1 2011-09-03 Andreas Metzler <ametzler@downhill.at.eu.org>
3 * lib/configure.ac: Add p11-kit-1 to gnutls.pc Requires.private. If building with PKCS#11 support append p11-kit-1 to gnutls.pc
4 Requires.private. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
6 2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8 * build-aux/snippet/_Noreturn.h, build-aux/snippet/arg-nonnull.h,
9 build-aux/snippet/c++defs.h, build-aux/snippet/warn-on-use.h: added
12 2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
14 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
15 libextra/configure.ac: bumped version
17 2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
19 * src/crypt-gaa.c: compiled with newer gaa.
21 2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
23 * tests/openpgpself.c: explicitly enable openpgp certtype in tests.
25 2011-08-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
27 * lib/configure.ac: do not exit configure if p11-kit is not found.
29 2011-08-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
31 * NEWS, lib/gnutls_priority.c: OpenPGP certificate type is not
34 2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
36 * src/common.h: removed unneeded headers.
38 2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
40 * NEWS: documented updates
42 2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
44 * lib/gnutls_record.c: Corrected error checking in
47 2011-08-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
49 * lib/gl/Makefile.am, lib/gl/alignof.h, lib/gl/close-hook.c,
50 lib/gl/close-hook.h, lib/gl/errno.in.h, lib/gl/fd-hook.c,
51 lib/gl/fd-hook.h, lib/gl/float.c, lib/gl/float.in.h,
52 lib/gl/fseek.c, lib/gl/fseeko.c, lib/gl/ftell.c,
53 lib/gl/m4/alloca.m4, lib/gl/m4/asm-underscore.m4,
54 lib/gl/m4/byteswap.m4, lib/gl/m4/errno_h.m4,
55 lib/gl/m4/extensions.m4, lib/gl/m4/fcntl_h.m4,
56 lib/gl/m4/float_h.m4, lib/gl/m4/fpieee.m4, lib/gl/m4/fseek.m4,
57 lib/gl/m4/fseeko.m4, lib/gl/m4/ftell.m4, lib/gl/m4/ftello.m4,
58 lib/gl/m4/getpagesize.m4, lib/gl/m4/gnulib-cache.m4,
59 lib/gl/m4/gnulib-common.m4, lib/gl/m4/gnulib-comp.m4,
60 lib/gl/m4/include_next.m4, lib/gl/m4/inttypes.m4,
61 lib/gl/m4/largefile.m4, lib/gl/m4/lseek.m4, lib/gl/m4/malloc.m4,
62 lib/gl/m4/memchr.m4, lib/gl/m4/memmem.m4, lib/gl/m4/mmap-anon.m4,
63 lib/gl/m4/netdb_h.m4, lib/gl/m4/po.m4, lib/gl/m4/printf.m4,
64 lib/gl/m4/read-file.m4, lib/gl/m4/realloc.m4,
65 lib/gl/m4/snprintf.m4, lib/gl/m4/socklen.m4, lib/gl/m4/sockpfaf.m4,
66 lib/gl/m4/stdbool.m4, lib/gl/m4/stddef_h.m4, lib/gl/m4/stdint.m4,
67 lib/gl/m4/stdio_h.m4, lib/gl/m4/stdlib_h.m4, lib/gl/m4/strcase.m4,
68 lib/gl/m4/string_h.m4, lib/gl/m4/strings_h.m4,
69 lib/gl/m4/strverscmp.m4, lib/gl/m4/sys_socket_h.m4,
70 lib/gl/m4/sys_uio_h.m4, lib/gl/m4/time_r.m4, lib/gl/m4/unistd_h.m4,
71 lib/gl/m4/vsnprintf.m4, lib/gl/m4/warn-on-use.m4,
72 lib/gl/m4/wchar_h.m4, lib/gl/malloc.c, lib/gl/netdb.in.h,
73 lib/gl/realloc.c, lib/gl/sockets.c, lib/gl/stddef.in.h,
74 lib/gl/stdint.in.h, lib/gl/stdio-write.c, lib/gl/stdio.in.h,
75 lib/gl/stdlib.in.h, lib/gl/str-two-way.h, lib/gl/string.in.h,
76 lib/gl/strings.in.h, lib/gl/sys_socket.in.h, lib/gl/sys_stat.in.h,
77 lib/gl/sys_uio.in.h, lib/gl/tests/Makefile.am,
78 lib/gl/tests/fcntl.in.h, lib/gl/tests/fpucw.h,
79 lib/gl/tests/init.sh, lib/gl/tests/intprops.h,
80 lib/gl/tests/inttypes.in.h, lib/gl/tests/macros.h,
81 lib/gl/tests/test-fcntl-h.c, lib/gl/tests/test-float.c,
82 lib/gl/tests/test-fseek.c, lib/gl/tests/test-fseek.sh,
83 lib/gl/tests/test-fseek2.sh, lib/gl/tests/test-fseeko3.c,
84 lib/gl/tests/test-fseeko3.sh, lib/gl/tests/test-ftell.c,
85 lib/gl/tests/test-ftell.sh, lib/gl/tests/test-ftell2.sh,
86 lib/gl/tests/test-ftell3.c, lib/gl/tests/test-intprops.c,
87 lib/gl/tests/test-inttypes.c, lib/gl/tests/test-snprintf.c,
88 lib/gl/tests/test-sys_socket.c, lib/gl/tests/test-sys_uio.c,
89 lib/gl/tests/test-verify.c, lib/gl/tests/test-vsnprintf.c,
90 lib/gl/tests/test-wchar.c, lib/gl/time.in.h, lib/gl/unistd.in.h,
91 lib/gl/vasnprintf.c, lib/gl/verify.h, lib/gl/wchar.in.h: Added new
94 2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
96 * NEWS, lib/x509/x509.c: XmppAddr -> UTF8String
98 2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
100 * NEWS, lib/gnutls_privkey.c, lib/gnutls_x509.c,
101 lib/includes/gnutls/abstract.h, lib/openpgp/gnutls_openpgp.c,
102 lib/openpgp/gnutls_openpgp.h, lib/openpgp/privkey.c,
103 lib/x509/x509.c: gnutls_certificate_set_x509_key() and
104 gnutls_certificate_set_openpgp_key() operate as in gnutls 2.10.x and
105 do not require to hold the structures.
107 2011-08-22 Andreas Metzler <ametzler@debian.org>
109 * lib/libgnutls.map: Export export_gnutls_openpgp_privkey_sign_hash. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
111 2011-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
113 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
114 libextra/configure.ac: bumped version.
116 2011-08-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
118 * NEWS, libextra/includes/gnutls/openssl.h: Replaced typedef
119 gnutls_connection_end_t from openssl.h with an unsigned int.
121 2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
123 * NEWS: documented fix
125 2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
127 * lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, src/p11common.c:
128 Introduced GNUTLS_PKCS11_PIN_WRONG flag to indicate the previously
131 2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
133 * NEWS: documented fix
135 2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
137 * lib/pkcs11.c: Corrected issue when asking multiple times for PIN.
139 2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
141 * lib/configure.ac: corrected configure test.
143 2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
145 * doc/manpages/gnutls-cli.1: do not escape \#
147 2011-08-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
149 * lib/configure.ac: pakchois is no longer used
151 2011-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
153 * NEWS, lib/m4/hooks.m4: bumped library version
155 2011-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
157 * doc/cha-cert-auth.texi: document new config files of p11-kit.
159 2011-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
161 * lib/pkcs11.c: Prevent from loading twice the same module.
163 2011-08-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
165 * lib/auth_cert.c: better placement of ifdefs.
167 2011-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
171 2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
173 * src/p11common.c: check the output of fgets.
175 2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
177 * lib/pkcs11.c: corrected uninitialized warning.
179 2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
181 * README, README-alpha: document p11-kit
183 2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
185 * NEWS: documented p11-kit addition.
187 2011-08-01 Stef Walter <stefw@collabora.co.uk>
189 * lib/pkcs11.c: Don't try to do PKCS#11 login if session is already
190 logged in. * It is possible for new PKCS#11 sessions to be logged in if another logged in session already exists. * In these cases, don't log in, but detect the condition and return success. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
192 2011-08-01 Stef Walter <stefw@collabora.co.uk>
194 * lib/pkcs11_privkey.c: When finding private keys fail, return error
195 code. * Previously this would result in an endless loop. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
197 2011-07-07 Stef Walter <stefw@collabora.co.uk>
199 * configure.ac, lib/includes/gnutls/pkcs11.h, lib/pkcs11.c,
200 lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_write.c: pkcs11:
201 Use p11_kit_pin_xxx() functionality when 'pinfile' is in uris. * This allows other apps to register a handler for a specific
202 pinfile and then that application will be able to provide the PIN
203 for those URIs. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
205 2011-06-09 Stef Walter <stefw@collabora.co.uk>
207 * lib/Makefile.am, lib/pkcs11_int.h: Use pkcs11.h specification file
208 from p11-kit. * Remove one included briefly in gnutls. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
210 2011-06-09 Stef Walter <stefw@collabora.co.uk>
212 * lib/pkcs11.c, src/cli.c, src/p11common.c, src/pkcs11.c,
213 tests/suite/mini-eagain2.c: Fix up compiler warnings. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
215 2011-06-07 Stef Walter <stefw@collabora.co.uk>
217 * configure.ac, doc/examples/Makefile.am, lib/Makefile.am,
218 lib/auth_cert.c, lib/configure.ac, lib/gnutls_global.c,
219 lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/gnutls_x509.c,
220 lib/includes/gnutls/pkcs11.h, lib/pakchois/dlopen.c,
221 lib/pakchois/dlopen.h, lib/pakchois/errors.c,
222 lib/pakchois/pakchois.c, lib/pakchois/pakchois.h,
223 lib/pakchois/pakchois11.h, lib/pkcs11.c, lib/pkcs11_int.h,
224 lib/pkcs11_privkey.c, lib/pkcs11_secret.c, lib/pkcs11_write.c,
225 src/Makefile.am, src/certtool-common.c, src/certtool.c, src/cli.c,
226 src/p11tool.c, src/serv.c: The attached patch ports gnutls to
227 p11-kit. * p11-kit is added as a dependency. p11-kit itself has no
228 dependencies outside of basic libc stuff. The source code for
229 p11-kit is available both in git and tarball form. * If the gnutls dependency on p11-kit is disabled (via a configure option) then the PKCS#11 support is disabled. This is useful in
230 bare bones embedded systems or places where very minimal
231 dependencies are limited. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
233 2011-05-30 Stef Walter <stefw@collabora.co.uk>
235 * src/cli.c: gnutls-cli: Fix uninitialized variable when PKCS#11
236 uris in use. * When PKCS#11 URIs are in use previously tried to free
237 uninitialized memory. Initialize to zero. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
239 2011-07-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
241 * NEWS, lib/gnutls_str.h, lib/gnutls_x509.c,
242 lib/includes/gnutls/x509.h, lib/x509/x509.c, tests/x509cert.c: Added
243 GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED flag for
244 gnutls_x509_crt_list_import. It checks whether the list to be
245 imported is properly sorted.
247 2011-07-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
249 * lib/gnutls_x509.c: checking converted to gnutls_cert from pcert.
251 2011-07-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
253 * lib/x509/privkey.c: removed unused variable
255 2011-07-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
257 * configure.ac, lib/configure.ac, libextra/configure.ac: bumped
260 2011-07-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
262 * NEWS, lib/gnutls_errors.c, lib/gnutls_x509.c,
263 lib/includes/gnutls/gnutls.h.in: Added
264 GNUTLS_E_CERTIFICATE_LIST_UNSORTED. If a certificate list is loaded
265 then verify that it is sorted with order to starts with the subject
266 and finished with the trusted root. That way we make sure we don't
267 send data that violate the TLS protocol.
269 2011-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
271 * src/certtool-gaa.c, src/certtool.gaa: corrected typo
273 2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
275 * NEWS: documented updates.
277 2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
279 * lib/configure.ac, lib/gnutls.pc.in: only add zlib.pc if found.
280 Corrected libs.private in nettle case.
282 2011-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
284 * NEWS: documented fixes.
286 2011-07-25 Andreas Metzler <ametzler@downhill.at.eu.org>
288 * lib/gcrypt/pk.c: Replaced all occurences of gcry_sexp_nth_mpi
289 (..., 0) with gcry_sexp_nth_mpi (..., GCRYMPI_FMT_USG).
291 2011-07-25 Sjoerd Simons <sjoerd.simons@collabora.co.uk>
293 * lib/gnutls_buffers.c: writev_emu: stop on the first incomplete
294 write Just like standard writev, we should only move on to the next block
295 if all the previous ones have been successfully written out.
296 Otherwise there is a potential for data loss and/or confusing push
297 functions. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
299 2011-06-29 Petr PÃsaÅ™ <petr.pisar@atlas.cz>
301 * lib/gnutls_privkey.c: Honor uninitialized private key in
302 destructor Fixes bug #107730. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
304 2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
306 * src/certtool.c: Corrected initialization of key when generating
307 request. Reported by Petr Pisar.
309 2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
311 * lib/gnutls_rsa_export.c, lib/x509/privkey.c,
312 lib/x509/privkey_pkcs8.c, lib/x509/x509_int.h: Crippled status of
313 gnutls_x509_privkey_t was removed to avoid thread safety issues.
315 2011-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
317 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
318 libextra/configure.ac: bumped version.
320 2011-06-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
322 * src/p11common.c: Limit the number of attempts with the same PIN,
323 to avoid attempting again and again with a wrong PIN.
325 2011-06-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
327 * lib/pkcs11_write.c: When writing an object with CKA_TRUSTED set
328 CKA_PRIVATE explicitly to FALSE, to allow the SO to write it.
329 Reported by Rickard Bellgrim.
331 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
333 * src/Makefile.am: corrected makefile.
335 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
339 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
341 * lib/pkcs11.c, src/Makefile.am, src/p11common.c, src/pkcs11.c:
342 Corrections on security officer login.
344 2011-06-16 Rickard Bellgrim <rickard@opendnssec.org>
346 * lib/pkcs11_write.c: The CKA_SUBJECT must be specified for a
347 certificate. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
349 2011-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
351 * lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, src/pkcs11.c: When
352 setting the TRUSTED flag login as security officer.
354 2011-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
356 * lib/pkcs11_write.c: write label in PKCS #11 privkey.
358 2011-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
360 * lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/pkcs11.c,
361 lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
362 lib/pkcs11_write.c: define ck_bool_t to be compatible with PKCS #11
365 2011-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
367 * lib/pkcs11.c, lib/pkcs11_privkey.c: Return error code when an
368 object is not found. Only request for token insertion if the
369 expected data is not found. Based on patch by Stef Walter.
371 2011-06-06 Stef Walter <stefw@collabora.co.uk>
373 * tests/suite/Makefile.am: tests: Build eagain-cli with correct
374 libraries * Add -ldl -lpthread to linker flags Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
376 2011-05-30 Stef Walter <stefw@collabora.co.uk>
378 * lib/pkcs11.c: pkcs11: Accept CKR_USER_ALREADY_LOGGED_IN as
379 successful result for PAP Login * When doing CKF_PROTECTED_AUTHENTICATION_PATH login, accept CKR_USER_ALREADY_LOGGED_IN as a successful result. * Another code path, or another consumer of the same PKCS#11 module may have already logged in. * This is what the non PAP code path already does. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
381 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
383 * tests/dsa/testdsa: Corrected typo. Reported by Andreas Metzler.
385 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
387 * doc/manpages/Makefile.am: regenerated Makefile.
389 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
391 * configure.ac, lib/m4/hooks.m4: corrected .so version number.
393 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
395 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
396 libextra/configure.ac: preparing for release.
398 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
400 * lib/ext_signature.c, lib/gnutls_sig.c, lib/nettle/pk.c,
401 lib/x509/common.h, lib/x509/verify.c: Follow
402 http://tools.ietf.org/html/draft-mavrogiannopoulos-tls-dss-00 in DSA
403 signature generation.
405 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
407 * doc/cha-intro-tls.texi: updates
409 2011-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
411 * doc/cha-gtls-app.texi: Added parameter generation section.
413 2011-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
415 * doc/cha-intro-tls.texi: Compatibility text updated.
417 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
419 * NEWS: documented fix.
421 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
423 * lib/gnutls_handshake.c: Properly restore compression method on
424 session resumption. Reported by Dash Shendy.
426 2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
428 * lib/ext_session_ticket.c, lib/gnutls_db.c, lib/gnutls_global.c,
429 lib/gnutls_handshake.c, lib/gnutls_int.h,
430 lib/gnutls_session_pack.c, lib/gnutls_v2_compat.c,
431 lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
432 lib/nettle/rnd.c, lib/opencdk/keydb.c, lib/opencdk/literal.c,
433 lib/opencdk/read-packet.c, lib/opencdk/sig-check.c,
434 lib/openpgp/gnutls_openpgp.c, lib/system.c, lib/system.h,
435 lib/x509/common.c, lib/x509/verify.c: Added
436 gnutls_global_set_time_function() that allows overriding the default
437 system time() function.
439 2011-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
441 * doc/cha-programs.texi: updated documentation on PSK.
443 2011-05-25 Giuseppe Scrivano <gscrivano@gnu.org>
445 * doc/cha-programs.texi: PSK examples Hello, I have tried to set up a connection using PSK but I get this error
446 message all the time: *** Fatal error: A TLS fatal alert has been received. *** Received
447 alert [40]: Handshake failed *** Handshake has failed GnuTLS error:
448 A TLS fatal alert has been received. I took the examples from the documentation. the server: gnutls-serv -d 10 --pskpasswd psks.txt \ --pskhint psk_identity_hint the client: gnutls-cli -p 5556 localhost --pskusername psk_identity \ --pskkey key (where epsk_identity and key are the same as in the psks.txt file) I have also tried to use "--priority +PSK:+DHE-PSK" both for the
449 client and for the server without any difference. Do you have any idea? What am I missing? As proof that I have read the documentation, I have attached a small
450 patch. Thanks, Giuseppe From 009ccba073016787084a28047b633841d6784e54 Mon Sep 17 00:00:00
451 2001 From: Giuseppe Scrivano <gscrivano@gnu.org> Date: Wed, 25 May
452 2011 18:28:11 +0200 Subject: [PATCH] Fix example in the
453 documentation. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
455 2011-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
457 * lib/gnutls_buffers.c: do not try to write to a socket when no
460 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
462 * NEWS, lib/gnutls_pubkey.c: gnutls_pubkey_get_pk_dsa_raw() and
463 gnutls_pubkey_get_pk_rsa_raw add leading zeros to the exported
466 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
468 * lib/pkcs11.c: corrected file descriptor leak.
470 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
472 * src/certtool-common.c: corrected bug in load-pubkey.
474 2011-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
476 * src/p11common.c: corrected message reporting.
478 2011-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
480 * src/p11common.c: Corrected PIN caching.
482 2011-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
484 * lib/nettle/mpi.c: reduce the repetitions for rabin-miller to a
487 2011-05-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
491 2011-05-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
495 2011-05-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
497 * configure.ac, lib/configure.ac, lib/m4/hooks.m4,
498 libextra/configure.ac: bumped version
500 2011-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
504 2011-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
506 * lib/gnutls_str.c, lib/gnutls_str.h, lib/pkcs11.c: Correctly import
507 and export pkcs11-urls with ID field set.
509 2011-05-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
511 * doc/cha-intro-tls.texi: update on compatibility issues text.
513 2011-05-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
515 * lib/pkcs11.c: doc update in gnutls_pkcs11_init()
517 2011-05-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
519 * doc/cha-preface.texi: removed references that produced nothing in
522 2011-05-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
524 * doc/cha-intro-tls.texi: restructuring of nodes.
526 2011-05-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
528 * doc/cha-intro-tls.texi: Added discussion on compatibility issues.
530 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
532 * lib/libgnutls.map: removed merge artifact
534 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
536 * NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
537 lib/x509/crq.c, lib/x509/x509_write.c, tests/crq_key_id.c: Added
538 gnutls_x509_crq_verify().
540 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
542 * NEWS, doc/manpages/certtool.1, src/Makefile.am,
543 src/certtool-common.c, src/certtool-common.h, src/certtool.c,
544 src/common.c, src/p11common.c, src/p11common.h, src/pkcs11.c:
545 certtool can now load private keys and public keys from PKCS #11
548 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
550 * lib/pkcs11_privkey.c: gnutls_pkcs11_privkey_import_url() will
551 correctly set algorithm of private key.
553 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
555 * src/Makefile.am, src/certtool.c, src/p11tool.c: No libgnutls-extra
556 is required for certtool or p11tool.
558 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
560 * tests/rng-fork.c: Do not use /tmp for temporary file. Just use the
561 local (test) directory.
563 2011-05-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
565 * NEWS: documented guile fix.
567 2011-05-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
569 * ChangeLog, NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
570 libextra/configure.ac: bumped version.
572 2011-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
576 2011-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
578 * NEWS, THANKS, lib/gnutls_str.c, lib/gnutls_str.h,
579 lib/openpgp/pgp.c, lib/x509/rfc2818_hostname.c:
580 _gnutls_hostname_compare() was incredibly slow when over ten
581 wildcards were present. Set a limit on 6 wildcards to avoid any
582 denial of service attack. Reported by Kalle Olavi Niemitalo.
584 2011-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
586 * lib/gnutls_str.c, lib/opencdk/misc.c: Use c_toupper to avoid
587 converting characters non in the english ASCII set. Reported by
588 Kalle Olavi Niemitalo.
590 2011-05-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
592 * NEWS, lib/gnutls_cert.c, lib/includes/gnutls/gnutls.h.in,
593 lib/libgnutls.map, tests/Makefile.am: Added
594 gnutls_certificate_get_issuer() to allow getting the issuer a
595 certificate from the certificate credentials structure.
