1
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3
* NEWS, configure.ac, m4/hooks.m4: bumped version
5
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11
* lib/x509/privkey_pkcs8.c: Revert "Do not crash if password is null
12
and GNUTLS_PKCS_PLAIN is not specified." This allows decrypting PKCS
13
#12 structures that are encrypted with a NULL password (which is
14
different than empty). This reverts commit 7b20e72332e3e5238e8236375a2a82b1387e2e06.
16
2012-08-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
18
* NEWS: documented update
1
2013-07-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5
2013-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9
2013-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11
* lib/gnutls_record.c: allow empty fragments with padding.
13
2013-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
15
* tests/record-sizes-range.c: corrected test
17
2013-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
19
* tests/Makefile.am, tests/record-sizes-range.c: Added test for the
22
2013-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
24
* lib/gnutls_dtls.c, tests/mini-overhead.c: corrected overhead
25
calculation in AEAD ciphers.
27
2013-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
29
* configure.ac: Correctly report unicode status in win32 API
31
2013-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
33
* lib/Makefile.am: correctly link with librt when needed.
35
2013-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
37
* configure.ac, lib/Makefile.am, lib/system.c: link with libiconv
40
2013-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
44
2013-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
46
* build-aux/snippet/unused-parameter.h, configure.ac,
47
gl/Makefile.am, gl/c-strcase.h, gl/c-strcasecmp.c,
48
gl/c-strncasecmp.c, gl/iconv.c, gl/iconv.in.h, gl/iconv_close.c,
49
gl/iconv_open-aix.gperf, gl/iconv_open-hpux.gperf,
50
gl/iconv_open-irix.gperf, gl/iconv_open-osf.gperf,
51
gl/iconv_open-solaris.gperf, gl/iconv_open.c,
52
gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/iconv_h.m4,
53
gl/m4/iconv_open-utf.m4, gl/m4/iconv_open.m4, gl/m4/inline.m4,
54
gl/m4/intl.m4, gl/m4/libunistring-base.m4, gl/m4/locale-fr.m4,
55
gl/m4/locale-ja.m4, gl/m4/locale-tr.m4, gl/m4/locale-zh.m4,
56
gl/m4/locale_h.m4, gl/m4/localename.m4, gl/m4/po.m4,
57
gl/m4/setlocale.m4, gl/tests/Makefile.am, gl/tests/locale.in.h,
58
gl/tests/localename.c, gl/tests/localename.h, gl/tests/setlocale.c,
59
gl/tests/test-c-strcase.sh, gl/tests/test-c-strcasecmp.c,
60
gl/tests/test-c-strncasecmp.c, gl/tests/test-iconv-h.c,
61
gl/tests/test-iconv-utf.c, gl/tests/test-locale.c,
62
gl/tests/test-localename.c, gl/tests/test-setlocale1.c,
63
gl/tests/test-setlocale1.sh, gl/tests/test-setlocale2.c,
64
gl/tests/test-setlocale2.sh, gl/tests/unistr/test-u8-mbtoucr.c,
65
gl/tests/unistr/test-u8-uctomb.c, gl/unistr.in.h,
66
gl/unistr/u8-mbtoucr.c, gl/unistr/u8-uctomb-aux.c,
67
gl/unistr/u8-uctomb.c, gl/unitypes.in.h: Removed LGPLv3 gnulib
68
components. This removes the gnulib iconv, and uses libc or libiconv if needed.
70
2013-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
72
* NEWS: released 3.2.3pre0
74
2013-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
76
* doc/Makefile.am, doc/manpages/Makefile.am: Added new functions
78
2013-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
80
* NEWS, configure.ac, m4/hooks.m4: bumped version
82
2013-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
84
* lib/gnutls_int.h, lib/gnutls_record.h: use common macros to
85
calculate the overhead.
87
2013-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
89
* lib/ext/new_record_padding.c, lib/gnutls_cipher.c,
90
lib/gnutls_constate.c, lib/gnutls_constate.h,
91
lib/gnutls_extensions.c, lib/gnutls_extensions.h,
92
lib/gnutls_handshake.c, lib/gnutls_int.h: The after handshake
93
function is now called before epoch change. This allows enabling certain features, such as the new record
94
padding, prior to exchanging finished messages.
96
2013-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
98
* tests/record-sizes.c: test sending and receiving the maximum
99
allowed TLS buffer size.
101
2013-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
103
* configure.ac: corrected guile-site-dir option. Patch by Steve
106
2013-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
108
* lib/gnutls_record.h: Do not count pad and MAC as received data.
110
2013-07-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
112
* lib/gnutls_record.c: simplified decrypted data allocation.
114
2013-07-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
118
2013-07-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
120
* lib/gnutls_buffers.c, lib/gnutls_record.c, lib/gnutls_record.h:
123
2013-07-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
125
* lib/gnutls_cipher.c, lib/gnutls_record.c: When in compatibility
126
mode allow for larger record sizes than the maximum.
128
2013-07-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
130
* tests/Makefile.am, tests/mini.c, tests/record-sizes.c: Updated
133
2013-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
135
* src/libopts/ag-char-map.h: Applied Bruce Korb's fix on
138
2013-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
140
* src/libopts/ag-char-map.h: Revert "Ignore non-ascii characters in
141
configuration file." This reverts commit b973840f5dff9924108af9574bdee1064e06fb88.
143
2013-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
145
* tests/priorities.c: test also the number of ciphers.
147
2013-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
149
* NEWS, lib/gnutls_priority.c, lib/includes/gnutls/gnutls.h.in,
150
lib/libgnutls.map: Added helper functions to export the available
151
ciphers in a priority structure
153
2013-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
157
2013-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
159
* tests/Makefile.am, tests/priorities.c: Added a test that checks
160
whether the priorities behave as expected (depends on the supported
163
2013-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
165
* lib/gnutls_priority.c: When adding a bulk of priorities make sure
166
they don't replace the whole list. Reported by Stefan Buehler.
168
2013-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
170
* doc/cha-gtls-app.texi: doc update
172
2013-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
174
* doc/cha-gtls-app.texi: updated doc
176
2013-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
178
* src/libopts/ag-char-map.h: Ignore non-ascii characters in
179
configuration file. This is a quick fix for
181
http://lists.infradead.org/pipermail/openconnect-devel/2013-July/001126.html
183
2013-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
185
* Makefile.am: make sure that the .info files are as new as the pdfs
188
2013-07-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
190
* doc/examples/Makefile.am, doc/examples/ex-serv-x509.c: X.509
191
server example updated to include OCSP stapling
193
2013-07-16 Matt Whitlock <matt@whitlock.name>
195
* lib/gnutls_buffers.c: avoid leaking a buffer element when
196
_gnutls_stream_read returns 0
198
2013-07-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
200
* lib/gnutls_x509.c: doc update
202
2013-07-17 Stefan Bühler <stbuehler@web.de>
204
* lib/gnutls_priority.c: gnutls priority string parsing bug fix Fix priority string parsing (example: "NONE:+MAC-ALL:-SHA1:+SHA1"
205
misses SHA1 and has MD5 twice) prio_remove doesn't zero the removed element, prio_add (and perhaps
206
other functions) assumes the list to be zero terminated. Make prio_remove zero the element at the end, and use the actual
207
length of the list in prio_add. Relying on the trailing zero will fail if the list is full, and
208
might lead to invalid memory accesses as the loop won't stop until
209
it finds either the algorithm identifier or 0.
211
2013-07-17 Adam Sampson <ats@offog.org>
213
* tests/anonself.c, tests/dhepskself.c, tests/openpgpself.c,
214
tests/pskself.c, tests/resume-dtls.c, tests/resume.c,
215
tests/x509dn.c, tests/x509self.c: Disable tests that use socketpair
216
on _WIN32. socketpair isn't provided on Windows, so these tests should just
217
exit 77. Note that resume-dtls.c already had a guard like this -- I've
218
rewritten it to match the others, but socketpair (presumably!) isn't
219
the only reason that test is disabled on Win32. Signed-off-by: Adam Sampson <ats@offog.org>
221
2013-07-16 Adam Sampson <ats@offog.org>
223
* tests/anonself.c, tests/dhepskself.c, tests/openpgpself.c,
224
tests/pskself.c, tests/resume-dtls.c, tests/resume.c,
225
tests/x509dn.c, tests/x509self.c: Use socketpair() rather than TCP
226
connections. Besides simplifying the code, this also makes it possible to run
227
"make check" in parallel -- previously this didn't work because
228
several tests were trying to bind the same port. Signed-off-by: Adam Sampson <ats@offog.org>
230
2013-07-16 Adam Sampson <ats@offog.org>
232
* tests/anonself.c, tests/dhepskself.c, tests/openpgpself.c,
233
tests/pskself.c, tests/resume-dtls.c, tests/resume.c,
234
tests/x509dn.c, tests/x509self.c: Detect socket() error responses
235
correctly. The code was testing the wrong variable... Signed-off-by: Adam Sampson <ats@offog.org>
237
2013-07-16 Adam Sampson <ats@offog.org>
239
* doc/scripts/gdoc: Avoid depending on hash order in gdoc. Previously, gdoc had a hash of regexp replacements for each output
240
format, and applied the replacements in the order that "keys"
241
returned for the hash. However, not all orders are safe -- and now
242
that Perl 5.18 randomises hash order per-process, it only worked
243
sometimes! For example, this order is OK: 'is a #gnutls_session_t structure.' '\@([A-Za-z0-9_]+)\s*' -> 'is a
244
#gnutls_session_t structure.' '\%([A-Za-z0-9_]+)' -> 'is a
245
#gnutls_session_t structure.' '\#([A-Za-z0-9_]+)' -> 'is a
246
@code{gnutls_session_t} structure.' '([A-Za-z0-9_]+\(\))' -> 'is a
247
@code{gnutls_session_t} structure.' This one, however, winds up producing invalid texinfo: 'is a #gnutls_session_t structure.' '\%([A-Za-z0-9_]+)' -> 'is a
248
#gnutls_session_t structure.' '([A-Za-z0-9_]+\(\))' -> 'is a
249
#gnutls_session_t structure.' '\#([A-Za-z0-9_]+)' -> 'is a
250
@code{gnutls_session_t} structure.' '\@([A-Za-z0-9_]+)\s*' -> 'is a
251
@code{code} {gnutls_session_t} structure.' This patch turns the hash into a list, so the replacements will
252
always be done in the intended order. Signed-off-by: Adam Sampson <ats@offog.org>
254
2013-07-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
256
* tests/dtls/dtls-stress.c, tests/mini-dtls-heartbeat.c,
257
tests/mini-dtls-large.c, tests/mini-dtls-rehandshake.c,
258
tests/mini-dtls-srtp.c, tests/mini-loss-time.c: Run DTLS tests under
259
reliable transports to avoid unexpected packet loss.
261
2013-07-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
263
* lib/Makefile.am: Link with librt when needed. Reported by Joern
266
2013-07-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
268
* lib/gnutls_constate.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
269
lib/gnutls_range.c, lib/gnutls_session_pack.c: eliminated the need
270
for the additional version variable.
272
2013-07-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
274
* cross.mk: updated w32 makefile
276
2013-07-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
278
* build-aux/config.rpath, gl/Makefile.am, gl/argp-help.c,
279
gl/c-ctype.h, gl/fseeko.c, gl/m4/extensions.m4,
280
gl/m4/extern-inline.m4, gl/m4/fseeko.m4, gl/m4/gnulib-comp.m4,
281
gl/m4/lock.m4, gl/m4/manywarnings.m4, gl/m4/stdalign.m4,
282
gl/m4/warnings.m4, gl/msvc-inval.c, gl/stdalign.in.h,
283
gl/stdio.in.h, gl/tests/Makefile.am, gl/tests/getcwd-lgpl.c,
284
gl/tests/ignore-value.h, gl/tests/malloca.c,
285
gl/tests/test-getaddrinfo.c, gl/tests/test-snprintf.c,
286
gl/tests/test-sys_socket.c, gl/tests/test-vasnprintf.c,
287
gl/tests/test-vsnprintf.c, gl/vasnprintf.c, gl/verify.h, maint.mk:
290
2013-07-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
292
* NEWS: released 3.2.2
294
2013-07-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
296
* lib/gnutls_global.c: doc update
298
2013-07-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
300
* lib/includes/gnutls/gnutls.h.in: typo fix
302
2013-07-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
304
* src/common.c: gnutls-cli -l prints the supported digest algorithms
307
2013-07-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
309
* lib/gnutls_handshake.c: corrected return value.
311
2013-07-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
313
* configure.ac: Check for nanosleep in librt, when not in libc.
314
Reported by Joern Clausen.
316
2013-07-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
318
* lib/gnutls_int.h: corrected typo
320
2013-07-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
322
* README-alpha: updated
324
2013-07-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
326
* lib/gnutls_int.h: try to reduce memory in internal structure
328
2013-07-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
330
* NEWS, lib/gnutls_handshake.c, lib/gnutls_int.h,
331
lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in,
332
tests/mini-x509-callbacks.c: Allow hooks to be called before or
333
after generation/receiving.
335
2013-07-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
337
* lib/gnutls_handshake.c, lib/gnutls_state.c,
338
lib/includes/gnutls/gnutls.h.in: Revert "simplified hook function,
339
to apply only to post-processing or generation of messages." This reverts commit 7b14a8217b78aaf3367d13181237bf937292f5ba.
341
2013-07-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
345
2013-07-10 Gustavo Zacarias <gustavo@zacarias.com.ar>
347
* lib/accelerated/cryptodev.c: Eliminate reset from cryptodev hashes
348
and mac It wasn't done in 73ec74c2 and 6f0ecbf4 for cryptodev causing build
349
failures. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
351
2013-07-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
353
* lib/algorithms/mac.c: doc update
355
2013-07-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
359
2013-07-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
363
2013-07-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
365
* lib/gnutls_handshake.c: make sure that the hook function is always
368
2013-07-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
370
* doc/Makefile.am, doc/manpages/Makefile.am: New functions added
372
2013-07-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
374
* configure.ac, m4/hooks.m4: bumped version
376
2013-07-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
378
* lib/gnutls_handshake.c: When resuming a session send only the
379
mandatory extensions. That will make server behavior to conform to TLS RFC. Reported by
382
2013-07-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
384
* lib/ext/srtp.c: corrected typo
386
2013-07-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
390
2013-07-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
392
* lib/ext/srtp.c: Include MKI size in size calculations for the
393
extension. This prevents a parsing error when MKI is being used. Reported by
396
2013-07-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
398
* src/benchmark.h: Fix for NetBSD systems that do not have
399
CLOCK_PROCESS_CPUTIME_ID. Patch by Thomas Klausner.
401
2013-07-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
403
* src/certtool.c: make sure that a valid number of days is entered
405
2013-07-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
407
* doc/DCO.txt: Added DCO
409
2013-07-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
411
* lib/libgnutls.map: added new functions
413
2013-07-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
415
* tests/mini-dtls-hello-verify.c: simplified structure
417
2013-07-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
419
* lib/gnutls_handshake.c: corrected issue in client hello verify.
421
2013-07-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
423
* NEWS, lib/algorithms/mac.c, lib/gnutls_int.h,
424
lib/includes/gnutls/gnutls.h.in: Added helper functions for digests.
426
2013-07-04 Stef Walter <stefw@redhat.com>
428
* lib/pkcs11.c: pkcs11: Use the correct attribute length for
429
CKA_TRUSTED CKA_TRUSTED is a CK_BBOOL value in PKCS#11. Since object searches
430
are done with the attribute byte values, we need to get the length
431
exactly right. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
433
2013-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
435
* tests/mini-x509-callbacks.c: updated for new callback format
437
2013-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
439
* lib/gnutls_priority.c: corrected typo
441
2013-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
443
* .gitignore: more files to ignore
445
2013-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
447
* lib/gnutls_dtls.c: doc update
449
2013-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
451
* lib/gnutls_priority.c: when removing a cipher priority, make sure
454
2013-06-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
456
* NEWS, lib/gnutls_dtls.c, lib/includes/gnutls/gnutls.h.in:
457
gnutls_record_overhead_size2 -> gnutls_est_record_overhead_size
459
2013-07-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
461
* lib/crypto-api.c: doc update
463
2013-06-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
465
* po/eo.po.in, po/fi.po.in: Sync with TP.
467
2013-06-28 Ludovic Courtès <ludo@gnu.org>
469
* guile/src/core.c: guile: Keep a weak reference on objects
470
aggregated by other objects. Before, in cases such as `set-anonymous-server-dh-parameters!' where
471
the C object beneath CRED keeps a pointer to the C object beneath
472
DH_PARAMS, DH_PARAMS could be garbage-collected before CRED, leading
473
to the destruction of the underlying C object. Reported by Nikos Mavrogiannopoulos <nmav@gnutls.org>.
475
2013-06-28 Ludovic Courtès <ludo@gnu.org>
477
* guile/tests/anonymous-auth.scm, guile/tests/openpgp-auth.scm,
478
guile/tests/x509-auth.scm: guile: tests: Use `port->fdes' rather
479
than `fileno'. This has no practical impact, but it's a better way to express that
480
we don't want the file descriptors closed behind our back.
482
2013-06-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
484
* doc/cha-cert-auth.texi: removed unsupported RSA-EXPORT
486
2013-06-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
488
* doc/cha-bib.texi, doc/cha-intro-tls.texi, doc/latex/gnutls.bib:
489
documented private extensions
491
2013-06-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
493
* lib/gnutls_handshake.c, lib/gnutls_state.c,
494
lib/includes/gnutls/gnutls.h.in: simplified hook function, to apply
495
only to post-processing or generation of messages.
497
2013-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
499
* lib/gnutls_record.c: documented dtls behavior.
501
2013-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
503
* lib/gnutls_dtls.c: enforce the maximum TLS size when setting MTU
505
2013-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
507
* tests/mini-dtls-large.c: make sure that no DTLS MTU size can
510
2013-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
512
* lib/Makefile.am, lib/nettle/Makefile.am: Revert "Add nettle
513
dependencies to libcrypto.la" This reverts commit f3ef68f4f79434fadc3f28c649744e57f3eef99b.
515
2013-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
517
* tests/Makefile.am, tests/mini-dtls-large.c: Added test to verify
518
whether DTLS layer will send GNUTLS_E_LARGE_PACKET on large packets
520
2013-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
522
* po/cs.po.in: Sync with TP.
524
2013-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
526
* lib/gnutls_dh_primes.c: check for zero values when import DH
529
2013-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
531
* po/de.po.in, po/nl.po.in, po/pl.po.in, po/uk.po.in, po/vi.po.in:
534
2013-06-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
538
2013-06-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
540
* NEWS, lib/debug.c, lib/debug.h, lib/gnutls_handshake.c,
541
lib/gnutls_int.h, lib/gnutls_state.c,
542
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
543
tests/mini-x509-callbacks.c: Added
544
gnutls_handshake_set_hook_function() to allow hooks on arbitrary
547
2013-06-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
549
* doc/announce.txt: added BCC to avoid forgetting it in the future
551
2013-06-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
553
* doc/invoke-tpmtool.texi, doc/manpages/tpmtool.1: doc update
555
2013-06-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
557
* NEWS, lib/gnutls_dtls.c, lib/gnutls_state.c,
558
lib/includes/gnutls/dtls.h, lib/includes/gnutls/gnutls.h.in,
559
lib/libgnutls.map: avoid the introduction of a new function to
560
disable replay protection.
562
2013-06-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
564
* tests/suite/testcompat-main: changed port to avoid conflicts
566
2013-06-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
568
* tests/mini-overhead.c: small update
570
2013-06-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
572
* src/cli.c: removed unused var
574
2013-06-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
576
* src/tpmtool-args.c, src/tpmtool-args.h: updated tpmtool
579
2013-06-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
581
* NEWS, lib/gnutls_dtls.c, lib/includes/gnutls/gnutls.h.in,
582
lib/libgnutls.map: Added gnutls_record_overhead_size() and Added
583
gnutls_record_overhead_size2().
585
2013-06-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
587
* lib/gnutls_state.c: doc update
589
2013-06-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
591
* NEWS, lib/gnutls_dtls.c, lib/gnutls_int.h, lib/gnutls_record.c,
592
lib/includes/gnutls/dtls.h, lib/libgnutls.map: DTLS replay
593
protection can now be disabled.
595
2013-06-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
597
* lib/gnutls_state.c: doc update
599
2013-06-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
601
* NEWS, lib/algorithms/ciphers.c, lib/includes/gnutls/crypto.h,
602
lib/libgnutls.map: Added gnutls_cipher_get_tag_size().
604
2013-06-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
606
* NEWS, lib/gnutls_x509.c, lib/includes/gnutls/x509.h,
607
lib/libgnutls.map: Added gnutls_certificate_set_trust_list().
609
2013-06-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
611
* lib/auth/cert.c, lib/auth/srp_rsa.c, lib/ext/signature.c,
612
lib/gnutls_cipher.c, lib/gnutls_constate.c, lib/gnutls_handshake.c,
613
lib/gnutls_sig.c: explicit tests for non-null version
615
2013-06-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
617
* lib/gnutls_privkey.c, lib/gnutls_pubkey.c: fix typo
619
2013-06-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
621
* .gitignore: more files to ignore
623
2013-06-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
625
* lib/ext/heartbeat.c, lib/gnutls_dtls.c: corrected heartbeat
626
timeout documentation; reported by Sebastien Decugis.
628
2013-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
630
* build-aux/ar-lib: updated file
632
2013-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
634
* tests/sha2/sha2, tests/sha2/sha2-dsa: avoid common files
636
2013-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
638
* build-aux/test-driver, configure.ac: require automake 1.12.2 for
641
2013-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
643
* lib/gnutls_priority.c: SECURE -> SECURE128
645
2013-06-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
647
* guile/tests/priorities.scm: corrected priority strings
649
2013-06-06 Martin Storsjo <martin@martin.st>
651
* extra/Makefile.am, lib/Makefile.am, lib/accelerated/Makefile.am,
652
lib/accelerated/x86/Makefile.am, lib/algorithms/Makefile.am,
653
lib/auth/Makefile.am, lib/ext/Makefile.am, lib/extras/Makefile.am,
654
lib/opencdk/Makefile.am, lib/openpgp/Makefile.am,
655
lib/x509/Makefile.am: Add NETTLE_CFLAGS in makefiles This is required for using nettle/memxor.h, which now is included
656
implicitly via gnutls_int.h, if the nettle include directories
657
aren't in one of the compiler standard paths. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
659
2013-06-06 Martin Storsjo <martin@martin.st>
661
* src/crywrap/Makefile.am: crywrap: Use the libidn pkg-config
662
include and lib paths Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
664
2013-06-06 Ludovic Courtès <ludo@gnu.org>
666
* guile/tests/Makefile.am: guile: Use `LOG_COMPILER', as required by
669
2013-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
671
* lib/Makefile.am, lib/nettle/Makefile.am: Add nettle dependencies
674
2013-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
676
* lib/nettle/Makefile.am: correctly place cflags
678
2013-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
680
* doc/cha-shared-key.texi: discourage usage of anonymous
683
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
685
* doc/cha-gtls-app.texi, lib/gnutls_global.c: doc update
687
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
689
* lib/Makefile.am, lib/gnutls.pc.in, lib/nettle/Makefile.am,
690
m4/hooks.m4: Directly link to gmp library. Based on original patch
691
by Alon Bar-Lev <alon.barlev@gmail.com>.
693
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
695
* cross.mk: updated cross.mk
697
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
699
* tests/cert-tests/Makefile.am, tests/cert-tests/pem-decoding,
700
tests/dsa/Makefile.am, tests/openpgp-certs/Makefile.am: several
701
updates for tests to run under win32
703
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
705
* lib/system.c: null terminate strings in windows
707
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
709
* cross.mk: updated makefile
711
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
713
* tests/pkcs12-decode/pkcs12: fix windows extension
715
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
717
* tests/pkcs1-padding/Makefile.am: avoid running tests which require
720
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
722
* src/cli.c: avoid struct sigaction in win32
724
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
726
* tests/cert-tests/pem-decoding: Avoid comparing the expiration date
727
to prevent false positive error in 32-bit systems.
729
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
731
* tests/cert-tests/pathlen: Revert "Avoid comparing the expiration
732
date to prevent false positive error in 32-bit systems." This reverts commit 64f9b5787c9b404763f59b3252fe4ef1b862aa00.
734
2013-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
736
* tests/cert-tests/pathlen: Avoid comparing the expiration date to
737
prevent false positive error in 32-bit systems.
739
2013-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
743
2013-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
745
* doc/cha-internals.texi, doc/cha-upgrade.texi: doc updates
747
2013-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
749
* NEWS: updated from 3.2.1
751
2013-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
753
* configure.ac: check for suse's CA bundle file
755
2013-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
757
* lib/openpgp/privkey.c: call cleanup and deinit on the correct
760
2013-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
762
* lib/gnutls_pk.c: avoid calling clear on null values
764
2013-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
766
* configure.ac, lib/Makefile.am, lib/gnutls.pc.in, m4/hooks.m4: use
767
pkg-config to detect nettle
769
2013-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
771
* tests/mini-xssl.c: ignore sigpipe
773
2013-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
775
* lib/algorithms/ciphersuites.c: allow ciphersuites with elliptic
776
curves even when using SSL 3.0. This works around a bug on openssl
777
in certain Debian systems.
779
2013-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
781
* po/LINGUAS, po/eo.po.in: Sync with TP.
783
2013-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
785
* .gitignore: more files to ignore
787
2013-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
789
* tests/mini-xssl.c: updated xssl.
791
2013-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
793
* lib/gnutls_dtls.c: doc update
795
2013-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
797
* tests/mini-overhead.c: document sizes
799
2013-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
801
* lib/gnutls_dtls.c: more precise calculation of overhead
803
2013-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
805
* tests/Makefile.am, tests/mini-overhead.c: Check overhead in DTLS.
807
2013-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
809
* lib/gnutls_dtls.c: doc update
811
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
815
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
817
* configure.ac, m4/hooks.m4: bumped version
819
2013-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
821
* lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in:
822
revert prototype move
824
2013-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
826
* doc/Makefile.am, doc/cha-support.texi, doc/manpages/Makefile.am:
829
2013-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
831
* lib/gnutls_cipher.c, lib/gnutls_cipher_int.c: Eliminated memory
834
2013-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
836
* lib/gnutls_cipher_int.h: corrected likely()
838
2013-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
840
* tests/mini-deflate.c, tests/mini-x509-2.c, tests/mini-x509.c: use
841
various ciphers in tests.
843
2013-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
845
* lib/gnutls_privkey.c: doc update
847
2013-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
849
* tests/mini-dtls-record.c: avoid delays by using a reliable
852
2013-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
854
* .gitignore: removed test file from repository
856
2013-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
858
* tests/mini-record.c: avoid delays by using a reliable transport
861
2013-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
863
* lib/algorithms/ciphers.c, lib/gnutls_cipher.c,
864
lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h: Eliminated memory
867
2013-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
869
* lib/nettle/pk.c: eliminated unused variable
871
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
873
* lib/gnutls_handshake.c: revive gnutls_handshake_get_last_in().
874
Report by Mann Ern Kang.
876
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
878
* lib/gnutls_cipher.c, lib/gnutls_cipher.h, lib/gnutls_record.c:
879
simplified code by passing an mbuffer.
881
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
883
* lib/gnutls_int.h, lib/gnutls_mbuffers.h: better name
885
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
887
* lib/gnutls_pubkey.c: always set hash length
889
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
891
* lib/abstract_int.h, lib/gnutls_pubkey.c, lib/nettle/pk.c:
892
corrected bug with _gnutls_dsa_q_to_hash() usage introduced
895
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
897
* lib/abstract_int.h, lib/algorithms.h,
898
lib/algorithms/ciphersuites.c, lib/algorithms/protocols.c,
899
lib/auth/cert.c, lib/auth/rsa.c, lib/auth/srp_rsa.c,
900
lib/ext/signature.c, lib/gnutls_cipher.c, lib/gnutls_constate.c,
901
lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_kx.c,
902
lib/gnutls_pubkey.c, lib/gnutls_record.c, lib/gnutls_sig.c,
903
lib/gnutls_state.c, lib/gnutls_ui.c: optimized access to TLS
904
protocol version properties.
906
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
908
* lib/abstract_int.h, lib/accelerated/x86/hmac-padlock.c,
909
lib/algorithms.h, lib/algorithms/ciphers.c,
910
lib/algorithms/ciphersuites.c, lib/algorithms/mac.c,
911
lib/algorithms/protocols.c, lib/algorithms/sign.c,
912
lib/crypto-api.c, lib/ext/session_ticket.c, lib/gnutls_cipher.c,
913
lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h,
914
lib/gnutls_constate.c, lib/gnutls_dtls.c, lib/gnutls_handshake.c,
915
lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_int.h,
916
lib/gnutls_pk.c, lib/gnutls_pk.h, lib/gnutls_privkey.c,
917
lib/gnutls_pubkey.c, lib/gnutls_range.c, lib/gnutls_sig.c,
918
lib/gnutls_sig.h, lib/gnutls_srp.c, lib/gnutls_state.c,
919
lib/gnutls_ui.c, lib/nettle/pk.c, lib/opencdk/Makefile.am,
920
lib/opencdk/hash.c, lib/opencdk/pubkey.c, lib/opencdk/seskey.c,
921
lib/opencdk/sig-check.c, lib/opencdk/stream.c, lib/verify-tofu.c,
922
lib/x509/crq.c, lib/x509/ocsp.c, lib/x509/ocsp_output.c,
923
lib/x509/pkcs12.c, lib/x509/pkcs12_encr.c, lib/x509/privkey.c,
924
lib/x509/privkey_pkcs8.c, lib/x509/verify.c, lib/x509/x509.c,
925
lib/x509/x509_int.h: simplified access to cipher and mac properties
926
to reduce wasted cycles.
928
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
930
* extra/gnutls_openssl.c: modified openssl compat API to use the
933
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
935
* lib/libgnutls.map: no longer export internal hash functions
937
2013-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
939
* tests/mini-dtls-hello-verify.c: removed memory leak
941
2013-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
943
* lib/gnutls_num.c, lib/gnutls_num.h: inlined simple functions
945
2013-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
947
* lib/gnutls_mbuffers.c: avoid calloc
949
2013-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
951
* lib/gnutls_record.c: fixes in record version checking
953
2013-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
955
* src/cli.c: use sigaction instead of signal in gnutls-cli
957
2013-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
959
* src/cli.c: Revert "break the loop when a SIGALRM has been
960
received" This reverts commit c3b3a0c6bd14a542e11873ebe0975a5ddd0ab46b.
962
2013-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
964
* src/libopts/m4/libopts.m4: relax check on requirement on headers
965
for libopts. Reported by Mark Brand.
967
2013-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
969
* .gitignore: more files to ignore
971
2013-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
973
* lib/gnutls_record.c: Improved record version checks
975
2013-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
977
* tests/Makefile.am, tests/mini-dtls-hello-verify.c: Added test for
980
2013-05-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
982
* lib/nettle/mac.c: fail on wrong key sizes
984
2013-05-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
986
* NEWS, lib/gnutls_dtls.c: corrected record overhead calculations
988
2013-05-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
990
* lib/gnutls_record.c: more detailed error
992
2013-05-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
994
* lib/gnutls_handshake.c: corrected resumption check
996
2013-05-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1000
2013-05-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1002
* lib/gnutls_record.c: Allow record layer packets with version less
1003
than the negotiated. Allowing such records avoids issue in DTLS client hello request
1006
2013-05-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1008
* lib/gnutls.pc.in: removed undefined variable
1010
2013-05-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1012
* NEWS, lib/gnutls_handshake.c, lib/gnutls_session.c,
1013
lib/gnutls_ui.c, lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map:
1014
gnutls_session_set_id() was added
1016
2013-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1018
* src/cli.c: break the loop when a SIGALRM has been received
1020
2013-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1022
* src/libopts/m4/libopts.m4: configure proceeds if regex library
1025
2013-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1027
* lib/gnutls_str.c: documented function behavior
1029
2013-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1031
* lib/gnutls_str.c: corrected typo
1033
2013-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1035
* lib/gnutls_str.c, lib/nettle/pk.c, lib/opencdk/keydb.c,
1036
lib/opencdk/sig-check.c, lib/x509/common.c,
1037
lib/x509/verify-high2.c, lib/x509/verify.c, lib/x509/x509.c,
1038
lib/xssl.c, libdane/dane.c: several updates
1040
2013-05-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1042
* src/danetool.c: print message on certificate verification
1044
2013-05-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1048
2013-05-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1050
* tests/cert-tests/pem-decoding: more verbose messages
1052
2013-05-10 Tim Kosse <tim.kosse@filezilla-project.org>
1054
* tests/eagain-common.h: When retrying gnutls_record_send due to
1055
GNUTLS_E_AGAIN, also try passing null data and length. Tests will
1056
fail after this patch until next patch is applied that fixes a bug
1057
in gnutls_record_send. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1059
2013-05-10 Tim Kosse <tim.kosse@filezilla-project.org>
1061
* lib/gnutls_record.c: If gnutls_record_send fails with
1062
GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED, the documentation allows
1063
passing null for the data and size on retry. Commit 2ec84d6 broke this usage of gnutls_record_send. This patch
1064
fixes the problem. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1066
2013-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1068
* doc/cha-internals.texi, lib/gnutls_ui.c: typo fixes by Andreas
1071
2013-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1073
* NEWS: released 3.2.0
1075
2013-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1077
* doc/cha-cert-auth2.texi, doc/cha-gtls-app.texi,
1078
doc/cha-gtls-examples.texi: simplified node referencing and add
1081
2013-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1083
* m4/hooks.m4: increased revision
1085
2013-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1087
* doc/Makefile.am, doc/manpages/Makefile.am: doc update
1089
2013-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1091
* NEWS, lib/algorithms/ciphersuites.c: Added more options for
1094
2013-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1096
* src/libopts/m4/libopts.m4: applied libregex patch
1098
2013-05-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1100
* cfg.mk, lib/accelerated/x86/macosx/appro-aes-gcm-x86-64-macosx.s,
1101
lib/accelerated/x86/macosx/appro-aes-x86-64-macosx.s,
1102
lib/accelerated/x86/macosx/appro-aes-x86-macosx.s,
1103
lib/accelerated/x86/macosx/cpuid-x86-64-macosx.s,
1104
lib/accelerated/x86/macosx/cpuid-x86-macosx.s,
1105
lib/accelerated/x86/macosx/padlock-x86-64-macosx.s,
1106
lib/accelerated/x86/macosx/padlock-x86-macosx.s: use C's style
1107
comments to compile in old MacOSX systems. Reported by Ryan Schmidt.
1109
2013-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1111
* doc/cha-auth.texi: doc update
1113
2013-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1115
* lib/ext/alpn.c: clarified doc
1117
2013-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1119
* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
1120
doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
1121
doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
1122
doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
1123
doc/invoke-srptool.texi, doc/invoke-tpmtool.texi,
1124
doc/manpages/tpmtool.1: updated for new autogen
1126
2013-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1128
* tests/mini-alpn.c: updated for new api
1130
2013-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1132
* tests/dtls/dtls-stress.c: updated path
1134
2013-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1136
* src/cli.c: corrected API usage.
1138
2013-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1140
* lib/ext/alpn.c, lib/ext/alpn.h, lib/gnutls_alert.c,
1141
lib/gnutls_errors.c, lib/includes/gnutls/gnutls.h.in: Added support
1142
for the NO_APPLICATION_PROTOCOL alert for ALPN.
1144
2013-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1146
* src/cli-args.c, src/cli-args.def, src/cli-args.h, src/cli.c,
1147
src/common.c: Improved ALPN support in gnutls-cli
1149
2013-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1151
* src/certtool-args.c, src/certtool-args.h, src/cli-args.c,
1152
src/cli-args.h, src/cli-debug-args.c, src/cli-debug-args.h,
1153
src/danetool-args.c, src/danetool-args.h, src/ocsptool-args.c,
1154
src/ocsptool-args.h, src/p11tool-args.c, src/p11tool-args.h,
1155
src/psk-args.c, src/psk-args.h, src/serv-args.c, src/serv-args.h,
1156
src/srptool-args.c, src/srptool-args.h: updated libopts generated
1159
2013-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1161
* src/libopts/COPYING.gplv3, src/libopts/COPYING.lgplv3,
1162
src/libopts/Makefile.am, src/libopts/README,
1163
src/libopts/ag-char-map.h, src/libopts/alias.c,
1164
src/libopts/ao-strs.c, src/libopts/ao-strs.h,
1165
src/libopts/autoopts.c, src/libopts/autoopts.h,
1166
src/libopts/autoopts/options.h, src/libopts/autoopts/project.h,
1167
src/libopts/autoopts/usage-txt.h, src/libopts/boolean.c,
1168
src/libopts/check.c, src/libopts/compat/compat.h,
1169
src/libopts/compat/pathfind.c, src/libopts/compat/snprintf.c,
1170
src/libopts/compat/strchr.c, src/libopts/compat/strdup.c,
1171
src/libopts/compat/windows-config.h, src/libopts/configfile.c,
1172
src/libopts/cook.c, src/libopts/enum.c, src/libopts/env.c,
1173
src/libopts/file.c, src/libopts/find.c, src/libopts/genshell.c,
1174
src/libopts/genshell.h, src/libopts/gettext.h, src/libopts/init.c,
1175
src/libopts/libopts.c, src/libopts/load.c,
1176
src/libopts/m4/libopts.m4, src/libopts/m4/liboptschk.m4,
1177
src/libopts/makeshell.c, src/libopts/nested.c,
1178
src/libopts/numeric.c, src/libopts/option-value-type.c,
1179
src/libopts/option-value-type.h,
1180
src/libopts/option-xat-attribute.c,
1181
src/libopts/option-xat-attribute.h, src/libopts/parse-duration.c,
1182
src/libopts/parse-duration.h, src/libopts/pgusage.c,
1183
src/libopts/proto.h, src/libopts/putshell.c, src/libopts/reset.c,
1184
src/libopts/restore.c, src/libopts/save.c, src/libopts/sort.c,
1185
src/libopts/stack.c, src/libopts/streqvcmp.c,
1186
src/libopts/text_mmap.c, src/libopts/time.c,
1187
src/libopts/tokenize.c, src/libopts/usage.c, src/libopts/version.c:
1188
updated libopts to autogen 5.17.3
1190
2013-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1192
* src/cli-args.def, src/cli.c: Added --alpn option to cli
1194
2013-05-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1196
* configure.ac, m4/hooks.m4: bumped version
1198
2013-05-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1200
* NEWS, lib/algorithms/mac.c, lib/includes/gnutls/gnutls.h.in,
1201
lib/nettle/mac.c: Added umac-128
1203
2013-05-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1205
* src/certtool-cfg.c, src/certtool-cfg.h, src/certtool.c: set the
1206
key purpose in certificate requests
1208
2013-05-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1210
* tests/utils.h: Do not call gnutls_pkcs11_init() when pkcs11 is
1211
disabled. Reported by Linus Nordberg.
1213
2013-05-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1215
* libdane/dane.c, libdane/includes/gnutls/dane.h: corrected typo.
1216
reported by Etan Reisner.
1218
2013-05-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1220
* tests/suite/mini-eagain2.c, tests/suite/mini-record-timing.c:
1221
updated include files
1223
2013-05-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1225
* lib/gnutls_handshake.c: simplified code
1227
2013-05-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1229
* gl/Makefile.am, gl/m4/extern-inline.m4, gl/m4/getdtablesize.m4,
1230
gl/m4/gnulib-comp.m4, gl/tests/Makefile.am,
1231
gl/tests/getdtablesize.c, gl/tests/glthread/threadlib.c,
1232
gl/tests/test-dup2.c, gl/tests/test-getdtablesize.c: updated gnulib
1234
2013-05-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1236
* tests/anonself.c, tests/certder.c,
1237
tests/certificate_set_x509_crl.c, tests/certuniqueid.c,
1238
tests/chainverify-unsorted.c, tests/chainverify.c,
1239
tests/crq_apis.c, tests/crq_key_id.c, tests/cve-2008-4989.c,
1240
tests/cve-2009-1415.c, tests/cve-2009-1416.c, tests/dhepskself.c,
1241
tests/dn.c, tests/dn2.c, tests/dtls/dtls-stress.c, tests/gc.c,
1242
tests/hostname-check.c, tests/infoaccess.c, tests/init_roundtrip.c,
1243
tests/key-openssl.c, tests/mini-alpn.c, tests/mini-deflate.c,
1244
tests/mini-dtls-heartbeat.c, tests/mini-dtls-record.c,
1245
tests/mini-dtls-rehandshake.c, tests/mini-dtls-srtp.c,
1246
tests/mini-eagain-dtls.c, tests/mini-eagain.c,
1247
tests/mini-emsgsize-dtls.c, tests/mini-handshake-timeout.c,
1248
tests/mini-loss-time.c, tests/mini-record-range.c,
1249
tests/mini-record.c, tests/mini-rehandshake.c, tests/mini-tdb.c,
1250
tests/mini-termination.c, tests/mini-x509-2.c,
1251
tests/mini-x509-callbacks.c, tests/mini-x509-cas.c,
1252
tests/mini-x509.c, tests/mini-xssl.c, tests/mini.c, tests/moredn.c,
1253
tests/mpi.c, tests/nul-in-x509-names.c, tests/ocsp.c,
1254
tests/openpgp-auth.c, tests/openpgp-auth2.c,
1255
tests/openpgp-keyring.c, tests/openpgpself.c, tests/openssl.c,
1256
tests/parse_ca.c, tests/pgps2kgnu.c, tests/pkcs12_encode.c,
1257
tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c, tests/pkcs12_simple.c,
1258
tests/pskself.c, tests/resume-dtls.c, tests/resume.c,
1259
tests/rng-fork.c, tests/rsa-encrypt-decrypt.c,
1260
tests/safe-renegotiation/srn0.c, tests/safe-renegotiation/srn1.c,
1261
tests/safe-renegotiation/srn2.c, tests/safe-renegotiation/srn3.c,
1262
tests/safe-renegotiation/srn4.c, tests/safe-renegotiation/srn5.c,
1263
tests/set_pkcs12_cred.c, tests/setcredcrash.c,
1264
tests/slow/cipher-test.c, tests/slow/gendh.c, tests/slow/keygen.c,
1265
tests/srp/mini-srp.c, tests/suite/mini-eagain2.c,
1266
tests/suite/mini-record-timing.c, tests/utils.h,
1267
tests/x509_altname.c, tests/x509cert-tl.c, tests/x509cert.c,
1268
tests/x509dn.c, tests/x509self.c, tests/x509sign-verify.c: When
1269
running tests disable PKCS #11 support to avoid detecting memory
1270
leaks from PKCS #11 libraries.
1272
2013-05-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1274
* lib/gnutls_dtls.c: doc update
1276
2013-04-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1278
* tests/dtls/Makefile.am: link explicitly to librt
1280
2013-04-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1284
2013-04-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1288
2013-04-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1290
* .gitignore, build-aux/config.rpath, build-aux/gendocs.sh,
1291
configure.ac, gl/Makefile.am, gl/gettime.c,
1292
gl/glthread/threadlib.c, gl/intprops.h, gl/m4/clock_time.m4,
1293
gl/m4/frexp.m4, gl/m4/gettime.m4, gl/m4/gnulib-cache.m4,
1294
gl/m4/gnulib-comp.m4, gl/m4/intl.m4, gl/m4/po.m4, gl/m4/putenv.m4,
1295
gl/m4/stdalign.m4, gl/m4/sys_types_h.m4, gl/m4/timer_time.m4,
1296
gl/m4/timespec.m4, gl/sys_select.in.h, gl/sys_time.in.h,
1297
gl/tests/Makefile.am, gl/tests/malloca.h, gl/tests/putenv.c,
1298
gl/timespec.c, gl/timespec.h, gl/unistd.in.h, lib/gnutls_dtls.c,
1299
lib/gnutls_dtls.h, lib/gnutls_state.c, lib/nettle/rnd.c,
1300
lib/system.h, src/benchmark-cipher.c, src/benchmark.c,
1301
src/benchmark.h, tests/suite/Makefile.am,
1302
tests/suite/mini-record-timing.c: Avoid linking the library on
1305
2013-04-27 Stef Walter <stefw@redhat.com>
1307
* tests/suite/mini-record-timing.c: test suite: Add missing header Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1309
2013-04-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1311
* tests/cert-tests/Makefile.am, tests/cert-tests/complex-cert.pem,
1312
tests/cert-tests/pem-decoding: Added test for escaping rules.
1314
2013-04-27 Stef Walter <stefw@redhat.com>
1316
* lib/x509/common.c: Add the standard description OID to those
1317
recognized for DNs Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1319
2013-04-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1321
* lib/x509/common.c, lib/x509/dn.c: Always escape printable strings
1322
the LDAP way, and avoid escaping hex encoded values. Report and
1323
initial patch from Stef Walter.
1325
2013-04-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1327
* lib/x509/common.c, lib/x509/common.h: Do not include null
1328
terminator in DN string. When printing an unknown DN string as hex do not include the null
1329
terminator. Reported by Stef Walter.
1331
2013-04-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1333
* configure.ac: Link against pthread only when pthread_mutex_lock
1336
2013-04-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1338
* lib/accelerated/x86/sha-padlock.c: initialize the digest after
1341
2013-04-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1343
* src/certtool-cfg.c, src/certtool-cfg.h, src/certtool.c,
1344
src/pkcs11.c: read_yesno() accepts a default value. By default
1345
certificates are marked as ok for signing and encryption.
1347
2013-04-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1349
* lib/ext/heartbeat.c, lib/ext/heartbeat.h: updated license
1351
2013-04-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1353
* lib/accelerated/x86/sha-padlock.c, lib/crypto-backend.h,
1354
lib/gnutls_cipher_int.c, lib/gnutls_hash_int.c,
1355
lib/gnutls_hash_int.h, lib/nettle/mac.c: eliminate the reset ability
1358
2013-04-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1360
* lib/accelerated/x86/hmac-padlock.c, lib/crypto-backend.h,
1361
lib/gnutls_cipher_int.c, lib/gnutls_hash_int.c,
1362
lib/gnutls_hash_int.h, lib/nettle/mac.c: Do not handle MAC reset
1363
separately. It is implied by nettle's output function.
1365
2013-04-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1367
* lib/crypto-api.c: updated documentation
1369
2013-04-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1371
* src/benchmark-cipher.c, src/benchmark-tls.c, src/benchmark.c,
1372
src/benchmark.h: updated benchmark output
1374
2013-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1376
* doc/TODO: updated TODO list
1378
2013-04-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1380
* lib/auth/cert.h, lib/gnutls_cert.c, lib/gnutls_x509.c: use the
1381
pass argument on PKCS #11 keys.
1383
2013-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1385
* lib/accelerated/x86/hmac-padlock.c,
1386
lib/accelerated/x86/sha-padlock.c: corrected memory leak in
1389
2013-04-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1391
* doc/cha-intro-tls.texi: mention about experimental protocols
1393
2013-04-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1395
* src/benchmark-tls.c: nettle 2.7 is required
1397
2013-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1399
* doc/cha-crypto.texi: doc update
1401
2013-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1403
* doc/cha-crypto.texi: Added documentation on public key API.
1405
2013-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1407
* doc/cha-gtls-app.texi, lib/gnutls_priority.c: Added priority
1408
string VERS-DTLS-ALL
1410
2013-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1412
* lib/algorithms/mac.c, lib/nettle/cipher.c, lib/nettle/mac.c,
1413
m4/hooks.m4: nettle 2.7 is required
1415
2013-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1417
* NEWS: corrected doc
1419
2013-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1421
* lib/algorithms/mac.c, lib/nettle/cipher.c, lib/nettle/mac.c,
1422
m4/hooks.m4, src/benchmark-tls.c: renamed HAVE_UMAC -> HAVE_NETTLE27
1424
2013-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1426
* lib/algorithms/ciphers.c, lib/algorithms/ciphersuites.c,
1427
lib/includes/gnutls/gnutls.h.in, lib/nettle/cipher.c,
1428
src/benchmark-tls.c: Added ESTREAM salsa20 cipher.
1430
2013-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1432
* lib/nettle/mac.c: better naming of functions
1434
2013-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1436
* lib/algorithms/mac.c, lib/includes/gnutls/gnutls.h.in,
1437
lib/nettle/mac.c, m4/hooks.m4: Updated UMAC code to use nettle's new
1440
2013-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1442
* README: added note about LGPLv3
1444
2013-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1446
* lib/system_override.c: doc update
1448
2013-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1450
* lib/gnutls_buffers.c: use unlikely
1452
2013-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1454
* NEWS: documented update
1456
2013-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1458
* configure.ac, doc/cha-intro-tls.texi, lib/ext/Makefile.am,
1459
lib/ext/alpn.c, lib/ext/alpn.h, lib/gnutls_extensions.c,
1460
lib/gnutls_int.h, lib/includes/gnutls/gnutls.h.in,
1461
lib/libgnutls.map, m4/hooks.m4, tests/Makefile.am,
1462
tests/mini-alpn.c: Added support for the ALPN extension.
1464
2013-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1466
* lib/gnutls_constate.c: removed unused variables
1468
2013-04-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1470
* src/cli-debug.c, src/tests.c, src/tests.h: removed the RSA-EXPORT
1473
2013-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1477
2013-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1479
* doc/cha-cert-auth2.texi, doc/cha-gtls-app.texi,
1480
doc/cha-tokens.texi, lib/gnutls_x509.c,
1481
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
1482
gnutls_certificate_set_x509_key_mem2() and
1483
gnutls_certificate_set_x509_key_file2()
1485
2013-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1487
* doc/cha-cert-auth2.texi, doc/cha-gtls-examples.texi,
1488
lib/gnutls_privkey.c, lib/x509/pkcs12.c, lib/x509/privkey.c: doc
1491
2013-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1493
* lib/algorithms.h, lib/algorithms/ciphers.c,
1494
lib/gnutls_constate.c, lib/gnutls_state.c, lib/gnutls_state.h:
1495
removed TLS export key generation
1497
2013-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1499
* NEWS, configure.ac, doc/cha-gtls-app.texi, lib/Makefile.am,
1500
lib/algorithms.h, lib/algorithms/ciphersuites.c,
1501
lib/algorithms/kx.c, lib/algorithms/publickey.c,
1502
lib/auth/Makefile.am, lib/auth/cert.h, lib/auth/rsa.c,
1503
lib/auth/rsa_export.c, lib/gnutls_auth.c, lib/gnutls_cert.c,
1504
lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_kx.c,
1505
lib/gnutls_priority.c, lib/gnutls_rsa_export.c,
1506
lib/gnutls_rsa_export.h, lib/gnutls_session_pack.c,
1507
lib/gnutls_state.c, lib/gnutls_state.h, lib/gnutls_ui.c,
1508
lib/includes/gnutls/gnutls.h.in, lib/x509/privkey.c,
1509
lib/x509/privkey_openssl.c, lib/x509/privkey_pkcs8.c: Removed the
1510
RSA-EXPORT ciphersuites.
1512
2013-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1514
* NEWS, doc/cha-library.texi, lib/algorithms/ciphersuites.c,
1515
lib/algorithms/protocols.c, lib/gnutls_priority.c,
1516
lib/includes/gnutls/gnutls.h.in, tests/mini-emsgsize-dtls.c: Added
1517
support for DTLS 1.2
1519
2013-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1521
* lib/includes/gnutls/abstract.h, lib/includes/gnutls/compat.h,
1522
lib/includes/gnutls/gnutls.h.in: deprecated
1523
gnutls_privkey_sign_raw_data()
1525
2013-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1529
2013-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1531
* lib/gnutls_range.c: updates in range handling code.
1533
2013-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1535
* tests/Makefile.am, tests/mini-record-range.c: Added test for
1538
2013-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1540
* lib/auth/ecdhe.c: Set the curve priority to calling derive.
1542
2013-04-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1544
* lib/nettle/pk.c: reduce the number of temp variables in ECDH
1546
2013-04-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1548
* src/common.c: print the signatures used.
1550
2013-04-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1552
* lib/ext/signature.c, lib/ext/signature.h, lib/gnutls_int.h,
1553
lib/gnutls_session_pack.c, lib/gnutls_sig.c,
1554
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
1555
gnutls_sign_algorithm_get_client()
1557
2013-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1559
* lib/ext/heartbeat.c, m4/hooks.m4: Changed license of heartbeat
1560
implementation to match the rest of the library
1562
2013-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1564
* doc/cha-internals.texi: updated text
1566
2013-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1568
* lib/ext/heartbeat.c: gnutls_pong() returns zero on success.
1570
2013-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1572
* lib/ext/heartbeat.h: removed function that didn't exist
1574
2013-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1576
* lib/ext/heartbeat.c, lib/ext/heartbeat.h: updated heartbeat
1578
2013-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1580
* tests/mini-dtls-heartbeat.c: Check all error conditions.
1582
2013-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1584
* lib/ext/heartbeat.c: Corrected bug in heartbeat send (reported by
1587
2013-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1589
* NEWS, lib/algorithms.h, lib/algorithms/ecc.c, lib/auth/ecdhe.c,
1590
lib/crypto-backend.h, lib/gnutls_ecc.c, lib/gnutls_ecc.h,
1591
lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/nettle/Makefile.am,
1592
lib/nettle/ecc.h, lib/nettle/ecc_free.c, lib/nettle/ecc_make_key.c,
1593
lib/nettle/ecc_map.c, lib/nettle/ecc_mulmod.c,
1594
lib/nettle/ecc_mulmod_cached.c, lib/nettle/ecc_points.c,
1595
lib/nettle/ecc_projective_add_point_ng.c,
1596
lib/nettle/ecc_projective_check_point.c,
1597
lib/nettle/ecc_projective_dbl_point_3.c,
1598
lib/nettle/ecc_projective_isneutral.c,
1599
lib/nettle/ecc_projective_negate_point.c,
1600
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
1601
lib/nettle/ecc_verify_hash.c, lib/nettle/init.c,
1602
lib/nettle/multi.c, lib/nettle/pk.c, lib/nettle/wmnaf.c,
1603
lib/x509/key_decode.c, lib/x509/privkey.c: Removed elliptic curve
1604
code from gnutls. Use nettle's implementation.
1606
2013-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1608
* src/serv.c: corrected issue in ecccertfile option
1610
2013-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1612
* lib/gnutls_handshake.c: make a short list of the available PK
1615
2013-03-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1617
* lib/gnutls_privkey.c, lib/gnutls_pubkey.c,
1618
lib/includes/gnutls/abstract.h, tests/x509sign-verify.c: Added sign
1619
and verification flags to operate in RSA raw mode (as used in TLS).
1621
2013-03-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1623
* lib/auth/rsa.c, lib/gnutls_int.h: When in compatibility mode allow
1624
for a wrong version in the RSA PMS.
1626
2013-03-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1628
* lib/algorithms.h, lib/algorithms/protocols.c, lib/auth/rsa.c,
1629
lib/gnutls_cipher.c, lib/gnutls_handshake.c, lib/gnutls_record.c:
1630
convert gnutls versions to TLS major-minor in a single function.
1632
2013-03-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1634
* devel/perlasm/license-gnutls.txt,
1635
lib/accelerated/x86/coff/cpuid-x86-64-coff.s,
1636
lib/accelerated/x86/coff/cpuid-x86-coff.s,
1637
lib/accelerated/x86/elf/cpuid-x86-64.s,
1638
lib/accelerated/x86/elf/cpuid-x86.s,
1639
lib/accelerated/x86/macosx/cpuid-x86-64-macosx.s,
1640
lib/accelerated/x86/macosx/cpuid-x86-macosx.s,
1641
lib/ext/status_request.h, lib/gnutlsxx.cpp,
1642
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/ocsp.h,
1643
lib/includes/gnutls/x509.h, lib/libgnutls.map,
1644
lib/x509/verify-high.h: changed license headers to 2.1. Reported by
1647
2013-03-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1651
2013-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1653
* doc/manpages/Makefile.am: updated copyright
1655
2013-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1657
* NEWS, lib/algorithms/ciphers.c, lib/algorithms/mac.c,
1658
lib/crypto-api.c, lib/includes/gnutls/crypto.h,
1659
lib/includes/gnutls/gnutls.h.in: Added gnutls_mac_get_nonce_size()
1661
2013-03-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1665
2013-03-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1667
* lib/gnutls_privkey.c: doc update
1669
2013-03-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1671
* doc/cha-internals.texi: corrected file location
1673
2013-03-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1675
* tests/openpgp-auth.c: use return instead of exit
1677
2013-03-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1679
* lib/auth/cert.c: use the proper defines
1681
2013-03-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1683
* NEWS, lib/abstract_int.h, lib/auth/cert.c, lib/gnutls_pubkey.c,
1684
lib/includes/gnutls/abstract.h, lib/includes/gnutls/openpgp.h,
1685
lib/openpgp/gnutls_openpgp.c: Fixes in openpgp handshake with
1686
fingerprints. Reported by Joke de Buhr.
1688
2013-03-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1690
* tests/openpgp-auth.c: openpgp-auth tests
1691
gnutls_openpgp_set_recv_key_function() as well.
1693
2013-03-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1695
* NEWS, lib/gnutls_sig.c: correct issue with the (deprecated)
1696
external key signing and TLS 1.2
1698
2013-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1700
* src/benchmark.c: use clock_gettime when we can
1702
2013-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1704
* src/benchmark-cipher.c: removed R20
1706
2013-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1708
* NEWS, lib/algorithms/ciphers.c, lib/algorithms/ciphersuites.c,
1709
lib/includes/gnutls/gnutls.h.in, lib/nettle/cipher.c,
1710
src/benchmark-tls.c: Salsa20R20 -> Salsa20
1712
2013-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1714
* lib/libgnutls.map, tests/gc.c: use the exported variant of
1715
_gnutls_hmac_fast().
1717
2013-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1719
* NEWS, lib/accelerated/cryptodev.c,
1720
lib/accelerated/x86/hmac-padlock.c, lib/algorithms/ciphers.c,
1721
lib/algorithms/ciphersuites.c, lib/algorithms/mac.c,
1722
lib/crypto-api.c, lib/crypto-backend.h, lib/ext/session_ticket.c,
1723
lib/gnutls_cipher.c, lib/gnutls_cipher_int.c,
1724
lib/gnutls_cipher_int.h, lib/gnutls_constate.c, lib/gnutls_dtls.c,
1725
lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_state.c,
1726
lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
1727
lib/libgnutls.map, lib/nettle/cipher.c, lib/nettle/mac.c,
1728
lib/x509/pbkdf2-sha1.c, lib/x509/pkcs12.c, m4/hooks.m4,
1729
src/benchmark-cipher.c, src/benchmark-tls.c: The HMAC subsystem can
1730
now be used for other MAC algorithms, like UMAC. UMAC-96 and
1731
UMAC-128 were conditionally added.
1733
2013-03-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1735
* src/benchmark-tls.c: use RSA ciphersuite to compare ciphers.
1737
2013-03-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1739
* lib/gnutls_cipher.c: corrected bug in stream ciphers and added new
1740
cipher to the new padding format.
1742
2013-03-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1744
* NEWS, lib/algorithms.h, lib/algorithms/ciphers.c,
1745
lib/algorithms/ciphersuites.c, lib/gnutls_cipher.c,
1746
lib/gnutls_constate.c, lib/gnutls_dtls.c,
1747
lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
1748
lib/libgnutls.map, lib/nettle/cipher.c, lib/x509/privkey_openssl.c,
1749
lib/x509/privkey_pkcs8.c, src/benchmark-cipher.c,
1750
src/benchmark-tls.c: Added salsa20 cipher, and ciphersuites.
1752
2013-03-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1754
* lib/pkcs11.c: search only for slots with tokens and avoid caching
1755
to prevent issues with multiple threads.
1757
2013-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1761
2013-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1763
* doc/cha-tokens.texi, lib/gnutls_privkey.c,
1764
lib/includes/gnutls/abstract.h, lib/libgnutls.map: Added
1765
gnutls_privkey_status()
1767
2013-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1769
* lib/pkcs11.c: avoid internal error
1771
2013-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1773
* lib/pkcs11.c: use correct type for rv
1775
2013-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1779
2013-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1781
* lib/pkcs11.c: scan slots on PKCS #11 providers only when needed,
1782
not on initialization.
1784
2013-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1786
* lib/gnutls_privkey.c: doc update
1788
2013-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1790
* doc/cha-library.texi: documented the new configure options
1792
2013-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1794
* NEWS, lib/crypto-backend.h, lib/gnutls_mpi.h, lib/gnutls_pk.c,
1795
lib/nettle/mpi.c, lib/openpgp/privkey.c, lib/x509/privkey.c: Private
1796
key parameters are overwritten with zeros on deinitialization.
1798
2013-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1800
* doc/cha-library.texi, doc/latex/cover.tex, doc/latex/gnutls.bib:
1803
2013-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1805
* doc/cha-tokens.texi: simplified text
1807
2013-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1809
* configure.ac, m4/hooks.m4: bumped version
1811
2013-03-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1813
* NEWS, doc/invoke-certtool.texi, doc/invoke-danetool.texi,
1814
lib/gnutls_privkey.c, lib/gnutls_sig.c, lib/gnutls_sig.h,
1815
lib/includes/gnutls/abstract.h, lib/libgnutls.map: Added
1816
gnutls_privkey_sign_raw_data()
1818
2013-03-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1820
* lib/gnutls_pcert.c: simplified code
1822
2013-03-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1824
* src/serv.c: gnutls-serv may run without certificate, but will
1827
2013-03-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1829
* src/serv.c: gnutls-serv issues an error if no certificate and key
1832
2013-03-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1834
* COPYING.LESSER, README: gnutls 3.1.10 is LGPLv2.1
1836
2013-03-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1838
* lib/algorithms/kx.c, lib/auth/anon.c, lib/auth/anon_ecdh.c,
1839
lib/gnutlsxx.cpp, src/cli-debug.c, src/serv.c, src/tests.c: Added
1840
several ifdefs to avoid using disabled code.
1842
2013-03-12 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
1844
* doc/cha-bib.texi, doc/cha-tokens.texi: Document mechanism used for
1845
*_key_id() creation. For the rationale behind this, see the gnutls-devl thread 'X.509
1846
"Key Identifiers" in GnuTLS' found either at
1848
http://lists.gnutls.org/pipermail/gnutls-devel/2013-March/006182.htmland
1849
http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/6674
1851
2013-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1853
* NEWS, doc/examples/ex-cert-select-pkcs11.c,
1854
doc/examples/ex-cert-select.c, doc/examples/ex-client-anon.c,
1855
doc/examples/ex-client-dtls.c, doc/examples/ex-client-psk.c,
1856
doc/examples/ex-client-srp.c, doc/examples/ex-client-x509.c,
1857
lib/gnutls_int.h, lib/gnutls_ui.c, lib/includes/gnutls/gnutls.h.in,
1858
lib/libgnutls.map, src/common.c: Added gnutls_session_get_desc()
1860
2013-03-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1862
* configure.ac, lib/algorithms/ciphersuites.c, lib/algorithms/kx.c,
1863
lib/auth/Makefile.am, lib/auth/anon_ecdh.c, lib/auth/cert.c,
1864
lib/auth/cert.h, lib/auth/dh_common.c, lib/auth/dhe.c,
1865
lib/auth/dhe_psk.c, lib/auth/ecdh_common.c, lib/auth/ecdh_common.h,
1866
lib/auth/ecdhe.c, lib/auth/ecdhe.h, lib/auth/rsa_export.c,
1867
lib/gnutls_handshake.c, lib/gnutls_kx.c, lib/gnutls_priority.c,
1868
lib/gnutls_rsa_export.c, lib/gnutls_state.c, lib/gnutls_ui.c,
1869
m4/hooks.m4: Added options to disable more key exchange mechanisms. In that DHE was separated from ECDHE.
1871
2013-03-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1873
* src/serv.c: removed unneeded code
1875
2013-03-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1877
* src/cli.c: When requesting DANE data resolve a service name into a
1878
port number. Reported by James Cloos.
1880
2013-03-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1884
2013-03-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1886
* doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi: doc update
1888
2013-03-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1890
* lib/x509/dn.c: avoid duplicate memory allocation in
1891
_gnutls_x509_get_dn()
1893
2013-03-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1895
* tests/cert-tests/dane-test.rr: The default dane output is type 03
1898
2013-03-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1900
* lib/gnutls_x509.c: simplified
1902
2013-03-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1904
* lib/gnutls_ui.c, lib/gnutls_x509.c, lib/gnutls_x509.h: Return
1905
proper also when loading a private key.
