Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Jan 17 16:48:10 2022 +0100

    Release 3.7.3
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jan 18 06:43:07 2022 +0100

    tests: privkey-keygen: fix memory leak
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Oct 30 08:56:07 2021 +0200

    x509: fix thread-safety in gnutls_x509_trust_list_verify_crt2
    
    This function previously used gnutls_x509_trust_list_get_issuer
    without GNUTLS_TL_GET_COPY flag, which is required when the function
    is called from multi-threaded application and PKCS #11 trust store is
    in use.
    
    Reported and the change suggested by Remi Gacogne in:
    https://gitlab.com/gnutls/gnutls/-/issues/1277
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Jan 16 07:57:02 2022 +0100

    cli: add --list-config option
    
    With this option gnutls-cli prints the build-time configuration of the
    library, retrieved through gnutls_get_library_config.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jan 11 07:36:27 2022 +0100

    fips: add build option to embed FIPS module info in library config
    
    This adds a couple of configure options, --with-fips140-module-name
    and --with-fips140-module-version, which packagers can use to embed
    FIPS module information in the library.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jan 11 07:34:59 2022 +0100

    global: add API to retrieve library configuration at run time
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Jan 16 12:17:39 2022 +0100

    configure.ac: emit feature summary as C macro
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Jan 16 16:19:53 2022 +0100

    tests: suppress GCC -fanalyzer warnings
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Jan 16 16:00:10 2022 +0100

    .gitignore: ignore more files
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Jan 16 15:59:01 2022 +0100

    src: avoid overriding noinst_PROGRAMS
    
    In src, we now have two helper programs: systemkey and dumpcfg.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Jan 13 14:30:02 2022 +0100

    build: hide maintainer tool invocation behind AM_V_GEN
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Thu Jan 13 14:35:07 2022 +0100

    tests: use more aliases in tests for better alias testing coverage
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Jan 7 10:02:32 2022 +0100

    .gitlab-ci.yml: run static analyzers on Python files
    
    This runs a couple of code analysis on the Python scripts added to
    remove AutoGen dependency.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Jan 7 09:58:11 2022 +0100

    .gitlab-ci.yml: bump cache key for python3 detection
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Jan 5 08:09:36 2022 +0100

    README.md: mention Python as requirement instead of AutoGen
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Jan 5 07:39:10 2022 +0100

    src: remove AutoGen .def files
    
    As neither the tools nor documentation depends on AutoGen, we don't
    need to include the AutoGen definition files.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Jan 5 07:24:03 2022 +0100

    doc: generate man-pages from JSON
    
    This replaces man-pages generation previously provided by the autogen
    -Tagman.tpl command with a Python script (gen-cmd-man.py).
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jan 4 09:06:21 2022 +0100

    doc: generate texinfo files from JSON
    
    This replaces texinfo generation previously provided by the autogen
    -Tagtexi.tpl command with a Python script (gen-cmd-texi.py).
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Jan 3 11:02:43 2022 +0100

    src: remove included copy of libopts
    
    As no tools link with libopts anymore, we don't need to include it in
    the distribution.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Jan 3 10:30:34 2022 +0100

    src: replace autoopts/libopts with minimal config parser
    
    This replaces configuration file parsing code previously provided by
    <autoopts/options.h>, with a minimal compatible implementation.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Dec 31 18:13:58 2021 +0100

    src: generate option handling code from JSON
    
    This replaces AutoGen based command-line parser with a Python
    script (gen-getopt.py), which takes JSON description as the input.
    The included JSON files were converted one-off using the parse-autogen
    program: https://gitlab.com/dueno/parse-autogen.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jan 4 15:18:26 2022 +0100

    python: add library for handling JSON-based option description
    
    This adds the jsonopts Python module used by the command-line parser
    generator and documentation generators in the following commits.  This
    also bumps the required Python interpreter version to 3.6.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>
    Co-authored-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Jan 13 09:36:52 2022 +0100