597 2011-04-30 Andreas Metzler <ametzler@downhill.at.eu.org>
599 * libextra/gnutls_ia.c: Grammar fix: allows *one* to ... Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
601 2011-04-30 Andreas Metzler <ametzler@downhill.at.eu.org>
603 * doc/manpages/p11tool.1: escape dashes in manpage Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
605 2011-04-28 Ludovic Courtès <ludo@gnu.org>
607 * guile/modules/Makefile.am, guile/modules/gnutls/build/tests.scm,
608 guile/tests/anonymous-auth.scm, guile/tests/errors.scm,
609 guile/tests/openpgp-auth.scm, guile/tests/openpgp-keyring.scm,
610 guile/tests/openpgp-keys.scm, guile/tests/pkcs-import-export.scm,
611 guile/tests/session-record-port.scm, guile/tests/srp-base64.scm,
612 guile/tests/x509-auth.scm, guile/tests/x509-certificates.scm: guile:
613 Fix tests to match the `exit' behavior introduced in Guile 2.0.1. This fix makes tests behave correctly wrt. to the Guile bug fix at
615 <http://git.sv.gnu.org/cgit/guile.git/commit/?id=e309f3bf9ee910c4772353ca3ff95f6f4ef466b5>.
617 2011-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
619 * lib/gnutls.pc.in: removed pakchois dependency
621 2011-04-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
623 * tests/hostname-check.c: Removed incorrect test on IPAddresses (was
624 relying on IPaddresses encoded as text)
626 2011-04-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
628 * ChangeLog, cfg.mk: updated changelog.
630 2011-04-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
634 2011-04-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
636 * src/certtool.c: corrected type
638 2011-04-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
640 * configure.ac, lib/configure.ac, lib/m4/hooks.m4,
641 libextra/configure.ac: bumped version
643 2011-04-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
645 * NEWS: document fixes.
647 2011-04-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
649 * lib/x509/rfc2818_hostname.c: gnutls_x509_crt_check_hostname() will
650 never compare against IPaddress. (previous comparison was flawed)
652 2011-04-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
656 2011-04-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
658 * src/certtool.c, src/cli.c: removed keyid_t types.
660 2011-04-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
662 * lib/auth_cert.c: Use get_cert_callback() in server side.
664 2011-04-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
666 * lib/auth_cert.c, lib/auth_cert.h, lib/gnutls_cert.h,
667 lib/gnutls_privkey.c, lib/gnutls_pubkey.c,
668 lib/openpgp/gnutls_openpgp.c, lib/openpgp/openpgp_int.h,
669 lib/openpgp/pgp.c, lib/openpgp/pgpverify.c, lib/openpgp/privkey.c:
670 Several cleanups and fixes regarding the openpgp_keyid_t.
672 2011-04-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
674 * tests/cve-2009-1416.c, tests/pkcs12_s2k_pem.c: header fixes.
676 2011-04-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
678 * lib/Makefile.am, lib/m4/hooks.m4: pakchois is always included.
680 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
682 * NEWS, lib/gnutls_priority.c: Restored HMAC-MD5 for compatibility.
683 Although considered weak, several sites require it for connection.
684 It is enabled for "NORMAL" and "PERFORMANCE" priority strings.
686 2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
688 * doc/examples/ex-cxx.cpp: removed unneeded comment.
690 2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
692 * doc/cha-intro-tls.texi: Reorganized sections in documentation.
694 2011-04-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
696 * doc/cha-intro-tls.texi, lib/gnutls_buffers.c: Removed text about
699 2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
701 * NEWS, lib/Makefile.am, lib/configure.ac: check for libdl that
704 2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
706 * libextra/gl/hmac-md5.c, libextra/gl/memxor.c,
707 libextra/gl/memxor.h: renamed memxor to gl_memxor.
709 2011-04-12 Ludovic Courtès <ludo@gnu.org>
711 * NEWS, src/certtool-common.c, src/certtool.c, src/p11tool.c,
712 tests/crq_key_id.c, tests/cve-2009-1416.c, tests/pkcs12_s2k_pem.c:
713 Don't include <gcrypt.h> when it's not needed.
715 2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
717 * NEWS: documented fix.
719 2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
721 * src/cli.c: Do not rely on lowat being set.
723 2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
725 * NEWS, lib/includes/gnutls/compat.h,
726 lib/includes/gnutls/gnutls.h.in: gnutls_transport_set_global_errno()
729 2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
731 * tests/eagain-common.h, tests/safe-renegotiation/Makefile.am,
732 tests/safe-renegotiation/srn0.c, tests/safe-renegotiation/srn1.c,
733 tests/safe-renegotiation/srn2.c, tests/safe-renegotiation/srn3.c,
734 tests/safe-renegotiation/srn4.c, tests/safe-renegotiation/srn5.c:
735 Combined the safe renegotiation tests with the again-common lib.
737 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
741 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
743 * tests/openpgp-certs/testselfsigs: Use --infile in certtool to
744 avoid issues with streams in windows. Patch by LRN.
746 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
748 * lib/opencdk/armor.c: Changes armor.c to be able to handle both LF
749 and CRLF inputs (output is still either LF-only or CRLF-only
750 depending on the platform). Patch by LRN. Optimizations in the usage of strlen().
752 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
754 * src/cli.c, src/crypt.c, src/psk.c, src/serv.c, src/tests.c: Define
755 variables within the intended scope (not windows). Based on patch by
758 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
760 * doc/examples/ex-cert-select-pkcs11.c, src/common.c, src/pkcs11.c:
761 Use getpass.h (from gnulib). Patch by LRN.
763 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
765 * lib/pakchois/dlopen.c: Return correct value for dlclose() in
766 windows. Patch by LRN.
768 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
770 * tests/openpgp-auth.c: Disable openpgp-auth run in windows due to
771 lack of socketpair(). Patch by LRN.
773 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
777 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
779 * NEWS, lib/configure.ac, lib/m4/hooks.m4, libextra/configure.ac:
782 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
784 * lib/x509/common.c: more leaks fixed in common.c
786 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
788 * lib/gnutls_pubkey.c: Corrected leaks in gnutls_pubkey_t
791 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
793 * tests/chainverify.c: disable test in windows.
795 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
797 * lib/auth_dh_common.c, lib/gnutls_privkey.c: more fixes.
799 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
801 * tests/mini-x509-rehandshake.c, tests/mini-x509.c: combined more
802 tests with eagain-common.h.
804 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
806 * NEWS, lib/auth_dh_common.c, lib/gnutls_privkey.c,
807 lib/gnutls_x509.c, lib/nettle/pk.c, lib/pakchois/pakchois.c,
808 lib/pakchois/pakchois.h, lib/pkcs11.c, tests/mini-x509.c: Corrected
811 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
813 * tests/dsa/testdsa, tests/openpgp-certs/testcerts: Do not run the
814 test scripts in win32 environment.
816 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
818 * configure.ac, tests/Makefile.am, tests/suite/Makefile.am,
819 tests/suite/Makefile.in: Better way of not including the tests/suite
820 directory. Based on discussion with LRN and Vincent Torri.
822 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
824 * tests/Makefile.am: added missing file
826 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
828 * lib/gnutls_buffers.c: Initialized ret in _gnutls_writev_emu()
830 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
832 * lib/includes/gnutls/x509.h: doc fix.
834 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
838 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
840 * lib/system.c: removed unneeded variable.
842 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
844 * lib/auth_cert.c: Corrected check for an unknown sign algorithm.
847 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
849 * lib/openpgp/output.c: Do not use %e in strftime. Use %d instead
850 which is identically available in windows as well. Based on patch
853 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
855 * lib/x509/output.c, tests/certuniqueid.c: Fixed mismatch in size_t
858 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
860 * lib/gnutls_buffers.c: win32 fixes for set_global_errno(). Based on
863 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
865 * src/benchmark.c: Win32 changes for benchmark. Patch by LRN.
867 2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
869 * tests/anonself.c, tests/dhepskself.c, tests/openpgpself.c,
870 tests/pskself.c, tests/resume.c, tests/rng-fork.c, tests/x509dn.c,
871 tests/x509self.c: win32 fixes. Patch by LRN.
873 2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
875 * lib/opencdk/literal.c, lib/opencdk/main.h, lib/opencdk/misc.c:
876 simplified cdk_trim_string() to make it safer to use.
878 2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
880 * lib/x509/privkey_pkcs8.c: correctly reset params.
882 2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
884 * lib/gnutls_algorithms.c: correctly compare sign algorithm_st.
886 2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
888 * lib/opencdk/Makefile.am, lib/opencdk/context.h,
889 lib/opencdk/main.c, lib/opencdk/main.h, lib/opencdk/opencdk.h,
890 lib/opencdk/verify.c: removed unused code
892 2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
894 * lib/opencdk/armor.c: null terminate the armored string
896 2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
898 * src/cli.c: properly null terminate string.
900 2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
902 * src/common.c, src/pkcs11.c: check PIN size.
904 2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
906 * src/crypt.c: check salt size.
908 2011-04-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
910 * lib/opencdk/read-packet.c: more clear bounds checking
912 2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
914 * lib/x509/privkey.c: initialize e and d.
916 2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
918 * lib/pkcs11_write.c: deinitialize pks variable only when needed.
920 2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
922 * lib/openpgp/pgpverify.c: Initialize verify.
924 2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
926 * src/cli.c: initialize session_id_size.
928 2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
930 * lib/opencdk/misc.c, lib/opencdk/opencdk.h: removed unneeded
933 2011-04-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
935 * lib/pakchois/pakchois.c: correctly traverse slots
937 2011-04-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
939 * lib/pkcs11.c: Initialize tinfo using the initially available
942 2011-04-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
944 * tests/eagain-common.h, tests/mini-eagain.c, tests/mini.c: The
945 mini-* programs were combined. (backported from master branch)
947 2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
949 * doc/examples/Makefile.am: Compile ex-cert-select-pkcs11 as a
952 2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
954 * lib/nettle/init.c: gcrypt.h is not really needed. Reported by
957 2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
959 * NEWS, configure.ac: documented fix.
961 2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
963 * lib/gnutls_srp.c: Corrected bug in gnutls_srp_verifier() that
964 prevented the allocation of a verifier. Reported by Andrew Wiseman.
966 2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
968 * src/crypt-gaa.c, src/crypt-gaa.h, src/crypt.c, src/crypt.gaa:
969 Added debug option to srptool.
971 2011-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
973 * doc/cha-cert-auth.texi: Documented p11-kit.
975 2011-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
977 * doc/cha-library.texi: corrected typo
979 2011-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
981 * NEWS, lib/m4/hooks.m4: bumped version
983 2011-03-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
985 * NEWS, src/certtool-gaa.c, src/certtool.gaa: Generate certificate
986 request with stricter permissions. Reported by Luca Capello.
988 2011-03-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
990 * tests/openpgp-certs/testcerts: made more silent.
992 2011-03-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
994 * tests/dsa/testdsa, tests/openpgp-certs/testcerts: Made scripts
995 bourne shell compliant and not bash.
997 2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
999 * libextra/gnutls_ia.c: removed ext_mod_ia definition.
1001 2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1003 * configure.ac, lib/m4/hooks.m4: bumped version.
1005 2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1007 * NEWS: documented changes.
1009 2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1011 * THANKS: e-mail addresses are not directly recognizable.
1013 2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1015 * lib/opencdk/stream.c: Corrected access to freed memory location.
1016 Reported by Vitaly Kruglikov.
1018 2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1020 * THANKS: added Mark and Vitaly to THANKS.
1022 2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1024 * lib/system.c: Corrected windows system_errno() function. Reported
1025 and patch by Mark Brand.
1027 2011-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1029 * lib/includes/gnutls/compat.h: C++ compatibility fix for compat.h.
1030 Suggested by Mark Brand.
1032 2011-03-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1034 * lib/opencdk/verify.c: Corrected uninitialized var deinitiation.
1035 Reported by Vitaly Kruglikov.
1037 2011-03-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1039 * libextra/ext_inner_application.h, libextra/gnutls_ia.c: Define
1040 ext_mod_ia in gnutls_ia.c only.
1042 2011-03-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1044 * lib/gnutls_sig.c: eliminate compiler warning. Reported by Andreas
1047 2011-03-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1049 * lib/includes/gnutls/openpgp.h, lib/openpgp/gnutls_openpgp.c,
1050 lib/openpgp/pgp.c, lib/openpgp/privkey.c: Fix size of
1051 gnutls_openpgp_keyid_t by using the GNUTLS_OPENPGP_KEYID_SIZE
1052 definition. Reported by Andreas Metzler.
1054 2011-03-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1056 * lib/build-aux/config.rpath: updated
1058 2011-03-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1060 * NEWS: fixed version
1062 2011-03-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1064 * guile/tests/Makefile.am: added missing files.
1066 2011-03-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1068 * configure.ac: bumped version
1070 2011-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1072 * lib/includes/gnutls/abstract.h, lib/includes/gnutls/gnutls.h.in,
1073 lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/x509.h,
1074 lib/pkcs11.c, lib/x509/crl.c: documentation fixes.
1076 2011-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1078 * NEWS: documented fix
1080 2011-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1082 * tests/dsa/testdsa: Added DSA tests for client certificates as
1085 2011-03-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1087 * lib/ext_signature.c, lib/ext_signature.h, lib/gnutls_handshake.c,
1088 lib/gnutls_sig.c, lib/includes/gnutls/abstract.h, lib/x509/verify.c:
1089 Simplified signature algorithm selection.
1091 2011-03-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1093 * lib/gnutls_privkey.c: corrected parameter.
1095 2011-03-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1097 * lib/gnutls_pubkey.c, lib/includes/gnutls/pkcs11.h, lib/pkcs11.c,
1098 lib/pkcs11_privkey.c, lib/pkcs11_secret.c, lib/x509/privkey.c:
1099 Documentation fixes and cleanups.
1101 2011-03-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1103 * lib/gnutls_record.c: fixed backport.
1105 2011-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1107 * lib/gnutls_record.c: ensure addition to application data buffers
1108 is occuring only after a successful handshake.
1110 2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1112 * doc/announce.txt: updated
1114 2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1116 * doc/announce.txt: updated announce
1118 2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1122 2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1124 * tests/dsa/testdsa: make gnutls-cli more quiet.
1126 2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1128 * NEWS: documented changes.
1130 2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1132 * configure.ac, tests/Makefile.am, tests/dsa/Makefile.am,
1133 tests/dsa/cert.dsa.1024.pem, tests/dsa/cert.dsa.2048.pem,
1134 tests/dsa/cert.dsa.3072.pem, tests/dsa/dsa.1024.pem,
1135 tests/dsa/dsa.2048.pem, tests/dsa/dsa.3072.pem, tests/dsa/testdsa,
1136 tests/suite/Makefile.in: Added test to verify connections with DSA
1137 keys of various sizes.
1139 2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1141 * lib/gnutls_alert.c, lib/gnutls_errors.c, lib/gnutls_sig.c,
1142 lib/includes/gnutls/gnutls.h.in: Return a special error code if DSA
1143 keys with over 1024 are being used with TLS 1.x, x<2.
1145 2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1147 * src/certtool.c: warn on generation of DSA keys of over 1024 bits.
1149 2011-03-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1151 * lib/nettle/pk.c: truncate hash size when asking to sign or verify
1152 DSA with a longer hash.
1154 2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1156 * NEWS: documented changes.
1158 2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1160 * lib/openpgp/privkey.c: read correct algorithm when decrypting data
1161 and use correct number of private parameters.
1163 2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1165 * lib/nettle/rnd.c, tests/Makefile.am, tests/rng-fork.c: Corrected
1166 nettle's RNG behavior on fork and added a test case.
1168 2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1170 * NEWS: documented gnutls_pubkey_import_openpgp change.
1172 2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1174 * guile/tests/openpgp-auth.scm: enabled RSA and removed debugging.
1176 2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1178 * lib/gnutls_privkey.c, lib/gnutls_pubkey.c,
1179 lib/includes/gnutls/abstract.h, lib/openpgp/gnutls_openpgp.c,
1180 tests/openpgp-auth.c: gnutls_pubkey_t and gnutls_privkey_t can
1181 import either an openpgp subkey or a master key.
1183 2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1185 * guile/tests/openpgp-auth.scm, guile/tests/openpgp-elg-pub.asc,
1186 guile/tests/openpgp-elg-sec.asc, guile/tests/openpgp-keys.scm,
1187 guile/tests/openpgp-pub.asc, guile/tests/openpgp-sec.asc: split the
1188 pgp keys to elgamal and dsa.
1190 2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1192 * lib/gnutls_errors.c, lib/includes/gnutls/gnutls.h.in,
1193 lib/openpgp/pgp.c, lib/openpgp/privkey.c: introduced
1194 GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR
1196 2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1198 * lib/gnutls_algorithms.c: On unknown public key algorithms return
1201 2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1203 * lib/gnutls_privkey.c: Read the public key algorithm from the
1204 selected subkey and not the master key when importing to a
1207 2011-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1209 * lib/openpgp/gnutls_openpgp.c, tests/openpgpself.c: Documentation
1210 fixed. Added fresh keys to test.
1212 2011-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1214 * tests/openpgpself.c: Test openpgp authentication with DSA-2048 bit
1217 2011-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1219 * lib/openpgp/pgp.c: gnutls_openpgp_crt_get_auth_subkey() will no
1220 longer return an unsupported subkey.
1222 2011-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1224 * lib/x509/verify.c: Corrected verification of DSA-2048 keys.
1225 Reported by teddy@fukt.bsnet.se.
1227 2011-03-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1229 * doc/cha-intro-tls.texi: Added
1230 gnutls_transport_set_vec_push_function().
1232 2011-03-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1234 * lib/gnutls_algorithms.c: Added DSA-SHA256, DSA-SHA224 and
1235 RSA-SHA224 to the supported signature algorithms list. Suggested by
1238 2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1240 * lib/gnutls_v2_compat.c: correctly set compression method in SSL V2
1243 2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1245 * lib/gnutls_record.c: do not set default record version (i.e. SSL
1246 3.0) during a re-handshake.
1248 2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1250 * lib/gnutls_priority.c: default behavior is to send SSL3.0 client
1253 2011-03-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1255 * NEWS, lib/gnutls_handshake.c, lib/gnutls_int.h,
1256 lib/gnutls_priority.c: corrected ssl3 record version sending in
1259 2011-03-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1261 * doc/announce.txt: corrected name of
1262 gnutls_transport_set_vec_push_function
1264 2011-03-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1266 * libextra/Makefile.am: link libgnutls-extra against libgcrypt if
1267 required. Based on patch by Andreas Metzler
1268 <ametzler@downhill.at.eu.org>
1270 2011-03-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1272 * NEWS, lib/m4/hooks.m4, libextra/Makefile.am: increased the so
1273 version of libgnutls-openssl.
1275 2011-03-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1277 * NEWS: updated NEWS with Andreas' comments.
1279 2011-03-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1281 * doc/manpages/Makefile.am: updated
1283 2011-03-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1285 * lib/m4/hooks.m4: bumped version.
1287 2011-03-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1289 * tests/suite/Makefile.in: updated
1291 2011-03-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1293 * lib/gnutls_record.c, lib/gnutlsxx.cpp, lib/libgnutls.map:
1294 gnutlsxx.cpp for some reason cannot use deprecated functions. Added
1295 _gnutls_transport_set_lowat() as an internal symbol to be used.
1297 2011-03-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1299 * NEWS, configure.ac: changed for 2.11.7 release.
1301 2011-03-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1303 * NEWS, configure.ac: bumped version.
1305 2011-03-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1307 * NEWS, lib/includes/gnutls/compat.h,
1308 lib/includes/gnutls/gnutls.h.in: Deprecated
1309 gnutls_transport_set_lowat().
1311 2011-03-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1313 * src/certtool.c: Allow providing no password for PKCS #12 structure
1314 generation. Reported by Daniel Kahn Gillmor.
1316 2011-03-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1318 * src/certtool-cfg.c: consistently print all interactive questions
1319 to stderr. Reported by Daniel Kahn Gillmor.
1321 2011-02-28 Andreas Metzler <ametzler@downhill.at.eu.org>
1323 * lib/libgnutls.map: fix duplicate symbols in version script These three symbols are listed both in the GNUTLS_2_8 and the
1324 GNUTLS_2_10 section. binutils uses the first occurence, drop the
1325 second one. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1327 2011-02-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1329 * lib/ext_signature.c: Restrict the signature algorithms we
1330 advertize to SHA1 and SHA256.
1332 2011-02-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1334 * doc/cha-intro-tls.texi: updates on -ALL priorities.
1336 2011-02-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1338 * lib/gnutls_handshake.c: corrected finished packet check.
1340 2011-02-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1342 * doc/announce.txt: updated for 2.12
1344 2011-02-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1346 * lib/nettle/rnd.c: Detect fork() in the random number generator and
1349 2011-02-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1351 * NEWS: corrected documentation of
1352 gnutls_transport_set_vec_push_function in NEWS.
1354 2011-02-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1356 * lib/gnutls_buffers.c, lib/gnutls_state.c,
1357 lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Renamed
1358 gnutls_transport_set_push_function2() to
1359 gnutls_transport_set_vec_push_function().
1361 2011-02-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1363 * lib/gnutls_session_pack.c: store entities as numbers to avoid
1364 issues in big-little endian machines.
1366 2011-02-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1368 * NEWS: documented gnutls_transport_set_push_function2().
1370 2011-02-20 Simon Josefsson <simon@josefsson.org>
1372 * NEWS, doc/manpages/Makefile.am, lib/includes/gnutls/compat.h,
1373 lib/libgnutls.map, lib/x509/crq.c: Remove
1374 gnutls_x509_crq_get_preferred_hash_algorithm.
1376 2011-02-20 Simon Josefsson <simon@josefsson.org>
1378 * lib/x509/privkey.c: Fix docstring.
1380 2011-02-20 Simon Josefsson <simon@josefsson.org>
1382 * lib/x509/crq.c: Fix deprecated docstring.
1384 2011-02-20 Simon Josefsson <simon@josefsson.org>
1386 * lib/x509/crl_write.c: Add deprecated docstring.
