Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Thu Jul 28 12:49:59 2022 +0200

    Release 3.7.7
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jul 26 11:39:57 2022 +0900

    socket: only set pull/push functions when --save-*-trace is used
    
    This allows gnutls-cli to use KTLS for the transport, unless either
    --save-client-trace or --save-server-trace is used.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jul 26 11:38:41 2022 +0900

    handshake: do not enable KTLS if custom pull/push functions are set
    
    If gnutls_transport_set_pull_function or
    gnutls_transport_set_push_function is used, we can't assume the
    underlying transport handle is an FD.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Fri Jul 22 12:00:11 2022 +0200

    Fix double free during gnutls_pkcs7_verify
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Jul 27 20:23:26 2022 +0900

    guile: revert gnutls/build/tests.scm to use use-modules
    
    This partially reverts e727eb7901a3f1754de970c8529925ae3d591b90.  For
    some reason, the usage of #:use-module causes some behavioral
    difference that affects reauth.scm test.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Mon Jul 25 16:07:54 2022 +0200

    Fix memory leak in gnutls_pkcs7_import
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Jul 14 15:19:23 2022 +0900

    crypto-api: add block cipher API with automatic padding
    
    This adds a couple of functions gnutls_cipher_encrypt3 and
    gnutls_cipher_decrypt3, which add or remove padding as necessary if
    the length of the plaintext is not a multiple of the block size.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Jul 22 11:54:29 2022 +0900

    tests: temporarily disable checking against unresolvable hosts
    
    *.dane.verisignlabs.com and fedoraproject.org are no longer
    resolvable.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Jul 20 15:00:10 2022 +0900

    src: add __attribute__((malloc)) to safe_open_rw
    
    This silences -Wsuggest-attribute=malloc warning with GCC 12.  While
    we could use ATTRIBUTE_DEALLOC(fclose, 1), it is currently not
    possible to use it until Gnulib is updated.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Jul 20 14:54:48 2022 +0900

    src: add NULL check on return value of realloc used in tests
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Jun 30 21:24:23 2022 +0900

    tests: resume-with-previous-stek: initialize session data
    
    Spotted by gcc-analyzer 12.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Jun 30 21:23:31 2022 +0900

    tests: add __attribute__((__noreturn__)) to _fail and fail_ignore
    
    To suppress warnings with gcc-analyzer 12.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Jun 30 21:13:53 2022 +0900

    crypto-selftests: fix decryption check condition in test_cipher_aead
    
    Spotted by gcc-analyzer 12.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Jun 30 20:57:30 2022 +0900

    x509, tpm2: use asn1_node instead of deprecated ASN1_TYPE
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Sun Jul 10 23:41:26 2022 +0200

    guile: Allow session record ports to have a 'close' procedure.
    
    This addition makes it easy to close the backing file descriptor or port
    of a session when its record port is closed.
    
    * guile/src/core.c (SCM_GNUTLS_SESSION_RECORD_PORT_SESSION): Add SCM_CAR.
    (SCM_GNUTLS_SESSION_RECORD_PORT_CLOSE_PROCEDURE)
    (SCM_GNUTLS_SET_SESSION_RECORD_PORT_CLOSE)
    (SCM_GNUTLS_SESSION_RECORD_PORT_P)
    (SCM_VALIDATE_SESSION_RECORD_PORT): New macros.
    (make_session_record_port): Change "stream" argument to a pair.
    (close_session_record_port): New function.
    (scm_gnutls_session_record_port): Add optional 'close' parameter and
    honor it.
    (scm_gnutls_set_session_record_port_close_x): New function.
    (scm_init_gnutls_session_record_port_type): Add call to
    'scm_set_port_close' and 'scm_set_port_needs_close_on_gc'.
    * guile/tests/session-record-port.scm: Test it.
    * NEWS: Update.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Sun Jul 10 17:03:03 2022 +0200

    guile: Remove support for the 1.8.x series.
    
    The last Guile 1.8.x release dates back to 2010.
    
