNARF_CPPFLAGS = -I$(top_srcdir) -I$(top_builddir) \ @HAVE_GUILE_TRUE@ -I$(top_srcdir)/lib/includes -I$(top_builddir)/lib/includes \ @@ -1722,12 +1885,16 @@ FUNCS = functions/dane_cert_type_name \ functions/dane_verify_session_crt.short \ functions/gnutls_aead_cipher_decrypt \ functions/gnutls_aead_cipher_decrypt.short \ + functions/gnutls_aead_cipher_decryptv2 \ + functions/gnutls_aead_cipher_decryptv2.short \ functions/gnutls_aead_cipher_deinit \ functions/gnutls_aead_cipher_deinit.short \ functions/gnutls_aead_cipher_encrypt \ functions/gnutls_aead_cipher_encrypt.short \ functions/gnutls_aead_cipher_encryptv \ functions/gnutls_aead_cipher_encryptv.short \ + functions/gnutls_aead_cipher_encryptv2 \ + functions/gnutls_aead_cipher_encryptv2.short \ functions/gnutls_aead_cipher_init \ functions/gnutls_aead_cipher_init.short \ functions/gnutls_alert_get functions/gnutls_alert_get.short \ @@ -1905,6 +2072,10 @@ FUNCS = functions/dane_cert_type_name \ functions/gnutls_certificate_type_get_name.short \ functions/gnutls_certificate_type_list \ functions/gnutls_certificate_type_list.short \ + functions/gnutls_certificate_verification_profile_get_id \ + functions/gnutls_certificate_verification_profile_get_id.short \ + functions/gnutls_certificate_verification_profile_get_name \ + functions/gnutls_certificate_verification_profile_get_name.short \ functions/gnutls_certificate_verification_status_print \ functions/gnutls_certificate_verification_status_print.short \ functions/gnutls_certificate_verify_peers \ @@ -2093,6 +2264,8 @@ FUNCS = functions/dane_cert_type_name \ functions/gnutls_ext_get_data.short \ functions/gnutls_ext_get_name \ functions/gnutls_ext_get_name.short \ + functions/gnutls_ext_get_name2 \ + functions/gnutls_ext_get_name2.short \ functions/gnutls_ext_raw_parse \ functions/gnutls_ext_raw_parse.short \ functions/gnutls_ext_register \ @@ -2105,6 +2278,8 @@ FUNCS = functions/dane_cert_type_name \ functions/gnutls_fips140_mode_enabled.short \ functions/gnutls_fips140_set_mode \ functions/gnutls_fips140_set_mode.short \ + functions/gnutls_get_system_config_file \ + functions/gnutls_get_system_config_file.short \ functions/gnutls_global_deinit \ functions/gnutls_global_deinit.short \ functions/gnutls_global_init \ @@ -2151,6 +2326,7 @@ FUNCS = functions/dane_cert_type_name \ functions/gnutls_handshake_set_timeout \ functions/gnutls_handshake_set_timeout.short \ functions/gnutls_hash functions/gnutls_hash.short \ + functions/gnutls_hash_copy functions/gnutls_hash_copy.short \ functions/gnutls_hash_deinit \ functions/gnutls_hash_deinit.short functions/gnutls_hash_fast \ functions/gnutls_hash_fast.short functions/gnutls_hash_get_len \ @@ -2174,10 +2350,18 @@ FUNCS = functions/dane_cert_type_name \ functions/gnutls_hex_decode2 \ functions/gnutls_hex_decode2.short functions/gnutls_hex_encode \ functions/gnutls_hex_encode.short functions/gnutls_hex_encode2 \ - functions/gnutls_hex_encode2.short functions/gnutls_hmac \ - functions/gnutls_hmac.short functions/gnutls_hmac_deinit \ + functions/gnutls_hex_encode2.short \ + functions/gnutls_hkdf_expand \ + functions/gnutls_hkdf_expand.short \ + functions/gnutls_hkdf_extract \ + functions/gnutls_hkdf_extract.short functions/gnutls_hmac \ + functions/gnutls_hmac.short functions/gnutls_hmac_copy \ + functions/gnutls_hmac_copy.short functions/gnutls_hmac_deinit \ functions/gnutls_hmac_deinit.short functions/gnutls_hmac_fast \ - functions/gnutls_hmac_fast.short functions/gnutls_hmac_get_len \ + functions/gnutls_hmac_fast.short \ + functions/gnutls_hmac_get_key_size \ + functions/gnutls_hmac_get_key_size.short \ + functions/gnutls_hmac_get_len \ functions/gnutls_hmac_get_len.short functions/gnutls_hmac_init \ functions/gnutls_hmac_init.short functions/gnutls_hmac_output \ functions/gnutls_hmac_output.short \ @@ -2305,6 +2489,7 @@ FUNCS = functions/dane_cert_type_name \ functions/gnutls_packet_deinit \ functions/gnutls_packet_deinit.short \ functions/gnutls_packet_get functions/gnutls_packet_get.short \ + functions/gnutls_pbkdf2 functions/gnutls_pbkdf2.short \ functions/gnutls_pcert_deinit \ functions/gnutls_pcert_deinit.short \ functions/gnutls_pcert_export_openpgp \ @@ -2557,6 +2742,8 @@ FUNCS = functions/dane_cert_type_name \ functions/gnutls_pkcs7_init functions/gnutls_pkcs7_init.short \ functions/gnutls_pkcs7_print \ functions/gnutls_pkcs7_print.short \ + functions/gnutls_pkcs7_print_signature_info \ + functions/gnutls_pkcs7_print_signature_info.short \ functions/gnutls_pkcs7_set_crl \ functions/gnutls_pkcs7_set_crl.short \ functions/gnutls_pkcs7_set_crl_raw \ @@ -2584,7 +2771,8 @@ FUNCS = functions/dane_cert_type_name \ functions/gnutls_pk_list.short functions/gnutls_pk_to_sign \ functions/gnutls_pk_to_sign.short functions/gnutls_prf \ functions/gnutls_prf.short functions/gnutls_prf_early \ - functions/gnutls_prf_early.short functions/gnutls_prf_raw \ + functions/gnutls_prf_early.short functions/gnutls_prf_hash_get \ + functions/gnutls_prf_hash_get.short functions/gnutls_prf_raw \ functions/gnutls_prf_raw.short functions/gnutls_prf_rfc5705 \ functions/gnutls_prf_rfc5705.short \ functions/gnutls_priority_certificate_type_list \ @@ -2735,16 +2923,24 @@ FUNCS = functions/dane_cert_type_name \ functions/gnutls_psk_free_server_credentials.short \ functions/gnutls_psk_server_get_username \ functions/gnutls_psk_server_get_username.short \ + functions/gnutls_psk_server_get_username2 \ + functions/gnutls_psk_server_get_username2.short \ functions/gnutls_psk_set_client_credentials \ functions/gnutls_psk_set_client_credentials.short \ + functions/gnutls_psk_set_client_credentials2 \ + functions/gnutls_psk_set_client_credentials2.short \ functions/gnutls_psk_set_client_credentials_function \ functions/gnutls_psk_set_client_credentials_function.short \ + functions/gnutls_psk_set_client_credentials_function2 \ + functions/gnutls_psk_set_client_credentials_function2.short \ functions/gnutls_psk_set_params_function \ functions/gnutls_psk_set_params_function.short \ functions/gnutls_psk_set_server_credentials_file \ functions/gnutls_psk_set_server_credentials_file.short \ functions/gnutls_psk_set_server_credentials_function \ functions/gnutls_psk_set_server_credentials_function.short \ + functions/gnutls_psk_set_server_credentials_function2 \ + functions/gnutls_psk_set_server_credentials_function2.short \ functions/gnutls_psk_set_server_credentials_hint \ functions/gnutls_psk_set_server_credentials_hint.short \ functions/gnutls_psk_set_server_dh_params \ @@ -2935,6 +3131,8 @@ FUNCS = functions/dane_cert_type_name \ functions/gnutls_session_get_id.short \ functions/gnutls_session_get_id2 \ functions/gnutls_session_get_id2.short \ + functions/gnutls_session_get_keylog_function \ + functions/gnutls_session_get_keylog_function.short \ functions/gnutls_session_get_master_secret \ functions/gnutls_session_get_master_secret.short \ functions/gnutls_session_get_ptr \ @@ -2953,6 +3151,8 @@ FUNCS = functions/dane_cert_type_name \ functions/gnutls_session_set_data.short \ functions/gnutls_session_set_id \ functions/gnutls_session_set_id.short \ + functions/gnutls_session_set_keylog_function \ + functions/gnutls_session_set_keylog_function.short \ functions/gnutls_session_set_premaster \ functions/gnutls_session_set_premaster.short \ functions/gnutls_session_set_ptr \ diff --git a/doc/abstract-api.texi b/doc/abstract-api.texi index be0759f..2d2565a 100644 --- a/doc/abstract-api.texi +++ b/doc/abstract-api.texi @@ -101,10 +101,16 @@ be called only if the peer requests a certificate either during handshake or during post-handshake authentication. The callback's function prototype is defined in `abstract.h': -int (*callback)(gnutls_session_t, const struct gnutls_cert_retr_st *info, -gnutls_pcert_st **certs, unsigned int *pcert_length, -gnutls_datum_t **ocsp, unsigned int *ocsp_length, -gnutls_privkey_t * pkey, unsigned int *flags); + +int gnutls_certificate_retrieve_function3( +gnutls_session_t, +const struct gnutls_cert_retr_st *info, +gnutls_pcert_st **certs, +unsigned int *pcert_length, +gnutls_ocsp_data_st **ocsp, +unsigned int *ocsp_length, +gnutls_privkey_t *privkey, +unsigned int *flags); The info field of the callback contains: @code{req_ca_dn} which is a list with the CA names that the server considers trusted. @@ -1482,20 +1488,17 @@ negative error value. @var{signature}: will contain newly allocated signature -This function will sign the given hashed data using a signature algorithm -supported by the private key. Signature algorithms are always used -together with a hash functions. Different hash functions may be -used for the RSA algorithm, but only SHA-XXX for the DSA keys. - -You may use @code{gnutls_pubkey_get_preferred_hash_algorithm()} to determine -the hash algorithm. +This function will sign the given hashed data using the specified signature +algorithm. This function is an enhancement of @code{gnutls_privkey_sign_hash()} , +as it allows utilizing a alternative signature algorithm where possible +(e.g, use an RSA key with RSA-PSS). -The flags may be @code{GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA} or @code{GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS} . -In the former case this function will ignore @code{hash_algo} and perform a raw PKCS1 signature, -and in the latter an RSA-PSS signature will be generated. +The flags may be @code{GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA} . +In that case this function will ignore @code{hash_algo} and perform a raw PKCS1 signature. +Note that this flag is supported since 3.6.9. -Note that, not all algorithm support signing already hashed data. When -signing with Ed25519, @code{gnutls_privkey_sign_data()} should be used. +Note also that, not all algorithm support signing already hashed data. When +signing with Ed25519, @code{gnutls_privkey_sign_data2()} should be used instead. @strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a negative error value. diff --git a/doc/algorithms.texi b/doc/algorithms.texi index 066969a..70773b8 100644 --- a/doc/algorithms.texi +++ b/doc/algorithms.texi @@ -562,6 +562,9 @@ @item TLS_@-SRP_@-SHA_@-RSA_@-AES_@-256_@-CBC_@-SHA1 @tab 0xC0 0x21 @tab TLS1.0 +@item TLS_@-GOSTR341112_@-256_@-28147_@-CNT_@-IMIT +@tab 0xC1 0x02 +@tab TLS1.2 @end multitable @@ -573,7 +576,6 @@ @heading Protocols @table @code -@item SSL3.0 @item TLS1.0 @item TLS1.1 @item TLS1.2 @@ -589,6 +591,7 @@ @item AES-192-CBC @item AES-128-CBC @item AES-128-GCM +@item AES-192-GCM @item AES-256-GCM @item AES-128-CCM @item AES-256-CCM @@ -597,6 +600,8 @@ @item ARCFOUR-128 @item ESTREAM-SALSA20-256 @item SALSA20-256 +@item CHACHA20-32 +@item CHACHA20-64 @item CAMELLIA-256-CBC @item CAMELLIA-192-CBC @item CAMELLIA-128-CBC @@ -613,6 +618,9 @@ @item AES-256-CFB8 @item AES-128-XTS @item AES-256-XTS +@item AES-128-SIV +@item AES-256-SIV +@item GOST28147-TC26Z-CNT @item 3DES-CBC @item DES-CBC @item RC2-40 @@ -633,6 +641,12 @@ @item GOSTR341194 @item STREEBOG-256 @item STREEBOG-512 +@item AES-CMAC-128 +@item AES-CMAC-256 +@item AES-GMAC-128 +@item AES-GMAC-192 +@item AES-GMAC-256 +@item GOST28147-TC26Z-IMIT @end table @heading Key exchange methods @@ -651,6 +665,7 @@ @item SRP @item ANON-DH @item ANON-ECDH +@item VKO-GOST-12 @item RSA-EXPORT @end table @@ -665,8 +680,10 @@ @item GOST R 34.10-2001 @item EC/ECDSA @item EdDSA (Ed25519) +@item EdDSA (Ed448) @item DH @item ECDH (X25519) +@item ECDH (X448) @end table @heading Public key signature algorithms @@ -681,6 +698,7 @@ @item RSA-PSS-SHA512 @item RSA-PSS-RSAE-SHA512 @item EdDSA-Ed25519 +@item EdDSA-Ed448 @item ECDSA-SHA256 @item ECDSA-SHA384 @item ECDSA-SHA512 @@ -722,12 +740,13 @@ @heading Groups @table @code -@item SECP192R1 -@item SECP224R1 @item SECP256R1 @item SECP384R1 @item SECP521R1 @item X25519 +@item GC256B +@item GC512A +@item X448 @item FFDHE2048 @item FFDHE3072 @item FFDHE4096 diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi index f26f90e..cea30cf 100644 --- a/doc/cha-cert-auth.texi +++ b/doc/cha-cert-auth.texi @@ -409,7 +409,7 @@ flags are part of the enumeration Some systems provide a system wide trusted certificate storage accessible using the PKCS #11 API. That is, the trusted certificates are queried and accessed using the PKCS #11 API, and trusted certificate properties, such as purpose, are marked using -attached extensions. One example is the p11-kit trust module@footnote{see @url{https://p11-glue.freedesktop.org/trust-module.html}.}. +attached extensions. One example is the p11-kit trust module@footnote{see @url{https://p11-glue.github.io/p11-glue/trust-module.html}.}. These special PKCS #11 modules can be used for GnuTLS certificate verification if marked as trust policy modules, i.e., with @code{trust-policy: yes} in the p11-kit module file. diff --git a/doc/cha-config.texi b/doc/cha-config.texi new file mode 100644 index 0000000..f094407 --- /dev/null +++ b/doc/cha-config.texi @@ -0,0 +1,174 @@ +@node System-wide configuration of the library +@chapter System-wide configuration of the library +@cindex System-wide configuration + +@acronym{GnuTLS} 3.6.9 introduced a system-wide configuration of the library +which can be used to disable or mark algorithms and protocols as insecure +system-wide, overriding the library defaults. The format of this +configuration file is of an INI file, with the hash ('#') allowed for +commenting. It intentionally does not allow switching algorithms or protocols +which were disabled or marked as insecure during compile time to the secure +set. This is to prevent the feature from being used to attack the system. +Unknown options or sections in the configuration file are skipped unless +the environment variable @code{GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID} is +set to 1, where it would cause the library to exit on unknown options. + +The location of the default configuration file is @code{/etc/gnutls/config}, +but its actual location may be overriden during compile time or at run-time +using the @code{GNUTLS_SYSTEM_PRIORITY_FILE} environment variable. The file +used can be queried using @funcref{gnutls_get_system_config_file}. + +@showfuncdesc{gnutls_get_system_config_file} + +@menu +* Application-specific priority strings:: +* Disabling algorithms and protocols:: +* Querying for disabled algorithms and protocols:: +* Overriding the parameter verification profile:: +* Overriding the default priority string:: +@end menu + +@node Application-specific priority strings +@section Application-specific priority strings + +It is possible to specify custom cipher priority strings, in addition to the +default priority strings (@code{NORMAL}, @code{PERFORMANCE}, etc.). These can +be used either by individual applications, or even as the default option if +the library is compiled with the configuration option +@code{--with-default-priority-string}. In the latter case the defined +priority string will be used for applications using @funcref{gnutls_set_default_priority} +or @funcref{gnutls_set_default_priority_append}. + +The priority strings can be specified in the global section of the +configuration file, or in the section named @code{[priorities]}. +The format is '@code{KEYWORD = VALUE}', e.g., + +When used they may be followed by additional options that will be appended to the +system string (e.g., '@code{@@EXAMPLE-PRIORITY:+SRP}'). '@code{EXAMPLE-PRIORITY=NORMAL:+ARCFOUR-128}'. +Since version 3.5.1 applications are allowed to specify fallback keywords such as +@@KEYWORD1,@@KEYWORD2, and the first valid keyword will be used. + +The following example configuration defines a priority string called @code{@@SYSTEM}. +When set, its full settings can be queried using @code{gnutls-cli --priority @@SYSTEM --list}. + +@example +[priorities] +SYSTEM = NORMAL:-AES-128-CBC:-AES-256-CBC +@end example + + +@node Disabling algorithms and protocols +@section Disabling algorithms and protocols + +The approach above works well to create consistent system-wide settings +for cooperative GnuTLS applications. When an application however does not +use the @funcref{gnutls_set_default_priority} or @funcref{gnutls_set_default_priority_append} +functions, the method is not sufficient to prevent applications from using +protocols or algorithms forbidden by a local policy. +The override method described below enables the deprecation of algorithms and +protocols system-wide for all applications. + +The available options must be set in the @code{[overrides]} section of the +configuration file and can be +@itemize +@item @code{insecure-sig-for-cert}: to mark the signature algorithm as insecure when used in certificates. +@item @code{insecure-sig}: to mark the signature algorithm as insecure for any use. +@item @code{insecure-hash}: to mark the hash algorithm as insecure for digital signature use (provides a more generic way to disable digital signatures for broken hash algorithms). +@item @code{disabled-version}: to disable the specified TLS versions. +@item @code{tls-disabled-cipher}: to disable the specified ciphers for use in the TLS or DTLS protocols. +@item @code{tls-disabled-mac}: to disable the specified MAC algorithms for use in the TLS or DTLS protocols. +@item @code{tls-disabled-group}: to disable the specified group for use in the TLS or DTLS protocols. +@item @code{tls-disabled-kx}: to disable the specified key exchange algorithms for use in the TLS or DTLS protocols (applies to TLS1.2 or earlier). +@end itemize + +Each of the options can be repeated multiple times when multiple values need +to be disabled. + +The valid values for the options above can be found in the 'Protocols', 'Digests' +'PK-signatures', 'Protocols', 'Ciphrers', and 'MACs' fields of the output of @code{gnutls-cli --list}. + +@subsection Examples + +The following example marks as insecure all digital signature algorithms +which depend on SHA384, as well as the RSA-SHA1 signature algorithm. + +@example +[overrides] +insecure-hash = sha384 +insecure-sig = rsa-sha1 +@end example + +The following example marks RSA-SHA256 as insecure for use in certificates +and disables the TLS1.0 and TLS1.1 protocols. + +@example +[overrides] +insecure-sig-for-cert = rsa-sha256 +disabled-version = tls1.0 +disabled-version = tls1.1 +@end example + +The following example disables the @code{AES-128-CBC} and @code{AES-256-CBC} +ciphers, the @code{HMAC-SHA1} MAC algorithm and the @code{GROUP-FFDHE8192} +group for TLS and DTLS protocols. + +@example +[overrides] +tls-disabled-cipher = aes-128-cbc +tls-disabled-cipher = aes-256-cbc +tls-disabled-mac = sha1 +tls-disabled-group = group-ffdhe8192 +@end example + +@node Querying for disabled algorithms and protocols +@section Querying for disabled algorithms and protocols + +When necessary applications can query whether a particular algorithm +or protocol has been marked as insecure or disabled system-wide. +Digital signatures can be queried using the following algorithms. +@showfuncB{gnutls_sign_is_secure,gnutls_sign_is_secure2} + +Any disabled protocol versions or elliptic curves will not show up in the +lists provided by the following functions. + +@showfuncC{gnutls_protocol_list,gnutls_group_list,gnutls_ecc_curve_list} + +It is not possible to query for insecure hash algorithms directly +(only indirectly through the signature API). + + +@node Overriding the parameter verification profile +@section Overriding the parameter verification profile + +When verifying a certificate or TLS session parameters, GnuTLS uses a set +of profiles associated with the session to determine whether the parameters +seen in the session are acceptable. For example, whether the RSA public key +size as seen on the wire, or the Diffie-Hellman parameters for the session. +These profiles are normally set using the @code{%PROFILE} priority string +(see @ref{Priority Strings} and @ref{Selecting cryptographic key sizes}). + +It is possible to set the low bar profile that applications cannot override +using the following. + +@example +[overrides] + +# do not allow applications use the LOW or VERY-WEAK profiles. +min-verification-profile = legacy + +@end example + +@node Overriding the default priority string +@section Overriding the default priority string + +GnuTLS uses default priority string which is defined at compiled +time. Usually it is set to @code{NORMAL}. This override allows to set +the default priority string to something more appropriate for a given +deployment. + +Below example sets a more specific default priority string. +@example +[overrides] +default-priority-string = SECURE128:-VERS-TLS-ALL:+VERS-TLS1.3 + +@end example diff --git a/doc/cha-crypto.texi b/doc/cha-crypto.texi index fb01b2c..5fad4fd 100644 --- a/doc/cha-crypto.texi +++ b/doc/cha-crypto.texi @@ -27,18 +27,20 @@ are listed in the sections below. The supported algorithms are the algorithms re They are listed in @ref{gnutls_cipher_algorithm_t}. Note that there two types of ciphers, the ones providing an authenticated-encryption with associated data (AEAD), and the legacy ciphers which provide raw access -to the ciphers. We recommend the use of the AEAD APIs for new applications -as it is designed to minimize misuse of cryptography. +to the ciphers. We recommend the use of the AEAD ciphers under the AEAD APIs +for new applications as they are designed to minimize the misuse of +cryptographic primitives. @showenumdesc{gnutls_cipher_algorithm_t,The supported ciphers.} @subheading Authenticated-encryption API The AEAD API provides access to all ciphers supported by GnuTLS which support -authenticated encryption with associated data. That is particularly suitable -for message or packet-encryption as it provides authentication and -encryption on the same API. See @code{RFC5116} for more information on -authenticated encryption. +authenticated encryption with associated data; these ciphers are marked with +the AEAD keyword on the table above. The AEAD cipher API is +particularly suitable for message or packet-encryption as it provides +authentication and encryption on the same API. See @code{RFC5116} for more +information on authenticated encryption. @showfuncD{gnutls_aead_cipher_init,gnutls_aead_cipher_encrypt,gnutls_aead_cipher_decrypt,gnutls_aead_cipher_deinit} @@ -88,7 +90,7 @@ structures functions such as @funcref{gnutls_privkey_set_pin_function}. @subsection Key generation -All supported key types (including RSA, DSA, ECDSA, Ed25519) can be generated +All supported key types (including RSA, DSA, ECDSA, Ed25519, Ed448) can be generated with GnuTLS. They can be generated with the simpler @funcref{gnutls_privkey_generate} or with the more advanced @funcref{gnutls_privkey_generate2}. diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index e08cbb2..ab82f14 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -199,6 +199,7 @@ CPU. The currently available options are: @item 0x4: Enable SSSE3 @item 0x8: Enable PCLMUL @item 0x10: Enable AVX +@item 0x20: Enable SHA_NI @item 0x100000: Enable VIA padlock @item 0x200000: Enable VIA PHE @item 0x400000: Enable VIA PHE SHA512 @@ -363,7 +364,9 @@ The GnuTLS library is initialized on load; prior to 3.3.0 was initialized by cal The original behavior of requiring explicit initialization can obtained by setting the GNUTLS_NO_EXPLICIT_INIT environment variable to 1, or by using the macro GNUTLS_SKIP_GLOBAL_INIT in a global section of your program --the latter works in systems with -support for weak symbols only.}. +support for weak symbols only.}. @funcref{gnutls_global_init} in +versions after 3.3.0 is thread-safe (see @ref{Thread safety}). + The initialization typically enables CPU-specific acceleration, performs any required precalculations needed, opens any required system devices (e.g., /dev/urandom on Linux) and initializes subsystems that could be used later. @@ -1293,7 +1296,7 @@ advances while providing compatibility with old clients and servers). @multitable @columnfractions .20 .70 @headitem Keyword @tab Description @item @@KEYWORD @tab -Means that a compile-time specified system configuration file@footnote{The default is @code{/etc/gnutls/default-priorities}.} +Means that a compile-time specified system configuration file (see @ref{System-wide configuration of the library}) will be used to expand the provided keyword. That is used to impose system-specific policies. It may be followed by additional options that will be appended to the system string (e.g., "@@SYSTEM:+SRP"). The system file should have the @@ -1419,20 +1422,23 @@ appended with an algorithm will add this algorithm. @multitable @columnfractions .20 .70 @headitem Type @tab Keywords @item Ciphers @tab -Examples are AES-128-GCM, AES-256-GCM, AES-256-CBC; see also +Examples are AES-128-GCM, AES-256-GCM, AES-256-CBC, GOST28147-TC26Z-CNT; see also @ref{tab:ciphers} for more options. Catch all name is CIPHER-ALL which will add -all the algorithms from NORMAL priority. +all the algorithms from NORMAL priority. The shortcut for secure GOST +algorithms is CIPHER-GOST-ALL. @item Key exchange @tab RSA, DHE-RSA, DHE-DSS, SRP, SRP-RSA, SRP-DSS, -PSK, DHE-PSK, ECDHE-PSK, ECDHE-RSA, ECDHE-ECDSA, ANON-ECDH, ANON-DH. The +PSK, DHE-PSK, ECDHE-PSK, ECDHE-RSA, ECDHE-ECDSA, VKO-GOST-12, ANON-ECDH, ANON-DH. Catch all name is KX-ALL which will add all the algorithms from NORMAL priority. Under TLS1.3, the DHE-PSK and ECDHE-PSK strings are equivalent -and instruct for a Diffie-Hellman key exchange using the enabled groups. +and instruct for a Diffie-Hellman key exchange using the enabled groups. The +shortcut for secure GOST algorithms is KX-GOST-ALL. @item MAC @tab -MD5, SHA1, SHA256, SHA384, AEAD (used with -GCM ciphers only). All algorithms from NORMAL priority can be accessed with MAC-ALL. +MD5, SHA1, SHA256, SHA384, GOST28147-TC26Z-IMIT, AEAD (used with +GCM ciphers only). All algorithms from NORMAL priority can be accessed with +MAC-ALL. The shortcut for secure GOST algorithms is MAC-GOST-ALL. @item Compression algorithms @tab COMP-NULL, COMP-DEFLATE. Catch all is COMP-ALL. @@ -1449,23 +1455,25 @@ SIGN-RSA-SHA1, SIGN-RSA-SHA224, SIGN-RSA-SHA256, SIGN-RSA-SHA384, SIGN-RSA-SHA512, SIGN-DSA-SHA1, SIGN-DSA-SHA224, SIGN-DSA-SHA256, SIGN-RSA-MD5, SIGN-ECDSA-SHA1, SIGN-ECDSA-SHA224, SIGN-ECDSA-SHA256, SIGN-ECDSA-SHA384, SIGN-ECDSA-SHA512, -SIGN-RSA-PSS-SHA256, SIGN-RSA-PSS-SHA384, SIGN-RSA-PSS-SHA512. +SIGN-RSA-PSS-SHA256, SIGN-RSA-PSS-SHA384, SIGN-RSA-PSS-SHA512, +SIGN-GOSTR341001, SIGN-GOSTR341012-256, SIGN-GOSTR341012-512. Catch all which enables all algorithms from NORMAL priority is SIGN-ALL. +Shortcut which enables secure GOST algorithms is SIGN-GOST-ALL. This option is only considered for TLS 1.2 and later. @item Groups @tab -GROUP-SECP256R1, GROUP-SECP384R1, GROUP-SECP521R1, GROUP-X25519, +GROUP-SECP256R1, GROUP-SECP384R1, GROUP-SECP521R1, GROUP-X25519, GROUP-X448, GROUP-FFDHE2048, GROUP-FFDHE3072, GROUP-FFDHE4096, GROUP-FFDHE6144, and GROUP-FFDHE8192. Groups include both elliptic curve groups, e.g., SECP256R1, as well as finite field groups such as FFDHE2048. Catch all which enables all groups -from NORMAL priority is GROUP-ALL. The helper keywords GROUP-DH-ALL and -GROUP-EC-ALL are also available, restricting the groups to finite fields -(DH) and elliptic curves. +from NORMAL priority is GROUP-ALL. The helper keywords GROUP-DH-ALL, +GROUP-GOST-ALL and GROUP-EC-ALL are also available, restricting the groups +to finite fields (DH), GOST curves and generic elliptic curves. @item Elliptic curves (legacy) @tab CURVE-SECP192R1, CURVE-SECP224R1, CURVE-SECP256R1, CURVE-SECP384R1, -CURVE-SECP521R1, and CURVE-X25519. +CURVE-SECP521R1, CURVE-X25519, and CURVE-X448. Catch all which enables all curves from NORMAL priority is CURVE-ALL. Note that the CURVE keyword is kept for backwards compatibility only, for new applications see the GROUP keyword above. @@ -1482,6 +1490,11 @@ CTYPE-CLI-RAWPK, CTYPE-SRV-RAWPK can be used to specialize on client or server; catch all is CTYPE-CLI-ALL and CTYPE-SRV-ALL. The type 'X509' is aliased to 'X.509' for legacy reasons. +@item Generic @tab +The keyword GOST is a shortcut for secure GOST algorithms (MACs, ciphers, +KXes, groups and signatures). For example the following string will enable all +TLS 1.2 GOST ciphersuites: 'NONE:+VERS-TLS1.2:+GOST'. + @end multitable @caption{The supported algorithm keywords in priority strings.} @end float diff --git a/doc/cha-internals.texi b/doc/cha-internals.texi index 2a9bc1a..f188cae 100644 --- a/doc/cha-internals.texi +++ b/doc/cha-internals.texi @@ -667,15 +667,29 @@ is for the conformance to NIST's FIPS140-2 publication, which consists of polici for cryptographic modules (such as software libraries). Its implementation in GnuTLS is designed for Red Hat Enterprise Linux, and can only be enabled when the library is explicitly compiled with the '--enable-fips140-mode' -configure option. The operation of the library is then modified, as follows. +configure option. + +There are two distinct library states with regard to FIPS140-2: the FIPS140-2 +mode is @emph{installed} if @code{/etc/system-fips} is present, and the +FIPS140-2 mode is @emph{enabled} if @code{/proc/sys/crypto/fips_enabled} +contains '1', which is typically set with the ``fips=1'' kernel command line +option. + +When the FIPS140-2 mode is installed, the operation of the library is modified +as follows. @itemize -@item FIPS140-2 mode is enabled when @code{/proc/sys/crypto/fips_enabled} contains '1' and @code{/etc/system-fips} is present. -@item Only approved by FIPS140-2 algorithms are enabled -@item Only approved by FIPS140-2 key lengths are allowed for key generation @item The random generator used switches to DRBG-AES @item The integrity of the GnuTLS and dependent libraries is checked on startup @item Algorithm self-tests are run on library load +@end itemize + +When the FIPS140-2 mode is enabled, The operation of the library is in addition +modified as follows. + +@itemize +@item Only approved by FIPS140-2 algorithms are enabled +@item Only approved by FIPS140-2 key lengths are allowed for key generation @item Any cryptographic operation will be refused if any of the self-tests failed @end itemize diff --git a/doc/cha-intro-tls.texi b/doc/cha-intro-tls.texi index b95abc6..6600fe9 100644 --- a/doc/cha-intro-tls.texi +++ b/doc/cha-intro-tls.texi @@ -179,6 +179,12 @@ ARCFOUR-128 is a compatible algorithm with RSA's RC4 algorithm, which is conside secret. It is a considered to be broken, and is only used for compatibility purposed. For this reason it is not enabled by default. +@item GOST28147-TC26Z-CNT @tab +Legacy (stream) @tab +TLS 1.2 @tab +This is a 64-bit block cipher GOST 28147-89 with TC26Z S-Box working in CNT +mode. It is one of the approved ciphers in Russia. It is not enabled by default. + @item NULL @tab Legacy (stream) @tab TLS 1.0, TLS 1.1, TLS 1.2 @tab @@ -211,6 +217,11 @@ An HMAC based on SHA2-256. Outputs 256 bits of data. @item MAC-SHA384 @tab An HMAC based on SHA2-384. Outputs 384 bits of data. +@item GOST28147-TC26Z-IMIT @tab +This is a 64-bit block cipher GOST 28147-89 with TC26Z S-Box working in special +MAC mode called Imitovstavks. It is one of the approved MAC algorithms in +Russia. Outputs 32 bits of data. It is not enabled by default. + @item MAC-AEAD @tab This indicates that an authenticated encryption algorithm, such as GCM, is in use. diff --git a/doc/cha-library.texi b/doc/cha-library.texi index ff21ba6..6e5df6e 100644 --- a/doc/cha-library.texi +++ b/doc/cha-library.texi @@ -142,7 +142,7 @@ the last, which allows to use a PKCS #11 trust policy module. That module not on provides the trusted certificates, but allows the categorization of them using purpose, e.g., CAs can be restricted for e-mail usage only, or administrative restrictions of CAs, for examples by restricting a CA to only issue certificates for a given DNS domain using NameConstraints. -A publicly available PKCS #11 trust module is p11-kit's trust module@footnote{@url{https://p11-glue.freedesktop.org/doc/p11-kit/trust-module.html}}. +A publicly available PKCS #11 trust module is p11-kit's trust module@footnote{@url{https://p11-glue.github.io/p11-glue/trust-module.html}}. @node Document overview @section Overview diff --git a/doc/cha-tokens.texi b/doc/cha-tokens.texi index 6057fed..ab7a5fb 100644 --- a/doc/cha-tokens.texi +++ b/doc/cha-tokens.texi @@ -302,7 +302,7 @@ and tokens, @acronym{PKCS} #11 is automatically initialized during the first call of a @acronym{PKCS} #11 related function, in a thread safe way. The default initialization process, utilizes p11-kit configuration, and loads any appropriate @acronym{PKCS} #11 modules. The p11-kit configuration -files@footnote{@url{https://p11-glue.freedesktop.org/}} are typically stored in @code{/etc/pkcs11/modules/}. +files@footnote{@url{https://p11-glue.github.io/p11-glue/p11-kit.html}} are typically stored in @code{/etc/pkcs11/modules/}. For example a file that will instruct GnuTLS to load the @acronym{OpenSC} module, could be named @code{/etc/pkcs11/modules/opensc.module} and contain the following: @@ -506,7 +506,7 @@ The @acronym{PKCS} #11 API can be used to allow all applications in the same operating system to access shared cryptographic keys and certificates in a uniform way, as in @ref{fig-pkcs11-vision}. That way applications could load their trusted certificate list, as well as user certificates from a common PKCS #11 module. -Such a provider is the p11-kit trust storage module@footnote{@url{https://p11-glue.freedesktop.org/trust-module.html}} +Such a provider is the p11-kit trust storage module@footnote{@url{https://p11-glue.github.io/p11-glue/trust-module.html}} and it provides access to the trusted Root CA certificates in a system. That provides a more dynamic list of Root CA certificates, as opposed to a static list in a file or directory. diff --git a/doc/cha-upgrade.texi b/doc/cha-upgrade.texi index 286790d..91c6803 100644 --- a/doc/cha-upgrade.texi +++ b/doc/cha-upgrade.texi @@ -241,7 +241,9 @@ TLS 1.3 is done via session tickets, c.f. @funcref{gnutls_session_ticket_enable_ @item @funcref{gnutls_session_get_data2}, @funcref{gnutls_session_get_data} @tab These functions may introduce a slight delay under TLS 1.3 for few milliseconds. Check output of @funcref{gnutls_session_get_flags} for GNUTLS_SFLAGS_SESSION_TICKET -before calling this function to avoid delays. +before calling this function to avoid delays. To work efficiently under +TLS 1.3 this function requires the application setting +@funcref{gnutls_transport_set_pull_timeout_function}. @item SRP and RSA-PSK key exchanges are not supported under TLS 1.3 @tab SRP and RSA-PSK key exchanges are not supported in TLS 1.3, so when these key exchanges are present in a priority string, TLS 1.3 is disabled. diff --git a/doc/core.c.texi b/doc/core.c.texi index 7b8bee0..bb5135a 100644 --- a/doc/core.c.texi +++ b/doc/core.c.texi @@ -1,427 +1,432 @@ @c Automatically generated, do not edit. -@c snarfed from ../guile/src/core.c:3314 +@c snarfed from ../guile/src/core.c:3402 @deffn {Scheme Procedure} set-log-level! level Enable GnuTLS logging up to @var{level} (an integer). @end deffn -@c snarfed from ../guile/src/core.c:3294 +@c snarfed from ../guile/src/core.c:3382 @deffn {Scheme Procedure} set-log-procedure! proc Use @var{proc} (a two-argument procedure) as the global GnuTLS log procedure. @end deffn -@c snarfed from ../guile/src/core.c:3254 -@deffn {Scheme Procedure} set-certificate-credentials-openpgp-keys! cred pub sec +@c snarfed from ../guile/src/core.c:3342 +@deffn {Scheme Procedure} %set-certificate-credentials-openpgp-keys! cred pub sec Use certificate @var{pub} and secret key @var{sec} in certificate credentials @var{cred}. @end deffn -@c snarfed from ../guile/src/core.c:3216 -@deffn {Scheme Procedure} openpgp-keyring-contains-key-id? keyring id +@c snarfed from ../guile/src/core.c:3304 +@deffn {Scheme Procedure} %openpgp-keyring-contains-key-id? keyring id Return @code{#f} if key ID @var{id} is in @var{keyring}, @code{#f} otherwise. @end deffn -@c snarfed from ../guile/src/core.c:3171 +@c snarfed from ../guile/src/core.c:3259 @deffn {Scheme Procedure} import-openpgp-keyring data format Import @var{data} (a u8vector) according to @var{format} and return the imported keyring. @end deffn -@c snarfed from ../guile/src/core.c:3146 -@deffn {Scheme Procedure} openpgp-certificate-usage key +@c snarfed from ../guile/src/core.c:3234 +@deffn {Scheme Procedure} %openpgp-certificate-usage key Return a list of values denoting the key usage of @var{key}. @end deffn -@c snarfed from ../guile/src/core.c:3127 -@deffn {Scheme Procedure} openpgp-certificate-version key +@c snarfed from ../guile/src/core.c:3215 +@deffn {Scheme Procedure} %openpgp-certificate-version key Return the version of the OpenPGP message format (RFC2440) honored by @var{key}. @end deffn -@c snarfed from ../guile/src/core.c:3106 -@deffn {Scheme Procedure} openpgp-certificate-algorithm key +@c snarfed from ../guile/src/core.c:3194 +@deffn {Scheme Procedure} %openpgp-certificate-algorithm key Return two values: the certificate algorithm used by @var{key} and the number of bits used. @end deffn -@c snarfed from ../guile/src/core.c:3074 -@deffn {Scheme Procedure} openpgp-certificate-names key +@c snarfed from ../guile/src/core.c:3162 +@deffn {Scheme Procedure} %openpgp-certificate-names key Return the list of names for @var{key}. @end deffn -@c snarfed from ../guile/src/core.c:3049 -@deffn {Scheme Procedure} openpgp-certificate-name key index +@c snarfed from ../guile/src/core.c:3137 +@deffn {Scheme Procedure} %openpgp-certificate-name key index Return the @var{index}th name of @var{key}. @end deffn -@c snarfed from ../guile/src/core.c:2990 -@deffn {Scheme Procedure} openpgp-certificate-fingerprint key +@c snarfed from ../guile/src/core.c:3078 +@deffn {Scheme Procedure} %openpgp-certificate-fingerprint key Return a new u8vector denoting the fingerprint of @var{key}. @end deffn -@c snarfed from ../guile/src/core.c:2959 -@deffn {Scheme Procedure} openpgp-certificate-fingerprint! key fpr +@c snarfed from ../guile/src/core.c:3047 +@deffn {Scheme Procedure} %openpgp-certificate-fingerprint! key fpr Store in @var{fpr} (a u8vector) the fingerprint of @var{key}. Return the number of bytes stored in @var{fpr}. @end deffn -@c snarfed from ../guile/src/core.c:2925 -@deffn {Scheme Procedure} openpgp-certificate-id! key id +@c snarfed from ../guile/src/core.c:3013 +@deffn {Scheme Procedure} %openpgp-certificate-id! key id Store the ID (an 8 byte sequence) of certificate @var{key} in @var{id} (a u8vector). @end deffn -@c snarfed from ../guile/src/core.c:2899 -@deffn {Scheme Procedure} openpgp-certificate-id key +@c snarfed from ../guile/src/core.c:2987 +@deffn {Scheme Procedure} %openpgp-certificate-id key Return the ID (an 8-element u8vector) of certificate @var{key}. @end deffn -@c snarfed from ../guile/src/core.c:2843 -@deffn {Scheme Procedure} import-openpgp-private-key data format [pass] +@c snarfed from ../guile/src/core.c:2931 +@deffn {Scheme Procedure} %import-openpgp-private-key data format [pass] Return a new OpenPGP private key object resulting from the import of @var{data} (a uniform array) according to @var{format}. Optionally, a passphrase may be provided. @end deffn -@c snarfed from ../guile/src/core.c:2799 -@deffn {Scheme Procedure} import-openpgp-certificate data format +@c snarfed from ../guile/src/core.c:2887 +@deffn {Scheme Procedure} %import-openpgp-certificate data format Return a new OpenPGP certificate object resulting from the import of @var{data} (a uniform array) according to @var{format}. @end deffn -@c snarfed from ../guile/src/core.c:2731 +@c snarfed from ../guile/src/core.c:2819 @deffn {Scheme Procedure} x509-certificate-subject-alternative-name cert index Return two values: the alternative name type for @var{cert} (i.e., one of the @code{x509-subject-alternative-name/} values) and