1388 2011-02-20 Simon Josefsson <simon@josefsson.org>
1390 * lib/libgnutls.map: Remove dropped functions.
1392 2011-02-20 Simon Josefsson <simon@josefsson.org>
1394 * NEWS, lib/libgnutls.map: Drop removed functions.
1396 2011-02-20 Simon Josefsson <simon@josefsson.org>
1398 * lib/gnutls_psk_netconf.c: Fix docstring of deprecated function.
1400 2011-02-20 Simon Josefsson <simon@josefsson.org>
1402 * lib/gnutls_cert.c: Fix docstring for deprecated functions.
1404 2011-02-20 Simon Josefsson <simon@josefsson.org>
1406 * lib/gnutls_pubkey.c: Fix docstring of new function.
1408 2011-02-20 Simon Josefsson <simon@josefsson.org>
1410 * doc/reference/gnutls-docs.sgml: Improve text.
1412 2011-02-20 Simon Josefsson <simon@josefsson.org>
1414 * doc/reference/gnutls-docs.sgml: Fix typo.
1416 2011-02-20 Simon Josefsson <simon@josefsson.org>
1418 * lib/gnutls_pubkey.c: Fix docstrinf of new function.
1420 2011-02-20 Simon Josefsson <simon@josefsson.org>
1422 * lib/openpgp/privkey.c: Fix docstring of deprecated function.
1424 2011-02-20 Simon Josefsson <simon@josefsson.org>
1426 * lib/gnutls_sig.c: Make it build.
1428 2011-02-20 Simon Josefsson <simon@josefsson.org>
1430 * lib/x509/crl.c: Doc fix of new function.
1432 2011-02-20 Simon Josefsson <simon@josefsson.org>
1434 * NEWS: Fix description.
1436 2011-02-20 Simon Josefsson <simon@josefsson.org>
1438 * NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/abstract.h,
1439 lib/includes/gnutls/compat.h, lib/libgnutls.map, lib/x509/crq.c,
1440 lib/x509/sign.c, tests/x509sign-verify.c: Rename
1441 gnutls_privkey_sign_data2 to gnutls_privkey_sign_data and
1442 gnutls_privkey_sign_hash2 to gnutls_privkey_sign_hash. These were added during the 2.11 cycle where we don't promise ABI
1445 2011-02-20 Simon Josefsson <simon@josefsson.org>
1447 * lib/gnutls_cert.c, lib/gnutls_extensions.c, lib/gnutls_privkey.c,
1448 lib/x509/privkey.c: Fix docstring of deprecated functions.
1450 2011-02-20 Simon Josefsson <simon@josefsson.org>
1452 * doc/gnutls-crypto-layers.eps: Add doc/gnutls-crypto-layers.eps.
1454 2011-02-20 Simon Josefsson <simon@josefsson.org>
1456 * doc/Makefile.am: Dist gnutls-crypto-layers.*.
1458 2011-02-20 Simon Josefsson <simon@josefsson.org>
1460 * lib/Makefile.am: Add abstract_int.h.
1462 2011-02-20 Simon Josefsson <simon@josefsson.org>
1464 * lib/Makefile.am: Link with -lnettle too.
1466 2011-02-20 Simon Josefsson <simon@josefsson.org>
1468 * .gitignore: Ignore more.
1470 2011-02-20 Simon Josefsson <simon@josefsson.org>
1472 * doc/Makefile.am, doc/cha-programs.texi, lib/gnutls_privkey.c,
1473 lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
1474 lib/openpgp/pgp.c: Fix syntax-check warnings.
1476 2011-02-20 Simon Josefsson <simon@josefsson.org>
1478 * GNUmakefile, build-aux/arg-nonnull.h, build-aux/c++defs.h,
1479 build-aux/config.rpath, build-aux/gendocs.sh,
1480 build-aux/pmccabe2html, build-aux/update-copyright,
1481 build-aux/useless-if-before-free, build-aux/vc-list-files,
1482 build-aux/warn-on-use.h, gl/Makefile.am, gl/accept.c, gl/alignof.h,
1483 gl/alloca.c, gl/alloca.in.h, gl/arpa_inet.in.h, gl/asnprintf.c,
1484 gl/bind.c, gl/c-ctype.c, gl/c-ctype.h, gl/close-hook.c,
1485 gl/close-hook.h, gl/close.c, gl/connect.c, gl/errno.in.h,
1486 gl/error.c, gl/error.h, gl/fclose.c, gl/float+.h, gl/float.in.h,
1487 gl/fseeko.c, gl/ftello.c, gl/gai_strerror.c, gl/getaddrinfo.c,
1488 gl/getdelim.c, gl/getline.c, gl/getpass.c, gl/getpass.h,
1489 gl/gettext.h, gl/gettime.c, gl/gettimeofday.c, gl/inet_ntop.c,
1490 gl/inet_pton.c, gl/intprops.h, gl/listen.c, gl/lseek.c,
1491 gl/m4/00gnulib.m4, gl/m4/alloca.m4, gl/m4/arpa_inet_h.m4,
1492 gl/m4/asm-underscore.m4, gl/m4/autobuild.m4, gl/m4/clock_time.m4,
1493 gl/m4/close.m4, gl/m4/errno_h.m4, gl/m4/error.m4,
1494 gl/m4/extensions.m4, gl/m4/fclose.m4, gl/m4/fcntl-o.m4,
1495 gl/m4/fcntl_h.m4, gl/m4/float_h.m4, gl/m4/fseeko.m4,
1496 gl/m4/ftello.m4, gl/m4/getaddrinfo.m4, gl/m4/getdelim.m4,
1497 gl/m4/getline.m4, gl/m4/getpagesize.m4, gl/m4/getpass.m4,
1498 gl/m4/gettime.m4, gl/m4/gettimeofday.m4, gl/m4/gnulib-cache.m4,
1499 gl/m4/gnulib-common.m4, gl/m4/gnulib-comp.m4, gl/m4/gnulib-tool.m4,
1500 gl/m4/hostent.m4, gl/m4/include_next.m4, gl/m4/inet_ntop.m4,
1501 gl/m4/inet_pton.m4, gl/m4/intmax_t.m4, gl/m4/inttypes_h.m4,
1502 gl/m4/ioctl.m4, gl/m4/lib-ld.m4, gl/m4/lib-link.m4,
1503 gl/m4/lib-prefix.m4, gl/m4/longlong.m4, gl/m4/lseek.m4,
1504 gl/m4/malloc.m4, gl/m4/manywarnings.m4, gl/m4/memchr.m4,
1505 gl/m4/minmax.m4, gl/m4/mmap-anon.m4, gl/m4/multiarch.m4,
1506 gl/m4/netdb_h.m4, gl/m4/netinet_in_h.m4, gl/m4/perror.m4,
1507 gl/m4/pipe.m4, gl/m4/printf.m4, gl/m4/read-file.m4,
1508 gl/m4/readline.m4, gl/m4/realloc.m4, gl/m4/select.m4,
1509 gl/m4/servent.m4, gl/m4/size_max.m4, gl/m4/snprintf.m4,
1510 gl/m4/socketlib.m4, gl/m4/sockets.m4, gl/m4/socklen.m4,
1511 gl/m4/sockpfaf.m4, gl/m4/stdarg.m4, gl/m4/stdbool.m4,
1512 gl/m4/stddef_h.m4, gl/m4/stdint.m4, gl/m4/stdint_h.m4,
1513 gl/m4/stdio_h.m4, gl/m4/stdlib_h.m4, gl/m4/strerror.m4,
1514 gl/m4/string_h.m4, gl/m4/sys_ioctl_h.m4, gl/m4/sys_select_h.m4,
1515 gl/m4/sys_socket_h.m4, gl/m4/sys_stat_h.m4, gl/m4/sys_time_h.m4,
1516 gl/m4/time_h.m4, gl/m4/timespec.m4, gl/m4/ungetc.m4,
1517 gl/m4/unistd_h.m4, gl/m4/valgrind-tests.m4, gl/m4/vasnprintf.m4,
1518 gl/m4/version-etc.m4, gl/m4/warn-on-use.m4, gl/m4/warnings.m4,
1519 gl/m4/wchar_h.m4, gl/m4/wchar_t.m4, gl/m4/wint_t.m4,
1520 gl/m4/xsize.m4, gl/malloc.c, gl/memchr.c, gl/minmax.h,
1521 gl/netdb.in.h, gl/netinet_in.in.h, gl/perror.c, gl/printf-args.c,
1522 gl/printf-args.h, gl/printf-parse.c, gl/printf-parse.h,
1523 gl/progname.c, gl/progname.h, gl/read-file.c, gl/read-file.h,
1524 gl/readline.c, gl/readline.h, gl/realloc.c, gl/recv.c, gl/select.c,
1525 gl/send.c, gl/setsockopt.c, gl/shutdown.c, gl/size_max.h,
1526 gl/snprintf.c, gl/socket.c, gl/sockets.c, gl/sockets.h,
1527 gl/stdarg.in.h, gl/stdbool.in.h, gl/stddef.in.h, gl/stdint.in.h,
1528 gl/stdio-impl.h, gl/stdio-write.c, gl/stdio.in.h, gl/stdlib.in.h,
1529 gl/strerror.c, gl/string.in.h, gl/sys_select.in.h,
1530 gl/sys_socket.in.h, gl/sys_stat.in.h, gl/sys_time.in.h,
1531 gl/tests/Makefile.am, gl/tests/binary-io.h, gl/tests/dummy.c,
1532 gl/tests/fcntl.in.h, gl/tests/getpagesize.c, gl/tests/init.sh,
1533 gl/tests/ioctl.c, gl/tests/macros.h, gl/tests/pipe.c,
1534 gl/tests/signature.h, gl/tests/sys_ioctl.in.h,
1535 gl/tests/test-alignof.c, gl/tests/test-alloca-opt.c,
1536 gl/tests/test-arpa_inet.c, gl/tests/test-binary-io.c,
1537 gl/tests/test-c-ctype.c, gl/tests/test-errno.c,
1538 gl/tests/test-fcntl-h.c, gl/tests/test-fseeko.c,
1539 gl/tests/test-ftello.c, gl/tests/test-ftello3.c,
1540 gl/tests/test-getaddrinfo.c, gl/tests/test-getdelim.c,
1541 gl/tests/test-getline.c, gl/tests/test-gettimeofday.c,
1542 gl/tests/test-inet_ntop.c, gl/tests/test-inet_pton.c,
1543 gl/tests/test-lseek.c, gl/tests/test-memchr.c,
1544 gl/tests/test-netdb.c, gl/tests/test-netinet_in.c,
1545 gl/tests/test-perror.c, gl/tests/test-pipe.c,
1546 gl/tests/test-read-file.c, gl/tests/test-select-fd.c,
1547 gl/tests/test-select-stdin.c, gl/tests/test-select.c,
1548 gl/tests/test-snprintf.c, gl/tests/test-sockets.c,
1549 gl/tests/test-stdbool.c, gl/tests/test-stddef.c,
1550 gl/tests/test-stdint.c, gl/tests/test-stdio.c,
1551 gl/tests/test-stdlib.c, gl/tests/test-strerror.c,
1552 gl/tests/test-string.c, gl/tests/test-sys_ioctl.c,
1553 gl/tests/test-sys_select.c, gl/tests/test-sys_socket.c,
1554 gl/tests/test-sys_stat.c, gl/tests/test-sys_time.c,
1555 gl/tests/test-sys_wait.h, gl/tests/test-time.c,
1556 gl/tests/test-unistd.c, gl/tests/test-update-copyright.sh,
1557 gl/tests/test-vasnprintf.c, gl/tests/test-vc-list-files-cvs.sh,
1558 gl/tests/test-vc-list-files-git.sh, gl/tests/test-verify.c,
1559 gl/tests/test-version-etc.c, gl/tests/test-version-etc.sh,
1560 gl/tests/test-wchar.c, gl/tests/w32sock.h, gl/tests/zerosize-ptr.h,
1561 gl/time.in.h, gl/timespec.h, gl/unistd.in.h, gl/vasnprintf.c,
1562 gl/vasnprintf.h, gl/verify.h, gl/version-etc-fsf.c,
1563 gl/version-etc.c, gl/version-etc.h, gl/w32sock.h, gl/wchar.in.h,
1564 gl/xsize.h, lib/build-aux/arg-nonnull.h, lib/build-aux/c++defs.h,
1565 lib/build-aux/config.rpath, lib/build-aux/warn-on-use.h,
1566 lib/gl/Makefile.am, lib/gl/alignof.h, lib/gl/alloca.in.h,
1567 lib/gl/asnprintf.c, lib/gl/asprintf.c, lib/gl/byteswap.in.h,
1568 lib/gl/c-ctype.c, lib/gl/c-ctype.h, lib/gl/close-hook.c,
1569 lib/gl/close-hook.h, lib/gl/errno.in.h, lib/gl/float+.h,
1570 lib/gl/float.in.h, lib/gl/fseeko.c, lib/gl/ftello.c,
1571 lib/gl/gettext.h, lib/gl/lseek.c, lib/gl/m4/00gnulib.m4,
1572 lib/gl/m4/alloca.m4, lib/gl/m4/asm-underscore.m4,
1573 lib/gl/m4/byteswap.m4, lib/gl/m4/codeset.m4, lib/gl/m4/errno_h.m4,
1574 lib/gl/m4/extensions.m4, lib/gl/m4/fcntl-o.m4,
1575 lib/gl/m4/fcntl_h.m4, lib/gl/m4/float_h.m4, lib/gl/m4/fseeko.m4,
1576 lib/gl/m4/ftello.m4, lib/gl/m4/func.m4, lib/gl/m4/getpagesize.m4,
1577 lib/gl/m4/gettext.m4, lib/gl/m4/glibc2.m4, lib/gl/m4/glibc21.m4,
1578 lib/gl/m4/gnulib-cache.m4, lib/gl/m4/gnulib-common.m4,
1579 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/gnulib-tool.m4,
1580 lib/gl/m4/iconv.m4, lib/gl/m4/include_next.m4,
1581 lib/gl/m4/intdiv0.m4, lib/gl/m4/intl.m4, lib/gl/m4/intldir.m4,
1582 lib/gl/m4/intlmacosx.m4, lib/gl/m4/intmax.m4,
1583 lib/gl/m4/intmax_t.m4, lib/gl/m4/inttypes-pri.m4,
1584 lib/gl/m4/inttypes_h.m4, lib/gl/m4/lcmessage.m4,
1585 lib/gl/m4/ld-output-def.m4, lib/gl/m4/ld-version-script.m4,
1586 lib/gl/m4/lib-ld.m4, lib/gl/m4/lib-link.m4,
1587 lib/gl/m4/lib-prefix.m4, lib/gl/m4/lock.m4, lib/gl/m4/longlong.m4,
1588 lib/gl/m4/lseek.m4, lib/gl/m4/malloc.m4, lib/gl/m4/memchr.m4,
1589 lib/gl/m4/memmem.m4, lib/gl/m4/minmax.m4, lib/gl/m4/mmap-anon.m4,
1590 lib/gl/m4/multiarch.m4, lib/gl/m4/netdb_h.m4, lib/gl/m4/nls.m4,
1591 lib/gl/m4/po.m4, lib/gl/m4/printf-posix.m4, lib/gl/m4/printf.m4,
1592 lib/gl/m4/progtest.m4, lib/gl/m4/read-file.m4,
1593 lib/gl/m4/realloc.m4, lib/gl/m4/size_max.m4, lib/gl/m4/snprintf.m4,
1594 lib/gl/m4/socketlib.m4, lib/gl/m4/sockets.m4, lib/gl/m4/socklen.m4,
1595 lib/gl/m4/sockpfaf.m4, lib/gl/m4/stdbool.m4, lib/gl/m4/stddef_h.m4,
1596 lib/gl/m4/stdint.m4, lib/gl/m4/stdint_h.m4, lib/gl/m4/stdio_h.m4,
1597 lib/gl/m4/stdlib_h.m4, lib/gl/m4/strcase.m4, lib/gl/m4/string_h.m4,
1598 lib/gl/m4/strings_h.m4, lib/gl/m4/strverscmp.m4,
1599 lib/gl/m4/sys_socket_h.m4, lib/gl/m4/sys_stat_h.m4,
1600 lib/gl/m4/threadlib.m4, lib/gl/m4/time_h.m4, lib/gl/m4/time_r.m4,
1601 lib/gl/m4/uintmax_t.m4, lib/gl/m4/ungetc.m4, lib/gl/m4/unistd_h.m4,
1602 lib/gl/m4/vasnprintf.m4, lib/gl/m4/vasprintf.m4,
1603 lib/gl/m4/visibility.m4, lib/gl/m4/vsnprintf.m4,
1604 lib/gl/m4/warn-on-use.m4, lib/gl/m4/wchar_h.m4,
1605 lib/gl/m4/wchar_t.m4, lib/gl/m4/wint_t.m4, lib/gl/m4/xsize.m4,
1606 lib/gl/malloc.c, lib/gl/memchr.c, lib/gl/memmem.c, lib/gl/minmax.h,
1607 lib/gl/netdb.in.h, lib/gl/printf-args.c, lib/gl/printf-args.h,
1608 lib/gl/printf-parse.c, lib/gl/printf-parse.h, lib/gl/read-file.c,
1609 lib/gl/read-file.h, lib/gl/realloc.c, lib/gl/size_max.h,
1610 lib/gl/snprintf.c, lib/gl/sockets.c, lib/gl/sockets.h,
1611 lib/gl/stdbool.in.h, lib/gl/stddef.in.h, lib/gl/stdint.in.h,
1612 lib/gl/stdio-impl.h, lib/gl/stdio-write.c, lib/gl/stdio.in.h,
1613 lib/gl/stdlib.in.h, lib/gl/str-two-way.h, lib/gl/strcasecmp.c,
1614 lib/gl/string.in.h, lib/gl/strings.in.h, lib/gl/strncasecmp.c,
1615 lib/gl/strverscmp.c, lib/gl/sys_socket.in.h, lib/gl/sys_stat.in.h,
1616 lib/gl/tests/Makefile.am, lib/gl/tests/binary-io.h,
1617 lib/gl/tests/dummy.c, lib/gl/tests/fcntl.in.h,
1618 lib/gl/tests/getpagesize.c, lib/gl/tests/init.sh,
1619 lib/gl/tests/intprops.h, lib/gl/tests/macros.h,
1620 lib/gl/tests/signature.h, lib/gl/tests/test-alloca-opt.c,
1621 lib/gl/tests/test-binary-io.c, lib/gl/tests/test-byteswap.c,
1622 lib/gl/tests/test-c-ctype.c, lib/gl/tests/test-errno.c,
1623 lib/gl/tests/test-fcntl-h.c, lib/gl/tests/test-fseeko.c,
1624 lib/gl/tests/test-ftello.c, lib/gl/tests/test-ftello3.c,
1625 lib/gl/tests/test-func.c, lib/gl/tests/test-memchr.c,
1626 lib/gl/tests/test-netdb.c, lib/gl/tests/test-read-file.c,
1627 lib/gl/tests/test-snprintf.c, lib/gl/tests/test-sockets.c,
1628 lib/gl/tests/test-stdbool.c, lib/gl/tests/test-stddef.c,
1629 lib/gl/tests/test-stdint.c, lib/gl/tests/test-stdio.c,
1630 lib/gl/tests/test-stdlib.c, lib/gl/tests/test-string.c,
1631 lib/gl/tests/test-strings.c, lib/gl/tests/test-strverscmp.c,
1632 lib/gl/tests/test-sys_socket.c, lib/gl/tests/test-sys_stat.c,
1633 lib/gl/tests/test-sys_wait.h, lib/gl/tests/test-time.c,
1634 lib/gl/tests/test-unistd.c, lib/gl/tests/test-vasnprintf.c,
1635 lib/gl/tests/test-vasprintf.c, lib/gl/tests/test-verify.c,
1636 lib/gl/tests/test-vsnprintf.c, lib/gl/tests/test-wchar.c,
1637 lib/gl/tests/zerosize-ptr.h, lib/gl/time.in.h, lib/gl/time_r.c,
1638 lib/gl/unistd.in.h, lib/gl/vasnprintf.c, lib/gl/vasnprintf.h,
1639 lib/gl/vasprintf.c, lib/gl/verify.h, lib/gl/vsnprintf.c,
1640 lib/gl/w32sock.h, lib/gl/wchar.in.h, lib/gl/xsize.h,
1641 libextra/build-aux/config.rpath, libextra/gl/gnulib.mk,
1642 libextra/gl/hmac-md5.c, libextra/gl/hmac.h,
1643 libextra/gl/m4/00gnulib.m4, libextra/gl/m4/extensions.m4,
1644 libextra/gl/m4/gnulib-cache.m4, libextra/gl/m4/gnulib-common.m4,
1645 libextra/gl/m4/gnulib-comp.m4, libextra/gl/m4/gnulib-tool.m4,
1646 libextra/gl/m4/hmac-md5.m4, libextra/gl/m4/ld-output-def.m4,
1647 libextra/gl/m4/ld-version-script.m4, libextra/gl/m4/lib-ld.m4,
1648 libextra/gl/m4/lib-link.m4, libextra/gl/m4/lib-prefix.m4,
1649 libextra/gl/m4/md5.m4, libextra/gl/m4/memxor.m4, libextra/gl/md5.c,
1650 libextra/gl/md5.h, libextra/gl/memxor.c, libextra/gl/memxor.h,
1651 maint.mk: Update gnulib files.
1653 2011-02-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1655 * lib/gnutls_sig.c: DSA keys in TLS 1.x, x<2 and SSL 3.0 use SHA-1
1656 as hash. That is we reverted to previous gnutls behavior. That
1657 violates DSS but all implementations handle it like that.
1659 2011-02-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1661 * doc/cha-intro-tls.texi: reorganization of ciphersuite discussion.
1663 2011-02-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1665 * lib/gnutls_priority.c: Allow using the minus "-" in the -ALL
1668 2011-02-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1670 * lib/gnutls_algorithms.c: The safe renegotiation ciphersuite is not
1671 required to be registered.