    * configure.ac: Remove 1.8 from 'GUILE_PKG'.
    * doc/gnutls-guile.texi (Guile Preparations): Remove mention of Guile 1.8.
    * guile/src/core.c (mark_session_record_port)
    (free_session_record_port): Remove.
    (scm_init_gnutls_session_record_port_type): Remove corresponding
    'scm_set_port_mark' and 'scm_set_port_free' calls.
    * guile/modules/gnutls.in: Remove top-level 'cond-expand' forms for
    Guile 1.8.
    * guile/modules/gnutls/build/tests.scm: Likewise.
    * NEWS: Update.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Sun Jul 10 17:02:17 2022 +0200

    maint: Update guile.m4.
    
    * m4/guile.m4: Update from Guile 3.0.7.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>

Author: Brad Smith <brad@comstyle.com>
Date:   Fri Jul 15 22:44:03 2022 -0400

    accelerated: aarch64: add OpenBSD/aarch64 support
    
    Signed-off-by: Brad Smith <brad@comstyle.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Jun 27 11:14:50 2022 +0900

    cipher: limit plaintext length supplied to AES-GCM
    
    According to SP800-38D 5.2.1.1, input data length of AES-GCM
    encryption function must be less than or equal to 2^39-256 bits.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Sun Jul 10 18:54:54 2022 +0200

    guile: Session record port treats premature termination as EOF.
    
    * guile/src/core.c (do_fill_port) [USING_GUILE_BEFORE_2_2]: Treat
    GNUTLS_E_PREMATURE_TERMINATION as EOF.
    (read_from_session_record_port) [!USING_GUILE_BEFORE_2_2]: Likewise.
    * guile/tests/premature-termination.scm: New file.
    * guile/Makefile.am (TESTS): Add it.
    * NEWS: Update.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>

Author: Richard Costa <richard.costa@suse.com>
Date:   Sat Jul 9 00:50:21 2022 +0000

    Add self-test code inside a FIPS context
    
    Self-test code exercise lots of different FIPS-related code with
    side-effects. So, in order to prevent it from losing information when
    executing inside another context, we create an appropriated one.
    
    If the self-test fails, then the library is placed in error state, so it
    doesn't matter for other contexts.
    
    Signed-off-by: Richard Maciel Costa <richard.costa@suse.com>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Tue May 10 15:20:45 2022 +0200

    Increase the limit of TLS PSK usernames from 128 to 65535 characters
    
    Co-authored-by: Hannes Reinecke <hare@suse.de>
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Apr 1 08:04:57 2022 +0200

    fips: make service indicator logging louder
    
    Previously, the only way to monitor the FIPS context transtion was to
    increase logging level to debug (2), which produces unrelated output.
    
    This changes the minimum logging level to audit (1) for when the
    transition happens.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Jun 27 09:29:13 2022 +0900

    nettle: restrict output size of HKDF-Expand to 255 * HashLen
    
    RFC 5869 2.3 requires that requested output length of HKDF-Expand to
    be equal to or less than 255 times hash output size.
    
    Inspired by the report by Guido Vranken in:
    https://lists.gnupg.org/pipermail/gcrypt-devel/2022-June/005328.html
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Tue Jun 28 17:22:36 2022 +0200

    tests/fips-test: minor extension
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jun 28 13:46:44 2022 +0900

    .gitlab-ci.yml: add fedora-ktls pipeline
    
    This is to ensure that the same testsuite succeeds even if we compile
    the library with --enable-ktls and KTLS is enabled with a run-time
    configuration.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jun 28 10:53:55 2022 +0900

    ktls: _gnutls_ktls_enable: fix GNUTLS_KTLS_SEND calculation
    
    Previously, if the first setsockopt for GNUTLS_KTLS_RECV fails and the
    same socket is used for both sending and receiving, GNUTLS_KTLS_SEND
    was unconditionally set.  This fixes the conditions and also adds more
    logging.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jun 28 10:23:33 2022 +0900

    handshake: do not reset KTLS enablement in gnutls_handshake
    
    As gnutls_handshake can be repeatedly called upon non-blocking setup,
    we shouldn't try to call setsockopt for KTLS upon every call.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jun 28 09:37:22 2022 +0900

    tests: enable KTLS config while running gnutls_ktls test
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Gregor Jasny <gjasny@googlemail.com>
Date:   Tue Jun 21 11:18:16 2022 +0200

    README.md: explicitly install libtasn1-bin
    
    Signed-off-by: Gregor Jasny <gjasny@googlemail.com>

Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date:   Tue Jun 14 16:16:11 2022 +0200

    KTLS: disable by default enable by config
    
    KTLS will be disabled by default when build with `--enable-ktls` to
    enable it, use config file option `ktls = true` in [global] section.
    
    Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Jun 3 15:43:00 2022 +0900

    fips: provide function to manually run FIPS self-tests
    
    FIPS140-3 IG 10.3.E Periodic Self-Testing says:
    
      At security levels 1 and 2, acceptable means for initiating the
      periodic self-tests include a provided service, resetting, rebooting
      or power cycling.
    
    Neither resetting, rebooting, nor power-cycling is suitable because
    those involve operations outside of the module.  Therefore this patch
    adds a new API to manually run the substance of FIPS140 self-tests.
    
    Suggeested by Richard Costa and Stephan Mueller in:
    https://gitlab.com/gnutls/gnutls/-/issues/1364
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Wed May 18 15:38:21 2022 +0200

    tests/suite/tls-fuzzer: remove most of the -n limiters...
    
    ... since tlsfuzzer now sets reasonable (~<10s/script) limits
    for most of the scripts by default
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Wed May 18 13:41:18 2022 +0200

    tests/suite/tls-fuzzer: pin current error messages with -X
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun May 29 10:54:48 2022 +0900

    build: Revert "Disable test scripts on windows"
    
    This reverts commit d2b99e3b3429e9b9a6fbff46598fd4c6a0910f65.
    
    It turned out that the test failures under mingw were caused by a
    regression in wine 7.5, possibly:
    https://bugs.winehq.org/show_bug.cgi?id=52743
    
    Now that the latest wine package based on wine 7.9 has no issues with
    running those test scripts, this enables them again in the build
    process.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Fri May 27 09:17:55 2022 +0200

    Release 3.7.6
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Asad Mehmood <asad78611@googlemail.com>
Date:   Mon May 23 14:35:46 2022 +0000

    libdane: fix typo in Makefile.am
    
    Signed-off-by: Asad Mehmood <asad78611@googlemail.com>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Fri May 13 14:37:05 2022 +0200

    Add release steps for windows builds
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Wed May 18 11:43:26 2022 +0200

    Fix out-of-bounds memcpy in gnutls_realloc_zero()
    
    Co-authored-by: Tobias Heider <tobias.heider@canonical.com>
    Co-authored-by: Daiki Ueno <ueno@gnu.org>
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Thu May 19 10:27:51 2022 +0200

    Disable test scripts on windows
    
    This is a temporary solution to avoid failures
    of test scripts when ran on windows
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Thu May 12 10:38:23 2022 +0200

    Release 3.7.5
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue May 10 09:52:26 2022 +0200

    cligen: update git submodule
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Fri Apr 29 12:28:50 2022 +0200

    Improve certificate sanity checks
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Mon Mar 28 17:49:22 2022 +0200

    Fix psk_ke_modes_recv_params() wrongly setting HSK_PSK_KE_MODE_INVALID
    
    If the preferred side (as per session->internals.priorities->server_precedence)
    only supports one algorithm and if it is not the first in the other side's list
    of algorithms, then psk_ke_modes_recv_params did wrongly set
    session->internals.hsk_flags to HSK_PSK_KE_MODE_INVALID.
    
    Fixes #1303
    
    This issue was originally discovered while analyzing
    https://forum.filezilla-project.org/viewtopic.php?t=54333
    
    Signed-off-by: Tim Kosse <tim.kosse@filezilla-project.org>
    Co-authored-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat May 7 10:07:01 2022 +0200

    tests/cmocka-common.h: include <stdarg.h> before <cmocka.h>
    
    As documented in <https://api.cmocka.org/group__cmocka.html#details>,
    <stdarg.h> must be included before <cmocka.h>.
    