the actual subject alternative name (a string) at @var{index}. Both values are @code{#f} if no alternative name is available at @var{index}. @end deffn -@c snarfed from ../guile/src/core.c:2700 +@c snarfed from ../guile/src/core.c:2788 @deffn {Scheme Procedure} x509-certificate-subject-key-id cert Return the subject key ID (a u8vector) for @var{cert}. @end deffn -@c snarfed from ../guile/src/core.c:2668 +@c snarfed from ../guile/src/core.c:2756 @deffn {Scheme Procedure} x509-certificate-authority-key-id cert Return the key ID (a u8vector) of the X.509 certificate authority of @var{cert}. @end deffn -@c snarfed from ../guile/src/core.c:2636 +@c snarfed from ../guile/src/core.c:2724 @deffn {Scheme Procedure} x509-certificate-key-id cert Return a statistically unique ID (a u8vector) for @var{cert} that depends on its public key parameters. This is normally a 20-byte SHA-1 hash. @end deffn -@c snarfed from ../guile/src/core.c:2618 +@c snarfed from ../guile/src/core.c:2706 @deffn {Scheme Procedure} x509-certificate-version cert Return the version of @var{cert}. @end deffn -@c snarfed from ../guile/src/core.c:2586 +@c snarfed from ../guile/src/core.c:2674 @deffn {Scheme Procedure} x509-certificate-key-usage cert Return the key usage of @var{cert} (i.e., a list of @code{key-usage/} values), or the empty list if @var{cert} does not contain such information. @end deffn -@c snarfed from ../guile/src/core.c:2563 +@c snarfed from ../guile/src/core.c:2651 @deffn {Scheme Procedure} x509-certificate-public-key-algorithm cert Return two values: the public key algorithm (i.e., one of the @code{pk-algorithm/} values) of @var{cert} and the number of bits used. @end deffn -@c snarfed from ../guile/src/core.c:2541 +@c snarfed from ../guile/src/core.c:2629 @deffn {Scheme Procedure} x509-certificate-signature-algorithm cert Return the signature algorithm used by @var{cert} (i.e., one of the @code{sign-algorithm/} values). @end deffn -@c snarfed from ../guile/src/core.c:2507 +@c snarfed from ../guile/src/core.c:2595 @deffn {Scheme Procedure} x509-certificate-matches-hostname? cert hostname Return true if @var{cert} matches @var{hostname}, a string denoting a DNS host name. This is the basic implementation of @uref{https://tools.ietf.org/html/rfc2818, RFC 2818} (aka. HTTPS). @end deffn -@c snarfed from ../guile/src/core.c:2490 +@c snarfed from ../guile/src/core.c:2578 @deffn {Scheme Procedure} x509-certificate-issuer-dn-oid cert index Return the OID (a string) at @var{index} from @var{cert}'s issuer DN. Return @code{#f} if no OID is available at @var{index}. @end deffn -@c snarfed from ../guile/src/core.c:2478 +@c snarfed from ../guile/src/core.c:2566 @deffn {Scheme Procedure} x509-certificate-dn-oid cert index Return OID (a string) at @var{index} from @var{cert}. Return @code{#f} if no OID is available at @var{index}. @end deffn -@c snarfed from ../guile/src/core.c:2415 +@c snarfed from ../guile/src/core.c:2503 @deffn {Scheme Procedure} x509-certificate-issuer-dn cert Return the distinguished name (DN) of X.509 certificate @var{cert}. @end deffn -@c snarfed from ../guile/src/core.c:2402 +@c snarfed from ../guile/src/core.c:2490 @deffn {Scheme Procedure} x509-certificate-dn cert Return the distinguished name (DN) of X.509 certificate @var{cert}. The form of the DN is as described in @uref{https://tools.ietf.org/html/rfc2253, RFC 2253}. @end deffn -@c snarfed from ../guile/src/core.c:2308 +@c snarfed from ../guile/src/core.c:2396 @deffn {Scheme Procedure} pkcs8-import-x509-private-key data format [pass [encrypted]] Return a new X.509 private key object resulting from the import of @var{data} (a uniform array) according to @var{format}. Optionally, if @var{pass} is not @code{#f}, it should be a string denoting a passphrase. @var{encrypted} tells whether the private key is encrypted (@code{#t} by default). @end deffn -@c snarfed from ../guile/src/core.c:2263 +@c snarfed from ../guile/src/core.c:2351 @deffn {Scheme Procedure} import-x509-private-key data format Return a new X.509 private key object resulting from the import of @var{data} (a uniform array) according to @var{format}. @end deffn -@c snarfed from ../guile/src/core.c:2218 +@c snarfed from ../guile/src/core.c:2306 @deffn {Scheme Procedure} import-x509-certificate data format Return a new X.509 certificate object resulting from the import of @var{data} (a uniform array) according to @var{format}. @end deffn -@c snarfed from ../guile/src/core.c:2190 +@c snarfed from ../guile/src/core.c:2278 @deffn {Scheme Procedure} server-session-psk-username session Return the username associated with PSK server session @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:2146 +@c snarfed from ../guile/src/core.c:2234 @deffn {Scheme Procedure} set-psk-client-credentials! cred username key key-format Set the client credentials for @var{cred}, a PSK client credentials object. @end deffn -@c snarfed from ../guile/src/core.c:2129 +@c snarfed from ../guile/src/core.c:2217 @deffn {Scheme Procedure} make-psk-client-credentials Return a new PSK client credentials object. @end deffn -@c snarfed from ../guile/src/core.c:2098 +@c snarfed from ../guile/src/core.c:2186 @deffn {Scheme Procedure} set-psk-server-credentials-file! cred file Use @var{file} as the password file for PSK server credentials @var{cred}. @end deffn -@c snarfed from ../guile/src/core.c:2081 +@c snarfed from ../guile/src/core.c:2169 @deffn {Scheme Procedure} make-psk-server-credentials Return new PSK server credentials. @end deffn -@c snarfed from ../guile/src/core.c:1789 +@c snarfed from ../guile/src/core.c:1865 @deffn {Scheme Procedure} peer-certificate-status session Verify the peer certificate for @var{session} and return a list of @code{certificate-status} values (such as @code{certificate-status/revoked}), or the empty list if the certificate is valid. @end deffn -@c snarfed from ../guile/src/core.c:1762 +@c snarfed from ../guile/src/core.c:1838 @deffn {Scheme Procedure} set-certificate-credentials-verify-flags! cred [flags...] Set the certificate verification flags to @var{flags}, a series of @code{certificate-verify} values. @end deffn -@c snarfed from ../guile/src/core.c:1738 +@c snarfed from ../guile/src/core.c:1814 @deffn {Scheme Procedure} set-certificate-credentials-verify-limits! cred max-bits max-depth Set the verification limits of @code{peer-certificate-status} for certificate credentials @var{cred} to @var{max_bits} bits for an acceptable certificate and @var{max_depth} as the maximum depth of a certificate chain. @end deffn -@c snarfed from ../guile/src/core.c:1697 +@c snarfed from ../guile/src/core.c:1773 @deffn {Scheme Procedure} set-certificate-credentials-x509-keys! cred certs privkey Have certificate credentials @var{cred} use the X.509 certificates listed in @var{certs} and X.509 private key @var{privkey}. @end deffn -@c snarfed from ../guile/src/core.c:1650 +@c snarfed from ../guile/src/core.c:1726 @deffn {Scheme Procedure} set-certificate-credentials-x509-key-data! cred cert key format Use X.509 certificate @var{cert} and private key @var{key}, both uniform arrays containing the X.509 certificate and key in format @var{format}, for certificate credentials @var{cred}. @end deffn -@c snarfed from ../guile/src/core.c:1631 +@c snarfed from ../guile/src/core.c:1707 @deffn {Scheme Procedure} set-certificate-credentials-x509-crl-data! cred data format Use @var{data} (a uniform array) as the X.509 CRL (certificate revocation list) database for @var{cred}. On success, return the number of CRLs processed. @end deffn -@c snarfed from ../guile/src/core.c:1612 +@c snarfed from ../guile/src/core.c:1688 @deffn {Scheme Procedure} set-certificate-credentials-x509-trust-data! cred data format Use @var{data} (a uniform array) as the X.509 trust database for @var{cred}. On success, return the number of certificates processed. @end deffn -@c snarfed from ../guile/src/core.c:1593 +@c snarfed from ../guile/src/core.c:1669 @deffn {Scheme Procedure} set-certificate-credentials-x509-crl-file! cred file format Use @var{file} as the X.509 CRL (certificate revocation list) file for certificate credentials @var{cred}. On success, return the number of CRLs processed. @end deffn -@c snarfed from ../guile/src/core.c:1574 +@c snarfed from ../guile/src/core.c:1650 @deffn {Scheme Procedure} set-certificate-credentials-x509-trust-file! cred file format Use @var{file} as the X.509 trust file for certificate credentials @var{cred}. On success, return the number of certificates processed. @end deffn -@c snarfed from ../guile/src/core.c:1533 +@c snarfed from ../guile/src/core.c:1609 @deffn {Scheme Procedure} set-certificate-credentials-x509-key-files! cred cert-file key-file format Use @var{file} as the password file for PSK server credentials @var{cred}. @end deffn -@c snarfed from ../guile/src/core.c:1511 +@c snarfed from ../guile/src/core.c:1587 @deffn {Scheme Procedure} set-certificate-credentials-dh-parameters! cred dh-params Use Diffie-Hellman parameters @var{dh_params} for certificate credentials @var{cred}. @end deffn -@c snarfed from ../guile/src/core.c:1491 +@c snarfed from ../guile/src/core.c:1567 @deffn {Scheme Procedure} make-certificate-credentials Return new certificate credentials (i.e., for use with either X.509 or OpenPGP certificates. @end deffn -@c snarfed from ../guile/src/core.c:1388 +@c snarfed from ../guile/src/core.c:1464 @deffn {Scheme Procedure} set-anonymous-server-dh-parameters! cred dh-params Set the Diffie-Hellman parameters of anonymous server credentials @var{cred}. @end deffn -@c snarfed from ../guile/src/core.c:1370 +@c snarfed from ../guile/src/core.c:1446 @deffn {Scheme Procedure} make-anonymous-client-credentials Return anonymous client credentials. @end deffn -@c snarfed from ../guile/src/core.c:1352 +@c snarfed from ../guile/src/core.c:1428 @deffn {Scheme Procedure} make-anonymous-server-credentials Return anonymous server credentials. @end deffn -@c snarfed from ../guile/src/core.c:1330 +@c snarfed from ../guile/src/core.c:1406 @deffn {Scheme Procedure} set-session-dh-prime-bits! session bits Use @var{bits} DH prime bits for @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:1304 +@c snarfed from ../guile/src/core.c:1380 @deffn {Scheme Procedure} pkcs3-export-dh-parameters dh-params format Export Diffie-Hellman parameters @var{dh_params} in PKCS3 format according for @var{format} (an @code{x509-certificate-format} value). Return a @code{u8vector} containing the result. @end deffn -@c snarfed from ../guile/src/core.c:1259 +@c snarfed from ../guile/src/core.c:1335 @deffn {Scheme Procedure} pkcs3-import-dh-parameters array format Import Diffie-Hellman parameters in PKCS3 format (further specified by @var{format}, an @code{x509-certificate-format} value) from @var{array} (a homogeneous array) and return a new @code{dh-params} object. @end deffn -@c snarfed from ../guile/src/core.c:1233 +@c snarfed from ../guile/src/core.c:1309 @deffn {Scheme Procedure} make-dh-parameters bits Return new Diffie-Hellman parameters. @end deffn -@c snarfed from ../guile/src/core.c:1149 +@c snarfed from ../guile/src/core.c:1225 @deffn {Scheme Procedure} set-session-transport-port! session port Use @var{port} as the input/output port for @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:1099 +@c snarfed from ../guile/src/core.c:1175 @deffn {Scheme Procedure} set-session-transport-fd! session fd Use file descriptor @var{fd} as the underlying transport for @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:1048 +@c snarfed from ../guile/src/core.c:1119 @deffn {Scheme Procedure} session-record-port session Return a read-write port that may be used to communicate over @var{session}. All invocations of @code{session-port} on a given session return the same object (in the sense of @code{eq?}). @end deffn -@c snarfed from ../guile/src/core.c:750 +@c snarfed from ../guile/src/core.c:786 @deffn {Scheme Procedure} record-receive! session array Receive data from @var{session} into @var{array}, a uniform homogeneous array. Return the number of bytes actually received. @end deffn -@c snarfed from ../guile/src/core.c:718 +@c snarfed from ../guile/src/core.c:754 @deffn {Scheme Procedure} record-send session array Send the record constituted by @var{array} through @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:683 +@c snarfed from ../guile/src/core.c:719 @deffn {Scheme Procedure} set-session-server-name! session type name For a client, this procedure provides a way to inform the server that it is known under @var{name}, @i{via} the @code{SERVER NAME} TLS extension. @var{type} must be a @code{server-name-type} value, @var{server-name-type/dns} for DNS names. @end deffn -@c snarfed from ../guile/src/core.c:602 +@c snarfed from ../guile/src/core.c:638 @deffn {Scheme Procedure} set-session-credentials! session cred Use @var{cred} as @var{session}'s credentials. @end deffn -@c snarfed from ../guile/src/core.c:580 +@c snarfed from ../guile/src/core.c:616 @deffn {Scheme Procedure} cipher-suite->string kx cipher mac Return the name of the given cipher suite. @end deffn -@c snarfed from ../guile/src/core.c:534 +@c snarfed from ../guile/src/core.c:570 @deffn {Scheme Procedure} set-session-priorities! session priorities Have @var{session} use the given @var{priorities} for the ciphers, key exchange methods, MACs and compression methods. @var{priorities} must be a string (@pxref{Priority Strings,,, gnutls, GnuTLS@comma{} Transport Layer Security Library for the GNU system}). When @var{priorities} cannot be parsed, an @code{error/invalid-request} error is raised, with an extra argument indication the position of the error. @end deffn -@c snarfed from ../guile/src/core.c:519 +@c snarfed from ../guile/src/core.c:555 @deffn {Scheme Procedure} set-session-default-priority! session Have @var{session} use the default priorities. @end deffn -@c snarfed from ../guile/src/core.c:493 +@c snarfed from ../guile/src/core.c:529 @deffn {Scheme Procedure} set-server-session-certificate-request! session request Tell how @var{session}, a server-side session, should deal with certificate requests. @var{request} should be either @code{certificate-request/request} or @code{certificate-request/require}. @end deffn -@c snarfed from ../guile/src/core.c:453 +@c snarfed from ../guile/src/core.c:489 @deffn {Scheme Procedure} session-our-certificate-chain session Return our certificate chain for @var{session} (as sent to the peer) in raw format (a u8vector). In the case of OpenPGP there is exactly one certificate. Return the empty list if no certificate was used. @end deffn -@c snarfed from ../guile/src/core.c:404 +@c snarfed from ../guile/src/core.c:440 @deffn {Scheme Procedure} session-peer-certificate-chain session Return the a list of certificates in raw format (u8vectors) where the first one is the peer's certificate. In the case of OpenPGP, there is always exactly one certificate. In the case of X.509, subsequent certificates indicate form a certificate chain. Return the empty list if no certificate was sent. @end deffn -@c snarfed from ../guile/src/core.c:384 +@c snarfed from ../guile/src/core.c:420 @deffn {Scheme Procedure} session-client-authentication-type session Return the client authentication type (a @code{credential-type} value) used in @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:364 +@c snarfed from ../guile/src/core.c:400 @deffn {Scheme Procedure} session-server-authentication-type session Return the server authentication type (a @code{credential-type} value) used in @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:344 +@c snarfed from ../guile/src/core.c:380 @deffn {Scheme Procedure} session-authentication-type session Return the authentication type (a @code{credential-type} value) used by @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:328 +@c snarfed from ../guile/src/core.c:364 @deffn {Scheme Procedure} session-protocol session Return the protocol used by @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:311 +@c snarfed from ../guile/src/core.c:347 @deffn {Scheme Procedure} session-certificate-type session Return @var{session}'s certificate type. @end deffn -@c snarfed from ../guile/src/core.c:294 +@c snarfed from ../guile/src/core.c:330 @deffn {Scheme Procedure} session-compression-method session Return @var{session}'s compression method. @end deffn -@c snarfed from ../guile/src/core.c:278 +@c snarfed from ../guile/src/core.c:314 @deffn {Scheme Procedure} session-mac session Return @var{session}'s MAC. @end deffn -@c snarfed from ../guile/src/core.c:262 +@c snarfed from ../guile/src/core.c:298 @deffn {Scheme Procedure} session-kx session Return @var{session}'s kx. @end deffn -@c snarfed from ../guile/src/core.c:246 +@c snarfed from ../guile/src/core.c:282 @deffn {Scheme Procedure} session-cipher session Return @var{session}'s cipher. @end deffn -@c snarfed from ../guile/src/core.c:218 +@c snarfed from ../guile/src/core.c:254 @deffn {Scheme Procedure} alert-send session level alert Send @var{alert} via @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:202 +@c snarfed from ../guile/src/core.c:238 @deffn {Scheme Procedure} alert-get session Get an aleter from @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:184 +@c snarfed from ../guile/src/core.c:220 +@deffn {Scheme Procedure} reauthenticate session +Perform a re-authentication step for @var{session}. +@end deffn + +@c snarfed from ../guile/src/core.c:203 @deffn {Scheme Procedure} rehandshake session Perform a re-handshaking for @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:166 +@c snarfed from ../guile/src/core.c:185 @deffn {Scheme Procedure} handshake session Perform a handshake for @var{session}. @end deffn -@c snarfed from ../guile/src/core.c:145 +@c snarfed from ../guile/src/core.c:164 @deffn {Scheme Procedure} bye session how Close @var{session} according to @var{how}. @end deffn -@c snarfed from ../guile/src/core.c:119 -@deffn {Scheme Procedure} make-session end -Return a new session for connection end @var{end}, either @code{connection-end/server} or @code{connection-end/client}. +@c snarfed from ../guile/src/core.c:132 +@deffn {Scheme Procedure} make-session end [flags...] +Return a new session for connection end @var{end}, either @code{connection-end/server} or @code{connection-end/client}. The optional @var{flags} arguments are @code{connection-flag} values such as @code{connection-flag/auto-reauth}. @end deffn -@c snarfed from ../guile/src/core.c:108 +@c snarfed from ../guile/src/core.c:121 @deffn {Scheme Procedure} gnutls-version Return a string denoting the version number of the underlying GnuTLS library, e.g., @code{"1.7.2"}. @end deffn @@ -496,96 +501,101 @@ Return true if @var{obj} is of type @code{anonymous-client-credentials}. Return true if @var{obj} is of type @code{session}. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:953 +@c snarfed from ../guile/src/enum-map.i.c:1023 @deffn {Scheme Procedure} openpgp-certificate-format->string enumval Return a string describing @var{enumval}, a @code{openpgp-certificate-format} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:912 +@c snarfed from ../guile/src/enum-map.i.c:982 @deffn {Scheme Procedure} error->string enumval Return a string describing @var{enumval}, a @code{error} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:891 +@c snarfed from ../guile/src/enum-map.i.c:961 @deffn {Scheme Procedure} certificate-verify->string enumval Return a string describing @var{enumval}, a @code{certificate-verify} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:846 +@c snarfed from ../guile/src/enum-map.i.c:916 @deffn {Scheme Procedure} key-usage->string enumval Return a string describing @var{enumval}, a @code{key-usage} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:798 +@c snarfed from ../guile/src/enum-map.i.c:868 @deffn {Scheme Procedure} psk-key-format->string enumval Return a string describing @var{enumval}, a @code{psk-key-format} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:757 +@c snarfed from ../guile/src/enum-map.i.c:827 @deffn {Scheme Procedure} server-name-type->string enumval Return a string describing @var{enumval}, a @code{server-name-type} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:717 +@c snarfed from ../guile/src/enum-map.i.c:787 @deffn {Scheme Procedure} sign-algorithm->string enumval Return a string describing @var{enumval}, a @code{sign-algorithm} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:696 +@c snarfed from ../guile/src/enum-map.i.c:766 @deffn {Scheme Procedure} pk-algorithm->string enumval Return a string describing @var{enumval}, a @code{pk-algorithm} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:675 +@c snarfed from ../guile/src/enum-map.i.c:745 @deffn {Scheme Procedure} x509-subject-alternative-name->string enumval Return a string describing @var{enumval}, a @code{x509-subject-alternative-name} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:632 +@c snarfed from ../guile/src/enum-map.i.c:702 @deffn {Scheme Procedure} x509-certificate-format->string enumval Return a string describing @var{enumval}, a @code{x509-certificate-format} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:591 +@c snarfed from ../guile/src/enum-map.i.c:661 @deffn {Scheme Procedure} certificate-type->string enumval Return a string describing @var{enumval}, a @code{certificate-type} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:570 +@c snarfed from ../guile/src/enum-map.i.c:640 @deffn {Scheme Procedure} protocol->string enumval Return a string describing @var{enumval}, a @code{protocol} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:527 +@c snarfed from ../guile/src/enum-map.i.c:597 @deffn {Scheme Procedure} close-request->string enumval Return a string describing @var{enumval}, a @code{close-request} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:486 +@c snarfed from ../guile/src/enum-map.i.c:556 @deffn {Scheme Procedure} certificate-request->string enumval Return a string describing @var{enumval}, a @code{certificate-request} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:444 +@c snarfed from ../guile/src/enum-map.i.c:514 @deffn {Scheme Procedure} certificate-status->string enumval Return a string describing @var{enumval}, a @code{certificate-status} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:400 +@c snarfed from ../guile/src/enum-map.i.c:458 @deffn {Scheme Procedure} handshake-description->string enumval Return a string describing @var{enumval}, a @code{handshake-description} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:351 +@c snarfed from ../guile/src/enum-map.i.c:409 @deffn {Scheme Procedure} alert-description->string enumval Return a string describing @var{enumval}, a @code{alert-description} value. @end deffn -@c snarfed from ../guile/src/enum-map.i.c:284 +@c snarfed from ../guile/src/enum-map.i.c:342 @deffn {Scheme Procedure} alert-level->string enumval Return a string describing @var{enumval}, a @code{alert-level} value. @end deffn +@c snarfed from ../guile/src/enum-map.i.c:301 +@deffn {Scheme Procedure} connection-flag->string enumval +Return a string describing @var{enumval}, a @code{connection-flag} value. +@end deffn + @c snarfed from ../guile/src/enum-map.i.c:243 @deffn {Scheme Procedure} connection-end->string enumval Return a string describing @var{enumval}, a @code{connection-end} value. diff --git a/doc/credentials/Makefile.in b/doc/credentials/Makefile.in index 511bafb..849318b 100644 --- a/doc/credentials/Makefile.in +++ b/doc/credentials/Makefile.in @@ -112,7 +112,6 @@ ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/lib/unistring/m4/inline.m4 \ $(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \ - $(top_srcdir)/src/gl/m4/__inline.m4 \ $(top_srcdir)/src/gl/m4/bison.m4 \ $(top_srcdir)/src/gl/m4/clock_time.m4 \ $(top_srcdir)/src/gl/m4/fseek.m4 \ @@ -132,7 +131,7 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/src/gl/m4/tzset.m4 \ $(top_srcdir)/src/libopts/m4/libopts.m4 \ $(top_srcdir)/src/libopts/m4/stdnoreturn.m4 \ - $(top_srcdir)/m4/00gnulib.m4 \ + $(top_srcdir)/m4/00gnulib.m4 $(top_srcdir)/m4/__inline.m4 \ $(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \ $(top_srcdir)/m4/arpa_inet_h.m4 \ $(top_srcdir)/m4/ax_ac_append_to_file.m4 \ @@ -147,18 +146,19 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/codeset.m4 $(top_srcdir)/m4/ctype.m4 \ $(top_srcdir)/m4/dup2.m4 $(top_srcdir)/m4/eealloc.m4 \ $(top_srcdir)/m4/environ.m4 $(top_srcdir)/m4/errno_h.m4 \ + $(top_srcdir)/m4/explicit_bzero.m4 \ $(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \ $(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \ $(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \ $(top_srcdir)/m4/fdopen.m4 $(top_srcdir)/m4/flexmember.m4 \ - $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fpieee.m4 \ - $(top_srcdir)/m4/fseeko.m4 $(top_srcdir)/m4/fstat.m4 \ - $(top_srcdir)/m4/ftell.m4 $(top_srcdir)/m4/ftello.m4 \ - $(top_srcdir)/m4/ftruncate.m4 $(top_srcdir)/m4/func.m4 \ - $(top_srcdir)/m4/getcwd.m4 $(top_srcdir)/m4/getdelim.m4 \ - $(top_srcdir)/m4/getdtablesize.m4 $(top_srcdir)/m4/getline.m4 \ - $(top_srcdir)/m4/getpagesize.m4 $(top_srcdir)/m4/gettext.m4 \ - $(top_srcdir)/m4/gettimeofday.m4 \ + $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \ + $(top_srcdir)/m4/fpieee.m4 $(top_srcdir)/m4/fseeko.m4 \ + $(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \ + $(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/ftruncate.m4 \ + $(top_srcdir)/m4/func.m4 $(top_srcdir)/m4/getcwd.m4 \ + $(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \ + $(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/getpagesize.m4 \ + $(top_srcdir)/m4/gettext.m4 $(top_srcdir)/m4/gettimeofday.m4 \ $(top_srcdir)/m4/gnulib-common.m4 \ $(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \ $(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \ @@ -167,12 +167,13 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/inet_pton.m4 \ $(top_srcdir)/m4/intl-thread-locale.m4 \ $(top_srcdir)/m4/intlmacosx.m4 $(top_srcdir)/m4/intmax_t.m4 \ - $(top_srcdir)/m4/inttypes-pri.m4 $(top_srcdir)/m4/inttypes.m4 \ - $(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/ioctl.m4 \ - $(top_srcdir)/m4/isblank.m4 $(top_srcdir)/m4/langinfo_h.m4 \ - $(top_srcdir)/m4/largefile.m4 $(top_srcdir)/m4/lcmessage.m4 \ + $(top_srcdir)/m4/inttostr.m4 $(top_srcdir)/m4/inttypes-pri.m4 \ + $(top_srcdir)/m4/inttypes.m4 $(top_srcdir)/m4/inttypes_h.m4 \ + $(top_srcdir)/m4/ioctl.m4 $(top_srcdir)/m4/isblank.m4 \ + $(top_srcdir)/m4/langinfo_h.m4 $(top_srcdir)/m4/largefile.m4 \ + $(top_srcdir)/m4/lcmessage.m4 \ $(top_srcdir)/m4/ld-output-def.m4 \ - $(top_srcdir)/m4/ld-version-script.m4 \ + $(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/locale-fr.m4 \ @@ -180,27 +181,32 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/locale-zh.m4 $(top_srcdir)/m4/locale_h.m4 \ $(top_srcdir)/m4/localename.m4 \ $(top_srcdir)/m4/localtime-buffer.m4 $(top_srcdir)/m4/lock.m4 \ - $(top_srcdir)/m4/longlong.m4 $(top_srcdir)/m4/lseek.m4 \ - $(top_srcdir)/m4/lstat.m4 $(top_srcdir)/m4/ltoptions.m4 \ - $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ - $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \ - $(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \ - $(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \ - $(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \ - $(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \ + $(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/lstat.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/malloc.m4 $(top_srcdir)/m4/malloca.m4 \ + $(top_srcdir)/m4/manywarnings.m4 $(top_srcdir)/m4/memchr.m4 \ + $(top_srcdir)/m4/memmem.m4 $(top_srcdir)/m4/minmax.m4 \ + $(top_srcdir)/m4/mmap-anon.m4 $(top_srcdir)/m4/mode_t.m4 \ + $(top_srcdir)/m4/msvc-inval.m4 \ $(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \ $(top_srcdir)/m4/nanosleep.m4 $(top_srcdir)/m4/netdb_h.m4 \ $(top_srcdir)/m4/netinet_in_h.m4 $(top_srcdir)/m4/nls.m4 \ $(top_srcdir)/m4/off_t.m4 $(top_srcdir)/m4/open-cloexec.m4 \ - $(top_srcdir)/m4/open.m4 $(top_srcdir)/m4/pathmax.m4 \ - $(top_srcdir)/m4/perror.m4 $(top_srcdir)/m4/pipe.m4 \ - $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/m4/po.m4 \ - $(top_srcdir)/m4/printf.m4 $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \ + $(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/perror.m4 \ + $(top_srcdir)/m4/pipe.m4 $(top_srcdir)/m4/pkg.m4 \ + $(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \ + $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/pthread-thread.m4 \ + $(top_srcdir)/m4/pthread_h.m4 \ $(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \ - $(top_srcdir)/m4/putenv.m4 $(top_srcdir)/m4/raise.m4 \ - $(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \ + $(top_srcdir)/m4/pthread_sigmask.m4 $(top_srcdir)/m4/putenv.m4 \ + $(top_srcdir)/m4/raise.m4 $(top_srcdir)/m4/read-file.m4 \ + $(top_srcdir)/m4/realloc.m4 $(top_srcdir)/m4/sched_h.m4 \ $(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/select.m4 \ $(top_srcdir)/m4/setenv.m4 $(top_srcdir)/m4/setlocale.m4 \ + $(top_srcdir)/m4/setlocale_null.m4 \ $(top_srcdir)/m4/sigaction.m4 $(top_srcdir)/m4/signal_h.m4 \ $(top_srcdir)/m4/signalblocking.m4 \ $(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/sleep.m4 \ @@ -208,29 +214,30 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/sockets.m4 $(top_srcdir)/m4/socklen.m4 \ $(top_srcdir)/m4/sockpfaf.m4 $(top_srcdir)/m4/ssize_t.m4 \ $(top_srcdir)/m4/stat-time.m4 $(top_srcdir)/m4/stat.m4 \ - $(top_srcdir)/m4/stdalign.m4 $(top_srcdir)/m4/stdbool.m4 \ - $(top_srcdir)/m4/stddef_h.m4 $(top_srcdir)/m4/stdint.m4 \ - $(top_srcdir)/m4/stdint_h.m4 $(top_srcdir)/m4/stdio_h.m4 \ - $(top_srcdir)/m4/stdlib_h.m4 $(top_srcdir)/m4/strcase.m4 \ - $(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/strerror.m4 \ - $(top_srcdir)/m4/strerror_r.m4 $(top_srcdir)/m4/string_h.m4 \ - $(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \ - $(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \ - $(top_srcdir)/m4/strverscmp.m4 $(top_srcdir)/m4/symlink.m4 \ - $(top_srcdir)/m4/sys_ioctl_h.m4 \ + $(top_srcdir)/m4/std-gnu11.m4 $(top_srcdir)/m4/stdalign.m4 \ + $(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \ + $(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \ + $(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \ + $(top_srcdir)/m4/strcase.m4 $(top_srcdir)/m4/strdup.m4 \ + $(top_srcdir)/m4/strerror.m4 $(top_srcdir)/m4/strerror_r.m4 \ + $(top_srcdir)/m4/string_h.m4 $(top_srcdir)/m4/strings_h.m4 \ + $(top_srcdir)/m4/strndup.m4 $(top_srcdir)/m4/strnlen.m4 \ + $(top_srcdir)/m4/strtok_r.m4 $(top_srcdir)/m4/strverscmp.m4 \ + $(top_srcdir)/m4/symlink.m4 $(top_srcdir)/m4/sys_ioctl_h.m4 \ $(top_srcdir)/m4/sys_select_h.m4 \ $(top_srcdir)/m4/sys_socket_h.m4 \ $(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \ $(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \ - $(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \ - $(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \ - $(top_srcdir)/m4/unistd_h.m4 \ + $(top_srcdir)/m4/thread.m4 $(top_srcdir)/m4/threadlib.m4 \ + $(top_srcdir)/m4/time_h.m4 $(top_srcdir)/m4/time_r.m4 \ + $(top_srcdir)/m4/ungetc.m4 $(top_srcdir)/m4/unistd_h.m4 \ $(top_srcdir)/m4/valgrind-tests.m4 \ $(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \ - $(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \ - $(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \ - $(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \ - $(top_srcdir)/m4/xsize.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/visibility.m4 $(top_srcdir)/m4/vsnprintf.m4 \ + $(top_srcdir)/m4/warn-on-use.m4 $(top_srcdir)/m4/warnings.m4 \ + $(top_srcdir)/m4/wchar_h.m4 $(top_srcdir)/m4/wchar_t.m4 \ + $(top_srcdir)/m4/wint_t.m4 $(top_srcdir)/m4/xsize.m4 \ + $(top_srcdir)/m4/zzgnulib.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) @@ -345,6 +352,7 @@ CCASDEPMODE = @CCASDEPMODE@ CCASFLAGS = @CCASFLAGS@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ +CFLAG_VISIBILITY = @CFLAG_VISIBILITY@ CMOCKA_CFLAGS = @CMOCKA_CFLAGS@ CMOCKA_LIBS = @CMOCKA_LIBS@ CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@ @@ -397,6 +405,7 @@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GNULIB_ACCEPT = @GNULIB_ACCEPT@ GNULIB_ACCEPT4 = @GNULIB_ACCEPT4@ +GNULIB_ACCESS = @GNULIB_ACCESS@ GNULIB_ATOLL = @GNULIB_ATOLL@ GNULIB_BIND = @GNULIB_BIND@ GNULIB_BTOWC = @GNULIB_BTOWC@ @@ -406,6 +415,8 @@ GNULIB_CHDIR = @GNULIB_CHDIR@ GNULIB_CHOWN = @GNULIB_CHOWN@ GNULIB_CLOSE = @GNULIB_CLOSE@ GNULIB_CONNECT = @GNULIB_CONNECT@ +GNULIB_COPY_FILE_RANGE = @GNULIB_COPY_FILE_RANGE@ +GNULIB_CREAT = @GNULIB_CREAT@ GNULIB_CTIME = @GNULIB_CTIME@ GNULIB_DPRINTF = @GNULIB_DPRINTF@ GNULIB_DUP = @GNULIB_DUP@ @@ -455,15 +466,18 @@ GNULIB_GETCWD = @GNULIB_GETCWD@ GNULIB_GETDELIM = @GNULIB_GETDELIM@ GNULIB_GETDOMAINNAME = @GNULIB_GETDOMAINNAME@ GNULIB_GETDTABLESIZE = @GNULIB_GETDTABLESIZE@ +GNULIB_GETENTROPY = @GNULIB_GETENTROPY@ GNULIB_GETGROUPS = @GNULIB_GETGROUPS@ GNULIB_GETHOSTNAME = @GNULIB_GETHOSTNAME@ GNULIB_GETLINE = @GNULIB_GETLINE@ GNULIB_GETLOADAVG = @GNULIB_GETLOADAVG@ GNULIB_GETLOGIN = @GNULIB_GETLOGIN@ GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@ +GNULIB_GETOPT_POSIX = @GNULIB_GETOPT_POSIX@ GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@ GNULIB_GETPASS = @GNULIB_GETPASS@ GNULIB_GETPEERNAME = @GNULIB_GETPEERNAME@ +GNULIB_GETRANDOM = @GNULIB_GETRANDOM@ GNULIB_GETSOCKNAME = @GNULIB_GETSOCKNAME@ GNULIB_GETSOCKOPT = @GNULIB_GETSOCKOPT@ GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@ @@ -543,7 +557,15 @@ GNULIB_PREAD = @GNULIB_PREAD@ GNULIB_PRINTF = @GNULIB_PRINTF@ GNULIB_PRINTF_POSIX = @GNULIB_PRINTF_POSIX@ GNULIB_PSELECT = @GNULIB_PSELECT@ +GNULIB_PTHREAD_COND = @GNULIB_PTHREAD_COND@ +GNULIB_PTHREAD_MUTEX = @GNULIB_PTHREAD_MUTEX@ +GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GNULIB_PTHREAD_MUTEX_TIMEDLOCK@ +GNULIB_PTHREAD_ONCE = @GNULIB_PTHREAD_ONCE@ +GNULIB_PTHREAD_RWLOCK = @GNULIB_PTHREAD_RWLOCK@ GNULIB_PTHREAD_SIGMASK = @GNULIB_PTHREAD_SIGMASK@ +GNULIB_PTHREAD_SPIN = @GNULIB_PTHREAD_SPIN@ +GNULIB_PTHREAD_THREAD = @GNULIB_PTHREAD_THREAD@ +GNULIB_PTHREAD_TSS = @GNULIB_PTHREAD_TSS@ GNULIB_PTSNAME = @GNULIB_PTSNAME@ GNULIB_PTSNAME_R = @GNULIB_PTSNAME_R@ GNULIB_PUTC = @GNULIB_PUTC@ @@ -570,6 +592,7 @@ GNULIB_RENAMEAT = @GNULIB_RENAMEAT@ GNULIB_RMDIR = @GNULIB_RMDIR@ GNULIB_RPMATCH = @GNULIB_RPMATCH@ GNULIB_SCANF = @GNULIB_SCANF@ +GNULIB_SCHED_YIELD = @GNULIB_SCHED_YIELD@ GNULIB_SECURE_GETENV = @GNULIB_SECURE_GETENV@ GNULIB_SELECT = @GNULIB_SELECT@ GNULIB_SEND = @GNULIB_SEND@ @@ -577,6 +600,7 @@ GNULIB_SENDTO = @GNULIB_SENDTO@ GNULIB_SETENV = @GNULIB_SETENV@ GNULIB_SETHOSTNAME = @GNULIB_SETHOSTNAME@ GNULIB_SETLOCALE = @GNULIB_SETLOCALE@ +GNULIB_SETLOCALE_NULL = @GNULIB_SETLOCALE_NULL@ GNULIB_SETSOCKOPT = @GNULIB_SETSOCKOPT@ GNULIB_SHUTDOWN = @GNULIB_SHUTDOWN@ GNULIB_SIGACTION = @GNULIB_SIGACTION@ @@ -706,6 +730,7 @@ HAVE_BTOWC = @HAVE_BTOWC@ HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@ HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@ HAVE_CHOWN = @HAVE_CHOWN@ +HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@ HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@ HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@ HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@ @@ -777,11 +802,13 @@ HAVE_FTELLO = @HAVE_FTELLO@ HAVE_FTRUNCATE = @HAVE_FTRUNCATE@ HAVE_FUTIMENS = @HAVE_FUTIMENS@ HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@ +HAVE_GETENTROPY = @HAVE_GETENTROPY@ HAVE_GETGROUPS = @HAVE_GETGROUPS@ HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@ HAVE_GETLOGIN = @HAVE_GETLOGIN@ HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@ HAVE_GETPASS = @HAVE_GETPASS@ +HAVE_GETRANDOM = @HAVE_GETRANDOM@ HAVE_GETSUBOPT = @HAVE_GETSUBOPT@ HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@ HAVE_GRANTPT = @HAVE_GRANTPT@ @@ -800,12 +827,12 @@ HAVE_LCHMOD = @HAVE_LCHMOD@ HAVE_LCHOWN = @HAVE_LCHOWN@ HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@ HAVE_LIBDL = @HAVE_LIBDL@ +HAVE_LIBEV = @HAVE_LIBEV@ HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@ HAVE_LIBRT = @HAVE_LIBRT@ HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@ HAVE_LINK = @HAVE_LINK@ HAVE_LINKAT = @HAVE_LINKAT@ -HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@ HAVE_LSTAT = @HAVE_LSTAT@ HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@ HAVE_MBRLEN = @HAVE_MBRLEN@ @@ -843,7 +870,65 @@ HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@ HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@ HAVE_PREAD = @HAVE_PREAD@ HAVE_PSELECT = @HAVE_PSELECT@ +HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@ +HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@ +HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@ +HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@ +HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@ +HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@ +HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@ +HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@ +HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@ +HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@ +HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@ +HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@ +HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@ +HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@ +HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@ +HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@ +HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@ +HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@ +HAVE_PTHREAD_H = @HAVE_PTHREAD_H@ +HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@ +HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@ +HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@ +HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@ +HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@ +HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@ +HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@ +HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@ +HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@ +HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@ +HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@ +HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@ +HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@ +HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@ +HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@ +HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@ +HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@ +HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@ +HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@ +HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@ +HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@ +HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@ +HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@ +HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@ +HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@ +HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@ +HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@ +HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@ +HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@ HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@ +HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@ +HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@ +HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@ +HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@ +HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@ +HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@ +HAVE_PTHREAD_T = @HAVE_PTHREAD_T@ HAVE_PTSNAME = @HAVE_PTSNAME@ HAVE_PTSNAME_R = @HAVE_PTSNAME_R@ HAVE_PWRITE = @HAVE_PWRITE@ @@ -860,6 +945,8 @@ HAVE_REALPATH = @HAVE_REALPATH@ HAVE_RENAMEAT = @HAVE_RENAMEAT@ HAVE_RPMATCH = @HAVE_RPMATCH@ HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@ +HAVE_SCHED_H = @HAVE_SCHED_H@ +HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@ HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@ HAVE_SETENV = @HAVE_SETENV@ HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@ @@ -888,6 +975,7 @@ HAVE_STRTOLL = @HAVE_STRTOLL@ HAVE_STRTOULL = @HAVE_STRTOULL@ HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@ HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@ +HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@ HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@ HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@ HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@ @@ -896,6 +984,7 @@ HAVE_STRVERSCMP = @HAVE_STRVERSCMP@ HAVE_SYMLINK = @HAVE_SYMLINK@ HAVE_SYMLINKAT = @HAVE_SYMLINKAT@ HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@ +HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@ HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@ HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@ HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@ @@ -912,11 +1001,11 @@ HAVE_TZSET = @HAVE_TZSET@ HAVE_UNISTD_H = @HAVE_UNISTD_H@ HAVE_UNLINKAT = @HAVE_UNLINKAT@ HAVE_UNLOCKPT = @HAVE_UNLOCKPT@ -HAVE_UNSIGNED_LONG_LONG_INT = @HAVE_UNSIGNED_LONG_LONG_INT@ HAVE_USLEEP = @HAVE_USLEEP@ HAVE_UTIMENSAT = @HAVE_UTIMENSAT@ HAVE_VASPRINTF = @HAVE_VASPRINTF@ HAVE_VDPRINTF = @HAVE_VDPRINTF@ +HAVE_VISIBILITY = @HAVE_VISIBILITY@ HAVE_WCHAR_H = @HAVE_WCHAR_H@ HAVE_WCHAR_T = @HAVE_WCHAR_T@ HAVE_WCPCPY = @HAVE_WCPCPY@ @@ -976,12 +1065,18 @@ INTLLIBS = @INTLLIBS@ INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ LCOV = @LCOV@ LD = @LD@ +LDDPOSTPROC = @LDDPOSTPROC@ +LDDPROG = @LDDPROG@ LDFLAGS = @LDFLAGS@ LIBATOMIC_LIBS = @LIBATOMIC_LIBS@ +LIBBCRYPT = @LIBBCRYPT@ LIBCRYPTO = @LIBCRYPTO@ LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@ LIBDL = @LIBDL@ LIBDL_PREFIX = @LIBDL_PREFIX@ +LIBEV = @LIBEV@ +LIBEV_LIBS = @LIBEV_LIBS@ +LIBEV_PREFIX = @LIBEV_PREFIX@ LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@ LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@ LIBICONV = @LIBICONV@ @@ -989,20 +1084,21 @@ LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@ LIBIDN2_LIBS = @LIBIDN2_LIBS@ LIBINTL = @LIBINTL@ LIBMULTITHREAD = @LIBMULTITHREAD@ +LIBNCRYPT = @LIBNCRYPT@ LIBOBJS = @LIBOBJS@ LIBOPTS_CFLAGS = @LIBOPTS_CFLAGS@ LIBOPTS_DIR = @LIBOPTS_DIR@ LIBOPTS_LDADD = @LIBOPTS_LDADD@ -LIBPTH = @LIBPTH@ +LIBPMULTITHREAD = @LIBPMULTITHREAD@ LIBPTHREAD = @LIBPTHREAD@ LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@ -LIBPTH_PREFIX = @LIBPTH_PREFIX@ LIBRT = @LIBRT@ LIBRT_PREFIX = @LIBRT_PREFIX@ LIBS = @LIBS@ LIBSECCOMP = @LIBSECCOMP@ LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@ LIBSOCKET = @LIBSOCKET@ +LIBSTDTHREAD = @LIBSTDTHREAD@ LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@ LIBTASN1_LIBS = @LIBTASN1_LIBS@ LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@ @@ -1014,8 +1110,14 @@ LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@ LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@ LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@ LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@ +LIB_CRYPT32 = @LIB_CRYPT32@ LIB_NANOSLEEP = @LIB_NANOSLEEP@ +LIB_PTHREAD = @LIB_PTHREAD@ +LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@ +LIB_SCHED_YIELD = @LIB_SCHED_YIELD@ LIB_SELECT = @LIB_SELECT@ +LIB_SETLOCALE = @LIB_SETLOCALE@ +LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@ LIMITS_H = @LIMITS_H@ LIPO = @LIPO@ LN_S = @LN_S@ @@ -1027,11 +1129,11 @@ LOCALE_ZH_CN = @LOCALE_ZH_CN@ LTALLOCA = @LTALLOCA@ LTLIBCRYPTO = @LTLIBCRYPTO@ LTLIBDL = @LTLIBDL@ +LTLIBEV = @LTLIBEV@ LTLIBICONV = @LTLIBICONV@ LTLIBINTL = @LTLIBINTL@ LTLIBMULTITHREAD = @LTLIBMULTITHREAD@ LTLIBOBJS = @LTLIBOBJS@ -LTLIBPTH = @LTLIBPTH@ LTLIBPTHREAD = @LTLIBPTHREAD@ LTLIBRT = @LTLIBRT@ LTLIBSECCOMP = @LTLIBSECCOMP@ @@ -1073,6 +1175,8 @@ NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@ NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@ NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@ NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@ +NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@ +NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@ NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@ NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@ NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@ @@ -1100,6 +1204,8 @@ NEXT_LIMITS_H = @NEXT_LIMITS_H@ NEXT_LOCALE_H = @NEXT_LOCALE_H@ NEXT_NETDB_H = @NEXT_NETDB_H@ NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@ +NEXT_PTHREAD_H = @NEXT_PTHREAD_H@ +NEXT_SCHED_H = @NEXT_SCHED_H@ NEXT_SIGNAL_H = @NEXT_SIGNAL_H@ NEXT_STDDEF_H = @NEXT_STDDEF_H@ NEXT_STDINT_H = @NEXT_STDINT_H@ @@ -1133,6 +1239,7 @@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ +PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@ PATCH_VERSION = @PATCH_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ @@ -1148,17 +1255,20 @@ PRI_MACROS_BROKEN = @PRI_MACROS_BROKEN@ PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@ PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@ RANLIB = @RANLIB@ +REPLACE_ACCESS = @REPLACE_ACCESS@ REPLACE_BTOWC = @REPLACE_BTOWC@ REPLACE_CALLOC = @REPLACE_CALLOC@ REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@ REPLACE_CHOWN = @REPLACE_CHOWN@ REPLACE_CLOSE = @REPLACE_CLOSE@ +REPLACE_CREAT = @REPLACE_CREAT@ REPLACE_CTIME = @REPLACE_CTIME@ REPLACE_DPRINTF = @REPLACE_DPRINTF@ REPLACE_DUP = @REPLACE_DUP@ REPLACE_DUP2 = @REPLACE_DUP2@ REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@ REPLACE_FACCESSAT = @REPLACE_FACCESSAT@ +REPLACE_FCHMODAT = @REPLACE_FCHMODAT@ REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@ REPLACE_FCLOSE = @REPLACE_FCLOSE@ REPLACE_FCNTL = @REPLACE_FCNTL@ @@ -1178,6 +1288,7 @@ REPLACE_FTELLO = @REPLACE_FTELLO@ REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@ REPLACE_FUTIMENS = @REPLACE_FUTIMENS@ REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@ +REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@ REPLACE_GETCWD = @REPLACE_GETCWD@ REPLACE_GETDELIM = @REPLACE_GETDELIM@ REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@ @@ -1230,7 +1341,58 @@ REPLACE_POPEN = @REPLACE_POPEN@ REPLACE_PREAD = @REPLACE_PREAD@ REPLACE_PRINTF = @REPLACE_PRINTF@ REPLACE_PSELECT = @REPLACE_PSELECT@ +REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@ +REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@ +REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@ +REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@ +REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@ +REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@ +REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@ +REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@ +REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@ +REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@ +REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@ +REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@ +REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@ +REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@ +REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@ +REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@ +REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@ +REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@ +REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@ +REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@ +REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@ +REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@ +REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@ +REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@ +REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@ +REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@ +REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@ +REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@ +REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@ +REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@ +REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@ +REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@ +REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@ +REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@ +REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@ +REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@ +REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@ +REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@ +REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@ +REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@ REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@ +REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@ +REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@ +REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@ +REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@ +REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@ REPLACE_PTSNAME = @REPLACE_PTSNAME@ REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@ REPLACE_PUTENV = @REPLACE_PUTENV@ @@ -1248,6 +1410,7 @@ REPLACE_REMOVE = @REPLACE_REMOVE@ REPLACE_RENAME = @REPLACE_RENAME@ REPLACE_RENAMEAT = @REPLACE_RENAMEAT@ REPLACE_RMDIR = @REPLACE_RMDIR@ +REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@ REPLACE_SELECT = @REPLACE_SELECT@ REPLACE_SETENV = @REPLACE_SETENV@ REPLACE_SETLOCALE = @REPLACE_SETLOCALE@ @@ -1299,6 +1462,7 @@ REPLACE_WCRTOMB = @REPLACE_WCRTOMB@ REPLACE_WCSFTIME = @REPLACE_WCSFTIME@ REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@ REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@ +REPLACE_WCSTOK = @REPLACE_WCSTOK@ REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@ REPLACE_WCTOB = @REPLACE_WCTOB@ REPLACE_WCTOMB = @REPLACE_WCTOMB@ @@ -1347,7 +1511,6 @@ XGETTEXT = @XGETTEXT@ XGETTEXT_015 = @XGETTEXT_015@ XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ YACC = @YACC@ -YEAR = @YEAR@ YFLAGS = @YFLAGS@ abs_aux_dir = @abs_aux_dir@ abs_builddir = @abs_builddir@ @@ -1407,13 +1570,13 @@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +maybe_guileextensiondir = @maybe_guileextensiondir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ -runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ diff --git a/doc/credentials/srp/Makefile.in b/doc/credentials/srp/Makefile.in index 416dcad..88461d1 100644 --- a/doc/credentials/srp/Makefile.in +++ b/doc/credentials/srp/Makefile.in @@ -92,7 +92,6 @@ ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/lib/unistring/m4/inline.m4 \ $(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \ - $(top_srcdir)/src/gl/m4/__inline.m4 \ $(top_srcdir)/src/gl/m4/bison.m4 \ $(top_srcdir)/src/gl/m4/clock_time.m4 \ $(top_srcdir)/src/gl/m4/fseek.m4 \ @@ -112,7 +111,7 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/src/gl/m4/tzset.m4 \ $(top_srcdir)/src/libopts/m4/libopts.m4 \ $(top_srcdir)/src/libopts/m4/stdnoreturn.m4 \ - $(top_srcdir)/m4/00gnulib.m4 \ + $(top_srcdir)/m4/00gnulib.m4 $(top_srcdir)/m4/__inline.m4 \ $(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \ $(top_srcdir)/m4/arpa_inet_h.m4 \ $(top_srcdir)/m4/ax_ac_append_to_file.m4 \ @@ -127,18 +126,19 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/codeset.m4 $(top_srcdir)/m4/ctype.m4 \ $(top_srcdir)/m4/dup2.m4 $(top_srcdir)/m4/eealloc.m4 \ $(top_srcdir)/m4/environ.m4 $(top_srcdir)/m4/errno_h.m4 \ + $(top_srcdir)/m4/explicit_bzero.m4 \ $(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \ $(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \ $(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \ $(top_srcdir)/m4/fdopen.m4 $(top_srcdir)/m4/flexmember.m4 \ - $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fpieee.m4 \ - $(top_srcdir)/m4/fseeko.m4 $(top_srcdir)/m4/fstat.m4 \ - $(top_srcdir)/m4/ftell.m4 $(top_srcdir)/m4/ftello.m4 \ - $(top_srcdir)/m4/ftruncate.m4 $(top_srcdir)/m4/func.m4 \ - $(top_srcdir)/m4/getcwd.m4 $(top_srcdir)/m4/getdelim.m4 \ - $(top_srcdir)/m4/getdtablesize.m4 $(top_srcdir)/m4/getline.m4 \ - $(top_srcdir)/m4/getpagesize.m4 $(top_srcdir)/m4/gettext.m4 \ - $(top_srcdir)/m4/gettimeofday.m4 \ + $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \ + $(top_srcdir)/m4/fpieee.m4 $(top_srcdir)/m4/fseeko.m4 \ + $(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \ + $(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/ftruncate.m4 \ + $(top_srcdir)/m4/func.m4 $(top_srcdir)/m4/getcwd.m4 \ + $(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \ + $(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/getpagesize.m4 \ + $(top_srcdir)/m4/gettext.m4 $(top_srcdir)/m4/gettimeofday.m4 \ $(top_srcdir)/m4/gnulib-common.m4 \ $(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \ $(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \ @@ -147,12 +147,13 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/inet_pton.m4 \ $(top_srcdir)/m4/intl-thread-locale.m4 \ $(top_srcdir)/m4/intlmacosx.m4 $(top_srcdir)/m4/intmax_t.m4 \ - $(top_srcdir)/m4/inttypes-pri.m4 $(top_srcdir)/m4/inttypes.m4 \ - $(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/ioctl.m4 \ - $(top_srcdir)/m4/isblank.m4 $(top_srcdir)/m4/langinfo_h.m4 \ - $(top_srcdir)/m4/largefile.m4 $(top_srcdir)/m4/lcmessage.m4 \ + $(top_srcdir)/m4/inttostr.m4 $(top_srcdir)/m4/inttypes-pri.m4 \ + $(top_srcdir)/m4/inttypes.m4 $(top_srcdir)/m4/inttypes_h.m4 \ + $(top_srcdir)/m4/ioctl.m4 $(top_srcdir)/m4/isblank.m4 \ + $(top_srcdir)/m4/langinfo_h.m4 $(top_srcdir)/m4/largefile.m4 \ + $(top_srcdir)/m4/lcmessage.m4 \ $(top_srcdir)/m4/ld-output-def.m4 \ - $(top_srcdir)/m4/ld-version-script.m4 \ + $(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/locale-fr.m4 \ @@ -160,27 +161,32 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/locale-zh.m4 $(top_srcdir)/m4/locale_h.m4 \ $(top_srcdir)/m4/localename.m4 \ $(top_srcdir)/m4/localtime-buffer.m4 $(top_srcdir)/m4/lock.m4 \ - $(top_srcdir)/m4/longlong.m4 $(top_srcdir)/m4/lseek.m4 \ - $(top_srcdir)/m4/lstat.m4 $(top_srcdir)/m4/ltoptions.m4 \ - $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ - $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \ - $(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \ - $(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \ - $(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \ - $(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \ + $(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/lstat.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/malloc.m4 $(top_srcdir)/m4/malloca.m4 \ + $(top_srcdir)/m4/manywarnings.m4 $(top_srcdir)/m4/memchr.m4 \ + $(top_srcdir)/m4/memmem.m4 $(top_srcdir)/m4/minmax.m4 \ + $(top_srcdir)/m4/mmap-anon.m4 $(top_srcdir)/m4/mode_t.m4 \ + $(top_srcdir)/m4/msvc-inval.m4 \ $(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \ $(top_srcdir)/m4/nanosleep.m4 $(top_srcdir)/m4/netdb_h.m4 \ $(top_srcdir)/m4/netinet_in_h.m4 $(top_srcdir)/m4/nls.m4 \ $(top_srcdir)/m4/off_t.m4 $(top_srcdir)/m4/open-cloexec.m4 \ - $(top_srcdir)/m4/open.m4 $(top_srcdir)/m4/pathmax.m4 \ - $(top_srcdir)/m4/perror.m4 $(top_srcdir)/m4/pipe.m4 \ - $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/m4/po.m4 \ - $(top_srcdir)/m4/printf.m4 $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \ + $(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/perror.m4 \ + $(top_srcdir)/m4/pipe.m4 $(top_srcdir)/m4/pkg.m4 \ + $(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \ + $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/pthread-thread.m4 \ + $(top_srcdir)/m4/pthread_h.m4 \ $(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \ - $(top_srcdir)/m4/putenv.m4 $(top_srcdir)/m4/raise.m4 \ - $(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \ + $(top_srcdir)/m4/pthread_sigmask.m4 $(top_srcdir)/m4/putenv.m4 \ + $(top_srcdir)/m4/raise.m4 $(top_srcdir)/m4/read-file.m4 \ + $(top_srcdir)/m4/realloc.m4 $(top_srcdir)/m4/sched_h.m4 \ $(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/select.m4 \ $(top_srcdir)/m4/setenv.m4 $(top_srcdir)/m4/setlocale.m4 \ + $(top_srcdir)/m4/setlocale_null.m4 \ $(top_srcdir)/m4/sigaction.m4 $(top_srcdir)/m4/signal_h.m4 \ $(top_srcdir)/m4/signalblocking.m4 \ $(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/sleep.m4 \ @@ -188,29 +194,30 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/sockets.m4 $(top_srcdir)/m4/socklen.m4 \ $(top_srcdir)/m4/sockpfaf.m4 $(top_srcdir)/m4/ssize_t.m4 \ $(top_srcdir)/m4/stat-time.m4 $(top_srcdir)/m4/stat.m4 \ - $(top_srcdir)/m4/stdalign.m4 $(top_srcdir)/m4/stdbool.m4 \ - $(top_srcdir)/m4/stddef_h.m4 $(top_srcdir)/m4/stdint.m4 \ - $(top_srcdir)/m4/stdint_h.m4 $(top_srcdir)/m4/stdio_h.m4 \ - $(top_srcdir)/m4/stdlib_h.m4 $(top_srcdir)/m4/strcase.m4 \ - $(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/strerror.m4 \ - $(top_srcdir)/m4/strerror_r.m4 $(top_srcdir)/m4/string_h.m4 \ - $(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \ - $(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \ - $(top_srcdir)/m4/strverscmp.m4 $(top_srcdir)/m4/symlink.m4 \ - $(top_srcdir)/m4/sys_ioctl_h.m4 \ + $(top_srcdir)/m4/std-gnu11.m4 $(top_srcdir)/m4/stdalign.m4 \ + $(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \ + $(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \ + $(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \ + $(top_srcdir)/m4/strcase.m4 $(top_srcdir)/m4/strdup.m4 \ + $(top_srcdir)/m4/strerror.m4 $(top_srcdir)/m4/strerror_r.m4 \ + $(top_srcdir)/m4/string_h.m4 $(top_srcdir)/m4/strings_h.m4 \ + $(top_srcdir)/m4/strndup.m4 $(top_srcdir)/m4/strnlen.m4 \ + $(top_srcdir)/m4/strtok_r.m4 $(top_srcdir)/m4/strverscmp.m4 \ + $(top_srcdir)/m4/symlink.m4 $(top_srcdir)/m4/sys_ioctl_h.m4 \ $(top_srcdir)/m4/sys_select_h.m4 \ $(top_srcdir)/m4/sys_socket_h.m4 \ $(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \ $(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \ - $(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \ - $(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \ - $(top_srcdir)/m4/unistd_h.m4 \ + $(top_srcdir)/m4/thread.m4 $(top_srcdir)/m4/threadlib.m4 \ + $(top_srcdir)/m4/time_h.m4 $(top_srcdir)/m4/time_r.m4 \ + $(top_srcdir)/m4/ungetc.m4 $(top_srcdir)/m4/unistd_h.m4 \ $(top_srcdir)/m4/valgrind-tests.m4 \ $(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \ - $(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \ - $(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \ - $(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \ - $(top_srcdir)/m4/xsize.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/visibility.m4 $(top_srcdir)/m4/vsnprintf.m4 \ + $(top_srcdir)/m4/warn-on-use.m4 $(top_srcdir)/m4/warnings.m4 \ + $(top_srcdir)/m4/wchar_h.m4 $(top_srcdir)/m4/wchar_t.m4 \ + $(top_srcdir)/m4/wint_t.m4 $(top_srcdir)/m4/xsize.m4 \ + $(top_srcdir)/m4/zzgnulib.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) @@ -265,6 +272,7 @@ CCASDEPMODE = @CCASDEPMODE@ CCASFLAGS = @CCASFLAGS@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ +CFLAG_VISIBILITY = @CFLAG_VISIBILITY@ CMOCKA_CFLAGS = @CMOCKA_CFLAGS@ CMOCKA_LIBS = @CMOCKA_LIBS@ CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@ @@ -317,6 +325,7 @@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GNULIB_ACCEPT = @GNULIB_ACCEPT@ GNULIB_ACCEPT4 = @GNULIB_ACCEPT4@ +GNULIB_ACCESS = @GNULIB_ACCESS@ GNULIB_ATOLL = @GNULIB_ATOLL@ GNULIB_BIND = @GNULIB_BIND@ GNULIB_BTOWC = @GNULIB_BTOWC@ @@ -326,6 +335,8 @@ GNULIB_CHDIR = @GNULIB_CHDIR@ GNULIB_CHOWN = @GNULIB_CHOWN@ GNULIB_CLOSE = @GNULIB_CLOSE@ GNULIB_CONNECT = @GNULIB_CONNECT@ +GNULIB_COPY_FILE_RANGE = @GNULIB_COPY_FILE_RANGE@ +GNULIB_CREAT = @GNULIB_CREAT@ GNULIB_CTIME = @GNULIB_CTIME@ GNULIB_DPRINTF = @GNULIB_DPRINTF@ GNULIB_DUP = @GNULIB_DUP@ @@ -375,15 +386,18 @@ GNULIB_GETCWD = @GNULIB_GETCWD@ GNULIB_GETDELIM = @GNULIB_GETDELIM@ GNULIB_GETDOMAINNAME = @GNULIB_GETDOMAINNAME@ GNULIB_GETDTABLESIZE = @GNULIB_GETDTABLESIZE@ +GNULIB_GETENTROPY = @GNULIB_GETENTROPY@ GNULIB_GETGROUPS = @GNULIB_GETGROUPS@ GNULIB_GETHOSTNAME = @GNULIB_GETHOSTNAME@ GNULIB_GETLINE = @GNULIB_GETLINE@ GNULIB_GETLOADAVG = @GNULIB_GETLOADAVG@ GNULIB_GETLOGIN = @GNULIB_GETLOGIN@ GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@ +GNULIB_GETOPT_POSIX = @GNULIB_GETOPT_POSIX@ GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@ GNULIB_GETPASS = @GNULIB_GETPASS@ GNULIB_GETPEERNAME = @GNULIB_GETPEERNAME@ +GNULIB_GETRANDOM = @GNULIB_GETRANDOM@ GNULIB_GETSOCKNAME = @GNULIB_GETSOCKNAME@ GNULIB_GETSOCKOPT = @GNULIB_GETSOCKOPT@ GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@ @@ -463,7 +477,15 @@ GNULIB_PREAD = @GNULIB_PREAD@ GNULIB_PRINTF = @GNULIB_PRINTF@ GNULIB_PRINTF_POSIX = @GNULIB_PRINTF_POSIX@ GNULIB_PSELECT = @GNULIB_PSELECT@ +GNULIB_PTHREAD_COND = @GNULIB_PTHREAD_COND@ +GNULIB_PTHREAD_MUTEX = @GNULIB_PTHREAD_MUTEX@ +GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GNULIB_PTHREAD_MUTEX_TIMEDLOCK@ +GNULIB_PTHREAD_ONCE = @GNULIB_PTHREAD_ONCE@ +GNULIB_PTHREAD_RWLOCK = @GNULIB_PTHREAD_RWLOCK@ GNULIB_PTHREAD_SIGMASK = @GNULIB_PTHREAD_SIGMASK@ +GNULIB_PTHREAD_SPIN = @GNULIB_PTHREAD_SPIN@ +GNULIB_PTHREAD_THREAD = @GNULIB_PTHREAD_THREAD@ +GNULIB_PTHREAD_TSS = @GNULIB_PTHREAD_TSS@ GNULIB_PTSNAME = @GNULIB_PTSNAME@ GNULIB_PTSNAME_R = @GNULIB_PTSNAME_R@ GNULIB_PUTC = @GNULIB_PUTC@ @@ -490,6 +512,7 @@ GNULIB_RENAMEAT = @GNULIB_RENAMEAT@ GNULIB_RMDIR = @GNULIB_RMDIR@ GNULIB_RPMATCH = @GNULIB_RPMATCH@ GNULIB_SCANF = @GNULIB_SCANF@ +GNULIB_SCHED_YIELD = @GNULIB_SCHED_YIELD@ GNULIB_SECURE_GETENV = @GNULIB_SECURE_GETENV@ GNULIB_SELECT = @GNULIB_SELECT@ GNULIB_SEND = @GNULIB_SEND@ @@ -497,6 +520,7 @@ GNULIB_SENDTO = @GNULIB_SENDTO@ GNULIB_SETENV = @GNULIB_SETENV@ GNULIB_SETHOSTNAME = @GNULIB_SETHOSTNAME@ GNULIB_SETLOCALE = @GNULIB_SETLOCALE@ +GNULIB_SETLOCALE_NULL = @GNULIB_SETLOCALE_NULL@ GNULIB_SETSOCKOPT = @GNULIB_SETSOCKOPT@ GNULIB_SHUTDOWN = @GNULIB_SHUTDOWN@ GNULIB_SIGACTION = @GNULIB_SIGACTION@ @@ -626,6 +650,7 @@ HAVE_BTOWC = @HAVE_BTOWC@ HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@ HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@ HAVE_CHOWN = @HAVE_CHOWN@ +HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@ HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@ HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@ HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@ @@ -697,11 +722,13 @@ HAVE_FTELLO = @HAVE_FTELLO@ HAVE_FTRUNCATE = @HAVE_FTRUNCATE@ HAVE_FUTIMENS = @HAVE_FUTIMENS@ HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@ +HAVE_GETENTROPY = @HAVE_GETENTROPY@ HAVE_GETGROUPS = @HAVE_GETGROUPS@ HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@ HAVE_GETLOGIN = @HAVE_GETLOGIN@ HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@ HAVE_GETPASS = @HAVE_GETPASS@ +HAVE_GETRANDOM = @HAVE_GETRANDOM@ HAVE_GETSUBOPT = @HAVE_GETSUBOPT@ HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@ HAVE_GRANTPT = @HAVE_GRANTPT@ @@ -720,12 +747,12 @@ HAVE_LCHMOD = @HAVE_LCHMOD@ HAVE_LCHOWN = @HAVE_LCHOWN@ HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@ HAVE_LIBDL = @HAVE_LIBDL@ +HAVE_LIBEV = @HAVE_LIBEV@ HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@ HAVE_LIBRT = @HAVE_LIBRT@ HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@ HAVE_LINK = @HAVE_LINK@ HAVE_LINKAT = @HAVE_LINKAT@ -HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@ HAVE_LSTAT = @HAVE_LSTAT@ HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@ HAVE_MBRLEN = @HAVE_MBRLEN@ @@ -763,7 +790,65 @@ HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@ HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@ HAVE_PREAD = @HAVE_PREAD@ HAVE_PSELECT = @HAVE_PSELECT@ +HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@ +HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@ +HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@ +HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@ +HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@ +HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@ +HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@ +HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@ +HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@ +HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@ +HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@ +HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@ +HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@ +HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@ +HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@ +HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@ +HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@ +HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@ +HAVE_PTHREAD_H = @HAVE_PTHREAD_H@ +HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@ +HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@ +HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@ +HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@ +HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@ +HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@ +HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@ +HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@ +HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@ +HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@ +HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@ +HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@ +HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@ +HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@ +HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@ +HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@ +HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@ +HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@ +HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@ +HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@ +HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@ +HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@ +HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@ +HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@ +HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@ +HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@ +HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@ +HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@ +HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@ HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@ +HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@ +HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@ +HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@ +HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@ +HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@ +HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@ +HAVE_PTHREAD_T = @HAVE_PTHREAD_T@ HAVE_PTSNAME = @HAVE_PTSNAME@ HAVE_PTSNAME_R = @HAVE_PTSNAME_R@ HAVE_PWRITE = @HAVE_PWRITE@ @@ -780,6 +865,8 @@ HAVE_REALPATH = @HAVE_REALPATH@ HAVE_RENAMEAT = @HAVE_RENAMEAT@ HAVE_RPMATCH = @HAVE_RPMATCH@ HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@ +HAVE_SCHED_H = @HAVE_SCHED_H@ +HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@ HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@ HAVE_SETENV = @HAVE_SETENV@ HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@ @@ -808,6 +895,7 @@ HAVE_STRTOLL = @HAVE_STRTOLL@ HAVE_STRTOULL = @HAVE_STRTOULL@ HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@ HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@ +HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@ HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@ HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@ HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@ @@ -816,6 +904,7 @@ HAVE_STRVERSCMP = @HAVE_STRVERSCMP@ HAVE_SYMLINK = @HAVE_SYMLINK@ HAVE_SYMLINKAT = @HAVE_SYMLINKAT@ HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@ +HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@ HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@ HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@ HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@ @@ -832,11 +921,11 @@ HAVE_TZSET = @HAVE_TZSET@ HAVE_UNISTD_H = @HAVE_UNISTD_H@ HAVE_UNLINKAT = @HAVE_UNLINKAT@ HAVE_UNLOCKPT = @HAVE_UNLOCKPT@ -HAVE_UNSIGNED_LONG_LONG_INT = @HAVE_UNSIGNED_LONG_LONG_INT@ HAVE_USLEEP = @HAVE_USLEEP@ HAVE_UTIMENSAT = @HAVE_UTIMENSAT@ HAVE_VASPRINTF = @HAVE_VASPRINTF@ HAVE_VDPRINTF = @HAVE_VDPRINTF@ +HAVE_VISIBILITY = @HAVE_VISIBILITY@ HAVE_WCHAR_H = @HAVE_WCHAR_H@ HAVE_WCHAR_T = @HAVE_WCHAR_T@ HAVE_WCPCPY = @HAVE_WCPCPY@ @@ -896,12 +985,18 @@ INTLLIBS = @INTLLIBS@ INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ LCOV = @LCOV@ LD = @LD@ +LDDPOSTPROC = @LDDPOSTPROC@ +LDDPROG = @LDDPROG@ LDFLAGS = @LDFLAGS@ LIBATOMIC_LIBS = @LIBATOMIC_LIBS@ +LIBBCRYPT = @LIBBCRYPT@ LIBCRYPTO = @LIBCRYPTO@ LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@ LIBDL = @LIBDL@ LIBDL_PREFIX = @LIBDL_PREFIX@ +LIBEV = @LIBEV@ +LIBEV_LIBS = @LIBEV_LIBS@ +LIBEV_PREFIX = @LIBEV_PREFIX@ LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@ LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@ LIBICONV = @LIBICONV@ @@ -909,20 +1004,21 @@ LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@ LIBIDN2_LIBS = @LIBIDN2_LIBS@ LIBINTL = @LIBINTL@ LIBMULTITHREAD = @LIBMULTITHREAD@ +LIBNCRYPT = @LIBNCRYPT@ LIBOBJS = @LIBOBJS@ LIBOPTS_CFLAGS = @LIBOPTS_CFLAGS@ LIBOPTS_DIR = @LIBOPTS_DIR@ LIBOPTS_LDADD = @LIBOPTS_LDADD@ -LIBPTH = @LIBPTH@ +LIBPMULTITHREAD = @LIBPMULTITHREAD@ LIBPTHREAD = @LIBPTHREAD@ LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@ -LIBPTH_PREFIX = @LIBPTH_PREFIX@ LIBRT = @LIBRT@ LIBRT_PREFIX = @LIBRT_PREFIX@ LIBS = @LIBS@ LIBSECCOMP = @LIBSECCOMP@ LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@ LIBSOCKET = @LIBSOCKET@ +LIBSTDTHREAD = @LIBSTDTHREAD@ LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@ LIBTASN1_LIBS = @LIBTASN1_LIBS@ LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@ @@ -934,8 +1030,14 @@ LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@ LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@ LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@ LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@ +LIB_CRYPT32 = @LIB_CRYPT32@ LIB_NANOSLEEP = @LIB_NANOSLEEP@ +LIB_PTHREAD = @LIB_PTHREAD@ +LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@ +LIB_SCHED_YIELD = @LIB_SCHED_YIELD@ LIB_SELECT = @LIB_SELECT@ +LIB_SETLOCALE = @LIB_SETLOCALE@ +LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@ LIMITS_H = @LIMITS_H@ LIPO = @LIPO@ LN_S = @LN_S@ @@ -947,11 +1049,11 @@ LOCALE_ZH_CN = @LOCALE_ZH_CN@ LTALLOCA = @LTALLOCA@ LTLIBCRYPTO = @LTLIBCRYPTO@ LTLIBDL = @LTLIBDL@ +LTLIBEV = @LTLIBEV@ LTLIBICONV = @LTLIBICONV@ LTLIBINTL = @LTLIBINTL@ LTLIBMULTITHREAD = @LTLIBMULTITHREAD@ LTLIBOBJS = @LTLIBOBJS@ -LTLIBPTH = @LTLIBPTH@ LTLIBPTHREAD = @LTLIBPTHREAD@ LTLIBRT = @LTLIBRT@ LTLIBSECCOMP = @LTLIBSECCOMP@ @@ -993,6 +1095,8 @@ NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@ NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@ NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@ NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@ +NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@ +NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@ NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@ NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@ NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@ @@ -1020,6 +1124,8 @@ NEXT_LIMITS_H = @NEXT_LIMITS_H@ NEXT_LOCALE_H = @NEXT_LOCALE_H@ NEXT_NETDB_H = @NEXT_NETDB_H@ NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@ +NEXT_PTHREAD_H = @NEXT_PTHREAD_H@ +NEXT_SCHED_H = @NEXT_SCHED_H@ NEXT_SIGNAL_H = @NEXT_SIGNAL_H@ NEXT_STDDEF_H = @NEXT_STDDEF_H@ NEXT_STDINT_H = @NEXT_STDINT_H@ @@ -1053,6 +1159,7 @@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ +PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@ PATCH_VERSION = @PATCH_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ @@ -1068,17 +1175,20 @@ PRI_MACROS_BROKEN = @PRI_MACROS_BROKEN@ PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@ PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@ RANLIB = @RANLIB@ +REPLACE_ACCESS = @REPLACE_ACCESS@ REPLACE_BTOWC = @REPLACE_BTOWC@ REPLACE_CALLOC = @REPLACE_CALLOC@ REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@ REPLACE_CHOWN = @REPLACE_CHOWN@ REPLACE_CLOSE = @REPLACE_CLOSE@ +REPLACE_CREAT = @REPLACE_CREAT@ REPLACE_CTIME = @REPLACE_CTIME@ REPLACE_DPRINTF = @REPLACE_DPRINTF@ REPLACE_DUP = @REPLACE_DUP@ REPLACE_DUP2 = @REPLACE_DUP2@ REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@ REPLACE_FACCESSAT = @REPLACE_FACCESSAT@ +REPLACE_FCHMODAT = @REPLACE_FCHMODAT@ REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@ REPLACE_FCLOSE = @REPLACE_FCLOSE@ REPLACE_FCNTL = @REPLACE_FCNTL@ @@ -1098,6 +1208,7 @@ REPLACE_FTELLO = @REPLACE_FTELLO@ REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@ REPLACE_FUTIMENS = @REPLACE_FUTIMENS@ REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@ +REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@ REPLACE_GETCWD = @REPLACE_GETCWD@ REPLACE_GETDELIM = @REPLACE_GETDELIM@ REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@ @@ -1150,7 +1261,58 @@ REPLACE_POPEN = @REPLACE_POPEN@ REPLACE_PREAD = @REPLACE_PREAD@ REPLACE_PRINTF = @REPLACE_PRINTF@ REPLACE_PSELECT = @REPLACE_PSELECT@ +REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@ +REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@ +REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@ +REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@ +REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@ +REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@ +REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@ +REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@ +REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@ +REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@ +REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@ +REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@ +REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@ +REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@ +REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@ +REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@ +REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@ +REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@ +REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@ +REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@ +REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@ +REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@ +REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@ +REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@ +REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@ +REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@ +REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@ +REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@ +REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@ +REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@ +REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@ +REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@ +REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@ +REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@ +REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@ +REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@ +REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@ +REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@ +REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@ +REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@ REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@ +REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@ +REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@ +REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@ +REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@ +REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@ REPLACE_PTSNAME = @REPLACE_PTSNAME@ REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@ REPLACE_PUTENV = @REPLACE_PUTENV@ @@ -1168,6 +1330,7 @@ REPLACE_REMOVE = @REPLACE_REMOVE@ REPLACE_RENAME = @REPLACE_RENAME@ REPLACE_RENAMEAT = @REPLACE_RENAMEAT@ REPLACE_RMDIR = @REPLACE_RMDIR@ +REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@ REPLACE_SELECT = @REPLACE_SELECT@ REPLACE_SETENV = @REPLACE_SETENV@ REPLACE_SETLOCALE = @REPLACE_SETLOCALE@ @@ -1219,6 +1382,7 @@ REPLACE_WCRTOMB = @REPLACE_WCRTOMB@ REPLACE_WCSFTIME = @REPLACE_WCSFTIME@ REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@ REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@ +REPLACE_WCSTOK = @REPLACE_WCSTOK@ REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@ REPLACE_WCTOB = @REPLACE_WCTOB@ REPLACE_WCTOMB = @REPLACE_WCTOMB@ @@ -1267,7 +1431,6 @@ XGETTEXT = @XGETTEXT@ XGETTEXT_015 = @XGETTEXT_015@ XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ YACC = @YACC@ -YEAR = @YEAR@ YFLAGS = @YFLAGS@ abs_aux_dir = @abs_aux_dir@ abs_builddir = @abs_builddir@ @@ -1327,13 +1490,13 @@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +maybe_guileextensiondir = @maybe_guileextensiondir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ -runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ diff --git a/doc/credentials/x509/Makefile.in b/doc/credentials/x509/Makefile.in index ede95b4..1a4a194 100644 --- a/doc/credentials/x509/Makefile.in +++ b/doc/credentials/x509/Makefile.in @@ -92,7 +92,6 @@ ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/lib/unistring/m4/inline.m4 \ $(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \ - $(top_srcdir)/src/gl/m4/__inline.m4 \ $(top_srcdir)/src/gl/m4/bison.m4 \ $(top_srcdir)/src/gl/m4/clock_time.m4 \ $(top_srcdir)/src/gl/m4/fseek.m4 \ @@ -112,7 +111,7 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/src/gl/m4/tzset.m4 \ $(top_srcdir)/src/libopts/m4/libopts.m4 \ $(top_srcdir)/src/libopts/m4/stdnoreturn.m4 \ - $(top_srcdir)/m4/00gnulib.m4 \ + $(top_srcdir)/m4/00gnulib.m4 $(top_srcdir)/m4/__inline.m4 \ $(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \ $(top_srcdir)/m4/arpa_inet_h.m4 \ $(top_srcdir)/m4/ax_ac_append_to_file.m4 \ @@ -127,18 +126,19 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/codeset.m4 $(top_srcdir)/m4/ctype.m4 \ $(top_srcdir)/m4/dup2.m4 $(top_srcdir)/m4/eealloc.m4 \ $(top_srcdir)/m4/environ.m4 $(top_srcdir)/m4/errno_h.m4 \ + $(top_srcdir)/m4/explicit_bzero.m4 \ $(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \ $(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \ $(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \ $(top_srcdir)/m4/fdopen.m4 $(top_srcdir)/m4/flexmember.m4 \ - $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fpieee.m4 \ - $(top_srcdir)/m4/fseeko.m4 $(top_srcdir)/m4/fstat.m4 \ - $(top_srcdir)/m4/ftell.m4 $(top_srcdir)/m4/ftello.m4 \ - $(top_srcdir)/m4/ftruncate.m4 $(top_srcdir)/m4/func.m4 \ - $(top_srcdir)/m4/getcwd.m4 $(top_srcdir)/m4/getdelim.m4 \ - $(top_srcdir)/m4/getdtablesize.m4 $(top_srcdir)/m4/getline.m4 \ - $(top_srcdir)/m4/getpagesize.m4 $(top_srcdir)/m4/gettext.m4 \ - $(top_srcdir)/m4/gettimeofday.m4 \ + $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \ + $(top_srcdir)/m4/fpieee.m4 $(top_srcdir)/m4/fseeko.m4 \ + $(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \ + $(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/ftruncate.m4 \ + $(top_srcdir)/m4/func.m4 $(top_srcdir)/m4/getcwd.m4 \ + $(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \ + $(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/getpagesize.m4 \ + $(top_srcdir)/m4/gettext.m4 $(top_srcdir)/m4/gettimeofday.m4 \ $(top_srcdir)/m4/gnulib-common.m4 \ $(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \ $(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \ @@ -147,12 +147,13 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/inet_pton.m4 \ $(top_srcdir)/m4/intl-thread-locale.m4 \ $(top_srcdir)/m4/intlmacosx.m4 $(top_srcdir)/m4/intmax_t.m4 \ - $(top_srcdir)/m4/inttypes-pri.m4 $(top_srcdir)/m4/inttypes.m4 \ - $(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/ioctl.m4 \ - $(top_srcdir)/m4/isblank.m4 $(top_srcdir)/m4/langinfo_h.m4 \ - $(top_srcdir)/m4/largefile.m4 $(top_srcdir)/m4/lcmessage.m4 \ + $(top_srcdir)/m4/inttostr.m4 $(top_srcdir)/m4/inttypes-pri.m4 \ + $(top_srcdir)/m4/inttypes.m4 $(top_srcdir)/m4/inttypes_h.m4 \ + $(top_srcdir)/m4/ioctl.m4 $(top_srcdir)/m4/isblank.m4 \ + $(top_srcdir)/m4/langinfo_h.m4 $(top_srcdir)/m4/largefile.m4 \ + $(top_srcdir)/m4/lcmessage.m4 \ $(top_srcdir)/m4/ld-output-def.m4 \ - $(top_srcdir)/m4/ld-version-script.m4 \ + $(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/locale-fr.m4 \ @@ -160,27 +161,32 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/locale-zh.m4 $(top_srcdir)/m4/locale_h.m4 \ $(top_srcdir)/m4/localename.m4 \ $(top_srcdir)/m4/localtime-buffer.m4 $(top_srcdir)/m4/lock.m4 \ - $(top_srcdir)/m4/longlong.m4 $(top_srcdir)/m4/lseek.m4 \ - $(top_srcdir)/m4/lstat.m4 $(top_srcdir)/m4/ltoptions.m4 \ - $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ - $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \ - $(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \ - $(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \ - $(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \ - $(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \ + $(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/lstat.