1907
2013-03-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1909
* lib/includes/gnutls/tpm.h, lib/tpm.c: GNUTLS_TPMKEY_FMT_DER ->
1910
GNUTLS_TPMKEY_FMT_RAW
1912
2013-03-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1914
* lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/gnutls_x509.c:
1915
return unimplemented feature on encounter of a known but unsupported
1918
2013-03-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1920
* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
1921
src/danetool-args.c, src/danetool-args.def, src/danetool-args.h,
1922
src/danetool.c: updates in danetool
1924
2013-03-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1926
* Makefile.am, configure.ac: Added configure option to disable the
1929
2013-03-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1931
* doc/invoke-certtool.texi, src/certtool-args.c,
1932
src/certtool-args.def, src/certtool-args.h: updated example
1935
2013-03-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1937
* tests/suite/ecore/src/lib/Ecore.h: updated
1939
2013-03-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1941
* lib/x509_b64.c: corrected allocation size
1943
2013-03-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1945
* lib/gnutls_ui.c: simplified text
1947
2013-03-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1949
* configure.ac: Fixes in cpu and cross-compilation detection
1951
2013-03-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1953
* lib/x509/dn.c, lib/x509/verify.c, lib/x509/x509.c,
1954
lib/x509/x509_int.h: Placed back _gnutls_x509_compare_raw_dn().
1956
2013-03-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1958
* lib/system.c: check revocation prior to reading local certs.
1960
2013-03-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1962
* lib/x509/verify-high.c: deinitialize the certificate
1964
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1968
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1970
* configure.ac: When cross compiling do not check for ca
1973
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1975
* configure.ac: auto-detect CA certificates only if
1976
with-default-trust-store-file is not provided.
1978
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1980
* lib/system.c: corrected parameters.
1982
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1984
* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
1985
lib/system.c, lib/x509/verify-high.c, lib/x509/verify-high2.c,
1986
tests/x509cert-tl.c: Added functions that remove certificates from a
1989
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1991
* libdane/includes/gnutls/dane.h: updated doc
1993
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1995
* lib/system.c: Check for revoked certs in android and do not add.
1996
Suggested by David Woodhouse.
1998
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2000
* lib/system.c: corrected add_system_trust() in the unsupported
2003
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2005
* lib/x509/common.c, lib/x509/common.h, lib/x509/crl.c,
2006
lib/x509/dn.c, lib/x509/ocsp.c, lib/x509/verify-high.c,
2007
lib/x509/verify.c, lib/x509/x509.c, lib/x509/x509_int.h: Several
2008
optimizations on certificate comparisons including DN. This speeds
2009
up CA certificate loading, and certificate verification.
2011
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2013
* lib/x509/verify-high.c: Revert "When making the hash list of the
2014
CAs avoid calling get_raw_*_dn() which is very costly." This reverts commit 1b7d66354e9b4d174b58233f4dd8ab46a1d45f14.
2016
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2020
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2022
* lib/x509/verify-high.c: When making the hash list of the CAs avoid
2023
calling get_raw_*_dn() which is very costly.
2025
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2027
* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
2028
lib/x509/crl.c, lib/x509/crq.c, lib/x509/dn.c, lib/x509/x509.c,
2029
lib/x509/x509_int.h: Added new functions to get the LDAP DN in an
2032
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2034
* src/cli.c: Removed unused code.
2036
2013-03-05 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2038
* lib/x509/x509_write.c: fix description of id_size parameter
2040
2013-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2042
* lib/system.c: handle the interesting variance between directories
2044
2013-03-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2046
* lib/system.c: test for ANDROID or __ANDROID__
2048
2013-03-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2050
* build-aux/ar-lib: updated
2052
2013-03-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2054
* configure.ac: call gl_EARLY earlier, and add AM_PROG_AR.
2056
2013-03-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2058
* lib/gnutls.pc.in: corrected link
2060
2013-03-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2062
* configure.ac: removed Werror from automake rules
2064
2013-03-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2066
* doc/Makefile.am: Added flag
2068
2013-03-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2070
* .gitignore, ChangeLog: removed
2072
2013-03-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2074
* lib/gnutls_x509.c, src/Makefile.am: changes to avoid compilation
2075
of programs that cannot be.
2077
2013-03-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2079
* lib/system.c: more simplifications to
2080
gnutls_x509_trust_list_add_system_trust()
2082
2013-03-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2086
2013-03-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2088
* lib/system.c: corrected reading from directory.
2090
2013-03-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2092
* lib/system.c: gnutls_x509_trust_list_add_system_trust() was made
2093
to work in android 4.x.
2095
2013-03-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2099
2013-03-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2101
* lib/system.c: More cleanups in
2102
gnutls_x509_trust_list_add_system_trust()
2104
2013-03-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2106
* configure.ac: Select CPU optimizations based on target cpu rather
2109
2013-03-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2111
* lib/Makefile.am, lib/system.c: some simplifications in
2112
gnutls_x509_trust_list_add_system_trust()
2114
2013-03-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2116
* NEWS, src/certtool.c: Use ARCFOUR cipher by default to be
2117
compatible with devices like android that don't support AES
2119
2013-03-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2121
* NEWS, doc/invoke-danetool.texi, libdane/dane.c,
2122
libdane/includes/gnutls/dane.h, src/danetool-args.c,
2123
src/danetool-args.def, src/danetool-args.h, src/danetool.c,
2124
tests/suite/Makefile.am, tests/suite/testdane: Added verify flags
2125
for DANE to enforce verification and restrict it to a field.
2127
2013-03-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2129
* .gitignore, ChangeLog: added empty ChangeLog
2131
2013-03-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2133
* GNUmakefile, build-aux/config.rpath, build-aux/gendocs.sh,
2134
build-aux/pmccabe2html, build-aux/snippet/arg-nonnull.h,
2135
build-aux/snippet/c++defs.h, build-aux/snippet/unused-parameter.h,
2136
build-aux/snippet/warn-on-use.h, build-aux/useless-if-before-free,
2137
build-aux/vc-list-files, doc/gendocs_template, gl/Makefile.am,
2138
gl/accept.c, gl/alloca.in.h, gl/alphasort.c, gl/argp-ba.c,
2139
gl/argp-eexst.c, gl/argp-fmtstream.c, gl/argp-fmtstream.h,
2140
gl/argp-fs-xinl.c, gl/argp-help.c, gl/argp-namefrob.h,
2141
gl/argp-parse.c, gl/argp-pin.c, gl/argp-pv.c, gl/argp-pvh.c,
2142
gl/argp-xinl.c, gl/argp.h, gl/arpa_inet.in.h, gl/asnprintf.c,
2143
gl/asprintf.c, gl/base64.c, gl/base64.h, gl/basename-lgpl.c,
2144
gl/bind.c, gl/byteswap.in.h, gl/c-ctype.c, gl/c-ctype.h,
2145
gl/c-strcase.h, gl/c-strcasecmp.c, gl/c-strncasecmp.c, gl/close.c,
2146
gl/closedir.c, gl/connect.c, gl/dirent-private.h, gl/dirent.in.h,
2147
gl/dirname-lgpl.c, gl/dirname.h, gl/dosname.h, gl/dup2.c,
2148
gl/errno.in.h, gl/error.c, gl/error.h, gl/fd-hook.c, gl/fd-hook.h,
2149
gl/filename.h, gl/float+.h, gl/float.c, gl/float.in.h, gl/fpucw.h,
2150
gl/frexp.c, gl/frexpl.c, gl/fseek.c, gl/fseeko.c, gl/fseterr.c,
2151
gl/fseterr.h, gl/fstat.c, gl/ftell.c, gl/ftello.c,
2152
gl/gai_strerror.c, gl/getaddrinfo.c, gl/getdelim.c, gl/getline.c,
2153
gl/getopt.c, gl/getopt.in.h, gl/getopt1.c, gl/getopt_int.h,
2154
gl/getpass.c, gl/getpass.h, gl/getpeername.c, gl/getsubopt.c,
2155
gl/gettext.h, gl/gettime.c, gl/gettimeofday.c,
2156
gl/glthread/threadlib.c, gl/hash-pjw-bare.c, gl/hash-pjw-bare.h,
2157
gl/iconv.c, gl/iconv.in.h, gl/iconv_close.c, gl/iconv_open.c,
2158
gl/inet_ntop.c, gl/inet_pton.c, gl/intprops.h, gl/isnan.c,
2159
gl/isnand-nolibm.h, gl/isnand.c, gl/isnanf-nolibm.h, gl/isnanf.c,
2160
gl/isnanl-nolibm.h, gl/isnanl.c, gl/itold.c, gl/listen.c,
2161
gl/lseek.c, gl/m4/00gnulib.m4, gl/m4/alloca.m4, gl/m4/alphasort.m4,
2162
gl/m4/argp.m4, gl/m4/arpa_inet_h.m4, gl/m4/base64.m4,
2163
gl/m4/byteswap.m4, gl/m4/clock_time.m4, gl/m4/close.m4,
2164
gl/m4/closedir.m4, gl/m4/codeset.m4, gl/m4/dirent_h.m4,
2165
gl/m4/dirname.m4, gl/m4/double-slash-root.m4, gl/m4/dup2.m4,
2166
gl/m4/eealloc.m4, gl/m4/environ.m4, gl/m4/errno_h.m4,
2167
gl/m4/error.m4, gl/m4/exponentd.m4, gl/m4/exponentf.m4,
2168
gl/m4/exponentl.m4, gl/m4/extensions.m4, gl/m4/extern-inline.m4,
2169
gl/m4/fcntl-o.m4, gl/m4/fcntl_h.m4, gl/m4/fdopen.m4,
2170
gl/m4/float_h.m4, gl/m4/fpieee.m4, gl/m4/frexp.m4, gl/m4/frexpl.m4,
2171
gl/m4/fseek.m4, gl/m4/fseeko.m4, gl/m4/fseterr.m4, gl/m4/fstat.m4,
2172
gl/m4/ftell.m4, gl/m4/ftello.m4, gl/m4/ftruncate.m4, gl/m4/func.m4,
2173
gl/m4/getaddrinfo.m4, gl/m4/getcwd.m4, gl/m4/getdelim.m4,
2174
gl/m4/getline.m4, gl/m4/getopt.m4, gl/m4/getpagesize.m4,
2175
gl/m4/getpass.m4, gl/m4/getsubopt.m4, gl/m4/gettext.m4,
2176
gl/m4/gettime.m4, gl/m4/gettimeofday.m4, gl/m4/glibc2.m4,
2177
gl/m4/glibc21.m4, gl/m4/gnulib-cache.m4, gl/m4/gnulib-common.m4,
2178
gl/m4/gnulib-comp.m4, gl/m4/gnulib-tool.m4, gl/m4/hostent.m4,
2179
gl/m4/iconv.m4, gl/m4/iconv_h.m4, gl/m4/iconv_open-utf.m4,
2180
gl/m4/iconv_open.m4, gl/m4/include_next.m4, gl/m4/inet_ntop.m4,
2181
gl/m4/inet_pton.m4, gl/m4/inline.m4, gl/m4/intdiv0.m4,
2182
gl/m4/intl.m4, gl/m4/intldir.m4, gl/m4/intlmacosx.m4,
2183
gl/m4/intmax.m4, gl/m4/intmax_t.m4, gl/m4/inttypes-pri.m4,
2184
gl/m4/inttypes.m4, gl/m4/inttypes_h.m4, gl/m4/ioctl.m4,
2185
gl/m4/isnand.m4, gl/m4/isnanf.m4, gl/m4/isnanl.m4,
2186
gl/m4/largefile.m4, gl/m4/lcmessage.m4, gl/m4/ld-output-def.m4,
2187
gl/m4/ld-version-script.m4, gl/m4/ldexpl.m4, gl/m4/lib-ld.m4,
2188
gl/m4/lib-link.m4, gl/m4/lib-prefix.m4, gl/m4/libunistring-base.m4,
2189
gl/m4/locale-fr.m4, gl/m4/locale-ja.m4, gl/m4/locale-tr.m4,
2190
gl/m4/locale-zh.m4, gl/m4/locale_h.m4, gl/m4/localename.m4,
2191
gl/m4/lock.m4, gl/m4/longlong.m4, gl/m4/lseek.m4, gl/m4/lstat.m4,
2192
gl/m4/malloc.m4, gl/m4/malloca.m4, gl/m4/manywarnings.m4,
2193
gl/m4/math_h.m4, gl/m4/memchr.m4, gl/m4/memmem.m4,
2194
gl/m4/mempcpy.m4, gl/m4/minmax.m4, gl/m4/mmap-anon.m4,
2195
gl/m4/mode_t.m4, gl/m4/msvc-inval.m4, gl/m4/msvc-nothrow.m4,
2196
gl/m4/multiarch.m4, gl/m4/netdb_h.m4, gl/m4/netinet_in_h.m4,
2197
gl/m4/nls.m4, gl/m4/nocrash.m4, gl/m4/off_t.m4, gl/m4/open.m4,
2198
gl/m4/opendir.m4, gl/m4/pathmax.m4, gl/m4/perror.m4, gl/m4/pipe.m4,
2199
gl/m4/po.m4, gl/m4/printf-frexp.m4, gl/m4/printf-frexpl.m4,
2200
gl/m4/printf-posix.m4, gl/m4/printf.m4, gl/m4/progtest.m4,
2201
gl/m4/putenv.m4, gl/m4/rawmemchr.m4, gl/m4/read-file.m4,
2202
gl/m4/readdir.m4, gl/m4/realloc.m4, gl/m4/scandir.m4,
2203
gl/m4/select.m4, gl/m4/servent.m4, gl/m4/setenv.m4,
2204
gl/m4/setlocale.m4, gl/m4/signal_h.m4, gl/m4/signbit.m4,
2205
gl/m4/size_max.m4, gl/m4/sleep.m4, gl/m4/snprintf.m4,
2206
gl/m4/socketlib.m4, gl/m4/sockets.m4, gl/m4/socklen.m4,
2207
gl/m4/sockpfaf.m4, gl/m4/ssize_t.m4, gl/m4/stat.m4,
2208
gl/m4/stdalign.m4, gl/m4/stdarg.m4, gl/m4/stdbool.m4,
2209
gl/m4/stddef_h.m4, gl/m4/stdint.m4, gl/m4/stdint_h.m4,
2210
gl/m4/stdio_h.m4, gl/m4/stdlib_h.m4, gl/m4/strcase.m4,
2211
gl/m4/strchrnul.m4, gl/m4/strdup.m4, gl/m4/strerror.m4,
2212
gl/m4/strerror_r.m4, gl/m4/string_h.m4, gl/m4/strings_h.m4,
2213
gl/m4/strndup.m4, gl/m4/strnlen.m4, gl/m4/strtok_r.m4,
2214
gl/m4/strverscmp.m4, gl/m4/symlink.m4, gl/m4/sys_ioctl_h.m4,
2215
gl/m4/sys_select_h.m4, gl/m4/sys_socket_h.m4, gl/m4/sys_stat_h.m4,
2216
gl/m4/sys_time_h.m4, gl/m4/sys_types_h.m4, gl/m4/sys_uio_h.m4,
2217
gl/m4/sysexits.m4, gl/m4/threadlib.m4, gl/m4/time_h.m4,
2218
gl/m4/time_r.m4, gl/m4/timer_time.m4, gl/m4/timespec.m4,
2219
gl/m4/uintmax_t.m4, gl/m4/ungetc.m4, gl/m4/unistd_h.m4,
2220
gl/m4/valgrind-tests.m4, gl/m4/vasnprintf.m4, gl/m4/vasprintf.m4,
2221
gl/m4/version-etc.m4, gl/m4/vfprintf-posix.m4, gl/m4/visibility.m4,
2222
gl/m4/vprintf-posix.m4, gl/m4/vsnprintf.m4, gl/m4/warn-on-use.m4,
2223
gl/m4/warnings.m4, gl/m4/wchar_h.m4, gl/m4/wchar_t.m4,
2224
gl/m4/wint_t.m4, gl/m4/xsize.m4, gl/malloc.c, gl/math.in.h,
2225
gl/memchr.c, gl/memmem.c, gl/mempcpy.c, gl/minmax.h,
2226
gl/msvc-inval.c, gl/msvc-inval.h, gl/msvc-nothrow.c,
2227
gl/msvc-nothrow.h, gl/netdb.in.h, gl/netinet_in.in.h, gl/opendir.c,
2228
gl/printf-args.c, gl/printf-args.h, gl/printf-frexp.c,
2229
gl/printf-frexp.h, gl/printf-frexpl.c, gl/printf-frexpl.h,
2230
gl/printf-parse.c, gl/printf-parse.h, gl/progname.c, gl/progname.h,
2231
gl/rawmemchr.c, gl/read-file.c, gl/read-file.h, gl/readdir.c,
2232
gl/realloc.c, gl/recv.c, gl/recvfrom.c, gl/scandir.c, gl/select.c,
2233
gl/send.c, gl/sendto.c, gl/setsockopt.c, gl/shutdown.c,
2234
gl/signal.in.h, gl/signbitd.c, gl/signbitf.c, gl/signbitl.c,
2235
gl/size_max.h, gl/sleep.c, gl/snprintf.c, gl/socket.c,
2236
gl/sockets.c, gl/sockets.h, gl/stdalign.in.h, gl/stdarg.in.h,
2237
gl/stdbool.in.h, gl/stddef.in.h, gl/stdint.in.h, gl/stdio-impl.h,
2238
gl/stdio.c, gl/stdio.in.h, gl/stdlib.in.h, gl/str-two-way.h,
2239
gl/strcasecmp.c, gl/strchrnul.c, gl/strdup.c,
2240
gl/strerror-override.c, gl/strerror-override.h, gl/strerror.c,
2241
gl/string.in.h, gl/strings.in.h, gl/stripslash.c, gl/strncasecmp.c,
2242
gl/strndup.c, gl/strnlen.c, gl/strtok_r.c, gl/strverscmp.c,
2243
gl/sys_select.in.h, gl/sys_socket.in.h, gl/sys_stat.in.h,
2244
gl/sys_time.in.h, gl/sys_types.in.h, gl/sys_uio.in.h,
2245
gl/sysexits.in.h, gl/tests/Makefile.am, gl/tests/binary-io.h,
2246
gl/tests/fcntl.in.h, gl/tests/fdopen.c, gl/tests/ftruncate.c,
2247
gl/tests/getcwd-lgpl.c, gl/tests/getpagesize.c,
2248
gl/tests/glthread/lock.c, gl/tests/glthread/lock.h,
2249
gl/tests/ignore-value.h, gl/tests/infinity.h, gl/tests/init.sh,
2250
gl/tests/inttypes.in.h, gl/tests/ioctl.c, gl/tests/locale.in.h,
2251
gl/tests/localename.c, gl/tests/localename.h, gl/tests/lstat.c,
2252
gl/tests/macros.h, gl/tests/malloca.c, gl/tests/malloca.h,
2253
gl/tests/minus-zero.h, gl/tests/nan.h, gl/tests/open.c,
2254
gl/tests/pathmax.h, gl/tests/perror.c, gl/tests/pipe.c,
2255
gl/tests/putenv.c, gl/tests/randomd.c, gl/tests/randoml.c,
2256
gl/tests/same-inode.h, gl/tests/setenv.c, gl/tests/setlocale.c,
2257
gl/tests/signature.h, gl/tests/stat.c, gl/tests/strerror_r.c,
2258
gl/tests/symlink.c, gl/tests/sys_ioctl.in.h,
2259
gl/tests/test-accept.c, gl/tests/test-alloca-opt.c,
2260
gl/tests/test-argp-2.sh, gl/tests/test-argp.c,
2261
gl/tests/test-arpa_inet.c, gl/tests/test-base64.c,
2262
gl/tests/test-binary-io.c, gl/tests/test-bind.c,
2263
gl/tests/test-byteswap.c, gl/tests/test-c-ctype.c,
2264
gl/tests/test-c-strcasecmp.c, gl/tests/test-c-strncasecmp.c,
2265
gl/tests/test-close.c, gl/tests/test-connect.c,
2266
gl/tests/test-dirent.c, gl/tests/test-dup2.c,
2267
gl/tests/test-environ.c, gl/tests/test-errno.c,
2268
gl/tests/test-fcntl-h.c, gl/tests/test-fdopen.c,
2269
gl/tests/test-fgetc.c, gl/tests/test-float.c,
2270
gl/tests/test-fprintf-posix.h, gl/tests/test-fputc.c,
2271
gl/tests/test-fread.c, gl/tests/test-frexp.c,
2272
gl/tests/test-frexp.h, gl/tests/test-frexpl.c,
2273
gl/tests/test-fseek.c, gl/tests/test-fseeko.c,
2274
gl/tests/test-fseeko3.c, gl/tests/test-fseeko4.c,
2275
gl/tests/test-fseterr.c, gl/tests/test-fstat.c,
2276
gl/tests/test-ftell.c, gl/tests/test-ftell3.c,
2277
gl/tests/test-ftello.c, gl/tests/test-ftello3.c,
2278
gl/tests/test-ftello4.c, gl/tests/test-ftruncate.c,
2279
gl/tests/test-func.c, gl/tests/test-fwrite.c,
2280
gl/tests/test-getaddrinfo.c, gl/tests/test-getcwd-lgpl.c,
2281
gl/tests/test-getdelim.c, gl/tests/test-getline.c,
2282
gl/tests/test-getopt.c, gl/tests/test-getopt.h,
2283
gl/tests/test-getopt_long.h, gl/tests/test-getpeername.c,
2284
gl/tests/test-gettimeofday.c, gl/tests/test-iconv-h.c,
2285
gl/tests/test-iconv-utf.c, gl/tests/test-iconv.c,
2286
gl/tests/test-ignore-value.c, gl/tests/test-inet_ntop.c,
2287
gl/tests/test-inet_pton.c, gl/tests/test-init.sh,
2288
gl/tests/test-intprops.c, gl/tests/test-inttypes.c,
2289
gl/tests/test-ioctl.c, gl/tests/test-isnand-nolibm.c,
2290
gl/tests/test-isnand.h, gl/tests/test-isnanf-nolibm.c,
2291
gl/tests/test-isnanf.h, gl/tests/test-isnanl-nolibm.c,
2292
gl/tests/test-isnanl.h, gl/tests/test-listen.c,
2293
gl/tests/test-locale.c, gl/tests/test-localename.c,
2294
gl/tests/test-lstat.c, gl/tests/test-lstat.h,
2295
gl/tests/test-malloc-gnu.c, gl/tests/test-malloca.c,
2296
gl/tests/test-math.c, gl/tests/test-memchr.c,
2297
gl/tests/test-netdb.c, gl/tests/test-netinet_in.c,
2298
gl/tests/test-open.c, gl/tests/test-open.h,
2299
gl/tests/test-pathmax.c, gl/tests/test-perror.c,
2300
gl/tests/test-perror2.c, gl/tests/test-pipe.c,
2301
gl/tests/test-printf-frexp.c, gl/tests/test-printf-frexpl.c,
2302
gl/tests/test-printf-posix.h, gl/tests/test-rawmemchr.c,
2303
gl/tests/test-read-file.c, gl/tests/test-recv.c,
2304
gl/tests/test-recvfrom.c, gl/tests/test-select-fd.c,
2305
gl/tests/test-select-stdin.c, gl/tests/test-select.c,
2306
gl/tests/test-select.h, gl/tests/test-send.c,
2307
gl/tests/test-sendto.c, gl/tests/test-setenv.c,
2308
gl/tests/test-setlocale1.c, gl/tests/test-setlocale2.c,
2309
gl/tests/test-setsockopt.c, gl/tests/test-shutdown.c,
2310
gl/tests/test-signal-h.c, gl/tests/test-signbit.c,
2311
gl/tests/test-sleep.c, gl/tests/test-snprintf.c,
2312
gl/tests/test-sockets.c, gl/tests/test-stat.c,
2313
gl/tests/test-stat.h, gl/tests/test-stdalign.c,
2314
gl/tests/test-stdbool.c, gl/tests/test-stddef.c,
2315
gl/tests/test-stdint.c, gl/tests/test-stdio.c,
2316
gl/tests/test-stdlib.c, gl/tests/test-strchrnul.c,
2317
gl/tests/test-strerror.c, gl/tests/test-strerror_r.c,
2318
gl/tests/test-string.c, gl/tests/test-strings.c,
2319
gl/tests/test-strnlen.c, gl/tests/test-strverscmp.c,
2320
gl/tests/test-symlink.c, gl/tests/test-symlink.h,
2321
gl/tests/test-sys_ioctl.c, gl/tests/test-sys_select.c,
2322
gl/tests/test-sys_socket.c, gl/tests/test-sys_stat.c,
2323
gl/tests/test-sys_time.c, gl/tests/test-sys_types.c,
2324
gl/tests/test-sys_uio.c, gl/tests/test-sys_wait.h,
2325
gl/tests/test-sysexits.c, gl/tests/test-time.c,
2326
gl/tests/test-u64.c, gl/tests/test-unistd.c,
2327
gl/tests/test-unsetenv.c, gl/tests/test-vasnprintf.c,
2328
gl/tests/test-vasprintf.c, gl/tests/test-vc-list-files-cvs.sh,
2329
gl/tests/test-vc-list-files-git.sh, gl/tests/test-verify.c,
2330
gl/tests/test-version-etc.c, gl/tests/test-version-etc.sh,
2331
gl/tests/test-vfprintf-posix.c, gl/tests/test-vprintf-posix.c,
2332
gl/tests/test-vsnprintf.c, gl/tests/test-wchar.c,
2333
gl/tests/unistr/test-u8-mbtoucr.c,
2334
gl/tests/unistr/test-u8-uctomb.c, gl/tests/unsetenv.c,
2335
gl/tests/w32sock.h, gl/tests/zerosize-ptr.h, gl/time.in.h,
2336
gl/time_r.c, gl/timespec.h, gl/u64.h, gl/unistd.in.h,
2337
gl/unistr.in.h, gl/unistr/u8-mbtoucr.c, gl/unistr/u8-uctomb-aux.c,
2338
gl/unistr/u8-uctomb.c, gl/unitypes.in.h, gl/vasnprintf.c,
2339
gl/vasnprintf.h, gl/vasprintf.c, gl/verify.h, gl/version-etc-fsf.c,
2340
gl/version-etc.c, gl/version-etc.h, gl/vfprintf.c, gl/vprintf.c,
2341
gl/vsnprintf.c, gl/w32sock.h, gl/wchar.in.h, gl/xsize.h, maint.mk:
2344
2013-02-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2346
* lib/libgnutls.map: Added gnutls_pkcs11_privkey_status
2348
2013-02-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2350
* doc/Makefile.am, doc/invoke-certtool.texi,
2351
doc/manpages/Makefile.am: updated
2353
2013-02-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2355
* NEWS, configure.ac, m4/hooks.m4: bumped version
2357
2013-02-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2359
* lib/gnutls_db.h, lib/gnutls_int.h, lib/gnutls_record.c,
2360
lib/gnutls_session_pack.c: small optimizations in session storage
2362
2013-02-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2364
* lib/gnutls_state.c: no need to memset during session deinit.
2366
2013-02-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2368
* NEWS, lib/nettle/rnd.c, tests/rng-fork.c: fixed nonce generation
2371
2013-02-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2373
* lib/gnutls_db.c, lib/gnutls_handshake.c,
2374
lib/gnutls_session_pack.c: Small fixes.
2376
2013-02-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2378
* NEWS, lib/includes/gnutls/pkcs11.h, lib/pkcs11_privkey.c: Added
2379
gnutls_pkcs11_privkey_status().
2381
2013-02-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2383
* lib/x509/verify.c: doc update
2385
2013-02-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2387
* libdane/dane.c, libdane/errors.c, libdane/includes/gnutls/dane.h:
2388
when verifying a DANE CA constraint make sure that the provided
2389
chain is actually a chain.
2391
2013-02-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2393
* libdane/dane.c: doc update
2395
2013-02-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2397
* doc/cha-tokens.texi: mention enable-in in p11-kit config.
2399
2013-02-20 Jaak Ristioja <jaak.ristioja@cyber.ee>
2401
* lib/gnutls_psk.c, lib/gnutls_str.c: Moved gnutls_hex_(en|de)code
2402
functions from lib/gnutls_psk.c to lib/gnutls_str.c to fix
2403
compilation of certtool when PSK is disabled. These are rather generic functions by nature, so it would be
2404
reasonable to include them in GnuTLS even if PSK support is
2405
disabled. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2407
2013-02-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2409
* lib/pkcs11.c: print info on reinitializor error.
2411
2013-02-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2413
* doc/cha-cert-auth.texi: Documented the DANE situation in gnutls.
2414
Suggested by Gabor Toth.
2416
2013-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2418
* NEWS, lib/pkcs11.c: Fixed gnutls_pkcs11_reinit() to reinitialize
2421
2013-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2423
* lib/pkcs11.c: return proper error
2425
2013-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2429
2013-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2431
* src/serv.c: use set_int when needed
2433
2013-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2435
* lib/ext/session_ticket.c, lib/gnutls_datum.c,
2436
lib/gnutls_extensions.c, lib/gnutls_str.c, lib/gnutls_x509.c,
2437
lib/x509/ocsp.c, lib/x509/pkcs12.c, lib/xssl_getline.c: Use
2438
gnutls_realloc_fast everywhere. Suggested by David Woodhouse.
2440
2013-02-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2442
* lib/auth/rsa.c: better cleanup on error on export case
2444
2013-02-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2446
* lib/x509/x509.c: corrected parsing issue in XMPP data when in a
2447
subject alternative name
2449
2013-02-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2451
* doc/cha-tokens.texi, lib/gnutls_record.c,
2452
lib/includes/gnutls/gnutls.h.in, lib/tpm.c, src/common.c: cleaned up
2453
the PIN calling in TPM
2455
2013-02-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2457
* NEWS, doc/cha-gtls-app.texi,
2458
doc/examples/ex-cert-select-pkcs11.c,
2459
doc/examples/ex-cert-select.c, doc/examples/ex-client-anon.c,
2460
doc/examples/ex-client-dtls.c, doc/examples/ex-client-psk.c,
2461
doc/examples/ex-client-resume.c, doc/examples/ex-client-srp.c,
2462
doc/examples/ex-client-x509.c, doc/examples/ex-serv-anon.c,
2463
doc/examples/ex-serv-pgp.c, doc/examples/ex-serv-psk.c,
2464
doc/examples/ex-serv-srp.c, doc/examples/ex-serv-x509.c,
2465
lib/gnutls_record.c, lib/includes/gnutls/gnutls.h.in,
2466
lib/libgnutls.map, src/cli.c, src/serv.c: Added convenience
2467
functions to avoid ugly casting in simple programs.
2469
2013-02-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2471
* doc/examples/ex-client-dtls.c, doc/examples/ex-serv-dtls.c: be
2472
more explicit in DTLS examples to account for LARGE_PACKET error
2474
2013-02-16 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2476
* lib/pkcs11.c: fix two minor memory leaks when PKCS#11 is in use
2478
2013-02-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2480
* NEWS: documented fix
2482
2013-02-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2484
* lib/libgnutls.map: corrected export of functions
2486
2013-02-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2488
* NEWS: documented fix
2490
2013-02-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2492
* lib/gnutls_pubkey.c: corrected gnutls_pubkey_verify_data()
2494
2013-02-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2496
* lib/x509/verify-high.c: reduced hash table size
2498
2013-02-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2500
* lib/gnutls_pubkey.c: doc update
2502
2013-02-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2504
* lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in: Added const
2506
2013-02-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2508
* NEWS, lib/gnutls_handshake.c, lib/gnutls_handshake.h,
2509
lib/gnutls_int.h, lib/gnutls_state.c, lib/gnutls_v2_compat.c,
2510
lib/includes/gnutls/gnutls.h.in: gnutls_handshake_set_server_random
2511
-> gnutls_handshake_set_random
2513
2013-02-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2515
* lib/gnutls_int.h: timespec_sub_ms -> _gnutls_timespec_sub_ms
2517
2013-02-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2519
* lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_state.c,
2520
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
2521
gnutls_handshake_set_server_random
2523
2013-02-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2525
* lib/nettle/rnd.c: properly set close-on-exec.
2527
2013-02-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2529
* doc/examples/ex-serv-anon.c: avoid ptrdiff_t
2531
2013-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2533
* NEWS, src/certtool-extras.c: certtool's --to-p12 will now ask for
2534
a password to generate PKCS #12 files. That is when provided an encrypted key file. Reported by Yan Fiz.
2536
2013-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2538
* lib/gnutls_priority.c: prefer plain RSA to DHE-RSA and DHE-DSS
2540
2013-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2542
* tests/Makefile.am: removed duplicate
2544
2013-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2546
* doc/Makefile.am, doc/invoke-gnutls-cli.texi: small updates
2548
2013-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2550
* tests/Makefile.am: slow tests moved at the end of the suite
2552
2013-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2554
* lib/gnutls_buffers.c: simplified cleaning-up in
2555
_gnutls_stream_read and _gnutls_dgram_read
2557
2013-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2559
* lib/nettle/pk.c: corrected extract_digest_info
2561
2013-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2563
* lib/gnutls_handshake.c, tests/mini-x509-callbacks.c: In client
2564
side the verify callback is always being called.
2566
2013-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2568
* lib/gnutls_priority.c: further relaxed security levels
2570
2013-01-29 Jaak Ristioja <jaak.ristioja@cyber.ee>
2572
* Makefile.am, configure.ac: Add option to disable generation of any
2573
documentation for GnuTLS.
2575
2013-01-29 Jaak Ristioja <jaak.ristioja@cyber.ee>
2577
* Makefile.am, libdane/Makefile.am, libdane/includes/Makefile.am:
2578
Prevent libdane pkgconfig stuff from being installed if libdane
2579
support is disabled.
2581
2013-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2583
* NEWS, configure.ac, cross.mk, m4/hooks.m4: updates for 3.1.8
2585
2013-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2587
* NEWS, lib/algorithms/secparams.c: Restored 3.1.6 defaults and
2590
2013-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2592
* lib/algorithms/secparams.c: reduced the very weak DH level to 768
2593
bits to not reject popular sites that operate on that level.
2595
2013-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2597
* lib/auth/dh_common.c: added debugging message to indicate the
2600
2013-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2602
* lib/gnutls_handshake.c: Do not call the certificate verification
2603
callback if certificates are ignored.
2605
2013-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2607
* lib/gnutls_record.c: avoid memset on the whole record header
2610
2013-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2612
* NEWS, lib/x509/privkey.c: fixed issue in
2613
gnutls_x509_privkey_import2()
2615
2013-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2617
* doc/cha-bib.texi, doc/cha-tokens.texi, doc/latex/gnutls.bib,
2618
lib/tpm.c: reference TPMURI
2620
2013-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2622
* lib/gnutls_pubkey.c, lib/x509/x509.c: updated doc
2624
2013-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2626
* lib/nettle/pk.c: corrected typo
2628
2013-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2630
* lib/nettle/pk.c: corrected wrap_nettle_hash_algorithm() to work
2631
with arbitrary key sizes.
2633
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2635
* lib/gnutls_db.c, lib/gnutls_db.h, lib/gnutls_session_pack.c: Added
2636
a magic number in front session DB data.
2638
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2640
* lib/nettle/rnd.c: Corrected typo. Reported by Mark Brand.
2642
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2644
* NEWS, lib/gnutls_cipher.c: update
2646
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2648
* tests/cert-tests/ca-no-pathlen.pem: test update
2650
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2652
* doc/cha-functions.texi, doc/manpages/Makefile.am: update
2654
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2656
* doc/Makefile.am, doc/cha-gtls-app.texi, lib/gnutls_record.c:
2659
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2663
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2665
* doc/invoke-gnutls-cli.texi: doc update
2667
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2669
* lib/gnutls_range.c: document limitation
2671
2013-01-24 Alfredo Pironti <alfredo@pironti.eu>
2673
* lib/gnutls_range.c: Make sure we don't fail if writing gets
2676
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2678
* tests/mini-dtls-heartbeat.c: disable heartbeat test if it isn't
2681
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2683
* NEWS: documented fix
2685
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2687
* NEWS: postpone the change
2689
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2691
* COPYING.LESSER: Revert "license is again LGPLv2.1" This reverts commit b7eea829d4b1db58c49bf5c3e31e4be5b61fb2e8.
2693
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2695
* tests/suite/mini-record-timing.c: updated test
2697
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2699
* lib/gnutls_cipher.c, lib/gnutls_hash_int.h: Fixes to avoid a
2700
timing attack in TLS CBC record parsing.
2702
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2706
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2708
* lib/gnutls_extensions.c, lib/gnutls_record.c: only register
2709
heartbeat if it is enabled.
2711
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2713
* COPYING.LESSER: license is again LGPLv2.1
2715
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2717
* configure.ac, lib/ext/heartbeat.c, lib/ext/heartbeat.h,
2718
m4/hooks.m4: updated heartbeat code, and made it optional.
2720
2013-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2722
* lib/includes/gnutls/pkcs11.h, lib/pkcs11.c: corrected typo
2724
2013-02-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2726
* lib/ext/status_request.c, lib/gnutls_db.c, lib/gnutls_str.c,
2727
lib/pkcs11_write.c, lib/x509/ocsp.c, lib/x509/ocsp_output.c,
2728
lib/x509/output.c, lib/x509/verify-high.c, lib/x509/x509.c: Use
2729
LGPLv2.1 in the files their author's agreed to.
2731
2013-02-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2733
* lib/gnutls_x509.c, lib/includes/gnutls/pkcs11.h, lib/pkcs11.c,
2734
lib/x509/verify-high2.c: Added GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA
2735
to specify trusted CA certificates.
2737
2013-02-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2739
* NEWS: added new func
2741
2013-02-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2743
* lib/gnutls_session_pack.c: corrected session resumption
2745
2013-02-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2747
* lib/gnutls_db.c: simplified DB storing
2749
2013-02-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2751
* src/cli-args.c, src/cli-args.def, src/cli-args.h, src/cli.c:
2752
Applied disable SNI patch from Daniel.
2754
2013-02-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2756
* lib/gnutls_db.c: remove function is not required to add or
2759
2013-02-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2761
* lib/abstract_int.h, lib/accelerated/accelerated.c,
2762
lib/accelerated/cryptodev-gcm.c, lib/accelerated/cryptodev.c,
2763
lib/accelerated/x86/aes-gcm-padlock.c,
2764
lib/accelerated/x86/aes-gcm-x86.c,
2765
lib/accelerated/x86/aes-padlock.c, lib/accelerated/x86/aes-x86.c,
2766
lib/accelerated/x86/hmac-padlock.c,
2767
lib/accelerated/x86/sha-padlock.c, lib/accelerated/x86/x86.h,
2768
lib/algorithms.h, lib/algorithms/cert_types.c,
2769
lib/algorithms/ciphers.c, lib/algorithms/ciphersuites.c,
2770
lib/algorithms/ecc.c, lib/algorithms/kx.c, lib/algorithms/mac.c,
2771
lib/algorithms/protocols.c, lib/algorithms/publickey.c,
2772
lib/algorithms/secparams.c, lib/algorithms/sign.c, lib/auth/anon.c,
2773
lib/auth/anon.h, lib/auth/anon_ecdh.c, lib/auth/cert.c,
2774
lib/auth/cert.h, lib/auth/dh_common.c, lib/auth/dh_common.h,
2775
lib/auth/dhe.c, lib/auth/dhe_psk.c, lib/auth/ecdh_common.c,
2776
lib/auth/ecdh_common.h, lib/auth/psk.c, lib/auth/psk.h,
2777
lib/auth/psk_passwd.c, lib/auth/psk_passwd.h, lib/auth/rsa.c,
2778
lib/auth/rsa_export.c, lib/auth/srp.c, lib/auth/srp.h,
2779
lib/auth/srp_passwd.c, lib/auth/srp_passwd.h, lib/auth/srp_rsa.c,
2780
lib/auth/srp_sb64.c, lib/crypto-api.c, lib/crypto-backend.c,
2781
lib/crypto-backend.h, lib/crypto.h, lib/debug.c, lib/debug.h,
2782
lib/ext/cert_type.c, lib/ext/cert_type.h, lib/ext/ecc.c,
2783
lib/ext/ecc.h, lib/ext/max_record.c, lib/ext/max_record.h,
2784
lib/ext/new_record_padding.c, lib/ext/new_record_padding.h,
2785
lib/ext/safe_renegotiation.c, lib/ext/safe_renegotiation.h,
2786
lib/ext/server_name.c, lib/ext/server_name.h,
2787
lib/ext/session_ticket.c, lib/ext/session_ticket.h,
2788
lib/ext/signature.c, lib/ext/signature.h, lib/ext/srp.c,
2789
lib/ext/srp.h, lib/ext/srtp.c, lib/ext/srtp.h, lib/gnutls_alert.c,
2790
lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_auth.h,
2791
lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_cert.c,
2792
lib/gnutls_cipher.c, lib/gnutls_cipher.h, lib/gnutls_cipher_int.c,
2793
lib/gnutls_cipher_int.h, lib/gnutls_compress.c,
2794
lib/gnutls_compress.h, lib/gnutls_constate.c,
2795
lib/gnutls_constate.h, lib/gnutls_datum.c, lib/gnutls_datum.h,
2796
lib/gnutls_db.h, lib/gnutls_dh.c, lib/gnutls_dh.h,
2797
lib/gnutls_dh_primes.c, lib/gnutls_dtls.c, lib/gnutls_dtls.h,
2798
lib/gnutls_ecc.c, lib/gnutls_ecc.h, lib/gnutls_errors.c,
2799
lib/gnutls_errors.h, lib/gnutls_extensions.c,
2800
lib/gnutls_extensions.h, lib/gnutls_global.c, lib/gnutls_global.h,
2801
lib/gnutls_handshake.c, lib/gnutls_handshake.h,
2802
lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_helper.c,
2803
lib/gnutls_helper.h, lib/gnutls_int.h, lib/gnutls_kx.c,
2804
lib/gnutls_kx.h, lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h,
2805
lib/gnutls_mem.c, lib/gnutls_mem.h, lib/gnutls_mpi.c,
2806
lib/gnutls_mpi.h, lib/gnutls_num.c, lib/gnutls_num.h,
2807
lib/gnutls_pcert.c, lib/gnutls_pk.c, lib/gnutls_pk.h,
2808
lib/gnutls_priority.c, lib/gnutls_privkey.c, lib/gnutls_psk.c,
2809
lib/gnutls_pubkey.c, lib/gnutls_record.c, lib/gnutls_record.h,
2810
lib/gnutls_rsa_export.c, lib/gnutls_rsa_export.h,
2811
lib/gnutls_session.c, lib/gnutls_session_pack.c,
2812
lib/gnutls_session_pack.h, lib/gnutls_sig.c, lib/gnutls_sig.h,
2813
lib/gnutls_srp.c, lib/gnutls_srp.h, lib/gnutls_state.c,
2814
lib/gnutls_state.h, lib/gnutls_str.h, lib/gnutls_str_array.h,
2815
lib/gnutls_supplemental.c, lib/gnutls_supplemental.h,
2816
lib/gnutls_ui.c, lib/gnutls_v2_compat.c, lib/gnutls_v2_compat.h,
2817
lib/gnutls_x509.c, lib/gnutls_x509.h,
2818
lib/includes/gnutls/abstract.h, lib/includes/gnutls/compat.h,
2819
lib/includes/gnutls/crypto.h, lib/includes/gnutls/dtls.h,
2820
lib/includes/gnutls/gnutlsxx.h, lib/includes/gnutls/openpgp.h,
2821
lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/pkcs12.h,
2822
lib/includes/gnutls/tpm.h, lib/locks.c, lib/locks.h,
2823
lib/nettle/cipher.c, lib/nettle/ecc.h, lib/nettle/ecc_free.c,
2824
lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
2825
lib/nettle/ecc_mulmod.c, lib/nettle/ecc_mulmod_cached.c,
2826
lib/nettle/ecc_points.c, lib/nettle/ecc_projective_add_point_ng.c,
2827
lib/nettle/ecc_projective_check_point.c,
2828
lib/nettle/ecc_projective_dbl_point_3.c,
2829
lib/nettle/ecc_projective_isneutral.c,
2830
lib/nettle/ecc_projective_negate_point.c,
2831
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
2832
lib/nettle/ecc_verify_hash.c, lib/nettle/egd.c, lib/nettle/egd.h,
2833
lib/nettle/init.c, lib/nettle/mac.c, lib/nettle/mpi.c,
2834
lib/nettle/pk.c, lib/nettle/rnd.c, lib/nettle/wmnaf.c,
2835
lib/opencdk/armor.c, lib/opencdk/context.h, lib/opencdk/filters.h,
2836
lib/opencdk/hash.c, lib/opencdk/kbnode.c, lib/opencdk/keydb.c,
2837
lib/opencdk/keydb.h, lib/opencdk/literal.c, lib/opencdk/main.h,
2838
lib/opencdk/misc.c, lib/opencdk/new-packet.c,
2839
lib/opencdk/opencdk.h, lib/opencdk/packet.h, lib/opencdk/pubkey.c,
2840
lib/opencdk/read-packet.c, lib/opencdk/seskey.c,
2841
lib/opencdk/sig-check.c, lib/opencdk/stream.c,
2842
lib/opencdk/stream.h, lib/opencdk/types.h,
2843
lib/opencdk/write-packet.c, lib/openpgp/compat.c,
2844
lib/openpgp/extras.c, lib/openpgp/gnutls_openpgp.c,
2845
lib/openpgp/gnutls_openpgp.h, lib/openpgp/openpgp_int.h,
2846
lib/openpgp/output.c, lib/openpgp/pgp.c, lib/openpgp/pgpverify.c,
2847
lib/openpgp/privkey.c, lib/pin.c, lib/pkcs11.c, lib/pkcs11_int.h,
2848
lib/pkcs11_privkey.c, lib/pkcs11_secret.c, lib/random.c,
2849
lib/random.h, lib/system.c, lib/system.h, lib/system_override.c,
2850
lib/tpm.c, lib/verify-tofu.c, lib/x509/common.c, lib/x509/common.h,
2851
lib/x509/crl.c, lib/x509/crl_write.c, lib/x509/crq.c,
2852
lib/x509/dn.c, lib/x509/extensions.c, lib/x509/key_decode.c,
2853
lib/x509/key_encode.c, lib/x509/mpi.c, lib/x509/pbkdf2-sha1.c,
2854
lib/x509/pbkdf2-sha1.h, lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c,
2855
lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c, lib/x509/privkey.c,
2856
lib/x509/privkey_openssl.c, lib/x509/privkey_pkcs8.c,
2857
lib/x509/rfc2818_hostname.c, lib/x509/sign.c,
2858
lib/x509/verify-high2.c, lib/x509/verify.c, lib/x509/x509_int.h,
2859
lib/x509/x509_write.c, lib/x509_b64.c, lib/x509_b64.h: Use LGPLv2.1
2860
in the files their author's agreed to.
2862
2013-01-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2864
* lib/gnutls_db.c, lib/gnutls_session_pack.c,
2865
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
2866
gnutls_db_check_entry_time().
2868
2013-01-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2870
* lib/gnutls_db.c: deprecated problematic function
2872
2013-01-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2874
* NEWS, lib/gnutls_db.c, lib/gnutls_handshake.c,
2875
lib/gnutls_session_pack.c: Fixes in server side of DTLS-0.9.
2877
2013-01-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2879
* lib/includes/gnutls/xssl.h: corrected typo
2881
2013-01-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2883
* lib/gnutls_record.c: uncork doesn't do anything when the session
2884
is already in flush mode
2886
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2888
* .gitignore, doc/.gitignore: more files to ignore
2890
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2892
* doc/cha-gtls-examples.texi, lib/includes/gnutls/xssl.h: doc update
2894
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2896
* NEWS, configure.ac, m4/hooks.m4: bumped version
2898
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2900
* doc/latex/cover.tex: Added Alfredo
2902
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2904
* doc/cha-gtls-examples.texi, doc/gnutls.texi, doc/latex/cover.tex:
2905
updated doc for XSSL
2907
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2909
* doc/examples/Makefile.am, doc/examples/ex-client-xssl1.c,
2910
doc/examples/ex-client-xssl2.c: Added XSSL client examples.
2912
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2914
* lib/Makefile.am, lib/libgnutls.map, tests/Makefile.am: Fixed
2915
compilation of mini-xssl.
2917
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2919
* lib/gnutls_range.c, lib/includes/gnutls/gnutls.h.in: small fixes
2921
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2923
* NEWS, lib/Makefile.am, m4/hooks.m4: xssl API moved to xssl library
2925
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2927
* NEWS: updated text
2929
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2931
* doc/cha-gtls-app.texi: Comment out new padding until it is
2932
standardized or at least approved by the WG.
2934
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2936
* doc/Makefile.am, doc/doc.mk: fix xssl
2938
2013-01-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2940
* src/cli-debug.c: Corrected issue in gnutls-cli-debug which tried
2941
connections to multiple hosts. gnutls-cli-debug was trying to connect to all possible IP addresses
2942
of the host and failed if any was unavailable. Now it tries
2943
sequentially and accepts the first that is working. Reported by
2944
Daniel Kahn Gillmor.
2946
2013-01-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2950
2013-01-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2952
* .gitignore, NEWS: updated NEWS
2954
2013-01-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2956
* lib/crypto-api.c: Fix AEAD out-of-place decryption
2958
2013-01-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2960
* tests/suite/mini-record-timing.c: updated test
2962
2013-01-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2964
* NEWS, lib/Makefile.am, lib/gnutls_cert.c, lib/gnutls_errors.c,
2965
lib/includes/Makefile.am, lib/includes/gnutls/gnutls.h.in,
2966
lib/includes/gnutls/sbuf.h, lib/includes/gnutls/xssl.h,
2967
lib/libgnutls.map, lib/sbuf.c, lib/sbuf.h, lib/sbuf_getline.c,
2968
lib/xssl.c, lib/xssl.h, lib/xssl_getline.c, tests/Makefile.am,
2969
tests/mini-sbuf.c, tests/mini-xssl.c: Added new interface.
2971
2013-01-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2973
* lib/gnutls_handshake.c: propagate the error of the verify
2976
2013-01-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2978
* lib/includes/gnutls/sbuf.h, lib/libgnutls.map, lib/sbuf.c: updates
2981
2013-01-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2983
* NEWS, lib/crypto-backend.h, lib/gnutls_state.c,
2984
lib/includes/gnutls/crypto.h, lib/nettle/rnd.c, lib/random.c,
2985
lib/random.h: Added gnutls_rnd_refresh().
2987
2013-01-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2989
* lib/gnutls_int.h, lib/gnutls_priority.c, lib/gnutls_state.h,
2990
lib/gnutls_ui.c: Keep the legacy dh_prime_bits.
2992
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2994
* lib/gnutls_int.h, lib/includes/gnutls/sbuf.h, lib/sbuf.c,
2995
lib/sbuf.h, lib/verify-tofu.c: updated sbuf interface.
2997
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2999
* NEWS: updated news
3001
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3003
* NEWS, lib/nettle/rnd.c: No need to cache events with the current
3006
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3008
* lib/ext/heartbeat.c: use nonces instead of random data
3010
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3012
* tests/mini-sbuf.c: free all resources
3014
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3016
* lib/nettle/rnd.c: nonces update the internal rng state much
3019
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3021
* NEWS, lib/algorithms/secparams.c, lib/gnutls_int.h,
3022
lib/gnutls_priority.c, lib/gnutls_state.h, lib/gnutls_ui.c,
3023
lib/includes/gnutls/gnutls.h.in: Instead of setting directly the
3024
number of DH bits, set a security parameter per session.
3026
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3028
* NEWS, lib/auth/dh_common.c, lib/gnutls_int.h,
3029
lib/gnutls_priority.c, lib/gnutls_state.c, lib/gnutls_state.h,
3030
lib/gnutls_ui.c: The minimum DH prime bits are now set by the
3031
priority strings (that means they are increased for the SECURE
3034
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3036
* configure.ac: warnings doesn't imply Werror
3038
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3042
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3044
* lib/gnutls_ui.c: disable gnutls_certificate_get_peers_subkey_id()
3047
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3049
* lib/nettle/rnd.c: optimized random generator.
3051
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3053
* configure.ac: check for getpid().
3055
2013-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3057
* lib/ext/heartbeat.c, lib/gnutls_buffers.c, lib/gnutls_dtls.c,
3058
lib/gnutls_dtls.h, lib/gnutls_int.h, lib/gnutls_state.c:
3059
_dtls_timespec_sub_ms -> timespec_sub_ms
3061
2013-01-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3063
* lib/algorithms.h, lib/algorithms/mac.c: Avoid many indirect calls.
3065
2013-01-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3067
* lib/nettle/rnd.c: reduced calls to getpid
3069
2013-01-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3071
* lib/nettle/rnd.c: use the more precise gettime() instead of
3074
2013-01-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3076
* lib/gnutls_range.c, lib/includes/gnutls/gnutls.h.in:
3077
gnutls_range_split accepts pointers as arguments.
3079
2013-01-24 Alfredo Pironti <alfredo@pironti.eu>
3081
* NEWS, doc/Makefile.am, lib/gnutls_range.c,
3082
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Make
3083
gnutls_range_split available from the GnuTLS API
3085
2013-01-24 Alfredo Pironti <alfredo@pironti.eu>
3087
* .gitignore, NEWS, lib/libgnutls.map: - Remove references to the (now renamed) gnutls_range_send_message -
3088
Ignore sbuf-api generated documentation Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3090
2013-01-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3092
* lib/auth/psk.h: Some fix when disable-psk-authentication is
3093
specified. Based on patch by Jaak Ristioja.
3095
2013-01-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3097
* lib/x509/x509_dn.c: rewritten DN parsing code.
3099
2013-01-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3101
* tests/cert-tests/Makefile.am, tests/cert-tests/template-dn.pem,
3102
tests/cert-tests/template-dn.tmpl, tests/cert-tests/template-test:
3103
test the DN functionality of certtool.
3105
2013-01-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3107
* tests/cert-tests/dane: dane test no longer fails if danetool isn't
3110
2013-01-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3112
* lib/system.c, lib/tpm.c, lib/x509/common.c,
3113
lib/x509/pkcs12_encr.c, lib/x509/x509_dn.c: use the non-locale
3114
dependent versions of isxxx functions.
3116
2013-01-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3118
* lib/sbuf.c: allow writes of more than the maximum record data.
3120
2013-01-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3122
* NEWS, lib/gnutls_int.h, lib/gnutls_record.c, lib/gnutls_state.c,
3123
lib/includes/gnutls/gnutls.h.in: introduced gnutls_cork() and
3126
2013-01-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3128
* NEWS, lib/Makefile.am, lib/includes/gnutls/sbuf.h,
3129
lib/libgnutls.map, lib/sbuf.c, lib/sbuf.h, lib/sbuf_getline.c,
3130
tests/mini-sbuf.c: Added gnutls_sbuf_getdelim() and getline().
3132
2013-01-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3134
* NEWS, doc/invoke-gnutls-cli.texi: doc updates
3136
2013-01-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3138
* lib/gnutls_cipher.c, lib/gnutls_range.c, lib/gnutls_record.c,
3139
lib/gnutls_record.h: Small changes and a sanity check
3141
2013-01-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3143
* lib/x509/ocsp_output.c, lib/x509/output.c: print static strings
3144
without a printf-like function.
3146
2013-01-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3148
* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
3149
lib/gnutls_range.c, lib/gnutls_record.c, lib/gnutls_record.h,
3150
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli-args.c,
3151
src/cli-args.def, src/cli-args.h, src/cli.c, src/socket.c,
3152
src/socket.h: Updated ranges patch.
3154
2013-01-22 Alfredo Pironti <alfredo@pironti.eu>
3156
* doc/Makefile.am, doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
3157
doc/invoke-gnutls-cli.texi, lib/Makefile.am,
3158
lib/ext/new_record_padding.c, lib/gnutls_cipher.c,
3159
lib/gnutls_cipher.h, lib/gnutls_int.h, lib/gnutls_priority.c,
3160
lib/gnutls_range.c, lib/gnutls_record.c, lib/gnutls_record.h,
3161
lib/includes/gnutls/gnutls.h.in, src/cli-args.c, src/cli-args.def,
3162
src/cli-args.h, src/cli.c, src/socket.c, src/socket.h,
3163
tests/mini-record.c: GnuTLS Length Hiding patch. - Remove random padding; use minimal padding with legacy interface - With new interface, use LH when possible, that is in CBC mode or
3164
with the new padding extension - Rename priority to "NEW_PADDING" - gnutls-cli: add command line switch --ranges using LH when
3165
possible. - Update documentation Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3167
2013-01-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3169
* lib/gnutls_session.c, lib/includes/gnutls/gnutls.h.in,
3170
lib/libgnutls.map: changed function name to
3171
gnutls_session_force_valid.
3173
2013-01-22 Martin Storsjo <martin@martin.st>
3175
* lib/gnutls.pc.in: Update Libs.private with @LIB_CLOCK_GETTIME@ as
3176
well This is required when linking as static libraries on linux, for
3177
-lrt. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3179
2013-01-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3181
* lib/gnutls_priority.c: set a default error position.
3183
2013-01-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3185
* lib/gnutls_session.c, lib/includes/gnutls/gnutls.h.in,
3186
lib/libgnutls.map: Added gnutls_session_clear_invalid
3188
2013-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3190
* doc/Makefile.am, doc/cha-functions.texi, doc/doc.mk: updated docs
3193
2013-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3195
* NEWS, lib/gnutls_handshake.c, lib/gnutls_int.h,
3196
lib/gnutls_record.c, lib/includes/gnutls/gnutls.h.in: Added
3197
gnutls_record_set_timeout().
3199
2013-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3201
* lib/includes/Makefile.am, lib/includes/gnutls/gnutls.h.in,
3202
lib/includes/gnutls/sbuf.h, lib/sbuf.c: updated sbuf layer.
3204
2013-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3206
* doc/invoke-certtool.texi: Updated doc
3208
2013-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3210
* src/certtool-common.c: corrected C parameter generation.
3212
2013-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3214
* configure.ac, lib/Makefile.am, lib/gnutls.pc.in: Updated
3215
Libs.private with all the required libraries
3217
2013-01-21 Martin Storsjo <martin@martin.st>
3219
* lib/gnutls.pc.in: Include libiconv in Libs.private This makes static linking succeed if the library is configured to
3220
use libiconv. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3222
2013-01-21 Martin Storsjo <martin@martin.st>
3224
* lib/gnutls_global.c, lib/verify-tofu.c: Define _gnutls_file_mutex
3225
in gnutls_global.c instead of in verify-tofu.c This fixes issues with linking the tools on OS X if not building
3226
shared libraries. Currently, if building with --disable-shared on OS X, the build
3227
fails with: CCLD gnutls-serv Undefined symbols for architecture x86_64: "__gnutls_file_mutex", referenced from: _gnutls_global_deinit in libgnutls.a(gnutls_global.o) _gnutls_global_init in libgnutls.a(gnutls_global.o) ld:
3228
symbol(s) not found for architecture x86_64 It seems that the linker fails to pull in verify-tofu.o to satisfy
3229
the undefined reference to _gnutls_file_mutex.o in gnutls_global.o
3230
unless gnutls_global.o (or any other object file in the link) also
3231
calls functions that pulls in verify-tofu.o. Since gnutls_global.o
3232
always is linked in, but verify-tofu.o can be left out unless
3233
someone calls the functions in it, defining the mutex in
3234
gnutls_global.c makes sense and simplifies the dependencies. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3236
2013-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3238
* src/Makefile.am, src/certtool-args.c, src/certtool-args.def,
3239
src/certtool-args.h, src/certtool-common.c, src/certtool-common.h,
3240
src/certtool.c, src/dh.c: Added --cprint option to certtool
3242
2013-01-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3244
* doc/README.CODING_STYLE: updated coding style
3246
2013-01-20 Alon Bar-Lev <alon.barlev@gmail.com>
3248
* src/Makefile.am: build: add danetool-args.c to BUILT_SOURCES Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Signed-off-by:
3249
Nikos Mavrogiannopoulos <nmav@gnutls.org>
3251
2013-01-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3253
* .gitignore, tests/suite/Makefile.am,
3254
tests/suite/mini-record-timing.c: Added program to estimate the
3255
timings in different record paddings.
3257
2013-01-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3259
* doc/invoke-danetool.texi, libdane/dane.c,
3260
libdane/includes/gnutls/dane.h, src/danetool-args.c,
3261
src/danetool-args.def, src/danetool-args.h, src/danetool.c: Added
3262
--insecure flag to danetool.
3264
2013-01-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3266
* src/certtool.c, tests/cert-tests/template-test.pem,
3267
tests/cert-tests/template-utf8.pem: modified certtool order of DN
3270
2013-01-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3272
* tests/mini-sbuf.c: properly deinitialized sbuf
3274
2013-01-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3276
* tests/mini-dtls-record.c: initialize buffer before sending.
3278
2013-01-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3280
* NEWS, tests/dn2.c: corrected test for new names and updated news.
3282
2013-01-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3284
* NEWS, libdane/dane.c, libdane/errors.c,
3285
libdane/includes/gnutls/dane.h, libdane/libdane.map, m4/hooks.m4,
3286
src/danetool-args.c, src/danetool-args.def, src/danetool-args.h,
3287
src/danetool.c: Added options to specify a DLV file. Suggested by
3290
2013-01-17 Nikos Mavrogiannopoulos <nikos@esat.kuleuven.be>
3292
* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
3293
lib/x509/x509_dn.c: Added gnutls_x509_crt_set_issuer_dn().
3295
2013-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3297
* doc/invoke-certtool.texi: updated certtool doc
3299
2013-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3301
* NEWS, doc/TODO, doc/cha-cert-auth2.texi,
3302
lib/includes/gnutls/x509.h, lib/libgnutls.map,
3303
lib/x509/Makefile.am, lib/x509/common.c, lib/x509/common.h,
3304
lib/x509/x509_dn.c, src/certtool-args.c, src/certtool-args.def,
3305
src/certtool-args.h, src/certtool-cfg.c, src/certtool-cfg.h,
3306
src/certtool.c: Added functions to directly set the DN in a
3307
certificate or request from an RFC4514 string.
3309
2013-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3311
* .gitignore: more files to ignore
3313
2013-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3315
* NEWS, doc/cha-gtls-app.texi, lib/Makefile.am,
3316
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, lib/sbuf.c,
3317
tests/Makefile.am, tests/mini-sbuf.c: Added functions to assist
3318
buffering during transmission. Added the gnutls_sbuf_t structure and accompanying functions to
3319
enable buffering in sending application data.
3321
2013-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3323
* libdane/dane-params.c: corrected copyright.
3325
2013-01-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3327
* lib/gnutls_errors.c, lib/includes/gnutls/gnutls.h.in,
3328
lib/nettle/rnd.c: Added new error code GNUTLS_E_RANDOM_DEVICE_ERROR.
3330
2013-01-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3332
* lib/nettle/egd.c: Corrected issue when an EGD device was not
3333
found. Reported by Joshua Phillips.
3335
2013-01-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3337
* cfg.mk: Added config rule
3339
2013-01-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3341
* doc/examples/ex-client-x509.c: doc fix
3343
2013-01-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3345
* lib/x509/pkcs12.c: doc fix
3347
2013-01-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3349
* lib/pkcs11.c: small updates
3351
2013-01-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3353
* doc/reference/gnutls-docs.sgml: update
3355
2013-01-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3357
* lib/x509/crq.c: simplified naming
3359
2013-01-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3361
* doc/reference/gnutls-docs.sgml: update
3363
2013-01-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3365
* lib/ext/status_request.c, lib/gnutls_dh_primes.c,
3366
lib/gnutls_ui.c, lib/openpgp/pgp.c, lib/openpgp/privkey.c,
3367
lib/pkcs11.c, lib/x509/dn.c, lib/x509/ocsp.c, lib/x509/pkcs12.c,
3368
lib/x509/pkcs7.c, lib/x509/x509.c: Added correct since
3370
2013-01-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3372
* doc/latex/gnutls.tex: added babel (not sure why)
3374
2013-01-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3376
* doc/reference/gnutls-docs.sgml: updated for 3.1
3378
2013-01-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3380
* lib/nettle/pk.c: corrected error code
3382
2013-01-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3384
* cross.mk: updated makefile
3386
2013-01-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3388
* configure.ac: use AC_CONFIG_HEADER. Reported by Marko Lindqvist
3390
2013-01-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3392
* NEWS: documented updates
3394
2013-01-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3396
* lib/gnutls_record.c: corrected typo
3398
2013-01-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3400
* lib/libgnutls.map: updated exported function name
3402
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3406
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3408
* doc/cha-gtls-app.texi, lib/ext/new_record_padding.c,
3409
lib/gnutls_priority.c, lib/includes/gnutls/gnutls.h.in,
3410
tests/mini-record.c: NEW_RECORD_PADDING priority string was renamed
3413
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3415
* lib/gnutls_cipher.c: corrected compression.
3417
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3419
* lib/includes/gnutls/x509.h: removed utf8 chars
3421
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3423
* doc/latex/gnutls.tex: updates in output
3425
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3427
* tests/mini-record.c: Added checks for new record padding format.
3429
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3431
* lib/gnutls_cipher.c, lib/gnutls_record.c: better checks in new
3434
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3436
* lib/gnutls_cipher.c, lib/gnutls_int.h, lib/gnutls_record.c: use
3437
padding also if in DTLS.
