ntbtlsProject
ActivePublic

Members

  • This project does not have any members.

Watchers

  • This project does not have any watchers.

Recent Activity

Aug 28 2020

werner added a comment to T4838: add configure check for zlib to ntbtls.

I think we should make zlib a mandatory dependency.

Aug 28 2020, 7:54 AM · ntbtls, Bug Report
gniibe added a comment to T4838: add configure check for zlib to ntbtls.

Actually, configure already has the check.
If it's really needed to build without zlib, you can use this patch:

From 76920ac034490e4860ad6abe9891e3b1c0813363 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Fri, 28 Aug 2020 11:02:13 +0900
Subject: [PATCH] Until compression is implemented, build with no ZLIB can be
 done.
Aug 28 2020, 4:08 AM · ntbtls, Bug Report
gniibe closed T3207: FASTWIPE_T undefined as Resolved.
Aug 28 2020, 3:01 AM · Testing, ntbtls, Bug Report

Aug 27 2020

werner closed T4597: Support GCM modes for ntbtls. as Resolved.

0.2.0 was just released with support for GCM. Tested against openpgpkeys.pm.me

Aug 27 2020, 9:34 AM · Testing, Feature Request, ntbtls

Jun 3 2020

werner added a commit to T4962: ntbTLS configure dependencies: rT821cd31a8727: Require a maintained version of libgcrypt..
Jun 3 2020, 2:24 PM · ntbtls, Bug Report
werner closed T4962: ntbTLS configure dependencies as Resolved.

Thanks. I bumped it up to be in sync with GnuPG 2.2. It also does not make sense to require a Libgcrypt which has reached end-of-life; Thus we now need 1.8.

Jun 3 2020, 10:45 AM · ntbtls, Bug Report

Jun 1 2020

Angel added a project to T4962: ntbTLS configure dependencies: ntbtls.
Jun 1 2020, 3:10 AM · ntbtls, Bug Report

Apr 10 2020

werner added a comment to T4913: ntbtls: TLS handshake error.

I think I fixed a memory leak on error but no other changes for old code except that the array to old the args now takes void* and not gcry_mpi_t - which does not make a difference.

Apr 10 2020, 12:23 PM · ntbtls
gniibe closed T4913: ntbtls: TLS handshake error as Invalid.

It was a problem of libgcrypt master.
As of today's libgcrypt rC60c179b59e53: sexp: Extend gcry_sexp_extract_param with new format specifiers., it works fine.

Apr 10 2020, 8:08 AM · ntbtls
gniibe added a comment to T4913: ntbtls: TLS handshake error.

It seems it's a falure of ECDH.
I ran a server by s_server and saw following error:

$ openssl s_server -key key.pem -cert cert.pem -accept 44330 -www
Using default temp DH parameters
ACCEPT
140203176436992:error:10067064:elliptic curve routines:ec_GFp_simple_oct2point:buffer too small:../crypto/ec/ecp_oct.c:280:
140203176436992:error:1419C010:SSL routines:tls_process_cke_ecdhe:EC lib:../ssl/statem/statem_srvr.c:3245:
Apr 10 2020, 7:47 AM · ntbtls
gniibe added a comment to T4913: ntbtls: TLS handshake error.

Because it also fails in 0.1.2 (with no GCM support), it seems that it's not GCM thing.

Apr 10 2020, 7:11 AM · ntbtls
gniibe created T4913: ntbtls: TLS handshake error.
Apr 10 2020, 7:10 AM · ntbtls

Mar 12 2020

gniibe added a project to T3207: FASTWIPE_T undefined: Testing.
Mar 12 2020, 6:34 AM · Testing, ntbtls, Bug Report
gniibe changed the status of T4597: Support GCM modes for ntbtls. from Open to Testing.
Mar 12 2020, 6:33 AM · Testing, Feature Request, ntbtls

Feb 6 2020

werner renamed T4838: add configure check for zlib to ntbtls from "make" with "ntbtls-0.1.2" failed to add configure check for zlib to ntbtls.
Feb 6 2020, 9:21 PM · ntbtls, Bug Report
werner triaged T4838: add configure check for zlib to ntbtls as Normal priority.

Install the zlib development package, its name is often "zlib1g-dev". The source requires the header because we plan to eventually support compression.