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/malloc.m4 $(top_srcdir)/m4/malloca.m4 \ + $(top_srcdir)/m4/manywarnings.m4 $(top_srcdir)/m4/memchr.m4 \ + $(top_srcdir)/m4/memmem.m4 $(top_srcdir)/m4/minmax.m4 \ + $(top_srcdir)/m4/mmap-anon.m4 $(top_srcdir)/m4/mode_t.m4 \ + $(top_srcdir)/m4/msvc-inval.m4 \ $(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \ $(top_srcdir)/m4/nanosleep.m4 $(top_srcdir)/m4/netdb_h.m4 \ $(top_srcdir)/m4/netinet_in_h.m4 $(top_srcdir)/m4/nls.m4 \ $(top_srcdir)/m4/off_t.m4 $(top_srcdir)/m4/open-cloexec.m4 \ - $(top_srcdir)/m4/open.m4 $(top_srcdir)/m4/pathmax.m4 \ - $(top_srcdir)/m4/perror.m4 $(top_srcdir)/m4/pipe.m4 \ - $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/m4/po.m4 \ - $(top_srcdir)/m4/printf.m4 $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \ + $(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/perror.m4 \ + $(top_srcdir)/m4/pipe.m4 $(top_srcdir)/m4/pkg.m4 \ + $(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \ + $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/pthread-thread.m4 \ + $(top_srcdir)/m4/pthread_h.m4 \ $(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \ - $(top_srcdir)/m4/putenv.m4 $(top_srcdir)/m4/raise.m4 \ - $(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \ + $(top_srcdir)/m4/pthread_sigmask.m4 $(top_srcdir)/m4/putenv.m4 \ + $(top_srcdir)/m4/raise.m4 $(top_srcdir)/m4/read-file.m4 \ + $(top_srcdir)/m4/realloc.m4 $(top_srcdir)/m4/sched_h.m4 \ $(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/select.m4 \ $(top_srcdir)/m4/setenv.m4 $(top_srcdir)/m4/setlocale.m4 \ + $(top_srcdir)/m4/setlocale_null.m4 \ $(top_srcdir)/m4/sigaction.m4 $(top_srcdir)/m4/signal_h.m4 \ $(top_srcdir)/m4/signalblocking.m4 \ $(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/sleep.m4 \ @@ -188,29 +194,30 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/sockets.m4 $(top_srcdir)/m4/socklen.m4 \ $(top_srcdir)/m4/sockpfaf.m4 $(top_srcdir)/m4/ssize_t.m4 \ $(top_srcdir)/m4/stat-time.m4 $(top_srcdir)/m4/stat.m4 \ - $(top_srcdir)/m4/stdalign.m4 $(top_srcdir)/m4/stdbool.m4 \ - $(top_srcdir)/m4/stddef_h.m4 $(top_srcdir)/m4/stdint.m4 \ - $(top_srcdir)/m4/stdint_h.m4 $(top_srcdir)/m4/stdio_h.m4 \ - $(top_srcdir)/m4/stdlib_h.m4 $(top_srcdir)/m4/strcase.m4 \ - $(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/strerror.m4 \ - $(top_srcdir)/m4/strerror_r.m4 $(top_srcdir)/m4/string_h.m4 \ - $(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \ - $(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \ - $(top_srcdir)/m4/strverscmp.m4 $(top_srcdir)/m4/symlink.m4 \ - $(top_srcdir)/m4/sys_ioctl_h.m4 \ + $(top_srcdir)/m4/std-gnu11.m4 $(top_srcdir)/m4/stdalign.m4 \ + $(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \ + $(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \ + $(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \ + $(top_srcdir)/m4/strcase.m4 $(top_srcdir)/m4/strdup.m4 \ + $(top_srcdir)/m4/strerror.m4 $(top_srcdir)/m4/strerror_r.m4 \ + $(top_srcdir)/m4/string_h.m4 $(top_srcdir)/m4/strings_h.m4 \ + $(top_srcdir)/m4/strndup.m4 $(top_srcdir)/m4/strnlen.m4 \ + $(top_srcdir)/m4/strtok_r.m4 $(top_srcdir)/m4/strverscmp.m4 \ + $(top_srcdir)/m4/symlink.m4 $(top_srcdir)/m4/sys_ioctl_h.m4 \ $(top_srcdir)/m4/sys_select_h.m4 \ $(top_srcdir)/m4/sys_socket_h.m4 \ $(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \ $(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \ - $(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \ - $(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \ - $(top_srcdir)/m4/unistd_h.m4 \ + $(top_srcdir)/m4/thread.m4 $(top_srcdir)/m4/threadlib.m4 \ + $(top_srcdir)/m4/time_h.m4 $(top_srcdir)/m4/time_r.m4 \ + $(top_srcdir)/m4/ungetc.m4 $(top_srcdir)/m4/unistd_h.m4 \ $(top_srcdir)/m4/valgrind-tests.m4 \ $(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \ - $(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \ - $(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \ - $(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \ - $(top_srcdir)/m4/xsize.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/visibility.m4 $(top_srcdir)/m4/vsnprintf.m4 \ + $(top_srcdir)/m4/warn-on-use.m4 $(top_srcdir)/m4/warnings.m4 \ + $(top_srcdir)/m4/wchar_h.m4 $(top_srcdir)/m4/wchar_t.m4 \ + $(top_srcdir)/m4/wint_t.m4 $(top_srcdir)/m4/xsize.m4 \ + $(top_srcdir)/m4/zzgnulib.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) @@ -265,6 +272,7 @@ CCASDEPMODE = @CCASDEPMODE@ CCASFLAGS = @CCASFLAGS@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ +CFLAG_VISIBILITY = @CFLAG_VISIBILITY@ CMOCKA_CFLAGS = @CMOCKA_CFLAGS@ CMOCKA_LIBS = @CMOCKA_LIBS@ CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@ @@ -317,6 +325,7 @@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GNULIB_ACCEPT = @GNULIB_ACCEPT@ GNULIB_ACCEPT4 = @GNULIB_ACCEPT4@ +GNULIB_ACCESS = @GNULIB_ACCESS@ GNULIB_ATOLL = @GNULIB_ATOLL@ GNULIB_BIND = @GNULIB_BIND@ GNULIB_BTOWC = @GNULIB_BTOWC@ @@ -326,6 +335,8 @@ GNULIB_CHDIR = @GNULIB_CHDIR@ GNULIB_CHOWN = @GNULIB_CHOWN@ GNULIB_CLOSE = @GNULIB_CLOSE@ GNULIB_CONNECT = @GNULIB_CONNECT@ +GNULIB_COPY_FILE_RANGE = @GNULIB_COPY_FILE_RANGE@ +GNULIB_CREAT = @GNULIB_CREAT@ GNULIB_CTIME = @GNULIB_CTIME@ GNULIB_DPRINTF = @GNULIB_DPRINTF@ GNULIB_DUP = @GNULIB_DUP@ @@ -375,15 +386,18 @@ GNULIB_GETCWD = @GNULIB_GETCWD@ GNULIB_GETDELIM = @GNULIB_GETDELIM@ GNULIB_GETDOMAINNAME = @GNULIB_GETDOMAINNAME@ GNULIB_GETDTABLESIZE = @GNULIB_GETDTABLESIZE@ +GNULIB_GETENTROPY = @GNULIB_GETENTROPY@ GNULIB_GETGROUPS = @GNULIB_GETGROUPS@ GNULIB_GETHOSTNAME = @GNULIB_GETHOSTNAME@ GNULIB_GETLINE = @GNULIB_GETLINE@ GNULIB_GETLOADAVG = @GNULIB_GETLOADAVG@ GNULIB_GETLOGIN = @GNULIB_GETLOGIN@ GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@ +GNULIB_GETOPT_POSIX = @GNULIB_GETOPT_POSIX@ GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@ GNULIB_GETPASS = @GNULIB_GETPASS@ GNULIB_GETPEERNAME = @GNULIB_GETPEERNAME@ +GNULIB_GETRANDOM = @GNULIB_GETRANDOM@ GNULIB_GETSOCKNAME = @GNULIB_GETSOCKNAME@ GNULIB_GETSOCKOPT = @GNULIB_GETSOCKOPT@ GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@ @@ -463,7 +477,15 @@ GNULIB_PREAD = @GNULIB_PREAD@ GNULIB_PRINTF = @GNULIB_PRINTF@ GNULIB_PRINTF_POSIX = @GNULIB_PRINTF_POSIX@ GNULIB_PSELECT = @GNULIB_PSELECT@ +GNULIB_PTHREAD_COND = @GNULIB_PTHREAD_COND@ +GNULIB_PTHREAD_MUTEX = @GNULIB_PTHREAD_MUTEX@ +GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GNULIB_PTHREAD_MUTEX_TIMEDLOCK@ +GNULIB_PTHREAD_ONCE = @GNULIB_PTHREAD_ONCE@ +GNULIB_PTHREAD_RWLOCK = @GNULIB_PTHREAD_RWLOCK@ GNULIB_PTHREAD_SIGMASK = @GNULIB_PTHREAD_SIGMASK@ +GNULIB_PTHREAD_SPIN = @GNULIB_PTHREAD_SPIN@ +GNULIB_PTHREAD_THREAD = @GNULIB_PTHREAD_THREAD@ +GNULIB_PTHREAD_TSS = @GNULIB_PTHREAD_TSS@ GNULIB_PTSNAME = @GNULIB_PTSNAME@ GNULIB_PTSNAME_R = @GNULIB_PTSNAME_R@ GNULIB_PUTC = @GNULIB_PUTC@ @@ -490,6 +512,7 @@ GNULIB_RENAMEAT = @GNULIB_RENAMEAT@ GNULIB_RMDIR = @GNULIB_RMDIR@ GNULIB_RPMATCH = @GNULIB_RPMATCH@ GNULIB_SCANF = @GNULIB_SCANF@ +GNULIB_SCHED_YIELD = @GNULIB_SCHED_YIELD@ GNULIB_SECURE_GETENV = @GNULIB_SECURE_GETENV@ GNULIB_SELECT = @GNULIB_SELECT@ GNULIB_SEND = @GNULIB_SEND@ @@ -497,6 +520,7 @@ GNULIB_SENDTO = @GNULIB_SENDTO@ GNULIB_SETENV = @GNULIB_SETENV@ GNULIB_SETHOSTNAME = @GNULIB_SETHOSTNAME@ GNULIB_SETLOCALE = @GNULIB_SETLOCALE@ +GNULIB_SETLOCALE_NULL = @GNULIB_SETLOCALE_NULL@ GNULIB_SETSOCKOPT = @GNULIB_SETSOCKOPT@ GNULIB_SHUTDOWN = @GNULIB_SHUTDOWN@ GNULIB_SIGACTION = @GNULIB_SIGACTION@ @@ -626,6 +650,7 @@ HAVE_BTOWC = @HAVE_BTOWC@ HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@ HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@ HAVE_CHOWN = @HAVE_CHOWN@ +HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@ HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@ HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@ HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@ @@ -697,11 +722,13 @@ HAVE_FTELLO = @HAVE_FTELLO@ HAVE_FTRUNCATE = @HAVE_FTRUNCATE@ HAVE_FUTIMENS = @HAVE_FUTIMENS@ HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@ +HAVE_GETENTROPY = @HAVE_GETENTROPY@ HAVE_GETGROUPS = @HAVE_GETGROUPS@ HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@ HAVE_GETLOGIN = @HAVE_GETLOGIN@ HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@ HAVE_GETPASS = @HAVE_GETPASS@ +HAVE_GETRANDOM = @HAVE_GETRANDOM@ HAVE_GETSUBOPT = @HAVE_GETSUBOPT@ HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@ HAVE_GRANTPT = @HAVE_GRANTPT@ @@ -720,12 +747,12 @@ HAVE_LCHMOD = @HAVE_LCHMOD@ HAVE_LCHOWN = @HAVE_LCHOWN@ HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@ HAVE_LIBDL = @HAVE_LIBDL@ +HAVE_LIBEV = @HAVE_LIBEV@ HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@ HAVE_LIBRT = @HAVE_LIBRT@ HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@ HAVE_LINK = @HAVE_LINK@ HAVE_LINKAT = @HAVE_LINKAT@ -HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@ HAVE_LSTAT = @HAVE_LSTAT@ HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@ HAVE_MBRLEN = @HAVE_MBRLEN@ @@ -763,7 +790,65 @@ HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@ HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@ HAVE_PREAD = @HAVE_PREAD@ HAVE_PSELECT = @HAVE_PSELECT@ +HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@ +HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@ +HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@ +HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@ +HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@ +HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@ +HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@ +HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@ +HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@ +HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@ +HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@ +HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@ +HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@ +HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@ +HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@ +HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@ +HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@ +HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@ +HAVE_PTHREAD_H = @HAVE_PTHREAD_H@ +HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@ +HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@ +HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@ +HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@ +HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@ +HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@ +HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@ +HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@ +HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@ +HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@ +HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@ +HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@ +HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@ +HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@ +HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@ +HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@ +HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@ +HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@ +HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@ +HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@ +HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@ +HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@ +HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@ +HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@ +HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@ +HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@ +HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@ +HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@ +HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@ HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@ +HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@ +HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@ +HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@ +HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@ +HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@ +HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@ +HAVE_PTHREAD_T = @HAVE_PTHREAD_T@ HAVE_PTSNAME = @HAVE_PTSNAME@ HAVE_PTSNAME_R = @HAVE_PTSNAME_R@ HAVE_PWRITE = @HAVE_PWRITE@ @@ -780,6 +865,8 @@ HAVE_REALPATH = @HAVE_REALPATH@ HAVE_RENAMEAT = @HAVE_RENAMEAT@ HAVE_RPMATCH = @HAVE_RPMATCH@ HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@ +HAVE_SCHED_H = @HAVE_SCHED_H@ +HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@ HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@ HAVE_SETENV = @HAVE_SETENV@ HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@ @@ -808,6 +895,7 @@ HAVE_STRTOLL = @HAVE_STRTOLL@ HAVE_STRTOULL = @HAVE_STRTOULL@ HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@ HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@ +HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@ HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@ HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@ HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@ @@ -816,6 +904,7 @@ HAVE_STRVERSCMP = @HAVE_STRVERSCMP@ HAVE_SYMLINK = @HAVE_SYMLINK@ HAVE_SYMLINKAT = @HAVE_SYMLINKAT@ HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@ +HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@ HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@ HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@ HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@ @@ -832,11 +921,11 @@ HAVE_TZSET = @HAVE_TZSET@ HAVE_UNISTD_H = @HAVE_UNISTD_H@ HAVE_UNLINKAT = @HAVE_UNLINKAT@ HAVE_UNLOCKPT = @HAVE_UNLOCKPT@ -HAVE_UNSIGNED_LONG_LONG_INT = @HAVE_UNSIGNED_LONG_LONG_INT@ HAVE_USLEEP = @HAVE_USLEEP@ HAVE_UTIMENSAT = @HAVE_UTIMENSAT@ HAVE_VASPRINTF = @HAVE_VASPRINTF@ HAVE_VDPRINTF = @HAVE_VDPRINTF@ +HAVE_VISIBILITY = @HAVE_VISIBILITY@ HAVE_WCHAR_H = @HAVE_WCHAR_H@ HAVE_WCHAR_T = @HAVE_WCHAR_T@ HAVE_WCPCPY = @HAVE_WCPCPY@ @@ -896,12 +985,18 @@ INTLLIBS = @INTLLIBS@ INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ LCOV = @LCOV@ LD = @LD@ +LDDPOSTPROC = @LDDPOSTPROC@ +LDDPROG = @LDDPROG@ LDFLAGS = @LDFLAGS@ LIBATOMIC_LIBS = @LIBATOMIC_LIBS@ +LIBBCRYPT = @LIBBCRYPT@ LIBCRYPTO = @LIBCRYPTO@ LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@ LIBDL = @LIBDL@ LIBDL_PREFIX = @LIBDL_PREFIX@ +LIBEV = @LIBEV@ +LIBEV_LIBS = @LIBEV_LIBS@ +LIBEV_PREFIX = @LIBEV_PREFIX@ LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@ LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@ LIBICONV = @LIBICONV@ @@ -909,20 +1004,21 @@ LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@ LIBIDN2_LIBS = @LIBIDN2_LIBS@ LIBINTL = @LIBINTL@ LIBMULTITHREAD = @LIBMULTITHREAD@ +LIBNCRYPT = @LIBNCRYPT@ LIBOBJS = @LIBOBJS@ LIBOPTS_CFLAGS = @LIBOPTS_CFLAGS@ LIBOPTS_DIR = @LIBOPTS_DIR@ LIBOPTS_LDADD = @LIBOPTS_LDADD@ -LIBPTH = @LIBPTH@ +LIBPMULTITHREAD = @LIBPMULTITHREAD@ LIBPTHREAD = @LIBPTHREAD@ LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@ -LIBPTH_PREFIX = @LIBPTH_PREFIX@ LIBRT = @LIBRT@ LIBRT_PREFIX = @LIBRT_PREFIX@ LIBS = @LIBS@ LIBSECCOMP = @LIBSECCOMP@ LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@ LIBSOCKET = @LIBSOCKET@ +LIBSTDTHREAD = @LIBSTDTHREAD@ LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@ LIBTASN1_LIBS = @LIBTASN1_LIBS@ LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@ @@ -934,8 +1030,14 @@ LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@ LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@ LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@ LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@ +LIB_CRYPT32 = @LIB_CRYPT32@ LIB_NANOSLEEP = @LIB_NANOSLEEP@ +LIB_PTHREAD = @LIB_PTHREAD@ +LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@ +LIB_SCHED_YIELD = @LIB_SCHED_YIELD@ LIB_SELECT = @LIB_SELECT@ +LIB_SETLOCALE = @LIB_SETLOCALE@ +LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@ LIMITS_H = @LIMITS_H@ LIPO = @LIPO@ LN_S = @LN_S@ @@ -947,11 +1049,11 @@ LOCALE_ZH_CN = @LOCALE_ZH_CN@ LTALLOCA = @LTALLOCA@ LTLIBCRYPTO = @LTLIBCRYPTO@ LTLIBDL = @LTLIBDL@ +LTLIBEV = @LTLIBEV@ LTLIBICONV = @LTLIBICONV@ LTLIBINTL = @LTLIBINTL@ LTLIBMULTITHREAD = @LTLIBMULTITHREAD@ LTLIBOBJS = @LTLIBOBJS@ -LTLIBPTH = @LTLIBPTH@ LTLIBPTHREAD = @LTLIBPTHREAD@ LTLIBRT = @LTLIBRT@ LTLIBSECCOMP = @LTLIBSECCOMP@ @@ -993,6 +1095,8 @@ NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@ NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@ NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@ NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@ +NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@ +NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@ NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@ NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@ NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@ @@ -1020,6 +1124,8 @@ NEXT_LIMITS_H = @NEXT_LIMITS_H@ NEXT_LOCALE_H = @NEXT_LOCALE_H@ NEXT_NETDB_H = @NEXT_NETDB_H@ NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@ +NEXT_PTHREAD_H = @NEXT_PTHREAD_H@ +NEXT_SCHED_H = @NEXT_SCHED_H@ NEXT_SIGNAL_H = @NEXT_SIGNAL_H@ NEXT_STDDEF_H = @NEXT_STDDEF_H@ NEXT_STDINT_H = @NEXT_STDINT_H@ @@ -1053,6 +1159,7 @@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ +PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@ PATCH_VERSION = @PATCH_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ @@ -1068,17 +1175,20 @@ PRI_MACROS_BROKEN = @PRI_MACROS_BROKEN@ PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@ PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@ RANLIB = @RANLIB@ +REPLACE_ACCESS = @REPLACE_ACCESS@ REPLACE_BTOWC = @REPLACE_BTOWC@ REPLACE_CALLOC = @REPLACE_CALLOC@ REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@ REPLACE_CHOWN = @REPLACE_CHOWN@ REPLACE_CLOSE = @REPLACE_CLOSE@ +REPLACE_CREAT = @REPLACE_CREAT@ REPLACE_CTIME = @REPLACE_CTIME@ REPLACE_DPRINTF = @REPLACE_DPRINTF@ REPLACE_DUP = @REPLACE_DUP@ REPLACE_DUP2 = @REPLACE_DUP2@ REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@ REPLACE_FACCESSAT = @REPLACE_FACCESSAT@ +REPLACE_FCHMODAT = @REPLACE_FCHMODAT@ REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@ REPLACE_FCLOSE = @REPLACE_FCLOSE@ REPLACE_FCNTL = @REPLACE_FCNTL@ @@ -1098,6 +1208,7 @@ REPLACE_FTELLO = @REPLACE_FTELLO@ REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@ REPLACE_FUTIMENS = @REPLACE_FUTIMENS@ REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@ +REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@ REPLACE_GETCWD = @REPLACE_GETCWD@ REPLACE_GETDELIM = @REPLACE_GETDELIM@ REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@ @@ -1150,7 +1261,58 @@ REPLACE_POPEN = @REPLACE_POPEN@ REPLACE_PREAD = @REPLACE_PREAD@ REPLACE_PRINTF = @REPLACE_PRINTF@ REPLACE_PSELECT = @REPLACE_PSELECT@ +REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@ +REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@ +REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@ +REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@ +REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@ +REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@ +REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@ +REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@ +REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@ +REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@ +REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@ +REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@ +REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@ +REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@ +REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@ +REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@ +REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@ +REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@ +REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@ +REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@ +REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@ +REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@ +REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@ +REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@ +REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@ +REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@ +REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@ +REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@ +REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@ +REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@ +REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@ +REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@ +REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@ +REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@ +REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@ +REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@ +REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@ +REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@ +REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@ +REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@ REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@ +REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@ +REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@ +REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@ +REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@ +REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@ REPLACE_PTSNAME = @REPLACE_PTSNAME@ REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@ REPLACE_PUTENV = @REPLACE_PUTENV@ @@ -1168,6 +1330,7 @@ REPLACE_REMOVE = @REPLACE_REMOVE@ REPLACE_RENAME = @REPLACE_RENAME@ REPLACE_RENAMEAT = @REPLACE_RENAMEAT@ REPLACE_RMDIR = @REPLACE_RMDIR@ +REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@ REPLACE_SELECT = @REPLACE_SELECT@ REPLACE_SETENV = @REPLACE_SETENV@ REPLACE_SETLOCALE = @REPLACE_SETLOCALE@ @@ -1219,6 +1382,7 @@ REPLACE_WCRTOMB = @REPLACE_WCRTOMB@ REPLACE_WCSFTIME = @REPLACE_WCSFTIME@ REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@ REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@ +REPLACE_WCSTOK = @REPLACE_WCSTOK@ REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@ REPLACE_WCTOB = @REPLACE_WCTOB@ REPLACE_WCTOMB = @REPLACE_WCTOMB@ @@ -1267,7 +1431,6 @@ XGETTEXT = @XGETTEXT@ XGETTEXT_015 = @XGETTEXT_015@ XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ YACC = @YACC@ -YEAR = @YEAR@ YFLAGS = @YFLAGS@ abs_aux_dir = @abs_aux_dir@ abs_builddir = @abs_builddir@ @@ -1327,13 +1490,13 @@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +maybe_guileextensiondir = @maybe_guileextensiondir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ -runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ diff --git a/doc/crypto-api.texi b/doc/crypto-api.texi index 9e9c699..1d67031 100644 --- a/doc/crypto-api.texi +++ b/doc/crypto-api.texi @@ -34,6 +34,35 @@ the tag verification fails. @strong{Since:} 3.4.0 @end deftypefun +@subheading gnutls_aead_cipher_decryptv2 +@anchor{gnutls_aead_cipher_decryptv2} +@deftypefun {int} {gnutls_aead_cipher_decryptv2} (gnutls_aead_cipher_hd_t @var{handle}, const void * @var{nonce}, size_t @var{nonce_len}, const giovec_t * @var{auth_iov}, int @var{auth_iovcnt}, const giovec_t * @var{iov}, int @var{iovcnt}, void * @var{tag}, size_t @var{tag_size}) +@var{handle}: is a @code{gnutls_aead_cipher_hd_t} type. + +@var{nonce}: the nonce to set + +@var{nonce_len}: The length of the nonce + +@var{auth_iov}: additional data to be authenticated + +@var{auth_iovcnt}: The number of buffers in @code{auth_iov} + +@var{iov}: the data to decrypt + +@var{iovcnt}: The number of buffers in @code{iov} + +@var{tag}: The authentication tag + +@var{tag_size}: The size of the tag to use (use zero for the default) + +This is similar to @code{gnutls_aead_cipher_decrypt()} , but it performs +in-place encryption on the provided data buffers. + +@strong{Returns:} Zero or a negative error code on error. + +@strong{Since:} 3.6.10 +@end deftypefun + @subheading gnutls_aead_cipher_deinit @anchor{gnutls_aead_cipher_deinit} @deftypefun {void} {gnutls_aead_cipher_deinit} (gnutls_aead_cipher_hd_t @var{handle}) @@ -109,6 +138,35 @@ authentication tag. @strong{Since:} 3.6.3 @end deftypefun +@subheading gnutls_aead_cipher_encryptv2 +@anchor{gnutls_aead_cipher_encryptv2} +@deftypefun {int} {gnutls_aead_cipher_encryptv2} (gnutls_aead_cipher_hd_t @var{handle}, const void * @var{nonce}, size_t @var{nonce_len}, const giovec_t * @var{auth_iov}, int @var{auth_iovcnt}, const giovec_t * @var{iov}, int @var{iovcnt}, void * @var{tag}, size_t * @var{tag_size}) +@var{handle}: is a @code{gnutls_aead_cipher_hd_t} type. + +@var{nonce}: the nonce to set + +@var{nonce_len}: The length of the nonce + +@var{auth_iov}: additional data to be authenticated + +@var{auth_iovcnt}: The number of buffers in @code{auth_iov} + +@var{iov}: the data to be encrypted + +@var{iovcnt}: The number of buffers in @code{iov} + +@var{tag}: The authentication tag + +@var{tag_size}: The size of the tag to use (use zero for the default) + +This is similar to @code{gnutls_aead_cipher_encrypt()} , but it performs +in-place encryption on the provided data buffers. + +@strong{Returns:} Zero or a negative error code on error. + +@strong{Since:} 3.6.10 +@end deftypefun + @subheading gnutls_aead_cipher_init @anchor{gnutls_aead_cipher_init} @deftypefun {int} {gnutls_aead_cipher_init} (gnutls_aead_cipher_hd_t * @var{handle}, gnutls_cipher_algorithm_t @var{cipher}, const gnutls_datum_t * @var{key}) @@ -609,6 +667,21 @@ specified by the context. @strong{Since:} 2.10.0 @end deftypefun +@subheading gnutls_hash_copy +@anchor{gnutls_hash_copy} +@deftypefun {gnutls_hash_hd_t} {gnutls_hash_copy} (gnutls_hash_hd_t @var{handle}) +@var{handle}: is a @code{gnutls_hash_hd_t} type + +This function will create a copy of Message Digest context, containing all +its current state. Copying contexts for Message Digests registered using +@code{gnutls_crypto_register_digest()} is not supported and will always result in +an error. + +@strong{Returns:} new Message Digest context or NULL in case of an error. + +@strong{Since:} 3.6.9 +@end deftypefun + @subheading gnutls_hash_deinit @anchor{gnutls_hash_deinit} @deftypefun {void} {gnutls_hash_deinit} (gnutls_hash_hd_t @var{handle}, void * @var{digest}) @@ -684,6 +757,47 @@ and reset the state of the hash. @strong{Since:} 2.10.0 @end deftypefun +@subheading gnutls_hkdf_expand +@anchor{gnutls_hkdf_expand} +@deftypefun {int} {gnutls_hkdf_expand} (gnutls_mac_algorithm_t @var{mac}, const gnutls_datum_t * @var{key}, const gnutls_datum_t * @var{info}, void * @var{output}, size_t @var{length}) +@var{mac}: the mac algorithm used internally + +@var{key}: the pseudorandom key created with HKDF-Extract + +@var{info}: the optional informational data + +@var{output}: the output value of the expand operation + +@var{length}: the desired length of the output key + +This function will derive a variable length keying material from +the pseudorandom key using the HKDF-Expand function as defined in +RFC 5869. + +@strong{Returns:} Zero or a negative error code on error. + +@strong{Since:} 3.6.13 +@end deftypefun + +@subheading gnutls_hkdf_extract +@anchor{gnutls_hkdf_extract} +@deftypefun {int} {gnutls_hkdf_extract} (gnutls_mac_algorithm_t @var{mac}, const gnutls_datum_t * @var{key}, const gnutls_datum_t * @var{salt}, void * @var{output}) +@var{mac}: the mac algorithm used internally + +@var{key}: the initial keying material + +@var{salt}: the optional salt + +@var{output}: the output value of the extract operation + +This function will derive a fixed-size key using the HKDF-Extract +function as defined in RFC 5869. + +@strong{Returns:} Zero or a negative error code on error. + +@strong{Since:} 3.6.13 +@end deftypefun + @subheading gnutls_hmac @anchor{gnutls_hmac} @deftypefun {int} {gnutls_hmac} (gnutls_hmac_hd_t @var{handle}, const void * @var{ptext}, size_t @var{ptext_len}) @@ -701,6 +815,21 @@ specified by the context. @strong{Since:} 2.10.0 @end deftypefun +@subheading gnutls_hmac_copy +@anchor{gnutls_hmac_copy} +@deftypefun {gnutls_hmac_hd_t} {gnutls_hmac_copy} (gnutls_hmac_hd_t @var{handle}) +@var{handle}: is a @code{gnutls_hmac_hd_t} type + +This function will create a copy of MAC context, containing all its current +state. Copying contexts for MACs registered using +@code{gnutls_crypto_register_mac()} is not supported and will always result in an +error. + +@strong{Returns:} new MAC context or NULL in case of an error. + +@strong{Since:} 3.6.9 +@end deftypefun + @subheading gnutls_hmac_deinit @anchor{gnutls_hmac_deinit} @deftypefun {void} {gnutls_hmac_deinit} (gnutls_hmac_hd_t @var{handle}, void * @var{digest}) @@ -730,13 +859,28 @@ the given hmac context. @var{digest}: is the output value of the hash This convenience function will hash the given data and return output -on a single call. +on a single call. Note, this call will not work for MAC algorithms +that require nonce (like UMAC or GMAC). @strong{Returns:} Zero or a negative error code on error. @strong{Since:} 2.10.0 @end deftypefun +@subheading gnutls_hmac_get_key_size +@anchor{gnutls_hmac_get_key_size} +@deftypefun {unsigned} {gnutls_hmac_get_key_size} (gnutls_mac_algorithm_t @var{algorithm}) +@var{algorithm}: the mac algorithm to use + +This function will return the size of the key to be used with this +algorithm. On the algorithms which may accept arbitrary key sizes, +the returned size is the MAC key size used in the TLS protocol. + +@strong{Returns:} The key size or zero on error. + +@strong{Since:} 3.6.12 +@end deftypefun + @subheading gnutls_hmac_get_len @anchor{gnutls_hmac_get_len} @deftypefun {unsigned} {gnutls_hmac_get_len} (gnutls_mac_algorithm_t @var{algorithm}) @@ -813,6 +957,29 @@ Returns the size of the nonce used by the MAC in TLS. @strong{Since:} 3.2.0 @end deftypefun +@subheading gnutls_pbkdf2 +@anchor{gnutls_pbkdf2} +@deftypefun {int} {gnutls_pbkdf2} (gnutls_mac_algorithm_t @var{mac}, const gnutls_datum_t * @var{key}, const gnutls_datum_t * @var{salt}, unsigned @var{iter_count}, void * @var{output}, size_t @var{length}) +@var{mac}: the mac algorithm used internally + +@var{key}: the initial keying material + +@var{salt}: the salt + +@var{iter_count}: the iteration count + +@var{output}: the output value + +@var{length}: the desired length of the output key + +This function will derive a variable length keying material from +a password according to PKCS @code{5} PBKDF2. + +@strong{Returns:} Zero or a negative error code on error. + +@strong{Since:} 3.6.13 +@end deftypefun + @subheading gnutls_rnd @anchor{gnutls_rnd} @deftypefun {int} {gnutls_rnd} (gnutls_rnd_level_t @var{level}, void * @var{data}, size_t @var{len}) diff --git a/doc/enums.texi b/doc/enums.texi index 5c766e4..697ae73 100644 --- a/doc/enums.texi +++ b/doc/enums.texi @@ -23,9 +23,9 @@ Camellia in CBC mode with 256-bit keys. @item GNUTLS_@-CIPHER_@-AES_@-192_@-CBC AES in CBC mode with 192-bit keys. @item GNUTLS_@-CIPHER_@-AES_@-128_@-GCM -AES in GCM mode with 128-bit keys. +AES in GCM mode with 128-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-AES_@-256_@-GCM -AES in GCM mode with 256-bit keys. +AES in GCM mode with 256-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-CAMELLIA_@-192_@-CBC Camellia in CBC mode with 192-bit keys. @item GNUTLS_@-CIPHER_@-SALSA20_@-256 @@ -33,21 +33,21 @@ Salsa20 with 256-bit keys. @item GNUTLS_@-CIPHER_@-ESTREAM_@-SALSA20_@-256 Estream's Salsa20 variant with 256-bit keys. @item GNUTLS_@-CIPHER_@-CAMELLIA_@-128_@-GCM -CAMELLIA in GCM mode with 128-bit keys. +CAMELLIA in GCM mode with 128-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-CAMELLIA_@-256_@-GCM -CAMELLIA in GCM mode with 256-bit keys. +CAMELLIA in GCM mode with 256-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-RC2_@-40_@-CBC RC2 in CBC mode with 40-bit keys. @item GNUTLS_@-CIPHER_@-DES_@-CBC DES in CBC mode (56-bit keys). @item GNUTLS_@-CIPHER_@-AES_@-128_@-CCM -AES in CCM mode with 128-bit keys. +AES in CCM mode with 128-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-AES_@-256_@-CCM -AES in CCM mode with 256-bit keys. +AES in CCM mode with 256-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-AES_@-128_@-CCM_@-8 -AES in CCM mode with 64-bit tag and 128-bit keys. +AES in CCM mode with 64-bit tag and 128-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-AES_@-256_@-CCM_@-8 -AES in CCM mode with 64-bit tag and 256-bit keys. +AES in CCM mode with 64-bit tag and 256-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-CHACHA20_@-POLY1305 The Chacha20 cipher with the Poly1305 authenticator (AEAD). @item GNUTLS_@-CIPHER_@-GOST28147_@-TC26Z_@-CFB @@ -74,6 +74,22 @@ Note that the XTS ciphers are message oriented. The whole message needs to be provided with a single call, because cipher-stealing requires to know where the message actually terminates in order to be able to compute where the stealing occurs. +@item GNUTLS_@-CIPHER_@-GOST28147_@-TC26Z_@-CNT +GOST 28147-89 (Magma) cipher in CNT mode with TC26 Z S-box. +@item GNUTLS_@-CIPHER_@-CHACHA20_@-64 +Chacha20 cipher with 64-bit nonces and 64-bit block counters. +@item GNUTLS_@-CIPHER_@-CHACHA20_@-32 +Chacha20 cipher with 96-bit nonces and 32-bit block counters. +@item GNUTLS_@-CIPHER_@-AES_@-128_@-SIV +AES in SIV mode with 128-bit key. +@item GNUTLS_@-CIPHER_@-AES_@-256_@-SIV +AES in SIV mode with 256-bit key. +Note that the SIV ciphers can only be used with +the AEAD interface, and the IV plays a role as +the authentication tag while it is prepended to +the cipher text. +@item GNUTLS_@-CIPHER_@-AES_@-192_@-GCM +AES in GCM mode with 192-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-IDEA_@-PGP_@-CFB IDEA in CFB mode (placeholder - unsupported). @item GNUTLS_@-CIPHER_@-3DES_@-PGP_@-CFB @@ -128,6 +144,8 @@ ECDHE-ECDSA key-exchange algorithm. ECDHE-PSK key-exchange algorithm. @item GNUTLS_@-KX_@-RSA_@-PSK RSA-PSK key-exchange algorithm. +@item GNUTLS_@-KX_@-VKO_@-GOST_@-12 +VKO GOST R 34.10-2012 key-exchange algorithm. @end table @c gnutls_params_type_t @@ -195,13 +213,25 @@ HMAC GOST R 34.11-2001 (Streebog) algorithm, 512 bit. @item GNUTLS_@-MAC_@-AEAD MAC implicit through AEAD cipher. @item GNUTLS_@-MAC_@-UMAC_@-96 -The UMAC-96 MAC algorithm. +The UMAC-96 MAC algorithm (requires nonce). @item GNUTLS_@-MAC_@-UMAC_@-128 -The UMAC-128 MAC algorithm. +The UMAC-128 MAC algorithm (requires nonce). @item GNUTLS_@-MAC_@-AES_@-CMAC_@-128 The AES-CMAC-128 MAC algorithm. @item GNUTLS_@-MAC_@-AES_@-CMAC_@-256 The AES-CMAC-256 MAC algorithm. +@item GNUTLS_@-MAC_@-AES_@-GMAC_@-128 +The AES-GMAC-128 MAC algorithm (requires nonce). +@item GNUTLS_@-MAC_@-AES_@-GMAC_@-192 +The AES-GMAC-192 MAC algorithm (requires nonce). +@item GNUTLS_@-MAC_@-AES_@-GMAC_@-256 +The AES-GMAC-256 MAC algorithm (requires nonce). +@item GNUTLS_@-MAC_@-GOST28147_@-TC26Z_@-IMIT +The GOST 28147-89 working in IMIT mode with TC26 Z S-box. +@item GNUTLS_@-MAC_@-SHAKE_@-128 +Reserved; unimplemented. +@item GNUTLS_@-MAC_@-SHAKE_@-256 +Reserved; unimplemented. @end table @c gnutls_digest_algorithm_t @@ -242,6 +272,10 @@ GOST R 34.11-94 algorithm. GOST R 34.11-2001 (Streebog) algorithm, 256 bit. @item GNUTLS_@-DIG_@-STREEBOG_@-512 GOST R 34.11-2001 (Streebog) algorithm, 512 bit. +@item GNUTLS_@-DIG_@-SHAKE_@-128 +Reserved; unimplemented. +@item GNUTLS_@-DIG_@-SHAKE_@-256 +Reserved; unimplemented. @end table @c gnutls_compression_method_t @@ -324,6 +358,9 @@ in different threads. @item GNUTLS_@-ENABLE_@-EARLY_@-DATA Under TLS1.3 allow the server to receive early data sent as part of the initial ClientHello (0-RTT). This is not enabled by default as early data has weaker security properties than other data. Since 3.6.5. +@item GNUTLS_@-NO_@-AUTO_@-SEND_@-TICKET +Under TLS1.3 disable auto-sending of +session tickets during the handshake. @end table @c gnutls_alert_level_t @@ -616,6 +653,10 @@ GOST R 34.10-2001 algorithm per rfc5832. GOST R 34.10-2012 algorithm, 256-bit key per rfc7091. @item GNUTLS_@-PK_@-GOST_@-12_@-512 GOST R 34.10-2012 algorithm, 512-bit key per rfc7091. +@item GNUTLS_@-PK_@-ECDH_@-X448 +Elliptic curve algorithm, restricted to ECDH as per rfc7748. +@item GNUTLS_@-PK_@-EDDSA_@-ED448 +Edwards curve Digital signature algorithm. Used with SHAKE256 on signatures. @item GNUTLS_@-PK_@-MAX -- undescribed -- @end table @@ -725,6 +766,8 @@ Digital signature algorithm GOST R 34.10-2001 with GOST R 34.11-94 Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 256 bit @item GNUTLS_@-SIGN_@-GOST_@-512 Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 512 bit +@item GNUTLS_@-SIGN_@-EDDSA_@-ED448 +Digital signature algorithm EdDSA with Ed448 curve. @item GNUTLS_@-SIGN_@-MAX -- undescribed -- @end table @@ -761,6 +804,20 @@ GOST R 34.10 CryptoPro 256 XchB curve GOST R 34.10 TC26 512 A curve @item GNUTLS_@-ECC_@-CURVE_@-GOST512B GOST R 34.10 TC26 512 B curve +@item GNUTLS_@-ECC_@-CURVE_@-GOST512C +GOST R 34.10 TC26 512 C curve +@item GNUTLS_@-ECC_@-CURVE_@-GOST256A +GOST R 34.10 TC26 256 A curve +@item GNUTLS_@-ECC_@-CURVE_@-GOST256B +GOST R 34.10 TC26 256 B curve +@item GNUTLS_@-ECC_@-CURVE_@-GOST256C +GOST R 34.10 TC26 256 C curve +@item GNUTLS_@-ECC_@-CURVE_@-GOST256D +GOST R 34.10 TC26 256 D curve +@item GNUTLS_@-ECC_@-CURVE_@-X448 +the X448 curve (ECDH only) +@item GNUTLS_@-ECC_@-CURVE_@-ED448 +the Ed448 curve @item GNUTLS_@-ECC_@-CURVE_@-MAX -- undescribed -- @end table @@ -781,6 +838,22 @@ the SECP384R1 curve group the SECP521R1 curve group @item GNUTLS_@-GROUP_@-X25519 the X25519 curve group +@item GNUTLS_@-GROUP_@-X448 +the X448 curve group +@item GNUTLS_@-GROUP_@-GC256A +the GOST R 34.10 TC26 256 A curve group +@item GNUTLS_@-GROUP_@-GC256B +the GOST R 34.10 TC26 256 B curve group +@item GNUTLS_@-GROUP_@-GC256C +the GOST R 34.10 TC26 256 C curve group +@item GNUTLS_@-GROUP_@-GC256D +the GOST R 34.10 TC26 256 D curve group +@item