3439
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3441
* lib/gnutls_cipher.c, lib/gnutls_cipher.h, lib/gnutls_record.c:
3442
some simplifications
3444
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3446
* lib/gnutls_dtls.c: use new_record_padding in DTLS data mtu
3449
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3451
* lib/gnutls_cipher.c, lib/gnutls_cipher.h, lib/gnutls_record.c:
3452
simplified decryption
3454
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3456
* lib/ext/new_record_padding.c: removed debugging
3458
2012-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3460
* lib/debug.c, lib/debug.h, lib/ext/Makefile.am,
3461
lib/ext/new_record_padding.c, lib/ext/new_record_padding.h,
3462
lib/gnutls_cipher.c, lib/gnutls_extensions.c,
3463
lib/gnutls_extensions.h, lib/gnutls_handshake.c, lib/gnutls_int.h,
3464
lib/gnutls_priority.c, lib/gnutls_record.c,
3465
lib/gnutls_session_pack.c, lib/includes/gnutls/gnutls.h.in,
3466
lib/libgnutls.map: Added a new record padding mechanism. It is negotiated via an extension and record data are now formatted
3467
as: ciphered-struct { opaque pad<0..2^16-1> opaque content[TLSCompressed.length]; opaque MAC[CipherSpec.hash_size]; } The ciphered-struct size is
3468
always 0 modulo the block size in block ciphers to avoid any need
3469
for additional padding. Added extension to negotiate new record padding.
3471
2012-12-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3473
* .gitignore, tests/Makefile.am, tests/mini-dtls-record.c: Added
3474
test for duplicate packet detection in DTLS.
3476
2012-12-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3478
* lib/gnutls_dtls.c, lib/gnutls_int.h: Simplified DTLS sliding
3479
window implementation.
3481
2012-12-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3483
* lib/gnutls_record.c: Termination when expecting an alert is
3484
handled gracefully in DTLS.
3486
2013-01-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3488
* NEWS: living in the past
3490
2013-01-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3492
* NEWS, m4/hooks.m4: bumped library version
3494
2013-01-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3496
* NEWS: updated news
3498
2013-01-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3500
* doc/cha-library.texi, doc/cha-tokens.texi, lib/Makefile.am,
3501
lib/tpm.c: If trousers is not present define the TPM functions but
3502
have them return GNUTLS_E_UNIMPLEMENTED_FEATURE.
3504
2013-01-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3506
* configure.ac: tpm support is disabled by default
3508
2013-01-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3512
2013-01-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3514
* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
3515
doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
3516
doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
3517
doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
3518
doc/invoke-srptool.texi, doc/invoke-tpmtool.texi,
3519
doc/manpages/tpmtool.1: updated autogen'ed files.
3521
2012-12-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3523
* doc/cha-auth.texi, doc/cha-tokens.texi, doc/latex/Makefile.am,
3524
doc/latex/gnutls.tex: doc updates
3526
2012-12-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3528
* libdane/dane-params.c, libdane/dane.c: KU Leuven copyright stuff
3529
is LGPL version 2.1 or later
3531
2012-12-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3533
* THANKS: updated thanks file
3535
2012-12-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3537
* README-alpha: updated git2cl link
3539
2012-12-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3541
* doc/cha-auth.texi: corrected typos
3543
2012-12-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3545
* doc/cha-auth.texi: updated in auth chapter
3547
2012-12-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3549
* doc/Makefile.am, doc/cha-auth.texi, doc/cha-cert-auth.texi,
3550
doc/cha-cert-auth2.texi, doc/cha-shared-key.texi, doc/gnutls.texi,
3551
doc/invoke-certtool.texi, doc/invoke-danetool.texi,
3552
doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
3553
doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
3554
doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
3555
doc/invoke-srptool.texi, doc/invoke-tpmtool.texi: Reorganization of
3556
the authentication chapter.
3558
2012-12-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3560
* doc/cha-auth.texi, doc/gnutls.texi: Added authentication methods
3563
2012-12-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3565
* doc/examples/ex-client-anon.c, doc/examples/ex-client-dtls.c,
3566
doc/examples/ex-client-psk.c, doc/examples/ex-client-resume.c,
3567
doc/examples/ex-client-x509.c, doc/examples/ex-serv-anon.c,
3568
doc/examples/ex-serv-dtls.c, doc/examples/ex-serv-pgp.c,
3569
doc/examples/ex-serv-psk.c, doc/examples/ex-serv-srp.c,
3570
doc/examples/ex-serv-x509.c: better code in client and server
3573
2012-12-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3575
* NEWS, lib/nettle/pk.c: made PKCS#1 1.5 encoding and decoding
3576
stricter. Reported by Kikuchi Masashi.
3578
2012-12-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3580
* lib/gnutls_record.c: corrected typo
3582
2012-12-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3584
* lib/gnutls_record.c: Termination when expecting an alert is
3585
handled gracefully in DTLS.
3587
2012-12-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3589
* NEWS, lib/ext/heartbeat.c: Improvements in heartbeat handling.
3591
2012-12-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3593
* doc/examples/ex-serv-anon.c, doc/examples/ex-serv-dtls.c,
3594
doc/examples/ex-serv-pgp.c, doc/examples/ex-serv-psk.c,
3595
doc/examples/ex-serv-srp.c, doc/examples/ex-serv-x509.c: drop
3596
unecessary function in examples
3598
2012-12-20 Martin Storsjo <martin@martin.st>
3600
* lib/ext/srtp.c: Don't match further SRTP profiles after one match
3601
has been found This makes SRTP profile matching more straightforward and intuitive,
3602
when the first matching SRTP profile will be the one selected, not
3603
the last one as before. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3605
2012-12-20 Martin Storsjo <martin@martin.st>
3607
* lib/crypto-api.c: Fix the parameter name to gnutls_key_generate Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3609
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3613
2012-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3615
* tests/suite/testcompat: corrected datefudge test
3617
2012-12-18 Martin Storsjo <martin@martin.st>
3619
* lib/system_override.c: Fix docs for
3620
gnutls_transport_set_pull_timeout_function The timeout function returns int, not ssize_t. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3622
2012-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3624
* lib/x509/x509_write.c: doc update
3626
2012-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3628
* configure.ac: bumped version
3630
2012-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3632
* tests/suite/mini-eagain2.c: added config.h
3634
2012-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3636
* configure.ac: corrected wording
3638
2012-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3640
* build-aux/snippet/warn-on-use.h, gl/Makefile.am, gl/base64.c,
3641
gl/error.c, gl/fstat.c, gl/getaddrinfo.c, gl/m4/base64.m4,
3642
gl/m4/error.m4, gl/m4/extern-inline.m4, gl/m4/fstat.m4,
3643
gl/m4/ftruncate.m4, gl/m4/getaddrinfo.m4, gl/m4/gnulib-comp.m4,
3644
gl/m4/lock.m4, gl/m4/lstat.m4, gl/m4/math_h.m4, gl/m4/open.m4,
3645
gl/m4/stat.m4, gl/m4/stdio_h.m4, gl/m4/sys_socket_h.m4,
3646
gl/m4/sys_stat_h.m4, gl/m4/unistd_h.m4, gl/m4/vasnprintf.m4,
3647
gl/math.c, gl/math.in.h, gl/stdio.c, gl/stdio.in.h,
3648
gl/sys_socket.c, gl/sys_socket.in.h, gl/sys_stat.in.h,
3649
gl/tests/ftruncate.c, gl/tests/glthread/lock.c, gl/tests/lstat.c,
3650
gl/tests/open.c, gl/tests/stat.c, gl/unistd.c, gl/unistd.in.h,
3651
gl/vasnprintf.c, maint.mk: updated gnulib
3653
2012-12-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3655
* tests/suite/Makefile.am: corrected test
3657
2012-12-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3659
* doc/invoke-certtool.texi, src/certtool-args.c,
3660
src/certtool-args.def, src/certtool-args.h: certtool
3661
--generate-request option conflicts with --infile. Suggested by
3664
2012-12-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3668
2012-12-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3670
* doc/Makefile.am, doc/invoke-danetool.texi,
3671
doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
3672
doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
3673
doc/invoke-psktool.texi, doc/invoke-srptool.texi,
3674
doc/invoke-tpmtool.texi, doc/manpages/Makefile.am,
3675
doc/manpages/tpmtool.1: use ECHO_N
3677
2012-12-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3679
* tests/suite/Makefile.am: do not build ecore in macosx
3681
2012-12-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3683
* README, README-alpha: updated urls
3685
2012-12-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3687
* doc/gnutls.texi, doc/latex/cover-epub.tex, doc/latex/cover.tex,
3688
lib/gnutls_privkey.c, lib/x509/crq.c, lib/x509/pkcs12.c,
3689
tests/pkcs12_simple.c: corrected copyright notices
3691
2012-11-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3693
* doc/invoke-certtool.texi, src/certtool-args.c,
3694
src/certtool-args.def, src/certtool-args.h: updated documentation.
3696
2012-11-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3698
* lib/x509/common.c: _gnutls_strdatum_to_buf() will account for NULL
3701
2012-11-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3703
* lib/x509/output.c: allow GNUTLS_E_SHORT_MEMORY_BUFFER in
3704
gnutls_x509_crq_get_challenge_password
3706
2012-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3708
* lib/x509/crq.c: doc update
3710
2012-11-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3712
* doc/invoke-p11tool.texi, src/p11tool-args.c,
3713
src/p11tool-args.def, src/p11tool-args.h: updated documentation
3715
2012-12-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3717
* lib/gnutls_privkey.c, lib/x509/pkcs12.c, lib/x509/privkey.c,
3718
tests/key-openssl.c, tests/pkcs12_simple.c: Import PKCS #12 keys
3720
2012-12-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3722
* NEWS: document fix
3724
2012-12-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3726
* lib/gnutls_cipher.c: Corrected bugs in record parsing. Corrected bugs in record padding parsing. Reported by Kenny
3727
Patterson and Nadhem Alfardan.
3729
2012-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3731
* NEWS: documented fixes
3733
2012-11-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3735
* lib/ext/srtp.c, lib/ext/srtp.h: corrected copyright
3737
2012-12-01 Ludovic Courtès <ludo@gnu.org>
3739
* guile/src/Makefile.am: guile: Fix dependencies to be
3742
2012-11-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3744
* doc/cha-cert-auth.texi: Revert "do not document low-level
3745
functions" This reverts commit 7b334d581007ba4a91837edb1e0081959f32e363.
3747
2012-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3749
* README: mention dependencies in readme
3751
2012-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3753
* cfg.mk: update @VERSION@ -> actual version on the web manual
3755
2012-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3757
* doc/cha-cert-auth.texi: doc update
3759
2012-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3761
* cfg.mk: simplified generation of documentation
3763
2012-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3765
* doc/cha-gtls-app.texi: mention gnutls_sec_param_get_name
3767
2012-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3769
* doc/cha-crypto.texi, lib/gnutls_ui.c: doc updates
3771
2012-11-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3773
* src/socket.c: corrected socket loop. Based on patch by Mantas
3776
2012-11-26 Simon Josefsson <simon@josefsson.org>
3778
* lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
3779
lib/minitasn1/element.c, lib/minitasn1/int.h,
3780
lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
3781
lib/minitasn1/parser_aux.h, lib/minitasn1/structure.c: Update
3782
minitasn1 to version 3.1.
3784
2012-11-26 Simon Josefsson <simon@josefsson.org>
3786
* .gitignore, build-aux/snippet/unused-parameter.h,
3787
doc/gendocs_template, maint.mk: Update gnulib tools. Add missing
3788
unused-parameter.h template.
3790
2012-11-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3794
2012-11-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3796
* src/cli.c, src/ocsptool-common.c, src/socket.c, src/socket.h:
3797
gnutls-cli will try to cannot to all possible returned addresses.
3799
2012-11-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3801
* doc/TODO: updated todo list
3803
2012-11-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3805
* NEWS, lib/x509/x509.c: gnutls_x509_crt_get_policy() allows for a
3806
list of zero policy qualifiers.
3808
2012-11-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3810
* src/libopts/usage.c: Added hack to print the parameters correctly
3813
2012-11-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3815
* lib/x509/x509.c: updated
3817
2012-11-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3819
* tests/cert-tests/template-test: repeat the tests to avoid
3822
2012-11-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3824
* lib/x509/dn.c: LDAP string escaping was made stricter (rfc4514
3827
2012-11-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3829
* lib/pkix.asn, lib/pkix_asn1_tab.c: removed unneeded types.
3831
2012-11-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3833
* lib/x509/common.c: UniversalString (UTF-32) is handled as
3834
non-printable for now.
3836
2012-11-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3838
* doc/TODO: updated todo list
3840
2012-11-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3842
* lib/x509/common.c: Allow for bit strings that are not a multiple
3845
2012-11-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3847
* NEWS, cross.mk: updated
3849
2012-11-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3851
* m4/hooks.m4: require libtasn1 3.1 or later
3853
2012-11-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3855
* lib/gnutls_asn1_tab.c, lib/pkix_asn1_tab.c, lib/tpm.c,
3856
lib/x509/common.c, lib/x509/common.h, lib/x509/crl.c,
3857
lib/x509/crq.c, lib/x509/dn.c, lib/x509/extensions.c,
3858
lib/x509/mpi.c, lib/x509/ocsp.c, lib/x509/pkcs12.c,
3859
lib/x509/pkcs12_bag.c, lib/x509/privkey.c, lib/x509/x509.c,
3860
lib/x509/x509_int.h, lib/x509/x509_write.c, tests/crq_apis.c,
3861
tests/set_pkcs12_cred.c: rewritten ASN.1 handling string subsystems
3862
to use the new libtasn1 APIs.
3864
2012-11-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3866
* NEWS: released 3.1.5
3868
2012-11-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3870
* .gitignore: more files to ignore
3872
2012-11-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3874
* lib/x509/common.c: corrected placeOfBirth DN parsing.
3876
2012-11-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3878
* lib/gnutls_global.c: no need to release struct
3880
2012-11-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3882
* doc/cha-cert-auth.texi: do not document low-level functions
3884
2012-11-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3886
* lib/nettle/ecc_mulmod_cached.c: set cache to null after
3889
2012-11-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3891
* tests/cert-tests/template-test: fixed test
3893
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3895
* .gitignore, gl/Makefile.am, gl/c-strcase.h, gl/c-strcasecmp.c,
3896
gl/c-strncasecmp.c, gl/iconv.c, gl/iconv.in.h, gl/iconv_close.c,
3897
gl/iconv_open-aix.gperf, gl/iconv_open-aix.h,
3898
gl/iconv_open-hpux.gperf, gl/iconv_open-hpux.h,
3899
gl/iconv_open-irix.gperf, gl/iconv_open-irix.h,
3900
gl/iconv_open-osf.gperf, gl/iconv_open-osf.h,
3901
gl/iconv_open-solaris.gperf, gl/iconv_open-solaris.h,
3902
gl/iconv_open.c, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
3903
gl/m4/iconv_h.m4, gl/m4/iconv_open-utf.m4, gl/m4/iconv_open.m4,
3904
gl/m4/inline.m4, gl/m4/libunistring-base.m4, gl/m4/locale-fr.m4,
3905
gl/m4/locale-ja.m4, gl/m4/locale-tr.m4, gl/m4/locale-zh.m4,
3906
gl/m4/locale_h.m4, gl/m4/localename.m4, gl/m4/setlocale.m4,
3907
gl/tests/Makefile.am, gl/tests/locale.in.h, gl/tests/localename.c,
3908
gl/tests/localename.h, gl/tests/setlocale.c,
3909
gl/tests/test-c-strcase.sh, gl/tests/test-c-strcasecmp.c,
3910
gl/tests/test-c-strncasecmp.c, gl/tests/test-iconv-h.c,
3911
gl/tests/test-iconv-utf.c, gl/tests/test-locale.c,
3912
gl/tests/test-localename.c, gl/tests/test-setlocale1.c,
3913
gl/tests/test-setlocale1.sh, gl/tests/test-setlocale2.c,
3914
gl/tests/test-setlocale2.sh, gl/tests/unistr/test-u8-mbtoucr.c,
3915
gl/tests/unistr/test-u8-uctomb.c, gl/unistr.in.h,
3916
gl/unistr/u8-mbtoucr.c, gl/unistr/u8-uctomb-aux.c,
3917
gl/unistr/u8-uctomb.c, gl/unitypes.in.h: iconv() will include the
3918
UCS2->UTF8 convertion in systems that is not provided.
3920
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3922
* lib/pkix_asn1_tab.c: use the old type for compatibility
3924
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3926
* lib/minitasn1/libtasn1.h, lib/minitasn1/structure.c: updated
3929
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3931
* configure.ac, m4/hooks.m4: bumped version
3933
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3935
* lib/system.c: simplified UTF-8 encoding.
3937
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3939
* NEWS, doc/invoke-danetool.texi, src/Makefile.am,
3940
src/danetool-args.c, src/danetool-args.def, src/danetool-args.h,
3941
src/danetool.c: danetool is being built even without libgnutls-dane. The --check functionality is not operational though. It can only
3942
generate tlsa records.
3944
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3946
* tests/cert-tests/Makefile.am, tests/cert-tests/template-test,
3947
tests/cert-tests/template-utf8.pem,
3948
tests/cert-tests/template-utf8.tmpl: Added test on UTF-8 certificate
3951
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3953
* lib/x509/dn.c: removed redundant check
3955
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3957
* NEWS, doc/invoke-certtool.texi, src/certtool-args.c,
3958
src/certtool-args.def, src/certtool-args.h, src/certtool.c: updated
3961
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3963
* lib/x509/x509.c: update
3965
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3967
* doc/cha-cert-auth.texi, lib/x509/x509.c: doc update
3969
2012-11-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3971
* doc/cha-cert-auth2.texi, lib/pkcs11_privkey.c, lib/x509/output.c,
3972
lib/x509/x509.c, lib/x509/x509_write.c: doc update
3974
2012-11-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3976
* lib/x509/x509_write.c: enforce the 200 character limit.
3978
2012-11-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3980
* NEWS, lib/system.c: improved iconv support.
3982
2012-11-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3984
* tests/cert-tests/aki, tests/cert-tests/aki-cert.pem,
3985
tests/cert-tests/bmpstring.pem, tests/cert-tests/ca-no-pathlen.pem,
3986
tests/cert-tests/no-ca-or-pathlen.pem, tests/cert-tests/pathlen:
3987
updated for new output
3989
2012-11-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3993
2012-11-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3995
* NEWS, doc/Makefile.am, doc/cha-gtls-app.texi,
3996
doc/invoke-certtool.texi, doc/manpages/Makefile.am,
3997
lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
3998
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
3999
lib/x509/output.c, src/certtool-args.c, src/certtool-args.def,
4000
src/certtool-args.h, src/certtool-common.c, src/certtool-common.h,
4001
src/certtool.c, src/tpmtool.c: Several updates in certificate/public
4002
key printing. * Added GNUTLS_CRT_PRINT_FULL_NUMBERS to print bignumbers in an
4003
easier to parse format. * Added gnutls_pubkey_import_x509_crq() to convert a certificate
4004
request to a public key. * Added gnutls_pubkey_print() to simplify public key printing. * certtool's pubkey-info can be combined with --load-request. * Added --numbers option to certtool which prints big numbers in an
4005
easier to parser format.
4007
2012-11-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4009
* build-aux/gendocs.sh, configure.ac, gl/Makefile.am, gl/dup2.c,
4010
gl/errno.in.h, gl/m4/errno_h.m4, gl/m4/gnulib-cache.m4,
4011
gl/m4/gnulib-comp.m4, gl/m4/select.m4, gl/m4/stdlib_h.m4,
4012
gl/select.c, gl/stdlib.in.h, gl/strerror-override.c,
4013
gl/strerror-override.h, gl/tests/Makefile.am, gl/tests/dup2.c,
4014
gl/tests/fcntl.in.h, gl/tests/test-fcntl-h.c,
4015
gl/tests/test-iconv.c, gl/tests/test-select.h, lib/system.c,
4016
m4/hooks.m4, maint.mk: use gnulib to detect iconv.
4018
2012-11-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4020
* NEWS, configure.ac, lib/Makefile.am, lib/system.c: check for
4021
either iconv or libiconv.
4023
2012-11-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4025
* src/certtool-args.c, src/certtool-args.def, src/certtool-args.h,
4026
src/certtool-cfg.c: simplified parsing
4028
2012-11-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4030
* lib/x509/output.c: print header only on the first policy
4032
2012-11-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4034
* NEWS, doc/invoke-certtool.texi, src/certtool-args.c,
4035
src/certtool-args.def, src/certtool-args.h, src/certtool-cfg.c,
4036
src/certtool-cfg.h, src/certtool.c: certtool is able to set
4037
certificate policies via a template
4039
2012-11-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4041
* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
4042
lib/x509/dn.c, lib/x509/output.c, lib/x509/x509.c,
4043
lib/x509/x509_write.c: Added gnutls_x509_crt_set_policy()
4045
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4047
* lib/x509/crl.c, lib/x509/crq.c, lib/x509/dn.c, lib/x509/pkcs12.c,
4048
lib/x509/x509.c: doc update
4050
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4052
* NEWS, doc/Makefile.am, doc/manpages/Makefile.am,
4053
lib/includes/gnutls/x509.h, lib/x509/output.c, lib/x509/x509.c:
4056
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4058
* lib/system.c: corrected win32 UCS2 conversion.
4060
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4062
* NEWS, doc/Makefile.am, doc/manpages/Makefile.am,
4063
lib/includes/gnutls/x509.h, lib/system.c, lib/x509/output.c,
4064
lib/x509/x509.c: simplified naming
4066
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4068
* NEWS: documented update
4070
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4072
* lib/x509/x509.c: mention the extension OID
4074
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4076
* tests/cert-tests/aki-cert.pem,
4077
tests/cert-tests/no-ca-or-pathlen.pem: updated certificates to parse
4080
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4082
* lib/pkix.asn, lib/pkix_asn1_tab.c, lib/x509/x509.c: handle
4085
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4087
* tests/cert-tests/Makefile.am, tests/cert-tests/bmpstring.pem,
4088
tests/cert-tests/pem-decoding: Added simple check for bmpstring
4091
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4093
* lib/system.c: Added _gnutls_ucs2_to_utf8() for windows (untested)
4095
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4097
* lib/x509/common.c: If _gnutls_ucs2_to_utf8() handle the data as
4098
non-printable (fallback to previous behavior).
4100
2012-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4102
* lib/x509/x509.c: doc update
4104
2012-11-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4106
* NEWS: documented updates
4108
2012-11-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4110
* configure.ac: check for iconv
4112
2012-11-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4114
* lib/system.c, lib/x509/common.c: map the whole ascii set
4116
2012-11-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4118
* lib/x509/common.c: Handle BMPString in DNs.
4120
2012-11-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4122
* lib/includes/gnutls/x509.h, lib/libgnutls.map, lib/pkix.asn,
4123
lib/pkix_asn1_tab.c, lib/system.c, lib/system.h, lib/tpm.c,
4124
lib/x509/common.c, lib/x509/common.h, lib/x509/crl.c,
4125
lib/x509/dn.c, lib/x509/extensions.c, lib/x509/mpi.c,
4126
lib/x509/ocsp.c, lib/x509/output.c, lib/x509/pkcs12.c,
4127
lib/x509/pkcs12_bag.c, lib/x509/privkey.c,
4128
lib/x509/privkey_pkcs8.c, lib/x509/x509.c: Added functions to parse
4129
the certificate policies extention. Added gnutls_x509_crt_get_policy() etc. In addition several updated
4130
in the handling of strings in X.509 structures.
4132
2012-11-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4134
* doc/Makefile.am, doc/cha-cert-auth2.texi, doc/cha-crypto.texi,
4135
doc/cha-gtls-app.texi, doc/gnutls.texi, lib/x509/privkey.c: doc
4138
2012-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4140
* lib/gnutls_cert.c: updated doc
4142
2012-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4144
* NEWS: documented update
4146
2012-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4150
2012-11-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4152
* tests/cert-tests/template-test: Added small text
4154
2012-11-15 Tim Kosse <tim.kosse@filezilla-project.org>
4156
* doc/examples/Makefile.am: print-ciphersuites was a very useful too
4157
for debugging this. Now it is even built. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
4159
2012-11-15 Tim Kosse <tim.kosse@filezilla-project.org>
4161
* lib/gnutls_priority.c: Don't read past the last list entry in
4162
_add_priority, doing so adds algorithms that shouldn't be added and
4163
can even lead to a segfault. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
4165
2012-11-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4167
* src/danetool.c: tried to beautify output of danetool
4169
2012-11-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4171
* lib/gnutls_x509.c: corrected description.
4173
2012-11-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4175
* lib/gnutls_cert.c: corrected typo
4177
2012-11-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4181
2012-11-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4183
* src/pkcs11.c: optimizations in list import
4185
2012-11-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4187
* lib/pkcs11.c: When listing all objects of a type, restrict their
4188
class to the specified.
4190
2012-11-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4192
* src/pkcs11.c: Added some help on failure.
4194
2012-11-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4196
* lib/pkcs11.c, lib/pkcs11_int.h, lib/pkcs11_privkey.c:
4197
pkcs11_find_object made static.
4199
2012-11-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4201
* src/certtool-common.c, src/certtool-common.h, src/certtool.c,
4202
src/dh.c, src/p11tool.c, src/pkcs11.c, src/tpmtool.c: get_bits()
4203
does not always warn.
4205
2012-11-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4207
* lib/includes/gnutls/pkcs11.h, lib/libgnutls.map, lib/pkcs11.c,
4208
lib/pkcs11_int.h, lib/pkcs11_privkey.c, src/pkcs11.c: when
4209
generating a PKCS #11 private key print the public key.
4211
2012-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4213
* NEWS, doc/invoke-certtool.texi, src/certtool-args.c,
4214
src/certtool-args.def, src/certtool-args.h, src/certtool.c: The
4215
pubkey-info option can be combined with the load-privkey to extract
4216
the public key of a private key.
4218
2012-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4220
* doc/examples/ex-client-x509.c, doc/examples/ex-verify-ssh.c,
4221
doc/examples/verify.c: corrected verification examples
4223
2012-11-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4225
* doc/TODO: removed OCSP extension from TODO
4227
2012-11-09 Diego Elio Pettenò <flameeyes@flameeyes.eu>
4229
* tests/cert-tests/Makefile.am: build: only run the dane cert test
4230
if dane is enabled. This fixes a test failure when disabling dane support. Signed-off-by: Diego Elio Pettenò <flameeyes@flameeyes.eu>
4231
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
4233
2012-11-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4235
* Makefile.am, NEWS, cfg.mk, doc/manpages/Makefile.am,
4236
tests/cert-tests/Makefile.am, tests/cert-tests/cert-ecc256.pem,
4237
tests/cert-tests/dane: last changes for release.
4239
2012-11-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4241
* doc/Makefile.am, doc/invoke-gnutls-cli.texi,
4242
doc/manpages/Makefile.am, src/common.c: updated
4244
2012-11-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4246
* lib/gnutls_x509.c: Corrected indication of OCSP check failure.
4248
2012-11-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4250
* src/cli-args.c, src/cli-args.def, src/cli-args.h, src/cli.c: The
4251
status-request option was eliminated. Check OCSP only when the
4252
status response in the handshake was invalid.
4254
2012-11-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4256
* AUTHORS, NEWS: Added Martin
4258
2012-11-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4260
* src/certtool-args.c, src/certtool-args.h, src/cli-args.c,
4261
src/cli-args.h, src/cli-debug-args.c, src/cli-debug-args.h,
4262
src/danetool-args.c, src/danetool-args.h, src/ocsptool-args.c,
4263
src/ocsptool-args.h, src/p11tool-args.c, src/p11tool-args.h,
4264
src/psk-args.c, src/psk-args.h, src/serv-args.c, src/serv-args.h,
4265
src/srptool-args.c, src/srptool-args.h, src/tpmtool-args.c,
4266
src/tpmtool-args.h: updated
4268
2012-11-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4270
* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
4271
doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
4272
doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
4273
doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
4274
doc/invoke-srptool.texi, doc/invoke-tpmtool.texi,
4275
doc/manpages/tpmtool.1, doc/scripts/cleanup-autogen.pl: remove
4276
@cindex from the invoke-* files.
4278
2012-11-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4280
* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
4281
doc/latex/gnutls.bib: doc updates
4283
2012-11-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4285
* doc/cha-cert-auth.texi: doc update
4287
2012-11-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4289
* NEWS, lib/algorithms.h, lib/algorithms/mac.c,
4290
lib/algorithms/sign.c, lib/includes/gnutls/gnutls.h.in,
4291
lib/libgnutls.map, lib/verify-tofu.c, lib/x509/ocsp_output.c,
4292
lib/x509/output.c, lib/x509/verify.c, tests/chainverify.c: Allow
4293
easier marking of insecure algorithms.
4295
2012-11-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4297
* lib/gnutls_compress.c: removed debugging
4299
2012-11-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4301
* NEWS, lib/gnutls_int.h, lib/gnutls_sig.c: key usage violations are
4304
2012-11-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4306
* NEWS, lib/gnutls_cert.c, lib/gnutls_x509.c,
4307
lib/includes/gnutls/gnutls.h.in: Removed
4308
GNUTLS_CERT_REVOCATION_DATA_INVALID and no longer fail on OCSP
4311
2012-11-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4313
* doc/cha-cert-auth.texi, doc/cha-tokens.texi: doc update
4315
2012-11-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4317
* src/Makefile.am, src/cli-debug.c, src/tls_test.c: gnutls-cli-debug
4318
uses server name indication.
4320
2012-11-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4324
2012-11-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4326
* lib/ext/srtp.c, lib/ext/srtp.h: Do not succeed if no MKI was
4327
received. The gnutls_srtp_get_mki() function succeeds only when the MKI was
4328
received by the peer. Also store the received MKI -if any- in the
4329
session resumption data.
4331
2012-11-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4333
* NEWS, doc/cha-intro-tls.texi, lib/gnutls_int.h, lib/gnutls_ui.c,
4334
lib/gnutls_x509.c, lib/includes/gnutls/gnutls.h.in,
4335
lib/libgnutls.map: Added gnutls_ocsp_status_request_is_checked().
4337
2012-11-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4339
* lib/gnutls_cert.c, lib/gnutls_x509.c,
4340
lib/includes/gnutls/gnutls.h.in, lib/x509/verify.c: When verifying
4341
an OCSP response included in TLS don't fail if the response is old. That is to avoid creating more problems for a server that included
4342
an old response, from a server that included none. Also renamed:
4343
Too old -> Superseded.
4345
2012-11-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4349
2012-11-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4353
2012-11-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4355
* lib/gnutls_cert.c: updated doc
4357
2012-11-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4359
* NEWS, lib/ext/srtp.c, lib/ext/srtp.h,
4360
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
4361
gnutls_srtp_get_mki() and gnutls_srtp_set_mki().
4363
2012-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4365
* lib/ext/srtp.c: set an upper limit to SRTP profiles in hello
4368
2012-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4370
* configure.ac, doc/cha-library.texi, lib/ext/Makefile.am,
4371
lib/gnutls_extensions.c, m4/hooks.m4, src/cli.c, src/common.c,
4372
src/serv.c, tests/mini-dtls-srtp.c: Added conditional to disable
4375
2012-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4377
* doc/invoke-danetool.texi: updated
4379
2012-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4381
* tests/mini-dtls-srtp.c: corrected SRTP profile names
4383
2012-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4385
* lib/ext/srtp.c: simplified profile selection
4387
2012-11-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4389
* src/danetool.c: better printing
4391
2012-11-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4393
* src/danetool.c: verify all possible entries
4395
2012-11-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4397
* src/danetool-args.c, src/danetool-args.def, src/danetool-args.h:
4400
2012-11-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4402
* doc/cha-intro-tls.texi, lib/ext/srtp.c,
4403
lib/includes/gnutls/gnutls.h.in: Added HMAC prefix to SRTP profiles
4404
and updated documentation.
4406
2012-11-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4408
* src/danetool.c: separate entries.
4410
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4412
* src/common.h: undefine macro from win32 headers which clashes
4415
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4417
* cross.mk: bumped version and removed unused dependency
4419
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4421
* doc/Makefile.am, doc/manpages/Makefile.am: added new functions
4423
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4425
* configure.ac, m4/hooks.m4: bumped version
4427
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4429
* cross.mk: disable libdane when cross-building.
4431
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4433
* lib/ext/srtp.c: gnutls_srtp_get_keys() returns the size of the key
4436
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4438
* libdane/dane-params.c, libdane/errors.c: corrected copyright
4440
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4442
* doc/cha-cert-auth.texi, lib/libgnutls.map: removed
4443
gnutls_certificate_update_verify_flags
4445
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4447
* NEWS, lib/gnutls_cert.c, lib/gnutls_int.h, lib/x509/verify.c,
4448
tests/suite/chain, tests/suite/x509paths/README: check pathlen
4451
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4453
* tests/rsa-md5-collision/rsa-md5-collision: updated test
4455
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4457
* .gitignore: files to ignore
4459
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4461
* NEWS, lib/gnutls_cert.c, lib/gnutls_ui.c,
4462
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/x509.h,
4463
lib/x509/verify-high.c, tests/chainverify-unsorted.c: Added
4464
verification flag GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN The default is now GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN, and removed
4465
gnutls_certificate_update_verify_flags().
4467
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4469
* lib/x509/verify.c: small optimization in CRL check
4471
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4473
* NEWS, lib/includes/gnutls/gnutls.h.in, lib/x509/verify.c,
4474
src/certtool.c, tests/suite/chain, tests/suite/x509paths/README:
4475
Check the key usage bits during certificate verification.
4477
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4479
* NEWS, lib/gnutls_cert.c, lib/includes/gnutls/gnutls.h.in,
4480
lib/x509/verify.c, src/certtool.c: CRL verification includes the
4483
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4485
* doc/cha-cert-auth2.texi, doc/cha-gtls-app.texi,
4486
doc/cha-intro-tls.texi: doc update
4488
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4490
* NEWS: documented update
4492
2012-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4494
* lib/ext/srtp.c, lib/includes/gnutls/gnutls.h.in,
4495
lib/libgnutls.map, tests/mini-dtls-srtp.c: Added
4496
gnutls_srtp_get_keys().
4498
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4500
* lib/gnutls_state.c: corrected typos
4502
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4504
* NEWS, doc/cha-intro-tls.texi, lib/ext/srtp.c,
4505
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map:
4506
gnutls_srtp_get_profile_by_name -> gnutls_srtp_get_profile_id
4508
2012-11-01 Martin Storsjo <martin@martin.st>
4510
* src/cli.c, src/serv.c: Fix typos in error messages Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
4512
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4514
* libdane/dane.c: better verification messages.
4516
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4518
* src/danetool.c: optimized printing
4520
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4522
* NEWS, doc/invoke-danetool.texi, lib/libgnutls.map,
4523
libdane/Makefile.am, libdane/dane.c,
4524
libdane/includes/gnutls/dane.h, libdane/libdane.map, src/cli.c,
4525
src/common.c, src/danetool-args.c, src/danetool-args.def,
4526
src/danetool-args.h, src/danetool.c: Added
4527
dane_verification_status_print() and danetool can verify a DANE
4530
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4532
* lib/gnutls_cert.c: avoid unnecessary newline
4534
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4536
* lib/gnutls_str.h, lib/openpgp/output.c, lib/x509/output.c:
4537
gettext.h was moved to gnutls_str.h
4539
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4541
* NEWS, src/Makefile.am, src/danetool-args.c,
4542
src/danetool-args.def, src/danetool-args.h, src/danetool.c: Added
4543
--check option to danetool.
4545
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4547
* NEWS, libdane/Makefile.am, libdane/dane-params.c, libdane/dane.c,
4548
libdane/includes/gnutls/dane.h, libdane/libdane.map: Added new
4549
functions to convert types to strings.
4551
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4553
* tests/Makefile.am, tests/mini-dtls-srtp.c: Added test on DTLS SRTP
4556
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4558
* doc/invoke-gnutls-cli.texi, doc/invoke-gnutls-serv.texi,
4559
src/cli-args.c, src/cli-args.h, src/serv-args.c, src/serv-args.h:
4560
updated auto-generated files.
4562
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4564
* NEWS, lib/ext/srtp.c, lib/ext/srtp.h: documented update and set
4565
the copyright to Martin until the formal papers are received.
4567
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4569
* lib/ext/srtp.c: signed-unsigned comparison fixes and removed
4572
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4574
* src/cli.c, src/serv.c: Check for errors while setting an SRTP
4577
2012-11-01 Martin Storsjo <martin@martin.st>
4579
* src/cli-args.def, src/cli.c, src/common.c, src/serv-args.def,
4580
src/serv.c: Support SRTP profile negotiation in the client and
4581
server tools The cli/serv-args files haven't been regenerated in the patch, to
4582
avoid the extra stray changes due to differing autogen versions. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
4584
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4586
* lib/gnutls_cert.c, lib/gnutls_session.c, lib/gnutls_ui.c: Added
4587
"Since" field to new functions.
4589
2012-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4591
* lib/ext/srtp.c: Made error code consistent with the other text
4594
2012-11-01 Martin Storsjo <martin@martin.st>
4596
* NEWS, doc/Makefile.am, doc/protocol/rfc5764.txt,
4597
lib/ext/Makefile.am, lib/ext/srtp.c, lib/ext/srtp.h,
4598
lib/gnutls_extensions.c, lib/gnutls_int.h,
4599
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Add support for
4600
DTLS-SRTP profile negotiation (RFC 5764) Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
4602
2012-10-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4604
* lib/gnutls_cert.c: better doc
4606
2012-10-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4608
* lib/includes/gnutls/gnutls.h.in: mention that GNUTLS_CERT_INVALID
4609
flag is deprecated by GNUTLS_CERT_SIGNER_NOT_FOUND and
4610
GNUTLS_CERT_SIGNATURE_FAILURE.
4612
2012-10-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4614
* lib/gnutls_cert.c, src/common.c: updated
4615
gnutls_certificate_verification_status_print() presentation
4617
2012-10-31 Martin Storsjo <martin@martin.st>
4619
* lib/ext/server_name.c: server_name: Store the actual number of
4620
server names Earlier, if the number of set server names exceeded the maximum, the
4621
server_names field wasn't bounded to the maximum, which could lead
4622
to reading out of bounds in _gnutls_server_name_send_params. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
4624
2012-10-31 Martin Storsjo <martin@martin.st>
4626
* lib/ext/server_name.c: server_name: Return the actual required
4627
buffer size if the buffer is too small Since we require space for the null termination, include this in the
4628
info returned if the caller provided a too small buffer. Otherwise,
4629
if the caller allocated a buffer of exactly the suggested size, it
4630
would still be too small. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
4632
2012-10-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4634
* NEWS, doc/Makefile.am, doc/cha-gtls-app.texi: Documented
4635
gnutls_certificate_verification_status_print().
4637
2012-10-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4639
* NEWS, doc/examples/ex-client-x509.c,
4640
doc/examples/ex-verify-ssh.c, doc/examples/verify.c,
4641
lib/gnutls_cert.c, lib/includes/gnutls/gnutls.h.in,
4642
lib/libgnutls.map, lib/x509/output.c, src/common.c: Added
4643
gnutls_certificate_verification_status_print(). This function simplifies printing the certificate verification
4646
2012-10-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4648
* NEWS, doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi,
4649
doc/cha-gtls-app.texi, doc/examples/ex-client-x509.c,
4650
doc/examples/ex-verify-ssh.c, doc/examples/verify.c,
4651
lib/gnutls_cert.c, lib/gnutls_x509.c, lib/gnutls_x509.h,
4652
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
4653
lib/openpgp/compat.c, lib/openpgp/gnutls_openpgp.h,
4654
lib/openpgp/pgp.c, lib/x509/rfc2818_hostname.c, src/common.c:
4655
Simplified certificate verification by adding
4656
gnutls_certificate_verify_peers3(). This function combines the RFC2818 hostname check and chain
4659
2012-10-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4661
* src/cli.c: fix compilation when DANE is disabled.
4663
2012-10-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4665
* doc/cha-cert-auth.texi, doc/cha-gtls-app.texi: updated
4668
2012-10-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4670
* NEWS, doc/cha-cert-auth.texi, lib/gnutls_ui.c,
4671
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
4672
gnutls_certificate_update_verify_flags() to allow setting new flags
4673
without overriding any defaults.
4675
2012-10-29 Martin Storsjo <martin@martin.st>
4677
* doc/examples/Makefile.am: examples: Build an executable of
4678
ex-serv-dtls like the other examples Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
4680
2012-10-29 Martin Storsjo <martin@martin.st>
4682
* doc/examples/ex-serv-dtls.c: examples: Make sure the timeout
4683
parameter to select is valid This makes the example work properly on Mac OS X (tested on 10.8). Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
4685
2012-10-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4687
* .gitignore, NEWS, doc/cha-cert-auth.texi,
4688
doc/invoke-danetool.texi: Added documentation on detecting
4691
2012-10-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4693
* configure.ac, libdane/Makefile.am, libdane/gnutls-dane.pc.in:
4694
Added gnutls-dane.pc.
4696
2012-10-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4698
* tests/cert-tests/Makefile.am, tests/cert-tests/dane,
4699
tests/cert-tests/dane-test.rr: Added a test on danetool.
4701
2012-10-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4703
* src/danetool-args.c, src/danetool-args.def, src/danetool-args.h,
4704
src/danetool.c: removed unused variables.
4706
2012-10-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4708
* lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
4709
lib/minitasn1/element.c, lib/minitasn1/element.h,
4710
lib/minitasn1/errors.c, lib/minitasn1/int.h,
4711
lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
4712
lib/minitasn1/parser_aux.h, lib/minitasn1/structure.c,
4713
lib/minitasn1/structure.h: updated libtasn1
4715
2012-10-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4717
* src/benchmark-tls.c: better benchmark printing.
4719
2012-10-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4721
* doc/cha-gtls-app.texi, lib/gnutls_session.c: doc update
4723
2012-10-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4725
* src/benchmark-tls.c: corrections in benchmark measured average
4728
2012-10-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4730
* doc/cha-intro-tls.texi: corrected typo
4732
2012-10-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4734
* NEWS: mention new function
4736
2012-10-14 Elias Pipping <pipping@exherbo.org>
4738
* tests/Makefile.am, tests/pkcs12-decode/pkcs12: Fix out-of-source
4741
2012-10-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4743
* doc/cha-gtls-app.texi, lib/gnutls_session.c,
4744
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
4745
gnutls_session_get_id2().
4747
2012-10-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4749
* lib/gnutls_cert.c: updated doc
4751
2012-10-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4753
* NEWS: documented fix
4755
2012-10-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4757
* NEWS, doc/cha-gtls-app.texi, lib/gnutls_priority.c,
4758
lib/gnutls_x509.c, lib/includes/gnutls/x509.h: Added priority string
4759
%VERIFY_DISABLE_CRL_CHECKS.
4761
2012-10-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4763
* NEWS, lib/gnutls_x509.c, lib/includes/gnutls/gnutls.h.in,
4764
src/common.c: If OCSP revocation data are invalid or too old set
4765
appropriate verification flags.
4767
2012-10-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4769
* doc/cha-cert-auth2.texi, doc/cha-intro-tls.texi: doc updates
4771
2012-10-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4773
* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
4774
src/certtool-args.c, src/certtool-args.def, src/certtool-args.h,
4775
src/danetool-args.c, src/danetool-args.def, src/danetool-args.h:
4776
removed incorrect description
4778
2012-10-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4780
* src/danetool.c: correctly set the format of the certificate
4782
2012-10-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4784
* NEWS, doc/invoke-gnutls-cli.texi, src/cli-args.c,
4785
src/cli-args.def, src/cli-args.h, src/cli.c: Added --local-dns
4786
option to gnutls-cli.
4788
2012-10-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4790
* doc/invoke-gnutls-cli.texi, src/cli-args.c, src/cli-args.def,
4791
src/cli-args.h, src/cli.c: disable default extensions on
4792
--disable-extensions.
4794
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4796
* doc/invoke-danetool.texi, src/danetool-args.c,
4797
src/danetool-args.def, src/danetool-args.h: corrected typo
4799
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4801
* lib/x509/privkey.c: call gnutls_x509_privkey_import_openssl() even
4802
with not a password.
4804
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4806
* doc/latex/Makefile.am: updated makefile
4808
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4810
* lib/auth/cert.c, lib/openpgp/privkey.c: Added debugging.
4812
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4814
* lib/gnutls_pubkey.c, lib/x509/crq.c, lib/x509/privkey.c,
4815
lib/x509/x509.c: doc fixes
4817
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4819
* libdane/dane.c: Added debugging
4821
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4823
* doc/invoke-danetool.texi, doc/manpages/Makefile.am,
4824
src/danetool-args.c, src/danetool-args.def, src/danetool-args.h:
4825
Added danetool manpage
4827
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4829
* NEWS: released 3.1.3
4831
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4833
* lib/gnutls_global.c, lib/x509/privkey_openssl.c: doc updates
4835
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4837
* doc/reference/gnutls-docs.sgml: remove files that are not
4840
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4842
* doc/Makefile.am, doc/doc.mk, doc/manpages/Makefile.am,
4843
doc/reference/Makefile.am, doc/reference/gnutls-docs.sgml: use
4844
common definitions for generating docs.
4846
2012-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4848
* .gitignore, NEWS, doc/Makefile.am, doc/cha-cert-auth.texi,
4849
doc/cha-cert-auth2.texi, doc/invoke-certtool.texi,
4850
doc/invoke-danetool.texi, src/Makefile.am, src/certtool-args.c,
4851
src/certtool-args.def, src/certtool-args.h, src/certtool.c,
4852
src/danetool-args.c, src/danetool-args.def, src/danetool-args.h,
4853
src/danetool.c: Separated DANE functionality from certtool and added
4856
2012-10-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4858
* NEWS, lib/auth/cert.c, lib/gnutls_pcert.c, lib/openpgp/pgp.c,
4859
lib/openpgp/privkey.c: Added (back) RFC5081 support in client mode.
4861
2012-10-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4863
* NEWS, lib/auth/cert.c, lib/auth/cert.h, lib/gnutls_pcert.c,
4864
lib/gnutls_pubkey.c, lib/gnutls_ui.c,
4865
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
4866
lib/libgnutls.map, lib/openpgp/pgp.c, lib/openpgp/privkey.c: Several
4867
OpenPGP updates. Exported gnutls_certificate_get_peers_subkey_id(). Removed
4868
compatibility code with RFC5081. The
4869
gnutls_openpgp_*_get_subkey_*() functions return the master key
4870
parameters if provided with GNUTLS_OPENPGP_MASTER_KEYID_IDX.
4872
2012-10-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4874
* NEWS: documented fixes
4876
2012-10-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4878
* lib/x509/pkcs12_encr.c: Increased maximum password len in PKCS
4881
2012-10-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4883
* lib/x509/privkey_openssl.c, tests/Makefile.am,
4884
tests/key-openssl.c: Bug fixes in the openssl encrypted PEM key
4887
2012-10-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4889
* lib/auth/anon.c, lib/auth/anon_ecdh.c, lib/auth/cert.c,
4890
lib/auth/dh_common.c, lib/auth/dhe.c, lib/auth/dhe_psk.c,
4891
lib/auth/ecdh_common.c, lib/auth/psk.c, lib/auth/psk_passwd.c,
4892
lib/auth/rsa.c, lib/auth/rsa_export.c, lib/auth/srp.c,
4893
lib/auth/srp_passwd.c, lib/auth/srp_rsa.c, lib/ext/srp.c,
4894
lib/ext/status_request.c, lib/gnutls_auth.c, lib/gnutls_auth.h,
4895
lib/gnutls_cert.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
4896
lib/gnutls_kx.c, lib/gnutls_state.c, lib/gnutls_ui.c,
4897
lib/gnutls_x509.c: session->key no longer needs to be an allocated
4900
2012-10-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4902
* libdane/dane.c, libdane/includes/gnutls/dane.h, src/cli.c: The
4903
high level functions accept sflags and vflags as separate options.
4905
2012-10-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4907
* .gitignore, NEWS, doc/cha-cert-auth.texi,
4908
doc/invoke-certtool.texi, libdane/dane.c,
4909
libdane/includes/gnutls/dane.h, libdane/libdane.map,
4910
src/Makefile.am, src/cli.c: Updates in DANE support. Allow caching
4913
2012-10-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4915
* NEWS, src/certtool-args.c, src/certtool-args.def,
4916
src/certtool-args.h, src/certtool.c: dane-rr -> dane-tlsa-rr
4918
2012-10-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4920
* doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi,
4921
doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
4922
doc/cha-library.texi, doc/invoke-certtool.texi,
4923
doc/scripts/mytexi2latex, src/certtool-args.c,
4924
src/certtool-args.def, src/certtool-args.h: Documentation updates
4926
2012-10-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4928
* configure.ac, m4/hooks.m4: bumped versions
4930
2012-10-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4932
* doc/latex/Makefile.am: inlude DANE in manual
4934
2012-10-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4936
* lib/system.c: define Loaded_CertEnumCRLsInStore to
4937
CertEnumCRLsInStore when it exists.
4939
2012-10-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4941
* NEWS: documented updates
4943
2012-10-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4945
* src/certtool-args.c, src/certtool-args.def, src/certtool-args.h,
4946
src/certtool-common.c, src/certtool-common.h, src/certtool.c:
4947
Certtool updates. By default generate public key TLSA RR entries. Added --verbose
4950
2012-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4952
* NEWS, doc/cha-cert-auth.texi, doc/cha-functions.texi,
4953
libdane/Makefile.am: libdane -> libgnutls-dane
4955
2012-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4957
* src/certtool-args.c, src/certtool-args.h, src/certtool.c: use hex
4958
for single byte entries
4960
2012-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4962
* NEWS, src/certtool-args.def: DANE RR -> DANE TLSA RR
4964
2012-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4966
* src/certtool.c: Certtool generates DANE entries with selector 0
4967
(X.509 certificate).
4969
2012-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4971
* NEWS, doc/invoke-certtool.texi, src/certtool-args.c,
4972
src/certtool-args.def, src/certtool-args.h, src/certtool.c: Certtool
4973
can generate a DANE RR entry.
4975
2012-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4977
* lib/pkix_asn1_tab.c: use the old libtasn1 type
4979
2012-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4981
* lib/minitasn1/Makefile.am: removed old file
4983
2012-10-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4985
* NEWS, doc/examples/ex-client-resume.c,
4986
doc/examples/ex-client-x509.c, lib/gnutls_state.c,
4987
lib/includes/gnutls/gnutls.h.in, src/cli-args.c, src/cli-args.h,
4988
src/tls_test.c, tests/resume-dtls.c, tests/resume.c: The session
4989
ticket and OCSP certificate status extensions are enabled by
4990
default. In client side gnutls_init() enables the session ticket and OCSP
4991
certificate status request extensions by default. The flag
4992
GNUTLS_NO_EXTENSIONS can be used to prevent that.
4994
2012-10-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4996
* lib/pkix.asn, lib/pkix_asn1_tab.c: save some memory by removed
4997
unused ASN.1 structures.
4999
2012-10-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5001
* lib/gnutls_pubkey.c: corrected version number
5003
2012-10-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5005
* libdane/dane.c, libdane/includes/gnutls/dane.h, src/cli.c: Bug
5006
fixes in DANE. Corrected packet length parsing and removed the verify options
5007
DANE_VERIFY_DNSSEC_DATA_INVALID and DANE_VERIFY_NO_DNSSEC_DATA.
5008
There is longer use for them since using the DANE API requires
5011
2012-10-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5013
* lib/x509/crl.c, lib/x509/crq.c, lib/x509/privkey.c,
5014
lib/x509/privkey_pkcs8.c: corrected versions
5016
2012-10-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5018
* NEWS, doc/cha-tokens.texi, lib/gnutls_privkey.c,
5019
lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
5020
lib/libgnutls.map: Added helper functions
5021
gnutls_pubkey_import_openpgp_raw() and
5022
gnutls_pubkey_import_x509_raw().
5024
2012-10-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5026
* NEWS, doc/cha-cert-auth2.texi, doc/cha-tokens.texi,
5027
doc/invoke-gnutls-cli.texi, lib/gnutls_dh_primes.c,
5028
lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
5029
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
5030
lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/pkcs12.h,
5031
lib/includes/gnutls/x509.h, lib/libgnutls.map,
5032
lib/openpgp/openpgp_int.h, lib/openpgp/pgp.c,
5033
lib/openpgp/privkey.c, lib/pkcs11.c, lib/x509/common.c,
5034
lib/x509/common.h, lib/x509/crl.c, lib/x509/crq.c, lib/x509/dn.c,
5035
lib/x509/pkcs12.c, lib/x509/pkcs7.c, lib/x509/privkey.c,
5036
lib/x509/privkey_pkcs8.c, lib/x509/x509.c, libdane/dane.c: Added
5037
functions to export structures in an allocated buffer.
5039
2012-10-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5041
* src/cli-args.c, src/cli-args.def, src/cli-args.h, src/cli.c: Added
5042
command-line option to disable CA verification.
5044
2012-10-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5046
* src/cli.c: removed old flag
5048
2012-10-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5050
* libdane/dane.c, libdane/includes/gnutls/dane.h: Always require
5053
2012-10-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5055
* configure.ac: some reorganization of the configure script.
5057
2012-10-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5059
* doc/cha-tokens.texi: some more text for TPMs
5061
2012-10-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5063
* src/cli.c, src/common.c, src/common.h: In gnutls-cli the server
5064
certificate is printed prior to verification
5066
2012-10-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5068
* .gitignore, Makefile.am, NEWS, configure.ac, doc/Makefile.am,
5069
doc/cha-cert-auth.texi, doc/cha-functions.texi,
5070
doc/invoke-gnutls-cli.texi, doc/manpages/Makefile.am,
5071
doc/scripts/getfuncs.pl, libdane/Makefile.am, libdane/dane.c,
5072
libdane/errors.c, libdane/includes/Makefile.am,
5073
libdane/includes/gnutls/dane.h, libdane/libdane.map, m4/hooks.m4,
5074
src/Makefile.am, src/cli-args.c, src/cli-args.def, src/cli-args.h,
5075
src/cli.c: Added a DANE library.
5077
2012-10-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5081
2012-10-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5083
* doc/examples/ex-client-resume.c, doc/examples/ex-client-x509.c:
5084
enable useful extensions in the examples.
5086
2012-10-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5088
* lib/nettle/wmnaf.c: included config.h to avoid issue with gnulib
5090
2012-10-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5092
* doc/cha-intro-tls.texi, doc/invoke-gnutls-cli.texi,
5093
lib/gnutls_cert.c, lib/gnutls_x509.c, src/cli-args.c,
5094
src/cli-args.def, src/cli-args.h, src/cli.c:
5095
gnutls_certificate_verify_peers2() checks ocsp status response if
5098
2012-10-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5100
* src/cli.c: do not set verify_flags
5102
2012-10-04 Nikos Mavrogiannopoulos <nikos@esat.kuleuven.be>
5104
* lib/x509/verify-high.c: doc update.
5106
2012-10-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5108
* lib/x509/ocsp.c: If revocation reason cannot be read set it to
5109
GNUTLS_X509_CRLREASON_UNSPECIFIED.
5111
2012-10-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5113
* .gitignore, doc/manpages/Makefile.am: changed generation of
5116
2012-10-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5118
* cfg.mk: upload -> upload-tarballs
5120
2012-10-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5122
* lib/Makefile.am, lib/hash.c, lib/hash.h, lib/minitasn1/hash.c,
5123
lib/minitasn1/int.h, lib/minitasn1/parser_aux.c, lib/verify-tofu.c,
5124
lib/x509/ocsp.c, lib/x509/verify-high.c, lib/x509/verify-high2.c:
5125
Use hash-pjw-bare instead of asn1_bhash().
5127
2012-10-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5129
* build-aux/config.rpath, build-aux/gendocs.sh, gl/Makefile.am,
5130
gl/base64.h, gl/getpass.h, gl/hash-pjw-bare.c, gl/hash-pjw-bare.h,
5131
gl/m4/eealloc.m4, gl/m4/extern-inline.m4, gl/m4/fcntl-o.m4,
5132
gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/lib-ld.m4,
5133
gl/m4/manywarnings.m4, gl/m4/timer_time.m4, gl/m4/timespec.m4,
5134
gl/m4/xsize.m4, gl/stdbool.in.h, gl/sys_select.in.h,
5135
gl/tests/Makefile.am, gl/tests/binary-io.c, gl/tests/binary-io.h,
5136
gl/tests/ioctl.c, gl/tests/malloca.h, gl/tests/test-select.h,
5137
gl/timespec.c, gl/timespec.h, gl/u64.c, gl/u64.h, gl/verify.h,
5138
gl/xsize.c, gl/xsize.h, maint.mk: Updated gnulib and added
5141
2012-10-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5143
* .gitignore, tests/Makefile.am, tests/mini-x509-callbacks.c: Added
5144
test to verify that callbacks are being actually called.
5146
2012-10-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5148
* doc/examples/ex-ocsp-client.c, src/ocsptool-common.c: check the
5151
2012-10-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5153
* lib/includes/gnutls/ocsp.h, lib/x509/ocsp.c:
5154
gnutls_ocsp_resp_check_crt() accepts the response index.
5156
2012-10-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5158
* doc/cha-cert-auth2.texi, lib/includes/gnutls/gnutls.h.in,
5159
lib/includes/gnutls/ocsp.h: doc update
5161
2012-10-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5163
* lib/includes/gnutls/x509.h, lib/x509/x509.c: Added
5164
gnutls_x509_crl_reason_flags_t.
5166
2012-10-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5168
* lib/x509/ocsp.c: read revocation reason
5170
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5172
* lib/x509/ocsp.c: simplified doc
5174
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5176
* NEWS, lib/libgnutls.map: gnutls_ocsp_resp_check_crt was moved to
5177
3.0 symbols and documented update.
5179
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5181
* doc/cha-cert-auth2.texi, doc/examples/ex-ocsp-client.c,
5182
doc/invoke-gnutls-cli.texi, doc/invoke-gnutls-serv.texi: documented
5183
gnutls_ocsp_resp_check_crt().
5185
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5187
* NEWS, lib/auth/cert.h, lib/ext/status_request.c,
5188
lib/gnutls_cert.c, lib/gnutls_errors.c,
5189
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/ocsp.h,
5190
lib/libgnutls.map, lib/x509/ocsp.c, src/cli-args.c,
5191
src/cli-args.def, src/cli-args.h, src/cli.c, src/ocsptool-common.c,
5192
src/ocsptool-common.h, src/serv-args.c, src/serv-args.def,
5193
src/serv-args.h, src/serv.c: The OCSP response file is now set on
5194
the credentials and other additions. Changed OCSP function prototypes for almost all status_request
5195
functions to move the response file and callback to the certificate
5196
credentials structure. Added gnutls_ocsp_resp_check_crt() to check
5197
whether a response corresponds to a given certificate.
5199
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5201
* NEWS: documented fix
5203
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5205
* lib/gnutls_extensions.c: Print debugging information even when an
5206
extension is not parsed.
5208
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5210
* lib/ext/session_ticket.c, lib/gnutls_handshake.c: Fixed the
5211
receipt of session tickets during session resumption. Reported by danblack http://savannah.gnu.org/support/?108146
5213
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5215
* tests/resume.c: better output in resume
5217
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5219
* lib/gnutls_handshake.c, lib/gnutls_handshake.h, lib/gnutls_int.h:
5220
simplified handshake states.
5222
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5224
* lib/ext/status_request.c, lib/gnutls_handshake.c: Verify callback
5225
is run in either side.
5227
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5229
* lib/auth/psk.c, lib/gnutls_datum.c, lib/gnutls_datum.h,
5230
lib/gnutls_x509.c: removed unused functions.
5232
2012-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5234
* lib/ext/status_request.c: Pack and unpack the status request
5235
extension data on resumption.
5237
2012-09-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5239
* src/cli.c, src/ocsptool-common.c: Use the server's OCSP provided
5240
data when verifying a certificate's validity.
5242
2012-09-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5244
* lib/auth/cert.c, lib/ext/status_request.c,
5245
lib/gnutls_handshake.c, lib/gnutls_int.h: The certificate
5246
verification callback is being run after the certificate status
5247
response is received.
5249
2012-09-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5251
* NEWS: documented updates
5253
2012-09-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5255
* lib/debug.c, lib/ext/status_request.c, lib/ext/status_request.h,
5256
lib/gnutls_buffers.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
5257
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli-args.c,
5258
src/cli-args.h, src/serv-args.c, src/serv-args.h: updated OCSP
5261
2012-09-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5263
* src/serv.c: Session ID is correctly read.
5265
2012-09-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5267
* lib/ext/max_record.c, lib/gnutls_buffers.c, lib/gnutls_int.h,
5268
lib/nettle/wmnaf.c: Corrected signed-to-unsigned comparisons
5270
2012-04-17 Simon Josefsson <simon@josefsson.org>
5272
* doc/Makefile.am, doc/manpages/Makefile.am, lib/ext/Makefile.am,
5273
lib/ext/status_request.c, lib/ext/status_request.h,
5274
lib/gnutls_extensions.c, lib/gnutls_int.h,
5275
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
5276
src/cli-args.def, src/cli.c, src/serv-args.def, src/serv.c:
5277
Implement status_request OCSP extension.
5279
2012-09-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5281
* AUTHORS: Added Olga and Ilya to authors.
5283
2012-09-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5285
* .gitignore: more files to ignore
5287
2012-09-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5289
* doc/cha-bib.texi, doc/cha-intro-tls.texi, doc/latex/gnutls.bib:
5290
updated heartbeat text
5292
2012-09-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5294
* .gitignore: more files to ignore
5296
2012-09-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5298
* NEWS: released 3.1.2
5300
2012-09-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5302
* lib/ext/heartbeat.c: Handle heartbeat packets with zero payload,
5303
and account for the payload length when sending a heartbeat of fixed
5306
2012-09-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5308
* src/benchmark.c: benchmark time was increased.
5310
2012-09-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5312
* lib/minitasn1/Makefile.am, lib/minitasn1/coding.c,
5313
lib/minitasn1/decoding.c, lib/minitasn1/element.c,
5314
lib/minitasn1/errors.c, lib/minitasn1/gstr.c, lib/minitasn1/gstr.h,
5315
lib/minitasn1/hash.c, lib/minitasn1/int.h,
5316
lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
5317
lib/minitasn1/parser_aux.h, lib/minitasn1/structure.c,
5318
lib/minitasn1/structure.h: Updated to minitasn1 3.0
5320
2012-09-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5322
* cross.mk: updated cross.mk
5324
2012-09-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5326
* doc/Makefile.am: added missing tpm.h header
5328
2012-09-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5330
* doc/examples/Makefile.am, extra/Makefile.am, lib/Makefile.am,
5331
src/Makefile.am, tests/Makefile.am, tests/suite/Makefile.am: All
5332
external libraries that were in LDFLAGS are moved into LIBADD/LDADD. It also fixes order within LIBADD/LDADD so that libtool objects go
5333
first. Patch by Bartosz Brachaczek.
5335
2012-09-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5337
* tests/suite/asn1random.pl, tests/suite/x509random.pl: updated
5340
2012-09-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5342
* doc/cha-cert-auth.texi, lib/openpgp/pgp.c: openpgp doc update
5344
2012-09-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5346
* tests/suite/asn1random.pl, tests/suite/x509random.pl: Added
5349
2012-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5351
* lib/opencdk/write-packet.c: simplified calculations
5353
2012-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5355
* NEWS: documented fix
5357
2012-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5359
* lib/opencdk/kbnode.c, lib/opencdk/main.h, lib/opencdk/misc.c,
5360
lib/opencdk/read-packet.c, lib/opencdk/stream.c,
5361
lib/opencdk/write-packet.c: reduced verbosity and better debugging.
5363
2012-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5365
* lib/opencdk/new-packet.c: Corrected bug in PGP subpacket encoding
5367
2012-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5369
* tests/suite/Makefile.am, tests/suite/asn1random.pl,
5370
tests/suite/testrandom, tests/suite/x509random.pl: Added script to
5371
check against randomly generated certificates.
5373
2012-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5375
* tests/mini-dtls-heartbeat.c: removed unused label
5377
2012-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5379
* NEWS, lib/x509/verify-high.c: doc updates
5381
2012-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5383
* tests/Makefile.am, tests/mini-dtls-heartbeat.c: Added a test of
5384
heartbeat ping exchange.
5386
2012-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5388
* lib/auth/cert.c, lib/auth/dh_common.c, lib/auth/rsa.c,
5389
lib/auth/rsa_export.c, lib/auth/srp_passwd.c, lib/crypto-backend.c,
5390
lib/ext/heartbeat.c, lib/ext/safe_renegotiation.c,
5391
lib/gnutls_constate.c, lib/gnutls_handshake.c, lib/gnutls_pubkey.c,
5392
lib/gnutls_session_pack.c, lib/gnutls_str.c, lib/gnutls_x509.c,
5393
lib/nettle/pk.c, lib/opencdk/armor.c, lib/opencdk/keydb.c,
5394
lib/opencdk/literal.c, lib/opencdk/stream.c,
5395
lib/opencdk/write-packet.c, lib/pkcs11.c, lib/x509/ocsp_output.c,
5396
lib/x509/pkcs12.c: several cleanups
5398
2012-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5400
* lib/x509/privkey.c: corrected bug in gnutls_x509_privkey_sign_data
5402
2012-09-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5404
* lib/gnutls_privkey.c: All openpgp code moved within ENABLE_OPENPGP
5406
2012-09-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5408
* doc/Makefile.am, doc/manpages/Makefile.am: updated makefiles
5410
2012-09-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5412
* NEWS, doc/cha-gtls-app.texi, lib/gnutls_dtls.c,
5413
lib/gnutls_dtls.h, lib/gnutls_int.h, lib/gnutls_record.c: Correctly
5414
restore gnutls_record_recv() in DTLS mode if interrupted during the
5415
retrasmition of handshake data.