    pkcs12: use the correct MAC algorithm for GOST key generation
    
    According to the latest TC-26 requirements, the MAC algorithm used for
    PBKDF2 should always be HMAC_GOSTR3411_2012_512.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Jan 12 08:15:24 2022 +0100

    tests: simple: check if the digest algorithm is compiled in
    
    When the library is built with --disable-gost, gnutls_digest_get_id
    returns GNUTLS_DIG_UNKNOWN for GOST algorithms.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Jan 11 14:07:56 2022 +0100

    x509: fix potential wrong usage of memcpy
    
    Spotted by GCC analyzer:
    
      common.c:552:17: warning: use of NULL 'out.data' where non-null expected [CWE-476] [-Wanalyzer-null-argument]
        552 |                 memcpy(output_data, out.data, (size_t) out.size);
            |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Jan 9 08:34:52 2022 +0100

    cert-auth: suppress false-positive warnings with GCC analyzer
    
    When compiled with gcc -fanalyzer, it reports:
    
      cert.c: In function '_gnutls_pcert_to_auth_info':
      cert.c:85:17: error: dereference of NULL 'info' [CWE-476] [-Werror=analyzer-null-dereference]
         85 |         if (info->raw_certificate_list != NULL) {
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Jan 7 17:48:22 2022 +0100

    gnutls_pkcs12_generate_mac: use SHA256 by default
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Dec 20 16:16:23 2021 +0100

    .gitlab-ci.yml: reduce PKCS#12 iteration count while testing
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Dec 21 15:02:45 2021 +0100

    tests: check algorithms for generating PKCS#12 file
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Dec 26 17:40:42 2021 +0100

    cipher-api-test: mention why it is written using fork
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Nov 23 15:23:34 2021 +0100

    fips: plumb service indicator to symmetric key crypto operations
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>
    Co-authored-by: Pedro Monreal <pmonrealgonzalez@suse.de>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Aug 31 13:29:45 2021 +0200

    fips: plumb service indicator to public key crypto operations
    
    This installs service indicator state transitions in certain public
    key operations in gnutls_crypto_pk_st, namely:
    
    * fallible operations
      - encrypt
      - sign
      - generate_keys
      - derive
    
    * infallible operations
      - decrypt, decrypt2
      - verify
    
    other operations, such as generate_params, are not considered as
    crypto operation.  Note that fallible operations above mean that those
    return value could indicate error, while infallible operations do not
    have distinction between errors and failures: decrypt/verify failures
    are treated as a successful completion of the operation.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>
    Co-authored-by: Pedro Monreal <pmonrealgonzalez@suse.de>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Dec 21 15:17:55 2021 +0100

    _gnutls_pkcs_generate_key: use HMAC-SHA256 for PBKDF2
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Dec 20 16:34:30 2021 +0100

    pkcs12: determine iteration count for MAC at build time
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Dec 20 16:13:06 2021 +0100

    pkcs7: determine iteration count for PBKDF2 at build time
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Dec 20 15:56:24 2021 +0100

    certtool: --to-p12: use modern algorithms by default
    
    Currently certtool uses PKCS12-3DES-SHA1 for encrypting keys in
    PKCS#12, while it is suggested to migrate to more modern algorithms,
    namely AES-128-CBC with PBKDF2 and SHA-256:
    https://bugzilla.redhat.com/show_bug.cgi?id=1759982
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Jul 23 10:31:08 2021 +0200

    fips: add functions to inspect thread-local FIPS operation state
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Andreas Metzler <ametzler@debian.org>
Date:   Thu Jan 6 07:17:01 2022 +0100

    Drop unquoted angle brackets in gtk-doc comment.
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Andreas Metzler <ametzler@debian.org>
Date:   Thu Jan 6 07:15:31 2022 +0100

    Fix gtk-doc build, use http URI in sgml master.
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sat Jan 1 21:12:51 2022 +0200

    p11tool: add --mark-always-authenticate option
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sun Jan 2 19:31:33 2022 +0200

    doc: updated copyrights for 2022
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Nov 18 19:02:03 2021 +0100

    accelerated: fix CPU feature detection for Intel CPUs
    
    This fixes read_cpuid_vals to correctly read the CPUID quadruple, as
    well as to set the bit the ustream CRYPTOGAMS uses to identify Intel
    CPUs.
    