Feb 6 2020, 9:21 PM · ntbtls, Bug Report

Jul 10 2019

gniibe claimed T4597: Support GCM modes for ntbtls..

I pushed my change as: rT7b2c4d9dd50b: Support GCM.
Please test.

Jul 10 2019, 4:51 AM · Testing, Feature Request, ntbtls

Jul 3 2019

historic_bruno added a comment to T4597: Support GCM modes for ntbtls..
Jul 3 2019, 2:22 PM · Testing, Feature Request, ntbtls

Jul 2 2019

Valodim added a comment to T4597: Support GCM modes for ntbtls..

Done. Hopefully this works now :)

Jul 2 2019, 5:39 PM · Testing, Feature Request, ntbtls
werner added a comment to T4597: Support GCM modes for ntbtls..

Anything using CBC mode - ECC is just fine.

Jul 2 2019, 4:19 PM · Testing, Feature Request, ntbtls
Valodim added a comment to T4597: Support GCM modes for ntbtls..
Which is a bad idea because CBC is still a very common cipher mode.
Jul 2 2019, 4:02 PM · Testing, Feature Request, ntbtls

Jul 1 2019

werner renamed T4597: Support GCM modes for ntbtls. from TLS handshake failed: Fatal alert message received (hkps://keys.openpgp.org, Windows, GPG4Win 3.1.9, NTBTLS 0.1.2) to Support GCM modes for ntbtls..
Jul 1 2019, 5:48 PM · Testing, Feature Request, ntbtls
werner triaged T4597: Support GCM modes for ntbtls. as Normal priority.

They can't agree on a common ciphersuite. The reason is that the server does not support any CBC mode. Which is a bad idea because CBC is still a very common cipher mode.

Jul 1 2019, 5:46 PM · Testing, Feature Request, ntbtls
historic_bruno created T4597: Support GCM modes for ntbtls. in the S1 Public space.
Jul 1 2019, 3:03 PM · Testing, Feature Request, ntbtls

Jun 8 2019

gouttegd added a comment to T4566: dirmngr fails with HTTP 302 redirection to hkps.

If I understand correctly, this is exactly the same problem that the one we encountered some time ago in the code dealing with fetching keys from HTTP (--fetch-keys), and that we fixed with this patch.

Jun 8 2019, 10:17 PM · gnupg (gpg22), dirmngr, Bug Report
dkg added a comment to T4566: dirmngr fails with HTTP 302 redirection to hkps.

fwiw, the bug looks like it's in send_request in ks-engine-hkp.c, which re-uses the http_session object without re-initializing its tls_session member.

Jun 8 2019, 4:16 PM · gnupg (gpg22), dirmngr, Bug Report
dkg updated subscribers of T4566: dirmngr fails with HTTP 302 redirection to hkps.

thanks for the triage, @werner!

Jun 8 2019, 2:20 PM · gnupg (gpg22), dirmngr, Bug Report
werner added a project to T4566: dirmngr fails with HTTP 302 redirection to hkps: gnupg (gpg22).
Jun 8 2019, 10:38 AM · gnupg (gpg22), dirmngr, Bug Report
werner triaged T4566: dirmngr fails with HTTP 302 redirection to hkps as High priority.
Jun 8 2019, 10:38 AM · gnupg (gpg22), dirmngr, Bug Report

Feb 19 2019

gniibe closed T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config as Resolved.
Feb 19 2019, 2:48 AM · npth, libassuan, ntbtls, libgcrypt, libksba

Jan 17 2019

gniibe added a commit to T4305: NtbTLS fails to compile: rTf27c17396c9e: Remove duplicated typedefs..
Jan 17 2019, 5:38 AM · Bug Report, ntbtls
gniibe closed T4305: NtbTLS fails to compile as Resolved.

It is fixed in master branch of the repo.

Jan 17 2019, 3:39 AM · Bug Report, ntbtls
gniibe abandoned D473: Introducing LDADD_FOR_TESTS_KLUDGE to enable 'make check' with LD_LIBRARY_PATH.

Applied.