5417
2012-09-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5419
* lib/ext/heartbeat.c: Allow for pinging until timeout.
5421
2012-09-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5423
* lib/ext/heartbeat.c: corrected time
5425
2012-09-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5427
* NEWS: documented update
5429
2012-09-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5431
* lib/ext/heartbeat.c: fixed copyright
5433
2012-09-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5435
* doc/cha-intro-tls.texi, lib/ext/heartbeat.c, lib/ext/heartbeat.h,
5436
lib/gnutls_int.h, lib/gnutls_state.c,
5437
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Better handling
5440
2012-09-21 Simon Josefsson <simon@josefsson.org>
5442
* lib/ext/heartbeat.c, lib/gnutls_psk.c, lib/tpm.c: GTK-DOC fixes.
5444
2012-09-21 Simon Josefsson <simon@josefsson.org>
5446
* lib/algorithms/cert_types.c, lib/tpm.c, lib/x509/common.c,
5447
lib/x509/ocsp_output.c: More GTK-DOC warning fixes.
5449
2012-09-21 Simon Josefsson <simon@josefsson.org>
5451
* doc/reference/gnutls-docs.sgml: Also include tpm.h in GTK-DOC
5454
2012-09-21 Simon Josefsson <simon@josefsson.org>
5456
* doc/reference/Makefile.am, lib/gnutls_ui.c,
5457
lib/includes/gnutls/abstract.h, lib/includes/gnutls/gnutls.h.in,
5458
lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/tpm.h,
5459
lib/pkcs11.c, lib/pkcs11_privkey.c, lib/tpm.c: Fix GTK-DOC warnings.
5461
2012-09-21 Simon Josefsson <simon@josefsson.org>
5463
* configure.ac: Cleanup warning flags.
5465
2012-09-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5467
* configure.ac, m4/hooks.m4: bumped versions
5469
2012-09-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5471
* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi: doc update
5473
2012-09-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5477
2012-09-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5479
* lib/ext/heartbeat.c, lib/gnutls_record.c, src/common.c,
5480
src/serv.c, src/socket.c, src/udp-serv.c: updates in heartbeat
5483
2012-09-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5485
* doc/cha-intro-tls.texi: updated documentation
5487
2012-09-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5489
* tests/cert-tests/ca-no-pathlen.pem,
5490
tests/cert-tests/no-ca-or-pathlen.pem: updated tests for new
5493
2012-09-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5495
* lib/ext/heartbeat.c, lib/ext/heartbeat.h, lib/gnutls_buffers.c,
5496
lib/gnutls_buffers.h, lib/gnutls_dtls.c, lib/gnutls_errors.c,
5497
lib/gnutls_handshake.c, lib/gnutls_handshake.h, lib/gnutls_int.h,
5498
lib/gnutls_record.c, lib/gnutls_record.h, lib/gnutls_state.c,
5499
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: several updates
5500
in the heartbeat handling code.
5502
2012-09-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5504
* lib/x509/common.c, lib/x509/dn.c: Corrected issues
5506
2012-09-20 Simon Josefsson <simon@josefsson.org>
5508
* configure.ac: Drop -Winline.
5510
2012-09-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5512
* lib/x509/verify-high.c: corrected usage of defines
5514
2012-09-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5516
* Makefile.am, doc/manpages/Makefile.am: doc/manpages is handled the
5519
2012-09-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5521
* Makefile.am, doc/Makefile.am: compare-makefile is only executed
5524
2012-09-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5526
* lib/gnutls_cert.c, lib/gnutls_int.h: DEFAULT_* -> DEFAULT_MAX_*
5528
2012-09-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5530
* lib/gnutls_int.h, lib/x509/verify-high.c: MAX_CERTS_TO_SORT ->
5531
DEFAULT_VERIFY_DEPTH
5533
2012-09-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5535
* lib/algorithms/secparams.c: corrected default
5537
2012-09-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5539
* lib/algorithms/secparams.c, lib/gnutls_x509.c,
5540
lib/includes/gnutls/gnutls.h.in: Increased security levels by adding
5543
2012-09-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5545
* doc/scripts/gdoc: Allow negatives in enumerations.
5547
2012-09-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5549
* configure.ac: do not complain on overlength strings
5551
2012-09-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5553
* lib/gnutls_int.h, lib/gnutls_priority.c, lib/gnutls_state.c,
5554
lib/gnutls_state.h: gnutls_session_enable_compatibility_mode() is
5555
equivalent to %COMPAT priority string.
5557
2012-09-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5559
* lib/algorithms/secparams.c, lib/gnutls_int.h,
5560
lib/gnutls_priority.c, lib/gnutls_x509.c,
5561
lib/includes/gnutls/gnutls.h.in: Warn on certificate with weak
5562
security levels. (re)introduces GNUTLS_SEC_PARAM_WEAK.
5564
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5566
* lib/gnutls_cert.c, lib/gnutls_ui.c, lib/includes/gnutls/x509.h,
5567
lib/x509/verify-high.c, tests/chainverify-unsorted.c: Added
5568
verification flags GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN, which is
5569
enabled by default for verifying TLS sessions.
5571
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5573
* lib/x509/verify-high.c: removed a now redundant chain check
5575
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5577
* lib/x509/verify-high.c, tests/Makefile.am,
5578
tests/chainverify-unsorted.c: Added function to sort the provided
5579
certificate chain prior to verification.
5581
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5583
* lib/x509/x509.c, lib/x509/x509_int.h: avoid duplicate asn1
5584
structure initialization.
5586
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5588
* lib/minitasn1/element.c, lib/minitasn1/int.h,
5589
lib/minitasn1/libtasn1.h: updated minitasn1
5591
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5593
* lib/Makefile.am, m4/hooks.m4: Use the pkg-config macro to find
5596
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5598
* tests/x509cert-tl.c: corrected typo
5600
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5602
* tests/x509cert-tl.c: small updates
5604
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5606
* lib/x509/mpi.c, lib/x509/x509_int.h: removed old libtasn1
5609
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5611
* lib/x509/verify-high.c: MAX_NAME_SIZE -> MAX_SERVER_NAME_SIZE
5613
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5615
* src/certtool.c: corrected sign
5617
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5619
* lib/system.h: corrected prototypes
5621
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5623
* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
5624
lib/gnutls_cipher.c, lib/gnutls_int.h, lib/gnutls_priority.c,
5625
lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in: use a
5626
%STATELESS_COMPRESSION priority string instead of gnutls_init()
5629
2012-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5631
* lib/gnutls_sig.c: corrected missing parameter
5633
2012-09-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5635
* lib/gnutls_int.h, lib/gnutls_priority.c, lib/gnutls_sig.c: Key
5636
usage violations are allowed when the COMPAT keyword is specified. I've noticed in the SSL observatory data that most key usage bits in
5637
a certificate are set randomly (e.g., there are DSA certificates
5638
marked for encryption, and most RSA certificates marked for
5639
signature only are used for encryption anyway). There is no point of
5640
being strict in such environment.
5642
2012-09-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5644
* src/certtool.c: Do not ask unnecessary questions when signing a
5645
certificate (request).
5647
2012-09-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5649
* lib/gnutls_global.c, lib/system.c, lib/system.h: mingw32 support.
5650
Based on patch by LRN.
5652
2012-09-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5654
* doc/cha-intro-tls.texi, lib/gnutls_cipher.c,
5655
lib/gnutls_compress.c, lib/gnutls_compress.h, lib/gnutls_int.h,
5656
lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in: Added
5657
GNUTLS_STATELESS_COMPRESSION flag to gnutls_init().
5659
2012-09-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5661
* lib/includes/gnutls/x509.h, lib/libgnutls.map,
5662
lib/x509/privkey.c, src/certtool.c: Added
5663
gnutls_x509_privkey_get_pk_algorithm2(). Certtool prints the number
5664
of bits in a private key.
5666
2012-09-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5668
* doc/Makefile.am, lib/Makefile.am: Refer to files with explicit
5671
2012-09-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5673
* gl/tests/ioctl.c: win32 fix. Patch by LRN.
5675
2012-09-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5677
* src/libopts/Makefile.am: libopts depends on libintl. Patch by LRN.
5679
2012-09-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5681
* lib/gnutls.asn, lib/gnutls_asn1_tab.c, lib/pkix.asn,
5682
lib/pkix_asn1_tab.c: small optimizations in ASN.1 to save memory
5684
2012-09-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5686
* doc/cha-intro-tls.texi: Added a note on compression
5688
2012-09-11 Ilya Tumaykin <itumaykin@gmail.com>
5690
* lib/nettle/wmnaf.c: Fix mpz_unitstbit compilation with GMP
5691
versions < 5. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
5693
2012-09-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5695
* lib/x509/verify-high.c, tests/x509cert-tl.c: When requested
5696
gnutls_x509_trust_list_deinit() will deinitialized all certs
5697
(including the named)
5699
2012-09-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5701
* lib/x509/x509.c: Use the new asn1_read_node_value()
5703
2012-09-03 Marti Raudsepp <marti@juffo.org>
5705
* lib/x509/verify-high2.c, tests/x509cert-tl.c: Fix
5706
gnutls_x509_trust_list_add_trust_mem with DER-format certificates. The function took a "type" argument and then happily proceeded to
5707
ignore it and try PEM format anyway. Most importantly, this makes gnutls_x509_trust_list_add_system_trust
5708
work on Windows, which loads DER certificates using this function.
5709
I'll be damned if that actually ever worked properly -- certainly
5710
not in any git version. :) Also added test for gnutls_x509_trust_list_add_trust_mem. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
5712
2012-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5714
* cross.mk: added upload directive
5716
2012-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5718
* src/libopts/makeshell.c, src/serv.c: mingw64 compilation fixes
5720
2012-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5722
* cross.mk: updated libs
5724
2012-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5726
* lib/gnutls_buffers.c, lib/system.c: The default
5727
system_recv_timeout() doesn't include a call to recv() to avoid
5728
issue in few systems.
5730
2012-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5732
* tests/mini-handshake-timeout.c: increased timeouts
5734
2012-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5736
* lib/gnutls_buffers.c: dump the errno received by select
5738
2012-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5740
* lib/gnutls_buffers.c: removed unused code
5742
2012-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5744
* lib/gnutls_buffers.c: use errno_to_gerr() in
5745
_gnutls_io_check_recv().
5747
2012-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5749
* lib/gnutls_handshake.c, lib/gnutls_state.c: Do not repeatedly set
5752
2012-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5754
* NEWS: documented fix
5756
2012-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5758
* lib/abstract_int.h, lib/ext/signature.c, lib/gnutls_pubkey.c,
5759
lib/gnutls_sig.c: Be tolerant is ECDSA-violating signatures.
5761
2012-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5763
* tests/suite/testcompat-main: Added server mode tests for the
5766
2012-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5768
* doc/Makefile.am, doc/cha-intro-tls.texi,
5769
doc/invoke-gnutls-cli.texi, doc/invoke-gnutls-serv.texi,
5770
doc/manpages/Makefile.am: Added heartbeat functions
5772
2012-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5774
* tests/certs/cert-ecc256.pem, tests/certs/cert-ecc384.pem,
5775
tests/certs/cert-ecc521.pem, tests/certs/ecc256.pem,
5776
tests/certs/ecc384.pem, tests/certs/ecc521.pem,
5777
tests/suite/testcompat-main: Added suite for ECDSA under various
5780
2012-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5782
* NEWS: documented fix
5784
2012-08-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5786
* lib/nettle/Makefile.am, lib/nettle/ecc.h,
5787
lib/nettle/ecc_make_key.c, lib/nettle/ecc_mulmod.c,
5788
lib/nettle/ecc_mulmod_cached.c, lib/nettle/ecc_mulmod_timing.c,
5789
lib/nettle/ecc_mulmod_wmnaf.c,
5790
lib/nettle/ecc_mulmod_wmnaf_cached.c,
5791
lib/nettle/ecc_projective_add_point.c,
5792
lib/nettle/ecc_projective_add_point_ng.c,
5793
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_verify_hash.c,
5794
lib/nettle/pk.c: Removed unused ECC code. Renamed ecc_mulmod_wmnaf -> ecc_mulmod Renamed
5795
ecc_projective_add_point_ng -> ecc_projective_add_point
5797
2012-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5799
* lib/ext/heartbeat.c, lib/ext/heartbeat.h, lib/gnutls_int.h,
5800
lib/gnutls_record.c, lib/gnutls_state.c,
5801
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli-args.c,
5802
src/cli-args.h, src/cli.c, src/serv-args.c, src/serv-args.h,
5803
src/serv.c, src/tests.c: Some small optimizations in heartbeat
5804
handling and regeneration of src/ args files.
5806
2012-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5808
* lib/gnutls_state.c: removed unneeded test
5810
2012-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5812
* src/tests.c, src/tests.h, src/tls_test.c: removed unneeded test.
5814
2012-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5816
* lib/ext/server_name.c, lib/ext/session_ticket.c, lib/ext/srp.c,
5817
lib/gnutls_session_pack.c, lib/gnutls_str.h: BUFFER_APPEND_PFX is no
5818
more. Replaced with BUFFER_APPEND_PFX4
5820
2012-08-28 Olga <olyasib12@gmail.com>
5822
* doc/cha-internals.texi, doc/cha-intro-tls.texi,
5823
doc/manpages/Makefile.am, doc/protocol/rfc6520.txt, lib/debug.c,
5824
lib/ext/Makefile.am, lib/ext/heartbeat.c, lib/ext/heartbeat.h,
5825
lib/gnutls_buffers.c, lib/gnutls_errors.c, lib/gnutls_extensions.c,
5826
lib/gnutls_int.h, lib/gnutls_record.c, lib/gnutls_record.h,
5827
lib/gnutls_state.c, lib/gnutls_str.h,
5828
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
5829
src/cli-args.def, src/cli.c, src/common.c, src/serv-args.def,
5830
src/serv.c, src/socket.c, src/tests.c, src/tests.h, src/tls_test.c:
5831
Added Heartbeat extension support. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
5833
2012-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5835
* lib/nettle/ecc_mulmod_wmnaf_cached.c: corrected deinitialization
5838
2012-08-30 Ilya Tumaykin <itumaykin@gmail.com>
5840
* lib/gnutls_global.c, lib/gnutls_global.h, lib/nettle/Makefile.am,
5841
lib/nettle/ecc.h, lib/nettle/ecc_make_key.c,
5842
lib/nettle/ecc_mulmod_wmnaf.c,
5843
lib/nettle/ecc_mulmod_wmnaf_cached.c,
5844
lib/nettle/ecc_projective_add_point.c,
5845
lib/nettle/ecc_projective_add_point_ng.c,
5846
lib/nettle/ecc_projective_dbl_point_3.c,
5847
lib/nettle/ecc_projective_isneutral.c,
5848
lib/nettle/ecc_projective_negate_point.c,
5849
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
5850
lib/nettle/ecc_verify_hash.c, lib/nettle/init.c, lib/nettle/pk.c,
5851
lib/nettle/wmnaf.c: wMNAF-based multiplication Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
5853
2012-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5855
* doc/TODO: Added extension in TODO list
5857
2012-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5859
* src/serv.c: On Linux with /proc/sys/net/ipv6/bindv6only == 0
5860
(which is now the default), gnutls-serv cannot listen on ipv6. Patch
5861
by Bernhard R. Link.
5863
2012-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5865
* lib/gnutls_pk.c, lib/gnutls_pk.h, lib/pkcs11_privkey.c: simplified
5866
ECDSA/DSA signature generation in tokens.
5868
2012-08-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5870
* NEWS: documented fix
5872
2012-08-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5874
* lib/nettle/pk.c: Revert "Use _gnutls_dsa_q_to_hash() only for
5875
warning reasons." This reverts commit 8bb82a3d386abc1c59cb16d3a6d8c68fb66a2170.
5877
2012-08-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5879
* lib/pkcs11_privkey.c: fix DSA and ECDSA signing in smart cards.
5881
2012-08-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5883
* src/common.c: null terminate the certificate being print
5885
2012-08-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5887
* lib/nettle/pk.c: Use _gnutls_dsa_q_to_hash() only for warning
5890
2012-08-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5892
* NEWS: documented fix
5894
2012-08-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5896
* src/certtool-common.c, src/certtool-common.h, src/certtool.c:
5897
Changes in password handling of certtool. Ask password when required and only if the '--password' option is
5898
not given. If the '--password' option is given during key
5899
generation then assume the PKCS #8 format.
5901
2012-08-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5903
* lib/x509/privkey_pkcs8.c: Prevent the usage of strlen() on null
5906
2012-08-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5908
* lib/gnutls_privkey.c: doc update
5910
2012-08-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5912
* doc/TODO: added new items
5914
2012-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5918
2012-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5920
* doc/TODO: heartbeat support is no longer in the todo
5922
2012-08-24 Simon Josefsson <simon@josefsson.org>
5924
* tests/suppressions.valgrind: Fix suppression rules.
5926
2012-08-24 Simon Josefsson <simon@josefsson.org>
5928
* .gitignore: Sort and add doc/tpm-api.texi.
5930
2012-08-24 Simon Josefsson <simon@josefsson.org>
5932
* configure.ac: Silence automake warning.
5934
2012-08-24 Simon Josefsson <simon@josefsson.org>
5936
* doc/manpages/Makefile.am: Generate manpages for tpm.h.
5938
2012-08-19 Simon Josefsson <simon@josefsson.org>
5940
* doc/manpages/Makefile.am: Generated.
5942
2012-08-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5944
* doc/cha-cert-auth.texi, lib/gnutls_cert.c: doc fix
5946
2012-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5948
* lib/gnutls_cert.c: remove debugging
5950
2012-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5952
* lib/gnutls_sig.c: When signing use the private key's algorithm.
5954
2012-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5956
* lib/auth/cert.h, lib/gnutls_cert.c, lib/gnutls_x509.c,
5957
lib/openpgp/gnutls_openpgp.c, lib/openpgp/pgp.c,
5958
lib/openpgp/privkey.c: Use the preferred key ID when reading the
5959
pk_algorithm in openpgp keys. gnutls_openpgp_*_get_pk_algorithm() returns the algorithm of the
5960
preferred key ID if set.
5962
2012-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5964
* doc/Makefile.am: Added missing functions
5966
2012-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5968
* NEWS, lib/ext/signature.c, lib/ext/signature.h, lib/gnutls_int.h,
5969
lib/gnutls_sig.c, lib/includes/gnutls/gnutls.h.in,
5970
lib/libgnutls.map: Added gnutls_sign_algorithm_get().
5972
2012-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5974
* tests/mini-handshake-timeout.c: removed unused variable
5976
2012-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5978
* lib/algorithms.h, lib/algorithms/sign.c, lib/ext/signature.c,
5979
lib/gnutls_pubkey.c, lib/gnutls_sig.c,
5980
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, lib/x509/crq.c,
5981
lib/x509/verify.c: gnutls_sign_get_pk_algorithm and
5982
gnutls_sign_get_hash_algorithm were exported.
5984
2012-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5986
* lib/ext/signature.c: When selecting a session signature algorithm
5987
consider the enabled.
5989
2012-08-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5991
* src/tpmtool.c: No need to ask for key password on registered keys.
5993
2012-08-16 Mark Brand <mabrand@mabrand.nl>
5995
* lib/system.c: fix case of include file Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
5997
2012-08-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5999
* lib/gnutls_buffers.c, lib/gnutls_priority.c, lib/gnutls_record.c:
6002
2012-08-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6004
* lib/system.c: Avoid stray return when compiling without trousers.
6006
2012-08-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6008
* tests/mini-handshake-timeout.c: avoid memory leak
6010
2012-08-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6012
* Makefile.am, NEWS: updates
6014
2012-08-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6016
* src/certtool.c: No need to require the private key to be present
6017
when generating a certificate.
6019
2012-08-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6021
* src/Makefile.am: Link srptool with libintl. Suggested by B. Scott
6024
2012-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6026
* NEWS: updated news
6028
2012-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6030
* doc/cha-gtls-app.texi, lib/gnutls_priority.c: Security levels can
6031
be combined as priority strings.
6033
2012-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6037
2012-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6039
* tests/mini-handshake-timeout.c: small updates in
6040
mini-handshake-timeout
6042
2012-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6044
* doc/cha-tokens.texi: document gnutls_random_art
6046
2012-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6048
* tests/Makefile.am, tests/mini-handshake-timeout.c: Added test that
6049
checks the handshake timeout.
6051
2012-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6053
* NEWS: updated news
6055
2012-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6057
* lib/gnutls_handshake.c: doc update
6059
2012-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6061
* cfg.mk, doc/Makefile.am: the new makeinfo sets the FLOAT_NAME by
6064
2012-08-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6066
* cfg.mk: corrected html generation
6068
2012-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6070
* cfg.mk: updated html doc
6072
2012-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6074
* lib/gnutls_handshake.c: doc update
6076
2012-08-09 Simon Josefsson <simon@josefsson.org>
6078
* guile/src/Makefile.am: Add gnulib -I's to guile-snarf command.
6080
2012-08-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6082
* doc/Makefile.am, doc/gnutls.texi: use FLOAT_NAME_IN_XREF
6084
2012-08-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6086
* NEWS, doc/Makefile.am, doc/cha-gtls-app.texi,
6087
doc/examples/ex-client-anon.c, doc/examples/ex-client-dtls.c,
6088
doc/examples/ex-client-psk.c, doc/examples/ex-client-resume.c,
6089
doc/examples/ex-client-srp.c, doc/examples/ex-client-x509.c,
6090
lib/gnutls_handshake.c, lib/gnutls_int.h,
6091
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli.c:
6092
gnutls_handshake_timeout() -> gnutls_handshake_set_timeout()
6094
2012-08-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6096
* NEWS, doc/Makefile.am, doc/cha-gtls-app.texi,
6097
doc/examples/ex-client-anon.c, doc/examples/ex-client-dtls.c,
6098
doc/examples/ex-client-psk.c, doc/examples/ex-client-resume.c,
6099
doc/examples/ex-client-srp.c, doc/examples/ex-client-x509.c,
6100
lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_handshake.c,
6101
lib/gnutls_int.h, lib/gnutls_record.c,
6102
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli.c: Added
6103
gnutls_handshake_timeout().
6105
2012-08-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6107
* doc/cha-upgrade.texi: document the deprecated functions in 3.1.x
6109
2012-08-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6111
* doc/cha-shared-key.texi: document the alloc functions
6113
2012-08-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6115
* NEWS, build-aux/config.rpath, configure.ac: released
6117
2012-08-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6119
* doc/Makefile.am, doc/gnutls.texi: distribute all generated files
6121
2012-08-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6123
* NEWS: documented TPM support
6125
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6127
* lib/gnutls_rsa_export.c: corrected typo
6129
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6131
* configure.ac, m4/hooks.m4: bumped version
6133
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6135
* lib/gnutls_cert.c, lib/pkcs11_privkey.c, lib/tpm.c: documentation
6138
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6140
* doc/Makefile.am, doc/gnutls.texi: better doc output
6142
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6144
* lib/Makefile.am: no need for libgnutlsxx.map
6146
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6148
* doc/examples/ex-cert-select.c, doc/invoke-certtool.texi,
6149
tests/pkcs12-decode/Makefile.am: corrected example and added missing
6152
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6154
* src/certtool.c: confirm password on key generation.
6156
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6158
* NEWS, lib/gnutls_privkey.c, lib/gnutls_x509.c,
6159
lib/includes/gnutls/abstract.h, lib/includes/gnutls/x509.h,
6160
lib/x509/pkcs12_encr.c, lib/x509/privkey.c,
6161
lib/x509/privkey_pkcs8.c, src/certtool-args.c,
6162
src/certtool-args.def, src/certtool-args.h, src/certtool-common.h,
6163
src/certtool.c, src/cli.c, tests/pkcs12-decode/pkcs12: Restored
6164
ability to decrypt PKCS #8 and #12 keys with a NULL password.
6165
Certtool now accepts the option --null-password.
6167
2012-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6169
* src/certtool.c: Exit with an error code if a PKCS #12 structure
6170
cannot be decrypted.
20
6172
2012-07-26 Petr Písař <petr.pisar@atlas.cz>
6671
13552
from the PSK branch: | * PSK ciphersuites have been added. |
6672
13553
* The session resumption data are now system independent. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
6674
2011-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6676
* NEWS: documented changes.
6678
2011-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6680
* lib/auth/ecdh_common.c, lib/crypto-backend.h, lib/gnutls_ecc.c,
6681
lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/nettle/Makefile.am,
6682
lib/nettle/ecc.h, lib/nettle/ecc_free.c, lib/nettle/ecc_make_key.c,
6683
lib/nettle/ecc_projective_check_point.c,
6684
lib/nettle/ecc_projective_dbl_point.c, lib/nettle/ecc_sign_hash.c,
6685
lib/nettle/pk.c, lib/pkcs11_write.c, lib/x509/key_decode.c,
6686
lib/x509/key_encode.c, lib/x509/mpi.c, lib/x509/privkey.c,
6687
lib/x509/x509_int.h: Verify that received ECDH public key lies on
6690
2011-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6692
* lib/gnutls_priority.c: ECDHE ciphersuites take precendence to
6695
2011-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6697
* NEWS, THANKS: documented fixes
6699
2011-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6701
* lib/nettle/ecc_test.c: re-removed file
6703
2011-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6705
* lib/x509/privkey_pkcs8.c: Report correct error on ECC key parsing
6708
2011-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6710
* lib/nettle/ecc.h, lib/nettle/ecc_mulmod.c,
6711
lib/nettle/ecc_projective_add_point.c,
6712
lib/nettle/ecc_projective_dbl_point.c,
6713
lib/nettle/ecc_projective_dbl_point_3.c, lib/nettle/ecc_test.c:
6714
converted more things to native gmp. This solves issue noticed in
6715
mips64 by Joseph Graham.
6717
2011-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6719
* tests/suite/testcompat-main: Added tests for null ciphersuites.
6721
2011-11-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6723
* NEWS: documented fix
6725
2011-11-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6727
* doc/Makefile.am, doc/cha-gtls-app.texi, doc/examples/Makefile.am,
6728
doc/examples/ex-client-udp.c, doc/examples/ex-client2.c,
6729
doc/examples/ex-rfc2818.c, doc/examples/examples.h,
6730
doc/examples/verify.c: Include only a single example with X.509
6731
client. This example includes certificate verification.
6733
2011-11-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6735
* doc/latex/Makefile.am: no libextra in doc
6737
2011-11-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6739
* lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h: corrected NULL
6740
cipher encryption. Reported by Fabrice Gautier.
6742
2011-11-04 Ludovic Courtès <ludo@gnu.org>
6744
* configure.ac, guile/modules/gnutls.in, guile/pre-inst-guile.in,
6745
guile/src/Makefile.am: guile: Rename `libguile-gnutls-v-2.la' to
6746
`guile-gnutls-v-2.la'.
6748
2011-11-04 Ludovic Courtès <ludo@gnu.org>
6750
* .gitignore, configure.ac, guile/modules/Makefile.am,
6751
guile/modules/gnutls.in, guile/modules/gnutls.scm,
6752
guile/pre-inst-guile.in, guile/src/Makefile.am: guile: Install
6753
libguile-gnutls under $(libdir)/guile/X.Y.
6755
2011-11-03 Ludovic Courtès <ludo@gnu.org>
6757
* guile/modules/gnutls.scm, guile/pre-inst-guile.in,
6758
guile/src/Makefile.am: guile: Rename to `libguile-gnutls-v-2'.
6760
2011-11-03 Ludovic Courtès <ludo@gnu.org>
6762
* doc/gnutls-guile.texi: doc: Make it clear that both Guile 1.8 and
6765
2011-11-03 Ludovic Courtès <ludo@gnu.org>
6767
* doc/Makefile.am, doc/gnutls-guile.texi: guile: Update doc to
6768
reflect the removal of (gnutls extra).
6770
2011-11-03 Ludovic Courtès <ludo@gnu.org>
6772
* guile/tests/openpgp-auth.scm, guile/tests/openpgp-keyring.scm,
6773
guile/tests/openpgp-keys.scm: guile: Remove uses of (gnutls extra)
6776
2011-11-03 Ludovic Courtès <ludo@gnu.org>
6778
* guile/modules/gnutls.scm, guile/modules/gnutls/build/enums.scm,
6779
guile/modules/gnutls/build/smobs.scm,
6780
guile/modules/gnutls/extra.scm, guile/pre-inst-guile.in,
6781
guile/src/Makefile.am, guile/src/core.c, guile/src/extra.c,
6782
guile/src/make-enum-header.scm, guile/src/make-enum-map.scm,
6783
guile/src/make-smob-header.scm, guile/src/make-smob-types.scm:
6784
guile: Merge the (gnutls extra) module in (gnutls); deprecate it.
6786
2011-11-03 Ludovic Courtès <ludo@gnu.org>
6788
* guile/pre-inst-guile.in, guile/src/Makefile.am: Reverting "Drop
6789
guile libgnutls-extra stuff."
6791
2011-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6793
* lib/gnutls_str.c, lib/gnutls_str.h, lib/openpgp/output.c,
6794
lib/x509/output.c: removed duplicate code.
6796
2011-11-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6798
* guile/modules/gnutls/build/enums.scm: removed enumerations that
6801
2011-11-02 Simon Josefsson <simon@josefsson.org>
6803
* lib/auth/srp.c: Fix typo.
6805
2011-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6807
* gl/Makefile.am, gl/hmac-md5.c, gl/hmac.h, gl/m4/gnulib-cache.m4,
6808
gl/m4/gnulib-comp.m4, gl/m4/md5.m4, gl/m4/memxor.m4, gl/md5.c,
6809
gl/md5.h, gl/memxor.c, gl/memxor.h, gl/tests/Makefile.am,
6810
gl/tests/test-hmac-md5.c, gl/tests/test-md5.c: hmac-md5 gnulib
6811
module was removed (it was no longer used)
6813
2011-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6815
* .gitignore: more files to ignore
6817
2011-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6819
* src/srptool.c: print all groups.
6821
2011-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6823
* lib/auth/srp.c, lib/auth/srp_passwd.c,
6824
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/prime.c,
6825
src/srptool.c: Added 3072 and 4096-bit groups from RFC5054.
6827
2011-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6829
* lib/gnutls_x509.c, lib/openpgp/gnutls_openpgp.c,
6830
src/certtool-common.c, src/certtool.c, src/cli.c,
6831
src/crywrap/crywrap.c: read_file() and friends are accessed as
6834
2011-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6836
* gl/override/lib/read-file.c.diff,
6837
gl/override/lib/read-file.h.diff,
6838
gl/override/tests/test-read-file.c.diff, gl/read-file.c,
6839
gl/read-file.h, gl/tests/test-read-file.c: read_file and friends
6840
were renamed to gl_read_file.
6842
2011-10-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6844
* THANKS: added David
6846
2011-10-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6848
* NEWS: documented fix
6850
2011-10-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6852
* doc/Makefile.am: errcodes printlist and alert-printlist become
6853
EXTRA_PROGRAMS so they are not built by default.
6855
2011-10-28 Simon Josefsson <simon@josefsson.org>
6857
* cfg.mk: Fix bootstrap rule to avoid duplicate gettext files.
6859
2011-10-28 Simon Josefsson <simon@josefsson.org>
6861
* cfg.mk: Remove old hack.
6863
2011-10-28 Simon Josefsson <simon@josefsson.org>
6865
* guile/pre-inst-guile.in, guile/src/Makefile.am: Drop guile
6866
libgnutls-extra stuff.
6868
2011-10-28 Simon Josefsson <simon@josefsson.org>
6870
* doc/gnutls.texi: Avoid line wrapping copyright line.
6872
2011-10-28 Simon Josefsson <simon@josefsson.org>
6874
* build-aux/config.rpath: Update config.rpath from gnulib.
6876
2011-10-28 Simon Josefsson <simon@josefsson.org>
6878
* doc/manpages/Makefile.am, doc/reference/gnutls-docs.sgml: Drop
6879
more libgnutls-extra related stuff.
6881
2011-10-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6883
* NEWS, configure.ac, m4/hooks.m4: released 3.0.5
6885
2011-10-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6887
* tests/utils.c: added stdarg.h for vsnprintf.
6889
2011-10-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6891
* src/benchmark.c, src/benchmark.h: win32 fixes by David Hoyt.
6893
2011-10-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6895
* doc/examples/Makefile.am: more builddir fixes.
6897
2011-10-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6899
* build-aux/config.rpath, gl/Makefile.am, gl/connect.c,
6900
gl/inet_ntop.c, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
6901
gl/m4/inet_ntop.m4, gl/recv.c, gl/send.c, gl/tests/Makefile.am,
6902
gl/tests/connect.c, gl/tests/test-inet_ntop.c,
6903
gl/tests/test-recv.c, gl/tests/test-send.c: Added recv(), send(),
6904
connect() and inet_ntop() gnulib modules.
6906
2011-10-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6908
* lib/gnutls_int.h, lib/opencdk/opencdk.h: do not unconditionally
6909
include sys/socket.h.
6911
2011-10-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6913
* gl/Makefile.am, gl/close.c, gl/m4/gnulib-cache.m4,
6914
gl/m4/gnulib-comp.m4, gl/tests/Makefile.am, gl/tests/close.c: Added
6915
gnulib close module.
6917
2011-10-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6919
* lib/nettle/rnd.c: do not use NULL for device_fd in windows.
6921
2011-10-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6923
* lib/opencdk/main.c: no need to include windows.h here.
6925
2011-10-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6927
* .gitignore: more files to ignore
6929
2011-10-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6931
* src/certtool-cfg.c, src/cli.c, src/tls_test.c, src/udp-serv.c:
6934
2011-10-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6936
* gl/Makefile.am, gl/arpa_inet.in.h, gl/errno.in.h, gl/inet_pton.c,
6937
gl/m4/ftruncate.m4, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
6938
gl/m4/ioctl.m4, gl/m4/perror.m4, gl/m4/pipe.m4, gl/m4/select.m4,
6939
gl/m4/signal_h.m4, gl/m4/strerror_r.m4, gl/m4/sys_ioctl_h.m4,
6940
gl/m4/sys_select_h.m4, gl/m4/thread.m4, gl/m4/yield.m4,
6941
gl/math.in.h, gl/select.c, gl/signal.in.h, gl/strerror-override.c,
6942
gl/strerror-override.h, gl/sys_select.in.h, gl/tests/Makefile.am,
6943
gl/tests/arpa_inet.in.h, gl/tests/connect.c, gl/tests/ftruncate.c,
6944
gl/tests/glthread/lock.c, gl/tests/glthread/lock.h,
6945
gl/tests/glthread/thread.c, gl/tests/glthread/thread.h,
6946
gl/tests/glthread/threadlib.c, gl/tests/glthread/yield.h,
6947
gl/tests/inet_pton.c, gl/tests/ioctl.c, gl/tests/perror.c,
6948
gl/tests/pipe.c, gl/tests/strerror_r.c, gl/tests/sys_ioctl.in.h,
6949
gl/tests/test-connect.c, gl/tests/test-ftruncate.c,
6950
gl/tests/test-ftruncate.sh, gl/tests/test-ioctl.c,
6951
gl/tests/test-lock.c, gl/tests/test-perror.c,
6952
gl/tests/test-perror.sh, gl/tests/test-perror2.c,
6953
gl/tests/test-pipe.c, gl/tests/test-select-fd.c,
6954
gl/tests/test-select-in.sh, gl/tests/test-select-out.sh,
6955
gl/tests/test-select-stdin.c, gl/tests/test-select.c,
6956
gl/tests/test-select.h, gl/tests/test-signal-h.c,
6957
gl/tests/test-strerror_r.c, gl/tests/test-sys_ioctl.c,
6958
gl/tests/test-sys_select.c, gl/tests/test-thread_create.c,
6959
gl/tests/test-thread_self.c, gl/tests/w32sock.h, gl/w32sock.h,
6960
maint.mk: new gnulib + added select + inet_pton.
6962
2011-10-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6964
* src/common.h, src/udp-serv.c: netinet headers were put on an
6967
2011-10-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6969
* doc/cha-gtls-app.texi: more libextra doc fixes.
6971
2011-10-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6973
* doc/cha-functions.texi: extra-api is no more
6975
2011-10-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6977
* lib/accelerated/x86/asm-coff/cpuid-x86-64-coff.s,
6978
lib/accelerated/x86/asm-coff/cpuid-x86-coff.s: corrected symbols for
6981
2011-10-25 Simon Josefsson <simon@josefsson.org>
6983
* NEWS, lib/minitasn1/decoding.c, lib/minitasn1/element.c,
6984
lib/minitasn1/element.h, lib/minitasn1/errors.c,
6985
lib/minitasn1/gstr.c, lib/minitasn1/gstr.h, lib/minitasn1/int.h,
6986
lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
6987
lib/minitasn1/parser_aux.h, lib/minitasn1/structure.c,
6988
lib/minitasn1/structure.h, lib/minitasn1/version.c: Update to
6991
2011-10-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6993
* configure.ac: changed mingw32 detection
6995
2011-10-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6997
* configure.ac, lib/accelerated/x86/Makefile.am,
6998
lib/accelerated/x86/asm-coff/appro-aes-gcm-x86-64-coff.s,
6999
lib/accelerated/x86/asm-coff/appro-aes-x86-64-coff.s,
7000
lib/accelerated/x86/asm-coff/cpuid-x86-64-coff.s,
7001
lib/accelerated/x86/asm-coff/padlock-x86-64-coff.s: added coff files
7004
2011-10-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7006
* lib/accelerated/x86/Makefile.am,
7007
lib/accelerated/x86/asm-coff/appro-aes-x86-coff.s,
7008
lib/accelerated/x86/asm-coff/cpuid-x86-coff.s,
7009
lib/accelerated/x86/asm-coff/padlock-x86-coff.s,
7010
lib/accelerated/x86/coff/appro-aes-x86-coff.s,
7011
lib/accelerated/x86/coff/padlock-x86-coff.s: Added coff version of
7014
2011-10-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7016
* .gitignore: more files to ignore
7018
2011-10-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7020
* configure.ac, lib/accelerated/x86/Makefile.am,
7021
lib/accelerated/x86/coff/appro-aes-x86-coff.s,
7022
lib/accelerated/x86/coff/padlock-x86-coff.s: Added COFF versions of
7025
2011-10-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7027
* THANKS: Added Jan.
7029
2011-10-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7031
* lib/minitasn1/coding.c: use coding.c from libtasn1 git, to avoid
7032
issue when compiled with gcc-4.6.
7034
2011-10-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7036
* lib/accelerated/x86/aes-padlock.c: Corrected PHE-partial test.
7038
2011-10-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7040
* NEWS: documented fixes
7042
2011-10-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7044
* lib/gnutls_global.c: library mismatch error is no longer used
7046
2011-10-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7048
* lib/accelerated/x86/Makefile.am,
7049
lib/accelerated/x86/aes-padlock.c,
7050
lib/accelerated/x86/aes-padlock.h,
7051
lib/accelerated/x86/asm/padlock-common.s,
7052
lib/accelerated/x86/sha-padlock.h: PHE-partial detection is not
7053
being done, instead of checking for VIA nano.
7055
2011-10-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7057
* lib/accelerated/x86/Makefile.am,
7058
lib/accelerated/x86/aes-padlock.h,
7059
lib/accelerated/x86/asm/padlock-common.s: No need to check for
7060
padlock nano in 32-bit systems, so simplify things.
7062
2011-10-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7064
* lib/gnutls_hash_int.c: initialize only a fully available hash
7066
2011-10-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7068
* lib/accelerated/x86/asm/padlock-common.s: is_padlock_nano is
7069
behaving properly and saving registers.
7071
2011-10-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7073
* lib/gnutls_errors.c: removed libextra error codes.
7075
2011-10-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7077
* guile/modules/gnutls.scm, guile/src/make-enum-header.scm: removed
7078
extra.h header from guile code.
7080
2011-10-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7082
* lib/includes/gnutls/gnutls.h.in: removed libextra errors.
7084
2011-10-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7086
* src/serv.c, src/udp-serv.c: added extra headers.
7088
2011-10-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7090
* .gitignore, doc/latex/.gitignore, gl/Makefile.am, gl/accept.c,
7091
gl/bind.c, gl/frexp.c, gl/frexpl.c, gl/getpeername.c, gl/gettext.h,
7092
gl/isnan.c, gl/listen.c, gl/m4/arpa_inet_h.m4, gl/m4/frexp.m4,
7093
gl/m4/frexpl.m4, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
7094
gl/m4/include_next.m4, gl/m4/inet_pton.m4, gl/m4/isnand.m4,
7095
gl/m4/isnanl.m4, gl/m4/ldexpl.m4, gl/m4/math_h.m4,
7096
gl/m4/printf-frexpl.m4, gl/m4/printf.m4, gl/m4/stdlib_h.m4,
7097
gl/m4/vasnprintf.m4, gl/math.in.h, gl/override/lib/gettext.h.diff,
7098
gl/printf-frexp.c, gl/printf-frexpl.c, gl/recvfrom.c, gl/sendto.c,
7099
gl/setsockopt.c, gl/shutdown.c, gl/socket.c, gl/stdlib.in.h,
7100
gl/tests/Makefile.am, gl/tests/arpa_inet.in.h,
7101
gl/tests/inet_pton.c, gl/tests/test-accept.c,
7102
gl/tests/test-arpa_inet.c, gl/tests/test-bind.c,
7103
gl/tests/test-getpeername.c, gl/tests/test-inet_pton.c,
7104
gl/tests/test-isnanl.h, gl/tests/test-listen.c,
7105
gl/tests/test-recvfrom.c, gl/tests/test-sendto.c,
7106
gl/tests/test-setsockopt.c, gl/tests/test-shutdown.c,
7107
gl/vasnprintf.c, maint.mk: added new gnulib and modules.
7109
2011-10-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7111
* extra/Makefile.am, lib/Makefile.am, lib/accelerated/Makefile.am,
7112
lib/accelerated/x86/Makefile.am, lib/algorithms/Makefile.am,
7113
lib/auth/Makefile.am, lib/ext/Makefile.am, lib/nettle/Makefile.am,
7114
lib/opencdk/Makefile.am, lib/openpgp/Makefile.am, src/Makefile.am:
7115
more builddir fixes by David Hoyt.
7117
2011-10-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7119
* lib/Makefile.am: Added includes in Makefile.am
7121
2011-10-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7123
* lib/accelerated/Makefile.am, lib/algorithms/Makefile.am,
7124
lib/auth/Makefile.am, lib/ext/Makefile.am,
7125
lib/minitasn1/Makefile.am, lib/nettle/Makefile.am,
7126
lib/opencdk/Makefile.am, lib/openpgp/Makefile.am: Added
7127
-I$(builddir)/../../gl to CFLAGS.
7129
2011-10-21 Simon Josefsson <simon@josefsson.org>
7131
* lib/accelerated/x86/Makefile.am: Add -I to fix building. Reported by "Hoyt, David" <hoyt6@llnl.gov>.
7133
2011-10-21 Simon Josefsson <simon@josefsson.org>
7135
* lib/Makefile.am, lib/x509/Makefile.am: Also add -I's for gnulib's
7136
build directory, for mingw. Reported by "Hoyt, David" <hoyt6@llnl.gov>.
7138
2011-10-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7140
* NEWS, extra/gnutls_extra.c, guile/src/extra.c,
7141
lib/auth/srp_passwd.c, lib/gnutls_srp.c: removed more extra.h
7144
2011-10-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7146
* lib/accelerated/x86/asm/appro-aes-gcm-x86-64.s,
7147
lib/accelerated/x86/asm/appro-aes-x86-64.s,
7148
lib/accelerated/x86/asm/appro-aes-x86.s,
7149
lib/accelerated/x86/asm/cpuid-x86-64.s,
7150
lib/accelerated/x86/asm/cpuid-x86.s,
7151
lib/accelerated/x86/asm/padlock-common.s,
7152
lib/accelerated/x86/asm/padlock-x86-64.s,
7153
lib/accelerated/x86/asm/padlock-x86.s: updated gnustack note.
7155
2011-10-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7157
* src/certtool-common.c, src/pkcs11.c, src/psk.c, src/srptool.c,
7158
src/tests.c, src/tls_test.c: extra.h is no more.
7160
2011-10-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7162
* Makefile.am, NEWS, README, configure.ac, doc/Makefile.am,
7163
doc/cha-internals.texi, doc/examples/Makefile.am,
7164
doc/manpages/Makefile.am, doc/reference/Makefile.am,
7165
extra/Makefile.am, extra/gnutls-extra.pc.in, extra/gnutls_extra.c,
7166
extra/gnutls_openssl.c, extra/includes/Makefile.am,
7167
extra/includes/gnutls/openssl.h, extra/libgnutls-extra.map,
7168
extra/openssl_compat.c, extra/openssl_compat.h,
7169
guile/src/Makefile.am, libextra/Makefile.am,
7170
libextra/gnutls-extra.pc.in, libextra/gnutls_extra.c,
7171
libextra/gnutls_openssl.c, libextra/includes/Makefile.am,
7172
libextra/includes/gnutls/extra.h,
7173
libextra/includes/gnutls/openssl.h, libextra/libgnutls-extra.map,
7174
libextra/openssl_compat.c, libextra/openssl_compat.h,
7175
src/Makefile.am, tests/Makefile.am, tests/openpgp-keyring.c,
7176
tests/suite/Makefile.am: libgnutls-extra is no more.
7178
2011-10-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7180
* lib/pkcs11.c, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
7181
lib/pkcs11_write.c: Added Stef to authors of pkcs11.
7183
2011-10-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7185
* NEWS, THANKS: documented fix
7187
2011-10-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7189
* lib/x509/common.c: Corrected bug in gnutls_x509_data2hex. Report
7190
and fix by Vincent Untz.
7192
2011-10-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7194
* NEWS: updated for register_md5_handler().
7196
2011-10-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7198
* libextra/includes/gnutls/extra.h, libextra/libgnutls-extra.map:
7199
completely drop gnutls_register_md5_handler()
7201
2011-10-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7203
* lib/accelerated/x86/asm/padlock-common.s: Added gnu-stack note.
7205
2011-10-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7207
* NEWS, doc/scripts/Makefile.am: released 3.0.4
7209
2011-10-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7211
* tests/pathlen/ca-no-pathlen.pem,
7212
tests/pathlen/no-ca-or-pathlen.pem: updated tests for new key ID
7214
2011-10-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7216
* lib/x509/privkey.c: key id is being calculated the same way in
7217
private keys as in public keys.
7219
2011-10-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7221
* doc/Makefile.am, doc/cha-intro-tls.texi, doc/cha-tls-app.texi,
7222
doc/gnutls.texi, doc/latex/Makefile.am, doc/latex/gnutls.tex,
7223
doc/scripts/gdoc, doc/scripts/mytexi2latex, doc/scripts/sort1.pl,
7224
doc/scripts/split-texi.pl, doc/scripts/split.pl,
7225
doc/sec-tls-app.texi, tests/nist-pkits/build-chain: 'How to use TLS
7226
in application protocols' section was moved to introduction to TLS.
7229
2011-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7231
* src/tests.c, src/tests.h, src/tls_test.c: Added a test for servers
7232
not accepting small records.
7234
2011-10-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7236
* lib/accelerated/x86/asm/padlock-x86-64.s,
7237
lib/accelerated/x86/asm/padlock-x86.s: new version of padlock by
7240
2011-10-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7242
* NEWS, configure.ac, m4/hooks.m4: bumped versions
7244
2011-10-12 Simon Josefsson <simon@josefsson.org>
7246
* .gitignore: Add and sort.
7248
2011-10-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7250
* doc/cha-intro-tls.texi: updated text
7252
2011-10-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7254
* m4/hooks.m4: check for nettle 2.4 or later
7256
2011-10-10 Simon Josefsson <simon@josefsson.org>
7258
* src/cli.c: Fix type of keyid (finally!).
7260
2011-10-10 Simon Josefsson <simon@josefsson.org>
7262
* doc/manpages/Makefile.am, lib/includes/gnutls/abstract.h: More doc
7265
2011-10-10 Simon Josefsson <simon@josefsson.org>
7267
* lib/gnutls_x509.c: GTK-DOC doc fix.
7269
2011-10-10 Simon Josefsson <simon@josefsson.org>
7271
* src/cli.c: Use gnutls_openpgp_keyid_t type for keyid variable.
7273
2011-10-10 Simon Josefsson <simon@josefsson.org>
7275
* src/cli.c: Include stdint.h to get uint8_t.
7277
2011-10-10 Simon Josefsson <simon@josefsson.org>
7279
* src/cli.c: Revert "avoid usage of C99 constructs." This reverts commit 643ebdf12b415fc3edd3b7bc12654bc92d3aed24.
7281
2011-10-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7283
* lib/accelerated/x86/asm/padlock-x86-64.s,
7284
lib/accelerated/x86/asm/padlock-x86.s: updated Andy's code.
7285
padlock_shax_blocks does not require any more, the state to be of
7288
2011-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7290
* src/tests.c: Corrected check for AES-GCM
7292
2011-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7294
* src/tests.c, src/tests.h, src/tls_test.c: test for camellia
7296
2011-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7298
* src/cli.c: avoid usage of C99 constructs.
7300
2011-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7302
* lib/accelerated/x86/Makefile.am,
7303
lib/accelerated/x86/asm/padlock-common.s,
7304
lib/accelerated/x86/asm/padlock-x86-64.s,
7305
lib/accelerated/x86/asm/padlock-x86.s: is_padlock_nano moved to
7306
padlock-common.s to allow easier upgrade to Andy's newer code.
7308
2011-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7310
* tests/cipher-test.c: Added more elaborate test of hash functions.
7312
2011-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7314
* lib/gnutls_int.h, lib/x509/mpi.c: HASH2MAC macro is no more.
7316
2011-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7318
* NEWS, lib/gnutls_ui.c, lib/x509/common.c, lib/x509/common.h,
7319
lib/x509/crq.c, lib/x509/output.c, lib/x509/x509.c, src/certtool.c:
7320
Key ID calculation is now consistent on all structures. It is a SHA1
7321
hash of the subjectPublicKeyInfo structures.
7323
2011-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7325
* doc/cha-library.texi: simplified documentation
7327
2011-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7329
* NEWS, doc/cha-intro-tls.texi: documentation update
7331
2011-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7333
* src/tests.c, src/tests.h, src/tls_test.c: Added tests for ECDHE,
7336
2011-10-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7338
* NEWS, lib/gnutls_sig.c: fixes to enable the external signing
7339
callback to operate with TLS 1.2
7341
2011-10-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7343
* NEWS, doc/cha-auth.texi, doc/cha-cert-auth.texi, lib/auth/cert.c,
7344
lib/gnutls_cert.c, lib/gnutls_privkey.c, lib/gnutls_x509.c,
7345
lib/includes/gnutls/abstract.h, lib/includes/gnutls/compat.h,
7346
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added new
7347
signing callback in gnutls_privkey_t.
7349
2011-10-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7351
* gl/Makefile.am, gl/m4/math_h.m4, gl/math.in.h: updated gnulib.
7353
2011-10-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7355
* NEWS: documented fix
7357
2011-10-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7359
* lib/x509/x509.c: corrected bug in key id extraction. Reported by
7362
2011-10-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7364
* lib/accelerated/x86/aes-padlock.c,
7365
lib/accelerated/x86/aes-padlock.h,
7366
lib/accelerated/x86/asm/padlock-x86-64.s,
7367
lib/accelerated/x86/asm/padlock-x86.s,
7368
lib/accelerated/x86/hmac-padlock.c,
7369
lib/accelerated/x86/sha-padlock.c, src/benchmark-cipher.c: better
7370
detection of padlock PHE.
7372
2011-10-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7374
* .gitignore, NEWS, lib/accelerated/Makefile.am,
7375
lib/accelerated/accelerated.c, lib/accelerated/x86/Makefile.am,
7376
lib/accelerated/x86/aes-padlock.c,
7377
lib/accelerated/x86/aes-padlock.h,
7378
lib/accelerated/x86/hmac-padlock.c,
7379
lib/accelerated/x86/sha-padlock.c,
7380
lib/accelerated/x86/sha-padlock.h, lib/accelerated/x86/x86.h,
7381
lib/nettle/mac.c, tests/cipher-test.c: Updates for padlock hashes in
7382
C7 nano. Requires a part of nettle to be included.
7384
2011-10-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7386
* lib/accelerated/x86/aes-gcm-padlock.c: Always use encryption
7389
2011-10-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7391
* src/Makefile.am, src/serv.c: libextra is not needed for neither
7394
2011-10-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7396
* configure.ac: corrected path
7398
2011-10-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7400
* lib/accelerated/x86/asm/padlock-x86-64.s,
7401
lib/accelerated/x86/asm/padlock-x86.s: updated padlock code.
7403
2011-10-04 Nikos Mavrogiannopoulos <nikos@thingfish.esat.kuleuven.be>
7405
* lib/gnutls_str_array.h, lib/nettle/rnd.c, lib/system.c: fixes in
7406
headers. Suggested by Bjorn Christensen.
7408
2011-10-04 Nikos Mavrogiannopoulos <nikos@thingfish.esat.kuleuven.be>
7410
* lib/accelerated/Makefile.am, lib/accelerated/intel/.gitignore,
7411
lib/accelerated/intel/Makefile.am, lib/accelerated/intel/README,
7412
lib/accelerated/intel/aes-gcm-padlock.c,
7413
lib/accelerated/intel/aes-gcm-x86.c,
7414
lib/accelerated/intel/aes-padlock.c,
7415
lib/accelerated/intel/aes-padlock.h,
7416
lib/accelerated/intel/aes-x86.c, lib/accelerated/intel/aes-x86.h,
7417
lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s,
7418
lib/accelerated/intel/asm/appro-aes-x86-64.s,
7419
lib/accelerated/intel/asm/appro-aes-x86.s,
7420
lib/accelerated/intel/asm/cpuid-x86-64.s,
7421
lib/accelerated/intel/asm/cpuid-x86.s,
7422
lib/accelerated/intel/asm/padlock-x86-64.s,
7423
lib/accelerated/intel/asm/padlock-x86.s,
7424
lib/accelerated/intel/license.txt,
7425
lib/accelerated/intel/sha-padlock.c, lib/accelerated/intel/x86.h,
7426
lib/accelerated/x86/.gitignore, lib/accelerated/x86/Makefile.am,
7427
lib/accelerated/x86/README, lib/accelerated/x86/aes-gcm-padlock.c,
7428
lib/accelerated/x86/aes-gcm-x86.c,
7429
lib/accelerated/x86/aes-padlock.c,
7430
lib/accelerated/x86/aes-padlock.h, lib/accelerated/x86/aes-x86.c,
7431
lib/accelerated/x86/aes-x86.h,
7432
lib/accelerated/x86/asm/appro-aes-gcm-x86-64.s,
7433
lib/accelerated/x86/asm/appro-aes-x86-64.s,
7434
lib/accelerated/x86/asm/appro-aes-x86.s,
7435
lib/accelerated/x86/asm/cpuid-x86-64.s,
7436
lib/accelerated/x86/asm/cpuid-x86.s,
7437
lib/accelerated/x86/asm/padlock-x86-64.s,
7438
lib/accelerated/x86/asm/padlock-x86.s,
7439
lib/accelerated/x86/license.txt, lib/accelerated/x86/sha-padlock.c,
7440
lib/accelerated/x86/x86.h: intel directory renamed to x86.
7442
2011-10-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7446
2011-10-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7448
* .gitignore, gl/Makefile.am, gl/error.c, gl/float.c,
7449
gl/float.in.h, gl/fstat.c, gl/itold.c, gl/lseek.c, gl/m4/close.m4,
7450
gl/m4/dup2.m4, gl/m4/fdopen.m4, gl/m4/float_h.m4, gl/m4/fstat.m4,
7451
gl/m4/gnulib-cache.m4, gl/m4/gnulib-common.m4,
7452
gl/m4/gnulib-comp.m4, gl/m4/msvc-nothrow.m4, gl/m4/pathmax.m4,
7453
gl/m4/stdio_h.m4, gl/m4/sys_stat_h.m4, gl/m4/unistd_h.m4,
7454
gl/math.in.h, gl/msvc-inval.c, gl/msvc-inval.h, gl/msvc-nothrow.c,
7455
gl/msvc-nothrow.h, gl/opendir.c, gl/sockets.c, gl/sockets.h,
7456
gl/stdio.in.h, gl/strings.in.h, gl/sys_stat.in.h,
7457
gl/tests/Makefile.am, gl/tests/close.c, gl/tests/dup2.c,
7458
gl/tests/fdopen.c, gl/tests/msvc-inval.c, gl/tests/msvc-inval.h,
7459
gl/tests/test-close.c, gl/tests/test-dup2.c, gl/tests/test-fgetc.c,
7460
gl/tests/test-fputc.c, gl/tests/test-fread.c,
7461
gl/tests/test-fwrite.c, gl/unistd.in.h, gl/w32sock.h, maint.mk:
7464
2011-10-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7466
* lib/gnutls_sig.c: added an assert
7468
2011-10-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7470
* doc/cha-gtls-app.texi: doc fixes
7472
2011-10-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7474
* lib/gnutls_dtls.c: replaced uint type.
7476
2011-10-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7478
* lib/nettle/egd.c, lib/nettle/rnd.c: fix compilation in windows
7480
2011-10-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7482
* doc/cha-library.texi: updated text.
7484
2011-10-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7486
* lib/accelerated/intel/Makefile.am,
7487
lib/accelerated/intel/aes-padlock.c,
7488
lib/accelerated/intel/aes-padlock.h,
7489
lib/accelerated/intel/sha-padlock.c, lib/gnutls_str.h: Added ability
7490
to hash and hmac with VIA padlock.
7492
2011-10-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7494
* NEWS: documented updates
7496
2011-10-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7498
* lib/nettle/mac.c: optimizations in hmac.
7500
2011-10-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7502
* lib/crypto-backend.h, lib/gnutls_cipher_int.h,
7503
lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_mpi.h,
7504
lib/gnutls_pk.h, lib/nettle/cipher.c, lib/nettle/mac.c,
7505
lib/nettle/mpi.c, lib/nettle/pk.c, lib/nettle/rnd.c,
7506
libextra/Makefile.am, libextra/fipsmd5.c, libextra/gnutls_extra.c:
7507
The hash_fast() and hmac_fast() functions can be registered as well
7508
to allow backends with optimized (hw) implementations. In the nettle
7509
backend the different is one memory allocation less.
7511
2011-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7513
* lib/gnutls_cipher_int.h, lib/gnutls_hash_int.h, lib/gnutls_mpi.h,
7514
lib/gnutls_pk.h, lib/nettle/cipher.c, lib/nettle/mac.c,
7515
lib/nettle/mpi.c, lib/nettle/pk.c, lib/nettle/rnd.c: operations
7516
structures were made constants.
7518
2011-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7520
* lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_state.c:
7521
simplified usage of resume_true and resume_false.
7523
2011-09-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7525
* lib/gnutls_constate.c: simplified assignment of server_write and
7528
2011-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7530
* lib/accelerated/intel/aes-padlock.c,
7531
lib/accelerated/intel/asm/padlock-x86.s: movdqa replaced with movaps
7532
(C3 doesn't support SSE2 but only SSE)
7534
2011-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7536
* lib/accelerated/intel/aes-padlock.c: manually keep the IV.
7538
2011-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7540
* lib/accelerated/intel/asm/padlock-x86.s: re-added ecb
7542
2011-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7544
* lib/accelerated/intel/asm/padlock-x86-64.s,
7545
lib/accelerated/intel/asm/padlock-x86.s: removed unused modes.
7547
2011-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7549
* src/benchmark-cipher.c, src/benchmark.h, src/cli-gaa.c,
7550
src/cli-gaa.h, src/cli.gaa: Allow benchmarking the software version
7553
2011-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7555
* configure.ac, src/p11common.c: fixed compilation without p11-kit
7557
2011-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7559
* lib/accelerated/intel/aes-padlock.c: enabled VIA acceleration.
7561
2011-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7563
* src/benchmark.c: small update
7565
2011-09-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7567
* THANKS: more people to thank
7569
2011-09-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7571
* doc/examples/ex-pkcs11-list.c, src/benchmark.c, src/udp-serv.c:
7572
include config.h where needed.
7574
2011-09-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7576
* tests/suite/testcompat-main: worked around openssl 1.0.0e bug
7579
2011-09-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7581
* src/udp-serv.c: udp-serv includes config.h.
7583
2011-09-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7585
* lib/opencdk/read-packet.c, lib/opencdk/stream.c: corrections in
7588
2011-09-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7590
* configure.ac, lib/accelerated/Makefile.am,
7591
lib/accelerated/accelerated.c, lib/accelerated/intel/Makefile.am,
7592
lib/accelerated/intel/x86.h, lib/accelerated/x86.h: Better usage of
7593
X86 conditionals to simplify and avoid an undefined warning in
7596
2011-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7598
* lib/nettle/egd.c: a hack to allow compilation on systems without
7601
2011-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7603
* lib/gnutls_pcert.c: Disable openpgp code when not requested.
7604
Reported by Bjorn Christensen.
7606
2011-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7608
* tests/cve-2009-1416.c, tests/mpi.c, tests/rng-fork.c,
7609
tests/x509cert-tl.c, tests/x509cert.c: more silent tests.
7611
2011-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7613
* NEWS, gl/m4/valgrind-tests.m4,
7614
gl/override/m4/valgrind-tests.m4.diff, lib/gnutls_cipher.c,
7615
lib/gnutls_compress.c, lib/gnutls_compress.h,
7616
lib/gnutls_constate.c, lib/gnutls_int.h, tests/Makefile.am,
7617
tests/libgcrypt.supp, tests/safe-renegotiation/Makefile.am,
7618
tests/safe-renegotiation/suppressions.valgrind,
7619
tests/suppressions.valgrind: Further optimizations in the
7620
compression code. Re-enabled the test program by suppressing the
7623
2011-09-23 Simon Josefsson <simon@josefsson.org>
7625
* tests/utils.c: Redeuce self-test noise.
7627
2011-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7629
* .gitignore: more files to ignore
7631
2011-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7633
* configure.ac, doc/latex/Makefile.am, doc/latex/cover-epub.tex,
7634
doc/latex/cover.tex.in, doc/latex/epub.tex,
7635
doc/latex/macros-epub.tex: Added epub version of manual
7637
2011-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7639
* doc/latex/gnutls.bib: corrected typos
7641
2011-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7643
* doc/latex/gnutls.tex, doc/scripts/mytexi2latex: pdf is the image
7646
2011-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7648
* tests/Makefile.am: deflate test moved out
7650
2011-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7652
* lib/gnutls_compress.c: removed uneeded vars
7654
2011-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7656
* lib/gnutls_cipher.c, lib/gnutls_compress.c,
7657
lib/gnutls_compress.h, lib/gnutls_record.c, tests/Makefile.am,
7658
tests/eagain-common.h, tests/mini-deflate.c: Simplified and
7659
corrected decompression and compression. Added test program.