GNUTLS_@-GROUP_@-GC512A +the GOST R 34.10 TC26 512 A curve group +@item GNUTLS_@-GROUP_@-GC512B +the GOST R 34.10 TC26 512 B curve group +@item GNUTLS_@-GROUP_@-GC512C +the GOST R 34.10 TC26 512 C curve group @item GNUTLS_@-GROUP_@-FFDHE2048 the FFDHE2048 group @item GNUTLS_@-GROUP_@-FFDHE3072 @@ -887,6 +960,10 @@ Indicates client capability for post-handshake auth; set only on server side. The TLS1.3 server session returned early. @item GNUTLS_@-SFLAGS_@-EARLY_@-DATA The TLS1.3 early data has been received by the server. +@item GNUTLS_@-SFLAGS_@-CLI_@-REQUESTED_@-OCSP +Set when the client has requested OCSP staple during handshake. +@item GNUTLS_@-SFLAGS_@-SERV_@-REQUESTED_@-OCSP +Set when the server has requested OCSP staple during handshake. @end table @c gnutls_supplemental_data_format_type_t @@ -975,6 +1052,8 @@ IP address SAN. OtherName SAN. @item GNUTLS_@-SAN_@-DN DN SAN. +@item GNUTLS_@-SAN_@-REGISTERED_@-ID +RegisteredID. @item GNUTLS_@-SAN_@-MAX -- undescribed -- @item GNUTLS_@-SAN_@-OTHERNAME_@-XMPP @@ -1420,7 +1499,13 @@ even if the information about the seed used will be lost. @item GNUTLS_@-PRIVKEY_@-SIGN_@-FLAG_@-RSA_@-PSS Make an RSA signature on the hashed data with the PSS padding. @item GNUTLS_@-PRIVKEY_@-FLAG_@-REPRODUCIBLE -Make an RSA-PSS signature on the hashed data with reproducible parameters (zero salt). +Make a signature on the hashed data with reproducible parameters. +For RSA-PSS, that means to use empty salt instead of random value. To +verify a signature created using this flag, the corresponding SPKI needs +to be set on the public key. Use @code{gnutls_pubkey_set_spki()} for that. +For ECDSA/DSA, it uses the deterministic construction of random parameter +according to RFC 6979. Note that this only supports the NIST curves and DSA +subgroup bits up to 512. @item GNUTLS_@-PRIVKEY_@-FLAG_@-CA The generated private key is going to be used as a CA (relevant for RSA-PSS keys). @end table diff --git a/doc/enums/gnutls_cipher_algorithm_t b/doc/enums/gnutls_cipher_algorithm_t index 3428afa..f3bd416 100644 --- a/doc/enums/gnutls_cipher_algorithm_t +++ b/doc/enums/gnutls_cipher_algorithm_t @@ -23,9 +23,9 @@ Camellia in CBC mode with 256-bit keys. @item GNUTLS_@-CIPHER_@-AES_@-192_@-CBC AES in CBC mode with 192-bit keys. @item GNUTLS_@-CIPHER_@-AES_@-128_@-GCM -AES in GCM mode with 128-bit keys. +AES in GCM mode with 128-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-AES_@-256_@-GCM -AES in GCM mode with 256-bit keys. +AES in GCM mode with 256-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-CAMELLIA_@-192_@-CBC Camellia in CBC mode with 192-bit keys. @item GNUTLS_@-CIPHER_@-SALSA20_@-256 @@ -33,21 +33,21 @@ Salsa20 with 256-bit keys. @item GNUTLS_@-CIPHER_@-ESTREAM_@-SALSA20_@-256 Estream's Salsa20 variant with 256-bit keys. @item GNUTLS_@-CIPHER_@-CAMELLIA_@-128_@-GCM -CAMELLIA in GCM mode with 128-bit keys. +CAMELLIA in GCM mode with 128-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-CAMELLIA_@-256_@-GCM -CAMELLIA in GCM mode with 256-bit keys. +CAMELLIA in GCM mode with 256-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-RC2_@-40_@-CBC RC2 in CBC mode with 40-bit keys. @item GNUTLS_@-CIPHER_@-DES_@-CBC DES in CBC mode (56-bit keys). @item GNUTLS_@-CIPHER_@-AES_@-128_@-CCM -AES in CCM mode with 128-bit keys. +AES in CCM mode with 128-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-AES_@-256_@-CCM -AES in CCM mode with 256-bit keys. +AES in CCM mode with 256-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-AES_@-128_@-CCM_@-8 -AES in CCM mode with 64-bit tag and 128-bit keys. +AES in CCM mode with 64-bit tag and 128-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-AES_@-256_@-CCM_@-8 -AES in CCM mode with 64-bit tag and 256-bit keys. +AES in CCM mode with 64-bit tag and 256-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-CHACHA20_@-POLY1305 The Chacha20 cipher with the Poly1305 authenticator (AEAD). @item GNUTLS_@-CIPHER_@-GOST28147_@-TC26Z_@-CFB @@ -74,6 +74,22 @@ Note that the XTS ciphers are message oriented. The whole message needs to be provided with a single call, because cipher-stealing requires to know where the message actually terminates in order to be able to compute where the stealing occurs. +@item GNUTLS_@-CIPHER_@-GOST28147_@-TC26Z_@-CNT +GOST 28147-89 (Magma) cipher in CNT mode with TC26 Z S-box. +@item GNUTLS_@-CIPHER_@-CHACHA20_@-64 +Chacha20 cipher with 64-bit nonces and 64-bit block counters. +@item GNUTLS_@-CIPHER_@-CHACHA20_@-32 +Chacha20 cipher with 96-bit nonces and 32-bit block counters. +@item GNUTLS_@-CIPHER_@-AES_@-128_@-SIV +AES in SIV mode with 128-bit key. +@item GNUTLS_@-CIPHER_@-AES_@-256_@-SIV +AES in SIV mode with 256-bit key. +Note that the SIV ciphers can only be used with +the AEAD interface, and the IV plays a role as +the authentication tag while it is prepended to +the cipher text. +@item GNUTLS_@-CIPHER_@-AES_@-192_@-GCM +AES in GCM mode with 192-bit keys (AEAD). @item GNUTLS_@-CIPHER_@-IDEA_@-PGP_@-CFB IDEA in CFB mode (placeholder - unsupported). @item GNUTLS_@-CIPHER_@-3DES_@-PGP_@-CFB diff --git a/doc/enums/gnutls_digest_algorithm_t b/doc/enums/gnutls_digest_algorithm_t index 2d61fb4..5d9f958 100644 --- a/doc/enums/gnutls_digest_algorithm_t +++ b/doc/enums/gnutls_digest_algorithm_t @@ -38,4 +38,8 @@ GOST R 34.11-94 algorithm. GOST R 34.11-2001 (Streebog) algorithm, 256 bit. @item GNUTLS_@-DIG_@-STREEBOG_@-512 GOST R 34.11-2001 (Streebog) algorithm, 512 bit. +@item GNUTLS_@-DIG_@-SHAKE_@-128 +Reserved; unimplemented. +@item GNUTLS_@-DIG_@-SHAKE_@-256 +Reserved; unimplemented. @end table diff --git a/doc/enums/gnutls_ecc_curve_t b/doc/enums/gnutls_ecc_curve_t index e82bdd7..aa158d4 100644 --- a/doc/enums/gnutls_ecc_curve_t +++ b/doc/enums/gnutls_ecc_curve_t @@ -32,6 +32,20 @@ GOST R 34.10 CryptoPro 256 XchB curve GOST R 34.10 TC26 512 A curve @item GNUTLS_@-ECC_@-CURVE_@-GOST512B GOST R 34.10 TC26 512 B curve +@item GNUTLS_@-ECC_@-CURVE_@-GOST512C +GOST R 34.10 TC26 512 C curve +@item GNUTLS_@-ECC_@-CURVE_@-GOST256A +GOST R 34.10 TC26 256 A curve +@item GNUTLS_@-ECC_@-CURVE_@-GOST256B +GOST R 34.10 TC26 256 B curve +@item GNUTLS_@-ECC_@-CURVE_@-GOST256C +GOST R 34.10 TC26 256 C curve +@item GNUTLS_@-ECC_@-CURVE_@-GOST256D +GOST R 34.10 TC26 256 D curve +@item GNUTLS_@-ECC_@-CURVE_@-X448 +the X448 curve (ECDH only) +@item GNUTLS_@-ECC_@-CURVE_@-ED448 +the Ed448 curve @item GNUTLS_@-ECC_@-CURVE_@-MAX -- undescribed -- @end table diff --git a/doc/enums/gnutls_group_t b/doc/enums/gnutls_group_t index 5066187..6cd00fa 100644 --- a/doc/enums/gnutls_group_t +++ b/doc/enums/gnutls_group_t @@ -16,6 +16,22 @@ the SECP384R1 curve group the SECP521R1 curve group @item GNUTLS_@-GROUP_@-X25519 the X25519 curve group +@item GNUTLS_@-GROUP_@-X448 +the X448 curve group +@item GNUTLS_@-GROUP_@-GC256A +the GOST R 34.10 TC26 256 A curve group +@item GNUTLS_@-GROUP_@-GC256B +the GOST R 34.10 TC26 256 B curve group +@item GNUTLS_@-GROUP_@-GC256C +the GOST R 34.10 TC26 256 C curve group +@item GNUTLS_@-GROUP_@-GC256D +the GOST R 34.10 TC26 256 D curve group +@item GNUTLS_@-GROUP_@-GC512A +the GOST R 34.10 TC26 512 A curve group +@item GNUTLS_@-GROUP_@-GC512B +the GOST R 34.10 TC26 512 B curve group +@item GNUTLS_@-GROUP_@-GC512C +the GOST R 34.10 TC26 512 C curve group @item GNUTLS_@-GROUP_@-FFDHE2048 the FFDHE2048 group @item GNUTLS_@-GROUP_@-FFDHE3072 diff --git a/doc/enums/gnutls_init_flags_t b/doc/enums/gnutls_init_flags_t index 6750f50..ceec96e 100644 --- a/doc/enums/gnutls_init_flags_t +++ b/doc/enums/gnutls_init_flags_t @@ -68,4 +68,7 @@ in different threads. @item GNUTLS_@-ENABLE_@-EARLY_@-DATA Under TLS1.3 allow the server to receive early data sent as part of the initial ClientHello (0-RTT). This is not enabled by default as early data has weaker security properties than other data. Since 3.6.5. +@item GNUTLS_@-NO_@-AUTO_@-SEND_@-TICKET +Under TLS1.3 disable auto-sending of +session tickets during the handshake. @end table diff --git a/doc/enums/gnutls_kx_algorithm_t b/doc/enums/gnutls_kx_algorithm_t index eebf3f2..f537797 100644 --- a/doc/enums/gnutls_kx_algorithm_t +++ b/doc/enums/gnutls_kx_algorithm_t @@ -34,4 +34,6 @@ ECDHE-ECDSA key-exchange algorithm. ECDHE-PSK key-exchange algorithm. @item GNUTLS_@-KX_@-RSA_@-PSK RSA-PSK key-exchange algorithm. +@item GNUTLS_@-KX_@-VKO_@-GOST_@-12 +VKO GOST R 34.10-2012 key-exchange algorithm. @end table diff --git a/doc/enums/gnutls_mac_algorithm_t b/doc/enums/gnutls_mac_algorithm_t index a7220ee..da8034e 100644 --- a/doc/enums/gnutls_mac_algorithm_t +++ b/doc/enums/gnutls_mac_algorithm_t @@ -41,11 +41,23 @@ HMAC GOST R 34.11-2001 (Streebog) algorithm, 512 bit. @item GNUTLS_@-MAC_@-AEAD MAC implicit through AEAD cipher. @item GNUTLS_@-MAC_@-UMAC_@-96 -The UMAC-96 MAC algorithm. +The UMAC-96 MAC algorithm (requires nonce). @item GNUTLS_@-MAC_@-UMAC_@-128 -The UMAC-128 MAC algorithm. +The UMAC-128 MAC algorithm (requires nonce). @item GNUTLS_@-MAC_@-AES_@-CMAC_@-128 The AES-CMAC-128 MAC algorithm. @item GNUTLS_@-MAC_@-AES_@-CMAC_@-256 The AES-CMAC-256 MAC algorithm. +@item GNUTLS_@-MAC_@-AES_@-GMAC_@-128 +The AES-GMAC-128 MAC algorithm (requires nonce). +@item GNUTLS_@-MAC_@-AES_@-GMAC_@-192 +The AES-GMAC-192 MAC algorithm (requires nonce). +@item GNUTLS_@-MAC_@-AES_@-GMAC_@-256 +The AES-GMAC-256 MAC algorithm (requires nonce). +@item GNUTLS_@-MAC_@-GOST28147_@-TC26Z_@-IMIT +The GOST 28147-89 working in IMIT mode with TC26 Z S-box. +@item GNUTLS_@-MAC_@-SHAKE_@-128 +Reserved; unimplemented. +@item GNUTLS_@-MAC_@-SHAKE_@-256 +Reserved; unimplemented. @end table diff --git a/doc/enums/gnutls_pk_algorithm_t b/doc/enums/gnutls_pk_algorithm_t index 05a0661..7fdc63e 100644 --- a/doc/enums/gnutls_pk_algorithm_t +++ b/doc/enums/gnutls_pk_algorithm_t @@ -24,6 +24,10 @@ GOST R 34.10-2001 algorithm per rfc5832. GOST R 34.10-2012 algorithm, 256-bit key per rfc7091. @item GNUTLS_@-PK_@-GOST_@-12_@-512 GOST R 34.10-2012 algorithm, 512-bit key per rfc7091. +@item GNUTLS_@-PK_@-ECDH_@-X448 +Elliptic curve algorithm, restricted to ECDH as per rfc7748. +@item GNUTLS_@-PK_@-EDDSA_@-ED448 +Edwards curve Digital signature algorithm. Used with SHAKE256 on signatures. @item GNUTLS_@-PK_@-MAX -- undescribed -- @end table diff --git a/doc/enums/gnutls_privkey_flags_t b/doc/enums/gnutls_privkey_flags_t index 638a2b9..1181468 100644 --- a/doc/enums/gnutls_privkey_flags_t +++ b/doc/enums/gnutls_privkey_flags_t @@ -21,7 +21,13 @@ even if the information about the seed used will be lost. @item GNUTLS_@-PRIVKEY_@-SIGN_@-FLAG_@-RSA_@-PSS Make an RSA signature on the hashed data with the PSS padding. @item GNUTLS_@-PRIVKEY_@-FLAG_@-REPRODUCIBLE -Make an RSA-PSS signature on the hashed data with reproducible parameters (zero salt). +Make a signature on the hashed data with reproducible parameters. +For RSA-PSS, that means to use empty salt instead of random value. To +verify a signature created using this flag, the corresponding SPKI needs +to be set on the public key. Use @code{gnutls_pubkey_set_spki()} for that. +For ECDSA/DSA, it uses the deterministic construction of random parameter +according to RFC 6979. Note that this only supports the NIST curves and DSA +subgroup bits up to 512. @item GNUTLS_@-PRIVKEY_@-FLAG_@-CA The generated private key is going to be used as a CA (relevant for RSA-PSS keys). @end table diff --git a/doc/enums/gnutls_session_flags_t b/doc/enums/gnutls_session_flags_t index 80140d9..5394587 100644 --- a/doc/enums/gnutls_session_flags_t +++ b/doc/enums/gnutls_session_flags_t @@ -24,4 +24,8 @@ Indicates client capability for post-handshake auth; set only on server side. The TLS1.3 server session returned early. @item GNUTLS_@-SFLAGS_@-EARLY_@-DATA The TLS1.3 early data has been received by the server. +@item GNUTLS_@-SFLAGS_@-CLI_@-REQUESTED_@-OCSP +Set when the client has requested OCSP staple during handshake. +@item GNUTLS_@-SFLAGS_@-SERV_@-REQUESTED_@-OCSP +Set when the server has requested OCSP staple during handshake. @end table diff --git a/doc/enums/gnutls_sign_algorithm_t b/doc/enums/gnutls_sign_algorithm_t index bd81fba..a8974f0 100644 --- a/doc/enums/gnutls_sign_algorithm_t +++ b/doc/enums/gnutls_sign_algorithm_t @@ -105,6 +105,8 @@ Digital signature algorithm GOST R 34.10-2001 with GOST R 34.11-94 Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 256 bit @item GNUTLS_@-SIGN_@-GOST_@-512 Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 512 bit +@item GNUTLS_@-SIGN_@-EDDSA_@-ED448 +Digital signature algorithm EdDSA with Ed448 curve. @item GNUTLS_@-SIGN_@-MAX -- undescribed -- @end table diff --git a/doc/enums/gnutls_x509_subject_alt_name_t b/doc/enums/gnutls_x509_subject_alt_name_t index 330c9cc..9145dbe 100644 --- a/doc/enums/gnutls_x509_subject_alt_name_t +++ b/doc/enums/gnutls_x509_subject_alt_name_t @@ -14,6 +14,8 @@ IP address SAN. OtherName SAN. @item GNUTLS_@-SAN_@-DN DN SAN. +@item GNUTLS_@-SAN_@-REGISTERED_@-ID +RegisteredID. @item GNUTLS_@-SAN_@-MAX -- undescribed -- @item GNUTLS_@-SAN_@-OTHERNAME_@-XMPP diff --git a/doc/error_codes.texi b/doc/error_codes.texi index 43c1474..8c7a6af 100644 --- a/doc/error_codes.texi +++ b/doc/error_codes.texi @@ -189,4 +189,5 @@ @item -427 @tab GNUTLS_@-E_@-MISSING_@-EXTENSION @tab An required TLS extension was received. @item -428 @tab GNUTLS_@-E_@-DB_@-ENTRY_@-EXISTS @tab The Database entry already exists. @item -429 @tab GNUTLS_@-E_@-EARLY_@-DATA_@-REJECTED @tab The early data were rejected. +@item -430 @tab GNUTLS_@-E_@-X509_@-DUPLICATE_@-EXTENSION @tab Duplicate extension in X.509 certificate. @end multitable diff --git a/doc/examples/Makefile.in b/doc/examples/Makefile.in index 99befef..6f5c2e1 100644 --- a/doc/examples/Makefile.in +++ b/doc/examples/Makefile.in @@ -127,7 +127,6 @@ ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/lib/unistring/m4/inline.m4 \ $(top_srcdir)/lib/unistring/m4/libunistring-base.m4 \ - $(top_srcdir)/src/gl/m4/__inline.m4 \ $(top_srcdir)/src/gl/m4/bison.m4 \ $(top_srcdir)/src/gl/m4/clock_time.m4 \ $(top_srcdir)/src/gl/m4/fseek.m4 \ @@ -147,7 +146,7 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/src/gl/m4/tzset.m4 \ $(top_srcdir)/src/libopts/m4/libopts.m4 \ $(top_srcdir)/src/libopts/m4/stdnoreturn.m4 \ - $(top_srcdir)/m4/00gnulib.m4 \ + $(top_srcdir)/m4/00gnulib.m4 $(top_srcdir)/m4/__inline.m4 \ $(top_srcdir)/m4/absolute-header.m4 $(top_srcdir)/m4/alloca.m4 \ $(top_srcdir)/m4/arpa_inet_h.m4 \ $(top_srcdir)/m4/ax_ac_append_to_file.m4 \ @@ -162,18 +161,19 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/codeset.m4 $(top_srcdir)/m4/ctype.m4 \ $(top_srcdir)/m4/dup2.m4 $(top_srcdir)/m4/eealloc.m4 \ $(top_srcdir)/m4/environ.m4 $(top_srcdir)/m4/errno_h.m4 \ + $(top_srcdir)/m4/explicit_bzero.m4 \ $(top_srcdir)/m4/exponentd.m4 $(top_srcdir)/m4/extensions.m4 \ $(top_srcdir)/m4/extern-inline.m4 $(top_srcdir)/m4/fcntl-o.m4 \ $(top_srcdir)/m4/fcntl.m4 $(top_srcdir)/m4/fcntl_h.m4 \ $(top_srcdir)/m4/fdopen.m4 $(top_srcdir)/m4/flexmember.m4 \ - $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fpieee.m4 \ - $(top_srcdir)/m4/fseeko.m4 $(top_srcdir)/m4/fstat.m4 \ - $(top_srcdir)/m4/ftell.m4 $(top_srcdir)/m4/ftello.m4 \ - $(top_srcdir)/m4/ftruncate.m4 $(top_srcdir)/m4/func.m4 \ - $(top_srcdir)/m4/getcwd.m4 $(top_srcdir)/m4/getdelim.m4 \ - $(top_srcdir)/m4/getdtablesize.m4 $(top_srcdir)/m4/getline.m4 \ - $(top_srcdir)/m4/getpagesize.m4 $(top_srcdir)/m4/gettext.m4 \ - $(top_srcdir)/m4/gettimeofday.m4 \ + $(top_srcdir)/m4/float_h.m4 $(top_srcdir)/m4/fopen.m4 \ + $(top_srcdir)/m4/fpieee.m4 $(top_srcdir)/m4/fseeko.m4 \ + $(top_srcdir)/m4/fstat.m4 $(top_srcdir)/m4/ftell.m4 \ + $(top_srcdir)/m4/ftello.m4 $(top_srcdir)/m4/ftruncate.m4 \ + $(top_srcdir)/m4/func.m4 $(top_srcdir)/m4/getcwd.m4 \ + $(top_srcdir)/m4/getdelim.m4 $(top_srcdir)/m4/getdtablesize.m4 \ + $(top_srcdir)/m4/getline.m4 $(top_srcdir)/m4/getpagesize.m4 \ + $(top_srcdir)/m4/gettext.m4 $(top_srcdir)/m4/gettimeofday.m4 \ $(top_srcdir)/m4/gnulib-common.m4 \ $(top_srcdir)/m4/gnulib-comp.m4 $(top_srcdir)/m4/gtk-doc.m4 \ $(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/hooks.m4 \ @@ -182,12 +182,13 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/inet_pton.m4 \ $(top_srcdir)/m4/intl-thread-locale.m4 \ $(top_srcdir)/m4/intlmacosx.m4 $(top_srcdir)/m4/intmax_t.m4 \ - $(top_srcdir)/m4/inttypes-pri.m4 $(top_srcdir)/m4/inttypes.m4 \ - $(top_srcdir)/m4/inttypes_h.m4 $(top_srcdir)/m4/ioctl.m4 \ - $(top_srcdir)/m4/isblank.m4 $(top_srcdir)/m4/langinfo_h.m4 \ - $(top_srcdir)/m4/largefile.m4 $(top_srcdir)/m4/lcmessage.m4 \ + $(top_srcdir)/m4/inttostr.m4 $(top_srcdir)/m4/inttypes-pri.m4 \ + $(top_srcdir)/m4/inttypes.m4 $(top_srcdir)/m4/inttypes_h.m4 \ + $(top_srcdir)/m4/ioctl.m4 $(top_srcdir)/m4/isblank.m4 \ + $(top_srcdir)/m4/langinfo_h.m4 $(top_srcdir)/m4/largefile.m4 \ + $(top_srcdir)/m4/lcmessage.m4 \ $(top_srcdir)/m4/ld-output-def.m4 \ - $(top_srcdir)/m4/ld-version-script.m4 \ + $(top_srcdir)/m4/ld-version-script.m4 $(top_srcdir)/m4/ldd.m4 \ $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \ $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/limits-h.m4 $(top_srcdir)/m4/locale-fr.m4 \ @@ -195,27 +196,32 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/locale-zh.m4 $(top_srcdir)/m4/locale_h.m4 \ $(top_srcdir)/m4/localename.m4 \ $(top_srcdir)/m4/localtime-buffer.m4 $(top_srcdir)/m4/lock.m4 \ - $(top_srcdir)/m4/longlong.m4 $(top_srcdir)/m4/lseek.m4 \ - $(top_srcdir)/m4/lstat.m4 $(top_srcdir)/m4/ltoptions.m4 \ - $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ - $(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/malloc.m4 \ - $(top_srcdir)/m4/malloca.m4 $(top_srcdir)/m4/manywarnings.m4 \ - $(top_srcdir)/m4/memchr.m4 $(top_srcdir)/m4/memmem.m4 \ - $(top_srcdir)/m4/minmax.m4 $(top_srcdir)/m4/mmap-anon.m4 \ - $(top_srcdir)/m4/mode_t.m4 $(top_srcdir)/m4/msvc-inval.m4 \ + $(top_srcdir)/m4/lseek.m4 $(top_srcdir)/m4/lstat.m4 \ + $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ + $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ + $(top_srcdir)/m4/malloc.m4 $(top_srcdir)/m4/malloca.m4 \ + $(top_srcdir)/m4/manywarnings.m4 $(top_srcdir)/m4/memchr.m4 \ + $(top_srcdir)/m4/memmem.m4 $(top_srcdir)/m4/minmax.m4 \ + $(top_srcdir)/m4/mmap-anon.m4 $(top_srcdir)/m4/mode_t.m4 \ + $(top_srcdir)/m4/msvc-inval.m4 \ $(top_srcdir)/m4/msvc-nothrow.m4 $(top_srcdir)/m4/multiarch.m4 \ $(top_srcdir)/m4/nanosleep.m4 $(top_srcdir)/m4/netdb_h.m4 \ $(top_srcdir)/m4/netinet_in_h.m4 $(top_srcdir)/m4/nls.m4 \ $(top_srcdir)/m4/off_t.m4 $(top_srcdir)/m4/open-cloexec.m4 \ - $(top_srcdir)/m4/open.m4 $(top_srcdir)/m4/pathmax.m4 \ - $(top_srcdir)/m4/perror.m4 $(top_srcdir)/m4/pipe.m4 \ - $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/m4/po.m4 \ - $(top_srcdir)/m4/printf.m4 $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/open-slash.m4 $(top_srcdir)/m4/open.m4 \ + $(top_srcdir)/m4/pathmax.m4 $(top_srcdir)/m4/perror.m4 \ + $(top_srcdir)/m4/pipe.m4 $(top_srcdir)/m4/pkg.m4 \ + $(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/printf.m4 \ + $(top_srcdir)/m4/progtest.m4 \ + $(top_srcdir)/m4/pthread-thread.m4 \ + $(top_srcdir)/m4/pthread_h.m4 \ $(top_srcdir)/m4/pthread_rwlock_rdlock.m4 \ - $(top_srcdir)/m4/putenv.m4 $(top_srcdir)/m4/raise.m4 \ - $(top_srcdir)/m4/read-file.m4 $(top_srcdir)/m4/realloc.m4 \ + $(top_srcdir)/m4/pthread_sigmask.m4 $(top_srcdir)/m4/putenv.m4 \ + $(top_srcdir)/m4/raise.m4 $(top_srcdir)/m4/read-file.m4 \ + $(top_srcdir)/m4/realloc.m4 $(top_srcdir)/m4/sched_h.m4 \ $(top_srcdir)/m4/secure_getenv.m4 $(top_srcdir)/m4/select.m4 \ $(top_srcdir)/m4/setenv.m4 $(top_srcdir)/m4/setlocale.m4 \ + $(top_srcdir)/m4/setlocale_null.m4 \ $(top_srcdir)/m4/sigaction.m4 $(top_srcdir)/m4/signal_h.m4 \ $(top_srcdir)/m4/signalblocking.m4 \ $(top_srcdir)/m4/size_max.m4 $(top_srcdir)/m4/sleep.m4 \ @@ -223,29 +229,30 @@ am__aclocal_m4_deps = $(top_srcdir)/lib/unistring/m4/gnulib-comp.m4 \ $(top_srcdir)/m4/sockets.m4 $(top_srcdir)/m4/socklen.m4 \ $(top_srcdir)/m4/sockpfaf.m4 $(top_srcdir)/m4/ssize_t.m4 \ $(top_srcdir)/m4/stat-time.m4 $(top_srcdir)/m4/stat.m4 \ - $(top_srcdir)/m4/stdalign.m4 $(top_srcdir)/m4/stdbool.m4 \ - $(top_srcdir)/m4/stddef_h.m4 $(top_srcdir)/m4/stdint.m4 \ - $(top_srcdir)/m4/stdint_h.m4 $(top_srcdir)/m4/stdio_h.m4 \ - $(top_srcdir)/m4/stdlib_h.m4 $(top_srcdir)/m4/strcase.m4 \ - $(top_srcdir)/m4/strdup.m4 $(top_srcdir)/m4/strerror.m4 \ - $(top_srcdir)/m4/strerror_r.m4 $(top_srcdir)/m4/string_h.m4 \ - $(top_srcdir)/m4/strings_h.m4 $(top_srcdir)/m4/strndup.m4 \ - $(top_srcdir)/m4/strnlen.m4 $(top_srcdir)/m4/strtok_r.m4 \ - $(top_srcdir)/m4/strverscmp.m4 $(top_srcdir)/m4/symlink.m4 \ - $(top_srcdir)/m4/sys_ioctl_h.m4 \ + $(top_srcdir)/m4/std-gnu11.m4 $(top_srcdir)/m4/stdalign.m4 \ + $(top_srcdir)/m4/stdbool.m4 $(top_srcdir)/m4/stddef_h.m4 \ + $(top_srcdir)/m4/stdint.m4 $(top_srcdir)/m4/stdint_h.m4 \ + $(top_srcdir)/m4/stdio_h.m4 $(top_srcdir)/m4/stdlib_h.m4 \ + $(top_srcdir)/m4/strcase.m4 $(top_srcdir)/m4/strdup.m4 \ + $(top_srcdir)/m4/strerror.m4 $(top_srcdir)/m4/strerror_r.m4 \ + $(top_srcdir)/m4/string_h.m4 $(top_srcdir)/m4/strings_h.m4 \ + $(top_srcdir)/m4/strndup.m4 $(top_srcdir)/m4/strnlen.m4 \ + $(top_srcdir)/m4/strtok_r.m4 $(top_srcdir)/m4/strverscmp.m4 \ + $(top_srcdir)/m4/symlink.m4 $(top_srcdir)/m4/sys_ioctl_h.m4 \ $(top_srcdir)/m4/sys_select_h.m4 \ $(top_srcdir)/m4/sys_socket_h.m4 \ $(top_srcdir)/m4/sys_stat_h.m4 $(top_srcdir)/m4/sys_time_h.m4 \ $(top_srcdir)/m4/sys_types_h.m4 $(top_srcdir)/m4/sys_uio_h.m4 \ - $(top_srcdir)/m4/threadlib.m4 $(top_srcdir)/m4/time_h.m4 \ - $(top_srcdir)/m4/time_r.m4 $(top_srcdir)/m4/ungetc.m4 \ - $(top_srcdir)/m4/unistd_h.m4 \ + $(top_srcdir)/m4/thread.m4 $(top_srcdir)/m4/threadlib.m4 \ + $(top_srcdir)/m4/time_h.m4 $(top_srcdir)/m4/time_r.m4 \ + $(top_srcdir)/m4/ungetc.m4 $(top_srcdir)/m4/unistd_h.m4 \ $(top_srcdir)/m4/valgrind-tests.m4 \ $(top_srcdir)/m4/vasnprintf.m4 $(top_srcdir)/m4/vasprintf.m4 \ - $(top_srcdir)/m4/vsnprintf.m4 $(top_srcdir)/m4/warn-on-use.m4 \ - $(top_srcdir)/m4/warnings.m4 $(top_srcdir)/m4/wchar_h.m4 \ - $(top_srcdir)/m4/wchar_t.m4 $(top_srcdir)/m4/wint_t.m4 \ - $(top_srcdir)/m4/xsize.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/visibility.m4 $(top_srcdir)/m4/vsnprintf.m4 \ + $(top_srcdir)/m4/warn-on-use.m4 $(top_srcdir)/m4/warnings.m4 \ + $(top_srcdir)/m4/wchar_h.m4 $(top_srcdir)/m4/wchar_t.m4 \ + $(top_srcdir)/m4/wint_t.m4 $(top_srcdir)/m4/xsize.m4 \ + $(top_srcdir)/m4/zzgnulib.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) @@ -535,6 +542,7 @@ CCASDEPMODE = @CCASDEPMODE@ CCASFLAGS = @CCASFLAGS@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ +CFLAG_VISIBILITY = @CFLAG_VISIBILITY@ CMOCKA_CFLAGS = @CMOCKA_CFLAGS@ CMOCKA_LIBS = @CMOCKA_LIBS@ CODE_COVERAGE_CFLAGS = @CODE_COVERAGE_CFLAGS@ @@ -587,6 +595,7 @@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GNULIB_ACCEPT = @GNULIB_ACCEPT@ GNULIB_ACCEPT4 = @GNULIB_ACCEPT4@ +GNULIB_ACCESS = @GNULIB_ACCESS@ GNULIB_ATOLL = @GNULIB_ATOLL@ GNULIB_BIND = @GNULIB_BIND@ GNULIB_BTOWC = @GNULIB_BTOWC@ @@ -596,6 +605,8 @@ GNULIB_CHDIR = @GNULIB_CHDIR@ GNULIB_CHOWN = @GNULIB_CHOWN@ GNULIB_CLOSE = @GNULIB_CLOSE@ GNULIB_CONNECT = @GNULIB_CONNECT@ +GNULIB_COPY_FILE_RANGE = @GNULIB_COPY_FILE_RANGE@ +GNULIB_CREAT = @GNULIB_CREAT@ GNULIB_CTIME = @GNULIB_CTIME@ GNULIB_DPRINTF = @GNULIB_DPRINTF@ GNULIB_DUP = @GNULIB_DUP@ @@ -645,15 +656,18 @@ GNULIB_GETCWD = @GNULIB_GETCWD@ GNULIB_GETDELIM = @GNULIB_GETDELIM@ GNULIB_GETDOMAINNAME = @GNULIB_GETDOMAINNAME@ GNULIB_GETDTABLESIZE = @GNULIB_GETDTABLESIZE@ +GNULIB_GETENTROPY = @GNULIB_GETENTROPY@ GNULIB_GETGROUPS = @GNULIB_GETGROUPS@ GNULIB_GETHOSTNAME = @GNULIB_GETHOSTNAME@ GNULIB_GETLINE = @GNULIB_GETLINE@ GNULIB_GETLOADAVG = @GNULIB_GETLOADAVG@ GNULIB_GETLOGIN = @GNULIB_GETLOGIN@ GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@ +GNULIB_GETOPT_POSIX = @GNULIB_GETOPT_POSIX@ GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@ GNULIB_GETPASS = @GNULIB_GETPASS@ GNULIB_GETPEERNAME = @GNULIB_GETPEERNAME@ +GNULIB_GETRANDOM = @GNULIB_GETRANDOM@ GNULIB_GETSOCKNAME = @GNULIB_GETSOCKNAME@ GNULIB_GETSOCKOPT = @GNULIB_GETSOCKOPT@ GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@ @@ -733,7 +747,15 @@ GNULIB_PREAD = @GNULIB_PREAD@ GNULIB_PRINTF = @GNULIB_PRINTF@ GNULIB_PRINTF_POSIX = @GNULIB_PRINTF_POSIX@ GNULIB_PSELECT = @GNULIB_PSELECT@ +GNULIB_PTHREAD_COND = @GNULIB_PTHREAD_COND@ +GNULIB_PTHREAD_MUTEX = @GNULIB_PTHREAD_MUTEX@ +GNULIB_PTHREAD_MUTEX_TIMEDLOCK = @GNULIB_PTHREAD_MUTEX_TIMEDLOCK@ +GNULIB_PTHREAD_ONCE = @GNULIB_PTHREAD_ONCE@ +GNULIB_PTHREAD_RWLOCK = @GNULIB_PTHREAD_RWLOCK@ GNULIB_PTHREAD_SIGMASK = @GNULIB_PTHREAD_SIGMASK@ +GNULIB_PTHREAD_SPIN = @GNULIB_PTHREAD_SPIN@ +GNULIB_PTHREAD_THREAD = @GNULIB_PTHREAD_THREAD@ +GNULIB_PTHREAD_TSS = @GNULIB_PTHREAD_TSS@ GNULIB_PTSNAME = @GNULIB_PTSNAME@ GNULIB_PTSNAME_R = @GNULIB_PTSNAME_R@ GNULIB_PUTC = @GNULIB_PUTC@ @@ -760,6 +782,7 @@ GNULIB_RENAMEAT = @GNULIB_RENAMEAT@ GNULIB_RMDIR = @GNULIB_RMDIR@ GNULIB_RPMATCH = @GNULIB_RPMATCH@ GNULIB_SCANF = @GNULIB_SCANF@ +GNULIB_SCHED_YIELD = @GNULIB_SCHED_YIELD@ GNULIB_SECURE_GETENV = @GNULIB_SECURE_GETENV@ GNULIB_SELECT = @GNULIB_SELECT@ GNULIB_SEND = @GNULIB_SEND@ @@ -767,6 +790,7 @@ GNULIB_SENDTO = @GNULIB_SENDTO@ GNULIB_SETENV = @GNULIB_SETENV@ GNULIB_SETHOSTNAME = @GNULIB_SETHOSTNAME@ GNULIB_SETLOCALE = @GNULIB_SETLOCALE@ +GNULIB_SETLOCALE_NULL = @GNULIB_SETLOCALE_NULL@ GNULIB_SETSOCKOPT = @GNULIB_SETSOCKOPT@ GNULIB_SHUTDOWN = @GNULIB_SHUTDOWN@ GNULIB_SIGACTION = @GNULIB_SIGACTION@ @@ -896,6 +920,7 @@ HAVE_BTOWC = @HAVE_BTOWC@ HAVE_C99_STDINT_H = @HAVE_C99_STDINT_H@ HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@ HAVE_CHOWN = @HAVE_CHOWN@ +HAVE_COPY_FILE_RANGE = @HAVE_COPY_FILE_RANGE@ HAVE_CRTDEFS_H = @HAVE_CRTDEFS_H@ HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@ HAVE_DECL_FCHDIR = @HAVE_DECL_FCHDIR@ @@ -967,11 +992,13 @@ HAVE_FTELLO = @HAVE_FTELLO@ HAVE_FTRUNCATE = @HAVE_FTRUNCATE@ HAVE_FUTIMENS = @HAVE_FUTIMENS@ HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@ +HAVE_GETENTROPY = @HAVE_GETENTROPY@ HAVE_GETGROUPS = @HAVE_GETGROUPS@ HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@ HAVE_GETLOGIN = @HAVE_GETLOGIN@ HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@ HAVE_GETPASS = @HAVE_GETPASS@ +HAVE_GETRANDOM = @HAVE_GETRANDOM@ HAVE_GETSUBOPT = @HAVE_GETSUBOPT@ HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@ HAVE_GRANTPT = @HAVE_GRANTPT@ @@ -990,12 +1017,12 @@ HAVE_LCHMOD = @HAVE_LCHMOD@ HAVE_LCHOWN = @HAVE_LCHOWN@ HAVE_LIBCRYPTO = @HAVE_LIBCRYPTO@ HAVE_LIBDL = @HAVE_LIBDL@ +HAVE_LIBEV = @HAVE_LIBEV@ HAVE_LIBPTHREAD = @HAVE_LIBPTHREAD@ HAVE_LIBRT = @HAVE_LIBRT@ HAVE_LIBSECCOMP = @HAVE_LIBSECCOMP@ HAVE_LINK = @HAVE_LINK@ HAVE_LINKAT = @HAVE_LINKAT@ -HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@ HAVE_LSTAT = @HAVE_LSTAT@ HAVE_MAX_ALIGN_T = @HAVE_MAX_ALIGN_T@ HAVE_MBRLEN = @HAVE_MBRLEN@ @@ -1033,7 +1060,65 @@ HAVE_POSIX_OPENPT = @HAVE_POSIX_OPENPT@ HAVE_POSIX_SIGNALBLOCKING = @HAVE_POSIX_SIGNALBLOCKING@ HAVE_PREAD = @HAVE_PREAD@ HAVE_PSELECT = @HAVE_PSELECT@ +HAVE_PTHREAD_ATTR_DESTROY = @HAVE_PTHREAD_ATTR_DESTROY@ +HAVE_PTHREAD_ATTR_GETDETACHSTATE = @HAVE_PTHREAD_ATTR_GETDETACHSTATE@ +HAVE_PTHREAD_ATTR_INIT = @HAVE_PTHREAD_ATTR_INIT@ +HAVE_PTHREAD_ATTR_SETDETACHSTATE = @HAVE_PTHREAD_ATTR_SETDETACHSTATE@ +HAVE_PTHREAD_CONDATTR_DESTROY = @HAVE_PTHREAD_CONDATTR_DESTROY@ +HAVE_PTHREAD_CONDATTR_INIT = @HAVE_PTHREAD_CONDATTR_INIT@ +HAVE_PTHREAD_COND_BROADCAST = @HAVE_PTHREAD_COND_BROADCAST@ +HAVE_PTHREAD_COND_DESTROY = @HAVE_PTHREAD_COND_DESTROY@ +HAVE_PTHREAD_COND_INIT = @HAVE_PTHREAD_COND_INIT@ +HAVE_PTHREAD_COND_SIGNAL = @HAVE_PTHREAD_COND_SIGNAL@ +HAVE_PTHREAD_COND_TIMEDWAIT = @HAVE_PTHREAD_COND_TIMEDWAIT@ +HAVE_PTHREAD_COND_WAIT = @HAVE_PTHREAD_COND_WAIT@ +HAVE_PTHREAD_CREATE = @HAVE_PTHREAD_CREATE@ +HAVE_PTHREAD_CREATE_DETACHED = @HAVE_PTHREAD_CREATE_DETACHED@ +HAVE_PTHREAD_DETACH = @HAVE_PTHREAD_DETACH@ +HAVE_PTHREAD_EQUAL = @HAVE_PTHREAD_EQUAL@ +HAVE_PTHREAD_EXIT = @HAVE_PTHREAD_EXIT@ +HAVE_PTHREAD_GETSPECIFIC = @HAVE_PTHREAD_GETSPECIFIC@ +HAVE_PTHREAD_H = @HAVE_PTHREAD_H@ +HAVE_PTHREAD_JOIN = @HAVE_PTHREAD_JOIN@ +HAVE_PTHREAD_KEY_CREATE = @HAVE_PTHREAD_KEY_CREATE@ +HAVE_PTHREAD_KEY_DELETE = @HAVE_PTHREAD_KEY_DELETE@ +HAVE_PTHREAD_MUTEXATTR_DESTROY = @HAVE_PTHREAD_MUTEXATTR_DESTROY@ +HAVE_PTHREAD_MUTEXATTR_GETROBUST = @HAVE_PTHREAD_MUTEXATTR_GETROBUST@ +HAVE_PTHREAD_MUTEXATTR_GETTYPE = @HAVE_PTHREAD_MUTEXATTR_GETTYPE@ +HAVE_PTHREAD_MUTEXATTR_INIT = @HAVE_PTHREAD_MUTEXATTR_INIT@ +HAVE_PTHREAD_MUTEXATTR_SETROBUST = @HAVE_PTHREAD_MUTEXATTR_SETROBUST@ +HAVE_PTHREAD_MUTEXATTR_SETTYPE = @HAVE_PTHREAD_MUTEXATTR_SETTYPE@ +HAVE_PTHREAD_MUTEX_DESTROY = @HAVE_PTHREAD_MUTEX_DESTROY@ +HAVE_PTHREAD_MUTEX_INIT = @HAVE_PTHREAD_MUTEX_INIT@ +HAVE_PTHREAD_MUTEX_LOCK = @HAVE_PTHREAD_MUTEX_LOCK@ +HAVE_PTHREAD_MUTEX_RECURSIVE = @HAVE_PTHREAD_MUTEX_RECURSIVE@ +HAVE_PTHREAD_MUTEX_ROBUST = @HAVE_PTHREAD_MUTEX_ROBUST@ +HAVE_PTHREAD_MUTEX_TIMEDLOCK = @HAVE_PTHREAD_MUTEX_TIMEDLOCK@ +HAVE_PTHREAD_MUTEX_TRYLOCK = @HAVE_PTHREAD_MUTEX_TRYLOCK@ +HAVE_PTHREAD_MUTEX_UNLOCK = @HAVE_PTHREAD_MUTEX_UNLOCK@ +HAVE_PTHREAD_ONCE = @HAVE_PTHREAD_ONCE@ +HAVE_PTHREAD_PROCESS_SHARED = @HAVE_PTHREAD_PROCESS_SHARED@ +HAVE_PTHREAD_RWLOCKATTR_DESTROY = @HAVE_PTHREAD_RWLOCKATTR_DESTROY@ +HAVE_PTHREAD_RWLOCKATTR_INIT = @HAVE_PTHREAD_RWLOCKATTR_INIT@ +HAVE_PTHREAD_RWLOCK_DESTROY = @HAVE_PTHREAD_RWLOCK_DESTROY@ +HAVE_PTHREAD_RWLOCK_INIT = @HAVE_PTHREAD_RWLOCK_INIT@ +HAVE_PTHREAD_RWLOCK_RDLOCK = @HAVE_PTHREAD_RWLOCK_RDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK = @HAVE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +HAVE_PTHREAD_RWLOCK_TRYRDLOCK = @HAVE_PTHREAD_RWLOCK_TRYRDLOCK@ +HAVE_PTHREAD_RWLOCK_TRYWRLOCK = @HAVE_PTHREAD_RWLOCK_TRYWRLOCK@ +HAVE_PTHREAD_RWLOCK_UNLOCK = @HAVE_PTHREAD_RWLOCK_UNLOCK@ +HAVE_PTHREAD_RWLOCK_WRLOCK = @HAVE_PTHREAD_RWLOCK_WRLOCK@ +HAVE_PTHREAD_SELF = @HAVE_PTHREAD_SELF@ +HAVE_PTHREAD_SETSPECIFIC = @HAVE_PTHREAD_SETSPECIFIC@ HAVE_PTHREAD_SIGMASK = @HAVE_PTHREAD_SIGMASK@ +HAVE_PTHREAD_SPINLOCK_T = @HAVE_PTHREAD_SPINLOCK_T@ +HAVE_PTHREAD_SPIN_DESTROY = @HAVE_PTHREAD_SPIN_DESTROY@ +HAVE_PTHREAD_SPIN_INIT = @HAVE_PTHREAD_SPIN_INIT@ +HAVE_PTHREAD_SPIN_LOCK = @HAVE_PTHREAD_SPIN_LOCK@ +HAVE_PTHREAD_SPIN_TRYLOCK = @HAVE_PTHREAD_SPIN_TRYLOCK@ +HAVE_PTHREAD_SPIN_UNLOCK = @HAVE_PTHREAD_SPIN_UNLOCK@ +HAVE_PTHREAD_T = @HAVE_PTHREAD_T@ HAVE_PTSNAME = @HAVE_PTSNAME@ HAVE_PTSNAME_R = @HAVE_PTSNAME_R@ HAVE_PWRITE = @HAVE_PWRITE@ @@ -1050,6 +1135,8 @@ HAVE_REALPATH = @HAVE_REALPATH@ HAVE_RENAMEAT = @HAVE_RENAMEAT@ HAVE_RPMATCH = @HAVE_RPMATCH@ HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@ +HAVE_SCHED_H = @HAVE_SCHED_H@ +HAVE_SCHED_YIELD = @HAVE_SCHED_YIELD@ HAVE_SECURE_GETENV = @HAVE_SECURE_GETENV@ HAVE_SETENV = @HAVE_SETENV@ HAVE_SETHOSTNAME = @HAVE_SETHOSTNAME@ @@ -1078,6 +1165,7 @@ HAVE_STRTOLL = @HAVE_STRTOLL@ HAVE_STRTOULL = @HAVE_STRTOULL@ HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@ HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@ +HAVE_STRUCT_SCHED_PARAM = @HAVE_STRUCT_SCHED_PARAM@ HAVE_STRUCT_SIGACTION_SA_SIGACTION = @HAVE_STRUCT_SIGACTION_SA_SIGACTION@ HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@ HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY = @HAVE_STRUCT_SOCKADDR_STORAGE_SS_FAMILY@ @@ -1086,6 +1174,7 @@ HAVE_STRVERSCMP = @HAVE_STRVERSCMP@ HAVE_SYMLINK = @HAVE_SYMLINK@ HAVE_SYMLINKAT = @HAVE_SYMLINKAT@ HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@ +HAVE_SYS_CDEFS_H = @HAVE_SYS_CDEFS_H@ HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@ HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@ HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@ @@ -1102,11 +1191,11 @@ HAVE_TZSET = @HAVE_TZSET@ HAVE_UNISTD_H = @HAVE_UNISTD_H@ HAVE_UNLINKAT = @HAVE_UNLINKAT@ HAVE_UNLOCKPT = @HAVE_UNLOCKPT@ -HAVE_UNSIGNED_LONG_LONG_INT = @HAVE_UNSIGNED_LONG_LONG_INT@ HAVE_USLEEP = @HAVE_USLEEP@ HAVE_UTIMENSAT = @HAVE_UTIMENSAT@ HAVE_VASPRINTF = @HAVE_VASPRINTF@ HAVE_VDPRINTF = @HAVE_VDPRINTF@ +HAVE_VISIBILITY = @HAVE_VISIBILITY@ HAVE_WCHAR_H = @HAVE_WCHAR_H@ HAVE_WCHAR_T = @HAVE_WCHAR_T@ HAVE_WCPCPY = @HAVE_WCPCPY@ @@ -1166,12 +1255,18 @@ INTLLIBS = @INTLLIBS@ INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ LCOV = @LCOV@ LD = @LD@ +LDDPOSTPROC = @LDDPOSTPROC@ +LDDPROG = @LDDPROG@ LDFLAGS = @LDFLAGS@ LIBATOMIC_LIBS = @LIBATOMIC_LIBS@ +LIBBCRYPT = @LIBBCRYPT@ LIBCRYPTO = @LIBCRYPTO@ LIBCRYPTO_PREFIX = @LIBCRYPTO_PREFIX@ LIBDL = @LIBDL@ LIBDL_PREFIX = @LIBDL_PREFIX@ +LIBEV = @LIBEV@ +LIBEV_LIBS = @LIBEV_LIBS@ +LIBEV_PREFIX = @LIBEV_PREFIX@ LIBGNUTLS_CFLAGS = @LIBGNUTLS_CFLAGS@ LIBGNUTLS_LIBS = @LIBGNUTLS_LIBS@ LIBICONV = @LIBICONV@ @@ -1179,20 +1274,21 @@ LIBIDN2_CFLAGS = @LIBIDN2_CFLAGS@ LIBIDN2_LIBS = @LIBIDN2_LIBS@ LIBINTL = @LIBINTL@ LIBMULTITHREAD = @LIBMULTITHREAD@ +LIBNCRYPT = @LIBNCRYPT@ LIBOBJS = @LIBOBJS@ LIBOPTS_CFLAGS = @LIBOPTS_CFLAGS@ LIBOPTS_DIR = @LIBOPTS_DIR@ LIBOPTS_LDADD = @LIBOPTS_LDADD@ -LIBPTH = @LIBPTH@ +LIBPMULTITHREAD = @LIBPMULTITHREAD@ LIBPTHREAD = @LIBPTHREAD@ LIBPTHREAD_PREFIX = @LIBPTHREAD_PREFIX@ -LIBPTH_PREFIX = @LIBPTH_PREFIX@ LIBRT = @LIBRT@ LIBRT_PREFIX = @LIBRT_PREFIX@ LIBS = @LIBS@ LIBSECCOMP = @LIBSECCOMP@ LIBSECCOMP_PREFIX = @LIBSECCOMP_PREFIX@ LIBSOCKET = @LIBSOCKET@ +LIBSTDTHREAD = @LIBSTDTHREAD@ LIBTASN1_CFLAGS = @LIBTASN1_CFLAGS@ LIBTASN1_LIBS = @LIBTASN1_LIBS@ LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@ @@ -1204,8 +1300,14 @@ LIBUNISTRING_UNINORM_H = @LIBUNISTRING_UNINORM_H@ LIBUNISTRING_UNISTR_H = @LIBUNISTRING_UNISTR_H@ LIBUNISTRING_UNITYPES_H = @LIBUNISTRING_UNITYPES_H@ LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@ +LIB_CRYPT32 = @LIB_CRYPT32@ LIB_NANOSLEEP = @LIB_NANOSLEEP@ +LIB_PTHREAD = @LIB_PTHREAD@ +LIB_PTHREAD_SIGMASK = @LIB_PTHREAD_SIGMASK@ +LIB_SCHED_YIELD = @LIB_SCHED_YIELD@ LIB_SELECT = @LIB_SELECT@ +LIB_SETLOCALE = @LIB_SETLOCALE@ +LIB_SETLOCALE_NULL = @LIB_SETLOCALE_NULL@ LIMITS_H = @LIMITS_H@ LIPO = @LIPO@ LN_S = @LN_S@ @@ -1217,11 +1319,11 @@ LOCALE_ZH_CN = @LOCALE_ZH_CN@ LTALLOCA = @LTALLOCA@ LTLIBCRYPTO = @LTLIBCRYPTO@ LTLIBDL = @LTLIBDL@ +LTLIBEV = @LTLIBEV@ LTLIBICONV = @LTLIBICONV@ LTLIBINTL = @LTLIBINTL@ LTLIBMULTITHREAD = @LTLIBMULTITHREAD@ LTLIBOBJS = @LTLIBOBJS@ -LTLIBPTH = @LTLIBPTH@ LTLIBPTHREAD = @LTLIBPTHREAD@ LTLIBRT = @LTLIBRT@ LTLIBSECCOMP = @LTLIBSECCOMP@ @@ -1263,6 +1365,8 @@ NEXT_AS_FIRST_DIRECTIVE_LIMITS_H = @NEXT_AS_FIRST_DIRECTIVE_LIMITS_H@ NEXT_AS_FIRST_DIRECTIVE_LOCALE_H = @NEXT_AS_FIRST_DIRECTIVE_LOCALE_H@ NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@ NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@ +NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H = @NEXT_AS_FIRST_DIRECTIVE_PTHREAD_H@ +NEXT_AS_FIRST_DIRECTIVE_SCHED_H = @NEXT_AS_FIRST_DIRECTIVE_SCHED_H@ NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H = @NEXT_AS_FIRST_DIRECTIVE_SIGNAL_H@ NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@ NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@ @@ -1290,6 +1394,8 @@ NEXT_LIMITS_H = @NEXT_LIMITS_H@ NEXT_LOCALE_H = @NEXT_LOCALE_H@ NEXT_NETDB_H = @NEXT_NETDB_H@ NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@ +NEXT_PTHREAD_H = @NEXT_PTHREAD_H@ +NEXT_SCHED_H = @NEXT_SCHED_H@ NEXT_SIGNAL_H = @NEXT_SIGNAL_H@ NEXT_STDDEF_H = @NEXT_STDDEF_H@ NEXT_STDINT_H = @NEXT_STDINT_H@ @@ -1323,6 +1429,7 @@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ +PARSE_DATETIME_BISON = @PARSE_DATETIME_BISON@ PATCH_VERSION = @PATCH_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ @@ -1338,17 +1445,20 @@ PRI_MACROS_BROKEN = @PRI_MACROS_BROKEN@ PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@ PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@ RANLIB = @RANLIB@ +REPLACE_ACCESS = @REPLACE_ACCESS@ REPLACE_BTOWC = @REPLACE_BTOWC@ REPLACE_CALLOC = @REPLACE_CALLOC@ REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@ REPLACE_CHOWN = @REPLACE_CHOWN@ REPLACE_CLOSE = @REPLACE_CLOSE@ +REPLACE_CREAT = @REPLACE_CREAT@ REPLACE_CTIME = @REPLACE_CTIME@ REPLACE_DPRINTF = @REPLACE_DPRINTF@ REPLACE_DUP = @REPLACE_DUP@ REPLACE_DUP2 = @REPLACE_DUP2@ REPLACE_DUPLOCALE = @REPLACE_DUPLOCALE@ REPLACE_FACCESSAT = @REPLACE_FACCESSAT@ +REPLACE_FCHMODAT = @REPLACE_FCHMODAT@ REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@ REPLACE_FCLOSE = @REPLACE_FCLOSE@ REPLACE_FCNTL = @REPLACE_FCNTL@ @@ -1368,6 +1478,7 @@ REPLACE_FTELLO = @REPLACE_FTELLO@ REPLACE_FTRUNCATE = @REPLACE_FTRUNCATE@ REPLACE_FUTIMENS = @REPLACE_FUTIMENS@ REPLACE_GAI_STRERROR = @REPLACE_GAI_STRERROR@ +REPLACE_GETADDRINFO = @REPLACE_GETADDRINFO@ REPLACE_GETCWD = @REPLACE_GETCWD@ REPLACE_GETDELIM = @REPLACE_GETDELIM@ REPLACE_GETDOMAINNAME = @REPLACE_GETDOMAINNAME@ @@ -1420,7 +1531,58 @@ REPLACE_POPEN = @REPLACE_POPEN@ REPLACE_PREAD = @REPLACE_PREAD@ REPLACE_PRINTF = @REPLACE_PRINTF@ REPLACE_PSELECT = @REPLACE_PSELECT@ +REPLACE_PTHREAD_ATTR_DESTROY = @REPLACE_PTHREAD_ATTR_DESTROY@ +REPLACE_PTHREAD_ATTR_GETDETACHSTATE = @REPLACE_PTHREAD_ATTR_GETDETACHSTATE@ +REPLACE_PTHREAD_ATTR_INIT = @REPLACE_PTHREAD_ATTR_INIT@ +REPLACE_PTHREAD_ATTR_SETDETACHSTATE = @REPLACE_PTHREAD_ATTR_SETDETACHSTATE@ +REPLACE_PTHREAD_CONDATTR_DESTROY = @REPLACE_PTHREAD_CONDATTR_DESTROY@ +REPLACE_PTHREAD_CONDATTR_INIT = @REPLACE_PTHREAD_CONDATTR_INIT@ +REPLACE_PTHREAD_COND_BROADCAST = @REPLACE_PTHREAD_COND_BROADCAST@ +REPLACE_PTHREAD_COND_DESTROY = @REPLACE_PTHREAD_COND_DESTROY@ +REPLACE_PTHREAD_COND_INIT = @REPLACE_PTHREAD_COND_INIT@ +REPLACE_PTHREAD_COND_SIGNAL = @REPLACE_PTHREAD_COND_SIGNAL@ +REPLACE_PTHREAD_COND_TIMEDWAIT = @REPLACE_PTHREAD_COND_TIMEDWAIT@ +REPLACE_PTHREAD_COND_WAIT = @REPLACE_PTHREAD_COND_WAIT@ +REPLACE_PTHREAD_CREATE = @REPLACE_PTHREAD_CREATE@ +REPLACE_PTHREAD_DETACH = @REPLACE_PTHREAD_DETACH@ +REPLACE_PTHREAD_EQUAL = @REPLACE_PTHREAD_EQUAL@ +REPLACE_PTHREAD_EXIT = @REPLACE_PTHREAD_EXIT@ +REPLACE_PTHREAD_GETSPECIFIC = @REPLACE_PTHREAD_GETSPECIFIC@ +REPLACE_PTHREAD_JOIN = @REPLACE_PTHREAD_JOIN@ +REPLACE_PTHREAD_KEY_CREATE = @REPLACE_PTHREAD_KEY_CREATE@ +REPLACE_PTHREAD_KEY_DELETE = @REPLACE_PTHREAD_KEY_DELETE@ +REPLACE_PTHREAD_MUTEXATTR_DESTROY = @REPLACE_PTHREAD_MUTEXATTR_DESTROY@ +REPLACE_PTHREAD_MUTEXATTR_GETROBUST = @REPLACE_PTHREAD_MUTEXATTR_GETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_GETTYPE = @REPLACE_PTHREAD_MUTEXATTR_GETTYPE@ +REPLACE_PTHREAD_MUTEXATTR_INIT = @REPLACE_PTHREAD_MUTEXATTR_INIT@ +REPLACE_PTHREAD_MUTEXATTR_SETROBUST = @REPLACE_PTHREAD_MUTEXATTR_SETROBUST@ +REPLACE_PTHREAD_MUTEXATTR_SETTYPE = @REPLACE_PTHREAD_MUTEXATTR_SETTYPE@ +REPLACE_PTHREAD_MUTEX_DESTROY = @REPLACE_PTHREAD_MUTEX_DESTROY@ +REPLACE_PTHREAD_MUTEX_INIT = @REPLACE_PTHREAD_MUTEX_INIT@ +REPLACE_PTHREAD_MUTEX_LOCK = @REPLACE_PTHREAD_MUTEX_LOCK@ +REPLACE_PTHREAD_MUTEX_TIMEDLOCK = @REPLACE_PTHREAD_MUTEX_TIMEDLOCK@ +REPLACE_PTHREAD_MUTEX_TRYLOCK = @REPLACE_PTHREAD_MUTEX_TRYLOCK@ +REPLACE_PTHREAD_MUTEX_UNLOCK = @REPLACE_PTHREAD_MUTEX_UNLOCK@ +REPLACE_PTHREAD_ONCE = @REPLACE_PTHREAD_ONCE@ +REPLACE_PTHREAD_RWLOCKATTR_DESTROY = @REPLACE_PTHREAD_RWLOCKATTR_DESTROY@ +REPLACE_PTHREAD_RWLOCKATTR_INIT = @REPLACE_PTHREAD_RWLOCKATTR_INIT@ +REPLACE_PTHREAD_RWLOCK_DESTROY = @REPLACE_PTHREAD_RWLOCK_DESTROY@ +REPLACE_PTHREAD_RWLOCK_INIT = @REPLACE_PTHREAD_RWLOCK_INIT@ +REPLACE_PTHREAD_RWLOCK_RDLOCK = @REPLACE_PTHREAD_RWLOCK_RDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK = @REPLACE_PTHREAD_RWLOCK_TIMEDWRLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYRDLOCK = @REPLACE_PTHREAD_RWLOCK_TRYRDLOCK@ +REPLACE_PTHREAD_RWLOCK_TRYWRLOCK = @REPLACE_PTHREAD_RWLOCK_TRYWRLOCK@ +REPLACE_PTHREAD_RWLOCK_UNLOCK = @REPLACE_PTHREAD_RWLOCK_UNLOCK@ +REPLACE_PTHREAD_RWLOCK_WRLOCK = @REPLACE_PTHREAD_RWLOCK_WRLOCK@ +REPLACE_PTHREAD_SELF = @REPLACE_PTHREAD_SELF@ +REPLACE_PTHREAD_SETSPECIFIC = @REPLACE_PTHREAD_SETSPECIFIC@ REPLACE_PTHREAD_SIGMASK = @REPLACE_PTHREAD_SIGMASK@ +REPLACE_PTHREAD_SPIN_DESTROY = @REPLACE_PTHREAD_SPIN_DESTROY@ +REPLACE_PTHREAD_SPIN_INIT = @REPLACE_PTHREAD_SPIN_INIT@ +REPLACE_PTHREAD_SPIN_LOCK = @REPLACE_PTHREAD_SPIN_LOCK@ +REPLACE_PTHREAD_SPIN_TRYLOCK = @REPLACE_PTHREAD_SPIN_TRYLOCK@ +REPLACE_PTHREAD_SPIN_UNLOCK = @REPLACE_PTHREAD_SPIN_UNLOCK@ REPLACE_PTSNAME = @REPLACE_PTSNAME@ REPLACE_PTSNAME_R = @REPLACE_PTSNAME_R@ REPLACE_PUTENV = @REPLACE_PUTENV@ @@ -1438,6 +1600,7 @@ REPLACE_REMOVE = @REPLACE_REMOVE@ REPLACE_RENAME = @REPLACE_RENAME@ REPLACE_RENAMEAT = @REPLACE_RENAMEAT@ REPLACE_RMDIR = @REPLACE_RMDIR@ +REPLACE_SCHED_YIELD = @REPLACE_SCHED_YIELD@ REPLACE_SELECT = @REPLACE_SELECT@ REPLACE_SETENV = @REPLACE_SETENV@ REPLACE_SETLOCALE = @REPLACE_SETLOCALE@ @@ -1489,6 +1652,7 @@ REPLACE_WCRTOMB = @REPLACE_WCRTOMB@ REPLACE_WCSFTIME = @REPLACE_WCSFTIME@ REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@ REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@ +REPLACE_WCSTOK = @REPLACE_WCSTOK@ REPLACE_WCSWIDTH = @REPLACE_WCSWIDTH@ REPLACE_WCTOB = @REPLACE_WCTOB@ REPLACE_WCTOMB = @REPLACE_WCTOMB@ @@ -1537,7 +1701,6 @@ XGETTEXT = @XGETTEXT@ XGETTEXT_015 = @XGETTEXT_015@ XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ YACC = @YACC@ -YEAR = @YEAR@ YFLAGS = @YFLAGS@ abs_aux_dir = @abs_aux_dir@ abs_builddir = @abs_builddir@ @@ -1597,13 +1760,13 @@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ +maybe_guileextensiondir = @maybe_guileextensiondir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ -runstatedir = @runstatedir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ diff --git a/doc/examples/ex-ocsp-client.c b/doc/examples/ex-ocsp-client.c index 33eff67..f0b56ff 100644 --- a/doc/examples/ex-ocsp-client.c +++ b/doc/examples/ex-ocsp-client.c @@ -183,7 +183,7 @@ static gnutls_x509_crt_t load_cert(const char *cert_file) if (ret < 0) exit(1); - data.data = (void *) read_binary_file(cert_file, &size); + data.data = (void *) read_file(cert_file, RF_BINARY, &size); data.size = size; if (!data.data) { diff --git a/doc/examples/ex-pkcs12.c b/doc/examples/ex-pkcs12.c index 7890518..0e2b64e 100644 --- a/doc/examples/ex-pkcs12.c +++ b/doc/examples/ex-pkcs12.c @@ -28,7 +28,7 @@ write_pkcs12(const gnutls_datum_t * cert, gnutls_pkcs12_bag_t bag, key_bag; char pkcs12_struct[10 * 1024]; size_t pkcs12_struct_size; - FILE *fd; + FILE *fp; /* A good idea might be to use gnutls_x509_privkey_get_key_id() * to obtain a unique ID. @@ -116,13 +116,13 @@ write_pkcs12(const gnutls_datum_t * cert, return 1; } - fd = fopen(OUTFILE, "w"); - if (fd == NULL) { + fp = fopen(OUTFILE, "w"); + if (fp == NULL) { fprintf(stderr, "cannot open file\n"); return 1; } - fwrite(pkcs12_struct, 1, pkcs12_struct_size, fd); - fclose(fd); + fwrite(pkcs12_struct, 1, pkcs12_struct_size, fp); + fclose(fp); gnutls_pkcs12_bag_deinit(bag); gnutls_pkcs12_bag_deinit(key_bag); diff --git a/doc/functions/gnutls_aead_cipher_decryptv2 b/doc/functions/gnutls_aead_cipher_decryptv2 new file mode 100644 index 0000000..9f18d33 --- /dev/null +++ b/doc/functions/gnutls_aead_cipher_decryptv2 @@ -0,0 +1,30 @@ + + + + +@deftypefun {int} {gnutls_aead_cipher_decryptv2} (gnutls_aead_cipher_hd_t @var{handle}, const void * @var{nonce}, size_t @var{nonce_len}, const giovec_t * @var{auth_iov}, int @var{auth_iovcnt}, const giovec_t * @var{iov}, int @var{iovcnt}, void * @var{tag}, size_t @var{tag_size}) +@var{handle}: is a @code{gnutls_aead_cipher_hd_t} type. + +@var{nonce}: the nonce to set + +@var{nonce_len}: The length of the nonce + +@var{auth_iov}: additional data to be authenticated + +@var{auth_iovcnt}: The number of buffers in @code{auth_iov} + +@var{iov}: the data to decrypt + +@var{iovcnt}: The number of buffers in @code{iov} + +@var{tag}: The authentication tag + +@var{tag_size}: The size of the tag to use (use zero for the default) + +This is similar to @code{gnutls_aead_cipher_decrypt()} , but it performs +in-place encryption on the provided data buffers. + +@strong{Returns:} Zero or a negative error code on error. + +@strong{Since:} 3.6.10 +@end deftypefun diff --git a/doc/functions/gnutls_aead_cipher_decryptv2.short b/doc/functions/gnutls_aead_cipher_decryptv2.short new file mode 100644 index 0000000..ff92198 --- /dev/null +++ b/doc/functions/gnutls_aead_cipher_decryptv2.short @@ -0,0 +1 @@ +@item @var{int} @ref{gnutls_aead_cipher_decryptv2} (gnutls_aead_cipher_hd_t @var{handle}, const void * @var{nonce}, size_t @var{nonce_len}, const giovec_t * @var{auth_iov}, int @var{auth_iovcnt}, const giovec_t * @var{iov}, int @var{iovcnt}, void * @var{tag}, size_t @var{tag_size}) diff --git a/doc/functions/gnutls_aead_cipher_encryptv2 b/doc/functions/gnutls_aead_cipher_encryptv2 new file mode 100644 index 0000000..bf975c3 --- /dev/null +++ b/doc/functions/gnutls_aead_cipher_encryptv2 @@ -0,0 +1,30 @@ + + + + +@deftypefun {int} {gnutls_aead_cipher_encryptv2} (gnutls_aead_cipher_hd_t @var{handle}, const void * @var{nonce}, size_t @var{nonce_len}, const giovec_t * @var{auth_iov}, int @var{auth_iovcnt}, const giovec_t * @var{iov}, int @var{iovcnt}, void * @var{tag}, size_t * @var{tag_size}) +@var{handle}: is a @code{gnutls_aead_cipher_hd_t} type. + +@var{nonce}: the nonce to set + +@var{nonce_len}: The length of the nonce + +@var{auth_iov}: additional data to be authenticated + +@var{auth_iovcnt}: The number of buffers in @code{auth_iov} + +@var{iov}: the data to be encrypted + +@var{iovcnt}: The number of buffers in @code{iov} + +@var{tag}: The authentication tag + +@var{tag_size}: The size of the tag to use (use zero for the default) + +This is similar to @code{gnutls_aead_cipher_encrypt()} , but it performs +in-place encryption on the provided data buffers. + +@strong{Returns:} Zero or a negative error code on error. + +@strong{Since:} 3.6.10 +@end deftypefun diff --git a/doc/functions/gnutls_aead_cipher_encryptv2.short b/doc/functions/gnutls_aead_cipher_encryptv2.short new file mode 100644 index 0000000..65b38d7 --- /dev/null +++ b/doc/functions/gnutls_aead_cipher_encryptv2.short @@ -0,0 +1 @@ +@item @var{int} @ref{gnutls_aead_cipher_encryptv2} (gnutls_aead_cipher_hd_t @var{handle}, const void * @var{nonce}, size_t @var{nonce_len}, const giovec_t * @var{auth_iov}, int @var{auth_iovcnt}, const giovec_t * @var{iov}, int @var{iovcnt}, void * @var{tag}, size_t * @var{tag_size}) diff --git a/doc/functions/gnutls_bye b/doc/functions/gnutls_bye index 5e909d6..39ede59 100644 --- a/doc/functions/gnutls_bye +++ b/doc/functions/gnutls_bye @@ -25,8 +25,8 @@ connection you should wait for an EOF from the peer. Note that not all implementations will properly terminate a TLS connection. Some of them, usually for performance reasons, will terminate only the underlying transport layer, and thus not -distinguishing between a malicious party prematurely terminating -the connection and normal termination. +distinguishing between a malicious party prematurely terminating +the connection and normal termination. This function may also return @code{GNUTLS_E_AGAIN} or @code{GNUTLS_E_INTERRUPTED} ; cf. @code{gnutls_record_get_direction()} . diff --git a/doc/functions/gnutls_certificate_set_ocsp_status_request_file2 b/doc/functions/gnutls_certificate_set_ocsp_status_request_file2 index 2d3c67a..92d44c0 100644 --- a/doc/functions/gnutls_certificate_set_ocsp_status_request_file2 +++ b/doc/functions/gnutls_certificate_set_ocsp_status_request_file2 @@ -27,8 +27,8 @@ in the chain, the code @code{GNUTLS_E_OCSP_MISMATCH_WITH_CERTS} is returned. If the response is already expired at the time of loading the code @code{GNUTLS_E_EXPIRED} is returned. -@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, -otherwise a negative error code is returned. +@strong{Returns:} On success, the number of loaded responses is returned, +otherwise a negative error code. @strong{Since:} 3.1.3 @end deftypefun diff --git a/doc/functions/gnutls_certificate_set_retrieve_function3 b/doc/functions/gnutls_certificate_set_retrieve_function3 index 49d2645..0385622 100644 --- a/doc/functions/gnutls_certificate_set_retrieve_function3 +++ b/doc/functions/gnutls_certificate_set_retrieve_function3 @@ -13,10 +13,16 @@ be called only if the peer requests a certificate either during handshake or during post-handshake authentication. The callback's function prototype is defined in `abstract.h': -int (*callback)(gnutls_session_t, const struct gnutls_cert_retr_st *info, -gnutls_pcert_st **certs, unsigned int *pcert_length, -gnutls_datum_t **ocsp, unsigned int *ocsp_length, -gnutls_privkey_t * pkey, unsigned int *flags); + +int gnutls_certificate_retrieve_function3( +gnutls_session_t, +const struct gnutls_cert_retr_st *info, +gnutls_pcert_st **certs, +unsigned int *pcert_length, +gnutls_ocsp_data_st **ocsp, +unsigned int *ocsp_length, +gnutls_privkey_t *privkey, +unsigned int *flags); The info field of the callback contains: @code{req_ca_dn} which is a list with the CA names that the server considers trusted. diff --git a/doc/functions/gnutls_certificate_verification_profile_get_id b/doc/functions/gnutls_certificate_verification_profile_get_id new file mode 100644 index 0000000..3a299f4 --- /dev/null +++ b/doc/functions/gnutls_certificate_verification_profile_get_id @@ -0,0 +1,13 @@ + + + + +@deftypefun {gnutls_certificate_verification_profiles_t} {gnutls_certificate_verification_profile_get_id} (const char * @var{name}) +@var{name}: is a profile name + +Convert a string to a @code{gnutls_certificate_verification_profiles_t} value. The names are +compared in a case insensitive way. + +@strong{Returns:} a @code{gnutls_certificate_verification_profiles_t} id of the specified profile, +or @code{GNUTLS_PROFILE_UNKNOWN} on failure. +@end deftypefun diff --git a/doc/functions/gnutls_certificate_verification_profile_get_id.short b/doc/functions/gnutls_certificate_verification_profile_get_id.short new file mode 100644 index 0000000..c65b717 --- /dev/null +++ b/doc/functions/gnutls_certificate_verification_profile_get_id.short @@ -0,0 +1 @@ +@item @var{gnutls_certificate_verification_profiles_t} @ref{gnutls_certificate_verification_profile_get_id} (const char * @var{name}) diff --git a/doc/functions/gnutls_certificate_verification_profile_get_name b/doc/functions/gnutls_certificate_verification_profile_get_name new file mode 100644 index 0000000..d7d4aac --- /dev/null +++ b/doc/functions/gnutls_certificate_verification_profile_get_name @@ -0,0 +1,11 @@ + + + + +@deftypefun {const char *} {gnutls_certificate_verification_profile_get_name} (gnutls_certificate_verification_profiles_t @var{id}) +@var{id}: is a profile ID + +Convert a @code{gnutls_certificate_verification_profiles_t} value to a string. + +@strong{Returns:} a string that contains the name of the specified profile or @code{NULL} . +@end deftypefun diff --git a/doc/functions/gnutls_certificate_verification_profile_get_name.short b/doc/functions/gnutls_certificate_verification_profile_get_name.short new file mode 100644 index 0000000..94f09b7 --- /dev/null +++ b/doc/functions/gnutls_certificate_verification_profile_get_name.short @@ -0,0 +1 @@ +@item @var{const char *} @ref{gnutls_certificate_verification_profile_get_name} (gnutls_certificate_verification_profiles_t @var{id}) diff --git a/doc/functions/gnutls_db_set_cache_expiration b/doc/functions/gnutls_db_set_cache_expiration index cea1f45..6a873fa 100644 --- a/doc/functions/gnutls_db_set_cache_expiration +++ b/doc/functions/gnutls_db_set_cache_expiration @@ -8,7 +8,7 @@ @var{seconds}: is the number of seconds. Set the expiration time for resumed sessions. The default is 21600 -(size hours) at the time of writing. +(6 hours) at the time of writing. The maximum value that can be set using this function is 604800 (7 days). diff --git a/doc/functions/gnutls_ext_get_name2 b/doc/functions/gnutls_ext_get_name2 new file mode 100644 index 0000000..460b99d --- /dev/null +++ b/doc/functions/gnutls_ext_get_name2 @@ -0,0 +1,16 @@ + + + + +@deftypefun {const char *} {gnutls_ext_get_name2} (gnutls_session_t @var{session}, unsigned int @var{tls_id}, gnutls_ext_parse_type_t @var{parse_point}) +@var{session}: a @code{gnutls_session_t} opaque pointer + +@var{tls_id}: is a TLS extension numeric ID + +@var{parse_point}: the parse type of the extension + +Convert a TLS extension numeric ID to a printable string. + +@strong{Returns:} a pointer to a string that contains the name of the +specified cipher, or @code{NULL} . +@end deftypefun diff --git a/doc/functions/gnutls_ext_get_name2.short b/doc/functions/gnutls_ext_get_name2.short new file mode 100644 index 0000000..040a885 --- /dev/null +++ b/doc/functions/gnutls_ext_get_name2.short @@ -0,0 +1 @@ +@item @var{const char *} @ref{gnutls_ext_get_name2} (gnutls_session_t @var{session}, unsigned int @var{tls_id}, gnutls_ext_parse_type_t @var{parse_point}) diff --git a/doc/functions/gnutls_ext_register b/doc/functions/gnutls_ext_register index 0feb419..b93193e 100644 --- a/doc/functions/gnutls_ext_register +++ b/doc/functions/gnutls_ext_register @@ -2,12 +2,12 @@ -@deftypefun {int} {gnutls_ext_register} (const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_type}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}) +@deftypefun {int} {gnutls_ext_register} (const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_point}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}) @var{name}: the name of the extension to register @var{id}: the numeric TLS id of the extension -@var{parse_type}: the parse type of the extension (see gnutls_ext_parse_type_t) +@var{parse_point}: the parse type of the extension (see gnutls_ext_parse_type_t) @var{recv_func}: a function to receive the data diff --git a/doc/functions/gnutls_ext_register.short b/doc/functions/gnutls_ext_register.short index 516e172..a8855ff 100644 --- a/doc/functions/gnutls_ext_register.short +++ b/doc/functions/gnutls_ext_register.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ext_register} (const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_type}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}) +@item @var{int} @ref{gnutls_ext_register} (const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_point}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}) diff --git a/doc/functions/gnutls_get_system_config_file b/doc/functions/gnutls_get_system_config_file new file mode 100644 index 0000000..96e5d81 --- /dev/null +++ b/doc/functions/gnutls_get_system_config_file @@ -0,0 +1,14 @@ + + + + +@deftypefun {const char *} {gnutls_get_system_config_file} ( @var{void}) + +Returns the filename of the system wide configuration +file loaded by the library. The returned pointer is valid +until the library is unloaded. + +@strong{Returns:} a constant pointer to the config file loaded, or @code{NULL} if none + +@strong{Since:} 3.6.9 +@end deftypefun diff --git a/doc/functions/gnutls_get_system_config_file.short b/doc/functions/gnutls_get_system_config_file.short new file mode 100644 index 0000000..54ab894 --- /dev/null +++ b/doc/functions/gnutls_get_system_config_file.short @@ -0,0 +1 @@ +@item @var{const char *} @ref{gnutls_get_system_config_file} ( @var{void}) diff --git a/doc/functions/gnutls_global_init b/doc/functions/gnutls_global_init index 55474a4..795d492 100644 --- a/doc/functions/gnutls_global_init +++ b/doc/functions/gnutls_global_init @@ -19,7 +19,7 @@ This function increments a global counter, so that called as many times as @code{gnutls_global_init()} . This is useful when GnuTLS is used by more than one library in an application. This function can be called many times, but will only do something the -first time. +first time. It is thread safe since GnuTLS 3.3.0. A subsequent call of this function if the initial has failed will return the same error code. diff --git a/doc/functions/gnutls_handshake b/doc/functions/gnutls_handshake index b3d01da..cde855e 100644 --- a/doc/functions/gnutls_handshake +++ b/doc/functions/gnutls_handshake @@ -9,7 +9,7 @@ This function performs the handshake of the TLS/SSL protocol, and initializes the TLS session parameters. The non-fatal errors expected by this function are: -@code{GNUTLS_E_INTERRUPTED} , @code{GNUTLS_E_AGAIN} , +@code{GNUTLS_E_INTERRUPTED} , @code{GNUTLS_E_AGAIN} , @code{GNUTLS_E_WARNING_ALERT_RECEIVED} . When this function is called for re-handshake under TLS 1.2 or earlier, the non-fatal error code @code{GNUTLS_E_GOT_APPLICATION_DATA} may also be returned. diff --git a/doc/functions/gnutls_hash_copy b/doc/functions/gnutls_hash_copy new file mode 100644 index 0000000..600c0e7 --- /dev/null +++ b/doc/functions/gnutls_hash_copy @@ -0,0 +1,16 @@ + + + + +@deftypefun {gnutls_hash_hd_t} {gnutls_hash_copy} (gnutls_hash_hd_t @var{handle}) +@var{handle}: is a @code{gnutls_hash_hd_t} type + +This function will create a copy of Message Digest context, containing all +its current state. Copying contexts for Message Digests registered using +@code{gnutls_crypto_register_digest()} is not supported and will always result in +an error. + +@strong{Returns:} new Message Digest context or NULL in case of an error. + +@strong{Since:} 3.6.9 +@end deftypefun diff --git a/doc/functions/gnutls_hash_copy.short b/doc/functions/gnutls_hash_copy.short new file mode 100644 index 0000000..84fec8f --- /dev/null +++ b/doc/functions/gnutls_hash_copy.short @@ -0,0 +1 @@ +@item @var{gnutls_hash_hd_t} @ref{gnutls_hash_copy} (gnutls_hash_hd_t @var{handle}) diff --git a/doc/functions/gnutls_hkdf_expand b/doc/functions/gnutls_hkdf_expand new file mode 100644 index 0000000..329cf1c --- /dev/null +++ b/doc/functions/gnutls_hkdf_expand @@ -0,0 +1,23 @@ + + + + +@deftypefun {int} {gnutls_hkdf_expand} (gnutls_mac_algorithm_t @var{mac}, const gnutls_datum_t * @var{key}, const gnutls_datum_t * @var{info}, void * @var{output}, size_t @var{length}) +@var{mac}: the mac algorithm used internally + +@var{key}: the pseudorandom key created with HKDF-Extract + +@var{info}: the optional informational data + +@var{output}: the output value of the expand operation + +@var{length}: the desired length of the output key + +This function will derive a variable length keying material from +the pseudorandom key using the HKDF-Expand function as defined in +RFC 5869. + +@strong{Returns:} Zero or a negative error code on error. + +@strong{Since:} 3.6.13 +@end deftypefun diff --git a/doc/functions/gnutls_hkdf_expand.short b/doc/functions/gnutls_hkdf_expand.short new file mode 100644 index 0000000..e83a35a --- /dev/null +++ b/doc/functions/gnutls_hkdf_expand.short @@ -0,0 +1 @@ +@item @var{int} @ref{gnutls_hkdf_expand} (gnutls_mac_algorithm_t @var{mac}, const gnutls_datum_t * @var{key}, const gnutls_datum_t * @var{info}, void * @var{output}, size_t @var{length}) diff --git a/doc/functions/gnutls_hkdf_extract b/doc/functions/gnutls_hkdf_extract new file mode 100644 index 0000000..b6161f7 --- /dev/null +++ b/doc/functions/gnutls_hkdf_extract @@ -0,0 +1,20 @@ + + + + +@deftypefun {int} {gnutls_hkdf_extract} (gnutls_mac_algorithm_t @var{mac}, const gnutls_datum_t * @var{key}, const gnutls_datum_t * @var{salt}, void * @var{output}) +@var{mac}: the mac algorithm used internally + +@var{key}: the initial keying material + +@var{salt}: the optional salt + +@var{output}: the output value of the extract operation + +This function will derive a fixed-size key using the HKDF-Extract +function as defined in RFC 5869. + +@strong{Returns:} Zero or a negative error code on error. + +@strong{Since:} 3.6.13 +@end deftypefun diff --git a/doc/functions/gnutls_hkdf_extract.short b/doc/functions/gnutls_hkdf_extract.short new file mode 100644 index 0000000..2228e44 --- /dev/null +++ b/doc/functions/gnutls_hkdf_extract.short @@ -0,0 +1 @@ +@item @var{int} @ref{gnutls_hkdf_extract} (gnutls_mac_algorithm_t @var{mac}, const gnutls_datum_t * @var{key}, const gnutls_datum_t * @var{salt}, void * @var{output}) diff --git a/doc/functions/gnutls_hmac_copy b/doc/functions/gnutls_hmac_copy new file mode 100644 index 0000000..a219b21 --- /dev/null +++ b/doc/functions/gnutls_hmac_copy @@ -0,0 +1,16 @@ + + + + +@deftypefun {gnutls_hmac_hd_t} {gnutls_hmac_copy} (gnutls_hmac_hd_t @var{handle}) +@var{handle}: is a @code{gnutls_hmac_hd_t} type + +This function will create a copy of MAC context, containing all its current +state. Copying contexts for MACs registered using +@code{gnutls_crypto_register_mac()} is not supported and will always result in an +error. + +@strong{Returns:} new MAC context or NULL in case of an error. + +@strong{Since:} 3.6.9 +@end deftypefun diff --git a/doc/functions/gnutls_hmac_copy.short b/doc/functions/gnutls_hmac_copy.short new file mode 100644 index 0000000..12986ee --- /dev/null +++ b/doc/functions/gnutls_hmac_copy.short @@ -0,0 +1 @@ +@item @var{gnutls_hmac_hd_t} @ref{gnutls_hmac_copy} (gnutls_hmac_hd_t @var{handle}) diff --git a/doc/functions/gnutls_hmac_fast b/doc/functions/gnutls_hmac_fast index a461144..7a56206 100644 --- a/doc/functions/gnutls_hmac_fast +++ b/doc/functions/gnutls_hmac_fast @@ -16,7 +16,8 @@ @var{digest}: is the output value of the hash This convenience function will hash the given data and return output -on a single call. +on a single call. Note, this call will not work for MAC algorithms +that require nonce (like UMAC or GMAC). @strong{Returns:} Zero or a negative error code on error. diff --git a/doc/functions/gnutls_hmac_get_key_size b/doc/functions/gnutls_hmac_get_key_size new file mode 100644 index 0000000..a4abdb4 --- /dev/null +++ b/doc/functions/gnutls_hmac_get_key_size @@ -0,0 +1,15 @@ + + + + +@deftypefun {unsigned} {gnutls_hmac_get_key_size} (gnutls_mac_algorithm_t @var{algorithm}) +@var{algorithm}: the mac algorithm to use + +This function will return the size of the key to be used with this +algorithm. On the algorithms which may accept arbitrary key sizes, +the returned size is the MAC key size used in the TLS protocol. + +@strong{Returns:} The key size or zero on error. + +@strong{Since:} 3.6.12 +@end deftypefun diff --git a/doc/functions/gnutls_hmac_get_key_size.short b/doc/functions/gnutls_hmac_get_key_size.short new file mode 100644 index 0000000..bc943fc --- /dev/null +++ b/doc/functions/gnutls_hmac_get_key_size.short @@ -0,0 +1 @@ +@item @var{unsigned} @ref{gnutls_hmac_get_key_size} (gnutls_mac_algorithm_t @var{algorithm}) diff --git a/doc/functions/gnutls_load_file b/doc/functions/gnutls_load_file index 0e312d2..a8d3661 100644 --- a/doc/functions/gnutls_load_file +++ b/doc/functions/gnutls_load_file @@ -11,6 +11,10 @@ This function will load a file into a datum. The data are zero terminated but the terminating null is not included in length. The returned data are allocated using @code{gnutls_malloc()} . +Note that this function is not designed for reading sensitive materials, +such as private keys, on practical applications. When the reading fails +in the middle, the partially loaded content might remain on memory. + @strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise an error code is returned. diff --git a/doc/functions/gnutls_ocsp_req_export b/doc/functions/gnutls_ocsp_req_export index 6c2ccc2..c9c52f8 100644 --- a/doc/functions/gnutls_ocsp_req_export +++ b/doc/functions/gnutls_ocsp_req_export @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_req_export} (gnutls_ocsp_req_t @var{req}, gnutls_datum_t * @var{data}) +@deftypefun {int} {gnutls_ocsp_req_export} (gnutls_ocsp_req_const_t @var{req}, gnutls_datum_t * @var{data}) @var{req}: Holds the OCSP request @var{data}: newly allocate buffer holding DER encoded OCSP request diff --git a/doc/functions/gnutls_ocsp_req_export.short b/doc/functions/gnutls_ocsp_req_export.short index 16e1769..899f77e 100644 --- a/doc/functions/gnutls_ocsp_req_export.short +++ b/doc/functions/gnutls_ocsp_req_export.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_req_export} (gnutls_ocsp_req_t @var{req}, gnutls_datum_t * @var{data}) +@item @var{int} @ref{gnutls_ocsp_req_export} (gnutls_ocsp_req_const_t @var{req}, gnutls_datum_t * @var{data}) diff --git a/doc/functions/gnutls_ocsp_req_get_cert_id b/doc/functions/gnutls_ocsp_req_get_cert_id index 081cccd..166db47 100644 --- a/doc/functions/gnutls_ocsp_req_get_cert_id +++ b/doc/functions/gnutls_ocsp_req_get_cert_id @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_req_get_cert_id} (gnutls_ocsp_req_t @var{req}, unsigned @var{indx}, gnutls_digest_algorithm_t * @var{digest}, gnutls_datum_t * @var{issuer_name_hash}, gnutls_datum_t * @var{issuer_key_hash}, gnutls_datum_t * @var{serial_number}) +@deftypefun {int} {gnutls_ocsp_req_get_cert_id} (gnutls_ocsp_req_const_t @var{req}, unsigned @var{indx}, gnutls_digest_algorithm_t * @var{digest}, gnutls_datum_t * @var{issuer_name_hash}, gnutls_datum_t * @var{issuer_key_hash}, gnutls_datum_t * @var{serial_number}) @var{req}: should contain a @code{gnutls_ocsp_req_t} type @var{indx}: Specifies which extension OID to get. Use (0) to get the first one. diff --git a/doc/functions/gnutls_ocsp_req_get_cert_id.short b/doc/functions/gnutls_ocsp_req_get_cert_id.short index db0bffa..bc82cc7 100644 --- a/doc/functions/gnutls_ocsp_req_get_cert_id.short +++ b/doc/functions/gnutls_ocsp_req_get_cert_id.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_req_get_cert_id} (gnutls_ocsp_req_t @var{req}, unsigned @var{indx}, gnutls_digest_algorithm_t * @var{digest}, gnutls_datum_t * @var{issuer_name_hash}, gnutls_datum_t * @var{issuer_key_hash}, gnutls_datum_t * @var{serial_number}) +@item @var{int} @ref{gnutls_ocsp_req_get_cert_id} (gnutls_ocsp_req_const_t @var{req}, unsigned @var{indx}, gnutls_digest_algorithm_t * @var{digest}, gnutls_datum_t * @var{issuer_name_hash}, gnutls_datum_t * @var{issuer_key_hash}, gnutls_datum_t * @var{serial_number}) diff --git a/doc/functions/gnutls_ocsp_req_get_extension b/doc/functions/gnutls_ocsp_req_get_extension index a61b5e5..8846cb1 100644 --- a/doc/functions/gnutls_ocsp_req_get_extension +++ b/doc/functions/gnutls_ocsp_req_get_extension @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_req_get_extension} (gnutls_ocsp_req_t @var{req}, unsigned @var{indx}, gnutls_datum_t * @var{oid}, unsigned int * @var{critical}, gnutls_datum_t * @var{data}) +@deftypefun {int} {gnutls_ocsp_req_get_extension} (gnutls_ocsp_req_const_t @var{req}, unsigned @var{indx}, gnutls_datum_t * @var{oid}, unsigned int * @var{critical}, gnutls_datum_t * @var{data}) @var{req}: should contain a @code{gnutls_ocsp_req_t} type @var{indx}: Specifies which extension OID to get. Use (0) to get the first one. diff --git a/doc/functions/gnutls_ocsp_req_get_extension.short b/doc/functions/gnutls_ocsp_req_get_extension.short index 2d06500..9a47efb 100644 --- a/doc/functions/gnutls_ocsp_req_get_extension.short +++ b/doc/functions/gnutls_ocsp_req_get_extension.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_req_get_extension} (gnutls_ocsp_req_t @var{req}, unsigned @var{indx}, gnutls_datum_t * @var{oid}, unsigned int * @var{critical}, gnutls_datum_t * @var{data}) +@item @var{int} @ref{gnutls_ocsp_req_get_extension} (gnutls_ocsp_req_const_t @var{req}, unsigned @var{indx}, gnutls_datum_t * @var{oid}, unsigned int * @var{critical}, gnutls_datum_t * @var{data}) diff --git a/doc/functions/gnutls_ocsp_req_get_nonce b/doc/functions/gnutls_ocsp_req_get_nonce index ab640bf..11a8e43 100644 --- a/doc/functions/gnutls_ocsp_req_get_nonce +++ b/doc/functions/gnutls_ocsp_req_get_nonce @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_req_get_nonce} (gnutls_ocsp_req_t @var{req}, unsigned int * @var{critical}, gnutls_datum_t * @var{nonce}) +@deftypefun {int} {gnutls_ocsp_req_get_nonce} (gnutls_ocsp_req_const_t @var{req}, unsigned int * @var{critical}, gnutls_datum_t * @var{nonce}) @var{req}: should contain a @code{gnutls_ocsp_req_t} type @var{critical}: whether nonce extension is marked critical, or NULL diff --git a/doc/functions/gnutls_ocsp_req_get_nonce.short b/doc/functions/gnutls_ocsp_req_get_nonce.short index f97d22c..7ff0e61 100644 --- a/doc/functions/gnutls_ocsp_req_get_nonce.short +++ b/doc/functions/gnutls_ocsp_req_get_nonce.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_req_get_nonce} (gnutls_ocsp_req_t @var{req}, unsigned int * @var{critical}, gnutls_datum_t * @var{nonce}) +@item @var{int} @ref{gnutls_ocsp_req_get_nonce} (gnutls_ocsp_req_const_t @var{req}, unsigned int * @var{critical}, gnutls_datum_t * @var{nonce}) diff --git a/doc/functions/gnutls_ocsp_req_get_version b/doc/functions/gnutls_ocsp_req_get_version index ecd24af..ffa2e0a 100644 --- a/doc/functions/gnutls_ocsp_req_get_version +++ b/doc/functions/gnutls_ocsp_req_get_version @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_req_get_version} (gnutls_ocsp_req_t @var{req}) +@deftypefun {int} {gnutls_ocsp_req_get_version} (gnutls_ocsp_req_const_t @var{req}) @var{req}: should contain a @code{gnutls_ocsp_req_t} type This function will return the version of the OCSP request. diff --git a/doc/functions/gnutls_ocsp_req_get_version.short b/doc/functions/gnutls_ocsp_req_get_version.short index c345cfd..e4d437b 100644 --- a/doc/functions/gnutls_ocsp_req_get_version.short +++ b/doc/functions/gnutls_ocsp_req_get_version.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_req_get_version} (gnutls_ocsp_req_t @var{req}) +@item @var{int} @ref{gnutls_ocsp_req_get_version} (gnutls_ocsp_req_const_t @var{req}) diff --git a/doc/functions/gnutls_ocsp_req_print b/doc/functions/gnutls_ocsp_req_print index ff62adb..e62bd52 100644 --- a/doc/functions/gnutls_ocsp_req_print +++ b/doc/functions/gnutls_ocsp_req_print @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_req_print} (gnutls_ocsp_req_t @var{req}, gnutls_ocsp_print_formats_t @var{format}, gnutls_datum_t * @var{out}) +@deftypefun {int} {gnutls_ocsp_req_print} (gnutls_ocsp_req_const_t @var{req}, gnutls_ocsp_print_formats_t @var{format}, gnutls_datum_t * @var{out}) @var{req}: The data to be printed @var{format}: Indicate the format to use diff --git a/doc/functions/gnutls_ocsp_req_print.short b/doc/functions/gnutls_ocsp_req_print.short index d71a530..f50eee4 100644 --- a/doc/functions/gnutls_ocsp_req_print.short +++ b/doc/functions/gnutls_ocsp_req_print.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_req_print} (gnutls_ocsp_req_t @var{req}, gnutls_ocsp_print_formats_t @var{format}, gnutls_datum_t * @var{out}) +@item @var{int} @ref{gnutls_ocsp_req_print} (gnutls_ocsp_req_const_t @var{req}, gnutls_ocsp_print_formats_t @var{format}, gnutls_datum_t * @var{out}) diff --git a/doc/functions/gnutls_ocsp_resp_check_crt b/doc/functions/gnutls_ocsp_resp_check_crt index 14486ef..ff5e5e6 100644 --- a/doc/functions/gnutls_ocsp_resp_check_crt +++ b/doc/functions/gnutls_ocsp_resp_check_crt @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_check_crt} (gnutls_ocsp_resp_t @var{resp}, unsigned int @var{indx}, gnutls_x509_crt_t @var{crt}) +@deftypefun {int} {gnutls_ocsp_resp_check_crt} (gnutls_ocsp_resp_const_t @var{resp}, unsigned int @var{indx}, gnutls_x509_crt_t @var{crt}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{indx}: Specifies response number to get. Use (0) to get the first one. diff --git a/doc/functions/gnutls_ocsp_resp_check_crt.short b/doc/functions/gnutls_ocsp_resp_check_crt.short index 1b485fc..7a8f133 100644 --- a/doc/functions/gnutls_ocsp_resp_check_crt.short +++ b/doc/functions/gnutls_ocsp_resp_check_crt.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_check_crt} (gnutls_ocsp_resp_t @var{resp}, unsigned int @var{indx}, gnutls_x509_crt_t @var{crt}) +@item @var{int} @ref{gnutls_ocsp_resp_check_crt} (gnutls_ocsp_resp_const_t @var{resp}, unsigned int @var{indx}, gnutls_x509_crt_t @var{crt}) diff --git a/doc/functions/gnutls_ocsp_resp_export b/doc/functions/gnutls_ocsp_resp_export index 2476f3d..cd6cd14 100644 --- a/doc/functions/gnutls_ocsp_resp_export +++ b/doc/functions/gnutls_ocsp_resp_export @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_export} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{data}) +@deftypefun {int} {gnutls_ocsp_resp_export} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{data}) @var{resp}: Holds the OCSP response @var{data}: newly allocate buffer holding DER encoded OCSP response diff --git a/doc/functions/gnutls_ocsp_resp_export.short b/doc/functions/gnutls_ocsp_resp_export.short index fb7354f..d1646fe 100644 --- a/doc/functions/gnutls_ocsp_resp_export.short +++ b/doc/functions/gnutls_ocsp_resp_export.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_export} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{data}) +@item @var{int} @ref{gnutls_ocsp_resp_export} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{data}) diff --git a/doc/functions/gnutls_ocsp_resp_export2 b/doc/functions/gnutls_ocsp_resp_export2 index 67569d2..3886b2a 100644 --- a/doc/functions/gnutls_ocsp_resp_export2 +++ b/doc/functions/gnutls_ocsp_resp_export2 @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_export2} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{data}, gnutls_x509_crt_fmt_t @var{fmt}) +@deftypefun {int} {gnutls_ocsp_resp_export2} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{data}, gnutls_x509_crt_fmt_t @var{fmt}) @var{resp}: Holds the OCSP response @var{data}: newly allocate buffer holding DER or PEM encoded OCSP response diff --git a/doc/functions/gnutls_ocsp_resp_export2.short b/doc/functions/gnutls_ocsp_resp_export2.short index 37c6953..38e5ef6 100644 --- a/doc/functions/gnutls_ocsp_resp_export2.short +++ b/doc/functions/gnutls_ocsp_resp_export2.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_export2} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{data}, gnutls_x509_crt_fmt_t @var{fmt}) +@item @var{int} @ref{gnutls_ocsp_resp_export2} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{data}, gnutls_x509_crt_fmt_t @var{fmt}) diff --git a/doc/functions/gnutls_ocsp_resp_get_certs b/doc/functions/gnutls_ocsp_resp_get_certs index 6512c70..2f6f4dd 100644 --- a/doc/functions/gnutls_ocsp_resp_get_certs +++ b/doc/functions/gnutls_ocsp_resp_get_certs @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_certs} (gnutls_ocsp_resp_t @var{resp}, gnutls_x509_crt_t ** @var{certs}, size_t * @var{ncerts}) +@deftypefun {int} {gnutls_ocsp_resp_get_certs} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_x509_crt_t ** @var{certs}, size_t * @var{ncerts}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{certs}: newly allocated array with @code{gnutls_x509_crt_t} certificates diff --git a/doc/functions/gnutls_ocsp_resp_get_certs.short b/doc/functions/gnutls_ocsp_resp_get_certs.short index 0ffeff3..96ed0a6 100644 --- a/doc/functions/gnutls_ocsp_resp_get_certs.short +++ b/doc/functions/gnutls_ocsp_resp_get_certs.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_certs} (gnutls_ocsp_resp_t @var{resp}, gnutls_x509_crt_t ** @var{certs}, size_t * @var{ncerts}) +@item @var{int} @ref{gnutls_ocsp_resp_get_certs} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_x509_crt_t ** @var{certs}, size_t * @var{ncerts}) diff --git a/doc/functions/gnutls_ocsp_resp_get_extension b/doc/functions/gnutls_ocsp_resp_get_extension index 18b9f51..96e6ecf 100644 --- a/doc/functions/gnutls_ocsp_resp_get_extension +++ b/doc/functions/gnutls_ocsp_resp_get_extension @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_extension} (gnutls_ocsp_resp_t @var{resp}, unsigned @var{indx}, gnutls_datum_t * @var{oid}, unsigned int * @var{critical}, gnutls_datum_t * @var{data}) +@deftypefun {int} {gnutls_ocsp_resp_get_extension} (gnutls_ocsp_resp_const_t @var{resp}, unsigned @var{indx}, gnutls_datum_t * @var{oid}, unsigned int * @var{critical}, gnutls_datum_t * @var{data}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{indx}: Specifies which extension OID to get. Use (0) to get the first one. diff --git a/doc/functions/gnutls_ocsp_resp_get_extension.short b/doc/functions/gnutls_ocsp_resp_get_extension.short index d50f766..03cdbf3 100644 --- a/doc/functions/gnutls_ocsp_resp_get_extension.short +++ b/doc/functions/gnutls_ocsp_resp_get_extension.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_extension} (gnutls_ocsp_resp_t @var{resp}, unsigned @var{indx}, gnutls_datum_t * @var{oid}, unsigned int * @var{critical}, gnutls_datum_t * @var{data}) +@item @var{int} @ref{gnutls_ocsp_resp_get_extension} (gnutls_ocsp_resp_const_t @var{resp}, unsigned @var{indx}, gnutls_datum_t * @var{oid}, unsigned int * @var{critical}, gnutls_datum_t * @var{data}) diff --git a/doc/functions/gnutls_ocsp_resp_get_nonce b/doc/functions/gnutls_ocsp_resp_get_nonce index a4bd19e..e6aaaf1 100644 --- a/doc/functions/gnutls_ocsp_resp_get_nonce +++ b/doc/functions/gnutls_ocsp_resp_get_nonce @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_nonce} (gnutls_ocsp_resp_t @var{resp}, unsigned int * @var{critical}, gnutls_datum_t * @var{nonce}) +@deftypefun {int} {gnutls_ocsp_resp_get_nonce} (gnutls_ocsp_resp_const_t @var{resp}, unsigned int * @var{critical}, gnutls_datum_t * @var{nonce}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{critical}: whether nonce extension is marked critical diff --git a/doc/functions/gnutls_ocsp_resp_get_nonce.short b/doc/functions/gnutls_ocsp_resp_get_nonce.short index e46efb8..b383ef0 100644 --- a/doc/functions/gnutls_ocsp_resp_get_nonce.short +++ b/doc/functions/gnutls_ocsp_resp_get_nonce.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_nonce} (gnutls_ocsp_resp_t @var{resp}, unsigned int * @var{critical}, gnutls_datum_t * @var{nonce}) +@item @var{int} @ref{gnutls_ocsp_resp_get_nonce} (gnutls_ocsp_resp_const_t @var{resp}, unsigned int * @var{critical}, gnutls_datum_t * @var{nonce}) diff --git a/doc/functions/gnutls_ocsp_resp_get_produced b/doc/functions/gnutls_ocsp_resp_get_produced index a89910a..6122314 100644 --- a/doc/functions/gnutls_ocsp_resp_get_produced +++ b/doc/functions/gnutls_ocsp_resp_get_produced @@ -2,7 +2,7 @@ -@deftypefun {time_t} {gnutls_ocsp_resp_get_produced} (gnutls_ocsp_resp_t @var{resp}) +@deftypefun {time_t} {gnutls_ocsp_resp_get_produced} (gnutls_ocsp_resp_const_t @var{resp}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type This function will return the time when the OCSP response was diff --git a/doc/functions/gnutls_ocsp_resp_get_produced.short b/doc/functions/gnutls_ocsp_resp_get_produced.short index 408cdb3..afd3b46 100644 --- a/doc/functions/gnutls_ocsp_resp_get_produced.short +++ b/doc/functions/gnutls_ocsp_resp_get_produced.short @@ -1 +1 @@ -@item @var{time_t} @ref{gnutls_ocsp_resp_get_produced} (gnutls_ocsp_resp_t @var{resp}) +@item @var{time_t} @ref{gnutls_ocsp_resp_get_produced} (gnutls_ocsp_resp_const_t @var{resp}) diff --git a/doc/functions/gnutls_ocsp_resp_get_responder b/doc/functions/gnutls_ocsp_resp_get_responder index 2b70e79..b50f59a 100644 --- a/doc/functions/gnutls_ocsp_resp_get_responder +++ b/doc/functions/gnutls_ocsp_resp_get_responder @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_responder} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{dn}) +@deftypefun {int} {gnutls_ocsp_resp_get_responder} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{dn}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{dn}: newly allocated buffer with name diff --git a/doc/functions/gnutls_ocsp_resp_get_responder.short b/doc/functions/gnutls_ocsp_resp_get_responder.short index 9afae2d..3d56259 100644 --- a/doc/functions/gnutls_ocsp_resp_get_responder.short +++ b/doc/functions/gnutls_ocsp_resp_get_responder.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_responder} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{dn}) +@item @var{int} @ref{gnutls_ocsp_resp_get_responder} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{dn}) diff --git a/doc/functions/gnutls_ocsp_resp_get_responder2 b/doc/functions/gnutls_ocsp_resp_get_responder2 index 7847e34..7b0e376 100644 --- a/doc/functions/gnutls_ocsp_resp_get_responder2 +++ b/doc/functions/gnutls_ocsp_resp_get_responder2 @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_responder2} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{dn}, unsigned @var{flags}) +@deftypefun {int} {gnutls_ocsp_resp_get_responder2} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{dn}, unsigned @var{flags}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{dn}: newly allocated buffer with name diff --git a/doc/functions/gnutls_ocsp_resp_get_responder2.short b/doc/functions/gnutls_ocsp_resp_get_responder2.short index cedf0c1..b2ede53 100644 --- a/doc/functions/gnutls_ocsp_resp_get_responder2.short +++ b/doc/functions/gnutls_ocsp_resp_get_responder2.