1673 2011-02-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1675 * lib/auth_dhe_psk.c: Corrected bug in DHE-PSK in freeing
1678 2011-02-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1680 * NEWS, lib/gnutls_extensions.c, lib/gnutls_sig.c: Corrected
1681 signature generation and verification in the Certificate Verify
1682 message when in TLS 1.2. Reported by Todd A. Ouska.
1684 2011-02-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1686 * lib/gnutls_state.c: removed duplicate assignments.
1688 2011-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1690 * NEWS: documented DHE-PSK fix.
1692 2011-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1694 * lib/gnutlsxx.cpp: deprecated the old priority functions in C++
1697 2011-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1699 * lib/auth_psk.c: fix in PSK.
1701 2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1703 * src/cli-gaa.c, src/cli-gaa.h, src/cli.c, src/cli.gaa,
1704 src/common.c, src/common.h, src/serv-gaa.c, src/serv-gaa.h,
1705 src/serv.c, src/serv.gaa: Removed deprecated option such as
1706 --protocols, ciphers etc.
1708 2011-02-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1710 * lib/auth_dh_common.c, lib/auth_dh_common.h, lib/auth_dhe_psk.c,
1711 lib/auth_psk.c, lib/auth_psk.h: Callback function is being called in
1712 both PSK-DHE and PSK. Using the callback function will not
1713 overwrite the credentials, which were wrongly being overwritten
1714 using the retrieved username/key. The credentials structure is now
1715 accessed for reading only, as it should have been. (backported)
1717 2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1719 * libextra/gnutls_openssl.c, libextra/includes/gnutls/openssl.h:
1720 updated openssl layer to new priority functions (untested).
1722 2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1724 * lib/gnutls_sig.c: removed unused variable.
1726 2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1728 * NEWS, lib/gnutls_sig.c: Allow DSA2 even in protocols before TLS
1731 2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1733 * lib/ext_signature.c, lib/ext_signature.h, lib/gnutls_pk.c,
1734 lib/gnutls_sig.c: In TLS 1.2 under DSS use the hash algorithm
1737 2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1739 * tests/anonself.c, tests/dhepskself.c, tests/mini-eagain.c,
1740 tests/mini.c, tests/openpgp-auth.c, tests/pskself.c, tests/resume.c:
1741 Modernized the test applications that now use the
1742 gnutls_priority_set_direct().
1744 2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1746 * lib/ext_signature.c: corrected bug in reading signature algorithms
1747 for including in the signature algo extension.
1749 2011-02-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1751 * lib/gnutls_priority.c: SRP and PSK are no longer set on the
1752 default priorities. They have to be explicitly set.
1754 2011-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1756 * doc/cha-programs.texi: Added documentation on p11tool.
1758 2011-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1760 * doc/cha-intro-tls.texi: removed GCM mode from documentation.
1762 2011-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1764 * doc/cha-intro-tls.texi, doc/cha-library.texi,
1765 doc/manpages/gnutls-cli.1, doc/manpages/gnutls-serv.1,
1766 lib/gnutls_priority.c, src/common.c: Moved documentation of priority
1767 strings to manual and removed information from manpages and function
1768 pages that now reference the manual section.
1770 2011-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1772 * lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in:
1773 deprecated the old set_priority functions.
1775 2011-02-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1777 * lib/auth_cert.c, lib/auth_dhe.c, lib/ext_signature.c,
1778 lib/gnutls_algorithms.c, lib/gnutls_algorithms.h: Several updates in
1779 signature algorithms parsing and sending to avoid sending invalid
1780 signature algorithms.
1782 2011-02-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1784 * lib/gnutls_record.c: Corrected return message from
1787 2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1789 * lib/gnutls_hash_int.c: check the error of hash set_key.
1791 2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1793 * doc/Makefile.am, doc/cha-gtls-app.texi, doc/examples/Makefile.am,
1794 doc/examples/ex-client-tlsia.c, libextra/includes/gnutls/extra.h,
1795 tests/Makefile.am, tests/tlsia.c: Removed documentation and tests
1798 2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1800 * lib/gnutls_int.h: Added IV to max_record_overhead.
1802 2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1804 * libextra/includes/gnutls/extra.h: Deprecated the Inner Application
1807 2011-02-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1809 * lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in:
1810 gnutls_certificate_verify_peers is deprecated.
1812 2011-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1814 * lib/Makefile.am, lib/gnutls.pc.in, lib/m4/hooks.m4: Add the nettle
1815 libs into gnutls.pc.
1817 2011-02-05 Andreas Metzler <ametzler@downhill.at.eu.org>
1819 * lib/configure.ac, lib/gnutls.pc.in, lib/m4/hooks.m4: [PATCH 1/4]
1820 adapt pkg-config file for switch from AM_PATH_LIBGCRYPT to
1821 AC_LIB_HAVE_LINKFLAGS [PATCH 2/4] pkg-config: Move libtasn1 from
1822 Libs.private to Requires.private since libtasn1 provides a .pc file.
1823 [PATCH 3/4] pkg-config: drop @LIBGNUTLS_LIBS@ from Libs.private.
1824 This library only contains gnutls itself nowadays, which is in Libs
1825 already. [PATCH 4/4] pkg-config: If gnutls is built with zlib
1826 support list zlib in Requires.private.
1828 2011-02-04 Simon Josefsson <simon@josefsson.org>
1830 * doc/cha-ciphersuites.texi, doc/signatures.texi: Fix MD2
1831 documentation. Suggested by "brian m. carlson" <sandals@crustytoothpaste.net> in
1834 2011-02-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1836 * doc/README.CODING_STYLE: updated coding style.
1838 2011-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1840 * NEWS, lib/includes/gnutls/compat.h,
1841 lib/includes/gnutls/gnutls.h.in: Deprecated gnutls_certificate_get_*
1844 2011-02-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1846 * doc/cha-bib.texi: Updated references of rfc5081 to rfc6091.
1848 2011-01-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1850 * tests/x509paths/chain: better output in chain output.
1852 2011-01-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1854 * NEWS, lib/includes/gnutls/x509.h, lib/x509/crl.c,
1855 lib/x509/verify.c, lib/x509/x509.c: exported
1856 gnutls_x509_crl_get_raw_issuer_dn()
1858 2011-01-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1860 * lib/x509/x509.c: corrected typos
1862 2011-01-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1864 * lib/pakchois/pakchois.c: CKR_CRYPTOKI_ALREADY_INITIALIZED is not
1865 treated as an error, and Finalize is not called in that case.
1867 2011-01-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1869 * NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/compat.h,
1870 lib/openpgp/privkey.c: Reverted removal of
1871 gnutls_openpgp_privkey_sign_hash() to retain compatibility with
1872 2.10.x. That function is now deprecated instead.
1874 2011-01-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1876 * lib/gnutls_privkey.c: Added checks before importing keys and
1877 updated documentation.
1879 2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1881 * tests/suite/Makefile.in: updated Makefile.in
1883 2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1885 * doc/examples/ex-crq.c, lib/configure.ac,
1886 lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in,
1887 lib/includes/gnutls/x509.h, src/certtool.c, tests/crq_key_id.c:
1888 fixes in internal build with the new deprecated functions. We allow
1889 them to be used since they are inter-dependent.
1891 2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1893 * lib/x509/x509_int.h: replaced old gnutls_pk_algorithm.
1895 2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1897 * lib/includes/gnutls/compat.h: depends on gnutls/x509.h to compile.
1899 2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1901 * NEWS, lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
1902 lib/x509/crl_write.c: deprecated gnutls_x509_crl_sign(),
1903 gnutls_x509_crl_sign2() and
1904 gnutls_x509_crq_get_preferred_hash_algorithm().
1906 2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1908 * NEWS, lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
1909 lib/x509/crq.c: Deprecated gnutls_x509_crq_sign2() and
1910 gnutls_x509_crq_sign() in favor for gnutls_x509_crq_privkey_sign().
1912 2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1914 * NEWS, lib/libgnutls.map: minor fixes.
1916 2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1918 * NEWS, lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
1919 lib/libgnutls.map, lib/x509/privkey.c, lib/x509/x509.c,
1920 src/certtool.c, tests/cve-2009-1415.c, tests/x509sign-verify.c:
1921 gnutls_x509_crt_verify_hash: DEPRECATED gnutls_x509_crt_verify_data:
1922 DEPRECATED gnutls_x509_crt_get_verify_algorithm: DEPRECATED
1923 gnutls_x509_crt_get_preferred_hash_algorithm: DEPRECATED Removed the
1924 new gnutls_x509_privkey_sign_data2() and
1925 gnutls_x509_privkey_sign_hash2(). That functionality will be only in the abstract.h pubkey and privkey
1926 structures, to avoid duplication for every certificate type.
1928 2011-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1930 * src/serv.c: Simplified macro to snprintf() in order to prevent
1931 issues caused when snprintf() is a macro itself. Reported and
1932 initial patch by Camillo Lugaresi.
1934 2011-01-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1936 * tests/suite/Makefile.in: Revert "Remove, it is generated." This reverts commit de3a601e502b24f047412a161085f7fbd898b3f3 because
1937 this file is not automatically generated (not included in top
1940 2011-01-02 Simon Josefsson <simon@josefsson.org>
1942 * lib/m4/hooks.m4: Specify minimum libgcrypt version.
1944 2010-12-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1946 * doc/cha-internals.texi: Added discussion on crypto backend for
1947 crypto libraries and /dev/crypto.
1949 2010-12-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1951 * NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/abstract.h,
1952 lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
1953 lib/x509/crq.c, lib/x509/privkey.c, lib/x509/sign.c: Renamed
1954 gnutls_privkey_sign_data() to gnutls_privkey_sign_data2() to match
1955 the similar function gnutls_x509_privkey_sign_data2().
1956 gnutls_x509_privkey_sign_data() was deprecated.
1958 2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1960 * lib/gnutls_str.c: Extra sanity check.
1962 2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1964 * lib/auth_srp_passwd.c: Use snprintf() to print an integer.
1966 2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1968 * lib/x509/output.c: Use snprintf() to print IPs. There was a check
1969 just before that, but be safe, just in case.
1971 2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1973 * doc/cha-auth.texi: Use SRP for password authentication.
1975 2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1977 * doc/cha-auth.texi, lib/gnutls_cert.c, lib/gnutls_extensions.c,
1978 lib/gnutls_psk_netconf.c, lib/gnutls_state.c,
1979 lib/includes/gnutls/compat.h, lib/x509/privkey.c: Do not include
1980 deprecated functions to library documentation.
1982 2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1984 * NEWS, lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h,
1985 lib/x509/privkey.c: gnutls_x509_privkey_verify_data() was
1988 2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1990 * lib/gnutls_pubkey.c: Documented key usage of pubkey.
1992 2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1994 * lib/gnutls_pubkey.c: Set public key bits on all import functions.
1995 Issue reported by Murray Kucheawy.
1997 2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1999 * NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/pkcs11.h,
2000 lib/pkcs11_int.h, lib/pkcs11_privkey.c:
2001 gnutls_pkcs11_privkey_sign_data(),
2002 gnutls_pkcs11_privkey_sign_hash2() and
2003 gnutls_pkcs11_privkey_decrypt_data() were removed. The abstract.h
2004 functions should be used instead.
2006 2010-12-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2008 * NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/openpgp.h,
2009 lib/openpgp/gnutls_openpgp.h, lib/openpgp/pgp.c,
2010 lib/openpgp/privkey.c: Removed the newly added functions:
2011 gnutls_openpgp_privkey_sign_hash2(),
2012 gnutls_openpgp_privkey_sign_data2(),
2013 gnutls_openpgp_crt_verify_hash() That way the operations in
2014 abstract.h should be used to get the same functionality, and API
2015 will be kept simple and easier to maintain. The corresponding
2016 gnutls_x509_* are kept for backwards compatibility.
2018 2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2020 * lib/gnutls_sig.c: Do not be strict on RSA hash algorithm selection
2023 2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2025 * lib/gnutls_cert.h, lib/gnutls_sig.c, lib/gnutls_x509.c: Removed
2026 unneeded definitions, and more careful deinitializations in
2027 parse_der_cert_mem().
2029 2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2031 * tests/pathlen/ca-no-pathlen.pem,
2032 tests/pathlen/no-ca-or-pathlen.pem: updated certificates to account
2033 for extra null byte added in negative numbers.
2035 2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2037 * tests/cve-2009-1415.c: Account for GNUTLS_E_PK_SIG_VERIFY_FAILED.
2039 2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2041 * lib/gnutls_privkey.c: Corrected bug in gnutls_privkey_sign_data().
2043 2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2045 * lib/gnutls_sig.c: some fixes in pk_prepare_hash().
2047 2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2049 * NEWS, lib/gnutls_pubkey.c, lib/openpgp/pgp.c, lib/x509/privkey.c,
2050 lib/x509/verify.c, lib/x509/x509.c, tests/x509sign-verify.c: The
2051 verification functions now return a GNUTLS_E_PK_SIG_VERIFY_FAILED on
2052 signature verification error.
2054 2010-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2056 * src/p11tool-gaa.c, src/p11tool.gaa: The default input format for
2059 2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2061 * lib/gnutls_pubkey.c: importing a pubkey from raw params will set
2062 the bits field correctly.
2064 2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2066 * NEWS: Documented the addtion of gnutls_pubkey_import_privkey() and
2067 gnutls_pubkey_verify_data()
2069 2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2071 * lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
2072 lib/libgnutls.map, lib/x509/verify.c, tests/x509sign-verify.c: Added
2073 gnutls_pubkey_verify_data and test vectors.
2075 2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2077 * doc/errcodes.c, doc/examples/ex-alert.c,
2078 doc/examples/ex-cert-select-pkcs11.c,
2079 doc/examples/ex-cert-select.c, doc/examples/ex-client-psk.c,
2080 doc/examples/ex-client-resume.c, doc/examples/ex-client-srp.c,
2081 doc/examples/ex-client-tlsia.c, doc/examples/ex-client1.c,
2082 doc/examples/ex-client2.c, doc/examples/ex-crq.c,
2083 doc/examples/ex-pkcs12.c, doc/examples/ex-rfc2818.c,
2084 doc/examples/ex-serv-anon.c, doc/examples/ex-serv-pgp.c,
2085 doc/examples/ex-serv-psk.c, doc/examples/ex-serv-srp.c,
2086 doc/examples/ex-serv1.c, doc/examples/ex-session-info.c,
2087 doc/examples/ex-verify.c, doc/examples/ex-x509-info.c,
2088 doc/examples/examples.h, doc/examples/tcp.c, doc/printlist.c,
2089 guile/src/core.c, guile/src/extra.c, guile/src/utils.h,
2090 lib/abstract_int.h, lib/auth_anon.c, lib/auth_cert.c,
2091 lib/auth_cert.h, lib/auth_dh_common.c, lib/auth_dh_common.h,
2092 lib/auth_dhe.c, lib/auth_dhe_psk.c, lib/auth_psk.c,
2093 lib/auth_psk_passwd.c, lib/auth_psk_passwd.h, lib/auth_rsa.c,
2094 lib/auth_rsa_export.c, lib/auth_srp.c, lib/auth_srp.h,
2095 lib/auth_srp_passwd.c, lib/auth_srp_passwd.h, lib/auth_srp_rsa.c,
2096 lib/auth_srp_sb64.c, lib/crypto-api.c, lib/crypto.c, lib/crypto.h,
2097 lib/cryptodev.c, lib/debug.c, lib/ext_cert_type.c,
2098 lib/ext_max_record.c, lib/ext_safe_renegotiation.c,
2099 lib/ext_safe_renegotiation.h, lib/ext_server_name.c,
2100 lib/ext_session_ticket.c, lib/ext_signature.c, lib/ext_signature.h,
2101 lib/ext_srp.c, lib/gcrypt/cipher.c, lib/gcrypt/init.c,
2102 lib/gcrypt/mac.c, lib/gcrypt/mpi.c, lib/gcrypt/pk.c,
2103 lib/gnutls_alert.c, lib/gnutls_algorithms.c,
2104 lib/gnutls_algorithms.h, lib/gnutls_anon_cred.c, lib/gnutls_auth.c,
2105 lib/gnutls_auth.h, lib/gnutls_buffers.c, lib/gnutls_buffers.h,
2106 lib/gnutls_cert.c, lib/gnutls_cert.h, lib/gnutls_cipher.c,
2107 lib/gnutls_cipher.h, lib/gnutls_cipher_int.c,
2108 lib/gnutls_cipher_int.h, lib/gnutls_compress.c,
2109 lib/gnutls_compress.h, lib/gnutls_constate.c,
2110 lib/gnutls_constate.h, lib/gnutls_datum.c, lib/gnutls_datum.h,
2111 lib/gnutls_db.c, lib/gnutls_db.h, lib/gnutls_dh.c, lib/gnutls_dh.h,
2112 lib/gnutls_dh_primes.c, lib/gnutls_errors.c,
2113 lib/gnutls_extensions.c, lib/gnutls_extensions.h,
2114 lib/gnutls_global.c, lib/gnutls_handshake.c,
2115 lib/gnutls_handshake.h, lib/gnutls_hash_int.c,
2116 lib/gnutls_hash_int.h, lib/gnutls_int.h, lib/gnutls_kx.c,
2117 lib/gnutls_kx.h, lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h,
2118 lib/gnutls_mem.h, lib/gnutls_mpi.c, lib/gnutls_mpi.h,
2119 lib/gnutls_num.c, lib/gnutls_pk.c, lib/gnutls_pk.h,
2120 lib/gnutls_priority.c, lib/gnutls_privkey.c, lib/gnutls_psk.c,
2121 lib/gnutls_psk_netconf.c, lib/gnutls_pubkey.c, lib/gnutls_record.c,
2122 lib/gnutls_record.h, lib/gnutls_rsa_export.c, lib/gnutls_session.c,
2123 lib/gnutls_session_pack.c, lib/gnutls_session_pack.h,
2124 lib/gnutls_sig.c, lib/gnutls_sig.h, lib/gnutls_srp.c,
2125 lib/gnutls_srp.h, lib/gnutls_state.c, lib/gnutls_state.h,
2126 lib/gnutls_str.c, lib/gnutls_str.h, lib/gnutls_supplemental.c,
2127 lib/gnutls_supplemental.h, lib/gnutls_ui.c, lib/gnutls_v2_compat.c,
2128 lib/gnutls_v2_compat.h, lib/gnutls_x509.c, lib/gnutls_x509.h,
2129 lib/includes/gnutls/abstract.h, lib/includes/gnutls/compat.h,
2130 lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
2131 lib/includes/gnutls/gnutlsxx.h, lib/includes/gnutls/openpgp.h,
2132 lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/pkcs12.h,
2133 lib/includes/gnutls/x509.h, lib/locks.c, lib/nettle/cipher.c,
2134 lib/nettle/egd.c, lib/nettle/mpi.c, lib/nettle/pk.c,
2135 lib/nettle/rnd.c, lib/opencdk/armor.c, lib/opencdk/context.h,
2136 lib/opencdk/dummy.c, lib/opencdk/filters.h, lib/opencdk/hash.c,
2137 lib/opencdk/kbnode.c, lib/opencdk/keydb.c, lib/opencdk/keydb.h,
2138 lib/opencdk/literal.c, lib/opencdk/main.c, lib/opencdk/main.h,
2139 lib/opencdk/misc.c, lib/opencdk/new-packet.c,
2140 lib/opencdk/opencdk.h, lib/opencdk/packet.h, lib/opencdk/pubkey.c,
2141 lib/opencdk/read-packet.c, lib/opencdk/seskey.c,
2142 lib/opencdk/sig-check.c, lib/opencdk/stream.c,
2143 lib/opencdk/stream.h, lib/opencdk/verify.c,
2144 lib/opencdk/write-packet.c, lib/openpgp/compat.c,
2145 lib/openpgp/extras.c, lib/openpgp/gnutls_openpgp.c,
2146 lib/openpgp/gnutls_openpgp.h, lib/openpgp/openpgp_int.h,
2147 lib/openpgp/output.c, lib/openpgp/pgp.c, lib/openpgp/pgpverify.c,
2148 lib/openpgp/privkey.c, lib/pakchois/pakchois.c,
2149 lib/pakchois/pakchois.h, lib/pakchois/pakchois11.h, lib/pkcs11.c,
2150 lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
2151 lib/pkcs11_write.c, lib/random.c, lib/system.c, lib/system.h,
2152 lib/x509/common.c, lib/x509/common.h, lib/x509/crl.c,
2153 lib/x509/crl_write.c, lib/x509/crq.c, lib/x509/dn.c,
2154 lib/x509/extensions.c, lib/x509/mpi.c, lib/x509/output.c,
2155 lib/x509/pbkdf2-sha1.c, lib/x509/pbkdf2-sha1.h, lib/x509/pkcs12.c,
2156 lib/x509/pkcs12_bag.c, lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c,
2157 lib/x509/privkey.c, lib/x509/privkey_pkcs8.c,
2158 lib/x509/rfc2818_hostname.c, lib/x509/sign.c, lib/x509/verify.c,
2159 lib/x509/x509.c, lib/x509/x509_int.h, lib/x509/x509_write.c,
2160 lib/x509_b64.c, lib/x509_b64.h, libextra/ext_inner_application.c,
2161 libextra/ext_inner_application.h, libextra/gnutls_extra.c,
2162 libextra/gnutls_ia.c, libextra/gnutls_openssl.c,
2163 libextra/includes/gnutls/extra.h,
2164 libextra/includes/gnutls/openssl.h, libextra/openssl_compat.c,
2165 libextra/openssl_compat.h, maint.mk, src/benchmark.c,
2166 src/certtool-cfg.c, src/certtool-cfg.h, src/certtool-common.c,
2167 src/certtool-common.h, src/certtool.c, src/cli.c, src/common.c,
2168 src/common.h, src/crypt.c, src/p11tool.c, src/p11tool.h,
2169 src/pkcs11.c, src/prime.c, src/psk.c, src/serv.c, src/tests.c,
2170 src/tests.h, src/tls_test.c, tests/anonself.c,
2171 tests/certificate_set_x509_crl.c, tests/chainverify.c,
2172 tests/crq_apis.c, tests/crq_key_id.c, tests/cve-2008-4989.c,
2173 tests/dhepskself.c, tests/dn.c, tests/dn2.c, tests/gc.c,
2174 tests/mini-eagain.c, tests/mini-x509-rehandshake.c,
2175 tests/mini-x509.c, tests/mini.c, tests/mpi.c,
2176 tests/nul-in-x509-names.c, tests/openpgp-auth.c,
2177 tests/openpgp-keyring.c, tests/openpgp_test.c, tests/openpgpself.c,
2178 tests/openssl.c, tests/pgps2kgnu.c, tests/pkcs12_encode.c,
2179 tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c, tests/pskself.c,
2180 tests/resume.c, tests/safe-renegotiation/srn0.c,
2181 tests/safe-renegotiation/srn1.c, tests/safe-renegotiation/srn2.c,
2182 tests/safe-renegotiation/srn3.c, tests/safe-renegotiation/srn4.c,
2183 tests/safe-renegotiation/srn5.c, tests/set_pkcs12_cred.c,
2184 tests/simple.c, tests/tlsia.c, tests/utils.c, tests/utils.h,
2185 tests/x509_altname.c, tests/x509_test.c, tests/x509dn.c,
2186 tests/x509self.c, tests/x509sign-verify.c: Indented code. Use same
2187 indentation but with -nut to avoid usage of tabs. In several editors
2188 tabs can be configured not to be 8 spaces and this produces
2189 artifacts with the current indentation that is a mixture of tabs and
2192 2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2194 * lib/gnutls_privkey.c: _gnutls_privkey_get_public_mpis() handles
2197 2010-12-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2199 * lib/abstract_int.h, lib/gnutls_privkey.c, lib/gnutls_pubkey.c,
2200 lib/includes/gnutls/abstract.h, lib/libgnutls.map: Added
2201 gnutls_pubkey_import_privkey(), that will copy the public key from a
2202 gnutls_privkey_t structure.