7661
2011-09-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7663
* src/common.c: print session ID
7665
2011-09-21 Simon Josefsson <simon@josefsson.org>
7667
* .gitignore, NEWS, lib/includes/gnutls/x509.h, lib/x509/output.c,
7668
lib/x509/x509.c, tests/infoaccess.c: libgnutls:
7669
gnutls_x509_crt_print supports printing AIA fields. Support
7672
2011-09-21 Simon Josefsson <simon@josefsson.org>
7674
* lib/includes/gnutls/x509.h: Improve gnutls_info_access_what_t
7677
2011-09-21 Simon Josefsson <simon@josefsson.org>
7679
* configure.ac, doc/scripts/gdoc, lib/auth/cert.c: Fix syntax-check
7682
2011-09-21 Simon Josefsson <simon@josefsson.org>
7684
* gl/Makefile.am, gl/closedir.c, gl/dirent-private.h,
7685
gl/dirent.in.h, gl/filename.h, gl/isnan.c, gl/m4/argp.m4,
7686
gl/m4/closedir.m4, gl/m4/dirent_h.m4, gl/m4/environ.m4,
7687
gl/m4/fcntl-o.m4, gl/m4/fcntl_h.m4, gl/m4/frexp.m4,
7688
gl/m4/frexpl.m4, gl/m4/getcwd.m4, gl/m4/getpass.m4,
7689
gl/m4/gnulib-comp.m4, gl/m4/iconv.m4, gl/m4/include_next.m4,
7690
gl/m4/ldexpl.m4, gl/m4/lseek.m4, gl/m4/msvc-inval.m4,
7691
gl/m4/nocrash.m4, gl/m4/opendir.m4, gl/m4/pathmax.m4,
7692
gl/m4/printf-frexpl.m4, gl/m4/printf.m4, gl/m4/readdir.m4,
7693
gl/m4/setenv.m4, gl/m4/signbit.m4, gl/m4/sleep.m4,
7694
gl/m4/ssize_t.m4, gl/m4/stdint.m4, gl/m4/stdio_h.m4,
7695
gl/m4/strings_h.m4, gl/m4/sys_stat_h.m4, gl/m4/sys_time_h.m4,
7696
gl/m4/sys_types_h.m4, gl/m4/time_h.m4, gl/m4/unistd_h.m4,
7697
gl/m4/vasnprintf.m4, gl/math.in.h, gl/opendir.c, gl/readdir.c,
7698
gl/stdio.in.h, gl/strings.in.h, gl/sys_stat.in.h, gl/sys_time.in.h,
7699
gl/sys_types.in.h, gl/sys_uio.in.h, gl/tests/Makefile.am,
7700
gl/tests/dup2.c, gl/tests/infinity.h, gl/tests/init.sh,
7701
gl/tests/msvc-inval.c, gl/tests/msvc-inval.h, gl/tests/nan.h,
7702
gl/tests/pathmax.h, gl/tests/putenv.c, gl/tests/stat.c,
7703
gl/tests/test-dup2.c, gl/tests/test-fcntl-h.c,
7704
gl/tests/test-fdopen.c, gl/tests/test-fgetc.c,
7705
gl/tests/test-fprintf-posix.h, gl/tests/test-frexp.c,
7706
gl/tests/test-frexpl.c, gl/tests/test-fseeko4.c,
7707
gl/tests/test-fseeko4.sh, gl/tests/test-fstat.c,
7708
gl/tests/test-ftello4.c, gl/tests/test-ftello4.sh,
7709
gl/tests/test-isnand.h, gl/tests/test-isnanf.h,
7710
gl/tests/test-isnanl.h, gl/tests/test-pathmax.c,
7711
gl/tests/test-printf-posix.h, gl/tests/test-signbit.c,
7712
gl/tests/test-sys_socket.c, gl/tests/test-sys_stat.c,
7713
gl/tests/test-sys_types.c, gl/tests/test-time.c, gl/unistd.in.h,
7714
gl/wchar.in.h, maint.mk: Update gnulib files.
7716
2011-09-21 Simon Josefsson <simon@josefsson.org>
7718
* lib/gnutls_dtls.c, lib/pkcs11_privkey.c, lib/x509/x509.c: Fix
7719
gtk-doc Since: tags.
7721
2011-09-21 Simon Josefsson <simon@josefsson.org>
7723
* doc/manpages/Makefile.am: Generated.
7725
2011-09-21 Simon Josefsson <simon@josefsson.org>
7727
* NEWS, doc/manpages/Makefile.am, lib/includes/gnutls/x509.h,
7728
lib/libgnutls.map, lib/pkix.asn, lib/pkix_asn1_tab.c,
7729
lib/x509/x509.c, tests/Makefile.am, tests/infoaccess.c: Added
7730
gnutls_x509_crt_get_authority_info_access.
7732
2011-09-21 Simon Josefsson <simon@josefsson.org>
7734
* lib/accelerated/intel/aes-padlock.c: Make it build with -Wunused.
7736
2011-09-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7738
* src/serv.c: do not trust getaddrinfo if IPv6 is not enabled. Patch
7741
2011-09-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7743
* .gitignore, doc/scripts/split-texi.pl: Added missing files
7745
2011-09-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7747
* configure.ac, lib/gnutls_privkey.c, lib/pkcs11.c, src/cli.c:
7748
Compilation fixes when pkcs11 is not enabled.
7750
2011-09-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7752
* doc/Makefile.am, doc/gnutls.texi, doc/scripts/gdoc: enumerations
7753
are visible in the texinfo output.
7755
2011-09-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7757
* NEWS: released 3.0.3
7759
2011-09-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7761
* lib/accelerated/intel/Makefile.am: Added missing file.
7763
2011-09-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7765
* doc/gnutls.texi, doc/latex/Makefile.am: doc fixes
7767
2011-09-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7769
* NEWS, lib/accelerated/intel/aes-padlock.c: VIA is disabled by
7772
2011-09-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7774
* configure.ac, m4/hooks.m4: bumped version
7776
2011-09-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7778
* NEWS, lib/auth/cert.c: Corrected memory leak in privkey
7779
deinitialization. Reported by Dan Winship.
7781
2011-09-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7783
* lib/accelerated/accelerated.c, lib/accelerated/intel/Makefile.am,
7784
lib/accelerated/intel/aes-padlock.c,
7785
lib/accelerated/intel/aes-x86.c,
7786
lib/accelerated/intel/asm/cpuid-x86-64.s,
7787
lib/accelerated/intel/asm/cpuid-x86.s, lib/accelerated/x86.h:
7788
eliminated inline assembly.
7790
2011-09-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7792
* NEWS, lib/gnutls_dtls.c, lib/gnutls_int.h, lib/gnutls_record.c,
7793
lib/includes/gnutls/dtls.h, lib/libgnutls.map: Added
7794
gnutls_record_get_discarded() to return the number of discarded
7795
record packets in a DTLS session.
7797
2011-09-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7799
* configure.ac, lib/accelerated/Makefile.am,
7800
lib/accelerated/accelerated.c, lib/accelerated/x86.h: Added better
7801
detection of capabilities in 386. If cpuid doesn't exist don't try
7804
2011-09-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7806
* doc/cha-auth.texi, doc/scripts/mytexi2latex: updates on SRP
7809
2011-09-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7811
* src/benchmark.c: stress that values are bytes and not bits
7813
2011-09-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7815
* src/serv-gaa.c: new gaa
7817
2011-09-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7819
* doc/latex/macros.tex: removed unused macro
7821
2011-09-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7823
* doc/cha-library.texi: corrected name of gnutls_global_set_mutex.
7825
2011-09-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7827
* lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in:
7828
Functions for RSA-EXPORT were marked as deprecated.
7830
2011-09-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7832
* doc/cha-gtls-app.texi, lib/gnutls_errors.c: documentation update
7834
2011-09-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7836
* doc/cha-internals.texi: doc updates
7838
2011-09-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7840
* doc/cha-library.texi, doc/cha-support.texi: Downloading and
7841
installing moved to main document
7843
2011-09-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7845
* doc/latex/gnutls.tex: corrected page numbers.
7847
2011-09-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7849
* lib/accelerated/intel/aes-padlock.c: Do not prefer GCM in padlock
7852
2011-09-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7856
2011-09-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7858
* doc/scripts/gdoc: functions and enumerations are being added in
7861
2011-09-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7863
* doc/Makefile.am, doc/cha-gtls-app.texi, doc/cha-internals.texi,
7864
doc/gnutls-objects.eps: removed gnutls-objects.
7866
2011-09-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7868
* doc/cha-gtls-app.texi: updated
7870
2011-09-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7872
* lib/gnutls_buffers.c, lib/gnutls_record.c: clarified format of
7873
sequence number in gnutls_record_recv_seq.
7875
2011-09-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7877
* doc/cha-cert-auth.texi: Added a paragraph on opensc and trousers
7880
2011-09-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7882
* lib/accelerated/x86.h: added license
7884
2011-09-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7886
* NEWS, doc/cha-auth.texi, doc/cha-cert-auth.texi,
7887
doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
7888
doc/latex/gnutls.tex, doc/latex/macros.tex,
7889
doc/scripts/mytexi2latex, lib/includes/gnutls/gnutls.h.in: updated
7890
documentation. The function descriptions were converted to floats.
7892
2011-09-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7894
* NEWS, lib/accelerated/intel/aes-padlock.c: disable the 64-bit
7895
padlock until it is tested.
7897
2011-09-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7899
* lib/accelerated/x86.h: corrected typo in cpuid for 386.
7901
2011-09-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7903
* doc/scripts/mytexi2latex: fix on double arguments
7905
2011-09-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7907
* .gitignore, doc/cha-cert-auth.texi, doc/cha-intro-tls.texi,
7908
doc/gnutls.texi, doc/latex/Makefile.am, doc/latex/gnutls.tex,
7909
doc/latex/macros.tex, doc/scripts/gdoc, doc/scripts/mytexi2latex,
7910
doc/scripts/split.pl, lib/includes/gnutls/dtls.h,
7911
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/pkcs12.h,
7912
lib/includes/gnutls/x509.h: Modified gdoc to be able to handle
7913
enumerations. Only valid to latex.
7915
2011-09-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7917
* NEWS, lib/auth/ecdh_common.c, lib/nettle/ecc_free.c,
7918
lib/nettle/pk.c, lib/x509/verify-high.c, tests/x509cert-tl.c,
7919
tests/x509cert.c: Memory leak fixes in ECC ciphersuites and the
7922
2011-09-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7924
* lib/accelerated/intel/aes-gcm-padlock.c,
7925
lib/accelerated/intel/aes-padlock.c,
7926
lib/accelerated/intel/aes-padlock.h: simplified ecb encryption.
7928
2011-09-09 Simon Josefsson <simon@josefsson.org>
7930
* src/prime.c: Fix build warnings.
7932
2011-09-09 Simon Josefsson <simon@josefsson.org>
7934
* lib/pkcs11_write.c: Fix possible infloop and build warning about
7935
uninitialied variable.
7937
2011-09-09 Simon Josefsson <simon@josefsson.org>
7939
* lib/accelerated/intel/aes-gcm-padlock.c,
7940
lib/accelerated/intel/aes-padlock.c,
7941
lib/accelerated/intel/aes-padlock.h, lib/gnutls_sig.c,
7942
lib/gnutls_state.c, lib/gnutls_ui.c,
7943
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
7944
lib/includes/gnutls/x509.h, lib/openpgp/gnutls_openpgp.c,
7945
lib/pkcs11_privkey.c: Fix build errors.
7947
2011-09-09 Simon Josefsson <simon@josefsson.org>
7949
* doc/manpages/Makefile.am: Generated.
7951
2011-09-09 Simon Josefsson <simon@josefsson.org>
7953
* gl/m4/getcwd.m4, gl/m4/gnulib-common.m4, gl/m4/largefile.m4,
7954
gl/tests/init.sh, gl/tests/lstat.c, gl/tests/open.c,
7955
gl/tests/stat.c, gl/tests/test-float.c, gl/unistd.in.h, maint.mk:
7956
Update gnulib files.
7958
2011-09-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7960
* lib/gnutls_handshake.c, lib/gnutls_sig.c, lib/gnutls_srp.c,
7961
lib/gnutls_state.c, lib/gnutls_ui.c, lib/nettle/mac.c: converted
7962
quick data hashes to _gnutls_hash_fast and the hmac equivalent.
7964
2011-09-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7966
* lib/accelerated/intel/Makefile.am,
7967
lib/accelerated/intel/aes-gcm-padlock.c,
7968
lib/accelerated/intel/aes-padlock.c,
7969
lib/accelerated/intel/aes-padlock.h,
7970
lib/accelerated/intel/aes-x86.h, lib/accelerated/intel/padlock.c:
7971
Added padlock support to GCM ciphers.
7973
2011-09-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7975
* lib/gnutls_extensions.c: do not reset length
7977
2011-09-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7979
* NEWS, lib/gnutls_extensions.c: Do not send an empty extension
7980
structure in server hello. This affects old implementations that do
7981
not support extensions. Reported by J. Cameijo Cerdeira.
7983
2011-09-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7985
* lib/gnutls_x509.c: Corrected documentation for
7986
gnutls_certificate_set_x509_trust. Reported by Stephen Lynch.
7988
2011-09-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7990
* doc/cha-internals.texi: minimized example
7992
2011-09-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7994
* lib/accelerated/intel/asm/padlock-x86-64.s,
7995
lib/accelerated/intel/asm/padlock-x86.s: Added gnustack flag
7997
2011-09-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7999
* lib/accelerated/intel/aes-gcm-x86.c,
8000
lib/accelerated/intel/aes-x86.c, lib/accelerated/intel/padlock.c,
8001
lib/crypto-api.c, lib/crypto-backend.h, lib/ext/session_ticket.c,
8002
lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h,
8003
lib/gnutls_constate.c, lib/includes/gnutls/crypto.h,
8004
lib/nettle/cipher.c, lib/x509/privkey_pkcs8.c: Added encryption flag
8005
to simplify and optimize key expansion.
8007
2011-09-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8009
* AUTHORS, lib/accelerated/accelerated.c,
8010
lib/accelerated/intel/Makefile.am,
8011
lib/accelerated/intel/aes-gcm-x86.c,
8012
lib/accelerated/intel/aes-x86.c, lib/accelerated/intel/aes-x86.h,
8013
lib/accelerated/intel/asm/padlock-x86-64.s,
8014
lib/accelerated/intel/asm/padlock-x86.s,
8015
lib/accelerated/intel/padlock.c: Added support for VIA padlock based
8016
on Andy's code (untested).
8018
2011-09-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8020
* lib/accelerated/intel/aes-x86.c, lib/accelerated/intel/aes-x86.h:
8021
corrected AES-NI code.
8023
2011-09-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8025
* lib/gnutls_x509.c: simplified
8026
gnutls_certificate_set_x509_trust_file. It uses
8027
gnutls_certificate_set_x509_trust_mem.
8029
2011-09-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8031
* lib/gnutls_x509.c, lib/x509/x509.c: Modified fix of "Allow CA
8032
importing of 0 certificates to succeed".
8033
gnutls_x509_crt_list_import() is still failing when no certificates
8034
are found and only gnutls_certificate_set_x509_trust_mem() returns
8035
zero when no certificates are found.
8037
2011-09-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8039
* NEWS, lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
8040
lib/libgnutls.map, lib/pkcs11.c, lib/pkcs11_int.h,
8041
lib/pkcs11_privkey.c, lib/pkcs11_write.c, lib/x509/key_decode.c,
8042
lib/x509/key_encode.c, lib/x509/privkey.c, lib/x509/x509_int.h,
8043
src/certtool-common.h, src/certtool.c, src/pkcs11.c, src/prime.c:
8044
Added support to read elliptic curve public keys from PKCS #11
8047
2011-09-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8049
* NEWS, lib/includes/gnutls/pkcs11.h, lib/libgnutls.map,
8050
lib/pkcs11.c, lib/pkcs11_int.h, lib/pkcs11_privkey.c,
8051
lib/pkcs11_write.c, src/certtool-common.c, src/certtool-common.h,
8052
src/certtool-gaa.c, src/certtool.c, src/certtool.gaa,
8053
src/p11common.c, src/p11tool-gaa.c, src/p11tool-gaa.h,
8054
src/p11tool.c, src/p11tool.gaa, src/p11tool.h, src/pkcs11.c: Added
8055
gnutls_pkcs11_privkey_generate(). p11tool can be used to generate
8058
2011-09-06 Simon Josefsson <simon@josefsson.org>
8060
* NEWS, lib/x509/x509.c, tests/parse_ca.c: libgnutls: Allow CA
8061
importing of 0 certificates to succeed. Reported by Jonathan Nieder <jrnieder@gmail.com> in
8062
<http://bugs.debian.org/640639>.
8064
2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8066
* ChangeLog: updated changelog
8068
2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8070
* README, README-alpha: simplified README
8072
2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8074
* lib/accelerated/intel/aes-x86.h: documented extra alignment
8076
2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8078
* lib/gnutls_record.c: cleaned-up code
8080
2011-09-04 Andreas Metzler <ametzler@downhill.at.eu.org>
8082
* configure.ac: Add p11-kit-1 to gnutls.pc Requires.private. If building with PKCS#11 support append p11-kit-1 to gnutls.pc
8083
Requires.private. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
8085
2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8087
* .gitignore: more files to ignore
8089
2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8091
* doc/cha-gtls-app.texi: documentation updates
8093
2011-09-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8095
* lib/gnutlsxx.cpp: updated for lowat
8097
2011-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8099
* doc/cha-auth.texi, doc/cha-cert-auth.texi,
8100
doc/cha-functions.texi, doc/cha-gtls-app.texi,
8101
doc/cha-intro-tls.texi: documentation updates. @acronym was removed
8104
2011-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8106
* lib/includes/gnutls/compat.h: set_lowat was removed as a macro.
8108
2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8110
* doc/cha-programs.texi: simplified examples
8112
2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8114
* doc/examples/ex-serv-pgp.c, tests/openpgp-certs/testcerts:
8115
explicitly enable openpgp certtype in tests.
8117
2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8121
2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8123
* configure.ac, m4/hooks.m4: bumped version
8125
2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8127
* doc/cha-bib.texi, doc/cha-gtls-app.texi, doc/latex/gnutls.bib:
8130
2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8132
* tests/openpgpself.c: explicitly enable openpgp certtype in tests.
8134
2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8136
* doc/cha-gtls-app.texi, lib/system_override.c: Added documentation
8137
on asynchronous operation.
8139
2011-08-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8141
* configure.ac: do not exit configure if p11-kit is not found.
8143
2011-08-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8145
* NEWS, lib/gnutls_priority.c: OpenPGP certificate type priority is
8146
not enabled by default.
8148
2011-08-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8150
* NEWS, doc/cha-gtls-app.texi, lib/gnutls_handshake.c,
8151
lib/gnutls_int.h, lib/gnutls_priority.c: Added %NO_EXTENSIONS
8154
2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8156
* doc/printlist.c: doc fixes
8158
2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8160
* tests/suite/testcompat-main: disabled test
8162
2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8164
* libextra/openssl_compat.c, libextra/openssl_compat.h: removed old
8165
and unused compatibility functions.
8167
2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8169
* lib/includes/gnutls/x509.h, lib/x509/crl.c, lib/x509/crq.c,
8170
lib/x509/extensions.c, lib/x509/key_decode.c, lib/x509/output.c,
8171
lib/x509/privkey.c, lib/x509/x509.c, lib/x509/x509_int.h,
8172
libextra/gnutls_openssl.c, src/crywrap/crywrap.c: corrected sign
8173
type errors for integers.
8175
2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8177
* lib/gnutls_record.c: Corrected error checking in
8180
2011-08-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8182
* doc/cha-gtls-app.texi: doc updates
8184
2011-08-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8186
* NEWS, src/certtool-cfg.c, src/common.h: removed unneeded header.
8189
2011-08-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8191
* lib/nettle/ecc.h, lib/nettle/ecc_free.c,
8192
lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
8193
lib/nettle/ecc_mulmod.c, lib/nettle/ecc_projective_add_point.c,
8194
lib/nettle/ecc_projective_dbl_point.c,
8195
lib/nettle/ecc_projective_dbl_point_3.c,
8196
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
8197
lib/nettle/ecc_verify_hash.c: Avoid assert() and do not include
8200
2011-08-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8202
* tests/suite/testcompat: skip if datefudge is not available
8204
2011-08-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8206
* lib/accelerated/x86.h: Modified cpuid for 32-bit x86 to avoid a
8207
gcc issue (not finding a register).
8209
2011-08-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8211
* NEWS, src/Makefile.am, src/benchmark-cipher.c,
8212
src/benchmark-tls.c, src/benchmark.h, src/cli-gaa.c, src/cli-gaa.h,
8213
src/cli.gaa: Benchmark applications were incorporated to gnutls-cli
8215
2011-08-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8217
* lib/algorithms/ciphersuites.c: Corrected DH-ANON ciphersuite
8220
2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8222
* doc/cha-cert-auth.texi, doc/gnutls-pgp.eps, doc/gnutls-x509.eps:
8225
2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8227
* NEWS, lib/x509/x509.c: XmppAddr -> UTF8String
8229
2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8231
* lib/openpgp/gnutls_openpgp.c, lib/openpgp/privkey.c,
8232
lib/x509/x509.c: more updates in private key copy.
8234
2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8236
* lib/accelerated/intel/aes-x86.h: removed unused variable.
8238
2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8240
* NEWS, lib/gnutls_privkey.c, lib/gnutls_x509.c,
8241
lib/includes/gnutls/abstract.h, lib/openpgp/gnutls_openpgp.c,
8242
lib/openpgp/gnutls_openpgp.h, lib/openpgp/privkey.c,
8243
lib/x509/x509.c: gnutls_certificate_set_x509_key() and
8244
gnutls_certificate_set_openpgp_key() operate as in gnutls 2.10.x and
8245
do not require to hold the structures.
8247
2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8249
* lib/accelerated/intel/aes-gcm-x86.c,
8250
lib/accelerated/intel/aes-x86.c: removed unused variables.
8252
2011-08-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8254
* lib/gnutls_record.c: Allow out-of-order change_cipher_spec in
8257
2011-08-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8259
* doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
8260
doc/cha-intro-tls.texi, doc/examples/ex-cert-select-pkcs11.c,
8261
lib/gnutls_buffers.c, lib/gnutls_pubkey.c, lib/gnutls_record.c:
8262
documentation changes.
8264
2011-08-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8266
* doc/examples/ex-client-srp.c, doc/examples/ex-serv-srp.c:
8267
gnutls/extra.h is not required for SRP.
8269
2011-08-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8271
* doc/latex/gnutls.tex: leave an empty page
8273
2011-08-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8275
* doc/cha-auth.texi, doc/cha-bib.texi, doc/cha-cert-auth.texi,
8276
doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
8277
doc/latex/gnutls.bib, doc/latex/gnutls.tex: documentation updates
8279
2011-08-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8281
* lib/nettle/rnd.c: unlock rnd mutex on error.
8283
2011-08-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8285
* doc/cha-bib.texi, doc/latex/gnutls.bib: bibliography updated
8287
2011-08-22 Andreas Metzler <ametzler@debian.org>
8289
* lib/libgnutls.map: Export export_gnutls_openpgp_privkey_sign_hash. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
8291
2011-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8293
* lib/gnutls_buffers.c, lib/system.c: AIX check moved to system.c.
8295
2011-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8297
* src/crywrap/crywrap.c: Handle memory allocation errors.
8299
2011-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8301
* doc/manpages/Makefile.am, doc/manpages/crywrap.8: The crywrap
8302
manpage was removed due to license reasons.
8304
2011-08-22 Ludovic Courtès <ludo@gnu.org>
8306
* guile/tests/priorities.scm: guile: Fix `priorities' test to use
8307
`run-test'. This is a followup to commit
8308
cd7b8102316cd4151356c4b2b7909c7435593890 ("guile: Fix tests to match
8309
the `exit' behavior introduced in Guile 2.0.1.").
8311
2011-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8313
* src/crywrap/Makefile.am: include README to distribution.
8315
2011-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8317
* lib/gnutls_ui.c: documentation fixes.
8319
2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8321
* doc/cha-cert-auth.texi, doc/cha-internals.texi,
8322
doc/cha-intro-tls.texi, doc/cha-library.texi,
8323
doc/scripts/mytexi2latex: Use texinfo's word break.
8325
2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8327
* NEWS, m4/hooks.m4: updated for release
8329
2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8331
* src/crywrap/Makefile.am: Added missing file
8333
2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8335
* po/cs.po.in, po/fi.po.in, po/nl.po.in, po/pl.po.in, po/sv.po.in,
8336
po/uk.po.in: Sync with TP.
8338
2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8340
* lib/Makefile.am: corrected typo
8342
2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8344
* lib/gnutls_buffers.c: Added hack for AIX systems that may not set
8345
errno property on EAGAIN.
8347
2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8349
* doc/examples/ex-cert-select-pkcs11.c: simplified PKCS #11 token
8352
2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8354
* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
8355
lib/gnutls_record.c, lib/system_override.c: documentation updates
8357
2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8359
* .gitignore: updated ignored files.
8361
2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8363
* tests/resume.c: Corrected session resumption test.
8365
2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8367
* tests/utils.c: Avoid using vfprintf() and use a combination of
8368
vsnprintf and fputs instead. My gnulib has issues with them.
8370
2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8372
* gl/Makefile.am, gl/m4/gnulib-cache.m4: added vfprintf-posix
8375
2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8377
* configure.ac: depend on p11-kit 0.4+.
8379
2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8381
* NEWS, lib/Makefile.am, lib/auth/cert.c, lib/auth/cert.h,
8382
lib/gnutls_cert.c, lib/gnutls_str_array.h, lib/gnutls_x509.c,
8383
lib/openpgp/gnutls_openpgp.c: Removed the limitation of one name per
8386
2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8388
* doc/cha-auth.texi: rephrased text on anonymous authentication.
8390
2011-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8392
* doc/cha-programs.texi: small update in psktool
8394
2011-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8396
* NEWS: updated crywrap
8398
2011-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8400
* NEWS: documented changes
8402
2011-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8404
* lib/auth/cert.c, lib/auth/cert.h, lib/gnutls_cert.c,
8405
lib/gnutls_state.c, lib/gnutls_ui.c, lib/gnutls_x509.c,
8406
lib/openpgp/gnutls_openpgp.c: gnutls_certificate_set_x509_key_file()
8407
and friends support server name indication. If multiple
8408
certificates are set using this function the proper one will be
8409
selected during a handshake, with the limitation of a single name
8412
2011-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8414
* lib/x509/x509.c: Documentation fixes.
8416
2011-08-17 Simon Josefsson <simon@josefsson.org>
8418
* cfg.mk, src/crywrap/crywrap.c: Fix syntax-check nits.
8420
2011-08-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8422
* NEWS, lib/algorithms/ciphers.c: Added AES-256-GCM. Reported by
8425
2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8427
* NEWS: documented fix
8429
2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8431
* lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, src/p11common.c:
8432
Introduced GNUTLS_PKCS11_PIN_WRONG flag to indicate the previously
8435
2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8437
* NEWS: documented fix
8439
2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8441
* doc/cha-programs.texi: some discussion on tokens.
8443
2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8445
* lib/pkcs11.c: Corrected issue when asking multiple times for PIN.
8447
2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8449
* configure.ac: corrected configure test
8451
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8453
* src/crywrap/crywrap.c: dhparams have now the 'r' option.
8455
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8457
* src/crywrap/crywrap.c: use audit_log
8459
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8461
* src/crywrap/crywrap.c, src/crywrap/crywrap.h: removed unneeded
8464
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8466
* src/cli.c: unload_file was modified to accept a pointer.
8468
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8470
* NEWS, src/crywrap/Makefile.am, src/crywrap/crywrap.c: corrected
8471
child process cleanup and added option to specify diffie hellman
8474
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8476
* .gitignore: more files to ignore
8478
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8480
* doc/manpages/crywrap.8, src/crywrap/crywrap.c,
8481
src/crywrap/crywrap.h: Corrected crywrap's verification procedure.
8483
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8485
* src/serv.c: use gnutls_sec_param_to_pk_bits() for DH parameter
8488
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8490
* .gitignore, configure.ac, doc/manpages/Makefile.am,
8491
doc/manpages/crywrap.8, gl/Makefile.am, gl/alphasort.c,
8492
gl/argp-ba.c, gl/argp-eexst.c, gl/argp-fmtstream.c,
8493
gl/argp-fmtstream.h, gl/argp-fs-xinl.c, gl/argp-help.c,
8494
gl/argp-namefrob.h, gl/argp-parse.c, gl/argp-pin.c, gl/argp-pv.c,
8495
gl/argp-pvh.c, gl/argp-xinl.c, gl/argp.h, gl/basename-lgpl.c,
8496
gl/dirent.in.h, gl/dirname-lgpl.c, gl/dirname.h, gl/dosname.h,
8497
gl/fpucw.h, gl/frexp.c, gl/frexpl.c, gl/fseeko.c, gl/fseterr.c,
8498
gl/fseterr.h, gl/getopt.c, gl/getopt.in.h, gl/getopt1.c,
8499
gl/getopt_int.h, gl/getsubopt.c, gl/isnan.c, gl/isnand-nolibm.h,
8500
gl/isnand.c, gl/isnanf-nolibm.h, gl/isnanf.c, gl/isnanl-nolibm.h,
8501
gl/isnanl.c, gl/m4/alphasort.m4, gl/m4/argp.m4, gl/m4/dirent_h.m4,
8502
gl/m4/dirname.m4, gl/m4/double-slash-root.m4, gl/m4/dup2.m4,
8503
gl/m4/eealloc.m4, gl/m4/environ.m4, gl/m4/exponentd.m4,
8504
gl/m4/exponentf.m4, gl/m4/exponentl.m4, gl/m4/frexp.m4,
8505
gl/m4/frexpl.m4, gl/m4/getcwd.m4, gl/m4/getopt.m4,
8506
gl/m4/getsubopt.m4, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
8507
gl/m4/isnand.m4, gl/m4/isnanf.m4, gl/m4/isnanl.m4, gl/m4/ldexpl.m4,
8508
gl/m4/lstat.m4, gl/m4/malloca.m4, gl/m4/math_h.m4,
8509
gl/m4/mempcpy.m4, gl/m4/mode_t.m4, gl/m4/nocrash.m4, gl/m4/open.m4,
8510
gl/m4/printf-frexp.m4, gl/m4/printf-frexpl.m4, gl/m4/putenv.m4,
8511
gl/m4/rawmemchr.m4, gl/m4/scandir.m4, gl/m4/setenv.m4,
8512
gl/m4/signbit.m4, gl/m4/sleep.m4, gl/m4/stat.m4,
8513
gl/m4/strchrnul.m4, gl/m4/strndup.m4, gl/m4/strnlen.m4,
8514
gl/m4/symlink.m4, gl/m4/sysexits.m4, gl/m4/vfprintf-posix.m4,
8515
gl/m4/vprintf-posix.m4, gl/math.in.h, gl/mempcpy.c,
8516
gl/printf-frexp.c, gl/printf-frexp.h, gl/printf-frexpl.c,
8517
gl/printf-frexpl.h, gl/rawmemchr.c, gl/rawmemchr.valgrind,
8518
gl/scandir.c, gl/signbitd.c, gl/signbitf.c, gl/signbitl.c,
8519
gl/sleep.c, gl/strchrnul.c, gl/strchrnul.valgrind, gl/stripslash.c,
8520
gl/strndup.c, gl/strnlen.c, gl/sysexits.in.h, gl/tests/Makefile.am,
8521
gl/tests/dummy.c, gl/tests/dup2.c, gl/tests/fpucw.h,
8522
gl/tests/getcwd-lgpl.c, gl/tests/ignore-value.h, gl/tests/lstat.c,
8523
gl/tests/malloca.c, gl/tests/malloca.h, gl/tests/malloca.valgrind,
8524
gl/tests/minus-zero.h, gl/tests/nan.h, gl/tests/open.c,
8525
gl/tests/putenv.c, gl/tests/same-inode.h, gl/tests/setenv.c,
8526
gl/tests/stat.c, gl/tests/symlink.c, gl/tests/test-argp-2.sh,
8527
gl/tests/test-argp.c, gl/tests/test-dirent.c, gl/tests/test-dup2.c,
8528
gl/tests/test-environ.c, gl/tests/test-fprintf-posix.h,
8529
gl/tests/test-frexp.c, gl/tests/test-frexpl.c,
8530
gl/tests/test-fseeko3.c, gl/tests/test-fseeko3.sh,
8531
gl/tests/test-fseterr.c, gl/tests/test-getcwd-lgpl.c,
8532
gl/tests/test-getopt.c, gl/tests/test-getopt.h,
8533
gl/tests/test-getopt_long.h, gl/tests/test-ignore-value.c,
8534
gl/tests/test-isnand-nolibm.c, gl/tests/test-isnand.h,
8535
gl/tests/test-isnanf-nolibm.c, gl/tests/test-isnanf.h,
8536
gl/tests/test-isnanl-nolibm.c, gl/tests/test-isnanl.h,
8537
gl/tests/test-lstat.c, gl/tests/test-lstat.h,
8538
gl/tests/test-malloc-gnu.c, gl/tests/test-malloca.c,
8539
gl/tests/test-math.c, gl/tests/test-open.c, gl/tests/test-open.h,
8540
gl/tests/test-printf-frexp.c, gl/tests/test-printf-frexpl.c,
8541
gl/tests/test-printf-posix.h, gl/tests/test-printf-posix.output,
8542
gl/tests/test-rawmemchr.c, gl/tests/test-setenv.c,
8543
gl/tests/test-signbit.c, gl/tests/test-sleep.c,
8544
gl/tests/test-stat.c, gl/tests/test-stat.h,
8545
gl/tests/test-strchrnul.c, gl/tests/test-strnlen.c,
8546
gl/tests/test-symlink.c, gl/tests/test-symlink.h,
8547
gl/tests/test-sysexits.c, gl/tests/test-unsetenv.c,
8548
gl/tests/test-vfprintf-posix.c, gl/tests/test-vfprintf-posix.sh,
8549
gl/tests/test-vprintf-posix.c, gl/tests/test-vprintf-posix.sh,
8550
gl/tests/unsetenv.c, gl/vfprintf.c, gl/vprintf.c, m4/hooks.m4,
8551
src/Makefile.am, src/crywrap/Makefile.am, src/crywrap/README,
8552
src/crywrap/crywrap.c, src/crywrap/crywrap.h, src/crywrap/primes.h:
8553
Added crywrap to the distributed programs.
8555
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8557
* lib/accelerated/intel/.gitignore: files to ignore
8559
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8561
* doc/cha-internals.texi: doc updates
8563
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8565
* doc/cha-auth.texi, doc/cha-cert-auth.texi,
8566
doc/cha-ciphersuites.texi, doc/cha-errors.texi,
8567
doc/cha-functions.texi, doc/cha-gtls-app.texi,
8568
doc/cha-internals.texi, doc/cha-intro-tls.texi,
8569
doc/cha-library.texi, doc/cha-support.texi: do not use capitals in
8572
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8574
* .gitignore, doc/latex/.gitignore: more files to ignore.
8576
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8578
* NEWS, lib/pkcs11.c: If a module is dlopened twice, then
8579
deinitialize the second load.
8581
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8583
* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
8584
doc/cha-library.texi, lib/gnutls_buffers.c, lib/gnutls_record.c:
8585
documentation updates
8587
2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8589
* doc/cha-library.texi: memory handling section is no longer
8592
2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8594
* doc/cha-gtls-app.texi: Added discussion on DTLS functionality
8596
2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8598
* doc/cha-programs.texi, doc/cha-support.texi, doc/cha-tls-app.texi:
8601
2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8603
* doc/cha-gtls-app.texi: updated openssl text
8605
2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8607
* doc/cha-gtls-app.texi: correct typos
8609
2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8611
* doc/manpages/gnutls-cli.1: do not escape \#
8613
2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8615
* doc/cha-cert-auth.texi, doc/cha-intro-tls.texi: more updates
8617
2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8619
* doc/cha-bib.texi, doc/cha-preface.texi, doc/latex/gnutls.bib:
8620
Added reference to anderson's book
8622
2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8624
* doc/Makefile.am, doc/cha-cert-auth.texi, doc/cha-internals.texi,
8625
doc/gnutls-certificate-user-use-case.eps,
8626
doc/gnutls-extensions.eps, doc/gnutls.texi,
8627
doc/scripts/mytexi2latex, lib/x509/crl_write.c, lib/x509/crq.c,
8628
lib/x509/pkcs12.c, lib/x509/privkey_pkcs8.c, lib/x509/x509.c:
8629
Internals section updated.
8631
2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8633
* doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/examples/ex-crq.c,
8634
lib/gnutls_pubkey.c, lib/includes/gnutls/compat.h,
8635
lib/includes/gnutls/x509.h, lib/pkcs11.c, lib/pkcs11_write.c,
8636
lib/x509/crq.c: Documentation updates. gnutls_x509_crq_sign2() and
8637
gnutls_x509_crl_sign2() were removed from the deprecate list to ease
8638
generation of crl and crq structures.
8640
2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8642
* doc/alert-printlist.c, doc/cha-intro-tls.texi,
8643
doc/cha-library.texi, doc/cha-programs.texi, doc/errcodes.c,
8644
doc/printlist.c: updates
8646
2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8648
* doc/latex/gnutls.tex: changed paper size.
8650
2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8652
* lib/gnutls_global.c: doc update
8654
2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8656
* doc/alert-printlist.c, doc/errcodes.c, doc/printlist.c: reduced
8657
space taken by descriptions.
8659
2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8661
* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi: more updates.
8663
2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8665
* NEWS: documented fixes
8667
2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8669
* lib/accelerated/intel/aes-x86.c, lib/accelerated/intel/aes-x86.h:
8670
Force alignment for AES-NI to the runtime rather than on the
8671
structures. Corrects issue on some systems (reported by Andreas
8674
2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8676
* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
8677
doc/cha-library.texi, lib/system_override.c: Added session
8678
initialization discussion
8680
2011-08-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8682
* doc/cha-cert-auth.texi: more updates
8684
2011-08-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8686
* doc/cha-auth.texi, doc/cha-gtls-app.texi, lib/gnutls_psk.c,
8687
lib/gnutls_x509.c, lib/openpgp/gnutls_openpgp.c: updated
8690
2011-08-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8692
* lib/pkcs11.c: document flags
8694
2011-08-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8696
* NEWS: corrected typo
8698
2011-08-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8700
* lib/README: removed reference to pakchois
8702
2011-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8704
* lib/pkcs11.c: Prevent from loading twice the same module.
8706
2011-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8708
* lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s,
8709
lib/accelerated/intel/asm/appro-aes-x86-64.s,
8710
lib/accelerated/intel/asm/appro-aes-x86.s: Added note.GNU-stack to
8711
prevent marking the library as using an executable stack. Reported
8714
2011-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8716
* configure.ac: bumped version
8718
2011-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8720
* lib/accelerated/intel/asm/appro-aes-x86-64.s,
8721
lib/accelerated/intel/asm/appro-aes-x86.s: Included appro's updates
8724
2011-08-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8726
* lib/auth/cert.c: better placement of ifdefs.
8728
2011-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8730
* doc/Makefile.am, doc/cha-gtls-app.texi, doc/cha-internals.texi,
8731
doc/gnutls-extensions.eps, doc/gnutls-extensions_st.eps,
8732
doc/gnutls-mod_auth_st.eps, doc/gnutls-modauth.eps,
8733
doc/latex/Makefile.am, doc/latex/gnutls.tex,
8734
doc/scripts/mytexi2latex: Added discussion of the provided
8735
cryptographic functions. Internals is now included in the latex
8736
document (needs rewrite though)
8738
2011-08-03 Simon Josefsson <simon@josefsson.org>
8740
* lib/Makefile.am, lib/accelerated/Makefile.am,
8741
lib/accelerated/accelerated.c, lib/accelerated/cryptodev.c,
8742
lib/accelerated/intel/Makefile.am,
8743
lib/accelerated/intel/aes-gcm-x86.c,
8744
lib/accelerated/intel/aes-x86.c, lib/algorithms.h,
8745
lib/algorithms/Makefile.am, lib/algorithms/cert_types.c,
8746
lib/algorithms/ciphers.c, lib/algorithms/ciphersuites.c,
8747
lib/algorithms/ecc.c, lib/algorithms/kx.c, lib/algorithms/mac.c,
8748
lib/algorithms/protocols.c, lib/algorithms/publickey.c,
8749
lib/algorithms/secparams.c, lib/algorithms/sign.c,
8750
lib/auth/Makefile.am, lib/auth/anon.c, lib/auth/anon.h,
8751
lib/auth/anon_ecdh.c, lib/auth/cert.c, lib/auth/cert.h,
8752
lib/auth/dh_common.c, lib/auth/dh_common.h, lib/auth/dhe.c,
8753
lib/auth/dhe_psk.c, lib/auth/ecdh_common.c, lib/auth/ecdh_common.h,
8754
lib/auth/psk.c, lib/auth/psk.h, lib/auth/psk_passwd.c,
8755
lib/auth/psk_passwd.h, lib/auth/rsa.c, lib/auth/rsa_export.c,
8756
lib/auth/srp.c, lib/auth/srp.h, lib/auth/srp_passwd.c,
8757
lib/auth/srp_passwd.h, lib/auth/srp_rsa.c, lib/auth/srp_sb64.c,
8758
lib/crypto-api.c, lib/crypto-backend.c, lib/crypto-backend.h,
8759
lib/crypto.h, lib/debug.c, lib/debug.h, lib/ext/Makefile.am,
8760
lib/ext/cert_type.c, lib/ext/cert_type.h, lib/ext/ecc.c,
8761
lib/ext/ecc.h, lib/ext/max_record.c, lib/ext/max_record.h,
8762
lib/ext/safe_renegotiation.c, lib/ext/safe_renegotiation.h,
8763
lib/ext/server_name.c, lib/ext/server_name.h,
8764
lib/ext/session_ticket.c, lib/ext/session_ticket.h,
8765
lib/ext/signature.c, lib/ext/signature.h, lib/ext/srp.c,
8766
lib/ext/srp.h, lib/gcrypt/Makefile.am, lib/gcrypt/cipher.c,
8767
lib/gcrypt/init.c, lib/gcrypt/mac.c, lib/gcrypt/mpi.c,
8768
lib/gcrypt/pk.c, lib/gcrypt/rnd.c, lib/gnutls_alert.c,
8769
lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_auth.h,
8770
lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_cert.c,
8771
lib/gnutls_cipher.c, lib/gnutls_cipher.h, lib/gnutls_cipher_int.c,
8772
lib/gnutls_cipher_int.h, lib/gnutls_compress.c,
8773
lib/gnutls_compress.h, lib/gnutls_constate.c,
8774
lib/gnutls_constate.h, lib/gnutls_datum.c, lib/gnutls_datum.h,
8775
lib/gnutls_db.c, lib/gnutls_db.h, lib/gnutls_dh.c, lib/gnutls_dh.h,
8776
lib/gnutls_dh_primes.c, lib/gnutls_dtls.c, lib/gnutls_dtls.h,
8777
lib/gnutls_ecc.c, lib/gnutls_errors.c, lib/gnutls_errors.h,
8778
lib/gnutls_extensions.c, lib/gnutls_extensions.h,
8779
lib/gnutls_global.c, lib/gnutls_global.h, lib/gnutls_handshake.c,
8780
lib/gnutls_handshake.h, lib/gnutls_hash_int.c,
8781
lib/gnutls_hash_int.h, lib/gnutls_helper.c, lib/gnutls_int.h,
8782
lib/gnutls_kx.c, lib/gnutls_kx.h, lib/gnutls_mbuffers.c,
8783
lib/gnutls_mbuffers.h, lib/gnutls_mem.c, lib/gnutls_mem.h,
8784
lib/gnutls_mpi.c, lib/gnutls_mpi.h, lib/gnutls_num.c,
8785
lib/gnutls_num.h, lib/gnutls_pcert.c, lib/gnutls_pk.c,
8786
lib/gnutls_pk.h, lib/gnutls_priority.c, lib/gnutls_privkey.c,
8787
lib/gnutls_psk.c, lib/gnutls_pubkey.c, lib/gnutls_record.c,
8788
lib/gnutls_record.h, lib/gnutls_rsa_export.c,
8789
lib/gnutls_rsa_export.h, lib/gnutls_session.c,
8790
lib/gnutls_session_pack.c, lib/gnutls_session_pack.h,
8791
lib/gnutls_sig.c, lib/gnutls_sig.h, lib/gnutls_srp.c,
8792
lib/gnutls_srp.h, lib/gnutls_state.c, lib/gnutls_state.h,
8793
lib/gnutls_str.c, lib/gnutls_str.h, lib/gnutls_supplemental.c,
8794
lib/gnutls_supplemental.h, lib/gnutls_ui.c, lib/gnutls_v2_compat.c,
8795
lib/gnutls_v2_compat.h, lib/gnutls_x509.c, lib/gnutls_x509.h,
8796
lib/hash.c, lib/includes/Makefile.am,
8797
lib/includes/gnutls/abstract.h, lib/includes/gnutls/compat.h,
8798
lib/includes/gnutls/crypto.h, lib/includes/gnutls/dtls.h,
8799
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/gnutlsxx.h,
8800
lib/includes/gnutls/openpgp.h, lib/includes/gnutls/pkcs11.h,
8801
lib/includes/gnutls/pkcs12.h, lib/includes/gnutls/x509.h,
8802
lib/libgnutls.map, lib/libgnutlsxx.map, lib/locks.c,
8803
lib/nettle/Makefile.am, lib/nettle/cipher.c, lib/nettle/ecc_free.c,
8804
lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
8805
lib/nettle/ecc_mulmod.c, lib/nettle/ecc_points.c,
8806
lib/nettle/ecc_projective_add_point.c,
8807
lib/nettle/ecc_projective_dbl_point.c,
8808
lib/nettle/ecc_projective_dbl_point_3.c,
8809
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
8810
lib/nettle/ecc_verify_hash.c, lib/nettle/egd.c, lib/nettle/init.c,
8811
lib/nettle/mac.c, lib/nettle/mpi.c, lib/nettle/pk.c,
8812
lib/nettle/rnd.c, lib/opencdk/Makefile.am, lib/opencdk/armor.c,
8813
lib/opencdk/context.h, lib/opencdk/filters.h, lib/opencdk/hash.c,
8814
lib/opencdk/kbnode.c, lib/opencdk/keydb.c, lib/opencdk/literal.c,
8815
lib/opencdk/main.c, lib/opencdk/main.h, lib/opencdk/misc.c,
8816
lib/opencdk/new-packet.c, lib/opencdk/opencdk.h,
8817
lib/opencdk/packet.h, lib/opencdk/pubkey.c,
8818
lib/opencdk/read-packet.c, lib/opencdk/seskey.c,
8819
lib/opencdk/sig-check.c, lib/opencdk/stream.c,
8820
lib/opencdk/stream.h, lib/opencdk/types.h,
8821
lib/opencdk/write-packet.c, lib/openpgp/Makefile.am,
8822
lib/openpgp/compat.c, lib/openpgp/extras.c,
8823
lib/openpgp/gnutls_openpgp.c, lib/openpgp/output.c,
8824
lib/openpgp/pgp.c, lib/openpgp/pgpverify.c, lib/openpgp/privkey.c,
8825
lib/pkcs11.c, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
8826
lib/pkcs11_write.c, lib/random.c, lib/random.h, lib/system.c,
8827
lib/system_override.c, lib/x509/Makefile.am, lib/x509/common.c,
8828
lib/x509/common.h, lib/x509/crl.c, lib/x509/crl_write.c,
8829
lib/x509/crq.c, lib/x509/dn.c, lib/x509/extensions.c,
8830
lib/x509/key_decode.c, lib/x509/key_encode.c, lib/x509/mpi.c,
8831
lib/x509/output.c, lib/x509/pbkdf2-sha1.c, lib/x509/pkcs12.c,
8832
lib/x509/pkcs12_bag.c, lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c,
8833
lib/x509/privkey.c, lib/x509/privkey_pkcs8.c,
8834
lib/x509/rfc2818_hostname.c, lib/x509/sign.c,
8835
lib/x509/verify-high.c, lib/x509/verify.c, lib/x509/x509.c,
8836
lib/x509/x509_int.h, lib/x509/x509_write.c, lib/x509_b64.c,
8837
lib/x509_b64.h: Clarify license and copyright.
8839
2011-08-03 Simon Josefsson <simon@josefsson.org>
8841
* README: Clarify licensing.
8843
2011-08-03 Simon Josefsson <simon@josefsson.org>
8845
* lib/AUTHORS, lib/ChangeLog, lib/NEWS, lib/autogen.sh,
8846
lib/build-aux/arg-nonnull.h, lib/build-aux/c++defs.h,
8847
lib/build-aux/config.rpath, lib/build-aux/warn-on-use.h,
8848
libextra/AUTHORS, libextra/COPYING, libextra/ChangeLog,
8849
libextra/NEWS, libextra/README, libextra/build-aux/config.rpath:
8850
Remove unused files.
8852
2011-08-03 Simon Josefsson <simon@josefsson.org>
8854
* libextra/includes/gnutls/extra.h: Finish removal of inner
8855
application extension support.
8857
2011-08-03 Simon Josefsson <simon@josefsson.org>
8859
* lib/includes/gnutls/abstract.h, lib/includes/gnutls/dtls.h: More
8862
2011-08-03 Simon Josefsson <simon@josefsson.org>
8864
* .x-sc_GPL_version, .x-sc_avoid_if_before_free,
8865
.x-sc_bindtextdomain, .x-sc_cast_of_alloca_return_value,
8866
.x-sc_cast_of_argument_to_free, .x-sc_file_system,
8867
.x-sc_m4_quote_check, .x-sc_makefile_check, .x-sc_program_name,
8868
.x-sc_prohibit_HAVE_MBRTOWC, .x-sc_prohibit_S_IS_definition,
8869
.x-sc_prohibit_empty_lines_at_EOF,
8870
.x-sc_prohibit_strings_without_use, .x-sc_space_tab, .x-sc_the_the,
8871
.x-sc_two_space_separator_in_usage, .x-sc_useless_cpp_parens,
8872
GNUmakefile, THANKS, build-aux/arg-nonnull.h, build-aux/c++defs.h,
8873
build-aux/config.rpath, build-aux/snippet/_Noreturn.h,
8874
build-aux/snippet/arg-nonnull.h, build-aux/snippet/c++defs.h,
8875
build-aux/snippet/warn-on-use.h, build-aux/useless-if-before-free,
8876
build-aux/vc-list-files, build-aux/warn-on-use.h, cfg.mk,
8877
configure.ac, doc/Makefile.am, gl/Makefile.am, gl/alignof.h,
8878
gl/alloca.c, gl/errno.in.h, gl/error.c, gl/float.c, gl/float.in.h,
8879
gl/fseek.c, gl/fseeko.c, gl/ftell.c, gl/intprops.h,
8880
gl/m4/alloca.m4, gl/m4/errno_h.m4, gl/m4/error.m4,
8881
gl/m4/extensions.m4, gl/m4/float_h.m4, gl/m4/fpieee.m4,
8882
gl/m4/fseek.m4, gl/m4/fseeko.m4, gl/m4/ftell.m4, gl/m4/ftello.m4,
8883
gl/m4/getdelim.m4, gl/m4/getline.m4, gl/m4/getpagesize.m4,
8884
gl/m4/getpass.m4, gl/m4/gettime.m4, gl/m4/gettimeofday.m4,
8885
gl/m4/gnulib-cache.m4, gl/m4/gnulib-common.m4,
8886
gl/m4/gnulib-comp.m4, gl/m4/hmac-md5.m4, gl/m4/include_next.m4,
8887
gl/m4/largefile.m4, gl/m4/lseek.m4, gl/m4/malloc.m4, gl/m4/md5.m4,
8888
gl/m4/memchr.m4, gl/m4/memmem.m4, gl/m4/memxor.m4,
8889
gl/m4/mmap-anon.m4, gl/m4/po.m4, gl/m4/printf.m4,
8890
gl/m4/read-file.m4, gl/m4/realloc.m4, gl/m4/snprintf.m4,
8891
gl/m4/strcase.m4, gl/m4/strdup.m4, gl/m4/strerror.m4,
8892
gl/m4/string_h.m4, gl/m4/strings_h.m4, gl/m4/strverscmp.m4,
8893
gl/m4/time_r.m4, gl/m4/vsnprintf.m4, gl/m4/warn-on-use.m4,
8894
gl/m4/warnings.m4, gl/netdb.in.h, gl/netinet_in.in.h,
8895
gl/stdarg.in.h, gl/stddef.in.h, gl/stdint.in.h, gl/stdio.in.h,
8896
gl/stdlib.in.h, gl/strerror-override.c, gl/strerror-override.h,
8897
gl/strerror.c, gl/string.in.h, gl/strings.in.h, gl/sys_socket.in.h,
8898
gl/sys_stat.in.h, gl/sys_time.in.h, gl/sys_uio.in.h,
8899
gl/tests/Makefile.am, gl/tests/fcntl.in.h, gl/tests/fpucw.h,
8900
gl/tests/init.sh, gl/tests/macros.h, gl/tests/test-float.c,
8901
gl/tests/test-fseek.c, gl/tests/test-fseek.sh,
8902
gl/tests/test-fseek2.sh, gl/tests/test-ftell.c,
8903
gl/tests/test-ftell.sh, gl/tests/test-ftell2.sh,
8904
gl/tests/test-ftell3.c, gl/tests/test-intprops.c,
8905
gl/tests/test-snprintf.c, gl/tests/test-strerror.c,
8906
gl/tests/test-vc-list-files-cvs.sh,
8907
gl/tests/test-vc-list-files-git.sh, gl/tests/test-verify.c,
8908
gl/tests/test-vsnprintf.c, gl/time.in.h, gl/timespec.h,
8909
gl/unistd.in.h, gl/verify.h, gl/wchar.in.h, lib/Makefile.am,
8910
lib/hash.c, lib/pkcs11_privkey.c, maint.mk, src/benchmark-cipher.c,
8911
src/certtool.c, src/cli.c, src/serv.c, tests/Makefile.am,
8912
tests/scripts/common.sh: Update gnulib files. Fix syntax-check
8915
2011-08-03 Simon Josefsson <simon@josefsson.org>
8917
* NEWS, README: Add NEWS entries. Use copyright ranges (now
8920
2011-08-03 Simon Josefsson <simon@josefsson.org>
8922
* po/LINGUAS, po/cs.po.in, po/fi.po.in, po/nl.po.in, po/pl.po.in,
8923
po/sv.po.in, po/uk.po.in: Sync with TP.
8925
2011-08-02 Simon Josefsson <simon@josefsson.org>
8927
* doc/manpages/Makefile.am, doc/reference/Makefile.am,
8928
doc/reference/gnutls-docs.sgml, lib/algorithms/secparams.c,
8929
lib/crypto-api.c, lib/gnutls_cert.c, lib/gnutls_db.c,
8930
lib/gnutls_global.c, lib/gnutls_privkey.c, lib/gnutls_pubkey.c,
8931
lib/includes/gnutls/abstract.h, lib/includes/gnutls/gnutls.h.in,
8932
lib/includes/gnutls/pkcs11.h, lib/locks.c, lib/openpgp/privkey.c,
8933
lib/pkcs11.c, lib/pkcs11_secret.c, lib/pkcs11_write.c,
8934
lib/random.c, lib/system_override.c, lib/x509/crl_write.c,
8935
lib/x509/crq.c, lib/x509/privkey.c, lib/x509/x509.c: More GTK-DOC
8938
2011-08-02 Simon Josefsson <simon@josefsson.org>
8940
* doc/reference/Makefile.am: Simplify GTK-DOC makefile
8943
2011-08-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8945
* lib/includes/gnutls/gnutls.h.in: updated
8947
2011-08-02 Simon Josefsson <simon@josefsson.org>
8949
* lib/algorithms/sign.c, lib/gnutls_dtls.c, lib/gnutls_pubkey.c,
8950
lib/gnutls_record.c, lib/includes/gnutls/abstract.h,
8951
lib/includes/gnutls/crypto.h, lib/includes/gnutls/dtls.h,
8952
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
8953
lib/includes/gnutls/pkcs11.h, lib/nettle/ecc_free.c,
8954
lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
8955
lib/nettle/ecc_mulmod.c, lib/nettle/ecc_points.c,
8956
lib/nettle/ecc_projective_add_point.c,
8957
lib/nettle/ecc_projective_dbl_point.c,
8958
lib/nettle/ecc_projective_dbl_point_3.c,
8959
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
8960
lib/nettle/ecc_verify_hash.c, lib/pkcs11.c: Fix GTK-DOC manual.
8962
2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8964
* lib/gnutls_record.c: detect premature termination of connection
8966
2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8968
* NEWS, lib/includes/gnutls/pkcs11.h, lib/pkcs11.c: the
8969
deprecated_config_file from 2.12.x was incorporated.
8971
2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8973
* lib/pkcs11.c: documentation update
8975
2011-08-02 Simon Josefsson <simon@josefsson.org>
8977
* doc/manpages/Makefile.am, doc/reference/gnutls-docs.sgml,
8978
lib/algorithms/ecc.c, lib/crypto-api.c, lib/gnutls_alert.c,
8979
lib/gnutls_cert.c, lib/gnutls_dtls.c, lib/gnutls_global.c,
8980
lib/gnutls_pcert.c, lib/gnutls_pubkey.c, lib/gnutls_record.c,
8981
lib/gnutls_state.c, lib/system_override.c, lib/x509/crl.c,
8982
lib/x509/privkey.c, lib/x509/verify-high.c, lib/x509/x509.c: Add
8983
GTK-DOC Since: tags for 3.0.0 additions.
8985
2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8987
* lib/pkcs11_privkey.c: added asserts.
8989
2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8991
* README, README-alpha: Refer to nettle alone and p11-kit.
8993
2011-08-01 Stef Walter <stefw@collabora.co.uk>
8995
* lib/pkcs11.c: Don't try to do PKCS#11 login if session is already
8996
logged in. * It is possible for new PKCS#11 sessions to be logged in if another logged in session already exists. * In these cases, don't log in, but detect the condition and return success. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
8998
2011-08-01 Stef Walter <stefw@collabora.co.uk>
9000
* lib/pkcs11_privkey.c: When finding private keys fail, return error
9001
code. * Previously this would result in an endless loop. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9003
2011-08-01 Stef Walter <stefw@collabora.co.uk>
9005
* lib/includes/gnutls/pkcs11.h, lib/pkcs11.c: Mark the config
9006
argument of gnutls_pkcs11_init() as unused * Since its no longer used. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9008
2011-07-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9010
* NEWS, lib/gnutls_str.h, lib/gnutls_x509.c,
9011
lib/includes/gnutls/x509.h, lib/x509/x509.c, tests/x509cert.c: Added
9012
GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED flag for
9013
gnutls_x509_crt_list_import. It checks whether the list to be
9014
imported is properly sorted.
9016
2011-07-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9018
* NEWS, lib/gnutls_errors.c, lib/gnutls_x509.c,
9019
lib/includes/gnutls/gnutls.h.in: Added
9020
GNUTLS_E_CERTIFICATE_LIST_UNSORTED. If a certificate list is loaded
9021
then verify that it is sorted with order to starts with the subject
9022
and finished with the trusted root. That way we make sure we don't
9023
send data that violate the TLS protocol.
9025
2011-07-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9027
* doc/cha-cert-auth.texi, doc/latex/macros.tex: documentation
9030
2011-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9032
* ChangeLog: updated changelog
9034
2011-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9036
* NEWS: released 3.0.0
9038
2011-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9040
* configure.ac: updated version
9042
2011-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9044
* src/certtool-gaa.c, src/certtool.gaa: Corrected typo.
9046
2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9048
* NEWS: documented updates.
9050
2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9052
* THANKS: Added Petr.
9054
2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9056
* lib/gnutls_pcert.c, lib/gnutls_privkey.c,
9057
lib/includes/gnutls/abstract.h, lib/libgnutls.map: Added
9058
gnutls_pcert_list_import_x509_raw() and few doc fixes.
9060
2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9062
* lib/gnutls.pc.in: corrected for libnettle.
9064
2011-06-24 Andreas Metzler <ametzler@downhill.at.eu.org>
9066
* configure.ac: fix zlib handling in gnutls.pc Only add zlib to gnutls.pc's Requies.private if zlib ships a
9067
pkg-config file. Ancient (<< 1.2.3.1) versions don't. Otherwise add
9068
-lz to Libs.private. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9070
2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9072
* doc/examples/ex-client-srp.c, doc/examples/ex-serv-srp.c:
9073
gnutls_global_init_extra() is not needed for SRP.
9075
2011-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9077
* NEWS: documented changes.
9079
2011-07-25 Sjoerd Simons <sjoerd.simons@collabora.co.uk>
9081
* lib/gnutls_buffers.c: writev_emu: stop on the first incomplete
9082
write Just like standard writev, we should only move on to the next block
9083
if all the previous ones have been successfully written out.
9084
Otherwise there is a potential for data loss and/or confusing push
9085
functions. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9087
2011-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9089
* doc/latex/fdl.tex: increased size of fdl.
9091
2011-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9093
* lib/pkcs11.c: Added debug message to indicate usage of
9094
compatibility mode for /etc/gnutls/pkcs11.conf
9096
2011-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9098
* AUTHORS: removed pgp key from authors file.
9100
2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9102
* ChangeLog: updated changelog.
9104
2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9106
* NEWS, configure.ac, doc/announce.txt, m4/hooks.m4: released 2.99.4
9108
2011-06-29 Petr Písař <petr.pisar@atlas.cz>
9110
* lib/gnutls_privkey.c: Honor uninitialized private key in
9111
destructor Fixes bug #107730. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9113
2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9115
* src/certtool.c: Corrected initialization of key when generating
9116
request. Reported by Petr Pisar.
9118
2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9122
2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9124
* lib/gnutls_rsa_export.c, lib/x509/privkey.c,
9125
lib/x509/privkey_pkcs8.c, lib/x509/x509_int.h: The crippled status
9126
of an gnutls_x509_privkey_t was removed.
9128
2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9130
* doc/examples/ex-pkcs11-list.c: Example compilation fix.
9132
2011-07-07 Stef Walter <stefw@collabora.co.uk>
9134
* configure.ac, lib/includes/gnutls/pkcs11.h, lib/pkcs11.c,
9135
lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_write.c: pkcs11:
9136
Use p11_kit_pin_xxx() functionality when 'pinfile' is in uris. * This allows other apps to register a handler for a specific
9137
pinfile and then that application will be able to provide the PIN
9138
for those URIs. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9140
2011-07-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9142
* lib/pkcs11.c: Added compatibility mode with
9143
/etc/gnutls/pkcs11.conf
9145
2011-07-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9147
* doc/cha-tls-app.texi: Updates in upward negotiation section.
9149
2011-07-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9151
* doc/latex/gnutls.bib: Corrected bibliography
9153
2011-07-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9155
* doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
9156
doc/cha-intro-tls.texi, doc/cha-library.texi,
9157
doc/cha-programs.texi, doc/cha-tls-app.texi: corrected section
9160
2011-07-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9162
* doc/cha-library.texi, doc/cha-support.texi, lib/gnutls_errors.c,
9163
lib/gnutls_srp.c: Updated information on required libraries.
9165
2011-07-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9167
* doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
9168
doc/cha-intro-tls.texi, doc/cha-library.texi, doc/cha-preface.texi:
9171
2011-06-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9173
* doc/.gitignore, doc/Makefile.am, doc/alert-printlist.c,
9174
doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
9175
doc/cha-intro-tls.texi, doc/cha-library.texi, doc/gnutls.texi,
9176
doc/latex/Makefile.am, doc/latex/gnutls.tex, doc/latex/macros.tex,
9177
doc/scripts/gdoc, doc/scripts/mytexi2latex, doc/scripts/sort1.pl,
9178
doc/scripts/split.pl, lib/gnutls_x509.c: updated function listing.
9180
2011-06-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9182
* lib/gnutls_alert.c, lib/includes/gnutls/gnutls.h.in,
9183
lib/libgnutls.map: Added gnutls_alert_get_strname().
