luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2025-02-24 03:02:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,183 Commits 298 Branches 584 Tags
Commit Graph

8 Commits

Author SHA1 Message Date
Colin Walters
3befcf1eb3 Add a gnutls backend for GHmac 
For RHEL we want apps to use FIPS-certified crypto libraries,
and HMAC apparently counts as "keyed" and hence needs to
be validated.

Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1630260
Replaces: https://gitlab.gnome.org/GNOME/glib/merge_requests/897

This is a build-time option that backs the GHmac API with GnuTLS.
Most distributors ship glib-networking built with GnuTLS, and
most apps use glib-networking, so this isn't a net-new library
in most cases.

=======================================================================

mcatanzaro note:

I've updated Colin's original patch with several enhancements:

Implement g_hmac_copy() using gnutls_hmac_copy(), which didn't exist
when Colin developed this patch.

Removed use of GSlice

Better error checking in g_hmac_new(). It is possible for
gnutls_hmac_init() to fail if running in FIPS mode and an MD5 digest is
requested. In this case, we should return NULL rather than returning a
broken GHmac with a NULL gnutls_hmac_hd_t. This was leading to a later
null pointer dereference inside gnutls_hmac_update(). Applications are
responsible for checking to ensure the return value of g_hmac_new() is
not NULL since it is annotated as nullable. Added documentation to
indicate this possibility.

Properly handle length -1 in g_hmac_update(). This means we've been
given a NUL-terminated string and should use strlen(). GnuTLS doesn't
accept -1, so let's call strlen() ourselves.

Crash the application with g_error() if gnutls_hmac() fails for any
reason. This is necessary because g_hmac_update() is not fallible, so we
have no way to indicate error. Crashing seems better than returning the
wrong result later when g_hmac_get_string() or g_hmac_get_digest() is
later called. (Those functions are also not fallible.) Fortunately, I
don't think this error should actually be hit in practice.

https://gitlab.gnome.org/GNOME/glib/-/merge_requests/903
 2021-07-01 16:05:25 -05:00
Xavier Claessens
62c4768423 Meson: Add missing options and conform to naming guidelines 
https://bugzilla.gnome.org/show_bug.cgi?id=790837
 2017-12-19 14:56:11 -05:00
Nirbheek Chauhan
c603ba301d meson: Add 'charsetalias-dir' option mirroring the autotools one 
This fixes the build again.
 2017-11-22 04:43:05 +05:30
Emmanuele Bassi
bfd307855b meson: Allow toggling internal/system PCRE dependency 
We don't always want to build GLib with a dependency on the system's
PCRE. The Autotools build allows this, and so should the Meson build.
 2017-07-21 14:04:49 +01:00
Nirbheek Chauhan
88e437873a meson: Detect with-docs and with-man automatically 
By default, only build man pages and gtk-doc if the build-deps were
found. To force-enable, pass -Dwith-docs=yes and -Dwith-man=yes.

Also use a foreach loop for man pages instead of listing them all
manually
 2017-07-13 19:03:39 -04:00
Tim-Philipp Müller
d29f022b0b meson: add support for dtrace/systemtap 
Still at least one FIXME. And untested so far. It builds.
 2017-07-13 19:03:39 -04:00
Nirbheek Chauhan
e2da3cb599 meson: Port to latest master (2.51.0) 
Also remove headers from some gio sources. Headers do not need to be
added to the list of sources.

+ various smaller self-explanatory fixes.
 2017-07-13 19:03:39 -04:00
Patrick Griffis
a690e2a375 meson: More build fixes 
- Fix installing various data files
- Build translations
 2017-07-13 19:03:39 -04:00