2204 2010-12-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2206 * NEWS, lib/libgnutls.map: Do not export the non-existant symbols
2207 gnutls_pkcs11_privkey_sign_hash and gnutls_privkey_sign_hash.
2209 2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2211 * NEWS: documented new functions
2213 2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2215 * NEWS: Added new functions.
2217 2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2219 * lib/libgnutls.map: Added new functions.
2221 2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2223 * lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h:
2224 de-deprecated gnutls_x509_crt_verify_hash()
2226 2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2228 * lib/includes/gnutls/openpgp.h, lib/libgnutls.map,
2229 lib/openpgp/pgp.c, tests/x509sign-verify.c: Added
2230 gnutls_openpgp_crt_verify_hash().
2232 2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2234 * lib/includes/gnutls/pkcs11.h, lib/pkcs11_privkey.c: added
2235 gnutls_privkey_sign_hash2()
2237 2010-12-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2239 * lib/gnutls_privkey.c, lib/gnutls_sig.c, lib/gnutls_sig.h,
2240 lib/openpgp/privkey.c, lib/pkcs11_privkey.c, lib/x509/privkey.c:
2241 Simplified preparation of signing code.
2243 2010-12-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2245 * lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/gnutls_sig.c,
2246 lib/gnutls_sig.h, lib/openpgp/gnutls_openpgp.h,
2247 lib/openpgp/privkey.c, lib/pkcs11_int.h, lib/pkcs11_privkey.c,
2248 lib/x509/Makefile.am, lib/x509/privkey.c, lib/x509/sign.c,
2249 lib/x509/sign.h: deprecated x509/sign.h and moved functionality of
2252 2010-12-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2254 * lib/x509/sign.c: pk_hash_data() will fail unless DSA or RSA are
2257 2010-12-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2259 * lib/x509/privkey.c: better comments
2261 2010-12-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2263 * lib/openpgp/gnutls_openpgp.c, lib/openpgp/privkey.c:
2264 reorganization of the privkey_ functions().
2266 2010-12-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2268 * lib/gnutls_privkey.c, lib/includes/gnutls/abstract.h,
2269 lib/includes/gnutls/compat.h, lib/includes/gnutls/openpgp.h,
2270 lib/includes/gnutls/x509.h, lib/libgnutls.map,
2271 lib/openpgp/gnutls_openpgp.c, lib/x509/privkey.c: Introduced
2272 gnutls_*_privkey_sign_hash2() that is a high level function to
2275 2010-12-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2277 * lib/gnutls_privkey.c, lib/pkcs11_privkey.c, lib/x509/privkey.c,
2278 lib/x509/sign.c, lib/x509/sign.h: Separated the sign_data functions
2279 to a hashing phase, a preparing phase, and the actual signing.
2281 2010-12-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2283 * NEWS: documented deprecated functions.
2285 2010-12-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2287 * lib/includes/gnutls/compat.h, lib/includes/gnutls/openpgp.h,
2288 lib/includes/gnutls/pkcs11.h: All the sign hash functions were
2291 2010-12-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2293 * lib/includes/gnutls/compat.h, lib/includes/gnutls/x509.h:
2294 gnutls_x509_privkey_sign_hash() is dangerous and was deprecated.
2295 Added some text explaining why some functions were deprecated.
2297 2010-12-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2299 * NEWS: documented previous update.
2301 2010-12-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2303 * lib/x509/privkey.c, lib/x509/x509.c: export_raw() functions now
2304 add leading zero in mpis.
2306 2010-12-07 Simon Josefsson <simon@josefsson.org>
2310 2010-12-07 Simon Josefsson <simon@josefsson.org>
2312 * lib/includes/gnutls/crypto.h: C++ fixes, tiny patch from "Brendan
2313 Doherty" <brendand@gentrack.com>.
2315 2010-12-07 Simon Josefsson <simon@josefsson.org>
2317 * gl/m4/getdelim.m4, gl/m4/getline.m4, gl/m4/memchr.m4,
2318 gl/m4/printf.m4, gl/m4/stdint.m4, lib/gl/m4/fcntl-o.m4,
2319 lib/gl/m4/iconv.m4, lib/gl/m4/intdiv0.m4, lib/gl/m4/memchr.m4,
2320 lib/gl/m4/memmem.m4, lib/gl/m4/printf.m4, lib/gl/m4/stdint.m4:
2321 Update gnulib files.
2323 2010-12-07 Simon Josefsson <simon@josefsson.org>
2325 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
2326 libextra/configure.ac: Bump versions.
2328 2010-12-07 Simon Josefsson <simon@josefsson.org>
2330 * ChangeLog: Generated.
2332 2010-12-07 Simon Josefsson <simon@josefsson.org>
2334 * configure.ac, lib/configure.ac, lib/m4/hooks.m4,
2335 libextra/configure.ac: Bump versions.
2337 2010-12-06 Simon Josefsson <simon@josefsson.org>
2339 * ChangeLog: Generated.
2341 2010-12-06 Simon Josefsson <simon@josefsson.org>
2343 * tests/Makefile.am: Don't fail on 'make distcheck'.
2345 2010-12-06 Simon Josefsson <simon@josefsson.org>
2347 * NEWS: Version 2.11.6.
2349 2010-12-06 Simon Josefsson <simon@josefsson.org>
2351 * lib/gnutls_str.c: Indent.
2353 2010-12-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2355 * NEWS: documented SSL 3.0 record version change.
2357 2010-12-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2359 * lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_priority.c:
2360 SSL3_RECORD_VERSION priority option is now the default. That is in
2361 order to not confuse non TLS 1.2 compliant implementations that
2362 don't like a TLS 1.2 record.
2364 2010-12-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2366 * lib/gnutls_str.c: simplified escape and unescape.
2368 2010-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2370 * THANKS: Added Michael.
2372 2010-12-06 Simon Josefsson <simon@josefsson.org>
2374 * cfg.mk, lib/gnutls_priority.c, lib/gnutls_state.c,
2375 lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in,
2376 lib/includes/gnutls/pkcs11.h, lib/nettle/rnd.c, lib/pkcs11.c,
2377 lib/pkcs11_int.h, lib/pkcs11_secret.c, lib/pkcs11_write.c,
2378 lib/x509/verify.c, src/certtool-common.c, src/certtool-common.h,
2379 src/certtool.c, src/cli.c, src/common.c, src/p11tool.c,
2380 src/p11tool.h, src/pkcs11.c, src/serv.c, tests/chainverify.c,
2381 tests/openpgp-auth.c: Indent code.
2383 2010-12-06 Simon Josefsson <simon@josefsson.org>
2385 * maint.mk: Update gnulib files.
2387 2010-12-06 Simon Josefsson <simon@josefsson.org>
2389 * gl/override/top/maint.mk.diff: Remove.
2391 2010-12-06 Simon Josefsson <simon@josefsson.org>
2393 * .gitignore: Update.
2395 2010-12-06 Simon Josefsson <simon@josefsson.org>
2397 * lib/gnutls_priority.c, lib/pkcs11_secret.c, src/p11tool.c,
2398 src/p11tool.gaa: Fix syntax-check nits.
2400 2010-12-06 Simon Josefsson <simon@josefsson.org>
2402 * .x-sc_bindtextdomain: Ignore more.
2404 2010-12-06 Simon Josefsson <simon@josefsson.org>
2406 * GNUmakefile, build-aux/gendocs.sh, build-aux/pmccabe.css,
2407 build-aux/pmccabe2html, gl/Makefile.am, gl/arpa_inet.in.h,
2408 gl/float+.h, gl/gettext.h, gl/inet_ntop.c, gl/intprops.h,
2409 gl/m4/alloca.m4, gl/m4/arpa_inet_h.m4, gl/m4/getdelim.m4,
2410 gl/m4/getline.m4, gl/m4/getpass.m4, gl/m4/gnulib-common.m4,
2411 gl/m4/gnulib-comp.m4, gl/m4/mmap-anon.m4, gl/m4/printf.m4,
2412 gl/m4/readline.m4, gl/m4/string_h.m4, gl/m4/sys_ioctl_h.m4,
2413 gl/m4/sys_select_h.m4, gl/m4/sys_socket_h.m4, gl/m4/unistd_h.m4,
2414 gl/m4/vasnprintf.m4, gl/m4/wchar_h.m4, gl/printf-parse.c,
2415 gl/printf-parse.h, gl/stdint.in.h, gl/stdio.in.h, gl/stdlib.in.h,
2416 gl/string.in.h, gl/sys_select.in.h, gl/sys_socket.in.h,
2417 gl/tests/Makefile.am, gl/tests/init.sh,
2418 gl/tests/test-select-stdin.c, gl/tests/test-select.c,
2419 gl/tests/test-update-copyright.sh, gl/tests/verify.h, gl/time.in.h,
2420 gl/unistd.in.h, gl/vasnprintf.c, gl/verify.h, gl/wchar.in.h,
2421 lib/gl/Makefile.am, lib/gl/float+.h, lib/gl/gettext.h,
2422 lib/gl/m4/alloca.m4, lib/gl/m4/glibc2.m4, lib/gl/m4/glibc21.m4,
2423 lib/gl/m4/gnulib-common.m4, lib/gl/m4/gnulib-comp.m4,
2424 lib/gl/m4/iconv.m4, lib/gl/m4/memmem.m4, lib/gl/m4/mmap-anon.m4,
2425 lib/gl/m4/printf.m4, lib/gl/m4/string_h.m4,
2426 lib/gl/m4/sys_socket_h.m4, lib/gl/m4/unistd_h.m4,
2427 lib/gl/m4/vasnprintf.m4, lib/gl/m4/wchar_h.m4,
2428 lib/gl/printf-parse.c, lib/gl/printf-parse.h, lib/gl/stdint.in.h,
2429 lib/gl/stdio.in.h, lib/gl/stdlib.in.h, lib/gl/string.in.h,
2430 lib/gl/sys_socket.in.h, lib/gl/tests/Makefile.am,
2431 lib/gl/tests/init.sh, lib/gl/tests/intprops.h,
2432 lib/gl/tests/verify.h, lib/gl/time.in.h, lib/gl/unistd.in.h,
2433 lib/gl/vasnprintf.c, lib/gl/verify.h, lib/gl/wchar.in.h,
2434 libextra/gl/m4/gnulib-common.m4, maint.mk: Update gnulib files.
2436 2010-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2438 * tests/Makefile.am: Temporarily remove gendh test. It takes
2439 extremely long time under valgrind.
2441 2010-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2443 * NEWS, lib/gnutls_sig.c, lib/x509/common.c, lib/x509/common.h,
2444 lib/x509/mpi.c, lib/x509/sign.c, lib/x509/verify.c: Use ASN1_NULL
2445 when writing parameters for RSA signatures. This makes us comply
2446 with RFC3279. Reported by Michael Rommel.
2448 2010-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2450 * NEWS, src/serv.c: Corrected buffer overflow in gnutls-serv by
2451 Tomas Mraz. The gnutls-serv uses fixed allocated buffer for the response which
2452 can be pretty long if a client certificate is presented to it and
2453 the http header is large. This causes buffer overflow and heap
2454 corruption which then leads to random segfaults or aborts. It was reported originally here:
2455 https://bugzilla.redhat.com/show_bug.cgi?id=659259 The attached patch changes sprintf calls in peer_print_info() to
2456 snprintf so the buffer is never overflowed.
2458 2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2460 * lib/m4/hooks.m4: increased revision
2462 2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2464 * src/Makefile.am: Added p11tool.h
2466 2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2468 * NEWS: released 2.11.5
2470 2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2472 * doc/cha-internals.texi: escaped chars.
2474 2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2476 * doc/cha-internals.texi: Updated extension writing code. Still not
2479 2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2481 * doc/cha-cert-auth.texi: PKCS #11 fixes
2483 2010-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2485 * doc/examples/ex-cert-select-pkcs11.c: Corrected pkcs11 example
2488 2010-11-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2490 * src/pkcs11.c: Prefix mechanism number with 0x.
2492 2010-11-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2494 * lib/pakchois/pakchois11.h, src/pkcs11.c: Added camellia and
2497 2010-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2499 * configure.ac, lib/configure.ac, lib/nettle/rnd.c: Use rusage if
2500 present. Moved check to correct config and included resource.h
2503 2010-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2505 * lib/nettle/rnd.c: More details on the text
2507 2010-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2509 * lib/pkcs11.c: Corrected copyright statement
2511 2010-11-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2513 * lib/nettle/rnd.c: Corrected copyright header. Added Niels.
2515 2010-11-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2517 * NEWS, lib/gnutls_cert.c, lib/includes/gnutls/x509.h,
2518 lib/x509/verify.c, src/certtool.c, src/cli.c, tests/chainverify.c:
2519 Reverted default behavior for verification and introduced
2520 GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT. Thus by default V1
2521 trusted CAs are allowed, unless the new flag is specified.
2523 2010-11-25 Simon Josefsson <simon@josefsson.org>
2527 2010-11-25 Simon Josefsson <simon@josefsson.org>
2529 * tests/suite/Makefile.in: Remove, it is generated.
2531 2010-11-25 Simon Josefsson <simon@josefsson.org>
2533 * README: No space at eol.
2535 2010-11-25 Simon Josefsson <simon@josefsson.org>
2537 * tests/safe-renegotiation/Makefile.am: Fix syntax-check warning.
2539 2010-11-25 Simon Josefsson <simon@josefsson.org>
2541 * cfg.mk: Ignore tests/suite for syntax-checks, not our code.
2543 2010-11-25 Simon Josefsson <simon@josefsson.org>
2545 * README: Recommend git format-patch rather than git diff.
2547 2010-11-24 Jeffrey Walton <noloader@gmail.com>
2549 * README: Attached is a proposed modification to the README file,
2550 including recent comments by Simon.
2552 2010-11-23 Simon Josefsson <simon@josefsson.org>
2554 * guile/src/Makefile.am: Fix dependencies, fixes parallel builds. Tiny patch from Graham Gower <graham.gower@gmail.com>.
2556 2010-11-19 Simon Josefsson <simon@josefsson.org>
2558 * doc/Makefile.am: Remove file.
2560 2010-11-19 Simon Josefsson <simon@josefsson.org>
2562 * doc/manpages/Makefile.am: Generated.
2564 2010-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2566 * configure.ac, tests/suite/Makefile.in: Create Makefile in
2569 2010-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2571 * src/cli.c, src/psk-gaa.c, src/psk-gaa.h, src/psk.c, src/psk.gaa,
2572 tests/Makefile.am, tests/netconf-psk.c: Deprecate the netconf
2573 password and use a key only.
2575 2010-11-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2577 * doc/credentials/gnutls-http-serv: correctly set psk params.
2579 2010-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2583 2010-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2585 * lib/x509/privkey_pkcs8.c: Correctly write DSA public key in ASN.1
2586 (add leading zero). Reported by Jeffrey Walton.
2588 2010-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2590 * lib/x509/mpi.c: cleanups
2592 2010-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2594 * doc/cha-auth.texi, lib/includes/gnutls/compat.h,
2595 lib/includes/gnutls/gnutls.h.in: Deprecated the key derivation
2596 method from netconf. The published RFC does not include this method
2597 and it is not known whether it has been used at all in practice. No
2600 2010-11-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2602 * NEWS, lib/gnutls_priority.c: Added SIGN-ALL, CTYPE-ALL, COMP-ALL,
2603 and VERS-TLS-ALL priority strings.
2605 2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2607 * lib/gnutls_x509.c: Removed redundant error check. Reported by
2610 2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2612 * lib/includes/gnutls/pkcs11.h, lib/libgnutls.map, lib/pkcs11.c,
2613 src/p11tool-gaa.c, src/p11tool-gaa.h, src/p11tool.c,
2614 src/p11tool.gaa, src/p11tool.h, src/pkcs11.c: Added
2615 --list-mechanisms option to p11tool. Lists all mechanisms supported
2618 2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2620 * doc/manpages/Makefile.am, doc/manpages/p11tool.1: Added manpage
2623 2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2625 * doc/manpages/certtool.1, doc/manpages/gnutls-cli.1,
2626 doc/manpages/gnutls-serv.1, doc/manpages/srptool.1: Corrected my
2629 2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2631 * src/p11tool-gaa.c, src/p11tool.gaa: In p11tool --url was renamed
2634 2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2636 * src/p11tool-gaa.c, src/p11tool-gaa.h, src/p11tool.gaa,
2637 src/pkcs11.c: Corrected bug in secret key copy. Rationalized the
2640 2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2642 * lib/pkcs11.c, lib/pkcs11_secret.c: * Corrected flag conversion to internal representation. * When generating secret keys include a generic key type and a
2645 2010-11-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2647 * src/p11tool-gaa.c, src/p11tool-gaa.h, src/p11tool.gaa: Added
2648 option --no-detailed-url to p11tool. More detailed url is the
2651 2010-11-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2653 * NEWS, lib/Makefile.am, lib/includes/gnutls/pkcs11.h,
2654 lib/libgnutls.map, lib/pkcs11.c, lib/pkcs11_int.h,
2655 lib/pkcs11_secret.c, lib/pkcs11_write.c, src/pkcs11.c: Added
2656 gnutls_pkcs11_token_set_pin() and gnutls_pkcs11_token_init() to
2657 enable manipulating tokens purely from PKCS #11.
2659 2010-11-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2661 * doc/README.gaa: Removed README.gaa.
2663 2010-11-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2665 * .gitignore, src/Makefile.am, src/certtool-common.c,
2666 src/certtool-common.h, src/certtool-gaa.c, src/certtool-gaa.h,
2667 src/certtool.c, src/certtool.gaa, src/p11tool-gaa.c,
2668 src/p11tool-gaa.h, src/p11tool.c, src/p11tool.gaa, src/p11tool.h,
2669 src/pkcs11.c: Introduced p11tool to separate PKCS #11 functionality
2672 2010-11-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2674 * tests/Makefile.am, tests/finished.c: Removed check on deprecated
2677 2010-11-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2679 * lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in:
2680 Deprecated old functions.
2682 2010-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2684 * doc/cha-intro-tls.texi: use @code for SAFE_RENEGOTIATION string.
2686 2010-06-07 Simon Josefsson <simon@josefsson.org>
2688 * lib/gnutls_priority.c: Doc fix.