9185
2011-06-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9187
* lib/algorithms/cert_types.c, lib/algorithms/ciphers.c,
9188
lib/algorithms/ecc.c, lib/algorithms/kx.c, lib/algorithms/mac.c,
9189
lib/algorithms/protocols.c, lib/algorithms/publickey.c,
9190
lib/algorithms/secparams.c, lib/algorithms/sign.c, lib/auth/cert.c,
9191
lib/auth/psk.c, lib/auth/rsa_export.c, lib/crypto-api.c,
9192
lib/crypto-backend.c, lib/ext/max_record.c,
9193
lib/ext/safe_renegotiation.c, lib/ext/server_name.c,
9194
lib/ext/session_ticket.c, lib/gcrypt/mpi.c, lib/gnutls_alert.c,
9195
lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_buffers.c,
9196
lib/gnutls_cert.c, lib/gnutls_dh_primes.c, lib/gnutls_dtls.c,
9197
lib/gnutls_errors.c, lib/gnutls_global.c, lib/gnutls_handshake.c,
9198
lib/gnutls_mpi.c, lib/gnutls_pcert.c, lib/gnutls_priority.c,
9199
lib/gnutls_privkey.c, lib/gnutls_psk.c, lib/gnutls_pubkey.c,
9200
lib/gnutls_record.c, lib/gnutls_sig.c, lib/gnutls_state.c,
9201
lib/gnutls_str.c, lib/gnutls_ui.c, lib/gnutls_x509.c,
9202
lib/minitasn1/decoding.c, lib/minitasn1/errors.c,
9203
lib/nettle/ecc_verify_hash.c, lib/opencdk/kbnode.c,
9204
lib/opencdk/sig-check.c, lib/openpgp/extras.c,
9205
lib/openpgp/gnutls_openpgp.c, lib/openpgp/output.c,
9206
lib/openpgp/pgp.c, lib/openpgp/privkey.c, lib/pkcs11.c,
9207
lib/pkcs11_privkey.c, lib/pkcs11_secret.c, lib/pkcs11_write.c,
9208
lib/random.c, lib/x509/common.c, lib/x509/crl.c,
9209
lib/x509/crl_write.c, lib/x509/crq.c, lib/x509/dn.c,
9210
lib/x509/extensions.c, lib/x509/output.c, lib/x509/pkcs12.c,
9211
lib/x509/pkcs12_bag.c, lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c,
9212
lib/x509/privkey.c, lib/x509/privkey_pkcs8.c,
9213
lib/x509/rfc2818_hostname.c, lib/x509/sign.c,
9214
lib/x509/verify-high.c, lib/x509/verify.c, lib/x509/x509.c,
9215
lib/x509/x509_write.c: documentation fixes
9217
2011-06-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9219
* NEWS, lib/COPYING, lib/accelerated/accelerated.c,
9220
lib/accelerated/cryptodev.c, lib/auth/anon.c, lib/auth/anon_ecdh.c,
9221
lib/auth/cert.c, lib/auth/dh_common.c, lib/auth/dhe.c,
9222
lib/auth/dhe_psk.c, lib/auth/ecdh_common.c, lib/auth/psk.c,
9223
lib/auth/psk_passwd.c, lib/auth/rsa.c, lib/auth/rsa_export.c,
9224
lib/auth/srp.c, lib/auth/srp_passwd.c, lib/auth/srp_rsa.c,
9225
lib/auth/srp_sb64.c, lib/crypto-api.c, lib/crypto-backend.c,
9226
lib/debug.c, lib/ext/cert_type.c, lib/ext/ecc.c,
9227
lib/ext/max_record.c, lib/ext/safe_renegotiation.c,
9228
lib/ext/server_name.c, lib/ext/session_ticket.c,
9229
lib/ext/signature.c, lib/ext/srp.c, lib/gnutls_alert.c,
9230
lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_buffers.c,
9231
lib/gnutls_cert.c, lib/gnutls_cipher.c, lib/gnutls_cipher_int.c,
9232
lib/gnutls_compress.c, lib/gnutls_constate.c, lib/gnutls_datum.c,
9233
lib/gnutls_db.c, lib/gnutls_dh.c, lib/gnutls_dh_primes.c,
9234
lib/gnutls_dtls.c, lib/gnutls_ecc.c, lib/gnutls_errors.c,
9235
lib/gnutls_extensions.c, lib/gnutls_global.c,
9236
lib/gnutls_handshake.c, lib/gnutls_hash_int.c, lib/gnutls_helper.c,
9237
lib/gnutls_kx.c, lib/gnutls_mbuffers.c, lib/gnutls_mem.c,
9238
lib/gnutls_mpi.c, lib/gnutls_num.c, lib/gnutls_pcert.c,
9239
lib/gnutls_pk.c, lib/gnutls_priority.c, lib/gnutls_privkey.c,
9240
lib/gnutls_psk.c, lib/gnutls_pubkey.c, lib/gnutls_record.c,
9241
lib/gnutls_rsa_export.c, lib/gnutls_session.c,
9242
lib/gnutls_session_pack.c, lib/gnutls_sig.c, lib/gnutls_srp.c,
9243
lib/gnutls_state.c, lib/gnutls_str.c, lib/gnutls_supplemental.c,
9244
lib/gnutls_ui.c, lib/gnutls_v2_compat.c, lib/gnutls_x509.c,
9245
lib/hash.c, lib/locks.c, lib/nettle/cipher.c,
9246
lib/nettle/ecc_free.c, lib/nettle/ecc_make_key.c,
9247
lib/nettle/ecc_map.c, lib/nettle/ecc_mulmod.c,
9248
lib/nettle/ecc_points.c, lib/nettle/ecc_projective_add_point.c,
9249
lib/nettle/ecc_projective_dbl_point.c,
9250
lib/nettle/ecc_projective_dbl_point_3.c,
9251
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
9252
lib/nettle/ecc_verify_hash.c, lib/nettle/egd.c, lib/nettle/init.c,
9253
lib/nettle/mac.c, lib/nettle/mpi.c, lib/nettle/pk.c,
9254
lib/nettle/rnd.c, lib/opencdk/armor.c, lib/opencdk/hash.c,
9255
lib/opencdk/kbnode.c, lib/opencdk/keydb.c, lib/opencdk/literal.c,
9256
lib/opencdk/main.c, lib/opencdk/misc.c, lib/opencdk/new-packet.c,
9257
lib/opencdk/pubkey.c, lib/opencdk/read-packet.c,
9258
lib/opencdk/seskey.c, lib/opencdk/sig-check.c,
9259
lib/opencdk/stream.c, lib/opencdk/write-packet.c,
9260
lib/openpgp/compat.c, lib/openpgp/extras.c,
9261
lib/openpgp/gnutls_openpgp.c, lib/openpgp/output.c,
9262
lib/openpgp/pgp.c, lib/openpgp/pgpverify.c, lib/openpgp/privkey.c,
9263
lib/pkcs11.c, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
9264
lib/pkcs11_write.c, lib/random.c, lib/system.c,
9265
lib/system_override.c, lib/x509/common.c, lib/x509/crl.c,
9266
lib/x509/crl_write.c, lib/x509/crq.c, lib/x509/dn.c,
9267
lib/x509/extensions.c, lib/x509/key_decode.c,
9268
lib/x509/key_encode.c, lib/x509/mpi.c, lib/x509/output.c,
9269
lib/x509/pbkdf2-sha1.c, lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c,
9270
lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c, lib/x509/privkey.c,
9271
lib/x509/privkey_pkcs8.c, lib/x509/rfc2818_hostname.c,
9272
lib/x509/sign.c, lib/x509/verify-high.c, lib/x509/verify.c,
9273
lib/x509/x509.c, lib/x509/x509_write.c, lib/x509_b64.c: Upgraded to
9276
2011-06-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9278
* doc/latex/cover.tex.in: updated cover.
9280
2011-06-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9282
* doc/latex/fdl.tex: improvements on fdl.
9284
2011-06-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9286
* AUTHORS: Added LRN.
9288
2011-06-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9290
* doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
9291
doc/cha-intro-tls.texi, doc/cha-library.texi,
9292
doc/cha-programs.texi, doc/scripts/mytexi2latex: documentation
9295
2011-06-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9297
* NEWS, lib/gnutls_srp.c, lib/gnutls_srp.h: gnutls_srp_verifier()
9298
returns data allocated with gnutls_malloc() for consistency.
9300
2011-06-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9302
* lib/gnutls_errors.c: reduced error message.
9304
2011-06-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9306
* doc/cha-intro-tls.texi: simplified text.
9308
2011-06-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9310
* doc/latex/fdl.tex, doc/latex/gnutls.tex: FDL is now included using
9313
2011-06-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9315
* doc/cha-auth.texi, doc/cha-intro-tls.texi,
9316
doc/examples/ex-client1.c, doc/scripts/mytexi2latex: Tables were
9319
2011-06-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9321
* doc/cha-cert-auth.texi, doc/cha-internals.texi,
9322
doc/cha-intro-tls.texi, doc/cha-library.texi,
9323
doc/scripts/mytexi2latex: figures were made floating.
9325
2011-06-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9327
* doc/latex/cover.tex.in, doc/scripts/mytexi2latex: Added
9328
high-quality pdf images.
9330
2011-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9332
* .gitignore, doc/latex/.gitignore: more files to ignore
9334
2011-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9336
* configure.ac, doc/Makefile.am, doc/cha-auth.texi,
9337
doc/cha-bib.texi, doc/cha-cert-auth.texi,
9338
doc/cha-ciphersuites.texi, doc/cha-errors.texi,
9339
doc/cha-functions.texi, doc/cha-gtls-app.texi,
9340
doc/cha-internals.texi, doc/cha-intro-tls.texi,
9341
doc/cha-library.texi, doc/cha-preface.texi, doc/cha-programs.texi,
9342
doc/cha-support.texi, doc/cha-tls-app.texi, doc/errcodes.c,
9343
doc/examples/ex-client1.c, doc/examples/ex-pkcs11-list.c,
9344
doc/examples/ex-serv-anon.c, doc/gnutls.texi,
9345
doc/latex/Makefile.am, doc/latex/cover.tex.in, doc/latex/fdl.tex,
9346
doc/latex/gnutls.bib, doc/latex/gnutls.tex, doc/latex/macros.tex,
9347
doc/printlist.c, doc/scripts/mytexi2latex, doc/scripts/sort1.pl,
9348
doc/signatures.texi: updated documentation to allow latex output.
9350
2011-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9352
* lib/gnutls_record.c, lib/x509/crq.c, lib/x509/x509.c,
9353
lib/x509/x509_write.c: corrected typos
9355
2011-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9357
* doc/cha-cert-auth.texi, doc/examples/Makefile.am,
9358
doc/examples/ex-cert-select.c, doc/examples/ex-client-udp.c,
9359
doc/examples/ex-crq.c, doc/examples/ex-pkcs11-list.c,
9360
doc/examples/ex-session-info.c, doc/examples/ex-verify.c: indented
9361
code. Corrected PKCS #11 example.
9363
2011-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9365
* doc/Makefile.am: added missing file.
9367
2011-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9369
* AUTHORS, NEWS, lib/includes/gnutls/gnutls.h.in, m4/hooks.m4:
9372
2011-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9374
* NEWS, lib/gnutls_errors.c, lib/includes/gnutls/pkcs11.h,
9375
lib/pkcs11.c, lib/pkcs11_write.c, src/p11tool-gaa.c,
9376
src/p11tool-gaa.h, src/p11tool.c, src/p11tool.gaa, src/p11tool.h,
9377
src/pkcs11.c: Added new PKCS #11 flags to force an object being
9378
private or not. Those are GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE and
9379
GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE. p11tool supports now the
9380
--no-private and --private options.
9382
2011-06-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9384
* src/p11common.c: Limit the number of attempts with the same PIN,
9385
to avoid attempting again and again with a wrong PIN.
9387
2011-06-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9389
* lib/pkcs11_write.c: When writing an object with CKA_TRUSTED set
9390
CKA_PRIVATE explicitly to FALSE, to allow the SO to write it.
9391
Reported by Rickard Bellgrim.
9393
2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9397
2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9399
* src/pkcs11.c: removed unneeded test.
9401
2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9403
* lib/pkcs11.c: Enforce the GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO even if
9404
GNUTLS_PKCS11_OBJ_FLAG_LOGIN is specified.
9406
2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9408
* src/Makefile.am, src/p11common.c, src/pkcs11.c: Use common code
9409
for PKCS #11 callbacks across clients. Require SO login to write a
9412
2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9414
* lib/algorithms/ciphersuites.c, lib/ext/safe_renegotiation.h: bit
9415
fields changed to unsigned.
9417
2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9419
* lib/gnutls_pubkey.c, lib/x509/privkey.c: Moved null check before
9422
2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9424
* lib/opencdk/keydb.c: removed unreachable code warning
9426
2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9428
* lib/opencdk/hash.c, lib/opencdk/main.h, lib/opencdk/stream.c,
9429
lib/opencdk/write-packet.c: eliminated wipemem().
9431
2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9433
* lib/gnutls_pk.c: corrected uninitialized variable warning.
9435
2011-06-16 Rickard Bellgrim <rickard@opendnssec.org>
9437
* lib/pkcs11_write.c: The CKA_SUBJECT must be specified for a
9438
certificate. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9440
2011-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9442
* lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, src/pkcs11.c: When
9443
setting the TRUSTED flag login as security officer.
9445
2011-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9447
* lib/pkcs11_write.c: write label in PKCS #11 privkey.
9449
2011-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9451
* lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/pkcs11.c,
9452
lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
9453
lib/pkcs11_write.c: define ck_bool_t to be compatible with PKCS #11
9456
2011-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9458
* configure.ac: ignore more warnings.
9460
2011-06-09 Stef Walter <stefw@collabora.co.uk>
9462
* lib/Makefile.am, lib/pkcs11_int.h, lib/pkcs11_spec.h: Use pkcs11.h
9463
specification file from p11-kit. * Remove one included briefly in gnutls. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9465
2011-06-09 Stef Walter <stefw@collabora.co.uk>
9467
* lib/pkcs11.c, src/cli.c, src/p11common.c, src/pkcs11.c,
9468
tests/suite/mini-eagain2.c: Fix up compiler warnings. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9470
2011-06-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9472
* lib/pkcs11_spec.h: Added missing file
9474
2011-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9476
* doc/cha-cert-auth.texi: document new config file format and path.
9478
2011-06-07 Stef Walter <stefw@collabora.co.uk>
9480
* configure.ac, doc/examples/Makefile.am, lib/Makefile.am,
9481
lib/auth/cert.c, lib/gnutls_global.c, lib/gnutls_privkey.c,
9482
lib/gnutls_pubkey.c, lib/gnutls_x509.c, lib/pakchois/README,
9483
lib/pakchois/dlopen.c, lib/pakchois/dlopen.h,
9484
lib/pakchois/errors.c, lib/pakchois/pakchois.c,
9485
lib/pakchois/pakchois.h, lib/pakchois/pakchois11.h, lib/pkcs11.c,
9486
lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
9487
lib/pkcs11_write.c, src/Makefile.am, src/certtool-common.c,
9488
src/certtool.c, src/cli.c, src/p11tool.c, src/serv.c: The attached
9489
patch ports gnutls to p11-kit. p11-kit is added as a dependency.
9490
p11-kit itself has no dependencies outside of basic libc stuff. The
9491
source code for p11-kit is available both in git and tarball form.
9492
[3] If the gnutls dependency on p11-kit is disabled (via a configure
9493
option) then the PKCS#11 support is disabled. This is useful in bare
9494
bones embedded systems or places where very minimal dependencies are
9497
2011-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9499
* doc/manpages/Makefile.am: updated
9501
2011-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9503
* lib/pkcs11.c, lib/pkcs11_privkey.c: Return error code when an
9504
object is not found. Only request for token insertion if the
9505
expected data is not found. Based on patch by Stef Walter.
9507
2011-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9509
* configure.ac: Depend on automake 1.11.
9511
2011-06-06 Stef Walter <stefw@collabora.co.uk>
9513
* tests/suite/Makefile.am: tests: Build eagain-cli with correct
9514
libraries * Add -ldl -lpthread to linker flags Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9516
2011-05-30 Stef Walter <stefw@collabora.co.uk>
9518
* src/cli.c: gnutls-cli: Fix uninitialized variable when PKCS#11
9519
uris in use. * When PKCS#11 URIs are in use previously tried to free
9520
uninitialized memory. Initialize to zero. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9522
2011-05-30 Stef Walter <stefw@collabora.co.uk>
9524
* lib/pkcs11.c: pkcs11: Accept CKR_USER_ALREADY_LOGGED_IN as
9525
successful result for PAP Login * When doing CKF_PROTECTED_AUTHENTICATION_PATH login, accept CKR_USER_ALREADY_LOGGED_IN as a successful result. * Another code path, or another consumer of the same PKCS#11 module may have already logged in. * This is what the non PAP code path already does. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9527
2011-06-06 Stef Walter <stefw@collabora.co.uk>
9529
* lib/auth/srp.c, lib/auth/srp_rsa.c, lib/ext/session_ticket.c,
9530
lib/gnutls_compress.c, lib/hash.c, lib/nettle/ecc_mulmod.c,
9531
lib/x509/common.c: Remove unused variables * GCC 4.6.0 prints a warning, and build failes with -Wunused Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
9533
2011-06-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9535
* lib/nettle/rnd.c: use gnutls_assert_val() in EGD errors.
9537
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9539
* tests/dsa/testdsa, tests/openpgp-certs/testcerts,
9540
tests/scripts/common.sh, tests/suite/testcompat-main,
9541
tests/suite/testsrn: Corrected fail() shell function. Reported by
9544
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9546
* tests/dsa/testdsa: Corrected typo. Reported by Andreas Metzler.
9548
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9550
* doc/manpages/Makefile.am: regenerated makefile.
9552
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9554
* lib/x509/common.c: documentation fix.
9556
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9558
* lib/accelerated/intel/Makefile.am,
9559
lib/accelerated/intel/aes-x86.c,
9560
lib/accelerated/intel/asm/appro-aes-gcm-x86.s: pclmul is not used on
9561
intel 32-bit systems.
9563
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9565
* lib/accelerated/intel/aes-x86.c, lib/gnutls_global.h,
9566
lib/gnutls_priority.c: When AES and GCM acceleration is available
9567
increase the priority of AES-GCM ciphersuites in performance and
9570
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9572
* lib/gcrypt/cipher.c, lib/gcrypt/pk.c: prevent compilation of
9573
gcrypt support since it is incomplete.
9575
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9577
* lib/Makefile.am, lib/algorithms/ciphers.c,
9578
lib/algorithms/ciphersuites.c, lib/gcrypt/cipher.c,
9579
lib/nettle/cipher.c, m4/hooks.m4: do not use NETTLE_LIBS to include
9580
hogweed and gmp. removed ENABLE_CAMELLIA and NETTLE_GCM.
9582
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9584
* src/benchmark-tls.c: improved benchmark.
9586
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9588
* doc/Makefile.am, doc/cha-cert-auth.texi, doc/cha-internals.texi,
9589
doc/cha-intro-tls.texi, doc/cha-library.texi,
9590
doc/cha-programs.texi, doc/examples/ex-session-info.c,
9591
doc/gnutls-certificate-user-use-case.pdf,
9592
doc/gnutls-client-server-use-case.pdf,
9593
doc/gnutls-extensions_st.pdf, doc/gnutls-handshake-sequence.pdf,
9594
doc/gnutls-handshake-state.pdf, doc/gnutls-internals.pdf,
9595
doc/gnutls-layers.pdf, doc/gnutls-logo.pdf,
9596
doc/gnutls-mod_auth_st.pdf, doc/gnutls-objects.pdf,
9597
doc/gnutls-pgp.pdf, doc/gnutls-x509.pdf, doc/gnutls.texi: Updated
9598
documentation. Removed all .pdf files. They were not needed.
9600
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9602
* lib/algorithms.h, lib/algorithms/ciphersuites.c,
9603
lib/gnutls_handshake.c: Avoid memory allocations when requesting the
9604
supported ciphersuites.
9606
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9608
* lib/accelerated/intel/aes-x86.c: more verbose if the PCLMUL
9609
instruction is detected.
9611
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9613
* tests/cipher-test.c: Added debugging ability to cipher-test.
9615
2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9617
* doc/TODO: more cleanup.
9619
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9621
* doc/TODO: Added new TODO items.
9623
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9625
* doc/TODO: removed completed items from todo list
9627
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9629
* lib/gnutls_priority.c: reinstated MAC-ALL semantics.
9631
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9633
* .gitignore: more files to ignore.
9635
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9637
* lib/gnutls_session_pack.c: store the ECC curve in the session
9638
resumption parameters.
9640
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9642
* NEWS, doc/cha-cert-auth.texi, doc/examples/ex-verify.c,
9643
lib/gnutls_cert.c, lib/includes/gnutls/x509.h, lib/libgnutls.map,
9644
lib/x509/verify-high.c, tests/Makefile.am, tests/x509cert-tl.c:
9645
Added gnutls_x509_trust_list_add_named_crt() and
9646
gnutls_x509_trust_list_verify_named_crt() that allow having a list
9647
of certificates in the trusted list that will be associated with a
9648
name (e.g. server name) and will not be used as CAs.
9650
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9652
* NEWS, doc/cha-intro-tls.texi,
9653
lib/accelerated/intel/aes-gcm-x86.c,
9654
lib/accelerated/intel/aes-x86.c, lib/algorithms/ciphersuites.c,
9655
lib/gnutls_priority.c, lib/includes/gnutls/gnutls.h.in,
9656
lib/nettle/cipher.c: Added SuiteB ciphersuites. Added SUITEB128 and
9657
SUITEB192 priority strings. SECURE256 was renamed to SECURE192
9658
(because TLS ciphersuite's security level was not enough to justify
9661
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9663
* NEWS, lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map:
9664
gnutls_ecc_curve_get() was added.
9666
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9668
* lib/gnutls_state.c: The PRF is now read from the ciphersuite
9671
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9673
* src/common.c: Print information on elliptic curve sessions.
9675
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9677
* lib/abstract_int.h, lib/gnutls_pubkey.c, lib/gnutls_sig.c,
9678
lib/gnutls_sig.h, lib/includes/gnutls/abstract.h,
9679
lib/includes/gnutls/compat.h, lib/libgnutls.map, lib/x509/common.c,
9680
lib/x509/common.h, lib/x509/crq.c, lib/x509/privkey.c,
9681
lib/x509/verify.c, lib/x509/x509.c, lib/x509/x509_int.h: Split
9682
pubkey_verify_sig() to pubkey_verify_hashed_data() and
9683
pubkey_verify_data(). Added gnutls_pubkey_verify_data2() to allow
9684
verification of a signature when the signature algorithm cannot be
9685
determined by the signature and the public key only.
9687
2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9689
* lib/gnutls_hash_int.h, lib/gnutls_sig.c: Allow all SHA algorithms
9692
2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9694
* lib/x509/verify.c: fixes for
9695
http://tools.ietf.org/html/draft-mavrogiannopoulos-tls-dss-00
9697
2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9699
* lib/auth/cert.h, lib/gnutls_cert.c, lib/gnutls_handshake.c:
9700
simplified _gnutls_selected_cert_supported_kx().
9702
2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9704
* lib/gnutls_pubkey.c, lib/nettle/pk.c, lib/x509/verify.c:
9705
Truncation of ECDSA and DSA signatures moved to
9706
_wrap_nettle_pk_sign() and _wrap_nettle_pk_verify().
9708
2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9710
* lib/algorithms.h, lib/algorithms/ciphersuites.c,
9711
lib/algorithms/sign.c, lib/ext/signature.c, lib/gnutls_buffers.c,
9712
lib/gnutls_buffers.h, lib/gnutls_handshake.c, lib/gnutls_int.h,
9713
lib/gnutls_sig.c, lib/nettle/pk.c: Simplified the handling of
9714
handshake messages to be hashed. Instead of doing a hash during the
9715
handshake process we now keep the data until handshake is over and
9716
hash them on demand. This uses more memory but eliminates issues
9717
with TLS 1.2 and makes the handling simpler.
9719
2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9721
* lib/ext/signature.c, lib/gnutls_pubkey.c, lib/nettle/pk.c,
9722
lib/x509/common.h, lib/x509/verify.c: Hash algorithms used for DSA
9723
and ECDSA correspond to draft-mavrogiannopoulos-tls-dss-00.txt.
9725
2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9727
* lib/ext/ecc.c: updated
9729
2011-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9731
* doc/cha-internals.texi, doc/gnutls.texi: Added refint macro to
9732
refer to internal -non exported- functions. Used it to reference to
9733
the gnutls_*_register() functions.
9735
2011-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9737
* NEWS, lib/Makefile.am, lib/auth/psk_passwd.c, lib/auth/rsa.c,
9738
lib/auth/rsa_export.c, lib/auth/srp_passwd.c, lib/crypto-api.c,
9739
lib/crypto-backend.c, lib/crypto-backend.h, lib/crypto.c,
9740
lib/ext/session_ticket.c, lib/gnutls_cipher.c,
9741
lib/gnutls_cipher_int.h, lib/gnutls_handshake.c,
9742
lib/gnutls_hash_int.h, lib/gnutls_mpi.c, lib/gnutls_mpi.h,
9743
lib/gnutls_pk.c, lib/includes/gnutls/crypto.h, lib/libgnutls.map,
9744
lib/nettle/mpi.c, lib/nettle/pk.c, lib/opencdk/misc.c,
9745
lib/pkcs11_secret.c, lib/random.h, lib/x509/pkcs12.c,
9746
lib/x509/privkey_pkcs8.c, libextra/gnutls_openssl.c, src/psk.c,
9747
src/srptool.c, tests/Makefile.am, tests/crypto_rng.c,
9748
tests/rng-fork.c: gnutls/crypto.h no longer includes functions to
9749
register ciphers. Thus the following functions - gnutls_crypto_bigint_register - gnutls_crypto_cipher_register - gnutls_crypto_digest_register - gnutls_crypto_mac_register - gnutls_crypto_pk_register - gnutls_crypto_rnd_register - gnutls_crypto_single_cipher_register - gnutls_crypto_single_digest_register - gnutls_crypto_single_mac_register are only available internally
9750
via crypto-backend.h.
9752
2011-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9754
* build-aux/config.rpath: updated
9756
2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9758
* lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s,
9759
lib/accelerated/intel/asm/appro-aes-gcm-x86.s,
9760
lib/accelerated/intel/asm/appro-aes-x86-64.s,
9761
lib/accelerated/intel/asm/appro-aes-x86.s: typos and date fix in
9764
2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9766
* src/benchmark-tls.c: Added benchmark on GCM ciphersuites and
9767
arcfour for comparison.
9769
2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9771
* lib/gnutls_int.h: corrected typo.
9773
2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9775
* lib/accelerated/intel/aes-gcm-x86.c,
9776
lib/accelerated/intel/aes-x86.c: indented code
9778
2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9780
* src/benchmark.c: properly initialize benchmarks.
9782
2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9784
* configure.ac, m4/hooks.m4: bumped version.
9786
2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9788
* lib/accelerated/intel/aes-gcm-x86.c: Corrections in encryption and
9789
decryption of incomplete blocks.
9791
2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9793
* lib/accelerated/intel/aes-gcm-x86.c, lib/gnutls_int.h,
9794
lib/gnutls_state.c: Use nettle's memxor or gnulib's if it doesn't
9797
2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9799
* NEWS, lib/accelerated/intel/Makefile.am,
9800
lib/accelerated/intel/aes-gcm-x86.c,
9801
lib/accelerated/intel/aes-x86.c, lib/accelerated/intel/aes-x86.h,
9802
lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s,
9803
lib/accelerated/intel/asm/appro-aes-gcm-x86.s, lib/gnutls_num.c,
9804
lib/gnutls_num.h, tests/cipher-test.c: Added AES-GCM optimizations
9805
using the PCLMULQDQ instruction. Uses Andy Polyakov's assembly code.
9807
2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9809
* lib/crypto-api.c: documented usage of gnutls_cipher_add_auth().
9811
2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9813
* doc/cha-intro-tls.texi: updates.
9815
2011-05-31 Roman Bogorodskiy <bogorodskiy@gmail.com>
9817
* lib/Makefile.am: Prevent including installed gnutls' headers.
9819
2011-05-31 Roman Bogorodskiy <bogorodskiy@gmail.com>
9821
* src/udp-serv.c: Add missing <netinet/in.h> to get sockaddr_in.
9823
2011-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9825
* doc/cha-intro-tls.texi: Compatibility text updated.
9827
2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9829
* lib/accelerated/intel/asm/appro-aes-x86-64.s,
9830
lib/accelerated/intel/asm/appro-aes-x86.s: Added new AES code by
9833
2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9835
* doc/credentials/x509/ca-key.pem: Added missing file.
9837
2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9839
* .gitignore: more files to ignore
9841
2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9843
* lib/nettle/Makefile.am, lib/nettle/ecc_free.c,
9844
lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
9845
lib/nettle/ecc_mulmod.c, lib/nettle/ecc_points.c,
9846
lib/nettle/ecc_projective_add_point.c,
9847
lib/nettle/ecc_projective_dbl_point_3.c,
9848
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
9849
lib/nettle/ecc_test.c, lib/nettle/ecc_verify_hash.c: Added FSF
9850
copyright to public domain files.
9852
2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9854
* configure.ac, lib/accelerated/x86.h: Use cpuid.h if it exists, to
9855
use the x86 CPUID instruction.
9857
2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9859
* THANKS: Added Dash.
9861
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9863
* lib/gnutls_compress.c, lib/gnutls_compress.h,
9864
lib/gnutls_handshake.c: simplified
9865
_gnutls_supported_compression_methods().
9867
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9869
* lib/gnutls_constate.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
9870
lib/gnutls_session_pack.c, lib/gnutls_v2_compat.c: Correctly set
9871
compression method when resuming sessions. Reported by Dash Shendy.
9873
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9875
* lib/gnutls_hash_int.c: digest_length() uses int as input.
9877
2011-05-28 Stef Walter <stefw@collabora.co.uk>
9879
* lib/nettle/cipher.c: Fix warnings with GCC 4.5.2
9881
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9883
* doc/credentials/Makefile.am, doc/credentials/x509/Makefile.am:
9884
Corrected EXTRA_DIST
9886
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9888
* tests/suite/testcompat-main: updated keys.
9890
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9892
* lib/auth/cert.c, lib/auth/cert.h, lib/gnutls_handshake.c,
9893
lib/gnutls_handshake.h: Take into account each and every advertized
9894
public key algorithm when selecting a certificate. Previously we
9895
were assuming only RSA or DSA, or ANY.
9897
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9899
* doc/credentials/gnutls-http-serv, src/serv-gaa.c, src/serv-gaa.h,
9900
src/serv.c, src/serv.gaa: Added feature to specify ecc private keys
9903
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9905
* lib/algorithms.h, lib/gnutls_handshake.c, lib/gnutls_state.c:
9906
Corrected ECC ciphersuite detection.
9908
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9910
* doc/credentials/x509-ca-key.pem, doc/credentials/x509-ca.pem,
9911
doc/credentials/x509-client-key.pem,
9912
doc/credentials/x509-client.pem, doc/credentials/x509-other-ca.pem,
9913
doc/credentials/x509-proxy-key.pem, doc/credentials/x509-proxy.pem,
9914
doc/credentials/x509-server-dsa.pem,
9915
doc/credentials/x509-server-key-dsa.pem,
9916
doc/credentials/x509-server-key.pem,
9917
doc/credentials/x509-server.pem, doc/credentials/x509-trust.pem,
9918
doc/credentials/x509/ca.pem, doc/credentials/x509/cert-dsa.pem,
9919
doc/credentials/x509/cert-ecc.pem,
9920
doc/credentials/x509/cert-rsa.pem, doc/credentials/x509/cert.pem,
9921
doc/credentials/x509/clicert-dsa.pem,
9922
doc/credentials/x509/clicert.pem, doc/credentials/x509/key-dsa.pem,
9923
doc/credentials/x509/key-ecc.pem, doc/credentials/x509/key-rsa.pem,
9924
doc/credentials/x509/key.pem, lib/nettle/pk.c, lib/x509/verify.c:
9925
Laxed verification checks for DSA to allow SHA256 in place of
9926
SHA224. Added new certificate sets in doc/credentials/x509/.
9928
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9930
* lib/gnutls_priority.c: ECDHE and ECDSA were added to deafult
9933
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9935
* lib/auth/rsa.c, lib/x509/key_encode.c, lib/x509/privkey_pkcs8.c:
9936
gnutls_secure_malloc() is no longer used.
9938
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9940
* lib/auth/dhe_psk.c, lib/auth/psk.c: deinitialize PSK key memory.
9942
2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9944
* lib/auth/psk.c: explicitly request for client key in server side.
9946
2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9948
* NEWS, lib/algorithms/ciphersuites.c, lib/algorithms/kx.c,
9949
lib/auth/anon.c, lib/auth/anon_ecdh.c, lib/auth/dh_common.c,
9950
lib/auth/dh_common.h, lib/auth/dhe.c, lib/auth/dhe_psk.c,
9951
lib/auth/ecdh_common.c, lib/auth/ecdh_common.h, lib/gnutls_state.c,
9952
lib/includes/gnutls/gnutls.h.in: Added ECDHE-PSK ciphersuites for
9955
2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9957
* doc/gnutls-guile.texi: Corrections.
9959
2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9961
* doc/.gitignore: ignore tex files.
9963
2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9965
* doc/cha-copying.texi: Do not list all licenses in the manual of
9966
gnutls. Just the license of the manual is enough.
9968
2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9970
* doc/Makefile.am, doc/cha-ciphersuites.texi,
9971
doc/cha-functions.texi, doc/cha-preface.texi,
9972
doc/gnutls-guile.texi, doc/guile.texi, guile/src/core.c: guile
9973
bindings added as a separate document.
9975
2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9977
* doc/gnutls.texi: reorganization. Removed guile bindings.
9979
2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9981
* doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
9982
doc/gnutls.texi: reorganization and added section on parameter
9985
2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9987
* lib/Makefile.am, lib/auth/Makefile.am, lib/ext/Makefile.am,
9988
lib/nettle/Makefile.am: Added new headers.
9990
2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9992
* NEWS: document elliptic curves addition.
9994
2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9996
* m4/hooks.m4: libgcrypt support was removed.
9998
2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10000
* NEWS: listed newly added functions.
10002
2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10004
* lib/nettle/Makefile.am, lib/nettle/ecc.h,
10005
lib/nettle/ecc_make_key.c, lib/nettle/ecc_shared_secret.c,
10006
lib/nettle/ecc_sign_hash.c, lib/nettle/ecc_verify_hash.c,
10007
lib/nettle/mp_unsigned_bin.c: Use nettle's functions for integer
10010
2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10012
* lib/algorithms/publickey.c, lib/gnutls_sig.c: more updates for
10013
ECDSA ciphersuites.
10015
2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10017
* lib/ext/ecc.c: reduced debugging.
10019
2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10021
* lib/gnutls_pubkey.c, lib/gnutls_sig.c: Changes to allow ECDH-DSA
10022
with client mode certificates.
10024
2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10026
* tests/certs/ca-cert-ecc.pem, tests/certs/ca-ecc.pem,
10027
tests/certs/cert-ecc.pem, tests/certs/ecc.pem,
10028
tests/suite/testcompat-main: Added server and client mode tests for
10031
2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10033
* lib/ext/session_ticket.c, lib/gnutls_db.c, lib/gnutls_dtls.c,
10034
lib/gnutls_global.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
10035
lib/gnutls_session_pack.c, lib/gnutls_v2_compat.c,
10036
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
10037
lib/nettle/rnd.c, lib/opencdk/keydb.c, lib/opencdk/literal.c,
10038
lib/opencdk/read-packet.c, lib/opencdk/sig-check.c,
10039
lib/openpgp/gnutls_openpgp.c, lib/system.c, lib/system.h,
10040
lib/x509/common.c, lib/x509/verify.c, tests/chainverify.c: Added
10041
gnutls_global_set_time_function() to allow overriding the default
10042
system time() function.
10044
2011-05-25 Giuseppe Scrivano <gscrivano@gnu.org>
10046
* doc/cha-programs.texi: Fix example in the documentation. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10048
2011-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10050
* doc/cha-programs.texi: updated documentation on PSK. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10052
2011-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10054
* lib/nettle/ecc_projective_add_point.c: If Q=-P return the point at
10057
2011-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10059
* tests/chainverify.c: Added elliptic curves chain certificate.
10061
2011-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10063
* lib/gnutls_buffers.c: do not try to write to a socket when no
10066
2011-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10068
* tests/openpgpself.c: increased log level
10070
2011-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10072
* lib/gnutls_buffers.h, lib/gnutls_handshake.c:
10073
_gnutls_handshake_hash_buffer_clear was replaced by
10074
_gnutls_buffer_clear();
10076
2011-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10078
* lib/nettle/pk.c: Only warn on invalid security level hashes.
10080
2011-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10082
* src/certtool.c: SHA256 is the default hash algorithm in certtool.
10084
2011-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10086
* lib/gnutls_pk.c, lib/gnutls_pk.h, lib/gnutls_privkey.c,
10087
lib/gnutls_sig.c, lib/x509/verify.c: Several updates to allow
10088
generation and signing of an ECC certificate.
10090
2011-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10092
* doc/manpages/certtool.1: updated certtool info.
10094
2011-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10096
* lib/algorithms/ciphersuites.c: corrected bug in ciphersuite name
10099
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10101
* doc/cha-auth.texi: Discussed the newly added ciphersuites.
10103
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10105
* doc/Makefile.am: Added algorithms/ to function index.
10107
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10109
* lib/algorithms/ciphersuites.c: Added ECC ciphersuites from
10112
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10114
* src/certtool.c: Print the private key after generation. Print ECC
10117
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10119
* lib/algorithms/ecc.c, lib/gnutls_ecc.c,
10120
lib/includes/gnutls/abstract.h, lib/includes/gnutls/x509.h,
10121
lib/libgnutls.map, lib/x509/privkey.c: Added
10122
gnutls_x509_privkey_import_ecc_raw() and
10123
gnutls_x509_privkey_export_ecc_raw().
10125
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10127
* lib/x509/privkey.c: Decode PEM ECC private keys.
10129
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10131
* lib/algorithms.h, lib/algorithms/ecc.c, lib/x509/key_encode.c,
10132
lib/x509/privkey.c, src/certtool-gaa.c, src/certtool-gaa.h,
10133
src/certtool.c, src/certtool.gaa: updates to allow the generation of
10134
an ECC private key.
10136
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10138
* lib/x509_b64.c: do not crash on null message.
10140
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10142
* .gitignore: updated
10144
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10146
* lib/algorithms/ciphersuites.c, lib/algorithms/kx.c,
10147
lib/auth/cert.c, lib/auth/dhe.c, lib/gnutls_pk.c, lib/gnutls_pk.h,
10148
lib/gnutls_pubkey.c, lib/gnutls_sig.c, lib/gnutls_state.c,
10149
lib/includes/gnutls/gnutls.h.in, lib/nettle/ecc_sign_hash.c,
10150
lib/nettle/pk.c, lib/nettle/rnd.c, lib/nettle/rnd.h,
10151
lib/x509/common.h, lib/x509/verify.c: Added support for verifying
10152
server certificates with ECDSA.
10154
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10156
* lib/ext/ecc.c: Only reply with ECC Packet format extension if we
10157
have negotiated ECC.
10159
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10161
* tests/pathlen/ca-no-pathlen.pem,
10162
tests/pathlen/no-ca-or-pathlen.pem, tests/pkcs12_s2k_pem.c: leak fix
10163
and updates for new formats.
10165
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10167
* tests/suite/testcompat-main: Added ECDHE-RSA tests.
10169
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10171
* lib/algorithms/secparams.c, lib/gnutls_pubkey.c: always put
10172
leading zero to output keys
10174
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10176
* lib/x509/output.c: print the bits together with the security
10179
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10181
* lib/x509/privkey.c, lib/x509/privkey_pkcs8.c: leaks fixes.
10183
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10185
* lib/pkcs11.c: corrected file descriptor leak.
10187
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10189
* libextra/gnutls_extra.c: gnutls_algorithms.h -> algorithms.h
10191
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10193
* lib/x509/key_decode.c, lib/x509/key_encode.c: corrected ECC public
10194
key encoding/decoding.
10196
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10198
* src/certtool-common.c, src/certtool.c: Corrected bug in public key
10199
import. print information on ECC public keys.
10201
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10203
* lib/includes/gnutls/crypto.h, lib/nettle/pk.c,
10204
lib/x509/key_encode.c, lib/x509/x509_int.h: No need to keep Z in
10205
parameters since the pubkey can always be converted to an affine
10208
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10210
* lib/algorithms/secparams.c, lib/gnutls_pubkey.c,
10211
lib/includes/gnutls/abstract.h, lib/libgnutls.map,
10212
lib/x509/common.c, lib/x509/key_decode.c, lib/x509/mpi.c,
10213
lib/x509/output.c: print information on ECC certificates.
10215
2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10217
* lib/abstract_int.h, lib/algorithms.h, lib/algorithms/ecc.c,
10218
lib/auth/anon.h, lib/auth/ecdh_common.c, lib/auth/ecdh_common.h,
10219
lib/auth/rsa.c, lib/auth/rsa_export.c, lib/ext/ecc.c,
10220
lib/gnutls.asn, lib/gnutls_asn1_tab.c, lib/gnutls_ecc.c,
10221
lib/gnutls_ecc.h, lib/gnutls_errors.c, lib/gnutls_int.h,
10222
lib/gnutls_pk.c, lib/gnutls_pk.h, lib/gnutls_privkey.c,
10223
lib/gnutls_pubkey.c, lib/gnutls_rsa_export.c,
10224
lib/gnutls_rsa_export.h, lib/gnutls_sig.c, lib/gnutls_sig.h,
10225
lib/gnutls_state.c, lib/gnutls_state.h,
10226
lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
10227
lib/libgnutls.map, lib/nettle/ecc_test.c, lib/nettle/pk.c,
10228
lib/openpgp/openpgp_int.h, lib/openpgp/pgp.c,
10229
lib/openpgp/privkey.c, lib/x509/Makefile.am, lib/x509/common.c,
10230
lib/x509/common.h, lib/x509/crq.c, lib/x509/key_decode.c,
10231
lib/x509/key_encode.c, lib/x509/mpi.c, lib/x509/privkey.c,
10232
lib/x509/privkey_pkcs8.c, lib/x509/verify.c, lib/x509/x509.c,
10233
lib/x509/x509_int.h, lib/x509/x509_write.c: gnutls_pk_params_st is
10234
used internally to transfer public key parameters. This replaces the
10235
raw bigint_t arrays.
10237
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10239
* lib/algorithms.h, lib/algorithms/ciphersuites.c,
10240
lib/algorithms/ecc.c, lib/auth/ecdh_common.c, lib/ext/ecc.c,
10241
lib/ext/ecc.h: Curve TLS ID is being stored in algorithms/ecc.c.
10243
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10245
* configure.ac, lib/Makefile.am, lib/algorithms.h,
10246
lib/algorithms/Makefile.am, lib/algorithms/cert_types.c,
10247
lib/algorithms/ciphers.c, lib/algorithms/ciphersuites.c,
10248
lib/algorithms/ecc.c, lib/algorithms/kx.c, lib/algorithms/mac.c,
10249
lib/algorithms/protocols.c, lib/algorithms/publickey.c,
10250
lib/algorithms/secparams.c, lib/algorithms/sign.c, lib/auth/cert.c,
10251
lib/auth/dh_common.c, lib/auth/dhe.c, lib/auth/ecdh_common.c,
10252
lib/auth/rsa.c, lib/auth/rsa_export.c, lib/ext/session_ticket.c,
10253
lib/ext/signature.c, lib/ext/srp.c, lib/gnutls_algorithms.c,
10254
lib/gnutls_algorithms.h, lib/gnutls_auth.c, lib/gnutls_cert.c,
10255
lib/gnutls_cipher.c, lib/gnutls_cipher_int.c,
10256
lib/gnutls_compress.c, lib/gnutls_constate.c, lib/gnutls_ecc.c,
10257
lib/gnutls_handshake.c, lib/gnutls_kx.c, lib/gnutls_priority.c,
10258
lib/gnutls_record.c, lib/gnutls_sig.c, lib/gnutls_state.c,
10259
lib/gnutls_v2_compat.c, lib/gnutls_x509.c, lib/nettle/ecc_test.c,
10260
lib/nettle/mpi.c, lib/opencdk/read-packet.c, lib/x509/common.h,
10261
lib/x509/privkey_pkcs8.c: gnutls_algorithms.c was split into
10262
manageable files in algorithms/.
10264
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10266
* lib/gnutls_handshake.c: use the _gnutls_session_is_ecc() to check
10269
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10271
* lib/auth/ecdh_common.c, lib/gnutls_algorithms.c,
10272
lib/includes/gnutls/gnutls.h.in, lib/nettle/pk.c, lib/x509/x509.c:
10273
Added OIDs and definitions for ECDSA signature algorithm.
10275
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10277
* src/benchmark-tls.c: Print purpose of testing.
10279
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10281
* src/benchmark-tls.c: compare ECDH and DH on the same security
10284
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10286
* doc/cha-intro-tls.texi, lib/gnutls_algorithms.c,
10287
lib/gnutls_algorithms.h, lib/gnutls_priority.c: Added ability to
10288
specify curves as priority strings.
10290
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10292
* lib/nettle/ecc.h: removed ecc_is_valid_idx() prototype
10294
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10296
* lib/nettle/ecc.h, lib/nettle/ecc_make_key.c,
10297
lib/nettle/ecc_map.c, lib/nettle/ecc_mulmod.c,
10298
lib/nettle/ecc_points.c, lib/nettle/ecc_projective_add_point.c,
10299
lib/nettle/ecc_projective_dbl_point.c,
10300
lib/nettle/ecc_projective_dbl_point_3.c,
10301
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_test.c,
10302
lib/nettle/ecc_verify_hash.c, lib/nettle/pk.c: Dropped ltc_ from
10303
function and type names.
10305
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10307
* tests/x509cert.c: corrected memory leak.
10309
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10311
* lib/nettle/cipher.c: use new nettle's name for gcm_aes_auth().
10313
2011-05-21 Simon Josefsson <simon@josefsson.org>
10315
* gl/hmac-md5.c, gl/m4/valgrind-tests.m4, gl/memxor.c, gl/memxor.h,
10316
gl/override/lib/hmac-md5.c.diff, gl/override/lib/memxor.c.diff,
10317
gl/override/lib/memxor.h.diff,
10318
gl/override/m4/valgrind-tests.m4.diff: Override gnulib code with fix
10319
for memxor and valgrind.
10321
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10323
* lib/auth/anon_ecdh.c, lib/auth/dh_common.c, lib/auth/dhe.c,
10324
lib/auth/ecdh_common.c, lib/gnutls_algorithms.c,
10325
lib/gnutls_global.c, lib/gnutls_handshake.c, lib/gnutls_state.c,
10326
lib/gnutls_state.h, lib/includes/gnutls/gnutls.h.in: Added support
10327
for ECDHE-RSA ciphersuites.
10329
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10331
* tests/eagain-common.h: inlined function to avoid gcc warnings
10333
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10335
* lib/nettle/Makefile.am, lib/nettle/ecc.h, lib/nettle/ecc_free.c,
10336
lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
10337
lib/nettle/ecc_mulmod.c, lib/nettle/ecc_points.c,
10338
lib/nettle/ecc_projective_add_point.c,
10339
lib/nettle/ecc_projective_dbl_point.c,
10340
lib/nettle/ecc_projective_dbl_point_3.c,
10341
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
10342
lib/nettle/ecc_test.c, lib/nettle/ecc_verify_hash.c,
10343
lib/nettle/ltc_ecc_map.c, lib/nettle/ltc_ecc_mulmod.c,
10344
lib/nettle/ltc_ecc_points.c,
10345
lib/nettle/ltc_ecc_projective_add_point.c,
10346
lib/nettle/ltc_ecc_projective_dbl_point.c: Added previous code that
10347
was fixed for y^2 = x^3 - 3x + b, because all secg curves have a
10348
fixed to -3. Simplified file naming scheme.
10350
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10352
* lib/gnutls_algorithms.c, lib/gnutls_int.h: Added SECP224R1.
10354
2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10356
* src/Makefile.am, src/benchmark-cipher.c, src/benchmark-tls.c,
10357
src/benchmark.c, src/benchmark.h: updates to benchmarks.
10359
2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10361
* lib/gnutls_algorithms.c, lib/gnutls_int.h, lib/gnutls_priority.c,
10362
lib/nettle/ecc_test.c: Added curve SECP512R1.
10364
2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10366
* src/benchmark-cipher.c, src/benchmark-common.c, src/benchmark.c:
10367
benchmark ECDH and DH.
10369
2011-05-20 Simon Josefsson <simon@josefsson.org>
10371
* build-aux/config.rpath, gl/Makefile.am, gl/alignof.h,
10372
gl/glthread/lock.c, gl/glthread/lock.h, gl/glthread/threadlib.c,
10373
gl/hmac-md5.c, gl/intprops.h, gl/m4/gnulib-cache.m4,
10374
gl/m4/gnulib-comp.m4, gl/m4/strerror.m4, gl/m4/strerror_r.m4,
10375
gl/m4/thread.m4, gl/m4/valgrind-tests.m4, gl/m4/yield.m4,
10376
gl/memxor.c, gl/memxor.h, gl/stdint.in.h, gl/strerror-impl.h,
10377
gl/strerror.c, gl/strerror_r.c, gl/tests/Makefile.am,
10378
gl/tests/dummy.c, gl/tests/glthread/thread.c,
10379
gl/tests/glthread/thread.h, gl/tests/glthread/yield.h,
10380
gl/tests/test-intprops.c, gl/tests/test-lock.c,
10381
gl/tests/test-strerror.c, gl/tests/test-strerror_r.c: Update gnulib
10384
2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10386
* lib/auth/ecdh_common.c, lib/gnutls_handshake.c, src/common.c:
10387
client side ECC fixes.
10389
2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10391
* src/cli.c: corrected debugging.
10393
2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10395
* lib/auth/ecdh_common.c, lib/gnutls_algorithms.c,
10396
lib/gnutls_algorithms.h, lib/gnutls_global.c,
10397
lib/includes/gnutls/crypto.h, lib/nettle/ecc.h,
10398
lib/nettle/ecc_free.c, lib/nettle/ecc_make_key.c,
10399
lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
10400
lib/nettle/ecc_test.c, lib/nettle/ecc_verify_hash.c,
10401
lib/nettle/ltc_ecc_map.c, lib/nettle/ltc_ecc_mulmod.c,
10402
lib/nettle/ltc_ecc_points.c,
10403
lib/nettle/ltc_ecc_projective_add_point.c,
10404
lib/nettle/ltc_ecc_projective_dbl_point.c, lib/nettle/pk.c,
10405
lib/x509/x509_int.h: Account 'A' in calculations for point doubling.
10407
2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10409
* gl/Makefile.am, gl/alignof.h, gl/close-hook.c, gl/close-hook.h,
10410
gl/error.c, gl/error.h, gl/fd-hook.c, gl/fd-hook.h,
10411
gl/glthread/lock.c, gl/glthread/lock.h, gl/glthread/threadlib.c,
10412
gl/intprops.h, gl/m4/error.m4, gl/m4/fcntl_h.m4, gl/m4/fseeko.m4,
10413
gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/inttypes.m4,
10414
gl/m4/manywarnings.m4, gl/m4/memchr.m4, gl/m4/netdb_h.m4,
10415
gl/m4/stdint.m4, gl/m4/stdio_h.m4, gl/m4/strerror.m4,
10416
gl/m4/strerror_r.m4, gl/m4/string_h.m4, gl/m4/sys_uio_h.m4,
10417
gl/m4/thread.m4, gl/m4/unistd_h.m4, gl/m4/warnings.m4,
10418
gl/m4/wchar_h.m4, gl/m4/yield.m4, gl/malloc.c, gl/netdb.in.h,
10419
gl/realloc.c, gl/sockets.c, gl/stdint.in.h, gl/stdio.in.h,
10420
gl/stdlib.in.h, gl/strerror-impl.h, gl/strerror.c, gl/strerror_r.c,
10421
gl/string.in.h, gl/sys_socket.in.h, gl/sys_uio.in.h,
10422
gl/tests/Makefile.am, gl/tests/dummy.c, gl/tests/fcntl.in.h,
10423
gl/tests/glthread/thread.c, gl/tests/glthread/thread.h,
10424
gl/tests/glthread/yield.h, gl/tests/intprops.h,
10425
gl/tests/inttypes.in.h, gl/tests/test-fcntl-h.c,
10426
gl/tests/test-intprops.c, gl/tests/test-inttypes.c,
10427
gl/tests/test-lock.c, gl/tests/test-strerror.c,
10428
gl/tests/test-strerror_r.c, gl/tests/test-sys_socket.c,
10429
gl/tests/test-sys_uio.c, gl/unistd.in.h, gl/verify.h, gl/wchar.in.h:
10430
Added new gnulib and error.h.
10432
2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10434
* lib/gnutls_global.c: removed debugging.
10436
2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10438
* cfg.mk: added error.h
10440
2011-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10442
* lib/Makefile.am, lib/auth/Makefile.am, lib/auth/anon.h,
10443
lib/auth/anon_ecdh.c, lib/auth/ecdh_common.c,
10444
lib/auth/ecdh_common.h, lib/ext/Makefile.am, lib/ext/ecc.c,
10445
lib/ext/ecc.h, lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
10446
lib/gnutls_dh.c, lib/gnutls_ecc.c, lib/gnutls_ecc.h,
10447
lib/gnutls_errors.c, lib/gnutls_extensions.c, lib/gnutls_global.c,
10448
lib/gnutls_int.h, lib/gnutls_pk.c, lib/gnutls_pk.h,
10449
lib/gnutls_priority.c, lib/gnutls_state.c, lib/gnutls_state.h,
10450
lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
10451
lib/nettle/Makefile.am, lib/nettle/ecc.h, lib/nettle/ecc_free.c,
10452
lib/nettle/ecc_make_key.c, lib/nettle/ecc_shared_secret.c,
10453
lib/nettle/ecc_sign_hash.c, lib/nettle/ecc_test.c,
10454
lib/nettle/ecc_verify_hash.c, lib/nettle/gnettle.h,
10455
lib/nettle/ltc_ecc_map.c, lib/nettle/ltc_ecc_mulmod.c,
10456
lib/nettle/ltc_ecc_points.c,
10457
lib/nettle/ltc_ecc_projective_add_point.c,
10458
lib/nettle/ltc_ecc_projective_dbl_point.c,
10459
lib/nettle/mp_unsigned_bin.c, lib/nettle/mpi.c, lib/nettle/multi.c,
10460
lib/nettle/pk.c, lib/nettle/rnd.c, lib/nettle/rnd.h,
10461
lib/x509/x509_int.h: Initial ecc support. Adds support for anonymous
10464
2011-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10466
* src/benchmark-common.c, src/benchmark.h: more win32 fixes.
10468
2011-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10470
* src/benchmark-common.c: corrections in win32 version.
10472
2011-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10474
* lib/ext/signature.c, lib/gnutls_extensions.c: Some debugging moved
10477
2011-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10479
* src/Makefile.am, src/benchmark-common.c, src/benchmark-tls.c,
10480
src/benchmark.c, src/benchmark.h, tests/eagain-common.h: Added
10481
benchmark utility that tests the encryption time in TLS packets.
10483
2011-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10485
* src/p11common.c: corrected message reporting.
10487
2011-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10489
* src/p11common.c: Corrected PIN caching.
10491
2011-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10493
* lib/gnutls_record.c: assign value
10495
2011-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10497
* lib/nettle/mpi.c: reduce the repetitions for rabin-miller to a
10500
2011-05-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10502
* doc/cha-intro-tls.texi: discuss missing algorithms.
10504
2011-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10508
2011-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10510
* lib/gnutls_str.c, lib/gnutls_str.h, lib/pkcs11.c: Correctly import
10511
and export pkcs11-urls with ID field set.
10513
2011-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10515
* lib/nettle/egd.c, lib/opencdk/literal.c, lib/opencdk/misc.c,
10516
lib/opencdk/read-packet.c, lib/pkcs11.c, lib/x509/common.c,
10517
lib/x509_b64.c, lib/x509_b64.h: eliminated last instances of
10518
strcpy() and strcat() to keep pendantics happy.
10520
2011-05-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10522
* doc/cha-intro-tls.texi: update on compatibility issues text.
10524
2011-05-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10526
* lib/pkcs11.c: doc update in gnutls_pkcs11_init()
10528
2011-05-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10530
* doc/cha-preface.texi: removed references that produced nothing in
10533
2011-05-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10535
* doc/cha-intro-tls.texi: Added missing nodes.
10537
2011-05-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10539
* doc/cha-intro-tls.texi: Added discussion on compatibility issues.
10541
2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10543
* libextra/gnutls_openssl.c: undef X509_NAME before including
10546
2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10548
* NEWS, doc/cha-gtls-app.texi, lib/accelerated/intel/aes-x86.c,
10549
lib/auth/rsa.c, lib/auth/rsa_export.c, lib/auth/srp.c,
10550
lib/gnutls_buffers.c, lib/gnutls_dtls.c, lib/gnutls_errors.c,
10551
lib/gnutls_errors.h, lib/gnutls_global.c, lib/gnutls_global.h,
10552
lib/gnutls_handshake.c, lib/gnutls_record.c,
10553
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli.c,
10554
src/serv.c: Added gnutls_global_set_audit_log_function() that allows
10555
associating TLS session with several important issues.
10557
2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10559
* NEWS, lib/x509/crq.c: updates
10561
2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10563
* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
10564
lib/x509/crq.c, lib/x509/x509_write.c, tests/crq_key_id.c: Added
10565
gnutls_x509_crq_verify().
10567
2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10569
* doc/manpages/certtool.1, src/Makefile.am, src/certtool-common.c,
10570
src/certtool-common.h, src/certtool.c, src/common.c,
10571
src/p11common.c, src/p11common.h, src/pkcs11.c: certtool can now
10572
load private keys and public keys from PKCS #11 tokens (via URLs).
10574
2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10576
* lib/pkcs11_privkey.c: gnutls_pkcs11_privkey_import_url() will
10577
correctly set algorithm of private key.
10579
2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10581
* src/Makefile.am, src/certtool.c, src/p11tool.c: No libgnutls-extra
10582
is required for certtool or p11tool.
10584
2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10586
* tests/rng-fork.c: Do not use /tmp for temporary file. Just use the
10587
local (test) directory.
10589
2011-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10591
* tests/hostname-check.c: Added a check to verify that we don't try
10592
forever trying to verify too many wildcards.
10594
2011-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10596
* THANKS, lib/gnutls_str.c, lib/gnutls_str.h, lib/openpgp/pgp.c,
10597
lib/x509/rfc2818_hostname.c: _gnutls_hostname_compare() was
10598
incredibly slow when over ten wildcards were present. Set a limit on
10599
6 wildcards to avoid any denial of service attack. Reported by Kalle
10602
2011-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10604
* lib/gnutls_str.c, lib/opencdk/misc.c: Use c_toupper to avoid
10605
converting characters non in the english ASCII set. Reported by
10606
Kalle Olavi Niemitalo.
10608
2011-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10610
* lib/x509/verify-high.c: use > 0 instead of == 1.
10612
2011-05-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10614
* .gitignore, NEWS, lib/gnutls_cert.c,
10615
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/x509.h,
10616
lib/libgnutls.map, lib/x509/verify-high.c, tests/Makefile.am,
10617
tests/x509cert.c: Added gnutls_certificate_get_issuer() to allow
10618
getting the issuer a certificate from the certificate credentials
10621
2011-04-30 Andreas Metzler <ametzler@downhill.at.eu.org>
10623
* doc/manpages/p11tool.1: escape dashes in manpage Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
10625
2011-05-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10627
* .gitignore, gl/m4/.gitignore, gl/m4/byteswap.m4,
10628
gl/m4/codeset.m4, gl/m4/fcntl-o.m4, gl/m4/fcntl_h.m4,
10629
gl/m4/func.m4, gl/m4/gettext.m4, gl/m4/glibc2.m4, gl/m4/glibc21.m4,
10630
gl/m4/hmac-md5.m4, gl/m4/iconv.m4, gl/m4/intdiv0.m4, gl/m4/intl.m4,
10631
gl/m4/intldir.m4, gl/m4/intlmacosx.m4, gl/m4/intmax.m4,
10632
gl/m4/inttypes-pri.m4, gl/m4/lcmessage.m4, gl/m4/ld-output-def.m4,
10633
gl/m4/ld-version-script.m4, gl/m4/lock.m4, gl/m4/md5.m4,
10634
gl/m4/memmem.m4, gl/m4/memxor.m4, gl/m4/nls.m4, gl/m4/po.m4,
10635
gl/m4/printf-posix.m4, gl/m4/progtest.m4, gl/m4/strcase.m4,
10636
gl/m4/strdup.m4, gl/m4/strings_h.m4, gl/m4/strverscmp.m4,
10637
gl/m4/threadlib.m4, gl/m4/time_r.m4, gl/m4/uintmax_t.m4,
10638
gl/m4/valgrind-tests.m4, gl/m4/vasprintf.m4, gl/m4/visibility.m4,
10639
gl/m4/vsnprintf.m4, gl/tests/.gitignore, gl/tests/intprops.h,
10640
gl/tests/test-byteswap.c, gl/tests/test-func.c,
10641
gl/tests/test-hmac-md5.c, gl/tests/test-md5.c,
10642
gl/tests/test-strings.c, gl/tests/test-strverscmp.c,
10643
gl/tests/test-u64.c, gl/tests/test-vasprintf.c,
10644
gl/tests/test-vsnprintf.c: Added missing m4 gl files.
10646
2011-05-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10648
* NEWS: documented previous updates.
10650
2011-04-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10652
* tests/suite/testcompat-main: Check for openssl 1.0.x to test DTLS.
10654
2011-04-28 Ludovic Courtès <ludo@gnu.org>
10656
* guile/modules/Makefile.am, guile/modules/gnutls/build/tests.scm,
10657
guile/tests/anonymous-auth.scm, guile/tests/errors.scm,
10658
guile/tests/openpgp-auth.scm, guile/tests/openpgp-keyring.scm,
10659
guile/tests/openpgp-keys.scm, guile/tests/pkcs-import-export.scm,
10660
guile/tests/session-record-port.scm, guile/tests/srp-base64.scm,
10661
guile/tests/x509-auth.scm, guile/tests/x509-certificates.scm: guile:
10662
Fix tests to match the `exit' behavior introduced in Guile 2.0.1. This fix makes tests behave correctly wrt. to the Guile bug fix at
10664
<http://git.sv.gnu.org/cgit/guile.git/commit/?id=e309f3bf9ee910c4772353ca3ff95f6f4ef466b5>.
10666
2011-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10668
* lib/gnutls.pc.in: removed pakchois dependency
10670
2011-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10672
* NEWS, configure.ac: updated for release
10674
2011-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10676
* tests/x509dn.c: added missing header.
10678
2011-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10680
* lib/accelerated/intel/Makefile.am: pass tag=CC to libtool. It
10681
seems automake cannot really work with assembler sources.
10683
2011-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10685
* lib/gnutls_pcert.c, lib/openpgp/gnutls_openpgp.c: documentation
10688
2011-04-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10690
* cfg.mk: start counting from 2009 for ChangeLog.
10692
2011-04-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10694
* tests/hostname-check.c: Removed incorrect test on IPAddresses (was
10695
relying on IPaddresses encoded as text)
10697
2011-04-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10699
* lib/x509/rfc2818_hostname.c: gnutls_x509_crt_check_hostname() will
10700
never compare against IPaddress. (previous comparison was flawed)
10702
2011-04-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10704
* doc/examples/ex-cert-select.c, lib/auth/cert.c, lib/auth/cert.h,
10705
lib/gnutls_cert.c, lib/includes/gnutls/abstract.h,
10706
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/certtool.c,
10707
src/cli.c, tests/x509dn.c: Added
10708
gnutls_certificate_set_retrieve_function2() to replace
10709
gnutls_certificate_set_retrieve_function(). The new one is a
10710
efficient for busy servers because it eliminates the need for the
10711
server to encode the certificate to DER format.
10713
2011-04-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10715
* lib/gnutls_alert.c, lib/gnutls_errors.c,
10716
lib/includes/gnutls/gnutls.h.in: Added GNUTLS_E_USER_ERROR
10718
2011-04-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10720
* lib/auth/cert.c, lib/ext/signature.c, lib/ext/signature.h,
10721
lib/gnutls_pcert.c, lib/includes/gnutls/abstract.h,
10722
lib/libgnutls.map: Eliminated the need for sign_algo in
10723
gnutls_pcert_st. This means that we don't follow RFC5246 by letter,
10724
but there wasn't any other implementation using the sign_algorithm
10725
part of the certificate selection, and this helps reduce complexity.
10727
2011-04-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10729
* src/cfg/Makefile.am, src/cfg/README: Added readme for libcfg.
10731
2011-04-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10733
* configure.ac: No need to check for -maes and -mpclmul with the
10734
current AES-NI code.
10736
2011-04-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10738
* .gitignore: updated
10740
2011-04-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10742
* lib/Makefile.am, lib/abstract_int.h, lib/auth/cert.c,
10743
lib/auth/cert.h, lib/auth/dhe.c, lib/auth/rsa.c,
10744
lib/auth/rsa_export.c, lib/auth/srp_rsa.c, lib/ext/signature.c,
10745
lib/ext/signature.h, lib/gnutls_algorithms.c, lib/gnutls_cert.c,
10746
lib/gnutls_cert.h, lib/gnutls_handshake.c, lib/gnutls_int.h,
10747
lib/gnutls_mpi.c, lib/gnutls_pcert.c, lib/gnutls_privkey.c,
10748
lib/gnutls_pubkey.c, lib/gnutls_sig.c, lib/gnutls_sig.h,
10749
lib/gnutls_state.c, lib/gnutls_ui.c, lib/gnutls_x509.c,
10750
lib/gnutls_x509.h, lib/includes/gnutls/abstract.h,
10751
lib/opencdk/pubkey.c, lib/openpgp/gnutls_openpgp.c,
10752
lib/openpgp/gnutls_openpgp.h, lib/openpgp/openpgp_int.h,
10753
lib/openpgp/pgp.c, lib/openpgp/pgpverify.c, lib/openpgp/privkey.c,
10754
lib/pkcs11_int.h, lib/x509/common.h, lib/x509/pkcs12_encr.c,
10755
lib/x509/sign.c, lib/x509/verify-high.c, lib/x509/verify.c,
10756
lib/x509/x509.c, lib/x509/x509_int.h: Combined external abstract API
10757
with internal usage of gnutls_cert. This results to a
10758
gnutls_pcert_st struct exported in abstract.h. This change will allow a certificate retrieval callback that does
10759
not require gnutls to decode or encode the provided certificate.
10761
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10763
* NEWS, lib/gnutls_priority.c: Restored HMAC-MD5 for compatibility.
10764
Although considered weak, several sites require it for connection.
10765
It is enabled for "NORMAL" and "PERFORMANCE" priority strings.
10767
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10769
* lib/accelerated/intel/aes-x86.c: Try to detect AES-NI on Intel and
10772
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10774
* NEWS, configure.ac, lib/accelerated/intel/Makefile.am,
10775
lib/accelerated/intel/README, lib/accelerated/intel/aes-x86.c,
10776
lib/accelerated/intel/asm/appro-aes-x86-64.s,
10777
lib/accelerated/intel/asm/appro-aes-x86.s,
10778
lib/accelerated/intel/asm/x64_iaesx64.s,
10779
lib/accelerated/intel/asm/x86_iaesx86.s,
10780
lib/accelerated/intel/iaes_asm_interface.h,
10781
lib/accelerated/intel/iaesni.h, lib/accelerated/intel/license.txt:
10782
Added Andy Polyakov's version of AES-NI optimizations.