    Suggested by Rafael Gieschke in:
    https://gitlab.com/gnutls/gnutls/-/issues/1282
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Dec 22 17:00:03 2021 +0100

    padlock: reset _gnutls_x86_cpuid_s only after padlock check succeeds
    
    Otherwise it clears _gnutls_x86_cpuid_s which may already hold valid
    CPUID detected for Intel and AMD CPUs.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Dec 22 09:12:25 2021 +0100

    wrap_nettle_hash_fast: avoid calling _update with zero-length input
    
    As Nettle's hash update functions internally call memcpy, providing
    zero-length input may cause undefined behavior.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Dec 22 08:22:04 2021 +0100

    gnutls_{hash,hmac}_copy: mention the functions do not always work
    
    It is known that some built-in accelerated implementation, such as
    AF_ALG, does not support copying hash/hmac contexts.  This expands the
    documentation to suggest checking the return value of those functions.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Mon Dec 20 17:47:36 2021 +0100

    tests: extend system-override-curves-allowlist with key generation
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Mon Dec 20 16:50:59 2021 +0100

    tests: tweak system-override-curves-allowlist insignificantly
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Fri Dec 17 18:49:27 2021 +0100

    README: document tpm2-tss-engine test dependency
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Thu Dec 16 12:46:38 2021 +0100

    use sha384_digest in lib/accelerated/aarch64/sha-aarch64.c sha384
    
    Mirrors https://gitlab.com/gnutls/gnutls/-/merge_requests/1466
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date:   Thu Dec 2 16:35:31 2021 +0100

    ktls: flags
    
    ktls enum flags API
    
    Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>

Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date:   Fri Oct 15 15:00:17 2021 +0200

    KTLS: API
    
    ktls is enabled by default, we can check if inicialization was
    succesfull with gnutls_transport_is_ktls_enabled
    
    Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Dec 9 11:22:14 2021 +0100

    .gitignore: ignore tests/x509cert-ct
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Dec 9 11:03:50 2021 +0100

    X509 CT: defer filling in the length field
    
    This eliminates the need of precalculating the payload size, to make
    it easier to adapt to new format.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Fri Dec 10 13:47:21 2021 +0100

    tests: fix out of tree builds with ASAN
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Thu Nov 11 14:05:40 2021 +0100

    tests: add protocol-set-allowlist
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Thu Nov 11 14:04:54 2021 +0100

    tests: add tcp_connect to utils
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Dec 9 10:48:58 2021 +0100

    X509 CT: use size_t for array index instead of unsigned
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Ander Juaristi <a@juaristi.eus>
Date:   Fri Nov 26 18:20:44 2021 +0100

    Update symbols
    
    Signed-off-by: Ander Juaristi <a@juaristi.eus>

Author: Ander Juaristi <a@juaristi.eus>
Date:   Wed Nov 17 19:28:50 2021 +0100

    devel: Suppress new API functions
    
    Signed-off-by: Ander Juaristi <a@juaristi.eus>

Author: Ander Juaristi <a@juaristi.eus>
Date:   Sat Nov 28 19:04:35 2020 +0100

    x509 CT: Add tests
    
    Signed-off-by: Ander Juaristi <a@juaristi.eus>

Author: Ander Juaristi <a@juaristi.eus>
Date:   Mon Nov 15 20:03:12 2021 +0100

    x509 CT: implement new public API
    
    This commit implements import and export functions for the X.509
    Certificate Transparency Signed Certificate Timestamp (SCT) extension
    (RFC 6962).
    
    A new constant GNUTLS_X509EXT_OID_CT_SCT is introduced
    with the value "1.3.6.1.4.1.11129.2.4.2".
    