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_responder2} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{dn}, unsigned @var{flags}) +@item @var{int} @ref{gnutls_ocsp_resp_get_responder2} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{dn}, unsigned @var{flags}) diff --git a/doc/functions/gnutls_ocsp_resp_get_responder_raw_id b/doc/functions/gnutls_ocsp_resp_get_responder_raw_id index 0755c74..7916da6 100644 --- a/doc/functions/gnutls_ocsp_resp_get_responder_raw_id +++ b/doc/functions/gnutls_ocsp_resp_get_responder_raw_id @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_responder_raw_id} (gnutls_ocsp_resp_t @var{resp}, unsigned @var{type}, gnutls_datum_t * @var{raw}) +@deftypefun {int} {gnutls_ocsp_resp_get_responder_raw_id} (gnutls_ocsp_resp_const_t @var{resp}, unsigned @var{type}, gnutls_datum_t * @var{raw}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{type}: should be @code{GNUTLS_OCSP_RESP_ID_KEY} or @code{GNUTLS_OCSP_RESP_ID_DN} diff --git a/doc/functions/gnutls_ocsp_resp_get_responder_raw_id.short b/doc/functions/gnutls_ocsp_resp_get_responder_raw_id.short index e381a60..7238488 100644 --- a/doc/functions/gnutls_ocsp_resp_get_responder_raw_id.short +++ b/doc/functions/gnutls_ocsp_resp_get_responder_raw_id.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_responder_raw_id} (gnutls_ocsp_resp_t @var{resp}, unsigned @var{type}, gnutls_datum_t * @var{raw}) +@item @var{int} @ref{gnutls_ocsp_resp_get_responder_raw_id} (gnutls_ocsp_resp_const_t @var{resp}, unsigned @var{type}, gnutls_datum_t * @var{raw}) diff --git a/doc/functions/gnutls_ocsp_resp_get_response b/doc/functions/gnutls_ocsp_resp_get_response index 69ef606..0a4df0f 100644 --- a/doc/functions/gnutls_ocsp_resp_get_response +++ b/doc/functions/gnutls_ocsp_resp_get_response @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_response} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{response_type_oid}, gnutls_datum_t * @var{response}) +@deftypefun {int} {gnutls_ocsp_resp_get_response} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{response_type_oid}, gnutls_datum_t * @var{response}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{response_type_oid}: newly allocated output buffer with response type OID diff --git a/doc/functions/gnutls_ocsp_resp_get_response.short b/doc/functions/gnutls_ocsp_resp_get_response.short index cbfdb0c..afdcb41 100644 --- a/doc/functions/gnutls_ocsp_resp_get_response.short +++ b/doc/functions/gnutls_ocsp_resp_get_response.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_response} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{response_type_oid}, gnutls_datum_t * @var{response}) +@item @var{int} @ref{gnutls_ocsp_resp_get_response} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{response_type_oid}, gnutls_datum_t * @var{response}) diff --git a/doc/functions/gnutls_ocsp_resp_get_signature b/doc/functions/gnutls_ocsp_resp_get_signature index 1cadb24..1f51fd8 100644 --- a/doc/functions/gnutls_ocsp_resp_get_signature +++ b/doc/functions/gnutls_ocsp_resp_get_signature @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_signature} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{sig}) +@deftypefun {int} {gnutls_ocsp_resp_get_signature} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{sig}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{sig}: newly allocated output buffer with signature data diff --git a/doc/functions/gnutls_ocsp_resp_get_signature.short b/doc/functions/gnutls_ocsp_resp_get_signature.short index 3be3a82..24bace1 100644 --- a/doc/functions/gnutls_ocsp_resp_get_signature.short +++ b/doc/functions/gnutls_ocsp_resp_get_signature.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_signature} (gnutls_ocsp_resp_t @var{resp}, gnutls_datum_t * @var{sig}) +@item @var{int} @ref{gnutls_ocsp_resp_get_signature} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_datum_t * @var{sig}) diff --git a/doc/functions/gnutls_ocsp_resp_get_signature_algorithm b/doc/functions/gnutls_ocsp_resp_get_signature_algorithm index 0812c3a..c41dc18 100644 --- a/doc/functions/gnutls_ocsp_resp_get_signature_algorithm +++ b/doc/functions/gnutls_ocsp_resp_get_signature_algorithm @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_signature_algorithm} (gnutls_ocsp_resp_t @var{resp}) +@deftypefun {int} {gnutls_ocsp_resp_get_signature_algorithm} (gnutls_ocsp_resp_const_t @var{resp}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type This function will return a value of the @code{gnutls_sign_algorithm_t} diff --git a/doc/functions/gnutls_ocsp_resp_get_signature_algorithm.short b/doc/functions/gnutls_ocsp_resp_get_signature_algorithm.short index d88123e..bcc4acd 100644 --- a/doc/functions/gnutls_ocsp_resp_get_signature_algorithm.short +++ b/doc/functions/gnutls_ocsp_resp_get_signature_algorithm.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_signature_algorithm} (gnutls_ocsp_resp_t @var{resp}) +@item @var{int} @ref{gnutls_ocsp_resp_get_signature_algorithm} (gnutls_ocsp_resp_const_t @var{resp}) diff --git a/doc/functions/gnutls_ocsp_resp_get_single b/doc/functions/gnutls_ocsp_resp_get_single index a77a539..137c661 100644 --- a/doc/functions/gnutls_ocsp_resp_get_single +++ b/doc/functions/gnutls_ocsp_resp_get_single @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_single} (gnutls_ocsp_resp_t @var{resp}, unsigned @var{indx}, gnutls_digest_algorithm_t * @var{digest}, gnutls_datum_t * @var{issuer_name_hash}, gnutls_datum_t * @var{issuer_key_hash}, gnutls_datum_t * @var{serial_number}, unsigned int * @var{cert_status}, time_t * @var{this_update}, time_t * @var{next_update}, time_t * @var{revocation_time}, unsigned int * @var{revocation_reason}) +@deftypefun {int} {gnutls_ocsp_resp_get_single} (gnutls_ocsp_resp_const_t @var{resp}, unsigned @var{indx}, gnutls_digest_algorithm_t * @var{digest}, gnutls_datum_t * @var{issuer_name_hash}, gnutls_datum_t * @var{issuer_key_hash}, gnutls_datum_t * @var{serial_number}, unsigned int * @var{cert_status}, time_t * @var{this_update}, time_t * @var{next_update}, time_t * @var{revocation_time}, unsigned int * @var{revocation_reason}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{indx}: Specifies response number to get. Use (0) to get the first one. diff --git a/doc/functions/gnutls_ocsp_resp_get_single.short b/doc/functions/gnutls_ocsp_resp_get_single.short index f428e35..dbf9884 100644 --- a/doc/functions/gnutls_ocsp_resp_get_single.short +++ b/doc/functions/gnutls_ocsp_resp_get_single.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_single} (gnutls_ocsp_resp_t @var{resp}, unsigned @var{indx}, gnutls_digest_algorithm_t * @var{digest}, gnutls_datum_t * @var{issuer_name_hash}, gnutls_datum_t * @var{issuer_key_hash}, gnutls_datum_t * @var{serial_number}, unsigned int * @var{cert_status}, time_t * @var{this_update}, time_t * @var{next_update}, time_t * @var{revocation_time}, unsigned int * @var{revocation_reason}) +@item @var{int} @ref{gnutls_ocsp_resp_get_single} (gnutls_ocsp_resp_const_t @var{resp}, unsigned @var{indx}, gnutls_digest_algorithm_t * @var{digest}, gnutls_datum_t * @var{issuer_name_hash}, gnutls_datum_t * @var{issuer_key_hash}, gnutls_datum_t * @var{serial_number}, unsigned int * @var{cert_status}, time_t * @var{this_update}, time_t * @var{next_update}, time_t * @var{revocation_time}, unsigned int * @var{revocation_reason}) diff --git a/doc/functions/gnutls_ocsp_resp_get_status b/doc/functions/gnutls_ocsp_resp_get_status index cfa0171..bf05149 100644 --- a/doc/functions/gnutls_ocsp_resp_get_status +++ b/doc/functions/gnutls_ocsp_resp_get_status @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_status} (gnutls_ocsp_resp_t @var{resp}) +@deftypefun {int} {gnutls_ocsp_resp_get_status} (gnutls_ocsp_resp_const_t @var{resp}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type This function will return the status of a OCSP response, an diff --git a/doc/functions/gnutls_ocsp_resp_get_status.short b/doc/functions/gnutls_ocsp_resp_get_status.short index b9f8ea0..eaf8dd8 100644 --- a/doc/functions/gnutls_ocsp_resp_get_status.short +++ b/doc/functions/gnutls_ocsp_resp_get_status.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_status} (gnutls_ocsp_resp_t @var{resp}) +@item @var{int} @ref{gnutls_ocsp_resp_get_status} (gnutls_ocsp_resp_const_t @var{resp}) diff --git a/doc/functions/gnutls_ocsp_resp_get_version b/doc/functions/gnutls_ocsp_resp_get_version index 0884c6b..71c5d9e 100644 --- a/doc/functions/gnutls_ocsp_resp_get_version +++ b/doc/functions/gnutls_ocsp_resp_get_version @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_get_version} (gnutls_ocsp_resp_t @var{resp}) +@deftypefun {int} {gnutls_ocsp_resp_get_version} (gnutls_ocsp_resp_const_t @var{resp}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type This function will return the version of the Basic OCSP Response. diff --git a/doc/functions/gnutls_ocsp_resp_get_version.short b/doc/functions/gnutls_ocsp_resp_get_version.short index ace8ddd..a07f31f 100644 --- a/doc/functions/gnutls_ocsp_resp_get_version.short +++ b/doc/functions/gnutls_ocsp_resp_get_version.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_get_version} (gnutls_ocsp_resp_t @var{resp}) +@item @var{int} @ref{gnutls_ocsp_resp_get_version} (gnutls_ocsp_resp_const_t @var{resp}) diff --git a/doc/functions/gnutls_ocsp_resp_print b/doc/functions/gnutls_ocsp_resp_print index d0265c6..91d8f63 100644 --- a/doc/functions/gnutls_ocsp_resp_print +++ b/doc/functions/gnutls_ocsp_resp_print @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_print} (gnutls_ocsp_resp_t @var{resp}, gnutls_ocsp_print_formats_t @var{format}, gnutls_datum_t * @var{out}) +@deftypefun {int} {gnutls_ocsp_resp_print} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_ocsp_print_formats_t @var{format}, gnutls_datum_t * @var{out}) @var{resp}: The data to be printed @var{format}: Indicate the format to use diff --git a/doc/functions/gnutls_ocsp_resp_print.short b/doc/functions/gnutls_ocsp_resp_print.short index 4ee9071..dd7dc5b 100644 --- a/doc/functions/gnutls_ocsp_resp_print.short +++ b/doc/functions/gnutls_ocsp_resp_print.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_print} (gnutls_ocsp_resp_t @var{resp}, gnutls_ocsp_print_formats_t @var{format}, gnutls_datum_t * @var{out}) +@item @var{int} @ref{gnutls_ocsp_resp_print} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_ocsp_print_formats_t @var{format}, gnutls_datum_t * @var{out}) diff --git a/doc/functions/gnutls_ocsp_resp_verify b/doc/functions/gnutls_ocsp_resp_verify index 1f9aa1f..5acc96b 100644 --- a/doc/functions/gnutls_ocsp_resp_verify +++ b/doc/functions/gnutls_ocsp_resp_verify @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_verify} (gnutls_ocsp_resp_t @var{resp}, gnutls_x509_trust_list_t @var{trustlist}, unsigned int * @var{verify}, unsigned int @var{flags}) +@deftypefun {int} {gnutls_ocsp_resp_verify} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_x509_trust_list_t @var{trustlist}, unsigned int * @var{verify}, unsigned int @var{flags}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{trustlist}: trust anchors as a @code{gnutls_x509_trust_list_t} type diff --git a/doc/functions/gnutls_ocsp_resp_verify.short b/doc/functions/gnutls_ocsp_resp_verify.short index d32ab03..dbeb9ce 100644 --- a/doc/functions/gnutls_ocsp_resp_verify.short +++ b/doc/functions/gnutls_ocsp_resp_verify.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_verify} (gnutls_ocsp_resp_t @var{resp}, gnutls_x509_trust_list_t @var{trustlist}, unsigned int * @var{verify}, unsigned int @var{flags}) +@item @var{int} @ref{gnutls_ocsp_resp_verify} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_x509_trust_list_t @var{trustlist}, unsigned int * @var{verify}, unsigned int @var{flags}) diff --git a/doc/functions/gnutls_ocsp_resp_verify_direct b/doc/functions/gnutls_ocsp_resp_verify_direct index 54c216d..caac323 100644 --- a/doc/functions/gnutls_ocsp_resp_verify_direct +++ b/doc/functions/gnutls_ocsp_resp_verify_direct @@ -2,7 +2,7 @@ -@deftypefun {int} {gnutls_ocsp_resp_verify_direct} (gnutls_ocsp_resp_t @var{resp}, gnutls_x509_crt_t @var{issuer}, unsigned int * @var{verify}, unsigned int @var{flags}) +@deftypefun {int} {gnutls_ocsp_resp_verify_direct} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_x509_crt_t @var{issuer}, unsigned int * @var{verify}, unsigned int @var{flags}) @var{resp}: should contain a @code{gnutls_ocsp_resp_t} type @var{issuer}: certificate believed to have signed the response diff --git a/doc/functions/gnutls_ocsp_resp_verify_direct.short b/doc/functions/gnutls_ocsp_resp_verify_direct.short index 6d4c101..5488f14 100644 --- a/doc/functions/gnutls_ocsp_resp_verify_direct.short +++ b/doc/functions/gnutls_ocsp_resp_verify_direct.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_resp_verify_direct} (gnutls_ocsp_resp_t @var{resp}, gnutls_x509_crt_t @var{issuer}, unsigned int * @var{verify}, unsigned int @var{flags}) +@item @var{int} @ref{gnutls_ocsp_resp_verify_direct} (gnutls_ocsp_resp_const_t @var{resp}, gnutls_x509_crt_t @var{issuer}, unsigned int * @var{verify}, unsigned int @var{flags}) diff --git a/doc/functions/gnutls_ocsp_status_request_is_checked b/doc/functions/gnutls_ocsp_status_request_is_checked index 2f89d22..4b8b26e 100644 --- a/doc/functions/gnutls_ocsp_status_request_is_checked +++ b/doc/functions/gnutls_ocsp_status_request_is_checked @@ -2,14 +2,15 @@ -@deftypefun {int} {gnutls_ocsp_status_request_is_checked} (gnutls_session_t @var{session}, unsigned int @var{flags}) +@deftypefun {unsigned} {gnutls_ocsp_status_request_is_checked} (gnutls_session_t @var{session}, unsigned int @var{flags}) @var{session}: is a gnutls session @var{flags}: should be zero or @code{GNUTLS_OCSP_SR_IS_AVAIL} When flags are zero this function returns non-zero if a valid OCSP status response was included in the TLS handshake. That is, an OCSP status response -which is not too old or superseded. It returns zero otherwise. +which is not too old, superseded or marks the certificate as revoked. +It returns zero otherwise. When the flag @code{GNUTLS_OCSP_SR_IS_AVAIL} is specified, the function returns non-zero if an OCSP status response was included in the handshake @@ -20,7 +21,11 @@ This is a helper function when needing to decide whether to perform an explicit OCSP validity check on the peer's certificate. Should be called after any of gnutls_certificate_verify_peers*() are called. -@strong{Returns:} non zero if the response was valid, or a zero if it wasn't sent, +This function is always usable on client side, but on server side only +under TLS 1.3, which is the first version of TLS that allows cliend-side OCSP +responses. + +@strong{Returns:} Non-zero if the response was valid, or a zero if it wasn't sent, or sent and was invalid. @strong{Since:} 3.1.4 diff --git a/doc/functions/gnutls_ocsp_status_request_is_checked.short b/doc/functions/gnutls_ocsp_status_request_is_checked.short index bb33234..b1488f1 100644 --- a/doc/functions/gnutls_ocsp_status_request_is_checked.short +++ b/doc/functions/gnutls_ocsp_status_request_is_checked.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_ocsp_status_request_is_checked} (gnutls_session_t @var{session}, unsigned int @var{flags}) +@item @var{unsigned} @ref{gnutls_ocsp_status_request_is_checked} (gnutls_session_t @var{session}, unsigned int @var{flags}) diff --git a/doc/functions/gnutls_pbkdf2 b/doc/functions/gnutls_pbkdf2 new file mode 100644 index 0000000..69e0d3e --- /dev/null +++ b/doc/functions/gnutls_pbkdf2 @@ -0,0 +1,24 @@ + + + + +@deftypefun {int} {gnutls_pbkdf2} (gnutls_mac_algorithm_t @var{mac}, const gnutls_datum_t * @var{key}, const gnutls_datum_t * @var{salt}, unsigned @var{iter_count}, void * @var{output}, size_t @var{length}) +@var{mac}: the mac algorithm used internally + +@var{key}: the initial keying material + +@var{salt}: the salt + +@var{iter_count}: the iteration count + +@var{output}: the output value + +@var{length}: the desired length of the output key + +This function will derive a variable length keying material from +a password according to PKCS @code{5} PBKDF2. + +@strong{Returns:} Zero or a negative error code on error. + +@strong{Since:} 3.6.13 +@end deftypefun diff --git a/doc/functions/gnutls_pbkdf2.short b/doc/functions/gnutls_pbkdf2.short new file mode 100644 index 0000000..a3e5bf9 --- /dev/null +++ b/doc/functions/gnutls_pbkdf2.short @@ -0,0 +1 @@ +@item @var{int} @ref{gnutls_pbkdf2} (gnutls_mac_algorithm_t @var{mac}, const gnutls_datum_t * @var{key}, const gnutls_datum_t * @var{salt}, unsigned @var{iter_count}, void * @var{output}, size_t @var{length}) diff --git a/doc/functions/gnutls_pkcs7_print_signature_info b/doc/functions/gnutls_pkcs7_print_signature_info new file mode 100644 index 0000000..c712c0b --- /dev/null +++ b/doc/functions/gnutls_pkcs7_print_signature_info @@ -0,0 +1,24 @@ + + + + +@deftypefun {int} {gnutls_pkcs7_print_signature_info} (gnutls_pkcs7_signature_info_st * @var{info}, gnutls_certificate_print_formats_t @var{format}, gnutls_datum_t * @var{out}) +@var{info}: The PKCS7 signature info struct to be printed + +@var{format}: Indicate the format to use + +@var{out}: Newly allocated datum with null terminated string. + +This function will pretty print a PKCS @code{7} signature info structure, suitable +for display to a human. + +Currently the supported formats are @code{GNUTLS_CRT_PRINT_FULL} and +@code{GNUTLS_CRT_PRINT_COMPACT} . + +The output @code{out} needs to be deallocated using @code{gnutls_free()} . + +@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a +negative error value. + +@strong{Since:} 3.6.14 +@end deftypefun diff --git a/doc/functions/gnutls_pkcs7_print_signature_info.short b/doc/functions/gnutls_pkcs7_print_signature_info.short new file mode 100644 index 0000000..86318f0 --- /dev/null +++ b/doc/functions/gnutls_pkcs7_print_signature_info.short @@ -0,0 +1 @@ +@item @var{int} @ref{gnutls_pkcs7_print_signature_info} (gnutls_pkcs7_signature_info_st * @var{info}, gnutls_certificate_print_formats_t @var{format}, gnutls_datum_t * @var{out}) diff --git a/doc/functions/gnutls_prf_early b/doc/functions/gnutls_prf_early index fb328ad..c387362 100644 --- a/doc/functions/gnutls_prf_early +++ b/doc/functions/gnutls_prf_early @@ -40,5 +40,5 @@ must be non-null. @strong{Returns:} @code{GNUTLS_E_SUCCESS} on success, or an error code. -@strong{Since:} 3.6.6 +@strong{Since:} 3.6.8 @end deftypefun diff --git a/doc/functions/gnutls_prf_hash_get b/doc/functions/gnutls_prf_hash_get new file mode 100644 index 0000000..8ada18f --- /dev/null +++ b/doc/functions/gnutls_prf_hash_get @@ -0,0 +1,17 @@ + + + + +@deftypefun {gnutls_digest_algorithm_t} {gnutls_prf_hash_get} (const gnutls_session_t @var{session}) +@var{session}: is a @code{gnutls_session_t} type. + +Get the currently used hash algorithm. In TLS 1.3, the hash +algorithm is used for both the key derivation function and +handshake message authentication code. In TLS 1.2, it matches the +hash algorithm used for PRF. + +@strong{Returns:} the currently used hash algorithm, a +@code{gnutls_digest_algorithm_t} value. + +@strong{Since:} 3.6.13 +@end deftypefun diff --git a/doc/functions/gnutls_prf_hash_get.short b/doc/functions/gnutls_prf_hash_get.short new file mode 100644 index 0000000..01a848c --- /dev/null +++ b/doc/functions/gnutls_prf_hash_get.short @@ -0,0 +1 @@ +@item @var{gnutls_digest_algorithm_t} @ref{gnutls_prf_hash_get} (const gnutls_session_t @var{session}) diff --git a/doc/functions/gnutls_priority_init2 b/doc/functions/gnutls_priority_init2 index eb99a83..3a6322c 100644 --- a/doc/functions/gnutls_priority_init2 +++ b/doc/functions/gnutls_priority_init2 @@ -57,7 +57,7 @@ of 192. "@@KEYWORD1,KEYWORD2,..." The system administrator imposed settings. The provided keyword(s) will be expanded from a configuration-time -provided file - default is: /etc/gnutls/default-priorities. +provided file - default is: /etc/gnutls/config. Any attributes that follow it, will be appended to the expanded string. If multiple keywords are provided, separated by commas, then the first keyword that exists in the configuration file diff --git a/doc/functions/gnutls_privkey_sign_hash2 b/doc/functions/gnutls_privkey_sign_hash2 index 7f78411..5d4ab6d 100644 --- a/doc/functions/gnutls_privkey_sign_hash2 +++ b/doc/functions/gnutls_privkey_sign_hash2 @@ -13,20 +13,17 @@ @var{signature}: will contain newly allocated signature -This function will sign the given hashed data using a signature algorithm -supported by the private key. Signature algorithms are always used -together with a hash functions. Different hash functions may be -used for the RSA algorithm, but only SHA-XXX for the DSA keys. +This function will sign the given hashed data using the specified signature +algorithm. This function is an enhancement of @code{gnutls_privkey_sign_hash()} , +as it allows utilizing a alternative signature algorithm where possible +(e.g, use an RSA key with RSA-PSS). -You may use @code{gnutls_pubkey_get_preferred_hash_algorithm()} to determine -the hash algorithm. +The flags may be @code{GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA} . +In that case this function will ignore @code{hash_algo} and perform a raw PKCS1 signature. +Note that this flag is supported since 3.6.9. -The flags may be @code{GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA} or @code{GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS} . -In the former case this function will ignore @code{hash_algo} and perform a raw PKCS1 signature, -and in the latter an RSA-PSS signature will be generated. - -Note that, not all algorithm support signing already hashed data. When -signing with Ed25519, @code{gnutls_privkey_sign_data()} should be used. +Note also that, not all algorithm support signing already hashed data. When +signing with Ed25519, @code{gnutls_privkey_sign_data2()} should be used instead. @strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise a negative error value. diff --git a/doc/functions/gnutls_psk_server_get_username b/doc/functions/gnutls_psk_server_get_username index ad2496d..bba7094 100644 --- a/doc/functions/gnutls_psk_server_get_username +++ b/doc/functions/gnutls_psk_server_get_username @@ -8,5 +8,12 @@ This should only be called in case of PSK authentication and in case of a server. -@strong{Returns:} the username of the peer, or @code{NULL} in case of an error. +The returned pointer should be considered constant (do not free) and valid +for the lifetime of the session. + +This function will return @code{NULL} if the username has embedded NULL bytes. +In that case, @code{gnutls_psk_server_get_username2()} should be used to retrieve the username. + +@strong{Returns:} the username of the peer, or @code{NULL} in case of an error, +or if the username has embedded NULLs. @end deftypefun diff --git a/doc/functions/gnutls_psk_server_get_username2 b/doc/functions/gnutls_psk_server_get_username2 new file mode 100644 index 0000000..589f6f9 --- /dev/null +++ b/doc/functions/gnutls_psk_server_get_username2 @@ -0,0 +1,20 @@ + + + + +@deftypefun {int} {gnutls_psk_server_get_username2} (gnutls_session_t @var{session}, gnutls_datum_t * @var{username}) +@var{session}: is a gnutls session + +@var{username}: a datum that will be filled in by this function + +Return a pointer to the username of the peer in the supplied datum. Does not +need to be null-terminated. + +This should only be called in case of PSK authentication and in +case of a server. + +The returned pointer should be considered constant (do not free) and valid +for the lifetime of the session. + +@strong{Returns:} @code{GNUTLS_E_SUCCESS} , or a negative value in case of an error. +@end deftypefun diff --git a/doc/functions/gnutls_psk_server_get_username2.short b/doc/functions/gnutls_psk_server_get_username2.short new file mode 100644 index 0000000..878ac54 --- /dev/null +++ b/doc/functions/gnutls_psk_server_get_username2.short @@ -0,0 +1 @@ +@item @var{int} @ref{gnutls_psk_server_get_username2} (gnutls_session_t @var{session}, gnutls_datum_t * @var{username}) diff --git a/doc/functions/gnutls_psk_set_client_credentials2 b/doc/functions/gnutls_psk_set_client_credentials2 new file mode 100644 index 0000000..cdeca0a --- /dev/null +++ b/doc/functions/gnutls_psk_set_client_credentials2 @@ -0,0 +1,20 @@ + + + + +@deftypefun {int} {gnutls_psk_set_client_credentials2} (gnutls_psk_client_credentials_t @var{res}, const gnutls_datum_t * @var{username}, const gnutls_datum_t * @var{key}, gnutls_psk_key_flags @var{flags}) +@var{res}: is a @code{gnutls_psk_client_credentials_t} type. + +@var{username}: is the userid + +@var{key}: is the user's key + +@var{flags}: indicate the format of the key, either +@code{GNUTLS_PSK_KEY_RAW} or @code{GNUTLS_PSK_KEY_HEX} . + +This function is identical to @code{gnutls_psk_set_client_credentials()} , +except that it allows a non-null-terminated username to be introduced. + +@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise +an error code is returned. +@end deftypefun diff --git a/doc/functions/gnutls_psk_set_client_credentials2.short b/doc/functions/gnutls_psk_set_client_credentials2.short new file mode 100644 index 0000000..1a545d7 --- /dev/null +++ b/doc/functions/gnutls_psk_set_client_credentials2.short @@ -0,0 +1 @@ +@item @var{int} @ref{gnutls_psk_set_client_credentials2} (gnutls_psk_client_credentials_t @var{res}, const gnutls_datum_t * @var{username}, const gnutls_datum_t * @var{key}, gnutls_psk_key_flags @var{flags}) diff --git a/doc/functions/gnutls_psk_set_client_credentials_function2 b/doc/functions/gnutls_psk_set_client_credentials_function2 new file mode 100644 index 0000000..cb1ebba --- /dev/null +++ b/doc/functions/gnutls_psk_set_client_credentials_function2 @@ -0,0 +1,28 @@ + + + + +@deftypefun {void} {gnutls_psk_set_client_credentials_function2} (gnutls_psk_client_credentials_t @var{cred}, gnutls_psk_client_credentials_function2 * @var{func}) +@var{cred}: is a @code{gnutls_psk_server_credentials_t} type. + +@var{func}: is the callback function + +This function can be used to set a callback to retrieve the username and +password for client PSK authentication. +The callback's function form is: +int (*callback)(gnutls_session_t, gnutls_datum_t* username, +gnutls_datum_t* key); + +This callback function has the same semantics as that of @code{gnutls_psk_set_client_credentials_function()} , +but it allows non-string usernames to be used. + +The @code{username} and @code{key} ->data must be allocated using @code{gnutls_malloc()} . +The @code{username} should be an ASCII string or UTF-8 +string. In case of a UTF-8 string it is recommended to be following +the PRECIS framework for usernames (rfc8265). + +The callback function will be called once per handshake. + +The callback function should return 0 on success. +-1 indicates an error. +@end deftypefun diff --git a/doc/functions/gnutls_psk_set_client_credentials_function2.short b/doc/functions/gnutls_psk_set_client_credentials_function2.short new file mode 100644 index 0000000..08183ef --- /dev/null +++ b/doc/functions/gnutls_psk_set_client_credentials_function2.short @@ -0,0 +1 @@ +@item @var{void} @ref{gnutls_psk_set_client_credentials_function2} (gnutls_psk_client_credentials_t @var{cred}, gnutls_psk_client_credentials_function2 * @var{func}) diff --git a/doc/functions/gnutls_psk_set_server_credentials_function2 b/doc/functions/gnutls_psk_set_server_credentials_function2 new file mode 100644 index 0000000..a0f8c91 --- /dev/null +++ b/doc/functions/gnutls_psk_set_server_credentials_function2 @@ -0,0 +1,27 @@ + + + + +@deftypefun {void} {gnutls_psk_set_server_credentials_function2} (gnutls_psk_server_credentials_t @var{cred}, gnutls_psk_server_credentials_function2 @var{func}) +@var{cred}: is a @code{gnutls_psk_server_credentials_t} type. + +@var{func}: is the callback function + +This function can be used to set a callback to retrieve the user's PSK credentials. +The callback's function form is: +int (*callback)(gnutls_session_t, const gnutls_datum_t* username, +gnutls_datum_t* key); + +This callback function has the same semantics as that of @code{gnutls_psk_set_server_credentials_function()} , +but it allows non-string usernames to be used. + + @code{username} contains the actual username. +The @code{key} must be filled in using the @code{gnutls_malloc()} . + +In case the callback returned a negative number then gnutls will +assume that the username does not exist. + +The callback function will only be called once per handshake. The +callback function should return 0 on success, while -1 indicates +an error. +@end deftypefun diff --git a/doc/functions/gnutls_psk_set_server_credentials_function2.short b/doc/functions/gnutls_psk_set_server_credentials_function2.short new file mode 100644 index 0000000..c7a2952 --- /dev/null +++ b/doc/functions/gnutls_psk_set_server_credentials_function2.short @@ -0,0 +1 @@ +@item @var{void} @ref{gnutls_psk_set_server_credentials_function2} (gnutls_psk_server_credentials_t @var{cred}, gnutls_psk_server_credentials_function2 @var{func}) diff --git a/doc/functions/gnutls_record_check_corked b/doc/functions/gnutls_record_check_corked index cd9ca0a..15118b7 100644 --- a/doc/functions/gnutls_record_check_corked +++ b/doc/functions/gnutls_record_check_corked @@ -6,7 +6,7 @@ @var{session}: is a @code{gnutls_session_t} type. This function checks if there pending corked -data in the gnutls buffers --see @code{gnutls_record_cork()} . +data in the gnutls buffers --see @code{gnutls_record_cork()} . @strong{Returns:} Returns the size of the corked data or zero. diff --git a/doc/functions/gnutls_record_discard_queued b/doc/functions/gnutls_record_discard_queued index 03911ce..f92163e 100644 --- a/doc/functions/gnutls_record_discard_queued +++ b/doc/functions/gnutls_record_discard_queued @@ -5,9 +5,13 @@ @deftypefun {size_t} {gnutls_record_discard_queued} (gnutls_session_t @var{session}) @var{session}: is a @code{gnutls_session_t} type. -This function discards all queued to be sent packets in a TLS or DTLS session. +This function discards all queued to be sent packets in a DTLS session. These are the packets queued after an interrupted @code{gnutls_record_send()} . +This function can only be used with transports where @code{send()} is +an all-or-nothing operation (e.g., UDP). When partial writes are allowed +this function will cause session errors. + @strong{Returns:} The number of bytes discarded. @strong{Since:} 3.4.0 diff --git a/doc/functions/gnutls_record_recv b/doc/functions/gnutls_record_recv index 663a103..9da1fc7 100644 --- a/doc/functions/gnutls_record_recv +++ b/doc/functions/gnutls_record_recv @@ -26,6 +26,6 @@ call this function again to get the data. See also @code{gnutls_record_get_direction()} . @strong{Returns:} The number of bytes received and zero on EOF (for stream -connections). A negative error code is returned in case of an error. +connections). A negative error code is returned in case of an error. The number of bytes received might be less than the requested @code{data_size} . @end deftypefun diff --git a/doc/functions/gnutls_record_recv_packet b/doc/functions/gnutls_record_recv_packet index 31bb870..d176807 100644 --- a/doc/functions/gnutls_record_recv_packet +++ b/doc/functions/gnutls_record_recv_packet @@ -12,12 +12,12 @@ to directly receive the whole decrypted packet. That avoids a memory copy, and is intended to be used by applications seeking high performance. -The received packet is accessed using @code{gnutls_packet_get()} and +The received packet is accessed using @code{gnutls_packet_get()} and must be deinitialized using @code{gnutls_packet_deinit()} . The returned packet will be @code{NULL} if the return value is zero (EOF). @strong{Returns:} The number of bytes received and zero on EOF (for stream -connections). A negative error code is returned in case of an error. +connections). A negative error code is returned in case of an error. @strong{Since:} 3.3.5 @end deftypefun diff --git a/doc/functions/gnutls_record_recv_seq b/doc/functions/gnutls_record_recv_seq index 8d11a02..f9b171a 100644 --- a/doc/functions/gnutls_record_recv_seq +++ b/doc/functions/gnutls_record_recv_seq @@ -16,7 +16,7 @@ it returns in addition to data, the sequence number of the data. This is useful in DTLS where record packets might be received out-of-order. The returned 8-byte sequence number is an integer in big-endian format and should be -treated as a unique message identification. +treated as a unique message identification. @strong{Returns:} The number of bytes received and zero on EOF. A negative error code is returned in case of an error. The number of bytes diff --git a/doc/functions/gnutls_record_send b/doc/functions/gnutls_record_send index 005f7a9..5ceca35 100644 --- a/doc/functions/gnutls_record_send +++ b/doc/functions/gnutls_record_send @@ -13,22 +13,26 @@ This function has the similar semantics with @code{send()} . The only difference is that it accepts a GnuTLS session, and uses different error codes. Note that if the send buffer is full, @code{send()} will block this -function. See the @code{send()} documentation for more information. +function. See the @code{send()} documentation for more information. You can replace the default push function which is @code{send()} , by using @code{gnutls_transport_set_push_function()} . -If the EINTR is returned by the internal push function +If the EINTR is returned by the internal push function then @code{GNUTLS_E_INTERRUPTED} will be returned. If @code{GNUTLS_E_INTERRUPTED} or @code{GNUTLS_E_AGAIN} is returned, you must -call this function again, with the exact same parameters; alternatively -you could provide a @code{NULL} pointer for data, and 0 for -size. cf. @code{gnutls_record_get_direction()} . +call this function again with the exact same parameters, or provide a +@code{NULL} pointer for @code{data} and 0 for @code{data_size} , in order to write the +same data as before. If you wish to discard the previous data instead +of retrying, you must call @code{gnutls_record_discard_queued()} before +calling this function with different parameters. Note that the latter +works only on special transports (e.g., UDP). +cf. @code{gnutls_record_get_direction()} . Note that in DTLS this function will return the @code{GNUTLS_E_LARGE_PACKET} error code if the send data exceed the data MTU value - as returned by @code{gnutls_dtls_get_data_mtu()} . The errno value EMSGSIZE -also maps to @code{GNUTLS_E_LARGE_PACKET} . +also maps to @code{GNUTLS_E_LARGE_PACKET} . Note that since 3.2.13 this function can be called under cork in DTLS mode, and will refuse to send data over the MTU size by returning @code{GNUTLS_E_LARGE_PACKET} . diff --git a/doc/functions/gnutls_record_uncork b/doc/functions/gnutls_record_uncork index 95caaa9..ce42358 100644 --- a/doc/functions/gnutls_record_uncork +++ b/doc/functions/gnutls_record_uncork @@ -18,8 +18,8 @@ is interrupted then the @code{GNUTLS_E_AGAIN} or @code{GNUTLS_E_INTERRUPTED} errors will be returned. To obtain the data left in the corked buffer use @code{gnutls_record_check_corked()} . -@strong{Returns:} On success the number of transmitted data is returned, or -otherwise a negative error code. +@strong{Returns:} On success the number of transmitted data is returned, or +otherwise a negative error code. @strong{Since:} 3.1.9 @end deftypefun diff --git a/doc/functions/gnutls_rehandshake b/doc/functions/gnutls_rehandshake index 70df3d9..7498d6e 100644 --- a/doc/functions/gnutls_rehandshake +++ b/doc/functions/gnutls_rehandshake @@ -7,7 +7,7 @@ This function can only be called in server side, and instructs a TLS 1.2 or earlier client to renegotiate -parameters (perform a handshake), by sending a +parameters (perform a handshake), by sending a hello request message. If this function succeeds, the calling application @@ -23,7 +23,7 @@ calling application should proceed to calling @code{gnutls_handshake()} to negotiate the new parameters. -If the client does not wish to renegotiate parameters he +If the client does not wish to renegotiate parameters he may reply with an alert message, and in that case the return code seen by subsequent @code{gnutls_record_recv()} will be @code{GNUTLS_E_WARNING_ALERT_RECEIVED} with the specific alert being diff --git a/doc/functions/gnutls_session_ext_register b/doc/functions/gnutls_session_ext_register index 74a83b5..8c8c746 100644 --- a/doc/functions/gnutls_session_ext_register +++ b/doc/functions/gnutls_session_ext_register @@ -2,14 +2,14 @@ -@deftypefun {int} {gnutls_session_ext_register} (gnutls_session_t @var{session}, const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_type}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}, unsigned @var{flags}) +@deftypefun {int} {gnutls_session_ext_register} (gnutls_session_t @var{session}, const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_point}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}, unsigned @var{flags}) @var{session}: the session for which this extension will be set @var{name}: the name of the extension to register @var{id}: the numeric id of the extension -@var{parse_type}: the parse type of the extension (see gnutls_ext_parse_type_t) +@var{parse_point}: the parse type of the extension (see gnutls_ext_parse_type_t) @var{recv_func}: a function to receive the data diff --git a/doc/functions/gnutls_session_ext_register.short b/doc/functions/gnutls_session_ext_register.short index 9c885a9..db5659a 100644 --- a/doc/functions/gnutls_session_ext_register.short +++ b/doc/functions/gnutls_session_ext_register.short @@ -1 +1 @@ -@item @var{int} @ref{gnutls_session_ext_register} (gnutls_session_t @var{session}, const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_type}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}, unsigned @var{flags}) +@item @var{int} @ref{gnutls_session_ext_register} (gnutls_session_t @var{session}, const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_point}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}, unsigned @var{flags}) diff --git a/doc/functions/gnutls_session_get_data2 b/doc/functions/gnutls_session_get_data2 index 1c3ef39..f66eb07 100644 --- a/doc/functions/gnutls_session_get_data2 +++ b/doc/functions/gnutls_session_get_data2 @@ -33,6 +33,12 @@ messages. Each call of @code{gnutls_session_get_data2()} after a ticket is received, will return session resumption data corresponding to the last received ticket. +Note that this function under TLS1.3 requires a callback to be set with +@code{gnutls_transport_set_pull_timeout_function()} for successful operation. There +was a bug before 3.6.10 which could make this function fail if that callback +was not set. On later versions if not set, the function will return a successful +error code, but will return dummy data that cannot lead to a resumption. + @strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise an error code is returned. @end deftypefun diff --git a/doc/functions/gnutls_session_get_keylog_function b/doc/functions/gnutls_session_get_keylog_function new file mode 100644 index 0000000..edbea54 --- /dev/null +++ b/doc/functions/gnutls_session_get_keylog_function @@ -0,0 +1,14 @@ + + + + +@deftypefun {gnutls_keylog_func} {gnutls_session_get_keylog_function} (const gnutls_session_t @var{session}) +@var{session}: is @code{gnutls_session_t} type + +This function will return the callback function set using +@code{gnutls_session_set_keylog_function()} . + +@strong{Returns:} The