2690 2010-10-16 Simon Josefsson <simon@josefsson.org>
2694 2010-10-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2696 * tests/Makefile.am, tests/safe-renegotiation/Makefile.am,
2697 tests/safe-renegotiation/params.dh,
2698 tests/safe-renegotiation/testsrn, tests/suite/Makefile.am,
2699 tests/suite/README, tests/suite/eagain,
2700 tests/suite/ecore/eina_config.h,
2701 tests/suite/ecore/src/include/Eina.h,
2702 tests/suite/ecore/src/include/eina_accessor.h,
2703 tests/suite/ecore/src/include/eina_array.h,
2704 tests/suite/ecore/src/include/eina_benchmark.h,
2705 tests/suite/ecore/src/include/eina_binshare.h,
2706 tests/suite/ecore/src/include/eina_config.h,
2707 tests/suite/ecore/src/include/eina_convert.h,
2708 tests/suite/ecore/src/include/eina_counter.h,
2709 tests/suite/ecore/src/include/eina_cpu.h,
2710 tests/suite/ecore/src/include/eina_error.h,
2711 tests/suite/ecore/src/include/eina_file.h,
2712 tests/suite/ecore/src/include/eina_fp.h,
2713 tests/suite/ecore/src/include/eina_hamster.h,
2714 tests/suite/ecore/src/include/eina_hash.h,
2715 tests/suite/ecore/src/include/eina_inline_array.x,
2716 tests/suite/ecore/src/include/eina_inline_f16p16.x,
2717 tests/suite/ecore/src/include/eina_inline_f32p32.x,
2718 tests/suite/ecore/src/include/eina_inline_f8p24.x,
2719 tests/suite/ecore/src/include/eina_inline_fp.x,
2720 tests/suite/ecore/src/include/eina_inline_hash.x,
2721 tests/suite/ecore/src/include/eina_inline_list.x,
2722 tests/suite/ecore/src/include/eina_inline_log.x,
2723 tests/suite/ecore/src/include/eina_inline_mempool.x,
2724 tests/suite/ecore/src/include/eina_inline_rbtree.x,
2725 tests/suite/ecore/src/include/eina_inline_rectangle.x,
2726 tests/suite/ecore/src/include/eina_inline_str.x,
2727 tests/suite/ecore/src/include/eina_inline_stringshare.x,
2728 tests/suite/ecore/src/include/eina_inline_tiler.x,
2729 tests/suite/ecore/src/include/eina_inline_trash.x,
2730 tests/suite/ecore/src/include/eina_inline_ustringshare.x,
2731 tests/suite/ecore/src/include/eina_inlist.h,
2732 tests/suite/ecore/src/include/eina_iterator.h,
2733 tests/suite/ecore/src/include/eina_lalloc.h,
2734 tests/suite/ecore/src/include/eina_list.h,
2735 tests/suite/ecore/src/include/eina_log.h,
2736 tests/suite/ecore/src/include/eina_magic.h,
2737 tests/suite/ecore/src/include/eina_main.h,
2738 tests/suite/ecore/src/include/eina_matrixsparse.h,
2739 tests/suite/ecore/src/include/eina_mempool.h,
2740 tests/suite/ecore/src/include/eina_module.h,
2741 tests/suite/ecore/src/include/eina_quadtree.h,
2742 tests/suite/ecore/src/include/eina_rbtree.h,
2743 tests/suite/ecore/src/include/eina_rectangle.h,
2744 tests/suite/ecore/src/include/eina_safety_checks.h,
2745 tests/suite/ecore/src/include/eina_sched.h,
2746 tests/suite/ecore/src/include/eina_str.h,
2747 tests/suite/ecore/src/include/eina_strbuf.h,
2748 tests/suite/ecore/src/include/eina_stringshare.h,
2749 tests/suite/ecore/src/include/eina_tiler.h,
2750 tests/suite/ecore/src/include/eina_trash.h,
2751 tests/suite/ecore/src/include/eina_types.h,
2752 tests/suite/ecore/src/include/eina_unicode.h,
2753 tests/suite/ecore/src/include/eina_ustrbuf.h,
2754 tests/suite/ecore/src/include/eina_ustringshare.h,
2755 tests/suite/ecore/src/lib/Ecore.h,
2756 tests/suite/ecore/src/lib/Ecore_Getopt.h,
2757 tests/suite/ecore/src/lib/ecore.c,
2758 tests/suite/ecore/src/lib/ecore_anim.c,
2759 tests/suite/ecore/src/lib/ecore_app.c,
2760 tests/suite/ecore/src/lib/ecore_events.c,
2761 tests/suite/ecore/src/lib/ecore_exe.c,
2762 tests/suite/ecore/src/lib/ecore_getopt.c,
2763 tests/suite/ecore/src/lib/ecore_glib.c,
2764 tests/suite/ecore/src/lib/ecore_idle_enterer.c,
2765 tests/suite/ecore/src/lib/ecore_idle_exiter.c,
2766 tests/suite/ecore/src/lib/ecore_idler.c,
2767 tests/suite/ecore/src/lib/ecore_job.c,
2768 tests/suite/ecore/src/lib/ecore_main.c,
2769 tests/suite/ecore/src/lib/ecore_pipe.c,
2770 tests/suite/ecore/src/lib/ecore_poll.c,
2771 tests/suite/ecore/src/lib/ecore_private.h,
2772 tests/suite/ecore/src/lib/ecore_signal.c,
2773 tests/suite/ecore/src/lib/ecore_thread.c,
2774 tests/suite/ecore/src/lib/ecore_time.c,
2775 tests/suite/ecore/src/lib/ecore_timer.c,
2776 tests/suite/ecore/src/lib/eina_accessor.c,
2777 tests/suite/ecore/src/lib/eina_array.c,
2778 tests/suite/ecore/src/lib/eina_benchmark.c,
2779 tests/suite/ecore/src/lib/eina_binshare.c,
2780 tests/suite/ecore/src/lib/eina_chained_mempool.c,
2781 tests/suite/ecore/src/lib/eina_convert.c,
2782 tests/suite/ecore/src/lib/eina_counter.c,
2783 tests/suite/ecore/src/lib/eina_cpu.c,
2784 tests/suite/ecore/src/lib/eina_error.c,
2785 tests/suite/ecore/src/lib/eina_file.c,
2786 tests/suite/ecore/src/lib/eina_fp.c,
2787 tests/suite/ecore/src/lib/eina_hamster.c,
2788 tests/suite/ecore/src/lib/eina_hash.c,
2789 tests/suite/ecore/src/lib/eina_inlist.c,
2790 tests/suite/ecore/src/lib/eina_iterator.c,
2791 tests/suite/ecore/src/lib/eina_lalloc.c,
2792 tests/suite/ecore/src/lib/eina_list.c,
2793 tests/suite/ecore/src/lib/eina_log.c,
2794 tests/suite/ecore/src/lib/eina_magic.c,
2795 tests/suite/ecore/src/lib/eina_main.c,
2796 tests/suite/ecore/src/lib/eina_matrixsparse.c,
2797 tests/suite/ecore/src/lib/eina_mempool.c,
2798 tests/suite/ecore/src/lib/eina_module.c,
2799 tests/suite/ecore/src/lib/eina_private.h,
2800 tests/suite/ecore/src/lib/eina_quadtree.c,
2801 tests/suite/ecore/src/lib/eina_rbtree.c,
2802 tests/suite/ecore/src/lib/eina_rectangle.c,
2803 tests/suite/ecore/src/lib/eina_safety_checks.c,
2804 tests/suite/ecore/src/lib/eina_sched.c,
2805 tests/suite/ecore/src/lib/eina_share_common.c,
2806 tests/suite/ecore/src/lib/eina_share_common.h,
2807 tests/suite/ecore/src/lib/eina_str.c,
2808 tests/suite/ecore/src/lib/eina_strbuf.c,
2809 tests/suite/ecore/src/lib/eina_strbuf_common.c,
2810 tests/suite/ecore/src/lib/eina_strbuf_common.h,
2811 tests/suite/ecore/src/lib/eina_strbuf_template_c.x,
2812 tests/suite/ecore/src/lib/eina_stringshare.c,
2813 tests/suite/ecore/src/lib/eina_tiler.c,
2814 tests/suite/ecore/src/lib/eina_unicode.c,
2815 tests/suite/ecore/src/lib/eina_ustrbuf.c,
2816 tests/suite/ecore/src/lib/eina_ustringshare.c,
2817 tests/suite/ecore/src/lib/eina_value.c, tests/suite/mini-eagain2.c,
2818 tests/suite/params.dh, tests/suite/testsrn: Added tests/suite which
2819 contains tests to be executed during development time and will not
2820 be distributed (not included in make dist). Added "ecore" and a new
2821 mini-eagain to test EAGAIN behavior.
2823 2010-10-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2825 * .gitignore: updated .gitignore.
2827 2010-10-16 Simon Josefsson <simon@josefsson.org>
2829 * NEWS, src/common.c: gnutls-cli: Print channel binding only in
2830 verbose mode. Before it printed it after the 'Compression:' output, thus breaking
2831 Emacs starttls.el string searches.
2833 2010-10-15 Simon Josefsson <simon@josefsson.org>
2835 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
2836 libextra/configure.ac: Bump versions.
2838 2010-10-15 Simon Josefsson <simon@josefsson.org>
2840 * ChangeLog: Generated.
2842 2010-10-15 Simon Josefsson <simon@josefsson.org>
2844 * NEWS: Version 2.11.4.
2846 2010-10-15 Simon Josefsson <simon@josefsson.org>
2848 * lib/libgnutls.map: Rename new symbol prefix after next stable
2849 branch instead of development branch.
2851 2010-10-15 Simon Josefsson <simon@josefsson.org>
2855 2010-10-15 Simon Josefsson <simon@josefsson.org>
2857 * NEWS, doc/cha-bib.texi, doc/cha-gtls-app.texi: Document channel
2860 2010-10-15 Simon Josefsson <simon@josefsson.org>
2862 * lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_state.c,
2863 src/common.c: Implement RFC 5929 tls-unique channel binding.
2865 2010-10-14 Simon Josefsson <simon@josefsson.org>
2867 * NEWS, doc/manpages/Makefile.am, lib/gnutls_errors.c,
2868 lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in,
2869 lib/libgnutls.map: Add gnutls_session_channel_binding API.
2871 2010-10-14 Simon Josefsson <simon@josefsson.org>
2873 * doc/manpages/Makefile.am: Generated.
2875 2010-10-14 Simon Josefsson <simon@josefsson.org>
2879 2010-10-14 Simon Josefsson <simon@josefsson.org>
2881 * tests/Makefile.am, tests/gendh.c: Add self test gendh to check DH
2884 2010-10-14 Simon Josefsson <simon@josefsson.org>
2886 * tests/openpgp-auth.c: Fix compiler warnings.
2888 2010-10-14 Simon Josefsson <simon@josefsson.org>
2890 * guile/tests/Makefile.am, guile/tests/anonymous-auth.scm,
2891 guile/tests/dh-parameters.pem, guile/tests/openpgp-auth.scm,
2892 guile/tests/pkcs-import-export.scm,
2893 guile/tests/session-record-port.scm, guile/tests/x509-auth.scm:
2894 Don't generate DH primes in Guile self checks (for speed).
2896 2010-10-14 Simon Josefsson <simon@josefsson.org>
2898 * tests/userid/userid: Cleanup, fixing distcheck.
2900 2010-10-14 Simon Josefsson <simon@josefsson.org>
2902 * tests/openpgp-auth.c: Make it work with srcdir != objdir.
2904 2010-10-14 Simon Josefsson <simon@josefsson.org>
2906 * doc/reference/gnutls-docs.sgml: Improve GTK-DOC manual.
2908 2010-10-14 Simon Josefsson <simon@josefsson.org>
2912 2010-10-14 Simon Josefsson <simon@josefsson.org>
2914 * .x-sc_two_space_separator_in_usage, lib/cryptodev.c,
2915 lib/m4/hooks.m4, lib/pakchois/pakchois11.h: Fix syntax-check
2918 2010-10-14 Simon Josefsson <simon@josefsson.org>
2920 * build-aux/gendocs.sh, build-aux/pmccabe2html, doc/fdl-1.3.texi,
2921 gl/Makefile.am, gl/arpa_inet.in.h, gl/errno.in.h, gl/float.in.h,
2922 gl/ftello.c, gl/getaddrinfo.c, gl/m4/errno_h.m4, gl/m4/error.m4,
2923 gl/m4/float_h.m4, gl/m4/ftello.m4, gl/m4/getpagesize.m4,
2924 gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/hostent.m4,
2925 gl/m4/include_next.m4, gl/m4/intmax_t.m4, gl/m4/inttypes_h.m4,
2926 gl/m4/lib-ld.m4, gl/m4/lib-link.m4, gl/m4/lseek.m4,
2927 gl/m4/malloc.m4, gl/m4/memchr.m4, gl/m4/minmax.m4, gl/m4/printf.m4,
2928 gl/m4/realloc.m4, gl/m4/servent.m4, gl/m4/size_max.m4,
2929 gl/m4/socketlib.m4, gl/m4/sockets.m4, gl/m4/socklen.m4,
2930 gl/m4/sockpfaf.m4, gl/m4/stdarg.m4, gl/m4/stdbool.m4,
2931 gl/m4/stdint.m4, gl/m4/stdint_h.m4, gl/m4/stdlib_h.m4,
2932 gl/m4/time_h.m4, gl/m4/wchar_t.m4, gl/m4/wint_t.m4, gl/malloc.c,
2933 gl/netdb.in.h, gl/netinet_in.in.h, gl/read-file.c, gl/realloc.c,
2934 gl/select.c, gl/stdarg.in.h, gl/stddef.in.h, gl/stdint.in.h,
2935 gl/stdio.in.h, gl/stdlib.in.h, gl/strerror.c, gl/string.in.h,
2936 gl/sys_select.in.h, gl/sys_socket.in.h, gl/sys_stat.in.h,
2937 gl/sys_time.in.h, gl/tests/Makefile.am, gl/tests/binary-io.h,
2938 gl/tests/getpagesize.c, gl/tests/init.sh, gl/tests/sys_ioctl.in.h,
2939 gl/tests/test-binary-io.c, gl/tests/test-binary-io.sh,
2940 gl/tests/test-ftello.c, gl/tests/test-ftello.sh,
2941 gl/tests/test-ftello2.sh, gl/tests/test-ftello3.c,
2942 gl/tests/test-getaddrinfo.c, gl/tests/test-memchr.c,
2943 gl/tests/test-netdb.c, gl/tests/test-read-file.c,
2944 gl/tests/test-stdbool.c, gl/tests/test-stddef.c,
2945 gl/tests/test-stdlib.c, gl/tests/test-sys_socket.c,
2946 gl/tests/test-sys_wait.h, gl/tests/test-update-copyright.sh,
2947 gl/tests/test-vc-list-files-cvs.sh,
2948 gl/tests/test-vc-list-files-git.sh, gl/tests/test-verify.c,
2949 gl/time.in.h, gl/timespec.h, gl/unistd.in.h, gl/wchar.in.h,
2950 lib/build-aux/config.rpath, lib/gl/Makefile.am, lib/gl/errno.in.h,
2951 lib/gl/float.in.h, lib/gl/ftello.c, lib/gl/m4/codeset.m4,
2952 lib/gl/m4/errno_h.m4, lib/gl/m4/fcntl-o.m4, lib/gl/m4/float_h.m4,
2953 lib/gl/m4/ftello.m4, lib/gl/m4/getpagesize.m4,
2954 lib/gl/m4/gettext.m4, lib/gl/m4/gnulib-cache.m4,
2955 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/iconv.m4,
2956 lib/gl/m4/include_next.m4, lib/gl/m4/intdiv0.m4, lib/gl/m4/intl.m4,
2957 lib/gl/m4/intlmacosx.m4, lib/gl/m4/intmax.m4,
2958 lib/gl/m4/intmax_t.m4, lib/gl/m4/inttypes-pri.m4,
2959 lib/gl/m4/inttypes_h.m4, lib/gl/m4/lcmessage.m4,
2960 lib/gl/m4/ld-version-script.m4, lib/gl/m4/lib-ld.m4,
2961 lib/gl/m4/lib-link.m4, lib/gl/m4/lock.m4, lib/gl/m4/lseek.m4,
2962 lib/gl/m4/malloc.m4, lib/gl/m4/memchr.m4, lib/gl/m4/memmem.m4,
2963 lib/gl/m4/minmax.m4, lib/gl/m4/printf-posix.m4,
2964 lib/gl/m4/printf.m4, lib/gl/m4/progtest.m4, lib/gl/m4/realloc.m4,
2965 lib/gl/m4/size_max.m4, lib/gl/m4/socketlib.m4,
2966 lib/gl/m4/sockets.m4, lib/gl/m4/socklen.m4, lib/gl/m4/sockpfaf.m4,
2967 lib/gl/m4/stdbool.m4, lib/gl/m4/stdint.m4, lib/gl/m4/stdint_h.m4,
2968 lib/gl/m4/stdlib_h.m4, lib/gl/m4/threadlib.m4, lib/gl/m4/time_h.m4,
2969 lib/gl/m4/visibility.m4, lib/gl/m4/wchar_t.m4, lib/gl/m4/wint_t.m4,
2970 lib/gl/malloc.c, lib/gl/netdb.in.h, lib/gl/read-file.c,
2971 lib/gl/realloc.c, lib/gl/stddef.in.h, lib/gl/stdint.in.h,
2972 lib/gl/stdio.in.h, lib/gl/stdlib.in.h, lib/gl/str-two-way.h,
2973 lib/gl/string.in.h, lib/gl/strings.in.h, lib/gl/sys_socket.in.h,
2974 lib/gl/sys_stat.in.h, lib/gl/tests/Makefile.am,
2975 lib/gl/tests/binary-io.h, lib/gl/tests/getpagesize.c,
2976 lib/gl/tests/init.sh, lib/gl/tests/test-binary-io.c,
2977 lib/gl/tests/test-binary-io.sh, lib/gl/tests/test-ftello.c,
2978 lib/gl/tests/test-ftello.sh, lib/gl/tests/test-ftello2.sh,
2979 lib/gl/tests/test-ftello3.c, lib/gl/tests/test-memchr.c,
2980 lib/gl/tests/test-netdb.c, lib/gl/tests/test-read-file.c,
2981 lib/gl/tests/test-stdbool.c, lib/gl/tests/test-stddef.c,
2982 lib/gl/tests/test-stdlib.c, lib/gl/tests/test-sys_socket.c,
2983 lib/gl/tests/test-sys_wait.h, lib/gl/tests/test-verify.c,
2984 lib/gl/time.in.h, lib/gl/unistd.in.h, lib/gl/wchar.in.h,
2985 libextra/gl/gnulib.mk, libextra/gl/m4/gnulib-cache.m4,
2986 libextra/gl/m4/gnulib-comp.m4, libextra/gl/m4/ld-version-script.m4,
2987 libextra/gl/m4/lib-ld.m4, libextra/gl/m4/lib-link.m4, maint.mk:
2988 Update gnulib files.
2990 2010-10-14 Simon Josefsson <simon@josefsson.org>
2992 * cfg.mk: Don't assume chmod +x on gendocs.sh.
2994 2010-10-14 Simon Josefsson <simon@josefsson.org>
2996 * cfg.mk: Use gnulib --add-import.
2998 2010-10-14 Simon Josefsson <simon@josefsson.org>
3000 * .gitignore: Sort and update.
3002 2010-10-14 Simon Josefsson <simon@josefsson.org>
3004 * lib/po/nl.po.in: Sync with TP.
3006 2010-10-14 Simon Josefsson <simon@josefsson.org>
3008 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
3009 libextra/configure.ac: Bump versions.
3011 2010-10-14 Simon Josefsson <simon@josefsson.org>
3013 * ChangeLog: Generated.
3015 2010-10-14 Simon Josefsson <simon@josefsson.org>
3017 * NEWS: Version 2.11.3.
3019 2010-10-14 Simon Josefsson <simon@josefsson.org>
3021 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
3022 libextra/configure.ac: Bump versions.