10784
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10786
* .gitignore: more files to ignore
10788
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10790
* src/tests.c: COMP-ZLIB -> COMP-DEFLATE
10792
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10794
* lib/Makefile.am, m4/hooks.m4: Link with pthreads.
10796
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10798
* doc/Makefile.am: read API from new directories as well.
10800
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10802
* lib/accelerated/Makefile.am: corrected filename
10804
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10806
* lib/ext/session_ticket.c: removed conditional compilation
10808
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10810
* lib/ext/session_ticket.h: removed conditional compilation.
10812
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10814
* lib/accelerated/cryptodev.c: use correct header.
10816
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10818
* lib/README: documented directories.
10820
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10822
* lib/Makefile.am, lib/accelerated/Makefile.am,
10823
lib/accelerated/cryptodev.c, lib/accelerated/cryptodev.h,
10824
lib/cryptodev.c, lib/gnutls_cryptodev.h, lib/gnutls_global.c: Moved
10825
cryptodev to accelerated/
10827
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10829
* lib/gnutls_extensions.c, lib/gnutls_handshake.c: Session tickets
10830
are included unconditionally.
10832
2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10834
* configure.ac, lib/Makefile.am, lib/auth/Makefile.am,
10835
lib/auth/anon.c, lib/auth/anon.h, lib/auth/cert.c, lib/auth/cert.h,
10836
lib/auth/dh_common.c, lib/auth/dh_common.h, lib/auth/dhe.c,
10837
lib/auth/dhe_psk.c, lib/auth/psk.c, lib/auth/psk.h,
10838
lib/auth/psk_passwd.c, lib/auth/psk_passwd.h, lib/auth/rsa.c,
10839
lib/auth/rsa_export.c, lib/auth/srp.c, lib/auth/srp.h,
10840
lib/auth/srp_passwd.c, lib/auth/srp_passwd.h, lib/auth/srp_rsa.c,
10841
lib/auth/srp_sb64.c, lib/auth_anon.c, lib/auth_anon.h,
10842
lib/auth_cert.c, lib/auth_cert.h, lib/auth_dh_common.c,
10843
lib/auth_dh_common.h, lib/auth_dhe.c, lib/auth_dhe_psk.c,
10844
lib/auth_psk.c, lib/auth_psk.h, lib/auth_psk_passwd.c,
10845
lib/auth_psk_passwd.h, lib/auth_rsa.c, lib/auth_rsa_export.c,
10846
lib/auth_srp.c, lib/auth_srp.h, lib/auth_srp_passwd.c,
10847
lib/auth_srp_passwd.h, lib/auth_srp_rsa.c, lib/auth_srp_sb64.c,
10848
lib/ext/Makefile.am, lib/ext/cert_type.c, lib/ext/cert_type.h,
10849
lib/ext/max_record.c, lib/ext/max_record.h,
10850
lib/ext/safe_renegotiation.c, lib/ext/safe_renegotiation.h,
10851
lib/ext/server_name.c, lib/ext/server_name.h,
10852
lib/ext/session_ticket.c, lib/ext/session_ticket.h,
10853
lib/ext/signature.c, lib/ext/signature.h, lib/ext/srp.c,
10854
lib/ext/srp.h, lib/ext_cert_type.c, lib/ext_cert_type.h,
10855
lib/ext_max_record.c, lib/ext_max_record.h,
10856
lib/ext_safe_renegotiation.c, lib/ext_safe_renegotiation.h,
10857
lib/ext_server_name.c, lib/ext_server_name.h,
10858
lib/ext_session_ticket.c, lib/ext_session_ticket.h,
10859
lib/ext_signature.c, lib/ext_signature.h, lib/ext_srp.c,
10860
lib/ext_srp.h, lib/gnutls_anon_cred.c, lib/gnutls_auth.c,
10861
lib/gnutls_cert.c, lib/gnutls_extensions.c, lib/gnutls_handshake.c,
10862
lib/gnutls_psk.c, lib/gnutls_record.c, lib/gnutls_session_pack.c,
10863
lib/gnutls_sig.c, lib/gnutls_srp.c, lib/gnutls_state.c,
10864
lib/gnutls_ui.c, lib/gnutls_x509.c, lib/openpgp/gnutls_openpgp.h,
10865
m4/hooks.m4: The auth_ and ext_ files were moved to respective
10868
2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10870
* doc/cha-intro-tls.texi: Reorganized sections in documentation.
10872
2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10874
* doc/examples/ex-cxx.cpp: removed unneeded comment.
10876
2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10878
* tests/cve-2009-1416.c, tests/pkcs12_s2k_pem.c: Added missing
10881
2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10883
* tests/suite/Makefile.am, tests/suite/chain, tests/suite/testbig,
10884
tests/suite/testbig-main, tests/suite/testcompat,
10885
tests/suite/testcompat-main, tests/suite/x509paths/.gitignore,
10886
tests/suite/x509paths/README, tests/x509paths/README,
10887
tests/x509paths/chain: x509paths tests moved to suite/.
10889
2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10891
* tests/certs/cert-rsa-2432.pem, tests/certs/rsa-2432.pem,
10892
tests/scripts/common.sh, tests/suite/Makefile.am,
10893
tests/suite/testbig, tests/suite/testbig-main: Added
10894
interoperability tests with openssl.
10896
2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10898
* lib/gnutls_buffers.c: Corrected SSLv2 header parsing.
10900
2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10902
* doc/credentials/x509-server-dsa.pem,
10903
doc/credentials/x509-server-key-dsa.pem: corrected illegal DSA key.
10905
2011-04-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10907
* tests/suite/Makefile.am, tests/suite/testsrn: Enabled the extra
10908
safe renegotiation tests.
10910
2011-04-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10912
* m4/hooks.m4: removed opaque PRF from m4.
10914
2011-04-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10916
* lib/gnutls_buffers.c: removed text about select().
10918
2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10920
* configure.ac, lib/Makefile.am: check for libdl that pakchois
10923
2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10925
* lib/Makefile.am, lib/pakchois/README: Added readme about pakchois
10926
and removed checks for pakchois in Makefile.am.
10928
2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10930
* configure.ac, m4/hooks.m4: Reorganization in configure file.
10931
Pakchois is not longer checked for being present. The included
10932
version is always used.
10934
2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10936
* gl/.gitignore, gl/asprintf.c, gl/byteswap.in.h, gl/hmac-md5.c,
10937
gl/hmac.h, gl/md5.c, gl/md5.h, gl/memmem.c, gl/memxor.c,
10938
gl/memxor.h, gl/str-two-way.h, gl/strcasecmp.c, gl/strdup.c,
10939
gl/strings.in.h, gl/strncasecmp.c, gl/strverscmp.c, gl/time_r.c,
10940
gl/u64.h, gl/unistd.h, gl/vasprintf.c, gl/vsnprintf.c,
10941
gl/warn-on-use.h, gl/wchar.h: Added missing gnulib files
10943
2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10945
* lib/crypto-api.c: Added missing const.
10947
2011-04-12 Ludovic Courtès <ludo@gnu.org>
10949
* NEWS, src/certtool-common.c, src/certtool.c, src/p11tool.c,
10950
tests/crq_key_id.c, tests/cve-2009-1416.c, tests/pkcs12_s2k_pem.c:
10951
Don't include <gcrypt.h> when it's not needed.
10953
2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10955
* doc/cha-internals.texi: fixed and updates in documentation
10957
2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10959
* doc/gnutls-crypto-layers.eps: Updated crypto layers documentation.
10961
2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10963
* NEWS, lib/accelerated/intel/Makefile.am,
10964
lib/accelerated/intel/aes-x86.c,
10965
lib/accelerated/intel/asm/x64_do_rdtsc.s,
10966
lib/accelerated/intel/asm/x86_do_rdtsc.s, tests/cipher-test.c:
10967
Updates in the AES-NI accelerator.
10969
2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10971
* lib/crypto-api.c, lib/includes/gnutls/crypto.h, lib/libgnutls.map:
10972
Added gnutls_cipher_set_iv().
10974
2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10976
* tests/Makefile.am, tests/cipher-test.c: Added test vectors for
10977
AES,SHAxxx and MD5.
10979
2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10981
* lib/accelerated/intel/aes-x86.c, lib/crypto.c,
10982
lib/includes/gnutls/crypto.h: Increased priority of CPU assisted
10985
2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10987
* src/cli.c: Do not rely on lowat being set.
10989
2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10991
* lib/accelerated/Makefile.am, lib/accelerated/intel/Makefile.am,
10992
lib/accelerated/intel/README: Added README explaining the usage of
10995
2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10997
* lib/gnutls_buffers.c: Corrected parsing error in TLS, when many
10998
handshake messages were packed in a single record message.
11000
2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11002
* .gitignore, configure.ac, lib/accelerated/Makefile.am,
11003
lib/accelerated/accelerated.c, lib/accelerated/aes-x86.c,
11004
lib/accelerated/aes-x86.h, lib/accelerated/intel/Makefile.am,
11005
lib/accelerated/intel/aes-x86.c, lib/accelerated/intel/aes-x86.h,
11006
lib/accelerated/intel/asm/x64_do_rdtsc.s,
11007
lib/accelerated/intel/asm/x64_iaesx64.s,
11008
lib/accelerated/intel/asm/x86_do_rdtsc.s,
11009
lib/accelerated/intel/asm/x86_iaesx86.s,
11010
lib/accelerated/intel/iaes_asm_interface.h,
11011
lib/accelerated/intel/iaesni.h, lib/accelerated/intel/license.txt,
11012
m4/gcc.m4: fixes in acceleration detection. Added Intel's library
11013
code for AES-NI acceleration.
11015
2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11017
* guile/modules/gnutls/build/enums.scm, lib/libgnutls.map,
11018
libextra/Makefile.am: Purged all references of LZO.
11020
2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11022
* configure.ac: removed duplicate test
11024
2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11026
* doc/examples/ex-cxx.cpp, gl/time.in.h: No need to under restrict
11027
for C++. Only use config.h.
11029
2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11031
* NEWS, lib/includes/gnutls/gnutls.h.in, lib/system_override.c:
11032
gnutls_transport_set_global_errno() is no more.
11034
2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11036
* tests/eagain-common.h, tests/safe-renegotiation/Makefile.am,
11037
tests/safe-renegotiation/srn0.c, tests/safe-renegotiation/srn1.c,
11038
tests/safe-renegotiation/srn2.c, tests/safe-renegotiation/srn3.c,
11039
tests/safe-renegotiation/srn4.c, tests/safe-renegotiation/srn5.c:
11040
Combined the safe renegotiation tests with the again-common lib.
11042
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11044
* NEWS, configure.ac, doc/cha-intro-tls.texi, doc/cha-preface.texi,
11045
doc/cha-programs.texi, lib/gnutls_compress.c, lib/gnutls_errors.c,
11046
lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in,
11047
lib/libgnutls.map, libextra/gnutls_extra.c, m4/hooks.m4: Support for
11048
liblzo was dropped.
11050
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11052
* NEWS, configure.ac: bumped version
11054
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11056
* .gitignore, gl/time.h, gl/time.in.h: updated time.h.in
11058
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11060
* lib/gnutls_algorithms.c, lib/gnutls_dtls.c, lib/gnutls_mem.c,
11061
lib/gnutls_psk.c, lib/gnutls_record.c,
11062
lib/includes/gnutls/gnutls.h.in, lib/pkcs11.c,
11063
lib/pkcs11_privkey.c, lib/x509/verify-high.c, lib/x509/verify.c:
11064
Corrected documentation of several API functions.
11066
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11068
* doc/cha-gtls-app.texi, doc/cha-library.texi: documentation
11071
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11073
* doc/scripts/gdoc, doc/scripts/sort2.pl: remove perl warnings from
11076
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11078
* configure.ac, lib/Makefile.am, lib/accelerated/Makefile.am,
11079
lib/accelerated/accelerated.c, lib/accelerated/accelerated.h,
11080
lib/accelerated/aes-x86.c, lib/accelerated/aes-x86.h,
11081
lib/accelerated/x86.h, lib/gnutls_global.c, m4/gcc.m4: Added support
11082
for x86 intel AES instruction acceleration if detected.
11084
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11086
* gl/time.h, gl/unistd.h, gl/warn-on-use.h, gl/wchar.h: Added gl/
11089
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11091
* cfg.mk: corrected po directory and build-aux paths.
11093
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11095
* doc/examples/Makefile.am: include gnulib files.
11097
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11099
* doc/TODO: updated TODO
11101
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11103
* tests/openpgp-certs/testselfsigs: Use --infile in certtool to
11104
avoid issues with streams in windows. Patch by LRN.
11106
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11108
* lib/opencdk/armor.c: Changes armor.c to be able to handle both LF
11109
and CRLF inputs (output is still either LF-only or CRLF-only
11110
depending on the platform). Patch by LRN. Optimizations in the usage of strlen().
11112
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11114
* src/cli.c, src/psk.c, src/serv.c, src/srptool.c, src/tests.c:
11115
Define variables within the intended scope (not windows). Based on
11118
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11120
* doc/examples/ex-cert-select-pkcs11.c, src/common.c, src/pkcs11.c:
11121
Use getpass.h (from gnulib). Patch by LRN.
11123
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11125
* lib/pakchois/dlopen.c: Return correct value for dlclose() in
11126
windows. Patch by LRN.
11128
2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11130
* tests/openpgp-auth.c: Disable openpgp-auth run in windows due to
11131
lack of socketpair(). Patch by LRN.
11133
2011-04-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11135
* Makefile.am: gl before lib or libextra
11137
2011-04-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11139
* ChangeLog: generated
11141
2011-04-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11145
2011-04-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11147
* .gitignore, doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
11148
doc/examples/Makefile.am, doc/examples/ex-client-udp.c,
11149
doc/examples/udp.c, lib/gnutls_state.c: Added documentation for
11152
2011-04-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11156
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11158
* tests/chainverify.c: disable test in windows.
11160
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11162
* tests/mini-x509-rehandshake.c, tests/openpgp-auth.c,
11163
tests/openpgp-auth2.c: corrected leaks in tests.
11165
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11167
* lib/auth_cert.c, lib/gnutls_pk.c: corrected memory leak on RSA
11170
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11172
* lib/x509/common.c: more leaks fixed in common.c
11174
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11176
* lib/gnutls_pubkey.c: Corrected leaks in gnutls_pubkey_t
11179
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11181
* lib/x509/verify-high.c: fix in trusted_list certificate
11184
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11186
* lib/gnutls_privkey.c: correction in deinitialization of privkey.
11188
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11190
* tests/mini-x509-rehandshake.c, tests/mini-x509.c: combined more
11191
tests with eagain-common.h.
11193
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11195
* lib/auth_dh_common.c, lib/gnutls_privkey.c, lib/gnutls_x509.c,
11196
lib/nettle/pk.c, lib/pakchois/pakchois.c, lib/pakchois/pakchois.h,
11197
lib/pkcs11.c, lib/x509/verify-high.c, tests/mini-x509.c: Corrected
11200
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11202
* build-aux/arg-nonnull.h, build-aux/c++defs.h,
11203
build-aux/config.rpath, build-aux/warn-on-use.h, cfg.mk,
11204
gl/Makefile.am, gl/m4/.gitignore, gl/m4/gnulib-cache.m4,
11205
gl/m4/gnulib-comp.m4: added valgrind from gnulib.
11207
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11209
* tests/dsa/testdsa, tests/openpgp-certs/testcerts: Do not run the
11210
test scripts in win32 environment.
11212
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11214
* cfg.mk: use the system wide gnulib-tool.
11216
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11218
* .gitignore: updated
11220
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11224
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11226
* tests/suite/ecore/src/lib/ecore_exe.c: include priority headers
11229
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11231
* configure.ac, tests/Makefile.am, tests/suite/Makefile.am,
11232
tests/suite/Makefile.in: Better way of not including the tests/suite
11233
directory. Based on discussion with LRN and Vincent Torri.
11235
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11237
* .gitignore, Makefile.am, cfg.mk, configure.ac,
11238
doc/examples/Makefile.am, doc/gendocs_template, gl/.gitignore,
11239
gl/Makefile.am, gl/accept.c, gl/alignof.h, gl/alloca.c,
11240
gl/alloca.in.h, gl/arpa_inet.in.h, gl/asnprintf.c, gl/bind.c,
11241
gl/c-ctype.c, gl/c-ctype.h, gl/close-hook.c, gl/close-hook.h,
11242
gl/close.c, gl/connect.c, gl/errno.in.h, gl/error.c, gl/error.h,
11243
gl/fclose.c, gl/float+.h, gl/float.in.h, gl/fseeko.c, gl/ftello.c,
11244
gl/gai_strerror.c, gl/getaddrinfo.c, gl/getdelim.c, gl/getline.c,
11245
gl/getpass.c, gl/getpass.h, gl/gettext.h, gl/gettime.c,
11246
gl/gettimeofday.c, gl/inet_ntop.c, gl/inet_pton.c, gl/intprops.h,
11247
gl/listen.c, gl/lseek.c, gl/m4/.gitignore, gl/m4/00gnulib.m4,
11248
gl/m4/alloca.m4, gl/m4/arpa_inet_h.m4, gl/m4/asm-underscore.m4,
11249
gl/m4/autobuild.m4, gl/m4/clock_time.m4, gl/m4/close.m4,
11250
gl/m4/errno_h.m4, gl/m4/error.m4, gl/m4/extensions.m4,
11251
gl/m4/fclose.m4, gl/m4/float_h.m4, gl/m4/fseeko.m4,
11252
gl/m4/ftello.m4, gl/m4/getaddrinfo.m4, gl/m4/getdelim.m4,
11253
gl/m4/getline.m4, gl/m4/getpagesize.m4, gl/m4/getpass.m4,
11254
gl/m4/gettime.m4, gl/m4/gettimeofday.m4, gl/m4/gnulib-cache.m4,
11255
gl/m4/gnulib-common.m4, gl/m4/gnulib-comp.m4, gl/m4/gnulib-tool.m4,
11256
gl/m4/hostent.m4, gl/m4/include_next.m4, gl/m4/inet_ntop.m4,
11257
gl/m4/inet_pton.m4, gl/m4/intmax_t.m4, gl/m4/inttypes_h.m4,
11258
gl/m4/ioctl.m4, gl/m4/lib-ld.m4, gl/m4/lib-link.m4,
11259
gl/m4/lib-prefix.m4, gl/m4/longlong.m4, gl/m4/lseek.m4,
11260
gl/m4/malloc.m4, gl/m4/manywarnings.m4, gl/m4/memchr.m4,
11261
gl/m4/minmax.m4, gl/m4/mmap-anon.m4, gl/m4/multiarch.m4,
11262
gl/m4/netdb_h.m4, gl/m4/netinet_in_h.m4, gl/m4/perror.m4,
11263
gl/m4/printf.m4, gl/m4/read-file.m4, gl/m4/readline.m4,
11264
gl/m4/realloc.m4, gl/m4/select.m4, gl/m4/servent.m4,
11265
gl/m4/size_max.m4, gl/m4/snprintf.m4, gl/m4/socketlib.m4,
11266
gl/m4/sockets.m4, gl/m4/socklen.m4, gl/m4/sockpfaf.m4,
11267
gl/m4/stdarg.m4, gl/m4/stdbool.m4, gl/m4/stddef_h.m4,
11268
gl/m4/stdint.m4, gl/m4/stdint_h.m4, gl/m4/stdio_h.m4,
11269
gl/m4/stdlib_h.m4, gl/m4/strerror.m4, gl/m4/string_h.m4,
11270
gl/m4/sys_ioctl_h.m4, gl/m4/sys_select_h.m4, gl/m4/sys_socket_h.m4,
11271
gl/m4/sys_stat_h.m4, gl/m4/sys_time_h.m4, gl/m4/time_h.m4,
11272
gl/m4/timespec.m4, gl/m4/ungetc.m4, gl/m4/unistd_h.m4,
11273
gl/m4/valgrind-tests.m4, gl/m4/vasnprintf.m4, gl/m4/version-etc.m4,
11274
gl/m4/warn-on-use.m4, gl/m4/warnings.m4, gl/m4/wchar_h.m4,
11275
gl/m4/wchar_t.m4, gl/m4/wint_t.m4, gl/m4/xsize.m4, gl/malloc.c,
11276
gl/memchr.c, gl/minmax.h, gl/netdb.in.h, gl/netinet_in.in.h,
11277
gl/perror.c, gl/printf-args.c, gl/printf-args.h, gl/printf-parse.c,
11278
gl/printf-parse.h, gl/progname.c, gl/progname.h, gl/read-file.c,
11279
gl/read-file.h, gl/readline.c, gl/readline.h, gl/realloc.c,
11280
gl/recv.c, gl/select.c, gl/send.c, gl/setsockopt.c, gl/shutdown.c,
11281
gl/size_max.h, gl/snprintf.c, gl/socket.c, gl/sockets.c,
11282
gl/sockets.h, gl/stdarg.in.h, gl/stdbool.in.h, gl/stddef.in.h,
11283
gl/stdint.in.h, gl/stdio-impl.h, gl/stdio-write.c, gl/stdio.in.h,
11284
gl/stdlib.in.h, gl/strerror.c, gl/string.in.h, gl/sys_select.in.h,
11285
gl/sys_socket.in.h, gl/sys_stat.in.h, gl/sys_time.in.h,
11286
gl/tests/.gitignore, gl/tests/Makefile.am, gl/tests/binary-io.h,
11287
gl/tests/dummy.c, gl/tests/fcntl.in.h, gl/tests/getpagesize.c,
11288
gl/tests/init.sh, gl/tests/ioctl.c, gl/tests/macros.h,
11289
gl/tests/signature.h, gl/tests/sys_ioctl.in.h,
11290
gl/tests/test-alignof.c, gl/tests/test-alloca-opt.c,
11291
gl/tests/test-arpa_inet.c, gl/tests/test-binary-io.c,
11292
gl/tests/test-c-ctype.c, gl/tests/test-errno.c,
11293
gl/tests/test-fcntl-h.c, gl/tests/test-fseeko.c,
11294
gl/tests/test-ftello.c, gl/tests/test-ftello3.c,
11295
gl/tests/test-getaddrinfo.c, gl/tests/test-getdelim.c,
11296
gl/tests/test-getline.c, gl/tests/test-gettimeofday.c,
11297
gl/tests/test-inet_ntop.c, gl/tests/test-inet_pton.c,
11298
gl/tests/test-lseek.c, gl/tests/test-lseek.sh,
11299
gl/tests/test-memchr.c, gl/tests/test-netdb.c,
11300
gl/tests/test-netinet_in.c, gl/tests/test-perror.c,
11301
gl/tests/test-perror.sh, gl/tests/test-read-file.c,
11302
gl/tests/test-select-fd.c, gl/tests/test-select-in.sh,
11303
gl/tests/test-select-out.sh, gl/tests/test-select-stdin.c,
11304
gl/tests/test-select.c, gl/tests/test-snprintf.c,
11305
gl/tests/test-sockets.c, gl/tests/test-stdbool.c,
11306
gl/tests/test-stddef.c, gl/tests/test-stdint.c,
11307
gl/tests/test-stdio.c, gl/tests/test-stdlib.c,
11308
gl/tests/test-strerror.c, gl/tests/test-string.c,
11309
gl/tests/test-sys_ioctl.c, gl/tests/test-sys_select.c,
11310
gl/tests/test-sys_socket.c, gl/tests/test-sys_stat.c,
11311
gl/tests/test-sys_time.c, gl/tests/test-sys_wait.h,
11312
gl/tests/test-time.c, gl/tests/test-unistd.c,
11313
gl/tests/test-update-copyright.sh, gl/tests/test-vasnprintf.c,
11314
gl/tests/test-vc-list-files-cvs.sh,
11315
gl/tests/test-vc-list-files-git.sh, gl/tests/test-verify.c,
11316
gl/tests/test-version-etc.c, gl/tests/test-version-etc.sh,
11317
gl/tests/test-wchar.c, gl/tests/w32sock.h, gl/tests/zerosize-ptr.h,
11318
gl/time.in.h, gl/timespec.h, gl/unistd.in.h, gl/vasnprintf.c,
11319
gl/vasnprintf.h, gl/verify.h, gl/version-etc-fsf.c,
11320
gl/version-etc.c, gl/version-etc.h, gl/w32sock.h, gl/wchar.in.h,
11321
gl/xsize.h, guile/src/Makefile.am, lib/Makefile.am,
11322
lib/configure.ac, lib/gcrypt/Makefile.am, lib/gl/Makefile.am,
11323
lib/gl/alignof.h, lib/gl/alloca.in.h, lib/gl/asnprintf.c,
11324
lib/gl/asprintf.c, lib/gl/byteswap.in.h, lib/gl/c-ctype.c,
11325
lib/gl/c-ctype.h, lib/gl/close-hook.c, lib/gl/close-hook.h,
11326
lib/gl/errno.in.h, lib/gl/float+.h, lib/gl/float.in.h,
11327
lib/gl/fseeko.c, lib/gl/ftello.c, lib/gl/gettext.h, lib/gl/lseek.c,
11328
lib/gl/m4/00gnulib.m4, lib/gl/m4/alloca.m4,
11329
lib/gl/m4/asm-underscore.m4, lib/gl/m4/byteswap.m4,
11330
lib/gl/m4/codeset.m4, lib/gl/m4/errno_h.m4,
11331
lib/gl/m4/extensions.m4, lib/gl/m4/fcntl-o.m4,
11332
lib/gl/m4/float_h.m4, lib/gl/m4/fseeko.m4, lib/gl/m4/ftello.m4,
11333
lib/gl/m4/func.m4, lib/gl/m4/getpagesize.m4, lib/gl/m4/gettext.m4,
11334
lib/gl/m4/glibc2.m4, lib/gl/m4/glibc21.m4,
11335
lib/gl/m4/gnulib-cache.m4, lib/gl/m4/gnulib-common.m4,
11336
lib/gl/m4/gnulib-comp.m4, lib/gl/m4/gnulib-tool.m4,
11337
lib/gl/m4/iconv.m4, lib/gl/m4/include_next.m4,
11338
lib/gl/m4/intdiv0.m4, lib/gl/m4/intl.m4, lib/gl/m4/intldir.m4,
11339
lib/gl/m4/intlmacosx.m4, lib/gl/m4/intmax.m4,
11340
lib/gl/m4/intmax_t.m4, lib/gl/m4/inttypes-pri.m4,
11341
lib/gl/m4/inttypes_h.m4, lib/gl/m4/lcmessage.m4,
11342
lib/gl/m4/ld-output-def.m4, lib/gl/m4/ld-version-script.m4,
11343
lib/gl/m4/lib-ld.m4, lib/gl/m4/lib-link.m4,
11344
lib/gl/m4/lib-prefix.m4, lib/gl/m4/lock.m4, lib/gl/m4/longlong.m4,
11345
lib/gl/m4/lseek.m4, lib/gl/m4/malloc.m4, lib/gl/m4/memchr.m4,
11346
lib/gl/m4/memmem.m4, lib/gl/m4/minmax.m4, lib/gl/m4/mmap-anon.m4,
11347
lib/gl/m4/multiarch.m4, lib/gl/m4/netdb_h.m4, lib/gl/m4/nls.m4,
11348
lib/gl/m4/po.m4, lib/gl/m4/printf-posix.m4, lib/gl/m4/printf.m4,
11349
lib/gl/m4/progtest.m4, lib/gl/m4/read-file.m4,
11350
lib/gl/m4/realloc.m4, lib/gl/m4/size_max.m4, lib/gl/m4/snprintf.m4,
11351
lib/gl/m4/socketlib.m4, lib/gl/m4/sockets.m4, lib/gl/m4/socklen.m4,
11352
lib/gl/m4/sockpfaf.m4, lib/gl/m4/stdbool.m4, lib/gl/m4/stddef_h.m4,
11353
lib/gl/m4/stdint.m4, lib/gl/m4/stdint_h.m4, lib/gl/m4/stdio_h.m4,
11354
lib/gl/m4/stdlib_h.m4, lib/gl/m4/strcase.m4, lib/gl/m4/string_h.m4,
11355
lib/gl/m4/strings_h.m4, lib/gl/m4/strverscmp.m4,
11356
lib/gl/m4/sys_socket_h.m4, lib/gl/m4/sys_stat_h.m4,
11357
lib/gl/m4/threadlib.m4, lib/gl/m4/time_h.m4, lib/gl/m4/time_r.m4,
11358
lib/gl/m4/uintmax_t.m4, lib/gl/m4/ungetc.m4, lib/gl/m4/unistd_h.m4,
11359
lib/gl/m4/vasnprintf.m4, lib/gl/m4/vasprintf.m4,
11360
lib/gl/m4/visibility.m4, lib/gl/m4/vsnprintf.m4,
11361
lib/gl/m4/warn-on-use.m4, lib/gl/m4/wchar_h.m4,
11362
lib/gl/m4/wchar_t.m4, lib/gl/m4/wint_t.m4, lib/gl/m4/xsize.m4,
11363
lib/gl/malloc.c, lib/gl/memchr.c, lib/gl/memchr.valgrind,
11364
lib/gl/memmem.c, lib/gl/minmax.h, lib/gl/netdb.in.h,
11365
lib/gl/override/lib/gc-libgcrypt.c.diff,
11366
lib/gl/override/lib/gettext.h.diff, lib/gl/printf-args.c,
11367
lib/gl/printf-args.h, lib/gl/printf-parse.c, lib/gl/printf-parse.h,
11368
lib/gl/read-file.c, lib/gl/read-file.h, lib/gl/realloc.c,
11369
lib/gl/size_max.h, lib/gl/snprintf.c, lib/gl/sockets.c,
11370
lib/gl/sockets.h, lib/gl/stdbool.in.h, lib/gl/stddef.in.h,
11371
lib/gl/stdint.in.h, lib/gl/stdio-impl.h, lib/gl/stdio-write.c,
11372
lib/gl/stdio.in.h, lib/gl/stdlib.in.h, lib/gl/str-two-way.h,
11373
lib/gl/strcasecmp.c, lib/gl/string.in.h, lib/gl/strings.in.h,
11374
lib/gl/strncasecmp.c, lib/gl/strverscmp.c, lib/gl/sys_socket.in.h,
11375
lib/gl/sys_stat.in.h, lib/gl/tests/Makefile.am,
11376
lib/gl/tests/binary-io.h, lib/gl/tests/dummy.c,
11377
lib/gl/tests/getpagesize.c, lib/gl/tests/init.sh,
11378
lib/gl/tests/intprops.h, lib/gl/tests/macros.h,
11379
lib/gl/tests/signature.h, lib/gl/tests/test-alloca-opt.c,
11380
lib/gl/tests/test-binary-io.c, lib/gl/tests/test-binary-io.sh,
11381
lib/gl/tests/test-byteswap.c, lib/gl/tests/test-c-ctype.c,
11382
lib/gl/tests/test-errno.c, lib/gl/tests/test-fseeko.c,
11383
lib/gl/tests/test-fseeko.sh, lib/gl/tests/test-fseeko2.sh,
11384
lib/gl/tests/test-ftello.c, lib/gl/tests/test-ftello.sh,
11385
lib/gl/tests/test-ftello2.sh, lib/gl/tests/test-ftello3.c,
11386
lib/gl/tests/test-func.c, lib/gl/tests/test-memchr.c,
11387
lib/gl/tests/test-netdb.c, lib/gl/tests/test-read-file.c,
11388
lib/gl/tests/test-snprintf.c, lib/gl/tests/test-sockets.c,
11389
lib/gl/tests/test-stdbool.c, lib/gl/tests/test-stddef.c,
11390
lib/gl/tests/test-stdint.c, lib/gl/tests/test-stdio.c,
11391
lib/gl/tests/test-stdlib.c, lib/gl/tests/test-string.c,
11392
lib/gl/tests/test-strings.c, lib/gl/tests/test-strverscmp.c,
11393
lib/gl/tests/test-sys_socket.c, lib/gl/tests/test-sys_stat.c,
11394
lib/gl/tests/test-sys_wait.h, lib/gl/tests/test-time.c,
11395
lib/gl/tests/test-unistd.c, lib/gl/tests/test-vasnprintf.c,
11396
lib/gl/tests/test-vasprintf.c, lib/gl/tests/test-verify.c,
11397
lib/gl/tests/test-verify.sh, lib/gl/tests/test-vsnprintf.c,
11398
lib/gl/tests/test-wchar.c, lib/gl/tests/zerosize-ptr.h,
11399
lib/gl/time.in.h, lib/gl/time_r.c, lib/gl/unistd.in.h,
11400
lib/gl/vasnprintf.c, lib/gl/vasnprintf.h, lib/gl/vasprintf.c,
11401
lib/gl/verify.h, lib/gl/vsnprintf.c, lib/gl/w32sock.h,
11402
lib/gl/wchar.in.h, lib/gl/xsize.h, lib/gnutls_int.h,
11403
lib/m4/hooks.m4, lib/minitasn1/Makefile.am, lib/nettle/Makefile.am,
11404
lib/opencdk/Makefile.am, lib/openpgp/Makefile.am, lib/po/LINGUAS,
11405
lib/po/Makevars, lib/po/POTFILES.in, lib/po/cs.po.in,
11406
lib/po/de.po.in, lib/po/fr.po.in, lib/po/it.po.in, lib/po/ms.po.in,
11407
lib/po/nl.po.in, lib/po/pl.po.in, lib/po/sv.po.in, lib/po/vi.po.in,
11408
lib/po/zh_CN.po.in, lib/x509/Makefile.am, libextra/Makefile.am,
11409
libextra/configure.ac, libextra/gl/Makefile.am,
11410
libextra/gl/gnulib.mk, libextra/gl/hmac-md5.c, libextra/gl/hmac.h,
11411
libextra/gl/m4/00gnulib.m4, libextra/gl/m4/extensions.m4,
11412
libextra/gl/m4/gnulib-cache.m4, libextra/gl/m4/gnulib-common.m4,
11413
libextra/gl/m4/gnulib-comp.m4, libextra/gl/m4/gnulib-tool.m4,
11414
libextra/gl/m4/hmac-md5.m4, libextra/gl/m4/ld-output-def.m4,
11415
libextra/gl/m4/ld-version-script.m4, libextra/gl/m4/lib-ld.m4,
11416
libextra/gl/m4/lib-link.m4, libextra/gl/m4/lib-prefix.m4,
11417
libextra/gl/m4/md5.m4, libextra/gl/m4/memxor.m4, libextra/gl/md5.c,
11418
libextra/gl/md5.h, libextra/gl/memxor.c, libextra/gl/memxor.h,
11419
libextra/gl/override/lib/md5.c.diff, libextra/m4/hooks.m4,
11420
m4/hooks.m4, po/LINGUAS, po/Makevars, po/POTFILES.in, po/cs.po.in,
11421
po/de.po.in, po/fr.po.in, po/it.po.in, po/ms.po.in, po/nl.po.in,
11422
po/pl.po.in, po/sv.po.in, po/vi.po.in, po/zh_CN.po.in,
11423
src/Makefile.am, tests/suite/Makefile.in: Use a single configure.ac.
11424
This speed ups compilation and reduces duplication of code (multiple
11425
gl/ libraries etc.). This saves about 2mb in distributed size
11428
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11430
* src/certtool-cfg.c: Avoid using readline.
11432
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11434
* lib/gnutls_buffers.c: initialized ret in _gnutls_writev_emu().
11436
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11438
* lib/includes/gnutls/x509.h: doc fix
11440
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11442
* lib/system.c: removed unneeded variable.
11444
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11446
* lib/auth_cert.c: Corrected check for an unknown sign algorithm.
11449
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11451
* lib/openpgp/output.c: Do not use %e in strftime. Use %d instead
11452
which is identically available in windows as well. Based on patch
11455
2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11457
* lib/x509/output.c, tests/certuniqueid.c: Fixed mismatch in size_t
11458
size. Patch by LRN.
11460
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11462
* lib/system.c, lib/system_override.c: Correctly set errno in win32
11463
using gnutls_transport_set_global_errno(). Based on patch by LRN.
11465
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11467
* tests/eagain-common.h, tests/mini-eagain-dtls.c,
11468
tests/mini-eagain.c, tests/mini.c: Avoid using
11469
gnutls_transport_set_global_errno() and use
11470
gnutls_transport_set_errno() instead.
11472
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11474
* lib/system_override.c: win32 fixes for set_global_errno().
11477
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11479
* src/benchmark.c: Win32 changes for benchmark. Patch by LRN.
11481
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11483
* tests/anonself.c, tests/dhepskself.c, tests/openpgpself.c,
11484
tests/pskself.c, tests/resume.c, tests/rng-fork.c, tests/x509dn.c,
11485
tests/x509self.c: win32 fixes. Patch by LRN.
11487
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11489
* lib/gnutls_buffers.c: minor modification in write_emu().
11491
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11493
* lib/opencdk/literal.c, lib/opencdk/main.h, lib/opencdk/misc.c:
11494
simplified cdk_trim_string() to make it safer to use.
11496
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11498
* lib/x509/privkey_pkcs8.c: correctly reset params.
11500
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11502
* lib/x509/crl.c, lib/x509/x509.c: use correct pointer size.
11504
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11506
* lib/gnutls_algorithms.c: correctly compare sign algorithm_st.
11508
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11510
* lib/opencdk/Makefile.am, lib/opencdk/context.h,
11511
lib/opencdk/main.c, lib/opencdk/main.h, lib/opencdk/opencdk.h,
11512
lib/opencdk/verify.c: removed unused code
11514
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11516
* lib/opencdk/armor.c: null terminate the armored string
11518
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11520
* src/cli.c: properly null terminate string.
11522
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11524
* src/common.c, src/pkcs11.c: check PIN size.
11526
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11528
* src/srptool.c: check salt size.
11530
2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11532
* lib/opencdk/read-packet.c: more clear bounds checking
11534
2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11536
* lib/x509/privkey.c: initialize e and d.
11538
2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11540
* lib/pkcs11_write.c: deinitialize pks variable only when needed.
11542
2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11544
* lib/openpgp/pgpverify.c: Initialize verify.
11546
2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11548
* src/cli.c: initialize session_id_size.
11550
2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11552
* lib/opencdk/misc.c, lib/opencdk/opencdk.h: removed unneeded
11555
2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11557
* lib/pakchois/pakchois.c: correctly traverse slots
11559
2011-04-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11561
* guile/src/core.c: avoid using a freed pointer.
11563
2011-04-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11565
* lib/pkcs11.c: Initialize tinfo using the initially available
11568
2011-04-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11570
* lib/gnutls_dtls.c: corrected debugging info.
11572
2011-04-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11574
* tests/eagain-common.h, tests/mini-eagain-dtls.c,
11575
tests/mini-eagain.c, tests/mini.c: The mini-* programs were
11578
2011-04-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11580
* lib/gnutls_record.c: Do not cleanup bufel after it has been
11581
inserted into buffer.
11583
2011-04-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11585
* lib/gnutls_mbuffers.c: Combined dequeue with remove_front() and
11588
2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11590
* doc/examples/Makefile.am: Compile ex-cert-select-pkcs11 as a
11593
2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11595
* .gitignore, lib/gnutls_buffers.c, lib/gnutls_dtls.c,
11596
lib/gnutls_int.h, lib/gnutls_state.c,
11597
lib/includes/gnutls/gnutls.h.in, lib/system.h, tests/Makefile.am,
11598
tests/eagain-common.h, tests/mini-eagain-dtls.c,
11599
tests/mini-eagain.c, tests/utils.c: Added support for non-blocking
11600
DTLS. Added mini-eagain-dtls to test its operation. Improved
11603
2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11605
* lib/nettle/init.c: gcrypt.h is not really needed. Reported by
11608
2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11610
* src/srptool.c: corrected header inclusion.
11612
2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11614
* src/Makefile.am, src/crypt-gaa.c, src/crypt-gaa.h, src/crypt.c,
11615
src/crypt.gaa, src/srptool-gaa.c, src/srptool-gaa.h, src/srptool.c,
11616
src/srptool.gaa: crypt.* renamed to srptool.*.
11618
2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11620
* lib/gnutls_srp.c: Corrected bug in gnutls_srp_verifier() that
11621
prevented the allocation of a verifier. Reported by Andrew Wiseman.
11623
2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11625
* src/crypt-gaa.c, src/crypt-gaa.h, src/crypt.c, src/crypt.gaa:
11626
Added debug option to srptool.
11628
2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11630
* doc/cha-cert-auth.texi: Documented p11-kit.
11632
2011-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11634
* doc/cha-library.texi: corrected typo
11636
2011-03-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11638
* tests/scripts/common.sh: Added copyright.
11640
2011-03-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11642
* configure.ac, tests/Makefile.am, tests/dsa/testdsa,
11643
tests/openpgp-certs/testcerts, tests/scripts/Makefile.am,
11644
tests/scripts/common.sh: Reorganized scripts that use test servers,
11645
based on patch by Cedric Arbogast.
11647
2011-03-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11649
* src/certtool-gaa.c, src/certtool.gaa: Create certificate request
11650
with stricter permissions. Reported by Luca Capello.
11652
2011-03-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11654
* tests/openpgp-certs/Makefile.am: enabled testcerts.
11656
2011-03-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11658
* tests/openpgp-certs/testcerts: made more silent.
11660
2011-03-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11662
* tests/dsa/testdsa, tests/openpgp-certs/testcerts: Made scripts
11663
bourne shell compliant and not bash.
11665
2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11667
* THANKS: e-mail addresses are not directly recognizable.
11669
2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11671
* lib/opencdk/stream.c: Corrected access to freed memory location.
11672
Reported by Vitaly Kruglikov.
11674
2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11676
* THANKS: added Mark and Vitaly to THANKS.
11678
2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11680
* lib/system.c: Corrected windows system_errno() function. Reported
11681
and patch by Mark Brand.
11683
2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11685
* lib/includes/gnutls/compat.h: C++ compatibility fix for compat.h.
11686
Suggested by Mark Brand.
11688
2011-03-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11690
* lib/opencdk/verify.c: Corrected uninitialized var deinitiation.
11691
Reported by Vitaly Kruglikov.
11693
2011-03-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11695
* lib/gnutls_sig.c: eliminate compiler warning. Reported by Andreas
11698
2011-03-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11700
* lib/includes/gnutls/openpgp.h, lib/openpgp/gnutls_openpgp.c,
11701
lib/openpgp/pgp.c, lib/openpgp/privkey.c: Fix size of
11702
gnutls_openpgp_keyid_t by using the GNUTLS_OPENPGP_KEYID_SIZE
11703
definition. Reported by Andreas Metzler.
11705
2011-03-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11707
* NEWS: included news of 2.12.0
11709
2011-03-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11711
* guile/tests/Makefile.am: added missing files.
11713
2011-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11715
* lib/includes/gnutls/abstract.h, lib/includes/gnutls/gnutls.h.in,
11716
lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/x509.h,
11717
lib/pkcs11.c, lib/x509/crl.c: documentation fixes.
11719
2011-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11721
* tests/dsa/testdsa: Added DSA tests for client certificates as
11724
2011-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11726
* lib/ext_signature.c, lib/ext_signature.h, lib/gnutls_handshake.c,
11727
lib/gnutls_sig.c, lib/includes/gnutls/abstract.h, lib/x509/verify.c:
11728
Simplified signature algorithm selection.
11730
2011-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11732
* src/cli.c: The processed messages go to stdout.
11734
2011-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11736
* lib/gnutls_privkey.c: updated documentation
11738
2011-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11740
* lib/gnutls_algorithms.c, lib/gnutls_int.h,
11741
lib/includes/gnutls/gnutls.h.in: Increased GNUTLS_MAX_ALGORITHM_NUM
11742
to 32. The gnutls_*_list() functions generate the list of algorithm
11743
on the spot and no longer require a static duplicate list of
11744
algorithms. This comes at a cost of not being thread safe (which is
11745
not significant since those functions are only used for special
11748
2011-03-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11750
* lib/gnutls_privkey.c: corrected parameter.
11752
2011-03-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11754
* lib/gnutls_pubkey.c, lib/includes/gnutls/pkcs11.h, lib/pkcs11.c,
11755
lib/pkcs11_privkey.c, lib/pkcs11_secret.c, lib/x509/privkey.c:
11756
Documentation fixes and cleanups.
11758
2011-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11760
* src/cli.c: define variable locally
11762
2011-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11764
* src/cli.c, src/serv.c: use IP_DONTFRAG if it is defined.
11766
2011-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11768
* lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_dtls.c,
11769
lib/gnutls_dtls.h, lib/gnutls_handshake.c, lib/gnutls_handshake.h,
11770
lib/gnutls_int.h, lib/gnutls_record.c,
11771
lib/includes/gnutls/gnutls.h.in, lib/system.c, lib/system.h,
11772
src/cli.c, src/common.h, src/serv.c, src/udp-serv.c: Avoided waiting
11773
for peer's retransmission to ensure receipt of finished messages,
11774
and used a 'timer'-like to retransmit packets.
11776
2011-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11778
* lib/gnutls_dtls.c, lib/includes/gnutls/dtls.h, lib/libgnutls.map:
11779
added gnutls_dtls_get_data_mtu().
11781
2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11783
* tests/dsa/testdsa: make gnutls-cli more quiet.
11785
2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11787
* configure.ac, tests/Makefile.am, tests/dsa/Makefile.am,
11788
tests/dsa/cert.dsa.1024.pem, tests/dsa/cert.dsa.2048.pem,
11789
tests/dsa/cert.dsa.3072.pem, tests/dsa/dsa.1024.pem,
11790
tests/dsa/dsa.2048.pem, tests/dsa/dsa.3072.pem, tests/dsa/testdsa,
11791
tests/suite/Makefile.in: Added test to verify connections with DSA
11792
keys of various sizes.
11794
2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11796
* src/certtool.c: warn on generation of DSA keys of over 1024 bits.
11798
2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11800
* lib/gnutls_alert.c, lib/gnutls_errors.c, lib/gnutls_sig.c,
11801
lib/includes/gnutls/gnutls.h.in: Return a special error code if DSA
11802
keys with over 1024 are being used with TLS 1.x, x<2.
11804
2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11806
* lib/nettle/pk.c: truncate hash size when asking to sign or verify
11807
DSA with a longer hash.
11809
2011-03-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11811
* lib/gnutls_buffers.c, lib/system.c: Check for rejected connections
11812
in system_recv_timeout().
11814
2011-03-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11816
* lib/system_override.c: quickly discuss callback format.
11818
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11820
* lib/gnutls_dtls.c: When sending multiple cookies due to
11821
verification errors do not increase the handshake sequence number
11822
only the record sequence.
11824
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11826
* AUTHORS: updated Jonathan
11828
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11830
* tests/openpgp-auth.c: Added check for RSA ciphersuite in openpgp
11833
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11835
* lib/openpgp/privkey.c: read correct algorithm when decrypting data
11836
and use correct number of private parameters.
11838
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11840
* libextra/gnutls_extra.c: added missing ret.
11842
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11844
* lib/auth_cert.c: Set type when sending empty openpgp key.
11846
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11848
* lib/nettle/rnd.c, tests/Makefile.am, tests/rng-fork.c: Corrected
11849
nettle's RNG behavior on fork and added a test case.
11851
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11853
* guile/tests/openpgp-auth.scm: enabled RSA and removed debugging.
11855
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11857
* lib/gnutls_privkey.c, lib/gnutls_pubkey.c,
11858
lib/includes/gnutls/abstract.h, lib/openpgp/gnutls_openpgp.c,
11859
tests/openpgp-auth.c, tests/openpgp-auth2.c: gnutls_pubkey_t and
11860
gnutls_privkey_t can import either an openpgp subkey or a master
11863
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11865
* guile/tests/openpgp-auth.scm, guile/tests/openpgp-elg-pub.asc,
11866
guile/tests/openpgp-elg-sec.asc, guile/tests/openpgp-keys.scm,
11867
guile/tests/openpgp-pub.asc, guile/tests/openpgp-sec.asc: split the
11868
pgp keys to elgamal and dsa.
11870
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11872
* lib/gnutls_errors.c, lib/includes/gnutls/gnutls.h.in,
11873
lib/openpgp/pgp.c, lib/openpgp/privkey.c: introduced
11874
GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR
11876
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11878
* lib/gnutls_algorithms.c: On unknown public key algorithms return
11881
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11883
* lib/gnutls_privkey.c: Read the public key algorithm from the
11884
selected subkey and not the master key when importing to a
11887
2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11889
* lib/openpgp/gnutls_openpgp.c, tests/openpgpself.c: Documentation
11890
fixed. Added fresh keys to test.
11892
2011-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11894
* tests/openpgpself.c: Test openpgp authentication with DSA-2048 bit
11897
2011-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11899
* lib/openpgp/pgp.c: gnutls_openpgp_crt_get_auth_subkey() will no
11900
longer return an unsupported subkey.
11902
2011-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11904
* lib/x509/verify.c: Corrected verification of DSA-2048 keys.
11905
Reported by teddy@fukt.bsnet.se.
11907
2011-03-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11909
* doc/cha-intro-tls.texi: Added
11910
gnutls_transport_set_vec_push_function().
11912
2011-03-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11914
* lib/gnutls_dtls.c, lib/includes/gnutls/dtls.h, lib/libgnutls.map,
11915
src/udp-serv.c: updated cookie negotiation to use only a prestate
11916
structure and avoids setting data to cookie.
11918
2011-03-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11920
* lib/gnutls_handshake.c: Use DTLS 1.0 instead of SSL 3.0 headers on
11921
client hello in DTLS.
11923
2011-03-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11925
* lib/gnutls_dtls.c, lib/gnutls_errors.c,
11926
lib/includes/gnutls/dtls.h, lib/libgnutls.map, src/udp-serv.c: Added
11927
photuris-like resource protection on the server. Added
11928
gnutls_dtls_cookie_send(), gnutls_dtls_cookie_verify() and
11929
gnutls_dtls_cookie_set() to avoid initializing a session before
11930
cookie is verified.
11932
2011-03-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11934
* lib/crypto-api.c, lib/ext_session_ticket.c,
11935
lib/includes/gnutls/gnutls.h.in: added gnutls_key_generate() to API.
11937
2011-03-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11939
* lib/ext_session_ticket.c: Avoid the usage of structures where the
11940
attribute packed is assumed.
11942
2011-03-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11944
* lib/gnutls_buffers.c, lib/gnutls_buffers.h,
11945
lib/gnutls_handshake.c: renamed gnutls_handshake_buffer_* functions
11946
to gnutls_handshake_hash_buffer_* to separate from new API functions
11947
and corrected its usage.
11949
2011-03-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11951
* lib/gnutls_algorithms.c: Added DSA-SHA256, DSA-SHA224 and
11952
RSA-SHA224 to the supported signature algorithms list. Suggested by
11953
teddy@fukt.bsnet.se
11955
2011-03-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11957
* lib/gnutls_constate.c, lib/gnutls_constate.h,
11958
lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_v2_compat.c:
11959
session->internals.compression_method was removed. It was no longer
11960
required since the new compression algorithm was stored to next
11963
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11965
* lib/gnutls_buffers.c, lib/gnutls_cipher.c, lib/gnutls_constate.c,
11966
lib/gnutls_handshake.c, lib/gnutls_record.c, lib/gnutls_state.h:
11967
_gnutls_is_dtls() is no more. IS_DTLS() is being used instead.
11969
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11971
* lib/ext_session_ticket.c: do not print debugging output on
11974
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11976
* lib/ext_session_ticket.c, lib/gnutls_cipher.c,
11977
lib/gnutls_cipher_int.c, lib/gnutls_constate.c,
11978
lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_record.c:
11979
Properly reset the SSL 3.0 MAC algorithm.
11981
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11983
* lib/gnutls_buffers.c, lib/gnutls_errors.h,
11984
lib/gnutls_handshake.c, lib/x509/verify-high.c: cleanups. Introduced
11985
gnutls_assert_val_fatal() that only prints debugging messages on
11988
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11990
* lib/gnutls_alert.c: Added string for GNUTLS_A_SSL3_NO_CERTIFICATE.
11992
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11994
* lib/gnutls_algorithms.c, lib/gnutls_algorithms.h:
11995
gnutls_version_has_variable_padding is not really needed. A check
11996
for SSL3.0 is more clear.
11998
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12000
* lib/debug.c, lib/gnutls_buffers.c, lib/gnutls_constate.c,
12001
lib/gnutls_handshake.c, lib/gnutls_record.c, lib/gnutls_v2_compat.c:
12002
Corrected SSL2 client hello handling.
12004
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12006
* lib/gnutls_record.c: do not set default record version (i.e. SSL
12007
3.0) during a re-handshake.
12009
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12011
* lib/gnutls_priority.c: default behavior is to send SSL3.0 client
12014
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12016
* lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_priority.c:
12017
corrected ssl3 record version sending in client hello.
12019
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12021
* NEWS, doc/cha-intro-tls.texi, lib/gnutls_buffers.c,
12022
lib/gnutls_int.h, lib/gnutls_record.c, lib/gnutls_state.c,
12023
lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in,
12024
lib/libgnutls.map: gnutls_transport_set_lowat() is no more.
12026
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12028
* lib/gnutls_buffers.c, lib/gnutls_record.c: some cleanups
12030
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12032
* lib/x509/common.h, lib/x509/verify-high.c, lib/x509/verify.c:
12033
gnutls_x509_trust_list_verify_crt shortens the provided certificate
12034
list based on the existing trusted CAs.
12036
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12038
* lib/gnutls_int.h, lib/gnutls_state.c, lib/gnutlsxx.cpp,
12039
lib/includes/gnutls/compat.h, lib/includes/gnutls/dtls.h,
12040
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/gnutlsxx.h,
12041
lib/libgnutls.map, libextra/includes/gnutls/openssl.h, src/cli.c,
12042
src/serv.c: gnutls_init_dtls() was made redundant. The same for
12043
gnutls_end_connection_t which was replaced by a flags integer..
12045
2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12047
* lib/auth_psk.c, lib/auth_psk.h, lib/ext_session_ticket.c,
12048
lib/ext_srp.c, lib/gnutls_sig.c, lib/gnutls_x509.c,
12049
lib/pkcs11_int.h, lib/system.c, lib/system.h, lib/x509/mpi.c,
12050
lib/x509/verify.c, src/certtool-common.h, src/certtool.c,
12051
src/common.c, src/pkcs11.c, src/udp-serv.c: Corrected types.
12053
2011-03-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12055
* src/cli-gaa.c, src/cli-gaa.h, src/cli.c, src/cli.gaa,
12056
src/serv-gaa.c, src/serv-gaa.h, src/serv.c, src/serv.gaa,
12057
src/udp-serv.c, src/udp-serv.h: Added --mtu option.
12059
2011-03-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12061
* lib/gnutls_buffers.c: properly re-generate headers of fragmented
12064
2011-03-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12066
* lib/gnutls_state.c: increased initial retransmission time to 1
12069
2011-03-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12071
* lib/gnutls_handshake.c: In DTLS do not hash messages that
12072
shouldn't be hashed (i.e. hello verify request).
12074
2011-03-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12076
* lib/gnutls_cipher.c: Corrected size check in block encrypted
12079
2011-03-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12081
* lib/gnutls_buffers.c, lib/gnutls_handshake.c: Corrected behavior
12082
in normal TLS handshake.
12084
2011-03-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12086
* libextra/Makefile.am: link libgnutls-extra against libgcrypt if
12087
required. Based on patch by Andreas Metzler
12088
<ametzler@downhill.at.eu.org>
12090
2011-03-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12092
* NEWS, lib/m4/hooks.m4, libextra/Makefile.am: increased the so
12093
version of libgnutls-openssl.
12095
2011-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12097
* lib/ext_session_ticket.c, lib/gnutls_buffers.c,
12098
lib/gnutls_buffers.h, lib/gnutls_cipher.c, lib/gnutls_dtls.c,
12099
lib/gnutls_errors.c, lib/gnutls_handshake.c,
12100
lib/gnutls_handshake.h, lib/gnutls_int.h, lib/gnutls_kx.c,
12101
lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h, lib/gnutls_record.c,
12102
lib/gnutls_state.c, lib/gnutls_str.c, lib/gnutls_v2_compat.c,
12103
lib/includes/gnutls/gnutls.h.in: Added intermediate handshake layer
12104
that will order handshake packets and drop duplicates.
12106
2011-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12108
* lib/gnutls_record.c: handle non fatal errors when receiving record
12111
2011-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12113
* lib/gnutls_cipher.c: memcpy -> memmove.
12115
2011-03-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12117
* lib/gnutls_buffers.c, lib/gnutls_int.h: removed GMAX
12119
2011-03-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12121
* src/certtool.c: Allow providing no password for PKCS #12 structure
12122
generation. Reported by Daniel Kahn Gillmor.
12124
2011-03-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12126
* src/certtool-cfg.c: consistently print all interactive questions
12127
to stderr. Reported by Daniel Kahn Gillmor.
12129
2011-02-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12131
* lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_dtls.c,
12132
lib/gnutls_int.h, lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h,
12133
lib/gnutls_record.c, lib/gnutls_state.c: combined all the record
12136
2011-02-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12138
* lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_dtls.c,
12139
lib/gnutls_int.h, lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h,
12140
lib/gnutls_record.c, lib/gnutls_record.h, lib/gnutls_state.c:
12141
internal buffering for record and handshake data changed from
12142
gnutls_buffers to gnutls_mbuffers.
12144
2011-02-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12146
* lib/debug.c, lib/gnutls_buffers.c, lib/gnutls_int.h,
12147
lib/gnutls_record.c, lib/gnutls_state.c,
12148
lib/includes/gnutls/gnutls.h.in: Removed last pieces of inner
12151
2011-02-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12153
* lib/gnutls_record.c: some cleanups
12155
2011-03-01 Ludovic Courtès <ludo@gnu.org>
12157
* guile/tests/anonymous-auth.scm, guile/tests/openpgp-auth.scm,
12158
guile/tests/x509-auth.scm: guile: Change tests to use priority
12161
2011-03-01 Ludovic Courtès <ludo@gnu.org>
12163
* src/Makefile.am: Add `udp-serv.h' to the distribution.
12165
2011-02-28 Andreas Metzler <ametzler@downhill.at.eu.org>
12167
* lib/libgnutls.map: fix duplicate symbols in version script These three symbols are listed both in the GNUTLS_2_8 and the
12168
GNUTLS_2_10 section. binutils uses the first occurence, drop the
12169
second one. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12171
2011-02-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12173
* doc/cha-intro-tls.texi: updates on -ALL priorities.
12175
2011-02-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12177
* lib/ext_signature.c: Restrict the signature algorithms we
12178
advertize to SHA1 and SHA256.
12180
2011-02-28 Ludovic Courtès <ludo@gnu.org>
12182
* lib/includes/Makefile.am: Add `gnutls/dtls.h' to the distribution.
12184
2011-02-27 Ludovic Courtès <ludo@gnu.org>
12186
* guile/modules/system/documentation/c-snarf.scm: guile: Fix
12187
docstring extraction with CPP 4.5+.
12189
2011-02-27 Ludovic Courtès <ludo@gnu.org>
12191
* doc/Makefile.am: Pass the right CPPFLAGS when building Guile doc.
12193
2011-02-27 Ludovic Courtès <ludo@gnu.org>
12195
* doc/cha-intro-tls.texi, guile/src/core.c: Add nodes for the
12196
subsections of "The TLS Handshake Protocol".
12198
2011-02-27 Ludovic Courtès <ludo@gnu.org>
12200
* lib/Makefile.am: Add `lib/gnutls_dtls.h' to the distribution.
12202
2011-02-27 Ludovic Courtès <ludo@gnu.org>
12204
* guile/modules/gnutls.scm, guile/modules/gnutls/build/enums.scm,
12205
guile/modules/gnutls/build/priorities.scm, guile/src/core.c,
12206
guile/src/errors.c, guile/src/errors.h, guile/tests/Makefile.am,
12207
guile/tests/priorities.scm: guile: Wrap
12208
`gnutls_priority_set_direct'; deprecate the old method.
12210
2011-02-27 Ludovic Courtès <ludo@gnu.org>
12212
* doc/scripts/gdoc, doc/scripts/sort2.pl: Avoid hard-coded
12213
/usr/bin/perl (trick taken from Gnulib.)
12215
2011-02-27 Ludovic Courtès <ludo@gnu.org>
12217
* libextra/gnutls_extra.c: Fix LZO-enabled builds.
12219
2011-02-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12221
* lib/nettle/rnd.c: Detect fork() in the random number generator and
12224
2011-02-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12226
* lib/gnutls_dtls.c, lib/gnutls_state.c: use timeouts closer to DTLS
12229
2011-02-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12231
* lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in,
12232
lib/libgnutls.map, lib/system_override.c: Renamed
12233
gnutls_transport_set_push_function2() to
12234
gnutls_transport_set_vec_push_function().
12236
2011-02-20 Simon Josefsson <simon@josefsson.org>
12238
* NEWS, doc/manpages/Makefile.am, lib/includes/gnutls/compat.h,
12239
lib/libgnutls.map, lib/x509/crq.c: Remove
12240
gnutls_x509_crq_get_preferred_hash_algorithm.
12242
2011-02-20 Simon Josefsson <simon@josefsson.org>
12244
* lib/libgnutls.map: Remove dropped functions.
12246
2011-02-20 Simon Josefsson <simon@josefsson.org>
12248
* lib/x509/crl_write.c: Add deprecated docstring.
12250
2011-02-20 Simon Josefsson <simon@josefsson.org>
12252
* lib/x509/crq.c: Fix deprecated docstring.
12254
2011-02-20 Simon Josefsson <simon@josefsson.org>
12256
* lib/x509/privkey.c: Fix docstring.
12258
2011-02-20 Simon Josefsson <simon@josefsson.org>
12260
* lib/gnutls_pubkey.c: Fix docstring of new function.
12262
2011-02-20 Simon Josefsson <simon@josefsson.org>
12264
* lib/gnutls_cert.c: Fix docstring for deprecated functions.
12266
2011-02-20 Simon Josefsson <simon@josefsson.org>
12268
* lib/gnutls_sig.c: Make it build.
12270
2011-02-20 Simon Josefsson <simon@josefsson.org>
12272
* lib/openpgp/privkey.c: Fix docstring of deprecated function.
12274
2011-02-20 Simon Josefsson <simon@josefsson.org>
12276
* lib/gnutls_pubkey.c: Fix docstrinf of new function.
12278
2011-02-20 Simon Josefsson <simon@josefsson.org>
12280
* doc/reference/gnutls-docs.sgml: Fix typo.
12282
2011-02-20 Simon Josefsson <simon@josefsson.org>
12284
* doc/reference/gnutls-docs.sgml: Improve text.
12286
2011-02-20 Simon Josefsson <simon@josefsson.org>
12288
* lib/x509/crl.c: Doc fix of new function.
12290
2011-02-20 Simon Josefsson <simon@josefsson.org>
12292
* lib/gnutls_cert.c, lib/gnutls_privkey.c, lib/x509/privkey.c: Fix
12293
docstring of deprecated functions.
12295
2011-02-20 Simon Josefsson <simon@josefsson.org>
12297
* NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/abstract.h,
12298
lib/includes/gnutls/compat.h, lib/libgnutls.map, lib/x509/crq.c,
12299
lib/x509/sign.c, tests/x509sign-verify.c: Rename
12300
gnutls_privkey_sign_data2 to gnutls_privkey_sign_data and
12301
gnutls_privkey_sign_hash2 to gnutls_privkey_sign_hash. These were added during the 2.11 cycle where we don't promise ABI
12304
2011-02-20 Simon Josefsson <simon@josefsson.org>
12306
* doc/gnutls-crypto-layers.eps: Add doc/gnutls-crypto-layers.eps.
12308
2011-02-20 Simon Josefsson <simon@josefsson.org>
12310
* doc/Makefile.am: Dist gnutls-crypto-layers.*.
12312
2011-02-20 Simon Josefsson <simon@josefsson.org>
12314
* lib/Makefile.am: Add abstract_int.h.
12316
2011-02-20 Simon Josefsson <simon@josefsson.org>
12318
* .gitignore: Ignore more.
12320
2011-02-20 Simon Josefsson <simon@josefsson.org>
12322
* lib/Makefile.am: Link with -lnettle too.
12324
2011-02-20 Simon Josefsson <simon@josefsson.org>
12326
* doc/Makefile.am, doc/cha-programs.texi, lib/gnutls_privkey.c,
12327
lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
12328
lib/openpgp/pgp.c: Fix syntax-check warnings.
12330
2011-02-22 Ludovic Courtès <ludo@gnu.org>
12332
* guile/modules/gnutls/build/enums.scm: guile: Remove
12333
GNUTLS_A_INNER_APPLICATION_FAILURE and
12334
GNUTLS_A_INNER_APPLICATION_VERIFICATION.
12336
2011-02-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12338
* lib/gnutls_session_pack.c: store entities as numbers to avoid
12339
issues in big-little endian machines.
12341
2011-02-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12343
* lib/gnutls_record.c: documented the DTLS sequence particularities.
12345
2011-02-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12347
* lib/gnutls_buffers.c, lib/gnutls_handshake.c,
12348
lib/gnutls_record.c, lib/gnutls_record.h,
12349
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/udp-serv.c:
12350
Added gnutls_record_recv_seq() that can return the sequence number
12351
of the record packet, in addition to data.