    Suggested by Brad Smith in:
    https://gitlab.com/gnutls/gnutls/-/issues/1360
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Apr 29 12:01:53 2022 +0200

    configure.ac: check if compiler supports -Wa,-march=all
    
    Clang from LLVM 13.0.0 caused a segumentation fault if an unknown
    architecture is supplied through -march.  While this has been fixed in
    13.0.1, until it is widely deployed this adds a configure check as a
    safeguard:
    https://github.com/llvm/llvm-project/commit/d31f8cc6884ba3cc3e088fd57c4c533868e8a8b2
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Jan 15 11:27:20 2022 +0100

    gnutls_aead_cipher_set_key: new function
    
    This adds gnutls_aead_cipher_set_key, which enables to reuse the same
    handle but reset the context and key, without releasing the memory.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Jan 17 11:48:39 2022 +0100

    crypto-api: support AES-SIV with scatter-gather API
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Jan 17 11:17:46 2022 +0100

    crypto-api: refactor iov_store_st operations
    
    This replaces copy_from_iov to more generic append_from_iov.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Jan 17 10:36:44 2022 +0100

    crypto-api: split scatter-gather AEAD implementation to helper funcs
    
    These _encryptv, _encryptv2, and _decryptv2 functions take orthogonal
    code paths depending on whether the underlying AEAD implementation
    supports message based API.  This patch split the implementation to
    dedicated helper functions.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Jan 17 10:07:02 2022 +0100

    crypto-api: add integer overflow checks around copying IOV
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Thu May 5 12:10:46 2022 +0200

    Extend fipshmac to take a path to libgnutls.so
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed May 4 15:27:16 2022 +0200

    .github/workflows/macos.yml: display tests/cert-tests/*.log
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed May 4 15:23:49 2022 +0200

    lib/fips.c: suppress -Wdiscarded-qualifiers warning
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed May 4 15:22:16 2022 +0200

    .gitignore: ignore tests/tls13/compress-cert*
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed May 4 15:19:17 2022 +0200

    tests/cert-tests/pkcs12.sh: use portable sed invocations
    
    The BSD sed doesn't recognize '\|' as the alternative operator, and
    the last '}' must be preceded with a newline.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Sep 21 08:07:25 2021 +0200

    tls: add flag to disable session ticket in TLS 1.2
    
    The existing GNUTLS_NO_TICKETS flag affects all versions of TLS, where
    PFS is assured in TLS 1.3, while it is not in TLS 1.2.  This adds a
    new flag GNUTLS_NO_TICKETS_TLS12 to allow applications to disable
    session tickets only in TLS 1.2.
    
    As the only means of resumption in TLS 1.3 is using session tickets,
    we could repurpose the GNUTLS_NO_TICKETS flag make it no-op in TLS
    1.3.  However it would break backward compatibility, so we defer it to
    the next major release.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Nov 28 11:31:30 2021 +0100

    session_ticket: avoid invalid free on error path
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Sep 21 11:08:06 2021 +0200

    _gnutls_version_max: return NULL if priorities are not populated
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon May 2 07:41:12 2022 +0200

    m4: update from autoconf-archive
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Apr 17 10:56:35 2022 +0200

    .github/workflows/macos.yml: pull in gtk-doc
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Thu Apr 28 12:17:16 2022 +0200

    gnutls-cli, gnutls-serv: print supported channel binding
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Sep 4 07:16:18 2021 +0200

    .gitlab-ci.yml: replace valgrind checks with ASan
    
    Running the full test suite under valgrind wastes a lot of time and
    may cause intermittent failures due to timeout.  We have them mainly
    for VALGRIND_MAKE_MEM_UNDEFINED client request, though the ASan tests
    now cover the equivalent after
    f23c3a6cba43706a6ebb3f9b0018cd658dcc0a72.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Thu Apr 14 11:29:26 2022 +0200

    Use packit to automate fedora upstream release
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>
Date:   Sun Apr 24 17:03:18 2022 +0900

    Preserve mbuffer type when linearized
    
    Signed-off-by: Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com>

Author: Brian Wickman <bwickman97@outlook.com>
Date:   Thu Apr 21 05:52:36 2022 +0000