    The following new public API functions are introduced:
    
        - gnutls_x509_ext_ct_scts_init
        - gnutls_x509_ext_ct_scts_deinit
        - gnutls_x509_ext_ct_import_scts
        - gnutls_x509_ext_ct_export_scts
        - gnutls_x509_ct_sct_get_version
        - gnutls_x509_ct_sct_get
    
    Signed-off-by: Ander Juaristi <a@juaristi.eus>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Nov 30 14:33:33 2021 +0100

    devel/libgnutls.abignore: ignore drbg_aes_* functions
    
    These functions are only defined when compiled with
    --enable-fips140-mode.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu May 6 12:41:40 2021 +0200

    priority: support allowlisting in configuration file
    
    This adds a new mode of interpreting the [overrides] section.  If
    "override-mode" is set to "allowlisting" in the [global] section, all
    the algorithms (hashes, signature algorithms, curves, and versions)
    are initially marked as insecure/disabled.  Then the user can enable
    them by specifying allowlisting keywords such as "secure-hash" in the
    [overrides] section.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>
    Co-authored-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Nov 27 16:48:51 2021 +0100

    CONTRIBUTING.md: clarify how to introduce new API
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Nov 27 16:39:41 2021 +0100

    release-steps: "make abi-dump-latest" at release time
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Nov 27 16:36:17 2021 +0100

    build: stop running abi-dump-latest at "make files-update"
    
    The procedure of registering ABI updates has changed in
    bd3c78b9d10937adb1855b85bca1864972a1c986.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Nov 24 18:44:13 2021 +0100

    build: update to use the latest valgrind-tests module from Gnulib
    
    This adjust the existing valgrind invocations in the test suite with:
    https://www.gnu.org/software/gnulib/manual/html_node/Valgrind-options.html
    
    - make --suppressions option to per directory, using AM_VALGRINDFLAGS
    - use LOG_VALGRIND for LOG_COMPILER
    - quote '$(LOG_VALGRIND)' in TESTS_ENVIRONMENT
    - move gl_VALGRIND_TESTS_DEFAULT_NO call before gl_INIT
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Evgeny Grin <k2k@narod.ru>
Date:   Fri Nov 26 14:08:22 2021 +0300

    sockets: fixed compiler warning on Windows x32
    
    Signed-off-by: Evgeny Grin <k2k@narod.ru>

Author: Evgeny Grin <k2k@narod.ru>
Date:   Fri Nov 26 13:50:52 2021 +0300

    sockets: fixed building for Windows with compilers without VLA support
    
    Signed-off-by: Evgeny Grin <k2k@narod.ru>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed May 5 16:27:55 2021 +0200

    priority: refactor config file parsing
    
    This adds the following refactoring:
    
    - avoid side-effects during parsing the config file, by separating
      application phase; the parsed configuration can be applied globally
      with cfg_apply, after validation
    - make _gnutls_*_mark_{disabled,insecure} take an ID instead of the
      name
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Nov 16 18:46:41 2021 +0100

    locks: deprecate gnutls_global_set_mutex
    
    As the library now uses static mutexes, rwlocks, and onces, it doesn't
    make much sense to only replace dynamic mutex usage.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Nov 14 14:57:15 2021 +0100

    locks: use once execution for on-demand initialization of globals
    
    This makes sure that the global variables are initialized only once.
    Most of those variables are initialized at ELF constructor, though a
    couple of occasions they are initialized on-demand: the global keylog
    file pointer and TPM2 TCTI context.  To properly protect the
    initialization this patch uses gl_once provided by Gnulib.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Nov 14 16:39:29 2021 +0100

    locks: rework rwlock primitives
    
    Remove GNUTLS_STATIC_RWLOCK_*LOCK macros and respect return values of
    rwlock primitives.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Nov 16 18:20:24 2021 +0100

    pkcs11: switch to using static mutex
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Nov 16 18:00:12 2021 +0100

    verify-tofu: switch to using static mutex for locking
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sun Nov 14 14:04:59 2021 +0100

    locks: replace custom mutex wrappers with "glthread/lock.h"
    