12353
2011-02-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12355
* lib/gnutls_record.c: reorganized and simplified gnutls_recv_int().
12356
It will discard invalid DTLS packets.
12358
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12360
* lib/gnutls_constate.h, lib/gnutls_record.c: Discard messages that
12361
contain a different epoch than the current one.
12363
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12365
* lib/gnutls_record.c: renamed internal function to reflect
12368
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12370
* lib/gnutls_buffers.c, lib/gnutls_dtls.c, lib/gnutls_dtls.h,
12371
lib/gnutls_int.h, lib/gnutls_record.c, lib/gnutls_state.c:
12372
Implemented a sliding window-like thing to discard replayed packets.
12374
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12376
* src/cli.c: gnutls-cli shouldn't print errors on EAGAIN and
12379
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12381
* lib/gnutls_num.c: corrected uint48pp.
12383
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12385
* lib/gnutls_constate.c, lib/gnutls_mbuffers.c, lib/gnutls_state.c:
12386
Epoch garbage collector is being run when handshake is being cleaned
12389
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12391
* lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_dtls.c,
12392
lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_num.c,
12393
lib/gnutls_state.c: skip replays in handshake packets.
12395
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12397
* lib/gnutls_record.c: Forbid SSL v.2 client hello in DTLS.
12399
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12401
* lib/gnutls_buffers.c, lib/gnutls_int.h: removed unneeded
12404
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12406
* lib/gnutls_buffers.c, lib/gnutls_constate.h, lib/gnutls_dtls.c,
12407
lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_mbuffers.c:
12408
Cleanups in combination of DTLS and TLS buffers.
12410
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12412
* lib/auth_dhe.c, lib/auth_rsa.c, lib/auth_rsa_export.c,
12413
lib/auth_srp.c, lib/gnutls_algorithms.c, lib/gnutls_dh_primes.c,
12414
lib/gnutls_errors.h, lib/gnutls_handshake.c, lib/gnutls_sig.c,
12415
lib/opencdk/main.h, lib/openpgp/pgp.c, lib/openpgp/pgpverify.c,
12416
lib/openpgp/privkey.c, lib/x509/common.c, lib/x509/dn.c,
12417
lib/x509/pkcs12.c, lib/x509/pkcs7.c, lib/x509/privkey_pkcs8.c,
12418
lib/x509/verify.c, lib/x509/x509_write.c, lib/x509_b64.c:
12419
gnutls_x509_log replaced with gnutls_audit_log.
12421
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12423
* lib/gnutls_algorithms.h, lib/gnutls_cipher.c, lib/gnutls_dtls.c,
12424
lib/gnutls_int.h, lib/gnutls_state.c, lib/gnutls_state.h: Return a
12425
more precise mtu unit to applications.
12427
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12429
* src/udp-serv.c: restart handshake on signals.
12431
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12433
* lib/gnutls_buffers.c, lib/gnutls_constate.h, lib/gnutls_dtls.c:
12434
reference counting in epochs is being done using functions.
12436
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12438
* lib/gnutls_cipher.c, lib/gnutls_compress.c, lib/gnutls_dtls.c,
12439
lib/gnutls_int.h, lib/gnutls_record.c, lib/gnutls_state.c,
12440
lib/includes/gnutls/dtls.h, lib/libgnutls.map: Added
12441
gnutls_dtls_g/set_mtu() to allow setting and getting the DTLS mtu
12444
2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12446
* lib/gnutls_buffers.c, lib/gnutls_dtls.c, lib/gnutls_dtls.h,
12447
lib/gnutls_int.h, lib/gnutls_state.c: Combined DTLS buffers and
12448
normal TLS buffers.
12450
2011-02-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12452
* lib/Makefile.am, lib/ext_session_ticket.c, lib/gnutls_buffers.c,
12453
lib/gnutls_buffers.h, lib/gnutls_constate.c, lib/gnutls_dtls.c,
12454
lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_state.c,
12455
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, lib/system.c,
12456
lib/system.h, lib/system_override.c, src/Makefile.am,
12457
src/serv-gaa.c, src/serv-gaa.h, src/serv.c, src/serv.gaa,
12458
src/udp-serv.c, src/udp-serv.h: Changes to allow DTLS server side to
12459
operate. Added a simple UDP server on gnutls-serv. Server other
12462
2011-02-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12464
* lib/gnutls_dtls.c, lib/gnutls_errors.c, lib/gnutls_int.h,
12465
lib/gnutls_state.c, lib/includes/gnutls/dtls.h,
12466
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli.c: Allow
12467
setting the DTLS timeouts explicitly.
12469
2011-02-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12471
* doc/TODO: updated.
12473
2011-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12475
* lib/auth_cert.c, lib/debug.c, lib/gnutls_algorithms.c,
12476
lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_cipher.c,
12477
lib/gnutls_cipher.h, lib/gnutls_dtls.c, lib/gnutls_dtls.h,
12478
lib/gnutls_errors.h, lib/gnutls_handshake.c, lib/gnutls_int.h,
12479
lib/gnutls_mbuffers.h, lib/gnutls_num.c, lib/gnutls_num.h,
12480
lib/gnutls_record.c, lib/gnutls_record.h, lib/gnutls_state.c,
12481
lib/includes/gnutls/gnutls.h.in, lib/system.c, lib/system.h,
12482
src/cli-gaa.c, src/cli-gaa.h, src/cli.c, src/cli.gaa: Several
12483
updates for DTLS (client side only) to work.
12485
2011-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12487
* lib/opencdk/main.h: Increased level of opencdk debug messages.
12489
2011-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12491
* lib/gnutls_sig.c: DSA keys in TLS 1.x, x<2 and SSL 3.0 use SHA-1
12492
as hash. That is we reverted to previous gnutls behavior. That
12493
violates DSS but all implementations handle it like that.
12495
2011-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12497
* lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_dtls.c,
12498
lib/gnutls_dtls.h, lib/gnutls_handshake.c, lib/gnutls_int.h: use
12499
similar API when caching messages in DTLS or TLS.
12501
2011-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12503
* lib/gnutls_algorithms.c: corrected is_version_supported().
12505
2011-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12507
* lib/gnutls_handshake.c, lib/gnutls_handshake.h, lib/gnutls_kx.c:
12508
Simplified _gnutls_recv_handshake().
12510
2011-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12512
* lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
12513
lib/gnutls_dtls.c, lib/gnutls_handshake.c: ciphersuites have a bit
12514
that indicates whether they are usable with DTLS or not.
12516
2011-02-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12518
* lib/auth_dhe.c, lib/gnutls_algorithms.c, lib/gnutls_cipher.c: fix
12521
2010-10-02 Jonathan Bastien-Filiatrault <joe@x2a.org>
12523
* lib/gnutls_dtls.c, lib/gnutls_dtls.h, lib/gnutls_num.c,
12524
lib/gnutls_num.h: dtls: Add uint48 handling functions. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12526
2010-10-02 Jonathan Bastien-Filiatrault <joe@x2a.org>
12528
* lib/gnutls_record.c: dtls: Bring epoch choice on receive closer to
12529
the first usage. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12531
2010-09-24 Jonathan Bastien-Filiatrault <joe@x2a.org>
12533
* src/cli-gaa.c, src/cli-gaa.h, src/cli.c, src/cli.gaa: Add DTLS
12534
support to command-line client. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12536
2010-09-17 Jonathan Bastien-Filiatrault <joe@x2a.org>
12538
* lib/gnutls_constate.c: dtls: Write epoch to sequence number. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12540
2010-09-06 Jonathan Bastien-Filiatrault <joe@x2a.org>
12542
* lib/gnutls_handshake.c: dtls: Send consistent a client_random. This is necessary when challenged by HelloVerifiyRequest as we MUST
12543
send the same client parameters. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12545
2010-09-05 Jonathan Bastien-Filiatrault <joe@x2a.org>
12547
* lib/gnutls_handshake.c, lib/gnutls_int.h: dtls: Limit the number
12548
of HelloVerifyRequest round trips. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12550
2010-09-05 Jonathan Bastien-Filiatrault <joe@x2a.org>
12552
* lib/gnutls_dtls.c, lib/gnutls_handshake.c: dtls: TEMP: Sprinkle
12553
transmits. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12555
2010-09-05 Jonathan Bastien-Filiatrault <joe@x2a.org>
12557
* lib/gnutls_handshake.c, lib/gnutls_int.h: dtls: Do
12558
HANDSHAKE_HELLO_VERIFY_REQUEST processing. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12560
2010-09-05 Jonathan Bastien-Filiatrault <joe@x2a.org>
12562
* lib/gnutls_handshake.c: dtls: Add
12563
_gnutls_recv_hello_verify_request. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12565
2010-09-05 Jonathan Bastien-Filiatrault <joe@x2a.org>
12567
* lib/gnutls_record.c: Decrypt using the proper sequence number. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12569
2010-09-05 Jonathan Bastien-Filiatrault <joe@x2a.org>
12571
* lib/gnutls_cipher.c, lib/gnutls_cipher.h: dtls: Use proper record
12572
sequence for DTLS decrypt. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12574
2011-02-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12576
* lib/gnutls_handshake.c: corrected extdatalen
12578
2010-09-05 Jonathan Bastien-Filiatrault <joe@x2a.org>
12580
* lib/gnutls_buffers.c: dtls: Read whole datagrams. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12582
2009-08-03 Jonathan Bastien-Filiatrault <joe@x2a.org>
12584
* lib/gnutls_handshake.c: dtls: Queue outgoing handshake messages in
12585
the retransmission layer. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12587
2009-08-03 Jonathan Bastien-Filiatrault <joe@x2a.org>
12589
* lib/gnutls_dtls.c, lib/gnutls_dtls.h: Add outgoing flight buffer
12590
handling code. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12592
2009-08-03 Jonathan Bastien-Filiatrault <joe@x2a.org>
12594
* lib/gnutls_errors.h: Define _gnutls_dtls_log for DTLS. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12596
2009-08-03 Jonathan Bastien-Filiatrault <joe@x2a.org>
12598
* lib/gnutls_int.h, lib/gnutls_state.c: Add structures for the
12599
buffered outgoing flight. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12601
2009-08-03 Jonathan Bastien-Filiatrault <joe@x2a.org>
12603
* lib/gnutls_int.h, lib/gnutls_state.c: Add state for handshake mtu. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12605
2009-08-03 Jonathan Bastien-Filiatrault <joe@x2a.org>
12607
* lib/gnutls_handshake.c: dtls: Fixup outgoing ClientHello hashing. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12609
2009-08-03 Jonathan Bastien-Filiatrault <joe@x2a.org>
12611
* lib/gnutls_handshake.c, lib/gnutls_int.h: Add proper handshake
12612
outgoing sequence number. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12614
2009-08-03 Jonathan Bastien-Filiatrault <joe@x2a.org>
12616
* lib/Makefile.am, lib/gnutls_dtls.c, lib/gnutls_dtls.h: Add
12617
gnutls_dtls.{c,h}. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12619
2009-08-02 Jonathan Bastien-Filiatrault <joe@x2a.org>
12621
* lib/gnutls_handshake.c: dtls: Remove unsuitable ciphers. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12623
2009-07-28 Jonathan Bastien-Filiatrault <joe@x2a.org>
12625
* lib/debug.c, lib/gnutls_handshake.c,
12626
lib/includes/gnutls/gnutls.h.in: dtls: Add hanshake fragment headers
12627
when sending handshake. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12629
2009-07-28 Jonathan Bastien-Filiatrault <joe@x2a.org>
12631
* lib/gnutls_cipher.c, lib/gnutls_int.h, lib/gnutls_record.c: dtls:
12632
Add epoch and sequence number to DTLS packets. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12634
2009-07-28 Jonathan Bastien-Filiatrault <joe@x2a.org>
12636
* lib/gnutls_record.c: Use increment functions for sequence number. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12638
2009-07-27 Jonathan Bastien-Filiatrault <joe@x2a.org>
12640
* lib/gnutls_int.h, lib/gnutls_num.c, lib/gnutls_num.h,
12641
lib/gnutls_record.c: dtls: Add types and operations required for the
12642
DTLS epoch and sequence. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12644
2009-07-29 Jonathan Bastien-Filiatrault <joe@x2a.org>
12646
* lib/gnutls_algorithms.c, lib/gnutls_priority.c: Make version
12647
lookup transport dependent. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12649
2009-08-03 Jonathan Bastien-Filiatrault <joe@x2a.org>
12651
* lib/gnutls_state.h: dtls: Add _gnutls_is_dtls to check if a
12652
session uses DTLS. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12654
2009-07-25 Jonathan Bastien-Filiatrault <joe@x2a.org>
12656
* lib/gnutls_int.h, lib/gnutls_state.c,
12657
lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Add
12658
gnutls_init_dtls function. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12660
2009-07-25 Jonathan Bastien-Filiatrault <joe@x2a.org>
12662
* lib/gnutls_int.h: Add DTLS state. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12664
2009-07-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
12666
* lib/gnutls_algorithms.c, lib/includes/gnutls/gnutls.h.in: Add
12667
DTLS1.0 protocol entry. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12669
2010-09-17 Jonathan Bastien-Filiatrault <joe@x2a.org>
12671
* lib/ext_session_ticket.c, lib/gnutls_handshake.c,
12672
lib/gnutls_kx.c, lib/gnutls_mbuffers.h: Allocate session buffers of
12673
size, depending on type of session. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12675
2010-09-25 Jonathan Bastien-Filiatrault <joe@x2a.org>
12677
* lib/gnutls_constate.c: Harmonize "d" argument between constate.c
12678
and compress.c. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12680
2010-09-24 Jonathan Bastien-Filiatrault <joe@x2a.org>
12682
* src/cli-gaa.c, src/cli.gaa: Fix typo. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12684
2010-09-21 Jonathan Bastien-Filiatrault <joe@x2a.org>
12686
* lib/gnutls_num.h: Parenthesize UINT64DATA again. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12688
2011-02-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12690
* doc/cha-intro-tls.texi: reorganization of ciphersuite discussion.
12692
2011-02-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12694
* lib/gnutls_priority.c: Allow using the minus "-" in the -ALL
12697
2011-02-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12699
* lib/gnutls_algorithms.c: Added fixme note on TLS 1.2 PRF per
12702
2011-02-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12704
* lib/gnutls_algorithms.c: The safe renegotiation ciphersuite is not
12705
required to be registered.
12707
2011-02-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12709
* lib/auth_dhe_psk.c: Corrected bug in DHE-PSK in freeing
12712
2011-02-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12714
* lib/gnutls_algorithms.c: Added ciphersuites (from RFC5487):
12715
TLS_PSK_WITH_AES_128_GCM_SHA256 TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
12716
TLS_PSK_WITH_AES_128_CBC_SHA256 TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
12717
TLS_PSK_WITH_NULL_SHA256 TLS_DHE_PSK_WITH_NULL_SHA256
12719
2011-02-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12721
* NEWS, lib/gnutls_extensions.c, lib/gnutls_sig.c: Corrected
12722
signature generation and verification in the Certificate Verify
12723
message when in TLS 1.2. Reported by Todd A. Ouska.
12725
2011-02-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12727
* lib/gnutls_state.c: removed duplicate assignments.
12729
2011-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12731
* lib/nettle/cipher.c: upgraded to nettle's new GCM API.
12733
2011-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12735
* lib/m4/hooks.m4: increased the C++ library current version.
12737
2011-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12739
* NEWS, lib/gnutlsxx.cpp: The C++ interface returns exception on
12740
every error and not only on fatal ones. This allows easier handling
12743
2011-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12745
* lib/gnutlsxx.cpp, lib/includes/gnutls/gnutlsxx.h: removed the old
12746
set_priority functions.
12748
2011-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12750
* src/cli.c, src/serv.c: removed more deprecated stuff.
12752
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12754
* libextra/gnutls_openssl.c, libextra/includes/gnutls/openssl.h:
12755
updated openssl layer to new priority functions (untested).
12757
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12759
* lib/gnutls_sig.c: removed unused variable.
12761
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12763
* NEWS, lib/gnutls_sig.c: Allow DSA2 even in protocols before TLS
12766
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12768
* src/cli.c: set the psk callback only if username/key were not
12769
supplied at command line.
12771
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12773
* lib/ext_signature.c, lib/ext_signature.h, lib/gnutls_pk.c,
12774
lib/gnutls_sig.c: In TLS 1.2 under DSS use the hash algorithm
12777
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12779
* tests/Makefile.am, tests/openpgp-auth.c, tests/openpgp-auth2.c:
12780
Added new test openpgp-auth2.c that tests openpgp under TLS1.2 and
12783
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12785
* tests/anonself.c, tests/dhepskself.c, tests/mini-eagain.c,
12786
tests/mini.c, tests/openpgp-auth.c, tests/pskself.c, tests/resume.c:
12787
Modernized the test applications that now use the
12788
gnutls_priority_set_direct().
12790
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12792
* lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in:
12793
deprecated gnutls_*_set_priority().
12795
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12797
* lib/auth_cert.c, lib/ext_cert_type.c, lib/ext_max_record.c,
12798
lib/ext_safe_renegotiation.c, lib/ext_server_name.c,
12799
lib/ext_session_ticket.c, lib/ext_signature.c, lib/ext_srp.c,
12800
lib/gnutls_extensions.c, lib/gnutls_extensions.h,
12801
lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_pk.c,
12802
lib/gnutls_sig.c, lib/gnutls_state.c,
12803
lib/includes/gnutls/gnutls.h.in, lib/nettle/pk.c: The extensions
12804
code is now using the gnutls_buffer_st.
12806
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12808
* lib/gnutls_algorithms.c, lib/x509/x509_int.h: Added sha224 to the
12811
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12813
* lib/gnutls_priority.c: The PSK and SRP key exchange algorithms are
12814
not included in the preset priority strings.
12816
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12818
* lib/auth_dh_common.c, lib/auth_dh_common.h, lib/auth_dhe_psk.c,
12819
lib/auth_psk.c, lib/auth_psk.h: Callback function is being called in
12820
both PSK-DHE and PSK. Using the callback function will not
12821
overwrite the credentials, which were wrongly being overwritten
12822
using the retrieved username/key. The credentials structure is now
12823
accessed for reading only, as it should have been.
12825
2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12827
* configure.ac: bumped version.
12829
2011-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12831
* doc/cha-programs.texi: Added documentation on p11tool.
12833
2011-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12835
* doc/cha-intro-tls.texi, doc/cha-library.texi,
12836
doc/manpages/gnutls-cli.1, doc/manpages/gnutls-serv.1,
12837
lib/gnutls_priority.c, src/common.c: Moved documentation of priority
12838
strings to manual and removed information from manpages and function
12839
pages that now reference the manual section.
12841
2011-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12843
* lib/auth_anon.c, lib/auth_cert.c, lib/auth_cert.h,
12844
lib/auth_dh_common.c, lib/auth_dh_common.h, lib/auth_dhe.c,
12845
lib/auth_dhe_psk.c, lib/auth_psk.c, lib/auth_rsa.c,
12846
lib/auth_rsa_export.c, lib/auth_srp.c, lib/auth_srp.h,
12847
lib/auth_srp_rsa.c, lib/gnutls_auth.h, lib/gnutls_kx.c,
12848
lib/gnutls_str.c, lib/gnutls_str.h: Simplified code in
12849
authentication methods by using gnutls_buffer_st instead of
12852
2011-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12854
* lib/gnutls_algorithms.c, lib/includes/gnutls/gnutls.h.in: Combined
12857
2011-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12859
* lib/auth_cert.c, lib/auth_dhe.c, lib/ext_signature.c,
12860
lib/gnutls_algorithms.c, lib/gnutls_algorithms.h: Several updates in
12861
signature algorithms parsing and sending to avoid sending invalid
12862
signature algorithms.
12864
2011-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12866
* lib/gnutls_algorithms.c: Removed unused debugging code.
12868
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12870
* lib/nettle/cipher.c: Removed unneeded initialization.
12872
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12874
* NEWS, doc/cha-auth.texi, doc/cha-programs.texi, lib/Makefile.am,
12875
lib/gnutls_psk_netconf.c, lib/includes/gnutls/compat.h: Removed
12876
gnutls_psk_netconf_derive_key.
12878
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12880
* NEWS, lib/gnutls_cert.c, lib/includes/gnutls/compat.h: Removed
12881
gnutls_certificate_verify_peers.
12883
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12885
* NEWS, lib/gnutls_handshake.c, lib/gnutls_int.h,
12886
lib/gnutls_state.c, lib/includes/gnutls/compat.h: Removed
12887
gnutls_session_set_finished_function().
12889
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12891
* lib/gnutls_alert.c, lib/includes/gnutls/gnutls.h.in: Removed
12892
remaining TLS/IA stuff.
12894
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12896
* src/cli-gaa.c, src/cli-gaa.h, src/cli.gaa, src/serv-gaa.c,
12897
src/serv-gaa.h, src/serv.gaa: Removed more leftovers from opaque PRF
12900
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12902
* lib/gnutls_record.c: Corrected return message from
12905
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12907
* lib/nettle/mac.c: Removed upper limit on MAC algorithm key.
12909
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12911
* lib/gnutls_errors.c: improved premature_termination error message
12913
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12915
* doc/reference/Makefile.am, lib/libgnutls.map: Removed leftovers
12916
from OPRFI extension.
12918
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12920
* NEWS, lib/gnutls_errors.c, lib/gnutls_record.c,
12921
lib/includes/gnutls/gnutls.h.in: gnutls_recv() returns
12922
GNUTLS_E_PREMATURE_TERMINATION on EOF.
12924
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12926
* src/cli-gaa.c, src/cli-gaa.h, src/cli.c, src/cli.gaa,
12927
src/common.c, src/common.h, src/serv-gaa.c, src/serv-gaa.h,
12928
src/serv.c, src/serv.gaa: Removed deprecated option such as
12929
--protocols, ciphers etc.
12931
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12933
* NEWS: not untested.
12935
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12937
* src/benchmark.c: Set correct iv in GCM.
12939
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12941
* lib/gnutls_cipher.c, lib/gnutls_int.h: Cleanups and moved
12942
definitions to gnutls_int.h. AEAD modes now use the record packet
12945
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12947
* lib/nettle/cipher.c: Reset GCM mode when setting IV.
12949
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12951
* lib/gnutls_algorithms.c: Added more GCM ciphersuites (DHE-* and
12954
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12956
* lib/gnutls_priority.c: updated priorities. Removed ARCFOUR from
12957
the secure ciphersuites and moved GCM to bottom of the ciphers in
12960
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12962
* NEWS, lib/crypto-api.c, lib/gnutls_algorithms.c,
12963
lib/gnutls_algorithms.h, lib/gnutls_cipher_int.c,
12964
lib/gnutls_cipher_int.h, lib/includes/gnutls/crypto.h,
12965
lib/libgnutls.map, src/benchmark.c: Added gnutls_cipher_add_auth()
12966
gnutls_cipher_tag() to export the GCM interface. Updated the
12969
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12971
* lib/gnutls_cert.c: removed
12972
gnutls_certificate_get_openpgp_keyring().
12974
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12976
* lib/gnutls_hash_int.c: minor optimizations.
12978
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12980
* lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h,
12981
lib/gnutls_hash_int.c, lib/gnutls_hash_int.h: inlined several small
12984
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12986
* lib/gnutls_cipher.c, lib/gnutls_cipher_int.c,
12987
lib/gnutls_cipher_int.h, lib/gnutls_handshake.c,
12988
lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_sig.c:
12989
Better error checking on SSL3.
12991
2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12993
* lib/gnutls_cipher.c: calculation for c_length occurs in a single
12996
2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
12998
* NEWS: unstable -> untested.
13000
2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13002
* lib/nettle/mac.c: Increase the maximum HMAC key to account for
13003
anonymous ciphersuites.
13005
2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13007
* lib/gnutls_hash_int.c: check the error of hash set_key.
13009
2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13011
* lib/gnutls_kx.c: do not use strlen for fixed string.
13013
2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13015
* NEWS: updated NEWS on GCM mode.
13017
2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13019
* lib/nettle/cipher.c: Use nettle's new API for GCM.
13021
2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13023
* src/cli.c: removed old comment
13025
2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13027
* NEWS, doc/Makefile.am, doc/cha-functions.texi,
13028
doc/cha-gtls-app.texi, doc/examples/Makefile.am,
13029
doc/examples/ex-client-tlsia.c, lib/gnutls_kx.c,
13030
libextra/Makefile.am, libextra/ext_inner_application.c,
13031
libextra/ext_inner_application.h, libextra/gnutls_extra.c,
13032
libextra/gnutls_ia.c, libextra/libgnutls-extra.map,
13033
tests/Makefile.am, tests/tlsia.c: Removed inner application
13036
2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13038
* lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in:
13039
gnutls_certificate_verify_peers is deprecated.
13041
2011-02-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13043
* lib/gcrypt/mac.c, lib/gnutls_algorithms.c,
13044
lib/gnutls_algorithms.h, lib/gnutls_cipher.c, lib/gnutls_cipher.h,
13045
lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h,
13046
lib/gnutls_constate.c, lib/gnutls_hash_int.c,
13047
lib/gnutls_hash_int.h, lib/gnutls_int.h, lib/gnutls_priority.c,
13048
lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
13049
lib/m4/hooks.m4, lib/nettle/cipher.c, lib/nettle/mac.c: Added
13050
support for GCM ciphersuites (not tested with other implementation).
13052
2011-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13054
* lib/gnutls_int.h: Added missing definitions (GNUTLS_MASTER_SIZE
13057
2011-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13059
* NEWS, lib/gnutls_state.c, lib/includes/gnutls/compat.h: Removed:
13060
gnutls_session_get_server_random, gnutls_session_get_client_random,
13061
gnutls_session_get_master_secret
13063
2011-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13065
* lib/build-aux/config.rpath, tests/suite/Makefile.in: updated.
13067
2011-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13069
* lib/Makefile.am, lib/gnutls.pc.in, lib/m4/hooks.m4: Add the nettle
13070
libs into gnutls.pc.
13072
2011-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13074
* NEWS, lib/gnutls_cert.c, lib/gnutls_extensions.c,
13075
lib/includes/gnutls/compat.h, lib/m4/hooks.m4: Removed functions:
13076
gnutls_ext_register, gnutls_certificate_get_x509_crls,
13077
gnutls_certificate_get_x509_cas and bumped library version number.
13079
2011-02-05 Andreas Metzler <ametzler@downhill.at.eu.org>
13081
* lib/configure.ac, lib/gnutls.pc.in, lib/m4/hooks.m4: [PATCH 1/4]
13082
adapt pkg-config file for switch from AM_PATH_LIBGCRYPT to
13083
AC_LIB_HAVE_LINKFLAGS [PATCH 2/4] pkg-config: Move libtasn1 from
13084
Libs.private to Requires.private since libtasn1 provides a .pc file.
13085
[PATCH 3/4] pkg-config: drop @LIBGNUTLS_LIBS@ from Libs.private.
13086
This library only contains gnutls itself nowadays, which is in Libs
13087
already. [PATCH 4/4] pkg-config: If gnutls is built with zlib
13088
support list zlib in Requires.private.
13090
2011-02-04 Simon Josefsson <simon@josefsson.org>
13092
* doc/cha-ciphersuites.texi, doc/signatures.texi: Fix MD2
13093
documentation. Suggested by "brian m. carlson" <sandals@crustytoothpaste.net> in
13094
debian bug #464625.
13096
2011-02-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13098
* doc/README.CODING_STYLE: updated coding style.
13100
2011-02-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13102
* NEWS: documented gnutls_session_get_* deprecated functions.
13104
2011-02-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13106
* tests/x509paths/README: updated README on certificate
13107
verifications that fail.
13109
2011-02-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13111
* NEWS, src/certtool-common.h, src/certtool-gaa.c,
13112
src/certtool-gaa.h, src/certtool.c, src/certtool.gaa: Added new
13113
functionality to certtool, and can verify certificates against a
13114
list of CAs using the --verify option.
13116
2011-02-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13118
* lib/x509/verify.c, tests/chainverify.c: Time checks were moved to
13119
_gnutls_verify_certificate2(). This allows for straightforward
13120
chain verification, and thus better printing of the chain output,
13121
although some checks might be performed in duplicate. As a
13122
side-effect better errors are returned (or precisely more
13123
combinations of verification errors), thus chainverify test was
13126
2011-02-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13128
* lib/x509/verify-high.c: Set memory to zero on allocation.
13130
2011-02-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13132
* doc/cha-gtls-app.texi: fix in contents.
13134
2011-02-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13136
* doc/examples/examples.h: prototype fix.
13138
2011-02-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13140
* doc/examples/ex-verify.c, lib/gnutls_cert.c,
13141
lib/includes/gnutls/x509.h, lib/x509/verify-high.c, src/certtool.c:
13142
gnutls_x509_trust_list_init() has an extra argument that allows
13143
fine-tuning of the used memory.
13145
2011-02-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13147
* doc/cha-bib.texi: Updated references of rfc5081 to rfc6091.
13149
2011-02-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13151
* doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
13152
doc/examples/ex-verify.c: Documented the new verification functions.
13154
2011-01-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13156
* src/certtool.c, tests/sha2/sha2: Modified output to not confuse
13159
2011-01-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13161
* lib/x509/verify.c: Better output when removing certificates from
13164
2011-01-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13166
* tests/pkcs1-padding/pkcs1-pad: Modified to work on new certtool -e
13169
2011-01-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13171
* NEWS, doc/examples/ex-verify.c, lib/auth_cert.h,
13172
lib/gnutls_cert.c, lib/gnutls_x509.c, lib/includes/gnutls/compat.h,
13173
lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/x509.h,
13174
lib/libgnutls.map, lib/x509/crl.c, lib/x509/x509.c, src/certtool.c,
13175
tests/certificate_set_x509_crl.c: The internal subsystem uses the
13176
new certificate verification functions. This has the side effect of
13177
deprecating gnutls_certificate_get_x509_crls() and
13178
gnutls_certificate_get_x509_cas() that can no longer operation since
13179
they relied on internal structures.
13181
2011-01-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13183
* NEWS, doc/cha-gtls-app.texi, doc/examples/ex-verify.c,
13184
lib/Makefile.am, lib/hash.c, lib/hash.h,
13185
lib/includes/gnutls/x509.h, lib/libgnutls.map,
13186
lib/x509/Makefile.am, lib/x509/crl.c, lib/x509/verify-high.c,
13187
lib/x509/verify.c, lib/x509/x509.c, lib/x509/x509_int.h,
13188
src/certtool.c: Added a new API to verify certificates. It is more
13189
efficient and can be used to get details about the verification
13192
2011-01-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13194
* tests/x509paths/chain: better output in chain output.
13196
2011-01-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13198
* NEWS, lib/includes/gnutls/x509.h, lib/x509/crl.c,
13199
lib/x509/verify.c, lib/x509/x509.c: exported
13200
gnutls_x509_crl_get_raw_issuer_dn()
13202
2011-01-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13204
* lib/x509/x509.c: corrected typos
13206
2011-01-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13208
* lib/pakchois/pakchois.c: CKR_CRYPTOKI_ALREADY_INITIALIZED is not
13209
treated as an error, and Finalize is not called in that case.
13211
2011-01-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13213
* NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/compat.h,
13214
lib/openpgp/privkey.c: Reverted removal of
13215
gnutls_openpgp_privkey_sign_hash() to retain compatibility with
13216
2.10.x. That function is now deprecated instead.
13218
2011-01-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13220
* lib/gnutls_privkey.c: Added checks before importing keys and
13221
updated documentation.
13223
2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13225
* tests/suite/Makefile.in: updated Makefile.in
13227
2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13229
* doc/examples/ex-crq.c, lib/configure.ac,
13230
lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in,
13231
lib/includes/gnutls/x509.h, src/certtool.c, tests/crq_key_id.c:
13232
fixes in internal build with the new deprecated functions. We allow
13233
them to be used since they are inter-dependent.
13235
2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13237
* lib/x509/x509_int.h: replaced old gnutls_pk_algorithm.
13239
2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13241
* lib/includes/gnutls/compat.h: depends on gnutls/x509.h to compile.
13243
2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13245
* NEWS, lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
13246
lib/x509/crl_write.c: deprecated gnutls_x509_crl_sign(),
13247
gnutls_x509_crl_sign2() and
13248
gnutls_x509_crq_get_preferred_hash_algorithm().
13250
2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13252
* NEWS, lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
13253
lib/x509/crq.c: Deprecated gnutls_x509_crq_sign2() and
13254
gnutls_x509_crq_sign() in favor for gnutls_x509_crq_privkey_sign().
13256
2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13258
* NEWS, lib/libgnutls.map: minor fixes.
13260
2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13262
* NEWS, lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
13263
lib/libgnutls.map, lib/x509/privkey.c, lib/x509/x509.c,
13264
src/certtool.c, tests/cve-2009-1415.c, tests/x509sign-verify.c:
13265
gnutls_x509_crt_verify_hash: DEPRECATED gnutls_x509_crt_verify_data:
13266
DEPRECATED gnutls_x509_crt_get_verify_algorithm: DEPRECATED
13267
gnutls_x509_crt_get_preferred_hash_algorithm: DEPRECATED Removed the
13268
new gnutls_x509_privkey_sign_data2() and
13269
gnutls_x509_privkey_sign_hash2(). That functionality will be only in the abstract.h pubkey and privkey
13270
structures, to avoid duplication for every certificate type.
13272
2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13274
* src/serv.c: Simplified macro to snprintf() in order to prevent
13275
issues caused when snprintf() is a macro itself. Reported and
13276
initial patch by Camillo Lugaresi.
13278
2011-01-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13280
* tests/suite/Makefile.in: Revert "Remove, it is generated." This reverts commit de3a601e502b24f047412a161085f7fbd898b3f3 because
13281
this file is not automatically generated (not included in top
13284
2011-01-02 Simon Josefsson <simon@josefsson.org>
13286
* lib/m4/hooks.m4: Specify minimum libgcrypt version.
13288
2010-12-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13290
* doc/cha-internals.texi: Added discussion on crypto backend for
13291
crypto libraries and /dev/crypto.
13293
2010-12-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13295
* NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/abstract.h,
13296
lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
13297
lib/x509/crq.c, lib/x509/privkey.c, lib/x509/sign.c: Renamed
13298
gnutls_privkey_sign_data() to gnutls_privkey_sign_data2() to match
13299
the similar function gnutls_x509_privkey_sign_data2().
13300
gnutls_x509_privkey_sign_data() was deprecated.
13302
2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13304
* lib/gnutls_str.c: Extra sanity check.
13306
2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13308
* lib/auth_srp_passwd.c: Use snprintf() to print an integer.
13310
2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13312
* lib/x509/output.c: Use snprintf() to print IPs. There was a check
13313
just before that, but be safe, just in case.
13315
2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13317
* doc/cha-auth.texi: Use SRP for password authentication.
13319
2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13321
* doc/cha-auth.texi, lib/gnutls_cert.c, lib/gnutls_extensions.c,
13322
lib/gnutls_psk_netconf.c, lib/gnutls_state.c,
13323
lib/includes/gnutls/compat.h, lib/x509/privkey.c: Do not include
13324
deprecated functions to library documentation.
13326
2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13328
* NEWS, lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
13329
lib/x509/privkey.c: gnutls_x509_privkey_verify_data() was
13332
2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13334
* lib/gnutls_pubkey.c: Documented key usage of pubkey.
13336
2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13338
* lib/gnutls_pubkey.c: Set public key bits on all import functions.
13339
Issue reported by Murray Kucheawy.
13341
2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13343
* NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/pkcs11.h,
13344
lib/pkcs11_int.h, lib/pkcs11_privkey.c:
13345
gnutls_pkcs11_privkey_sign_data(),
13346
gnutls_pkcs11_privkey_sign_hash2() and
13347
gnutls_pkcs11_privkey_decrypt_data() were removed. The abstract.h
13348
functions should be used instead.
13350
2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13352
* NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/openpgp.h,
13353
lib/openpgp/gnutls_openpgp.h, lib/openpgp/pgp.c,
13354
lib/openpgp/privkey.c: Removed the newly added functions:
13355
gnutls_openpgp_privkey_sign_hash2(),
13356
gnutls_openpgp_privkey_sign_data2(),
13357
gnutls_openpgp_crt_verify_hash() That way the operations in
13358
abstract.h should be used to get the same functionality, and API
13359
will be kept simple and easier to maintain. The corresponding
13360
gnutls_x509_* are kept for backwards compatibility.
13362
2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13364
* lib/gnutls_sig.c: Do not be strict on RSA hash algorithm selection
13367
2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13369
* lib/gnutls_cert.h, lib/gnutls_sig.c, lib/gnutls_x509.c: Removed
13370
unneeded definitions, and more careful deinitializations in
13371
parse_der_cert_mem().
13373
2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13375
* tests/pathlen/ca-no-pathlen.pem,
13376
tests/pathlen/no-ca-or-pathlen.pem: updated certificates to account
13377
for extra null byte added in negative numbers.
13379
2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13381
* tests/cve-2009-1415.c: Account for GNUTLS_E_PK_SIG_VERIFY_FAILED.
13383
2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13385
* lib/gnutls_privkey.c: Corrected bug in gnutls_privkey_sign_data().
13387
2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13389
* lib/gnutls_sig.c: some fixes in pk_prepare_hash().
13391
2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13393
* NEWS, lib/gnutls_pubkey.c, lib/openpgp/pgp.c, lib/x509/privkey.c,
13394
lib/x509/verify.c, lib/x509/x509.c, tests/x509sign-verify.c: The
13395
verification functions now return a GNUTLS_E_PK_SIG_VERIFY_FAILED on
13396
signature verification error.
13398
2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13400
* src/p11tool-gaa.c, src/p11tool.gaa: The default input format for
13403
2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13405
* lib/gnutls_pubkey.c: importing a pubkey from raw params will set
13406
the bits field correctly.
13408
2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13410
* NEWS: Documented the addtion of gnutls_pubkey_import_privkey() and
13411
gnutls_pubkey_verify_data()
13413
2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13415
* lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
13416
lib/libgnutls.map, lib/x509/verify.c, tests/x509sign-verify.c: Added
13417
gnutls_pubkey_verify_data and test vectors.
13419
2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13421
* doc/errcodes.c, doc/examples/ex-alert.c,
13422
doc/examples/ex-cert-select-pkcs11.c,
13423
doc/examples/ex-cert-select.c, doc/examples/ex-client-psk.c,
13424
doc/examples/ex-client-resume.c, doc/examples/ex-client-srp.c,
13425
doc/examples/ex-client-tlsia.c, doc/examples/ex-client1.c,
13426
doc/examples/ex-client2.c, doc/examples/ex-crq.c,
13427
doc/examples/ex-pkcs12.c, doc/examples/ex-rfc2818.c,
13428
doc/examples/ex-serv-anon.c, doc/examples/ex-serv-pgp.c,
13429
doc/examples/ex-serv-psk.c, doc/examples/ex-serv-srp.c,
13430
doc/examples/ex-serv1.c, doc/examples/ex-session-info.c,
13431
doc/examples/ex-verify.c, doc/examples/ex-x509-info.c,
13432
doc/examples/examples.h, doc/examples/tcp.c, doc/printlist.c,
13433
guile/src/core.c, guile/src/extra.c, guile/src/utils.h,
13434
lib/abstract_int.h, lib/auth_anon.c, lib/auth_cert.c,
13435
lib/auth_cert.h, lib/auth_dh_common.c, lib/auth_dh_common.h,
13436
lib/auth_dhe.c, lib/auth_dhe_psk.c, lib/auth_psk.c,
13437
lib/auth_psk_passwd.c, lib/auth_psk_passwd.h, lib/auth_rsa.c,
13438
lib/auth_rsa_export.c, lib/auth_srp.c, lib/auth_srp.h,
13439
lib/auth_srp_passwd.c, lib/auth_srp_passwd.h, lib/auth_srp_rsa.c,
13440
lib/auth_srp_sb64.c, lib/crypto-api.c, lib/crypto.c, lib/crypto.h,
13441
lib/cryptodev.c, lib/debug.c, lib/ext_cert_type.c,
13442
lib/ext_max_record.c, lib/ext_safe_renegotiation.c,
13443
lib/ext_safe_renegotiation.h, lib/ext_server_name.c,
13444
lib/ext_session_ticket.c, lib/ext_signature.c, lib/ext_signature.h,
13445
lib/ext_srp.c, lib/gcrypt/cipher.c, lib/gcrypt/init.c,
13446
lib/gcrypt/mac.c, lib/gcrypt/mpi.c, lib/gcrypt/pk.c,
13447
lib/gnutls_alert.c, lib/gnutls_algorithms.c,
13448
lib/gnutls_algorithms.h, lib/gnutls_anon_cred.c, lib/gnutls_auth.c,
13449
lib/gnutls_auth.h, lib/gnutls_buffers.c, lib/gnutls_buffers.h,
13450
lib/gnutls_cert.c, lib/gnutls_cert.h, lib/gnutls_cipher.c,
13451
lib/gnutls_cipher.h, lib/gnutls_cipher_int.c,
13452
lib/gnutls_cipher_int.h, lib/gnutls_compress.c,
13453
lib/gnutls_compress.h, lib/gnutls_constate.c,
13454
lib/gnutls_constate.h, lib/gnutls_datum.c, lib/gnutls_datum.h,
13455
lib/gnutls_db.c, lib/gnutls_db.h, lib/gnutls_dh.c, lib/gnutls_dh.h,
13456
lib/gnutls_dh_primes.c, lib/gnutls_errors.c,
13457
lib/gnutls_extensions.c, lib/gnutls_extensions.h,
13458
lib/gnutls_global.c, lib/gnutls_handshake.c,
13459
lib/gnutls_handshake.h, lib/gnutls_hash_int.c,
13460
lib/gnutls_hash_int.h, lib/gnutls_int.h, lib/gnutls_kx.c,
13461
lib/gnutls_kx.h, lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h,
13462
lib/gnutls_mem.h, lib/gnutls_mpi.c, lib/gnutls_mpi.h,
13463
lib/gnutls_num.c, lib/gnutls_pk.c, lib/gnutls_pk.h,
13464
lib/gnutls_priority.c, lib/gnutls_privkey.c, lib/gnutls_psk.c,
13465
lib/gnutls_psk_netconf.c, lib/gnutls_pubkey.c, lib/gnutls_record.c,
13466
lib/gnutls_record.h, lib/gnutls_rsa_export.c, lib/gnutls_session.c,
13467
lib/gnutls_session_pack.c, lib/gnutls_session_pack.h,
13468
lib/gnutls_sig.c, lib/gnutls_sig.h, lib/gnutls_srp.c,
13469
lib/gnutls_srp.h, lib/gnutls_state.c, lib/gnutls_state.h,
13470
lib/gnutls_str.c, lib/gnutls_str.h, lib/gnutls_supplemental.c,
13471
lib/gnutls_supplemental.h, lib/gnutls_ui.c, lib/gnutls_v2_compat.c,
13472
lib/gnutls_v2_compat.h, lib/gnutls_x509.c, lib/gnutls_x509.h,
13473
lib/includes/gnutls/abstract.h, lib/includes/gnutls/compat.h,
13474
lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
13475
lib/includes/gnutls/gnutlsxx.h, lib/includes/gnutls/openpgp.h,
13476
lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/pkcs12.h,
13477
lib/includes/gnutls/x509.h, lib/locks.c, lib/nettle/cipher.c,
13478
lib/nettle/egd.c, lib/nettle/mpi.c, lib/nettle/pk.c,
13479
lib/nettle/rnd.c, lib/opencdk/armor.c, lib/opencdk/context.h,
13480
lib/opencdk/dummy.c, lib/opencdk/filters.h, lib/opencdk/hash.c,
13481
lib/opencdk/kbnode.c, lib/opencdk/keydb.c, lib/opencdk/keydb.h,
13482
lib/opencdk/literal.c, lib/opencdk/main.c, lib/opencdk/main.h,
13483
lib/opencdk/misc.c, lib/opencdk/new-packet.c,
13484
lib/opencdk/opencdk.h, lib/opencdk/packet.h, lib/opencdk/pubkey.c,
13485
lib/opencdk/read-packet.c, lib/opencdk/seskey.c,
13486
lib/opencdk/sig-check.c, lib/opencdk/stream.c,
13487
lib/opencdk/stream.h, lib/opencdk/verify.c,
13488
lib/opencdk/write-packet.c, lib/openpgp/compat.c,
13489
lib/openpgp/extras.c, lib/openpgp/gnutls_openpgp.c,
13490
lib/openpgp/gnutls_openpgp.h, lib/openpgp/openpgp_int.h,
13491
lib/openpgp/output.c, lib/openpgp/pgp.c, lib/openpgp/pgpverify.c,
13492
lib/openpgp/privkey.c, lib/pakchois/pakchois.c,
13493
lib/pakchois/pakchois.h, lib/pakchois/pakchois11.h, lib/pkcs11.c,
13494
lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
13495
lib/pkcs11_write.c, lib/random.c, lib/system.c, lib/system.h,
13496
lib/x509/common.c, lib/x509/common.h, lib/x509/crl.c,
13497
lib/x509/crl_write.c, lib/x509/crq.c, lib/x509/dn.c,
13498
lib/x509/extensions.c, lib/x509/mpi.c, lib/x509/output.c,
13499
lib/x509/pbkdf2-sha1.c, lib/x509/pbkdf2-sha1.h, lib/x509/pkcs12.c,
13500
lib/x509/pkcs12_bag.c, lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c,
13501
lib/x509/privkey.c, lib/x509/privkey_pkcs8.c,
13502
lib/x509/rfc2818_hostname.c, lib/x509/sign.c, lib/x509/verify.c,
13503
lib/x509/x509.c, lib/x509/x509_int.h, lib/x509/x509_write.c,
13504
lib/x509_b64.c, lib/x509_b64.h, libextra/ext_inner_application.c,
13505
libextra/ext_inner_application.h, libextra/gnutls_extra.c,
13506
libextra/gnutls_ia.c, libextra/gnutls_openssl.c,
13507
libextra/includes/gnutls/extra.h,
13508
libextra/includes/gnutls/openssl.h, libextra/openssl_compat.c,
13509
libextra/openssl_compat.h, maint.mk, src/benchmark.c,
13510
src/certtool-cfg.c, src/certtool-cfg.h, src/certtool-common.c,
13511
src/certtool-common.h, src/certtool.c, src/cli.c, src/common.c,
13512
src/common.h, src/crypt.c, src/p11tool.c, src/p11tool.h,
13513
src/pkcs11.c, src/prime.c, src/psk.c, src/serv.c, src/tests.c,
13514
src/tests.h, src/tls_test.c, tests/anonself.c,
13515
tests/certificate_set_x509_crl.c, tests/chainverify.c,
13516
tests/crq_apis.c, tests/crq_key_id.c, tests/cve-2008-4989.c,
13517
tests/dhepskself.c, tests/dn.c, tests/dn2.c, tests/gc.c,
13518
tests/mini-eagain.c, tests/mini-x509-rehandshake.c,
13519
tests/mini-x509.c, tests/mini.c, tests/mpi.c,
13520
tests/nul-in-x509-names.c, tests/openpgp-auth.c,
13521
tests/openpgp-keyring.c, tests/openpgp_test.c, tests/openpgpself.c,
13522
tests/openssl.c, tests/pgps2kgnu.c, tests/pkcs12_encode.c,
13523
tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c, tests/pskself.c,
13524
tests/resume.c, tests/safe-renegotiation/srn0.c,
13525
tests/safe-renegotiation/srn1.c, tests/safe-renegotiation/srn2.c,
13526
tests/safe-renegotiation/srn3.c, tests/safe-renegotiation/srn4.c,
13527
tests/safe-renegotiation/srn5.c, tests/set_pkcs12_cred.c,
13528
tests/simple.c, tests/tlsia.c, tests/utils.c, tests/utils.h,
13529
tests/x509_altname.c, tests/x509_test.c, tests/x509dn.c,
13530
tests/x509self.c, tests/x509sign-verify.c: Indented code. Use same
13531
indentation but with -nut to avoid usage of tabs. In several editors
13532
tabs can be configured not to be 8 spaces and this produces
13533
artifacts with the current indentation that is a mixture of tabs and
13536
2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13538
* lib/gnutls_privkey.c: _gnutls_privkey_get_public_mpis() handles
13541
2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13543
* lib/abstract_int.h, lib/gnutls_privkey.c, lib/gnutls_pubkey.c,
13544
lib/includes/gnutls/abstract.h, lib/libgnutls.map: Added
13545
gnutls_pubkey_import_privkey(), that will copy the public key from a
13546
gnutls_privkey_t structure.
13548
2010-12-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13550
* NEWS, lib/libgnutls.map: Do not export the non-existant symbols
13551
gnutls_pkcs11_privkey_sign_hash and gnutls_privkey_sign_hash.
13553
2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13555
* NEWS: documented new functions
13557
2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13559
* NEWS: Added new functions.
13561
2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13563
* lib/libgnutls.map: Added new functions.
13565
2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13567
* lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h:
13568
de-deprecated gnutls_x509_crt_verify_hash()
13570
2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13572
* lib/includes/gnutls/openpgp.h, lib/libgnutls.map,
13573
lib/openpgp/pgp.c, tests/x509sign-verify.c: Added
13574
gnutls_openpgp_crt_verify_hash().
13576
2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13578
* lib/includes/gnutls/pkcs11.h, lib/pkcs11_privkey.c: added
13579
gnutls_privkey_sign_hash2()
13581
2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13583
* lib/gnutls_privkey.c, lib/gnutls_sig.c, lib/gnutls_sig.h,
13584
lib/openpgp/privkey.c, lib/pkcs11_privkey.c, lib/x509/privkey.c:
13585
Simplified preparation of signing code.
13587
2010-12-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13589
* lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/gnutls_sig.c,
13590
lib/gnutls_sig.h, lib/openpgp/gnutls_openpgp.h,
13591
lib/openpgp/privkey.c, lib/pkcs11_int.h, lib/pkcs11_privkey.c,
13592
lib/x509/Makefile.am, lib/x509/privkey.c, lib/x509/sign.c,
13593
lib/x509/sign.h: deprecated x509/sign.h and moved functionality of
13594
it in gnutls_sig.h.
13596
2010-12-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13598
* lib/x509/sign.c: pk_hash_data() will fail unless DSA or RSA are
13601
2010-12-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13603
* lib/x509/privkey.c: better comments
13605
2010-12-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13607
* lib/openpgp/gnutls_openpgp.c, lib/openpgp/privkey.c:
13608
reorganization of the privkey_ functions().
13610
2010-12-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13612
* lib/gnutls_privkey.c, lib/includes/gnutls/abstract.h,
13613
lib/includes/gnutls/compat.h, lib/includes/gnutls/openpgp.h,
13614
lib/includes/gnutls/x509.h, lib/libgnutls.map,
13615
lib/openpgp/gnutls_openpgp.c, lib/x509/privkey.c: Introduced
13616
gnutls_*_privkey_sign_hash2() that is a high level function to
13617
produce signatures.
13619
2010-12-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13621
* lib/gnutls_privkey.c, lib/pkcs11_privkey.c, lib/x509/privkey.c,
13622
lib/x509/sign.c, lib/x509/sign.h: Separated the sign_data functions
13623
to a hashing phase, a preparing phase, and the actual signing.
13625
2010-12-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13627
* NEWS: documented deprecated functions.
13629
2010-12-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13631
* lib/includes/gnutls/compat.h, lib/includes/gnutls/openpgp.h,
13632
lib/includes/gnutls/pkcs11.h: All the sign hash functions were
13635
2010-12-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13637
* lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h:
13638
gnutls_x509_privkey_sign_hash() is dangerous and was deprecated.
13639
Added some text explaining why some functions were deprecated.
13641
2010-12-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13643
* NEWS: documented previous update.
13645
2010-12-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13647
* lib/x509/privkey.c, lib/x509/x509.c: export_raw() functions now
13648
add leading zero in mpis.
13650
2010-12-07 Simon Josefsson <simon@josefsson.org>
13654
2010-12-07 Simon Josefsson <simon@josefsson.org>
13656
* lib/includes/gnutls/crypto.h: C++ fixes, tiny patch from "Brendan
13657
Doherty" <brendand@gentrack.com>.
13659
2010-12-07 Simon Josefsson <simon@josefsson.org>
13661
* gl/m4/getdelim.m4, gl/m4/getline.m4, gl/m4/memchr.m4,
13662
gl/m4/printf.m4, gl/m4/stdint.m4, lib/gl/m4/fcntl-o.m4,
13663
lib/gl/m4/iconv.m4, lib/gl/m4/intdiv0.m4, lib/gl/m4/memchr.m4,
13664
lib/gl/m4/memmem.m4, lib/gl/m4/printf.m4, lib/gl/m4/stdint.m4:
13665
Update gnulib files.
13667
2010-12-07 Simon Josefsson <simon@josefsson.org>
13669
* NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
13670
libextra/configure.ac: Bump versions.
13672
2010-12-07 Simon Josefsson <simon@josefsson.org>
13674
* ChangeLog: Generated.
13676
2010-12-07 Simon Josefsson <simon@josefsson.org>
13678
* configure.ac, lib/configure.ac, lib/m4/hooks.m4,
13679
libextra/configure.ac: Bump versions.
13681
2010-12-06 Simon Josefsson <simon@josefsson.org>
13683
* ChangeLog: Generated.
13685
2010-12-06 Simon Josefsson <simon@josefsson.org>
13687
* tests/Makefile.am: Don't fail on 'make distcheck'.
13689
2010-12-06 Simon Josefsson <simon@josefsson.org>
13691
* NEWS: Version 2.11.6.
13693
2010-12-06 Simon Josefsson <simon@josefsson.org>
13695
* lib/gnutls_str.c: Indent.
13697
2010-12-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13699
* NEWS: documented SSL 3.0 record version change.
13701
2010-12-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13703
* lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_priority.c:
13704
SSL3_RECORD_VERSION priority option is now the default. That is in
13705
order to not confuse non TLS 1.2 compliant implementations that
13706
don't like a TLS 1.2 record.
13708
2010-12-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13710
* lib/gnutls_str.c: simplified escape and unescape.
13712
2010-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13714
* THANKS: Added Michael.
13716
2010-12-06 Simon Josefsson <simon@josefsson.org>
13718
* cfg.mk, lib/gnutls_priority.c, lib/gnutls_state.c,
13719
lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in,
13720
lib/includes/gnutls/pkcs11.h, lib/nettle/rnd.c, lib/pkcs11.c,
13721
lib/pkcs11_int.h, lib/pkcs11_secret.c, lib/pkcs11_write.c,
13722
lib/x509/verify.c, src/certtool-common.c, src/certtool-common.h,
13723
src/certtool.c, src/cli.c, src/common.c, src/p11tool.c,
13724
src/p11tool.h, src/pkcs11.c, src/serv.c, tests/chainverify.c,
13725
tests/openpgp-auth.c: Indent code.
13727
2010-12-06 Simon Josefsson <simon@josefsson.org>
13729
* maint.mk: Update gnulib files.
13731
2010-12-06 Simon Josefsson <simon@josefsson.org>
13733
* gl/override/top/maint.mk.diff: Remove.
13735
2010-12-06 Simon Josefsson <simon@josefsson.org>
13737
* .gitignore: Update.
13739
2010-12-06 Simon Josefsson <simon@josefsson.org>
13741
* lib/gnutls_priority.c, lib/pkcs11_secret.c, src/p11tool.c,
13742
src/p11tool.gaa: Fix syntax-check nits.
13744
2010-12-06 Simon Josefsson <simon@josefsson.org>
13746
* .x-sc_bindtextdomain: Ignore more.
13748
2010-12-06 Simon Josefsson <simon@josefsson.org>
13750
* GNUmakefile, build-aux/gendocs.sh, build-aux/pmccabe.css,
13751
build-aux/pmccabe2html, gl/Makefile.am, gl/arpa_inet.in.h,
13752
gl/float+.h, gl/gettext.h, gl/inet_ntop.c, gl/intprops.h,
13753
gl/m4/alloca.m4, gl/m4/arpa_inet_h.m4, gl/m4/getdelim.m4,
13754
gl/m4/getline.m4, gl/m4/getpass.m4, gl/m4/gnulib-common.m4,
13755
gl/m4/gnulib-comp.m4, gl/m4/mmap-anon.m4, gl/m4/printf.m4,
13756
gl/m4/readline.m4, gl/m4/string_h.m4, gl/m4/sys_ioctl_h.m4,
13757
gl/m4/sys_select_h.m4, gl/m4/sys_socket_h.m4, gl/m4/unistd_h.m4,
13758
gl/m4/vasnprintf.m4, gl/m4/wchar_h.m4, gl/printf-parse.c,
13759
gl/printf-parse.h, gl/stdint.in.h, gl/stdio.in.h, gl/stdlib.in.h,
13760
gl/string.in.h, gl/sys_select.in.h, gl/sys_socket.in.h,
13761
gl/tests/Makefile.am, gl/tests/init.sh,
13762
gl/tests/test-select-stdin.c, gl/tests/test-select.c,
13763
gl/tests/test-update-copyright.sh, gl/tests/verify.h, gl/time.in.h,
13764
gl/unistd.in.h, gl/vasnprintf.c, gl/verify.h, gl/wchar.in.h,
13765
lib/gl/Makefile.am, lib/gl/float+.h, lib/gl/gettext.h,
13766
lib/gl/m4/alloca.m4, lib/gl/m4/glibc2.m4, lib/gl/m4/glibc21.m4,
13767
lib/gl/m4/gnulib-common.m4, lib/gl/m4/gnulib-comp.m4,
13768
lib/gl/m4/iconv.m4, lib/gl/m4/memmem.m4, lib/gl/m4/mmap-anon.m4,
13769
lib/gl/m4/printf.m4, lib/gl/m4/string_h.m4,
13770
lib/gl/m4/sys_socket_h.m4, lib/gl/m4/unistd_h.m4,
13771
lib/gl/m4/vasnprintf.m4, lib/gl/m4/wchar_h.m4,
13772
lib/gl/printf-parse.c, lib/gl/printf-parse.h, lib/gl/stdint.in.h,
13773
lib/gl/stdio.in.h, lib/gl/stdlib.in.h, lib/gl/string.in.h,
13774
lib/gl/sys_socket.in.h, lib/gl/tests/Makefile.am,
13775
lib/gl/tests/init.sh, lib/gl/tests/intprops.h,
13776
lib/gl/tests/verify.h, lib/gl/time.in.h, lib/gl/unistd.in.h,
13777
lib/gl/vasnprintf.c, lib/gl/verify.h, lib/gl/wchar.in.h,
13778
libextra/gl/m4/gnulib-common.m4, maint.mk: Update gnulib files.
13780
2010-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13782
* tests/Makefile.am: Temporarily remove gendh test. It takes
13783
extremely long time under valgrind.
13785
2010-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13787
* NEWS, lib/gnutls_sig.c, lib/x509/common.c, lib/x509/common.h,
13788
lib/x509/mpi.c, lib/x509/sign.c, lib/x509/verify.c: Use ASN1_NULL
13789
when writing parameters for RSA signatures. This makes us comply
13790
with RFC3279. Reported by Michael Rommel.
13792
2010-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13794
* NEWS, src/serv.c: Corrected buffer overflow in gnutls-serv by
13795
Tomas Mraz. The gnutls-serv uses fixed allocated buffer for the response which
13796
can be pretty long if a client certificate is presented to it and
13797
the http header is large. This causes buffer overflow and heap
13798
corruption which then leads to random segfaults or aborts. It was reported originally here:
13799
https://bugzilla.redhat.com/show_bug.cgi?id=659259 The attached patch changes sprintf calls in peer_print_info() to
13800
snprintf so the buffer is never overflowed.
13802
2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13804
* lib/m4/hooks.m4: increased revision
13806
2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13808
* src/Makefile.am: Added p11tool.h
13810
2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13812
* NEWS: released 2.11.5
13814
2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13816
* doc/cha-internals.texi: escaped chars.
13818
2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13820
* doc/cha-internals.texi: Updated extension writing code. Still not
13823
2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13825
* doc/cha-cert-auth.texi: PKCS #11 fixes
13827
2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13829
* doc/examples/ex-cert-select-pkcs11.c: Corrected pkcs11 example
13832
2010-11-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13834
* src/pkcs11.c: Prefix mechanism number with 0x.
13836
2010-11-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13838
* lib/pakchois/pakchois11.h, src/pkcs11.c: Added camellia and
13841
2010-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13843
* configure.ac, lib/configure.ac, lib/nettle/rnd.c: Use rusage if
13844
present. Moved check to correct config and included resource.h
13847
2010-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13849
* lib/nettle/rnd.c: More details on the text
13851
2010-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13853
* lib/pkcs11.c: Corrected copyright statement
13855
2010-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13857
* lib/nettle/rnd.c: Corrected copyright header. Added Niels.
13859
2010-11-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13861
* NEWS, lib/gnutls_cert.c, lib/includes/gnutls/x509.h,
13862
lib/x509/verify.c, src/certtool.c, src/cli.c, tests/chainverify.c:
13863
Reverted default behavior for verification and introduced
13864
GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT. Thus by default V1
13865
trusted CAs are allowed, unless the new flag is specified.
13867
2010-11-25 Simon Josefsson <simon@josefsson.org>
13871
2010-11-25 Simon Josefsson <simon@josefsson.org>
13873
* tests/suite/Makefile.in: Remove, it is generated.
13875
2010-11-25 Simon Josefsson <simon@josefsson.org>
13877
* README: No space at eol.
13879
2010-11-25 Simon Josefsson <simon@josefsson.org>
13881
* tests/safe-renegotiation/Makefile.am: Fix syntax-check warning.
13883
2010-11-25 Simon Josefsson <simon@josefsson.org>
13885
* cfg.mk: Ignore tests/suite for syntax-checks, not our code.
13887
2010-11-25 Simon Josefsson <simon@josefsson.org>
13889
* README: Recommend git format-patch rather than git diff.
13891
2010-11-24 Jeffrey Walton <noloader@gmail.com>
13893
* README: Attached is a proposed modification to the README file,
13894
including recent comments by Simon.
13896
2010-11-23 Simon Josefsson <simon@josefsson.org>
13898
* guile/src/Makefile.am: Fix dependencies, fixes parallel builds. Tiny patch from Graham Gower <graham.gower@gmail.com>.
13900
2010-11-19 Simon Josefsson <simon@josefsson.org>
13902
* doc/Makefile.am: Remove file.
13904
2010-11-19 Simon Josefsson <simon@josefsson.org>
13906
* doc/manpages/Makefile.am: Generated.
13908
2010-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13910
* configure.ac, tests/suite/Makefile.in: Create Makefile in
13913
2010-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13915
* src/cli.c, src/psk-gaa.c, src/psk-gaa.h, src/psk.c, src/psk.gaa,
13916
tests/Makefile.am, tests/netconf-psk.c: Deprecate the netconf
13917
password and use a key only.
13919
2010-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13921
* doc/credentials/gnutls-http-serv: correctly set psk params.
13923
2010-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13927
2010-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13929
* lib/x509/privkey_pkcs8.c: Correctly write DSA public key in ASN.1
13930
(add leading zero). Reported by Jeffrey Walton.
13932
2010-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13934
* lib/x509/mpi.c: cleanups
13936
2010-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13938
* doc/cha-auth.texi, lib/includes/gnutls/compat.h,
13939
lib/includes/gnutls/gnutls.h.in: Deprecated the key derivation
13940
method from netconf. The published RFC does not include this method
13941
and it is not known whether it has been used at all in practice. No
13942
need to support it.
13944
2010-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13946
* NEWS, lib/gnutls_priority.c: Added SIGN-ALL, CTYPE-ALL, COMP-ALL,
13947
and VERS-TLS-ALL priority strings.
13949
2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13951
* lib/gnutls_x509.c: Removed redundant error check. Reported by
13954
2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13956
* lib/includes/gnutls/pkcs11.h, lib/libgnutls.map, lib/pkcs11.c,
13957
src/p11tool-gaa.c, src/p11tool-gaa.h, src/p11tool.c,
13958
src/p11tool.gaa, src/p11tool.h, src/pkcs11.c: Added
13959
--list-mechanisms option to p11tool. Lists all mechanisms supported
13962
2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13964
* doc/manpages/Makefile.am, doc/manpages/p11tool.1: Added manpage
13967
2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13969
* doc/manpages/certtool.1, doc/manpages/gnutls-cli.1,
13970
doc/manpages/gnutls-serv.1, doc/manpages/srptool.1: Corrected my
13973
2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13975
* src/p11tool-gaa.c, src/p11tool.gaa: In p11tool --url was renamed
13978
2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13980
* src/p11tool-gaa.c, src/p11tool-gaa.h, src/p11tool.gaa,
13981
src/pkcs11.c: Corrected bug in secret key copy. Rationalized the
13984
2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13986
* lib/pkcs11.c, lib/pkcs11_secret.c: * Corrected flag conversion to internal representation. * When generating secret keys include a generic key type and a
13989
2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
13991
* Added option --no-detailed-url to p11tool. More detailed url is the
13996
13557
Copyright (C) 2005-2012 Free Software Foundation, Inc.