    Fix for #1132

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Apr 11 14:00:16 2022 +0200

    .gitignore: ignore files generated by asn1Parser
    
    These files are no longer maintained in the repository, after commit
    16061937.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Apr 8 10:23:51 2022 +0200

    cligen: update git submodule
    
    This also reverts commit fd0e28a3 and changes how the cligen python
    files are included in the distribution.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Tue Apr 12 16:34:52 2022 +0200

    Small fips-test refactoring
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Mon Apr 11 16:04:38 2022 +0200

    Add zeroization of some critical security parameters
    to comply with FIPS-140-3 requirements
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Andreas Metzler <ametzler@debian.org>
Date:   Sun Apr 10 13:22:22 2022 +0200

    Document C++ soname bump in NEWS.
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Andreas Metzler <ametzler@debian.org>
Date:   Wed Mar 30 18:26:36 2022 +0200

    Add missing gtk-doc for GNUTLS_COMP_BROTLI/ZSTD.
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Andreas Metzler <ametzler@debian.org>
Date:   Wed Mar 30 18:18:12 2022 +0200

    Add missing copyright header
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Tue Apr 5 16:28:41 2022 +0200

    Add missing FIPS service indicator transitions
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Wed Apr 6 15:33:32 2022 +0200

    Remove 3DES from FIPS approved algorithms.
    According to the section 2 of SP800-131A Rev.2, 3DES algorithm
    will be disallowed for encryption after December 31, 2023:
    https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Fri Apr 1 12:34:12 2022 +0200

    Mark HKDF and AES-GCM as approved when used in TLS
    
    Co-authored-by: Pedro Monreal <pmgdeb@gmail.com>
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Mar 31 15:50:51 2022 +0200

    bootstrap.conf: use install-sh to copy cligen files
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Mar 19 10:01:09 2022 +0100

    lib/{gnutls,pkix}_asn1_tab.c: remove autogenerated files
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Mar 19 10:00:08 2022 +0100

    devel/README-ci.freebsd.md: stop mentioning autogen
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Mar 19 09:59:58 2022 +0100

    .github/workflows/macos.yml: stop installing autogen
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Mar 19 09:53:54 2022 +0100

    configure.ac: always assume GTK_DOC_CHECK macro
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Mar 31 14:28:32 2022 +0200

    fips: simplify library integrity checking
    
    This removes code duplication by grouping the path and hmac fields in
    hmac_file structure.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Thu Mar 31 10:13:06 2022 +0200

    Increase length limit of PKCS#12 passwords
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date:   Fri Mar 25 11:31:05 2022 +0100

    ktls config documentation
    
    Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>

Author: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Date:   Thu Mar 31 08:57:07 2022 +1100

    Fix off-by one exit condition in pkcs#11 priv keys lookup
    
    In function find_privkeys(), the list-> array is allocated to be of size
    lists->key_ids_size. "current" is the index where the next found key will
    be written (starts at 0).
    
    The current exit condition is thus incorrect:
    
                    if (current > list->key_ids_size)
                            break;
    
    This will allow "current" to be equal to list->key_ids_size which will
    potentially cause an overflow if more keys are returned by the loop than
     was originally found when calculating that size.
    
    This is very unlikely, but incorrect nonetheless.
    
    Fix this by using the more classic construct of testing for the array bound
    in the loop exit condition, as suggested by Daiki Ueno.
    
    Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>

Author: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Date:   Mon Mar 21 13:45:11 2022 +1100

    Fix matching of last key of a pkcs#11 token
    
    Retrieving the cert for the last key of a token fails due to an
    off-by-one bug in find_privkeys():
    
    In the loop that iterates the keys, "current" contains the index
    of the "next" key slot, which is also the active "count" of populated
    slots in the output struct find_pkey_list_st.
    