3024 2010-10-14 Simon Josefsson <simon@josefsson.org>
3026 * doc/errcodes.c, doc/examples/ex-alert.c,
3027 doc/examples/ex-cert-select-pkcs11.c,
3028 doc/examples/ex-cert-select.c, doc/examples/ex-client-psk.c,
3029 doc/examples/ex-client-resume.c, doc/examples/ex-client-srp.c,
3030 doc/examples/ex-client-tlsia.c, doc/examples/ex-client1.c,
3031 doc/examples/ex-client2.c, doc/examples/ex-crq.c,
3032 doc/examples/ex-pkcs12.c, doc/examples/ex-rfc2818.c,
3033 doc/examples/ex-serv-anon.c, doc/examples/ex-serv-pgp.c,
3034 doc/examples/ex-serv-psk.c, doc/examples/ex-serv-srp.c,
3035 doc/examples/ex-serv1.c, doc/examples/ex-session-info.c,
3036 doc/examples/ex-verify.c, doc/examples/ex-x509-info.c,
3037 doc/examples/examples.h, doc/examples/tcp.c, guile/src/core.c,
3038 guile/src/errors.c, guile/src/extra.c, guile/src/utils.c,
3039 guile/src/utils.h, lib/auth_cert.c, lib/auth_cert.h,
3040 lib/auth_dh_common.c, lib/auth_dh_common.h, lib/auth_psk.h,
3041 lib/auth_rsa.c, lib/auth_rsa_export.c, lib/auth_srp.c,
3042 lib/auth_srp.h, lib/crypto-api.c, lib/crypto.h, lib/cryptodev.c,
3043 lib/debug.c, lib/debug.h, lib/ext_cert_type.c,
3044 lib/ext_max_record.c, lib/ext_safe_renegotiation.c,
3045 lib/ext_safe_renegotiation.h, lib/ext_server_name.c,
3046 lib/ext_server_name.h, lib/ext_session_ticket.c,
3047 lib/ext_session_ticket.h, lib/ext_signature.c, lib/ext_signature.h,
3048 lib/ext_srp.c, lib/ext_srp.h, lib/gcrypt/init.c, lib/gcrypt/mpi.c,
3049 lib/gcrypt/pk.c, lib/gnutls_alert.c, lib/gnutls_algorithms.c,
3050 lib/gnutls_algorithms.h, lib/gnutls_auth.h, lib/gnutls_buffers.c,
3051 lib/gnutls_buffers.h, lib/gnutls_cert.c, lib/gnutls_cert.h,
3052 lib/gnutls_cipher.c, lib/gnutls_cipher.h, lib/gnutls_cipher_int.c,
3053 lib/gnutls_cipher_int.h, lib/gnutls_compress.c,
3054 lib/gnutls_compress.h, lib/gnutls_constate.c,
3055 lib/gnutls_constate.h, lib/gnutls_datum.h, lib/gnutls_dh.h,
3056 lib/gnutls_errors.c, lib/gnutls_errors.h, lib/gnutls_extensions.c,
3057 lib/gnutls_extensions.h, lib/gnutls_global.c, lib/gnutls_global.h,
3058 lib/gnutls_handshake.c, lib/gnutls_handshake.h,
3059 lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_int.h,
3060 lib/gnutls_kx.c, lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h,
3061 lib/gnutls_mem.h, lib/gnutls_mpi.h, lib/gnutls_num.h,
3062 lib/gnutls_pk.c, lib/gnutls_pk.h, lib/gnutls_priority.c,
3063 lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/gnutls_record.c,
3064 lib/gnutls_record.h, lib/gnutls_session_pack.c, lib/gnutls_sig.c,
3065 lib/gnutls_sig.h, lib/gnutls_srp.c, lib/gnutls_state.c,
3066 lib/gnutls_state.h, lib/gnutls_str.c, lib/gnutls_str.h,
3067 lib/gnutls_supplemental.c, lib/gnutls_supplemental.h,
3068 lib/gnutls_x509.c, lib/includes/gnutls/abstract.h,
3069 lib/includes/gnutls/compat.h, lib/includes/gnutls/crypto.h,
3070 lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/gnutlsxx.h,
3071 lib/includes/gnutls/openpgp.h, lib/includes/gnutls/pkcs11.h,
3072 lib/includes/gnutls/pkcs12.h, lib/includes/gnutls/x509.h,
3073 lib/locks.c, lib/locks.h, lib/nettle/cipher.c, lib/nettle/egd.c,
3074 lib/nettle/egd.h, lib/nettle/init.c, lib/nettle/mac.c,
3075 lib/nettle/mpi.c, lib/nettle/pk.c, lib/nettle/rnd.c,
3076 lib/opencdk/armor.c, lib/opencdk/hash.c, lib/opencdk/kbnode.c,
3077 lib/opencdk/keydb.c, lib/opencdk/literal.c, lib/opencdk/main.c,
3078 lib/opencdk/misc.c, lib/opencdk/new-packet.c, lib/opencdk/pubkey.c,
3079 lib/opencdk/read-packet.c, lib/opencdk/seskey.c,
3080 lib/opencdk/sig-check.c, lib/opencdk/stream.c, lib/opencdk/types.h,
3081 lib/opencdk/verify.c, lib/openpgp/gnutls_openpgp.c,
3082 lib/openpgp/openpgp_int.h, lib/openpgp/output.c, lib/openpgp/pgp.c,
3083 lib/openpgp/privkey.c, lib/pakchois/dlopen.c,
3084 lib/pakchois/dlopen.h, lib/pakchois/errors.c,
3085 lib/pakchois/pakchois.c, lib/pakchois/pakchois.h,
3086 lib/pakchois/pakchois11.h, lib/pkcs11.c, lib/pkcs11_int.h,
3087 lib/pkcs11_privkey.c, lib/pkcs11_write.c, lib/random.c,
3088 lib/random.h, lib/system.c, lib/system.h, lib/x509/common.c,
3089 lib/x509/common.h, lib/x509/crl_write.c, lib/x509/crq.c,
3090 lib/x509/dn.c, lib/x509/mpi.c, lib/x509/output.c,
3091 lib/x509/privkey.c, lib/x509/sign.c, lib/x509/sign.h,
3092 lib/x509/verify.c, lib/x509/x509.c, lib/x509/x509_int.h,
3093 lib/x509/x509_write.c, lib/x509_b64.c,
3094 libextra/ext_inner_application.c, libextra/ext_inner_application.h,
3095 libextra/gnutls_extra.c, libextra/gnutls_ia.c,
3096 libextra/includes/gnutls/extra.h, libextra/openssl_compat.h,
3097 src/benchmark.c, src/certtool-cfg.h, src/certtool-common.h,
3098 src/certtool.c, src/cli.c, src/common.c, src/common.h, src/crypt.c,
3099 src/pkcs11.c, src/prime.c, src/psk.c, src/serv.c, src/tests.c,
3100 tests/anonself.c, tests/certder.c,
3101 tests/certificate_set_x509_crl.c, tests/certuniqueid.c,
3102 tests/chainverify.c, tests/crq_apis.c, tests/crq_key_id.c,
3103 tests/crypto_rng.c, tests/cve-2008-4989.c, tests/cve-2009-1415.c,
3104 tests/cve-2009-1416.c, tests/dhepskself.c, tests/dn.c, tests/dn2.c,
3105 tests/finished.c, tests/gc.c, tests/hostname-check.c,
3106 tests/init_roundtrip.c, tests/mini-eagain.c,
3107 tests/mini-x509-rehandshake.c, tests/mini-x509.c, tests/mini.c,
3108 tests/moredn.c, tests/mpi.c, tests/netconf-psk.c,
3109 tests/nul-in-x509-names.c, tests/openpgp-auth.c,
3110 tests/openpgp-keyring.c, tests/openpgpself.c, tests/openssl.c,
3111 tests/parse_ca.c, tests/pgps2kgnu.c, tests/pkcs12_encode.c,
3112 tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c, tests/pskself.c,
3113 tests/resume.c, tests/safe-renegotiation/srn0.c,
3114 tests/safe-renegotiation/srn1.c, tests/safe-renegotiation/srn2.c,
3115 tests/safe-renegotiation/srn3.c, tests/safe-renegotiation/srn4.c,
3116 tests/safe-renegotiation/srn5.c, tests/set_pkcs12_cred.c,
3117 tests/setcredcrash.c, tests/simple.c, tests/tlsia.c, tests/utils.c,
3118 tests/utils.h, tests/x509_altname.c, tests/x509dn.c,
3119 tests/x509self.c, tests/x509sign-verify.c: Indent (using GNU indent
3122 2010-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3124 * NEWS, configure.ac, lib/m4/hooks.m4: bumped version
3126 2010-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3128 * src/certtool.c: Revert "Applied last patch of Micah Anderson on
3129 IKE status." This reverts commit a6b2f5ce7316b4774649ee9b421da2ee7fef461f.
3131 2010-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3133 * libextra/fipsmd5.c: removed unneeded code.
3135 2010-10-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3137 * src/certtool.c: Applied last patch of Micah Anderson on IKE
3140 2010-10-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3142 * src/certtool.c: Applied patch on IKE extension by Micah Anderson
3144 2010-10-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3146 * lib/cryptodev.c, lib/gcrypt/mac.c, lib/gnutls_hash_int.c,
3147 lib/includes/gnutls/crypto.h, lib/nettle/mac.c: Updated cryptodev
3148 code to support the linux cryptodev extensions. Removed the clone()
3149 capability from HMAC. It was never used and having it prevents using
3150 it with hardware accelerators that might not have this capability.
3152 2010-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3154 * THANKS: Added Micah
3156 2010-10-01 Simon Josefsson <simon@josefsson.org>
3158 * doc/cha-cert-auth.texi, doc/cha-internals.texi,
3159 doc/cha-library.texi, lib/ext_safe_renegotiation.c,
3160 lib/ext_server_name.c, lib/gcrypt/init.c, lib/gnutls_record.c,
3161 lib/gnutls_str.c, lib/locks.c, lib/nettle/egd.c, lib/nettle/init.c,
3162 lib/system.c, lib/system.h, libextra/ext_inner_application.c,
3163 src/certtool-common.h, src/common.c, src/pkcs11.c: Fix some
3164 syntax-check errors.
3166 2010-10-01 Simon Josefsson <simon@josefsson.org>
3168 * lib/gnutls_int.h, lib/includes/gnutls/gnutls.h.in,
3169 lib/includes/gnutls/pkcs11.h: Fix compiler warnings.
3171 2010-10-01 Simon Josefsson <simon@josefsson.org>
3173 * NEWS, doc/manpages/Makefile.am: Mention new APIs.
3175 2010-09-30 Simon Josefsson <simon@josefsson.org>
3177 * tests/openpgp-certs/testselfsigs: Avoid bashism. Reported by m.drochner@fz-juelich.de in
3178 <http://savannah.gnu.org/support/?107449>.
3180 2010-09-30 Simon Josefsson <simon@josefsson.org>
3182 * lib/crypto-api.c: Don't return from void functions. Reported by Dagobert Michelsen <dam@opencsw.org> in
3184 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4566>.
3186 2010-09-30 Simon Josefsson <simon@josefsson.org>
3188 * lib/includes/gnutls/gnutls.h.in: Remove spurious comma.
3190 2010-09-30 Simon Josefsson <simon@josefsson.org>
3192 * lib/includes/gnutls/x509.h: Remove spurious comma.
3194 2010-09-30 Simon Josefsson <simon@josefsson.org>
3196 * tests/pkcs8-decode/Makefile.am, tests/pkcs8-decode/pkcs8: Make
3197 pkcs8-decode test work on Windows.
3199 2010-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3203 2010-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3205 * lib/ext_session_ticket.c: treat absence of parameters the same as
3206 having them disabled.
3208 2010-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3210 * tests/resume.c: Corrected behavior on failure (don't crash).
3212 2010-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3214 * lib/ext_session_ticket.c, lib/gnutls_extensions.c: Corrected bugs
3215 when restoring extensions during session resumtion.
3217 2010-09-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3219 * lib/gnutls_extensions.c: Use more informative logging for
3222 2010-09-29 Micah Anderson <micah@riseup.net>
3224 * NEWS, doc/certtool.cfg, doc/cha-programs.texi,
3225 lib/includes/gnutls/x509.h, lib/x509/output.c, src/certtool-cfg.c,
3226 src/certtool-cfg.h, src/certtool.c: Add new extended key usage
3227 ipsecIKE According to RFC 4945 § 5.1.3.12 section title
3228 "ExtendedKeyUsage"[0] the following extended key usage has been
3229 added: ... this document defines an ExtendedKeyUsage keyPurposeID that MAY
3230 be used to limit a certificate's use: id-kp-ipsecIKE OBJECT IDENTIFIER ::= { id-kp 17 } where id-kp is defined in RFC 3280 [5]. If a certificate is
3231 intended to be used with both IKE and other applications, and one
3232 of the other applications requires use of an EKU value, then such
3233 certificates MUST contain either the keyPurposeID id-kp-ipsecIKE or anyExtendedKeyUsage [5], as well as the keyPurposeID values associated with the other applications. Similarly, if a CA
3234 issues multiple otherwise-similar certificates for multiple
3235 applications including IKE, and it is intended that the IKE
3236 certificate NOT be used with another application, the IKE
3237 certificate MAY contain an EKU extension listing a keyPurposeID of
3238 id-kp-ipsecIKE to discourage its use with the other application.
3239 Recall, however, that EKU extensions in certificates meant for use
3240 in IKE are NOT RECOMMENDED. Conforming IKE implementations are not required to support EKU.
3241 If a critical EKU extension appears in a certificate and EKU is
3242 not supported by the implementation, then RFC 3280 requires that the certificate be rejected. Implementations that do support EKU
3243 MUST support the following logic for certificate validation: o If no EKU extension, continue. o If EKU present AND contains either id-kp-ipsecIKE or anyExtendedKeyUsage, continue. o Otherwise, reject cert. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3245 2010-09-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3247 * NEWS, src/certtool-gaa.c, src/certtool.gaa: --pkcs11-* in certtool
3248 was renamed to --p11-*.
3250 2010-09-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3252 * lib/ext_session_ticket.c: Added some comments and removed unused
3255 2010-09-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3257 * NEWS, lib/ext_session_ticket.c: Corrected advertizing issue for
3260 2010-09-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3262 * doc/TODO: cleanup of TODO list. Removed very old entries, entries
3263 already fixed and added new ones.
3265 2010-09-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3267 * lib/gnutls_handshake.c: IMED_RET parameters are easier to grasp.
3269 2010-09-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3271 * lib/crypto.c, lib/gcrypt/cipher.c, lib/gcrypt/mac.c,
3272 lib/nettle/cipher.c, lib/nettle/mac.c: cipher,mac and digest
3273 priorities moved to crypto.c
3275 2010-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3277 * lib/gnutls_errors.c: changed the fatality level of some errors.
3279 2010-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3281 * lib/gnutls_handshake.c: No longer use is_fatal() during handshake.
3282 Explicitely treat EAGAIN and INTERRUPTED as non-fatal during
3283 handshake. If the check_fatal flag is set then
3284 GNUTLS_E_WARNING_ALERT_RECEIVED could interrupt a handshake as well.
3286 2010-09-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3288 * src/cli.c: fflush stdout and stderr before the call to setbuf.
3289 This fixes issue in solaris where lines dissappeared from output.
3290 Reported and suggested fix by Knut Anders Hatlen.
3292 2010-09-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3294 * NEWS: documented change
3296 2010-09-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3298 * lib/nettle/pk.c: Corrected bug in wrap_nettle_pk_fixup that was
3299 importing DSA keys are RSA ones.
3301 2010-09-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3303 * lib/nettle/pk.c, lib/openpgp/privkey.c: indented some code
3305 2010-09-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3307 * lib/m4/hooks.m4: updated revision
3309 2010-09-18 Ludovic Courtès <ludo@gnu.org>
3311 * .gitignore, tests/Makefile.am, tests/openpgp-auth.c: Add an
3312 OpenPGP authentication unit test. * tests/Makefile.am (ctests)[ENABLE_OPENPGP]: Add `openpgp-auth'. (TESTS_ENVIRONMENT): Add `srcdir'. * tests/openpgp-auth.c: New file. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3314 2010-09-16 Jonathan Bastien-Filiatrault <joe@x2a.org>
3316 * lib/ext_session_ticket.c, lib/gnutls_alert.c,
3317 lib/gnutls_buffers.c, lib/gnutls_cipher.c, lib/gnutls_cipher.h,
3318 lib/gnutls_compress.c, lib/gnutls_compress.h,
3319 lib/gnutls_constate.c, lib/gnutls_constate.h,
3320 lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_num.h,
3321 lib/gnutls_record.c, lib/gnutls_record.h,
3322 lib/gnutls_session_pack.c, lib/gnutls_state.c, libextra/gnutls_ia.c:
3323 Explicit symmetric cipher state versionning. This introduces the concept of a "cipher epoch". The epoch number is
3324 the number of successful handshakes and is incremented by one each
3325 time. This concept is native to DTLS and this patch makes the
3326 symmetric cipher state explicit for TLS in preparation for DTLS.
3327 This concept was implicit in plain TLS and ChangeCipherSpec messages
3328 triggered a "pending state copy". Now, we the current epoch number
3329 is simply incremented to the parameters negotiated by the handshake. The main side effects of this patch is a slightly more abstract
3330 internal API and, in some cases, simpler code. The session blob
3331 format is also changed a bit since this patch avoids storing
3332 information that is now redundant. If this breaks library users'
3333 expectations, this side effect can be negated. The cipher_specs structure has been removed. The conn_state has
3334 become record_state_st. Only symmetric cipher information is
3335 versioned. Things such as key exchange algorithm and the master
3336 secret are not versioned and their handling is unchanged. I have tested this patch as much as I could. It introduces no test
3337 suite regressions on my x64 Debian GNU/Linux system. Do not hesitate to point out shortcomings or suggest changes. Since
3338 this is a big diff, I am expecting this to be an iterative process. Signed-off-by: Jonathan Bastien-Filiatrault <joe@x2a.org>
3339 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3341 2010-09-16 Jonathan Bastien-Filiatrault <joe@x2a.org>
3343 * lib/gnutls_errors.h: Add gnutls_assert_val idiom. This warrants being made in an inline function or macro since it is used throughout the code. This converts 4 line repetitive blocks
3344 into 1 line. Signed-off-by: Jonathan Bastien-Filiatrault <joe@x2a.org>
3345 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3347 2010-09-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3349 * AUTHORS, NEWS, configure.ac: updated for 2.11.1
3351 2010-09-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3353 * lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, lib/pkcs11_int.h,
3354 lib/pkcs11_privkey.c, src/certtool-gaa.c, src/certtool-gaa.h,
3355 src/certtool.gaa, src/pkcs11.c: Added 3 levels of details in PKCS
3356 #11 URLs. 1st level: Token level. Object is unique up to token.
3357 2nd level: Object is unique up to token and module used to access
3358 it. 3rd level: Object is unique up to token and module and version
3359 of module used to access it.
3361 2010-09-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3363 * NEWS: Documented changes.
3365 2010-09-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3367 * lib/x509_b64.c: Be liberal in the PEM decoding. That is spaces and
3368 tabs are being skipped.
3370 2010-09-08 Jonathan Bastien-Filiatrault <joe@x2a.org>
3372 * lib/gnutls_buffers.c: Fully mbufferize _gnutls_read and
3373 _gnutls_read_buffered. Signed-off-by: Jonathan Bastien-Filiatrault <joe@x2a.org>
3374 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3376 2010-09-08 Jonathan Bastien-Filiatrault <joe@x2a.org>
3378 * lib/gnutls_mbuffers.h: mbuffers: Add _mbuffer_xfree operation. Signed-off-by: Jonathan Bastien-Filiatrault <joe@x2a.org>
3379 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3381 2010-09-08 Jonathan Bastien-Filiatrault <joe@x2a.org>
3383 * lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_int.h,
3384 lib/gnutls_record.c, lib/gnutls_state.c: mbuffers: make
3385 _gnutls_io_read_buffered use mbuffers. This will be needed by the DTLS code to make sure reads are stored
3386 in segments that correspond to datagram boundaries. Signed-off-by: Jonathan Bastien-Filiatrault <joe@x2a.org>
3387 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3389 2010-09-08 Jonathan Bastien-Filiatrault <joe@x2a.org>
3391 * lib/gnutls_int.h: Parenthesize size calculations. This is standard practice and the DTLS code got bit by this. Signed-off-by: Jonathan Bastien-Filiatrault <joe@x2a.org>
3392 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3394 2010-09-08 Jonathan Bastien-Filiatrault <joe@x2a.org>
3396 * lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h: mbuffers: Add
3397 mbuffer_linearize. Signed-off-by: Jonathan Bastien-Filiatrault <joe@x2a.org>
3398 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3400 2010-09-08 Jonathan Bastien-Filiatrault <joe@x2a.org>
3402 * lib/gnutls_mbuffers.c: mbuffers: fix wrong size calculation. maximum_size is the maximum size of the payload, not including
3403 overhead. Signed-off-by: Jonathan Bastien-Filiatrault <joe@x2a.org>
3404 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3406 2010-09-08 Jonathan Bastien-Filiatrault <joe@x2a.org>
3408 * lib/gnutls_mbuffers.c: mbuffers: Make _mbuffer_remove_bytes return
3409 a meaningful error code. Signed-off-by: Jonathan Bastien-Filiatrault <joe@x2a.org>
3410 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3412 2010-09-08 Jonathan Bastien-Filiatrault <joe@x2a.org>
3414 * lib/gnutls_mbuffers.c: mbuffers: Document the internal mbuffer
3415 API. After a year of not hacking GnuTLS, I needed to look at the code to
3416 know how mbuffers work. This will make it much easier for anybody
3417 not familiar with this code. Signed-off-by: Jonathan Bastien-Filiatrault <joe@x2a.org>
3418 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3420 2010-09-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3422 * NEWS: updated NEWS.
3424 2010-09-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3426 * lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, lib/pkcs11_int.h,
3427 lib/pkcs11_privkey.c, lib/pkcs11_write.c, src/certtool-common.h,
3428 src/certtool-gaa.c, src/certtool-gaa.h, src/certtool.c,
3429 src/certtool.gaa, src/pkcs11.c: PKCS#11 URL support updated to
3430 conform to draft-pechanec-pkcs11uri-02. Now in the URL the pkcs11
3431 provider library (module) can be specified thus restricting objects
3432 within a single provider.
3434 2010-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3436 * NEWS, lib/gnutls_int.h, lib/gnutls_priority.c,
3437 lib/gnutls_record.c: When the %COMPAT flag is specified, larger
3438 records that would otherwise violate the TLS spec, are accepted.
3440 2010-08-28 Brad Hards <bradh@frogmouth.net>
3442 * src/certtool.c, src/pkcs11.c: Show which option is the default for
3443 command line tools. We use "y/N" is most places - this just adapts two places that use
3444 "Y/N" to match the behavior of read_yesno(). Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3446 2010-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3448 * lib/x509/x509.c: prevent a memory leak in the unique_id functions.
3450 2010-08-20 Brad Hards <bradh@frogmouth.net>
3452 * lib/includes/gnutls/x509.h, lib/libgnutls.map, lib/x509/output.c,
3453 lib/x509/x509.c, tests/Makefile.am, tests/certuniqueid.c: As
3454 identified in a previous mail, I've added support for accessing /
3455 displaying the subjectUniqueID and issuerUniqueID fields within an
3456 X.509 certificate. This is provided (along with a test case) in the
3457 attached patch. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3459 2010-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3461 * NEWS, lib/gnutls_int.h: By default lowat is set to zero.
3463 2010-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3465 * lib/pkcs11.c: Revert "When scanning for terminator character for
3466 PKCS #11 URLs ignore escaped \;." This reverts commit 583fad076506421c9007a3349784496e2927dcd1.
3468 2010-08-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3470 * THANKS: Added Sjoerd.
3472 2010-08-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3474 * NEWS, lib/m4/hooks.m4: libnettle is the default crypto library.
3476 2010-08-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3478 * lib/gnutls_handshake.c: oldstate var removed.
3480 2010-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3482 * tests/mini-eagain.c: mini-eagain will fail with EAGAIN error one
3483 every two attempts. That is to remove probabilities.
3485 2010-08-11 Sjoerd Simons <sjoerd.simons@collabora.co.uk>
3487 * lib/gnutls_int.h, lib/gnutls_record.c: Remember the amount of user
3488 data we're sending out Partially reverts 3ef62950845f551ebc629e50d5ddf75f71b84294.
3489 gnutls_record_send needs to return the amount of user-data we sent,
3490 so we need to keep this information somewhere to return it when we
3491 succeed in sending that data. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3493 2010-08-11 Sjoerd Simons <sjoerd.simons@collabora.co.uk>
3495 * lib/gnutls_handshake.c: Check whether the error is fatal in more
3496 cases When stressing the async API of gnutls a lot of internal errors are
3497 hit as IMED_RET clears the handshake hash buffers as a result of
3498 -EAGAIN even though it would never be re-initialized at that point,
3499 but is still needed in later stages. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3501 2010-08-11 Sjoerd Simons <sjoerd.simons@collabora.co.uk>
3503 * lib/gnutls_handshake.c, lib/gnutls_int.h: Add state for flushing
3504 the handshake buffer A seperate state is needed between flushing the handshake buffers
3505 and sending the chipher spec change otherwise it's impossible to
3506 determine whether _gnutls_send_change_cipher_spec is called for the
3507 first time or again. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3509 2010-08-01 Simon Josefsson <simon@josefsson.org>
3511 * lib/nettle/mpi.c: Fix warning.