Jan 17 2019, 1:00 AM · gpgme, libksba, libgcrypt, ntbtls, libassuan, gpgrt

Jan 10 2019

gniibe added a project to D473: Introducing LDADD_FOR_TESTS_KLUDGE to enable 'make check' with LD_LIBRARY_PATH: gpgme.
Jan 10 2019, 2:28 AM · gpgme, libksba, libgcrypt, ntbtls, libassuan, gpgrt
gniibe created D473: Introducing LDADD_FOR_TESTS_KLUDGE to enable 'make check' with LD_LIBRARY_PATH.
Jan 10 2019, 2:28 AM · gpgme, libksba, libgcrypt, ntbtls, libassuan, gpgrt

Dec 30 2018

JW added a project to T4305: NtbTLS fails to compile: Bug Report.
Dec 30 2018, 1:06 AM · Bug Report, ntbtls
JW created T4305: NtbTLS fails to compile in the S1 Public space.
Dec 30 2018, 1:05 AM · Bug Report, ntbtls

Dec 17 2018

werner closed T3982: libgcrypt.m4 is not multilib friendly, a subtask of T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config, as Resolved.
Dec 17 2018, 9:57 AM · npth, libassuan, ntbtls, libgcrypt, libksba

Dec 13 2018

gniibe closed T4232: gpgrt-config Gentoo/Fedora/Arch/Slackware-style multilib support, a subtask of T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config, as Resolved.
Dec 13 2018, 3:38 PM · npth, libassuan, ntbtls, libgcrypt, libksba

Oct 29 2018

gniibe changed the status of T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config from Open to Testing.

New gpg-error.m4 detects gpgrt-config, too.
And configure supplies --libdir when it invokes gpgrt-config.
For other *.m4 (libassuan, ksba, libgcrypt, ntbtls), it is possible for them to check GPGRT_CONFIG to use gpgrt-config if any.
For npth.m4, it can do that too, with no hard dependency to libgpg-error.

Oct 29 2018, 5:57 AM · npth, libassuan, ntbtls, libgcrypt, libksba
gniibe changed the status of T4232: gpgrt-config Gentoo/Fedora/Arch/Slackware-style multilib support, a subtask of T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config, from Open to Testing.
Oct 29 2018, 5:50 AM · npth, libassuan, ntbtls, libgcrypt, libksba

Oct 26 2018

werner added a subtask for T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config: T3982: libgcrypt.m4 is not multilib friendly.
Oct 26 2018, 12:44 PM · npth, libassuan, ntbtls, libgcrypt, libksba

Oct 25 2018

gniibe added a comment to T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config.

A bit tricky, but this would be good to use gpgrt-config by gpg-error.m4.
I say "tricky", because its name is gpg-error.m4 but it configure GPGRT_CONFIG to access to GPG_ERROR_CONFIG.

Oct 25 2018, 8:33 AM · npth, libassuan, ntbtls, libgcrypt, libksba
gniibe added a comment to T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config.

It might be good idea to provide libgcrypt.pc in libgcrypt 1.8.x for forward compatibility with libgpg-error 1.33.

Oct 25 2018, 3:49 AM · npth, libassuan, ntbtls, libgcrypt, libksba
gniibe added a comment to T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config.

Well, I changed my mind. Use of new gpgrt-config requires software update to introduce gpgrt.m4 and update of configure.ac to switch gpgrt from gpg-error, in standard way.
That's too much this time. It's good to defer this change.

Oct 25 2018, 3:06 AM · npth, libassuan, ntbtls, libgcrypt, libksba
gniibe added a comment to T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config.

OK, I'll change to use gpgrt-config, along with requiring newer version of libgpg-error.

Oct 25 2018, 1:14 AM · npth, libassuan, ntbtls, libgcrypt, libksba

Oct 24 2018

werner added a comment to T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config.

May I suggest to use a (new) gpgrt-config instead of the current name libgpg-error-config. The long term plan is to change the name of the library.

Oct 24 2018, 9:06 AM · npth, libassuan, ntbtls, libgcrypt, libksba
gniibe updated the task description for T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config.
Oct 24 2018, 2:37 AM · npth, libassuan, ntbtls, libgcrypt, libksba
gniibe updated the task description for T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config.
Oct 24 2018, 2:33 AM · npth, libassuan, ntbtls, libgcrypt, libksba
gniibe added a comment to T4217: {libksba,libgcrypt,ntbtls,libassuan,npth}.m4, {libksba,libgcrypt,ntbtls,libassuan}-config script and gpg-error-config.

This is the dependency graph:

Oct 24 2018, 2:32 AM · npth, libassuan, ntbtls, libgcrypt, libksba