Branch: refs/heads/stable1-proposed Home: https://github.com/kronosnet/kronosnet Commit: 87c728de71b17db0eaf0b02240998336b9febc38 https://github.com/kronosnet/kronosnet/commit/87c728de71b17db0eaf0b022409983... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2026-05-17 (Sun, 17 May 2026)
Changed paths: M libknet/Makefile.am M libknet/crypto.c M libknet/crypto_nss.c M libknet/libknet.h M libknet/libknet_exported_syms M libknet/tests/api-check.mk A libknet/tests/api_knet_get_crypto_cipher_list.c A libknet/tests/api_knet_get_crypto_hash_list.c M man/Makefile.am
Log Message: ----------- Add API to enumerate supported cipher modes and hash algorithms
Implements issue #478 by introducing two new API functions: - knet_get_crypto_cipher_list(): Returns AES cipher modes (CBC/CTR) supported across all crypto backends - knet_get_crypto_hash_list(): Returns hash algorithms supported across all crypto backends
Both functions return the intersection of capabilities across OpenSSL, NSS, and libgcrypt backends. Applications can reliably use any returned cipher/hash combination regardless of which crypto module is loaded.
The cipher list includes both OpenSSL-style hyphenated names (aes-128-cbc) and NSS/libgcrypt non-hyphenated names (aes128) as separate entries.
New structures: - knet_crypto_cipher_info: const char *name, const char *mode, int key_bits - knet_crypto_hash_info: const char *name, int hash_bits
Updated NSS parser to accept hyphenated CBC cipher names (aes-128-cbc, aes-192-cbc, aes-256-cbc) in addition to non-hyphenated variants.
Includes comprehensive tests verifying all returned ciphers and hashes work with all three crypto backends.
Signed-off-by: Fabio M. Di Nitto fabbione@kronosnet.org Co-Authored-By: Claude Sonnet 4.5 noreply@anthropic.com
Commit: 78193e8ce1a90a7a046c1cd376488889bc3ecea3 https://github.com/kronosnet/kronosnet/commit/78193e8ce1a90a7a046c1cd3764888... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2026-05-17 (Sun, 17 May 2026)
Changed paths: M libknet/logging.c M libknet/threads_tx.c
Log Message: ----------- Suppress Coverity false positives for MISSING_LOCK and UNINIT
Fixed two Coverity false positive warnings:
1. MISSING_LOCK in threads_tx.c (_dispatch_to_local): - Access to knet_h->sockfd[channel].is_created flagged as unguarded - Lock is actually held by caller (_handle_send_to_links_thread) - Added local variable to read value once with suppression annotation
2. UNINIT in logging.c (log_msg): - va_list 'ap' flagged as uninitialized before va_start - va_start IS the initialization, but Coverity doesn't understand this - Restructured early returns and added suppression annotation
Both issues are false positives. The code is correct, but Coverity's dataflow analysis cannot detect the lock acquisition in the call chain or understand va_start semantics.
Coverity scan now reports 0 defects (down from 2).
Signed-off-by: Fabio M. Di Nitto fdinitto@redhat.com Co-Authored-By: Claude Sonnet 4.5 noreply@anthropic.com
Commit: 80ca7b23e5feab520e0bce3f20f6afea78f110ce https://github.com/kronosnet/kronosnet/commit/80ca7b23e5feab520e0bce3f20f6af... Author: Fabio M. Di Nitto fdinitto@redhat.com Date: 2026-05-17 (Sun, 17 May 2026)
Changed paths: M libknet/threads_rx.c
Log Message: ----------- Suppress Coverity INCONSISTENT_UNION_ACCESS false positive in threads_rx.c
The PMTUD reply handling in stable1-proposed accesses inbuf->khp_pmtud_size within a switch/case that ensures it's the correct union field (case KNET_HEADER_TYPE_PMTUD_REPLY). Coverity incorrectly flags this as inconsistent with an earlier khp_ping access from a different case.
On main branch, this code was refactored into separate process_pmtud_reply() function (commit c2520f61 from 2020), which breaks the dataflow path that confuses Coverity. Since stable1-proposed maintains the original inline structure, we add a suppression here.
This is a stable1-proposed specific false positive.
Signed-off-by: Fabio M. Di Nitto fabbione@kronosnet.org Co-Authored-By: Claude Sonnet 4.5 noreply@anthropic.com
Compare: https://github.com/kronosnet/kronosnet/compare/ef010fc583e8...80ca7b23e5fe
To unsubscribe from these emails, change your notification settings at https://github.com/kronosnet/kronosnet/settings/notifications