    As Gnulib provides portability wrappers of mutex implementations, we
    don't need to provide similar wrappers by ourselves.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 22 14:52:10 2019 +0100

    Port openconnect TPM2 code
    
    This introduces transparent loading of TPM2 keys which are in PEM
    form by gnutls_privkey_import_x509_raw() and higher level functions
    which wrap it.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
    Co-authored-by: David Woodhouse <dwmw2@infradead.org>
    Co-authored-by: Daiki Ueno <ueno@gnu.org>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Mon Nov 8 19:07:28 2021 +0100

    tests: set $abs_top_builddir in more places
    
    `$abs_top_builddir` has been used all across tests' subdirectories
    (through tests/scripts/common.sh)
    but has only been defined for tests/suite/ ones.
    Defining it in other Makefiles where `top_builddir` is being passed.
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Oct 30 17:17:47 2021 +0200

    priority: rework config reloading logic and locking
    
    The previous reloading logic relied on the existence of [priority]
    section (in the initial loading) as an indicator whether the file is
    loaded.  This didn't work well in the following cases:
    - when the section didn't exist initially and then is added later
    - when the section existed initially and then is removed later
    To handle these cases, this change adds a new flag
    system_priority_file_loaded which can be used together with the mtime
    check.
    
    This also adds an rwlock to protect global configuration.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Nov 1 16:46:50 2021 +0100

    Revert "priority: fix potential race in reloading system-wide config"
    
    This reverts commit 890c6937a3cfb4a0704bc815324221ec4cb89840.
    Considering the entire logic around reloading the config file, the fix
    was suboptimal.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Thu Oct 28 18:55:26 2021 +0200

    priority: fix potential race in reloading system-wide config
    
    _gnutls_update_system_priorities is called from gnutls_priority_set*
    functions every time when the SYSTEM keyword is used and updates a
    global variable system_wide_priority_strings if the configuration
    changes.  Although the critical path is protected with mtime check, it
    should also hold a lock to avoid occasional race condition in
    multi-thread programs.  This also clears
    system_wide_priority_strings_init upon unloading and before reloading
    the config file (thanks to Alexander Sosedkin).
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Thu Oct 21 12:46:56 2021 +0200

    .gitlab-ci.yml: add caching to cppcheck
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Tue Oct 26 07:50:16 2021 +0200

    devel: update release procedure taking into account of abi-dump
    
    As the *.abi files have been moved into a separate repository, we need
    an extra step to update the repository for new release.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Wed Oct 20 17:49:56 2021 +0200

    NEWS: add a notice of insecure-hash filtering ciphersuites on PRF
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Wed Oct 20 14:37:07 2021 +0200

    tests: add system-override-hash-influences-prf
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Wed Oct 20 14:36:44 2021 +0200

    priority: filter out ciphersuites with prf blocked by insecure-hash
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: Alexander Sosedkin <asosedkin@redhat.com>
Date:   Wed Oct 20 14:34:58 2021 +0200

    priority: refactor ciphersuite filtering
    
    Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>

Author: František Krenželok <krenzelok.frantisek@gmail.com>
Date:   Fri May 14 15:56:06 2021 +0200

    ktls: basic implementation of SW mode
    
    ktls enables us to offload encryption/decryption to the kernel
    
    prerequisites:
            - configured with `--enable-ktls`
            - tls module `modprobe tls` check with 'lsmod | grep tls'
            - per connection:
                    gnutls_transport_set_int{2} must be set
    
    When prerequisities are met then ktls is used by default.
    
    If GnuTLS encounters a error during KTLS initialization, it will
    not use ktls and fallback to userspace.
    
