Post
I'm clearly old and stupid. I can't figure out how to submit an issue for #GnuTLS on their gitlab anymore. (I did in the past.)
So here it comes instead: gnutls_certificate_verify_peers2() does not seem to verify ExtendedKeyUsage but gnutls_certificate_verify_peers() does.
Neither case is documented clearly. This has already lead to people submitting vuln reports to gnutls-using apps for this omission.
@bagder Doesn't https://gitlab.com/gnutls/gnutls/-/work_items/new?type=Issue&initialCreationContext=list-route work ?
but I agree that gitlab UI has become horrible since their shift to full AI
@EvenRouault it was not clear to me that work items are issues/bugs. I had to actually click the "new item" button first to get something that says "issue".
It's a horribly user-hostile UI.
@bagder @EvenRouault yes, it's work items now. GnuTLS can't do anything about it, it's a GitLab-wide change, and for the same reasons you can't easily move off GitHub, GnuTLS can't easily move off GitLab yet.
Did you file it as a work item? Otherwise I can probably point somebody to your post on Monday.
@neverpanic @EvenRouault yes, I eventually submitted it
they're "work items" now. I don't want to submit a work item. I want to tell them about a bug I found... 🤔
@bagder Seems to be a general trend these days: My wife just got _ordered_ to talk about "Anliegen", that is "wishes", "inquiries" instead of "task", "tickets", "issues" or "bugs" when talking to employees and the board, but also in the ticket system. Just told her: "Fine for you, wishes are easy to prioritize (and ignore)". Which is just sad.
@bagder Wow, after logging in to gitlab, the interface is really awful.
Still, clicking the blue New Issue button in the middle column seems to be what you want (I got there from the our issue tracker link on https://gnutls.org/support.html).
Install bonfire.cafe
Get the full app experience