function set or @code{NULL} otherwise. + +@strong{Since:} 3.6.13 +@end deftypefun diff --git a/doc/functions/gnutls_session_get_keylog_function.short b/doc/functions/gnutls_session_get_keylog_function.short new file mode 100644 index 0000000..d53d8d6 --- /dev/null +++ b/doc/functions/gnutls_session_get_keylog_function.short @@ -0,0 +1 @@ +@item @var{gnutls_keylog_func} @ref{gnutls_session_get_keylog_function} (const gnutls_session_t @var{session}) diff --git a/doc/functions/gnutls_session_set_keylog_function b/doc/functions/gnutls_session_set_keylog_function new file mode 100644 index 0000000..7709b65 --- /dev/null +++ b/doc/functions/gnutls_session_set_keylog_function @@ -0,0 +1,14 @@ + + + + +@deftypefun {void} {gnutls_session_set_keylog_function} (gnutls_session_t @var{session}, gnutls_keylog_func @var{func}) +@var{session}: is @code{gnutls_session_t} type + +@var{func}: is the function to be called + +This function will set a callback to be called when a new secret is +derived and installed during handshake. + +@strong{Since:} 3.6.13 +@end deftypefun diff --git a/doc/functions/gnutls_session_set_keylog_function.short b/doc/functions/gnutls_session_set_keylog_function.short new file mode 100644 index 0000000..9cfe839 --- /dev/null +++ b/doc/functions/gnutls_session_set_keylog_function.short @@ -0,0 +1 @@ +@item @var{void} @ref{gnutls_session_set_keylog_function} (gnutls_session_t @var{session}, gnutls_keylog_func @var{func}) diff --git a/doc/functions/gnutls_transport_set_pull_timeout_function b/doc/functions/gnutls_transport_set_pull_timeout_function index 1c4ac45..252c90c 100644 --- a/doc/functions/gnutls_transport_set_pull_timeout_function +++ b/doc/functions/gnutls_transport_set_pull_timeout_function @@ -23,15 +23,13 @@ for data. int (*gnutls_pull_timeout_func)(gnutls_transport_ptr_t, unsigned int ms); This callback is necessary when @code{gnutls_handshake_set_timeout()} or -@code{gnutls_record_set_timeout()} are set, and for calculating the DTLS mode -timeouts. - -In short, this callback should be set when a custom pull function is -registered. The callback will not be used when the session is in TLS mode with -non-blocking sockets. That is, when @code{GNUTLS_NONBLOCK} is specified for a TLS -session in @code{gnutls_init()} . For compatibility with future GnuTLS versions -it is recommended to always set this function when a custom pull function -is registered. +@code{gnutls_record_set_timeout()} are set, under TLS1.3 and for enforcing the DTLS +mode timeouts when in blocking mode. + +For compatibility with future GnuTLS versions this callback must be set when +a custom pull function is registered. The callback will not be used when the +session is in TLS mode with non-blocking sockets. That is, when @code{GNUTLS_NONBLOCK} +is specified for a TLS session in @code{gnutls_init()} . The helper function @code{gnutls_system_recv_timeout()} is provided to simplify writing callbacks. diff --git a/doc/functions/gnutls_x509_crq_get_pk_oid b/doc/functions/gnutls_x509_crq_get_pk_oid index a4d259f..e06499a 100644 --- a/doc/functions/gnutls_x509_crq_get_pk_oid +++ b/doc/functions/gnutls_x509_crq_get_pk_oid @@ -10,7 +10,7 @@ @var{oid_size}: initially holds the size of @code{oid} This function will return the OID of the public key algorithm -on that certificate request. This is function +on that certificate request. This function is useful in the case @code{gnutls_x509_crq_get_pk_algorithm()} returned @code{GNUTLS_PK_UNKNOWN} . diff --git a/doc/functions/gnutls_x509_crq_get_signature_oid b/doc/functions/gnutls_x509_crq_get_signature_oid index 78de790..e4d0028 100644 --- a/doc/functions/gnutls_x509_crq_get_signature_oid +++ b/doc/functions/gnutls_x509_crq_get_signature_oid @@ -10,7 +10,7 @@ @var{oid_size}: initially holds the size of @code{oid} This function will return the OID of the signature algorithm -that has been used to sign this certificate request. This is function +that has been used to sign this certificate request. This function is useful in the case @code{gnutls_x509_crq_get_signature_algorithm()} returned @code{GNUTLS_SIGN_UNKNOWN} . diff --git a/doc/functions/gnutls_x509_crt_get_authority_info_access b/doc/functions/gnutls_x509_crt_get_authority_info_access index 9fe6d90..172ea1d 100644 --- a/doc/functions/gnutls_x509_crt_get_authority_info_access +++ b/doc/functions/gnutls_x509_crt_get_authority_info_access @@ -37,7 +37,7 @@ hold the accessLocation GeneralName type (e.g., If @code{what} is @code{GNUTLS_IA_URI} , @code{data} will hold the accessLocation URI data. Requesting this @code{what} value leads to an error if the -accessLocation is not of the "uniformResourceIdentifier" type. +accessLocation is not of the "uniformResourceIdentifier" type. If @code{what} is @code{GNUTLS_IA_OCSP_URI} , @code{data} will hold the OCSP URI. Requesting this @code{what} value leads to an error if the accessMethod diff --git a/doc/functions/gnutls_x509_crt_get_authority_key_gn_serial b/doc/functions/gnutls_x509_crt_get_authority_key_gn_serial index d4becfd..2d74a3b 100644 --- a/doc/functions/gnutls_x509_crt_get_authority_key_gn_serial +++ b/doc/functions/gnutls_x509_crt_get_authority_key_gn_serial @@ -20,11 +20,11 @@ @var{critical}: will be non-zero if the extension is marked as critical (may be null) This function will return the X.509 authority key -identifier when stored as a general name (authorityCertIssuer) +identifier when stored as a general name (authorityCertIssuer) and serial number. Because more than one general names might be stored - @code{seq} can be used as a counter to request them all until + @code{seq} can be used as a counter to request them all until @code{GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} is returned. @strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, @code{GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} diff --git a/doc/functions/gnutls_x509_crt_get_dn b/doc/functions/gnutls_x509_crt_get_dn index 64a7318..40f93ce 100644 --- a/doc/functions/gnutls_x509_crt_get_dn +++ b/doc/functions/gnutls_x509_crt_get_dn @@ -14,7 +14,7 @@ buffer. The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in RFC4514. The output string will be ASCII or UTF-8 encoded, depending on the certificate data. -If @code{buf} is null then only the size will be filled. +If @code{buf} is null then only the size will be filled. This function does not output a fully RFC4514 compliant string, if that is required see @code{gnutls_x509_crt_get_dn3()} . diff --git a/doc/functions/gnutls_x509_crt_get_dn_by_oid b/doc/functions/gnutls_x509_crt_get_dn_by_oid index a56e63f..2a6f9a3 100644 --- a/doc/functions/gnutls_x509_crt_get_dn_by_oid +++ b/doc/functions/gnutls_x509_crt_get_dn_by_oid @@ -31,6 +31,6 @@ If @code{buf} is null then only the size will be filled. If the @code{raw_flag @strong{Returns:} @code{GNUTLS_E_SHORT_MEMORY_BUFFER} if the provided buffer is not long enough, and in that case the @code{buf_size} will be updated with -the required size. @code{GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} if there +the required size. @code{GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} if there are no data in the current index. On success 0 is returned. @end deftypefun diff --git a/doc/functions/gnutls_x509_crt_get_dn_oid b/doc/functions/gnutls_x509_crt_get_dn_oid index f0d0161..4f21e88 100644 --- a/doc/functions/gnutls_x509_crt_get_dn_oid +++ b/doc/functions/gnutls_x509_crt_get_dn_oid @@ -19,6 +19,6 @@ account for the trailing null. @strong{Returns:} @code{GNUTLS_E_SHORT_MEMORY_BUFFER} if the provided buffer is not long enough, and in that case the @code{buf_size} will be updated with -the required size. @code{GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} if there +the required size. @code{GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} if there are no data in the current index. On success 0 is returned. @end deftypefun diff --git a/doc/functions/gnutls_x509_crt_get_extension_info b/doc/functions/gnutls_x509_crt_get_extension_info index 1457889..7cd82bc 100644 --- a/doc/functions/gnutls_x509_crt_get_extension_info +++ b/doc/functions/gnutls_x509_crt_get_extension_info @@ -21,7 +21,7 @@ be stored as a string in the provided buffer. Use If the buffer provided is not long enough to hold the output, then @code{oid_size} is updated and @code{GNUTLS_E_SHORT_MEMORY_BUFFER} will be -returned. The @code{oid} returned will be null terminated, although +returned. The @code{oid} returned will be null terminated, although @code{oid_size} will not account for the trailing null (the latter is not true for GnuTLS prior to 3.6.0). diff --git a/doc/functions/gnutls_x509_crt_get_issuer b/doc/functions/gnutls_x509_crt_get_issuer index 34a44a8..364a3a5 100644 --- a/doc/functions/gnutls_x509_crt_get_issuer +++ b/doc/functions/gnutls_x509_crt_get_issuer @@ -8,9 +8,9 @@ @var{dn}: output variable with pointer to uint8_t DN Return the Certificate's Issuer DN as a @code{gnutls_x509_dn_t} data type, -that can be decoded using @code{gnutls_x509_dn_get_rdn_ava()} . +that can be decoded using @code{gnutls_x509_dn_get_rdn_ava()} . -Note that @code{dn} should be treated as constant. Because it points +Note that @code{dn} should be treated as constant. Because it points into the @code{cert} object, you should not use @code{dn} after @code{cert} is deallocated. diff --git a/doc/functions/gnutls_x509_crt_get_issuer_dn b/doc/functions/gnutls_x509_crt_get_issuer_dn index 3068012..a196b5f 100644 --- a/doc/functions/gnutls_x509_crt_get_issuer_dn +++ b/doc/functions/gnutls_x509_crt_get_issuer_dn @@ -14,7 +14,7 @@ provided buffer. The name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in RFC4514. The output string will be ASCII or UTF-8 encoded, depending on the certificate data. -If @code{buf} is null then only the size will be filled. +If @code{buf} is null then only the size will be filled. This function does not output a fully RFC4514 compliant string, if that is required see @code{gnutls_x509_crt_get_issuer_dn3()} . diff --git a/doc/functions/gnutls_x509_crt_get_issuer_dn_by_oid b/doc/functions/gnutls_x509_crt_get_issuer_dn_by_oid index ea74ab7..13a9626 100644 --- a/doc/functions/gnutls_x509_crt_get_issuer_dn_by_oid +++ b/doc/functions/gnutls_x509_crt_get_issuer_dn_by_oid @@ -31,6 +31,6 @@ If @code{buf} is null then only the size will be filled. If the @code{raw_flag @strong{Returns:} @code{GNUTLS_E_SHORT_MEMORY_BUFFER} if the provided buffer is not long enough, and in that case the @code{buf_size} will be updated with -the required size. @code{GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} if there +the required size. @code{GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} if there are no data in the current index. On success 0 is returned. @end deftypefun diff --git a/doc/functions/gnutls_x509_crt_get_issuer_dn_oid b/doc/functions/gnutls_x509_crt_get_issuer_dn_oid index f8173ff..361d48e 100644 --- a/doc/functions/gnutls_x509_crt_get_issuer_dn_oid +++ b/doc/functions/gnutls_x509_crt_get_issuer_dn_oid @@ -19,6 +19,6 @@ account for the trailing null. @strong{Returns:} @code{GNUTLS_E_SHORT_MEMORY_BUFFER} if the provided buffer is not long enough, and in that case the @code{buf_size} will be updated with -the required size. @code{GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} if there +the required size. @code{GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE} if there are no data in the current index. On success 0 is returned. @end deftypefun diff --git a/doc/functions/gnutls_x509_crt_get_policy b/doc/functions/gnutls_x509_crt_get_policy index 0902c3c..f894519 100644 --- a/doc/functions/gnutls_x509_crt_get_policy +++ b/doc/functions/gnutls_x509_crt_get_policy @@ -11,8 +11,8 @@ @var{critical}: will be non-zero if the extension is marked as critical -This function will extract the certificate policy (extension 2.5.29.32) -specified by the given index. +This function will extract the certificate policy (extension 2.5.29.32) +specified by the given index. The policy returned by this function must be deinitialized by using @code{gnutls_x509_policy_release()} . diff --git a/doc/functions/gnutls_x509_crt_get_subject b/doc/functions/gnutls_x509_crt_get_subject index 194634b..f014067 100644 --- a/doc/functions/gnutls_x509_crt_get_subject +++ b/doc/functions/gnutls_x509_crt_get_subject @@ -8,9 +8,9 @@ @var{dn}: output variable with pointer to uint8_t DN. Return the Certificate's Subject DN as a @code{gnutls_x509_dn_t} data type, -that can be decoded using @code{gnutls_x509_dn_get_rdn_ava()} . +that can be decoded using @code{gnutls_x509_dn_get_rdn_ava()} . -Note that @code{dn} should be treated as constant. Because it points +Note that @code{dn} should be treated as constant. Because it points into the @code{cert} object, you should not use @code{dn} after @code{cert} is deallocated. diff --git a/doc/functions/gnutls_x509_crt_list_import2 b/doc/functions/gnutls_x509_crt_list_import2 index 0cfba07..13a21a0 100644 --- a/doc/functions/gnutls_x509_crt_list_import2 +++ b/doc/functions/gnutls_x509_crt_list_import2 @@ -23,7 +23,7 @@ CERTIFICATE", or "CERTIFICATE". To deinitialize @code{certs} , you need to deinitialize each crt structure independently, and use @code{gnutls_free()} at @code{certs} . -@strong{Returns:} the number of certificates read or a negative error value. +@strong{Returns:} @code{GNUTLS_E_SUCCESS} on success, otherwise a negative error code. @strong{Since:} 3.0 @end deftypefun diff --git a/doc/functions/gnutls_x509_crt_set_pin_function b/doc/functions/gnutls_x509_crt_set_pin_function index f8eb034..e5b2de0 100644 --- a/doc/functions/gnutls_x509_crt_set_pin_function +++ b/doc/functions/gnutls_x509_crt_set_pin_function @@ -10,7 +10,7 @@ @var{userdata}: data associated with the callback This function will set a callback function to be used when -it is required to access a protected object. This function overrides +it is required to access a protected object. This function overrides the global function set using @code{gnutls_pkcs11_set_pin_function()} . Note that this callback is currently used only during the import diff --git a/doc/functions/gnutls_x509_crt_verify_data2 b/doc/functions/gnutls_x509_crt_verify_data2 index d72e425..9877ea9 100644 --- a/doc/functions/gnutls_x509_crt_verify_data2 +++ b/doc/functions/gnutls_x509_crt_verify_data2 @@ -16,7 +16,7 @@ This function will verify the given signed data, using the parameters from the certificate. -@strong{Returns:} In case of a verification failure @code{GNUTLS_E_PK_SIG_VERIFY_FAILED} +@strong{Returns:} In case of a verification failure @code{GNUTLS_E_PK_SIG_VERIFY_FAILED} is returned, @code{GNUTLS_E_EXPIRED} or @code{GNUTLS_E_NOT_YET_ACTIVATED} on expired or not yet activated certificate and zero or positive code on success. diff --git a/doc/functions/gnutls_x509_ext_print b/doc/functions/gnutls_x509_ext_print index be03f68..7fb83e2 100644 --- a/doc/functions/gnutls_x509_ext_print +++ b/doc/functions/gnutls_x509_ext_print @@ -11,7 +11,7 @@ @var{out}: Newly allocated datum with null terminated string. -This function will pretty print X.509 certificate extensions, +This function will pretty print X.509 certificate extensions, suitable for display to a human. The output @code{out} needs to be deallocated using @code{gnutls_free()} . diff --git a/doc/gnutls-api.texi b/doc/gnutls-api.texi index f1ab40d..d44743f 100644 --- a/doc/gnutls-api.texi +++ b/doc/gnutls-api.texi @@ -455,8 +455,8 @@ connection you should wait for an EOF from the peer. Note that not all implementations will properly terminate a TLS connection. Some of them, usually for performance reasons, will terminate only the underlying transport layer, and thus not -distinguishing between a malicious party prematurely terminating -the connection and normal termination. +distinguishing between a malicious party prematurely terminating +the connection and normal termination. This function may also return @code{GNUTLS_E_AGAIN} or @code{GNUTLS_E_INTERRUPTED} ; cf. @code{gnutls_record_get_direction()} . @@ -931,8 +931,8 @@ in the chain, the code @code{GNUTLS_E_OCSP_MISMATCH_WITH_CERTS} is returned. If the response is already expired at the time of loading the code @code{GNUTLS_E_EXPIRED} is returned. -@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, -otherwise a negative error code is returned. +@strong{Returns:} On success, the number of loaded responses is returned, +otherwise a negative error code. @strong{Since:} 3.1.3 @end deftypefun @@ -2247,7 +2247,7 @@ sessions. @var{seconds}: is the number of seconds. Set the expiration time for resumed sessions. The default is 21600 -(size hours) at the time of writing. +(6 hours) at the time of writing. The maximum value that can be set using this function is 604800 (7 days). @@ -2887,6 +2887,21 @@ Convert a TLS extension numeric ID to a printable string. specified cipher, or @code{NULL} . @end deftypefun +@subheading gnutls_ext_get_name2 +@anchor{gnutls_ext_get_name2} +@deftypefun {const char *} {gnutls_ext_get_name2} (gnutls_session_t @var{session}, unsigned int @var{tls_id}, gnutls_ext_parse_type_t @var{parse_point}) +@var{session}: a @code{gnutls_session_t} opaque pointer + +@var{tls_id}: is a TLS extension numeric ID + +@var{parse_point}: the parse type of the extension + +Convert a TLS extension numeric ID to a printable string. + +@strong{Returns:} a pointer to a string that contains the name of the +specified cipher, or @code{NULL} . +@end deftypefun + @subheading gnutls_ext_raw_parse @anchor{gnutls_ext_raw_parse} @deftypefun {int} {gnutls_ext_raw_parse} (void * @var{ctx}, gnutls_ext_raw_process_func @var{cb}, const gnutls_datum_t * @var{data}, unsigned int @var{flags}) @@ -2917,12 +2932,12 @@ flags it returns @code{GNUTLS_E_INVALID_REQUEST} . @subheading gnutls_ext_register @anchor{gnutls_ext_register} -@deftypefun {int} {gnutls_ext_register} (const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_type}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}) +@deftypefun {int} {gnutls_ext_register} (const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_point}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}) @var{name}: the name of the extension to register @var{id}: the numeric TLS id of the extension -@var{parse_type}: the parse type of the extension (see gnutls_ext_parse_type_t) +@var{parse_point}: the parse type of the extension (see gnutls_ext_parse_type_t) @var{recv_func}: a function to receive the data @@ -3035,6 +3050,19 @@ switches to @code{GNUTLS_FIPS140_STRICT} mode. @strong{Since:} 3.6.2 @end deftypefun +@subheading gnutls_get_system_config_file +@anchor{gnutls_get_system_config_file} +@deftypefun {const char *} {gnutls_get_system_config_file} ( @var{void}) + +Returns the filename of the system wide configuration +file loaded by the library. The returned pointer is valid +until the library is unloaded. + +@strong{Returns:} a constant pointer to the config file loaded, or @code{NULL} if none + +@strong{Since:} 3.6.9 +@end deftypefun + @subheading gnutls_global_deinit @anchor{gnutls_global_deinit} @deftypefun {void} {gnutls_global_deinit} ( @var{void}) @@ -3066,7 +3094,7 @@ This function increments a global counter, so that called as many times as @code{gnutls_global_init()} . This is useful when GnuTLS is used by more than one library in an application. This function can be called many times, but will only do something the -first time. +first time. It is thread safe since GnuTLS 3.3.0. A subsequent call of this function if the initial has failed will return the same error code. @@ -3247,7 +3275,7 @@ This function performs the handshake of the TLS/SSL protocol, and initializes the TLS session parameters. The non-fatal errors expected by this function are: -@code{GNUTLS_E_INTERRUPTED} , @code{GNUTLS_E_AGAIN} , +@code{GNUTLS_E_INTERRUPTED} , @code{GNUTLS_E_AGAIN} , @code{GNUTLS_E_WARNING_ALERT_RECEIVED} . When this function is called for re-handshake under TLS 1.2 or earlier, the non-fatal error code @code{GNUTLS_E_GOT_APPLICATION_DATA} may also be returned. @@ -3804,6 +3832,10 @@ This function will load a file into a datum. The data are zero terminated but the terminating null is not included in length. The returned data are allocated using @code{gnutls_malloc()} . +Note that this function is not designed for reading sensitive materials, +such as private keys, on practical applications. When the reading fails +in the middle, the partially loaded content might remain on memory. + @strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise an error code is returned. @@ -3972,14 +4004,15 @@ otherwise a negative error code is returned. @subheading gnutls_ocsp_status_request_is_checked @anchor{gnutls_ocsp_status_request_is_checked} -@deftypefun {int} {gnutls_ocsp_status_request_is_checked} (gnutls_session_t @var{session}, unsigned int @var{flags}) +@deftypefun {unsigned} {gnutls_ocsp_status_request_is_checked} (gnutls_session_t @var{session}, unsigned int @var{flags}) @var{session}: is a gnutls session @var{flags}: should be zero or @code{GNUTLS_OCSP_SR_IS_AVAIL} When flags are zero this function returns non-zero if a valid OCSP status response was included in the TLS handshake. That is, an OCSP status response -which is not too old or superseded. It returns zero otherwise. +which is not too old, superseded or marks the certificate as revoked. +It returns zero otherwise. When the flag @code{GNUTLS_OCSP_SR_IS_AVAIL} is specified, the function returns non-zero if an OCSP status response was included in the handshake @@ -3990,7 +4023,11 @@ This is a helper function when needing to decide whether to perform an explicit OCSP validity check on the peer's certificate. Should be called after any of gnutls_certificate_verify_peers*() are called. -@strong{Returns:} non zero if the response was valid, or a zero if it wasn't sent, +This function is always usable on client side, but on server side only +under TLS 1.3, which is the first version of TLS that allows cliend-side OCSP +responses. + +@strong{Returns:} Non-zero if the response was valid, or a zero if it wasn't sent, or sent and was invalid. @strong{Since:} 3.1.4 @@ -4395,7 +4432,23 @@ must be non-null. @strong{Returns:} @code{GNUTLS_E_SUCCESS} on success, or an error code. -@strong{Since:} 3.6.6 +@strong{Since:} 3.6.8 +@end deftypefun + +@subheading gnutls_prf_hash_get +@anchor{gnutls_prf_hash_get} +@deftypefun {gnutls_digest_algorithm_t} {gnutls_prf_hash_get} (const gnutls_session_t @var{session}) +@var{session}: is a @code{gnutls_session_t} type. + +Get the currently used hash algorithm. In TLS 1.3, the hash +algorithm is used for both the key derivation function and +handshake message authentication code. In TLS 1.2, it matches the +hash algorithm used for PRF. + +@strong{Returns:} the currently used hash algorithm, a +@code{gnutls_digest_algorithm_t} value. + +@strong{Since:} 3.6.13 @end deftypefun @subheading gnutls_prf_raw @@ -4683,7 +4736,7 @@ of 192. "@@KEYWORD1,KEYWORD2,..." The system administrator imposed settings. The provided keyword(s) will be expanded from a configuration-time -provided file - default is: /etc/gnutls/default-priorities. +provided file - default is: /etc/gnutls/config. Any attributes that follow it, will be appended to the expanded string. If multiple keywords are provided, separated by commas, then the first keyword that exists in the configuration file @@ -4951,7 +5004,33 @@ Free a gnutls_psk_server_credentials_t structure. This should only be called in case of PSK authentication and in case of a server. -@strong{Returns:} the username of the peer, or @code{NULL} in case of an error. +The returned pointer should be considered constant (do not free) and valid +for the lifetime of the session. + +This function will return @code{NULL} if the username has embedded NULL bytes. +In that case, @code{gnutls_psk_server_get_username2()} should be used to retrieve the username. + +@strong{Returns:} the username of the peer, or @code{NULL} in case of an error, +or if the username has embedded NULLs. +@end deftypefun + +@subheading gnutls_psk_server_get_username2 +@anchor{gnutls_psk_server_get_username2} +@deftypefun {int} {gnutls_psk_server_get_username2} (gnutls_session_t @var{session}, gnutls_datum_t * @var{username}) +@var{session}: is a gnutls session + +@var{username}: a datum that will be filled in by this function + +Return a pointer to the username of the peer in the supplied datum. Does not +need to be null-terminated. + +This should only be called in case of PSK authentication and in +case of a server. + +The returned pointer should be considered constant (do not free) and valid +for the lifetime of the session. + +@strong{Returns:} @code{GNUTLS_E_SUCCESS} , or a negative value in case of an error. @end deftypefun @subheading gnutls_psk_set_client_credentials @@ -4977,6 +5056,25 @@ in raw byte format or in Hex format (without the 0x prefix). an error code is returned. @end deftypefun +@subheading gnutls_psk_set_client_credentials2 +@anchor{gnutls_psk_set_client_credentials2} +@deftypefun {int} {gnutls_psk_set_client_credentials2} (gnutls_psk_client_credentials_t @var{res}, const gnutls_datum_t * @var{username}, const gnutls_datum_t * @var{key}, gnutls_psk_key_flags @var{flags}) +@var{res}: is a @code{gnutls_psk_client_credentials_t} type. + +@var{username}: is the userid + +@var{key}: is the user's key + +@var{flags}: indicate the format of the key, either +@code{GNUTLS_PSK_KEY_RAW} or @code{GNUTLS_PSK_KEY_HEX} . + +This function is identical to @code{gnutls_psk_set_client_credentials()} , +except that it allows a non-null-terminated username to be introduced. + +@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise +an error code is returned. +@end deftypefun + @subheading gnutls_psk_set_client_credentials_function @anchor{gnutls_psk_set_client_credentials_function} @deftypefun {void} {gnutls_psk_set_client_credentials_function} (gnutls_psk_client_credentials_t @var{cred}, gnutls_psk_client_credentials_function * @var{func}) @@ -5001,6 +5099,33 @@ The callback function should return 0 on success. -1 indicates an error. @end deftypefun +@subheading gnutls_psk_set_client_credentials_function2 +@anchor{gnutls_psk_set_client_credentials_function2} +@deftypefun {void} {gnutls_psk_set_client_credentials_function2} (gnutls_psk_client_credentials_t @var{cred}, gnutls_psk_client_credentials_function2 * @var{func}) +@var{cred}: is a @code{gnutls_psk_server_credentials_t} type. + +@var{func}: is the callback function + +This function can be used to set a callback to retrieve the username and +password for client PSK authentication. +The callback's function form is: +int (*callback)(gnutls_session_t, gnutls_datum_t* username, +gnutls_datum_t* key); + +This callback function has the same semantics as that of @code{gnutls_psk_set_client_credentials_function()} , +but it allows non-string usernames to be used. + +The @code{username} and @code{key} ->data must be allocated using @code{gnutls_malloc()} . +The @code{username} should be an ASCII string or UTF-8 +string. In case of a UTF-8 string it is recommended to be following +the PRECIS framework for usernames (rfc8265). + +The callback function will be called once per handshake. + +The callback function should return 0 on success. +-1 indicates an error. +@end deftypefun + @subheading gnutls_psk_set_params_function @anchor{gnutls_psk_set_params_function} @deftypefun {void} {gnutls_psk_set_params_function} (gnutls_psk_server_credentials_t @var{res}, gnutls_params_function * @var{func}) @@ -5055,6 +5180,32 @@ callback function should return 0 on success, while -1 indicates an error. @end deftypefun +@subheading gnutls_psk_set_server_credentials_function2 +@anchor{gnutls_psk_set_server_credentials_function2} +@deftypefun {void} {gnutls_psk_set_server_credentials_function2} (gnutls_psk_server_credentials_t @var{cred}, gnutls_psk_server_credentials_function2 @var{func}) +@var{cred}: is a @code{gnutls_psk_server_credentials_t} type. + +@var{func}: is the callback function + +This function can be used to set a callback to retrieve the user's PSK credentials. +The callback's function form is: +int (*callback)(gnutls_session_t, const gnutls_datum_t* username, +gnutls_datum_t* key); + +This callback function has the same semantics as that of @code{gnutls_psk_set_server_credentials_function()} , +but it allows non-string usernames to be used. + + @code{username} contains the actual username. +The @code{key} must be filled in using the @code{gnutls_malloc()} . + +In case the callback returned a negative number then gnutls will +assume that the username does not exist. + +The callback function will only be called once per handshake. The +callback function should return 0 on success, while -1 indicates +an error. +@end deftypefun + @subheading gnutls_psk_set_server_credentials_hint @anchor{gnutls_psk_set_server_credentials_hint} @deftypefun {int} {gnutls_psk_set_server_credentials_hint} (gnutls_psk_server_credentials_t @var{res}, const char * @var{hint}) @@ -5236,7 +5387,7 @@ padding, false (0) if the current session does not. @var{session}: is a @code{gnutls_session_t} type. This function checks if there pending corked -data in the gnutls buffers --see @code{gnutls_record_cork()} . +data in the gnutls buffers --see @code{gnutls_record_cork()} . @strong{Returns:} Returns the size of the corked data or zero. @@ -5288,9 +5439,13 @@ by default unless requested using @code{gnutls_record_send_range()} . @deftypefun {size_t} {gnutls_record_discard_queued} (gnutls_session_t @var{session}) @var{session}: is a @code{gnutls_session_t} type. -This function discards all queued to be sent packets in a TLS or DTLS session. +This function discards all queued to be sent packets in a DTLS session. These are the packets queued after an interrupted @code{gnutls_record_send()} . +This function can only be used with transports where @code{send()} is +an all-or-nothing operation (e.g., UDP). When partial writes are allowed +this function will cause session errors. + @strong{Returns:} The number of bytes discarded. @strong{Since:} 3.4.0 @@ -5409,7 +5564,7 @@ call this function again to get the data. See also @code{gnutls_record_get_direction()} . @strong{Returns:} The number of bytes received and zero on EOF (for stream -connections). A negative error code is returned in case of an error. +connections). A negative error code is returned in case of an error. The number of bytes received might be less than the requested @code{data_size} . @end deftypefun @@ -5452,12 +5607,12 @@ to directly receive the whole decrypted packet. That avoids a memory copy, and is intended to be used by applications seeking high performance. -The received packet is accessed using @code{gnutls_packet_get()} and +The received packet is accessed using @code{gnutls_packet_get()} and must be deinitialized using @code{gnutls_packet_deinit()} . The returned packet will be @code{NULL} if the return value is zero (EOF). @strong{Returns:} The number of bytes received and zero on EOF (for stream -connections). A negative error code is returned in case of an error. +connections). A negative error code is returned in case of an error. @strong{Since:} 3.3.5 @end deftypefun @@ -5478,7 +5633,7 @@ it returns in addition to data, the sequence number of the data. This is useful in DTLS where record packets might be received out-of-order. The returned 8-byte sequence number is an integer in big-endian format and should be -treated as a unique message identification. +treated as a unique message identification. @strong{Returns:} The number of bytes received and zero on EOF. A negative error code is returned in case of an error. The number of bytes @@ -5500,22 +5655,26 @@ This function has the similar semantics with @code{send()} . The only difference is that it accepts a GnuTLS session, and uses different error codes. Note that if the send buffer is full, @code{send()} will block this -function. See the @code{send()} documentation for more information. +function. See the @code{send()} documentation for more information. You can replace the default push function which is @code{send()} , by using @code{gnutls_transport_set_push_function()} . -If the EINTR is returned by the internal push function +If the EINTR is returned by the internal push function then @code{GNUTLS_E_INTERRUPTED} will be returned. If @code{GNUTLS_E_INTERRUPTED} or @code{GNUTLS_E_AGAIN} is returned, you must -call this function again, with the exact same parameters; alternatively -you could provide a @code{NULL} pointer for data, and 0 for -size. cf. @code{gnutls_record_get_direction()} . +call this function again with the exact same parameters, or provide a +@code{NULL} pointer for @code{data} and 0 for @code{data_size} , in order to write the +same data as before. If you wish to discard the previous data instead +of retrying, you must call @code{gnutls_record_discard_queued()} before +calling this function with different parameters. Note that the latter +works only on special transports (e.g., UDP). +cf. @code{gnutls_record_get_direction()} . Note that in DTLS this function will return the @code{GNUTLS_E_LARGE_PACKET} error code if the send data exceed the data MTU value - as returned by @code{gnutls_dtls_get_data_mtu()} . The errno value EMSGSIZE -also maps to @code{GNUTLS_E_LARGE_PACKET} . +also maps to @code{GNUTLS_E_LARGE_PACKET} . Note that since 3.2.13 this function can be called under cork in DTLS mode, and will refuse to send data over the MTU size by returning @code{GNUTLS_E_LARGE_PACKET} . @@ -5730,8 +5889,8 @@ is interrupted then the @code{GNUTLS_E_AGAIN} or @code{GNUTLS_E_INTERRUPTED} errors will be returned. To obtain the data left in the corked buffer use @code{gnutls_record_check_corked()} . -@strong{Returns:} On success the number of transmitted data is returned, or -otherwise a negative error code. +@strong{Returns:} On success the number of transmitted data is returned, or +otherwise a negative error code. @strong{Since:} 3.1.9 @end deftypefun @@ -5743,7 +5902,7 @@ otherwise a negative error code. This function can only be called in server side, and instructs a TLS 1.2 or earlier client to renegotiate -parameters (perform a handshake), by sending a +parameters (perform a handshake), by sending a hello request message. If this function succeeds, the calling application @@ -5759,7 +5918,7 @@ calling application should proceed to calling @code{gnutls_handshake()} to negotiate the new parameters. -If the client does not wish to renegotiate parameters he +If the client does not wish to renegotiate parameters he may reply with an alert message, and in that case the return code seen by subsequent @code{gnutls_record_recv()} will be @code{GNUTLS_E_WARNING_ALERT_RECEIVED} with the specific alert being @@ -5962,14 +6121,14 @@ available to the more generic @code{gnutls_session_get_flags()} . @subheading gnutls_session_ext_register @anchor{gnutls_session_ext_register} -@deftypefun {int} {gnutls_session_ext_register} (gnutls_session_t @var{session}, const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_type}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}, unsigned @var{flags}) +@deftypefun {int} {gnutls_session_ext_register} (gnutls_session_t @var{session}, const char * @var{name}, int @var{id}, gnutls_ext_parse_type_t @var{parse_point}, gnutls_ext_recv_func @var{recv_func}, gnutls_ext_send_func @var{send_func}, gnutls_ext_deinit_data_func @var{deinit_func}, gnutls_ext_pack_func @var{pack_func}, gnutls_ext_unpack_func @var{unpack_func}, unsigned @var{flags}) @var{session}: the session for which this extension will be set @var{name}: the name of the extension to register @var{id}: the numeric id of the extension -@var{parse_type}: the parse type of the extension (see gnutls_ext_parse_type_t) +@var{parse_point}: the parse type of the extension (see gnutls_ext_parse_type_t) @var{recv_func}: a function to receive the data @@ -6068,6 +6227,12 @@ messages. Each call of @code{gnutls_session_get_data2()} after a ticket is received, will return session resumption data corresponding to the last received ticket. +Note that this function under TLS1.3 requires a callback to be set with +@code{gnutls_transport_set_pull_timeout_function()} for successful operation. There +was a bug before 3.6.10 which could make this function fail if that callback +was not set. On later versions if not set, the function will return a successful +error code, but will return dummy data that cannot lead to a resumption. + @strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned, otherwise an error code is returned. @end deftypefun @@ -6167,6 +6332,19 @@ an error code is returned. @strong{Since:} 3.1.4 @end deftypefun +@subheading gnutls_session_get_keylog_function +@anchor{gnutls_session_get_keylog_function} +@deftypefun {gnutls_keylog_func} {gnutls_session_get_keylog_function} (const gnutls_session_t @var{session}) +@var{session}: is @code{gnutls_session_t} type + +This function will return the callback function set using +@code{gnutls_session_set_keylog_function()} . + +@strong{Returns:} The function set or @code{NULL} otherwise. + +@strong{Since:} 3.6.13 +@end deftypefun + @subheading gnutls_session_get_master_secret @anchor{gnutls_session_get_master_secret} @deftypefun {void} {gnutls_session_get_master_secret} (gnutls_session_t @var{session}, gnutls_datum_t * @var{secret}) @@ -6319,6 +6497,19 @@ an error code is returned. @strong{Since:} 3.2.1 @end deftypefun +@subheading gnutls_session_set_keylog_function +@anchor{gnutls_session_set_keylog_function} +@deftypefun {void} {gnutls_session_set_keylog_function} (gnutls_session_t @var{session}, gnutls_keylog_func @var{func}) +@var{session}: is @code{gnutls_session_t} type + +@var{func}: is the function to be called + +This function will set a callback to be called when a new secret is +derived and installed during handshake. + +@strong{Since:} 3.6.13 +@end deftypefun + @subheading gnutls_session_set_premaster @anchor{gnutls_session_set_premaster} @deftypefun {int} {gnutls_session_set_premaster} (gnutls_session_t @var{session}, unsigned int @var{entity}, gnutls_protocol_t @var{version}, gnutls_kx_algorithm_t @var{kx}, gnutls_cipher_algorithm_t @var{cipher}, gnutls_mac_algorithm_t @var{mac}, gnutls_compression_method_t @var{comp}, const gnutls_datum_t * @var{master}, const gnutls_datum_t * @var{session_id}) @@ -7679,15 +7870,13 @@ for data. int (*gnutls_pull_timeout_func)(gnutls_transport_ptr_t, unsigned int ms); This callback is necessary when @code{gnutls_handshake_set_timeout()} or -@code{gnutls_record_set_timeout()} are set, and for calculating the DTLS mode -timeouts. - -In short, this callback should be set when a custom pull function is -registered. The callback will not be used when the session is in TLS mode with -non-blocking sockets. That is, when @code{GNUTLS_NONBLOCK} is specified for a TLS -session in @code{gnutls_init()} . For compatibility with future GnuTLS versions -it is recommended to always set this function when a custom pull function -is registered. +@code{gnutls_record_set_timeout()} are set, under TLS1.3 and for enforcing the DTLS +mode timeouts when in blocking mode. + +For compatibility with future GnuTLS versions this callback must be set when +a custom pull function is registered. The callback will not be used when the +session is in TLS mode with non-blocking sockets. That is, when @code{GNUTLS_NONBLOCK} +is specified for a TLS session in @code{gnutls_init()} . The helper function @code{gnutls_system_recv_timeout()} is provided to simplify writing callbacks. diff --git a/doc/gnutls-guile.html b/doc/gnutls-guile.html index c0dcc90..356f37a 100644 --- a/doc/gnutls-guile.html +++ b/doc/gnutls-guile.html @@ -1,9 +1,9 @@ - - + -GnuTLS-Guile 3.6.8 +GnuTLS-Guile 3.6.14 - - + + -