    Signed-off-by: Frantisek Krenzelok <krenzelok.frantisek@gmail.com>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Oct 18 16:27:46 2021 +0200

    devel: make use of abidw --drop-private-types
    
    This will produce more compact abixml output.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Mon Oct 18 11:49:46 2021 +0200

    devel: move .abi files into a separate repository
    
    Changes to the .abi files are a bit too noisy to track in the main
    repository.  This moves the files out of this repository and embed it
    as a git submodule.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Steve Lhomme <robux4@ycbcr.xyz>
Date:   Thu Sep 23 09:03:50 2021 +0200

    fix mingw64 detection
    
    __MINGW64__ is only defined for 64 bits builds of mingw64 [1].
    The intended test what to only use the CertEnumCRLsInStoreFunc via LoadLibrary
    for some ancient mingw32 build and never for mingw64.
    
    __MINGW64_VERSION_MAJOR is a proper define to identify mingw64 against mingw32.
    
    [1] https://sourceforge.net/p/predef/wiki/Compilers/
    
    Co-authored-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
    
    Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Fri Sep 17 11:03:25 2021 +0200

    wrap_nettle_hash_exists: add missing hash algorithms
    
    This adds SHAKE-128, SHAKE-256, and RIPEMD-160 to the supported
    algorithms by nettle.  While SHAKEs are not a hash algorithm but an
    XOF, it would be consistent to report they are implemented.
    
    The simple test is expanded to exercise the code
    path (gnutls_digest_get_id → wrap_nettle_hash_exists).
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daiki Ueno <ueno@gnu.org>
Date:   Sat Sep 18 07:18:59 2021 +0200

    fuzz: explicitly supply LDFLAGS to clang++ command line
    
    This prevented fuzzer programs being linked in Ubuntu 20.03, used in
    oss-fuzz.
    
    Signed-off-by: Daiki Ueno <ueno@gnu.org>

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri Sep 17 16:37:24 2021 -0400

    lib/x509: Avoid memcpy when string is empty
    
    This fixes an ASAN warning in fuzz/gnutls_private_key_parser_fuzzer
    when run against the malformed private key
    fuzz/gnutls_private_key_parser_fuzzer.in/10a5c92fa30ddb6cbb4286d7699b2b7a7e032b17
    
    Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Aug 11 17:31:40 2021 -0400

    NEWS: added news about certtool handling x448 and x25519
    
    Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Aug 11 15:59:21 2021 -0400

    tests: add test for generating x25519 and x448 certificates
    
    These certs should work just fine for the purposes of cryptographic
    e-mail (S/MIME).
    
    These usage flags are also used in the end-entity certificates found
    in https://datatracker.ietf.org/doc/draft-ietf-lamps-samples/
    
    Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri May 14 17:14:41 2021 -0400

    tests: update details about sample X25519 certificate
    
    Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri May 7 20:14:53 2021 -0400

    certtool: add x448 and x25519 for --key-type
    
    This is a simple extension of the certtool command-line interface.
    
    Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri May 7 22:25:41 2021 -0400

    certtool: when making X25519 or X448 certs, always use "key agreement"
    
    This is related to #1227 -- but in this case, it's enforcing a
    requirement of RFC 8410 §5.
    
    Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri May 7 21:53:47 2021 -0400

    x509: handle X25519 and X448 in read_pubkey
    
    _gnutls_x509_read_ecdh_pubkey is basically a clone of
    _gnutls_x509_read_eddsa_pubkey.  Another form of implementation
    would be to collapse these two static functions into a common
    function for all "CFRG" curves.
    
    Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri May 7 21:30:53 2021 -0400

    nettle: handle X25519 and X448 in pk_fixup
    
    Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri May 7 20:23:41 2021 -0400

    x509: enable importing secret keys for X448 and X25519.
    
    _decode_pkcs8_modern_ecdh_key is virtually the same as
    _decode_pkcs8_eddsa_key.  Another implementation would be
    to collapse these two functions into one, since their structure
    is identical.
    
    Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri May 7 19:53:28 2021 -0400

    Enable X25519 and X448 everywhere that EdDSA is supported.
    
    These are just trivial extension points where the codepath is the same
    for the ECDH scheme as it is for the EdDSA scheme.
