Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Switch from CFSSL to GnuTLS and generate deterministic certificates on every build #11

Open
alexrp opened this issue Dec 18, 2022 · 8 comments
Open

Switch from CFSSL to GnuTLS and generate deterministic certificates on every build #11

alexrp opened this issue Dec 18, 2022 · 8 comments
Assignees
@alexrp
Labels
area: build Issues related to the build system. area: security Issues related to client/server integrity and cryptography. area: vendor Issues related to the vendoring project. state: approved Enhancements and tasks that have been approved.
Milestone
v1.0

Comments

@alexrp
Copy link
Member

alexrp commented Dec 18, 2022
edited
Loading

Blocked on:
@alexrp alexrp added area: build Issues related to the build system. state: blocked Issues that are blocked on some other issue or work. type: feature area: vendor Issues related to the vendoring project. labels Dec 18, 2022
@alexrp alexrp added this to the v1.0 milestone Dec 18, 2022
@alexrp alexrp self-assigned this Dec 18, 2022
@alexrp alexrp added the area: security Issues related to client/server integrity and cryptography. label Jan 1, 2023
@alexrp alexrp added state: approved Enhancements and tasks that have been approved. and removed state: blocked Issues that are blocked on some other issue or work. labels Apr 2, 2023
@alexrp
Copy link
Member Author

alexrp commented Jun 12, 2023

This can be done now that GnuTLS 3.8.0 is released.

alexrp added a commit that referenced this issue Jul 3, 2023
@alexrp
Don't run _GenerateCertificates on build.
22a1f8e 
Only after #11 is done.
@alexrp
Copy link
Member Author

alexrp commented Jul 20, 2023

Or not.

$ certtool --version
C:/Program Files/GnuTLS/bin/certtool.exe: error while loading shared libraries: libssp-0.dll: cannot open shared object file: No such file or directory

@alexrp alexrp added state: blocked Issues that are blocked on some other issue or work. and removed state: approved Enhancements and tasks that have been approved. labels Jul 20, 2023
@alexrp alexrp modified the milestones: v1.0, v2.0 Jul 28, 2023
@alexrp
Copy link
Member Author

alexrp commented Aug 5, 2023

Assigning @Roukanken42 to file a GnuTLS bug for the libssp-0.dll issue because GitLab still refuses to let me use my account. 🤷

@Roukanken42
Copy link
Member

Issue created, go annoy someone to fix your precious account 😛

@alexrp
Copy link
Member Author

alexrp commented Aug 20, 2023

There is little benefit to doing this for non-vendored builds, so this will probably only be done in the (private) vendor project for official builds.

@alexrp alexrp modified the milestones: v2.0, v1.0 Aug 25, 2023
@alexrp
Copy link
Member Author

alexrp commented Aug 25, 2023

The blocker has been fixed; just waiting on a bug fix release of GnuTLS.

@alexrp
Copy link
Member Author

alexrp commented Aug 27, 2023

https://gitlab.com/gnutls/gnutls/-/milestones/40

@alexrp
Copy link
Member Author

alexrp commented Dec 23, 2023
edited
Loading

https://lists.gnupg.org/pipermail/gnutls-help/2023-November/004837.html

Confirmed that certtool.exe in this release works on my end.

@alexrp alexrp added state: approved Enhancements and tasks that have been approved. and removed state: blocked Issues that are blocked on some other issue or work. labels Dec 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alexrp alexrp

Labels
area: build Issues related to the build system. area: security Issues related to client/server integrity and cryptography. area: vendor Issues related to the vendoring project. state: approved Enhancements and tasks that have been approved.
Projects
None yet
Milestone
v1.0
Development

No branches or pull requests
2 participants
@alexrp @Roukanken42