    The current statement:
    
            list->key_ids_size = current - 1;
    
    Means we return a "key_ids_size" of the current count minus one, ie 0
    for 1 key etc... However, this isn't what the callers expect, for example:
    
    find_multi_objs_cb() does:
    
                    ret = find_privkeys(sinfo, tinfo, &plist);
                    if (ret < 0) {
                            gnutls_assert();
                            return ret;
                    }
    
                    if (plist.key_ids_size == 0) {
                            gnutls_assert();
                            return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
                    }
    
    So a slot with a single key will fail when trying to find a certificate
    
    Subsequent uses of "plist" in that function also show that it's expected
    to contain the real slot count:
    
                    for (i = 0; i < plist.key_ids_size; i++) {
    
    Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Wed Mar 23 16:55:51 2022 +0100

    Consolidate FIPS .hmac files
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date:   Fri Mar 18 11:37:10 2022 +0100

    system config disable KTLS
    
    Added option for system config `ktls = false` to disable ktls
    system-wide
    
    Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>

Author: Pedro Monreal <pmgdeb@gmail.com>
Date:   Tue Mar 22 13:01:53 2022 +0100

    lib/crypto-selftests.c: Add a selftest for PBKDF2 that complies with FIPS 140-3.
    
    Signed-off-by: Pedro Monreal <pmgdeb@gmail.com>

Author: Tobias Heider <tobias.heider@canonical.com>
Date:   Mon Mar 14 16:17:28 2022 +0100

    Use custom allocators for GMP to make sure temporary secrets
    from cryptographic operations in nettle are deleted safely.
    
    Signed-off-by: Tobias Heider <tobias.heider@canonical.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Mar 18 08:10:12 2022 +0100

    devel/release-steps.md: expand steps to generate tarball [ci-skip]
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Mar 18 07:54:06 2022 +0100

    NEWS: mention couple more changes in 3.7.4 release [ci-skip]
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Sam James <sam@gentoo.org>
Date:   Fri Mar 18 05:51:29 2022 +0000

    configure.ac: fix zstd detection
    
    Fixes typo in zstd detection.
    
    None of the used autoconf macros will define `has_zstd_h` so
    configure will (AFAICT) always fail to find zstd, even if it succeeded
    via pkg-config moments before.
    
    Drop it and rely solely on pkg-config as that's the only search
    we're actually doing.
    
    Fixes: https://gitlab.com/gnutls/gnutls/-/issues/1343
    Signed-off-by: Sam James <sam@gentoo.org>

Author: Sam James <sam@gentoo.org>
Date:   Fri Mar 18 05:40:28 2022 +0000

    configure.ac: fix brotli/zstd configure argument name
    
    The old `./configure` arguments for brotli and zstd respectively
    were inconsistent with the `./configure --help` output.
    
    Old: --without-libbrotli --without-libzstd (also --with-*)
    New: --without-brotli --without-zstd (also --with-*)
    
    Fixes: https://gitlab.com/gnutls/gnutls/-/issues/1342
    Signed-off-by: Sam James <sam@gentoo.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Mar 16 11:19:29 2022 +0100

    cligen: update git submodule
    
    To avoid emitting empty "list" substruct in header files, as well as
    assuming the Python pwd module is always available.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Wed Mar 16 15:42:40 2022 +0100

    Release 3.7.4
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Zoltan Fridrich <zfridric@redhat.com>
Date:   Tue Mar 8 18:01:37 2022 +0100

    Make gnutls compliant to RFC5280
    
    Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Mar 14 16:03:07 2022 +0100

    cli, serv: allow multiple --compress-cert options
    
    This eliminates the need of parsing the comma separated list manually.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Tobias Heider <tobias.heider@canonical.com>
Date:   Sun Mar 13 23:58:42 2022 +0100

    Handle all cases of calloc returning NULL.
    
    Signed-off-by: Tobias Heider <tobias.heider@canonical.com>

Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date:   Fri Mar 11 18:22:18 2022 +0100

    Fix global-ini-handler
    
    Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Feb 10 15:58:08 2022 +0100

    Make option specification type-safe
    
    This switches the CLI code and documentation generation to the
    external cligen module, which provides more type-safe specification.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Tobias Heider <tobias.heider@canonical.com>
Date:   Wed Mar 9 01:18:20 2022 +0100

    fips: use GNUTLS_FIPS140_STRICT instead of magic number.
    
    Signed-off-by: Tobias Heider <tobias.heider@canonical.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Mar 9 08:07:58 2022 +0100

    locks: define lock functions as a macro