3513 2010-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3515 * lib/m4/hooks.m4: Define HAVE_GCRYPT when using gcrypt. nettle is
3516 no longer marked as unsupported.
3518 2010-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3520 * NEWS, doc/manpages/Makefile.am, lib/gnutls_extensions.c,
3521 lib/m4/hooks.m4, lib/nettle/cipher.c, lib/nettle/mac.c,
3522 lib/nettle/pk.c, libextra/gnutls_extra.c: Added Camellia-128/256,
3523 SHA-224/384/512 and support for DSA2 when using nettle.
3525 2010-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3527 * lib/pkcs11.c: When scanning for terminator character for PKCS #11
3528 URLs ignore escaped \;.
3530 2010-07-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3532 * lib/gnutls_priority.c: Modified the example to work in TLS 1.2.
3534 2010-07-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3536 * NEWS, lib/gnutls_algorithms.c: Added RSA_NULL_SHA1 and SHA256
3539 2010-07-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3541 * lib/ext_signature.c: When signature algorithms extension is not
3542 received allow SHA1 and SHA256.
3544 2010-07-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3546 * lib/gnutls_algorithms.c: NULL MAC renamed to MAC-NULL
3548 2010-07-25 Simon Josefsson <simon@josefsson.org>
3550 * src/common.c: Avoid fixed size buffers (now handles the big >100
3553 2010-07-25 Simon Josefsson <simon@josefsson.org>
3555 * doc/manpages/Makefile.am: Generated.
3557 2010-07-25 Simon Josefsson <simon@josefsson.org>
3559 * NEWS: Re-add old NEWS entries.
3561 2010-07-25 Simon Josefsson <simon@josefsson.org>
3563 * lib/gnutls_buffers.c: Doc fix.
3565 2010-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3567 * lib/x509/privkey.c: Do not trust fbase64_decode to return 0 on
3570 2010-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3572 * NEWS, lib/gnutls_x509.c, lib/x509/privkey.c, src/certtool.c:
3573 gnutls_x509_privkey_import() will fallback to
3574 gnutls_x509_privkey_import_pkcs8() without a password, if it is
3575 unable to decode the key.
3577 2010-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3579 * lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
3580 lib/includes/gnutls/gnutls.h.in, lib/nettle/mpi.c, src/prime.c:
3581 Added GNUTLS_PK_DH to differentiate in the generation of parameters
3582 with PK_DSA that requires special treatment.
3584 2010-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3586 * lib/gnutls_algorithms.c: Corrected wrong descriptions of security
3589 2010-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3591 * lib/gnutls_algorithms.c: use RSA-SHA1 as an indicator of RSA
3594 2010-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3596 * lib/gnutls_algorithms.c: Fix DSA key values to avoid generating
3597 normal and reporting them as low.
3599 2010-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3601 * NEWS, lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
3602 lib/includes/gnutls/openpgp.h, lib/includes/gnutls/x509.h,
3603 lib/libgnutls.map, lib/nettle/mpi.c, lib/openpgp/privkey.c,
3604 lib/x509/privkey.c, src/certtool.c,
3605 tests/pathlen/no-ca-or-pathlen.pem: Better handling of security
3606 parameters to key sizes matching (via a single table). Added
3607 functions to return the security parameter of a private key.
3609 2010-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3611 * doc/cha-intro-tls.texi: Simplified documentation.
3613 2010-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3615 * lib/nettle/mpi.c: Follow ECRYPT II recommendations.
3617 2010-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3619 * NEWS, doc/cha-bib.texi, doc/cha-intro-tls.texi,
3620 lib/gnutls_algorithms.c: Updated documentation and
3621 gnutls_pk_params_t mappings to ECRYPT II recommendations.
3623 2010-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3625 * lib/gnutls_priority.c: HMAC-MD5 deprecated according to ECRYPT II
3626 yearly report (2009-2010) recommendations.
3628 2010-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3630 * tests/sha2/Makefile.am: added missing file key-subca-dsa.pem
3632 2010-07-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3634 * gtk-doc.make: ignore html errors otherwise make dist doesn't work.
3636 2010-07-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3638 * NEWS: updated NEWS
3640 2010-07-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3642 * src/certtool-common.h, src/certtool-gaa.c, src/certtool-gaa.h,
3643 src/certtool.c, src/certtool.gaa: Added option for certtool to print
3644 certificate public key.
3646 2010-07-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3648 * lib/gnutls_algorithms.c: Added SIG_RSA_MD5_OID as an indicator of
3649 RSA. Some microsoft products were using it. Reported by Mads
3652 2010-07-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3654 * lib/gnutls_algorithms.c, lib/x509/common.h: Added RSA with SHA224.
3656 2010-07-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3658 * lib/nettle/pk.c: Added blinding to RSA decryption AND signing.
3659 Will stay there until it is moved to nettle itself.
3661 2010-07-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3663 * lib/system.h: fixed
3665 2010-07-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3667 * NEWS, lib/nettle/Makefile.am, lib/nettle/egd.c, lib/nettle/egd.h,
3668 lib/nettle/rnd.c: Added support for EGD daemon in nettle's RNG. It
3669 is used if /dev/urandom is not present.
3671 2010-07-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3673 * lib/gnutls_buffers.c, lib/system.c, lib/system.h: Corrected the
3674 lowat behavior. Documented that it will be deprecated in later
3677 2010-07-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3679 * src/serv.c: gnutls-serv: Do not print CR/LF if received, but
3680 instead print LF only.
3682 2010-07-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3684 * lib/Makefile.am, lib/gnutls_buffers.c, lib/gnutls_state.c,
3685 lib/locks.c, lib/locks.h, lib/pakchois/pakchois.c, lib/system.c,
3686 lib/system.h: system specific functions were moved to system.c
3688 2010-07-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3690 * NEWS, configure.ac, lib/gnutls_alert.c, lib/gnutls_buffers.c,
3691 lib/gnutls_buffers.h, lib/gnutls_global.c, lib/gnutls_handshake.c,
3692 lib/gnutls_handshake.h, lib/gnutls_int.h, lib/gnutls_mbuffers.c,
3693 lib/gnutls_mbuffers.h, lib/gnutls_record.c, lib/gnutls_record.h,
3694 lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in,
3695 lib/libgnutls.map, libextra/gnutls_ia.c: Support scattered write
3696 using writev(). This takes advantage of the new buffering layer and
3697 allows queuing of packets and flushing them. This is currently used
3698 for handshake messages only. Performance-wise the difference of
3699 packing several TLS records in a single write doesn't seem to offer
3700 anything over ethernet (that my tests were on). Probably on links
3701 with higher latency there would be a benefit.
3703 2010-07-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3705 * doc/cha-gtls-app.texi: Removed old reference.
3707 2010-07-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3709 * doc/cha-gtls-app.texi, doc/examples/Makefile.am,
3710 doc/examples/ex-rfc2818.c: ex-rfc2818 is now a functional program
3711 demonstrating the verification procedure.
3713 2010-07-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3715 * doc/Makefile.am, doc/cha-gtls-app.texi, doc/examples/Makefile.am,
3716 doc/examples/ex-serv-export.c: Example with export ciphersuites was
3719 2010-07-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3721 * lib/gnutls_pubkey.c: corrected typo
3723 2010-07-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3725 * lib/nettle/pk.c: Use the same "e" for RSA as libgcrypt. It's the
3728 2010-07-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3730 * src/certtool-cfg.c: Do not crash if input is redirected from
3733 2010-07-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3735 * NEWS, src/certtool-gaa.c, src/certtool.c, src/certtool.gaa:
3736 Changed the default pkcs-cipher to AES-128. Allowed specifying the
3737 3des-pkcs12 cipher with the --pkcs-cipher option.
3739 2010-07-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3741 * src/benchmark.c: Use double to count bytes.
3743 2010-07-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3745 * lib/nettle/rnd.c: Added a windows version of the RNG.
3747 2010-07-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3749 * lib/nettle/rnd.c: Corrected locking usage in nettle's random
3752 2010-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3754 * lib/gcrypt/Makefile.am, lib/gnutls_privkey.c,
3755 lib/gnutls_pubkey.c, lib/nettle/Makefile.am, lib/pakchois/dlopen.h:
3756 Fixed to compile under mingw32.
3758 2010-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3760 * lib/m4/hooks.m4: only warn if dlopen or pthreads are not found.
3762 2010-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3764 * lib/gcrypt/init.c, lib/includes/gnutls/gnutls.h.in, lib/locks.c,
3765 lib/pakchois/pakchois.c: Locks were converted to be in align with
3766 posix locks to easier wrap around them.
3768 2010-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3770 * lib/Makefile.am, lib/locks.c, lib/locks.h, lib/pakchois/dlopen.c,
3771 lib/pakchois/dlopen.h, lib/pakchois/pakchois.c: The included
3772 pakchois will use gnutls locks and will use a portable dlopen() to
3773 allow compilation in win32 (untested).
3775 2010-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3777 * lib/nettle/rnd.c: Read from /dev/urandom every 20 minutes.
3779 2010-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3781 * lib/Makefile.am, lib/x509/Makefile.am: Added missing files
3783 2010-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3785 * lib/crypto-api.c, lib/gnutls_cipher_int.c,
3786 lib/gnutls_cipher_int.h, lib/includes/gnutls/crypto.h,
3787 lib/libgnutls.map: Allow encryption and decryption that are not
3790 2010-07-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3792 * src/benchmark.c: Print values in a human-readable format and do
3793 the calculations in fixed time to prevent stalling in slow systems.
3795 2010-07-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3797 * lib/m4/hooks.m4: corrected library version
3799 2010-07-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3801 * doc/examples/ex-cert-select-pkcs11.c,
3802 lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, lib/pkcs11_int.h,
3803 src/common.c, src/pkcs11.c: PIN callback supplies the token URL. The
3804 callback function in common.c will cache PIN if requested for second
3807 2010-07-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3809 * lib/gnutls_errors.c, lib/includes/gnutls/gnutls.h.in,
3810 lib/pkcs11.c, lib/pkcs11_int.h, lib/pkcs11_privkey.c,
3811 lib/pkcs11_write.c, src/common.c: Reverted the SAVE_PIN approach in
3812 PIN callback. The new approach will be to provide enough information
3813 for the callback to save the PIN itself.
3815 2010-07-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3817 * lib/gcrypt/init.c: removed unneeded function.
3819 2010-07-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3821 * lib/gnutls_cert.c: More uses of gnutls_certificate_free_ca_names
3823 2010-07-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3825 * lib/locks.c: Do not allow setting NULL lock functions
3827 2010-07-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3829 * lib/nettle/rnd.c: corrected lock usage.
3831 2010-07-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3833 * lib/m4/hooks.m4: bumped library version
3835 2010-07-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3837 * lib/includes/Makefile.am: Include abstract.h in releases.
3839 2010-06-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3841 * lib/crypto-api.c: Correctly deinitialize crypto API handles.
3843 2010-06-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3845 * lib/gnutls_int.h: commented obscure HANDSHAKE_MAC_TYPE_10 and
3846 HANDSHAKE_MAC_TYPE_12.
3848 2010-06-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3850 * lib/locks.c, lib/locks.h, lib/nettle/rnd.c: simplified locking
3851 code. Locking functions always exist but are dummies if no locks
3854 2010-06-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3856 * lib/gcrypt/Makefile.am, lib/gcrypt/init.c, lib/gnutls_errors.c,
3857 lib/gnutls_global.c, lib/gnutls_global.h,
3858 lib/includes/gnutls/gnutls.h.in, lib/locks.c, lib/locks.h,
3859 lib/nettle/Makefile.am, lib/nettle/init.c, lib/nettle/rnd.c:
3860 Initialization of crypto libraries moved outside main gnutls code.
3862 2010-06-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3864 * lib/Makefile.am, lib/gnutls_global.c, lib/gnutls_global.h,
3865 lib/locks.c, lib/locks.h: Moved locking code to special file.
3867 2010-06-29 Simon Josefsson <simon@josefsson.org>
3869 * doc/Makefile.am, doc/pkcs11-vision.eps: Add pkcs11-vision rules.
3871 2010-06-29 Simon Josefsson <simon@josefsson.org>
3873 * doc/manpages/Makefile.am: Generated.
3875 2010-06-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3877 * lib/includes/gnutls/pkcs11.h, lib/pkcs11_write.c, src/pkcs11.c:
3878 When copying a private key the sensitive flag can be set or not.
3879 This allows copying private keys that can be exported.
3881 2010-06-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3883 * lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, lib/pkcs11_int.h,
3884 lib/pkcs11_write.c, src/certtool-common.h, src/certtool.c,
3885 src/pkcs11.c: Combined object flags. No implicit login any more.
3886 Login has to be specified with a flag on every call that could use
3889 2010-06-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3891 * lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/pkcs11.c,
3892 lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_write.c: Indented
3895 2010-06-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3897 * doc/examples/ex-cert-select-pkcs11.c, lib/gnutls_pubkey.c,
3898 lib/gnutls_x509.c, lib/includes/gnutls/abstract.h,
3899 lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, lib/pkcs11_write.c,
3900 src/certtool-common.h, src/certtool-gaa.c, src/certtool-gaa.h,
3901 src/certtool.c, src/certtool.gaa, src/cli.c, src/pkcs11.c: Allow
3902 flags when importing objects from PKCS11 URLs. The only flag
3903 supported now is the PKCS11_OBJ_FLAG_LOGIN, which forces login
3904 before accessing object on a token. The reason is that some tokens
3905 do not allow access of any data without login.
3907 2010-06-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3909 * src/tests.c: Added AES-128 to block ciphers.
3911 2010-06-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3913 * lib/gnutls_session_pack.c: Corrected writing and reading order of
3914 security parameters.
3916 2010-06-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3918 * lib/configure.ac, libextra/configure.ac: use 2.11.0 everywhere
3920 2010-06-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3922 * NEWS, doc/cha-gtls-app.texi, lib/configure.ac,
3923 lib/gnutls_errors.c, lib/gnutls_global.c, lib/gnutls_global.h,
3924 lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
3925 lib/nettle/rnd.c, lib/pkcs11.c: Added gnutls_global_set_mutex() to
3926 allow setting alternative locking procedures. By default the system
3927 available locking is used. In *NIX pthreads are used and in windows
3928 the critical section API. As a side effect this change avoids any API dependance on libgcrypt
3929 even if threads are used.
3931 2010-06-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3933 * tests/chainverify.c: Modified the cacertrsamd5 short-cut. The test
3934 was checking whether verification using a trusted insecurely signed
3935 self signed certificate will fail against a chain that has this as
3936 intermediate. However this test should have succeeded since the
3937 insecure certificate is trusted. This isn't the purpose of this test however. It should have checked
3938 whether using the same certificate as trusted and to be verified and
3939 the GNUTLS_VERIFY_DO_NOT_ALLOW_SAME flag should return an error.
3941 2010-06-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3943 * tests/chainverify.c: Fail on error.
3945 2010-06-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3947 * src/certtool.c: When generating private key allow usage of
3950 2010-06-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3952 * lib/auth_dhe_psk.c, lib/auth_psk.c, lib/auth_psk.h,
3953 lib/auth_srp.c, lib/auth_srp.h, lib/ext_srp.c, lib/gnutls_int.h:
3954 MAX_SRP_USERNAME -> MAX_USERNAME_SIZE
3956 2010-06-24 Simon Josefsson <simon@josefsson.org>
3958 * README-alpha: We also require GNU make.
3960 2010-06-24 Simon Josefsson <simon@josefsson.org>
3962 * THANKS, configure.ac, lib/configure.ac, libextra/configure.ac: Use
3963 silent build rules. Suggested by Vincent Torri <vincent.torri@gmail.com> in
3965 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4349>.
3967 2010-06-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3969 * lib/includes/gnutls/gnutls.h.in: removed OPRFI extension
3972 2010-06-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3974 * lib/Makefile.am: removed OPRFI from makefile.
3976 2010-06-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3978 * lib/x509/verify.c: When verifying certificates use the same
3979 algorithm whether the DO_NOT_ALLOW_SAME flag is set or not. Before
3980 we were shortening certificate list if the flag was not set by the
3981 size of the first certificate found in the trusted list, and keep
3982 the list intact otherwise. Now we shorten the list in the latter
3983 case as well, except for the first certificate.
3985 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3987 * NEWS: Added news entry for EV-certificates.
3989 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3991 * src/tests.c, src/tests.h, src/tls_test.c: Corrected some tests.
3992 Added test to check whether the %COMPAT option is required for this
3995 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3997 * lib/gnutls_extensions.c, lib/gnutls_session_pack.c: Corrections in
3998 the new session packing code. Saving absolute positions in buffers
3999 is no longer done. Now we store only and offset to allow
4000 reallocating the buffer and still do the correct reference.
4002 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4004 * lib/ext_safe_renegotiation.c, lib/ext_safe_renegotiation.h,
4005 lib/ext_signature.c, lib/gnutls_handshake.c: Fixes in new extensions
4006 code that relate to SSL 3.0.
4008 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4010 * configure.ac: version is 2.11.0
4012 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4014 * doc/cha-cert-auth.texi: Some updates in the PKCS11 text.
4016 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4018 * doc/cha-intro-tls.texi: Some updates on renegotiation text
4020 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4022 * doc/cha-intro-tls.texi: Removed links for discussion of the COMPAT
4023 topic. I don't think they should be in the documentation.
4025 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4027 * doc/cha-intro-tls.texi: Corrected example with %COMPAT.
4029 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4031 * doc/cha-intro-tls.texi: Added gnutls_sec_param_to_pk_bits()
4034 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4036 * doc/cha-intro-tls.texi: corrected text on AES
4038 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4040 * lib/pkcs11.c: Only save PIN if login was successful.
4042 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4044 * doc/cha-auth.texi, lib/ext_signature.c: Applied patch by Andreas
4047 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4049 * src/benchmark.c: Allow setting debug level via cmd.
4051 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4053 * lib/cryptodev.c: Explicitely terminate cryptodev sessions.
4055 2010-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4057 * lib/gnutls_hash_int.c, lib/gnutls_hash_int.h: Removed the no
4058 longer needed "active" variable.
4060 2010-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4062 * NEWS: documented some of the changes
4064 2010-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4066 * lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h,
4067 lib/gnutls_hash_int.c, lib/gnutls_hash_int.h: Greatly simplified the
4068 internal hash/hmac and cipher functions.
4070 2010-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4072 * lib/includes/gnutls/pkcs11.h, lib/pkcs11.c,
4073 src/certtool-common.h, src/certtool-gaa.c, src/certtool-gaa.h,
4074 src/certtool.gaa, src/pkcs11.c: Allow listing of private keys only.
4075 Certtool has now the --pkcs11-list-privkeya option.
4077 2010-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4079 * lib/pkcs11_privkey.c: Send correct token name to callback.
4081 2010-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4083 * lib/gnutls_errors.c, lib/includes/gnutls/gnutls.h.in,
4084 lib/pkcs11.c, lib/pkcs11_int.h, lib/pkcs11_privkey.c,
4085 lib/pkcs11_write.c: Added more gnutls errors to map closer to PKCS11
4088 2010-06-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4090 * lib/gnutls_errors.c, lib/includes/gnutls/gnutls.h.in,
4091 lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, lib/pkcs11_int.h,
4092 lib/pkcs11_privkey.c, lib/pkcs11_write.c, src/cli.c, src/common.c:
4093 Added option to the PKCS11 PIN callback to save PIN if the token is
4094 being used with a single pkcs11_privkey structure.
4096 2010-06-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4098 * lib/pkcs11_privkey.c: For Private key operations new sessions are
4099 opened when are needed. This makes the usage of the PKCS11 API
4100 thread safe. The only drawback is the requirement to enter PIN on
4103 2010-06-15 Simon Josefsson <simon@josefsson.org>
4105 * src/cli.c: gnutls-cli: Make --starttls work again. Problem introduced in patch to use read() instead of fgets()
4106 committed on 2010-01-27.
4108 2010-06-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4110 * src/certtool.c, tests/sha2/key-ca-dsa.pem,
4111 tests/sha2/key-subca-dsa.pem, tests/sha2/sha2, tests/sha2/sha2-dsa:
4112 Allow SHA224 hash in certtool. Added tests for SHA-256 and SHA-224
4115 2010-06-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4117 * src/certtool.c: Do not warn multiple times for the deprecation of
4120 2010-06-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4122 * lib/ext_session_ticket.c, lib/gnutls_handshake.c,
4123 lib/gnutls_int.h, lib/gnutls_kx.c, lib/gnutls_mbuffers.c,
4124 lib/gnutls_mbuffers.h, lib/gnutls_record.c: Appending data in
4125 mbuffers is now cheaper by avoiding realloc, at the cost of
4126 requiring to specify a maximum mbuffer size at creation.
4128 2010-06-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4130 * lib/ext_safe_renegotiation.c: Removed unused functions.
4132 2010-06-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4134 * lib/gnutls_handshake.c, lib/gnutls_int.h: Combined the max ticket
4135 length with the maximum extension data length.
4137 2010-06-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4139 * NEWS, doc/cha-gtls-app.texi, lib/auth_srp.c, lib/ext_cert_type.c,
4140 lib/ext_cert_type.h, lib/ext_max_record.c, lib/ext_max_record.h,
4141 lib/ext_oprfi.c, lib/ext_oprfi.h, lib/ext_safe_renegotiation.c,
4142 lib/ext_safe_renegotiation.h, lib/ext_server_name.c,
4143 lib/ext_server_name.h, lib/ext_session_ticket.c,
4144 lib/ext_session_ticket.h, lib/ext_signature.c, lib/ext_signature.h,
4145 lib/ext_srp.c, lib/ext_srp.h, lib/gnutls_buffers.c,
4146 lib/gnutls_constate.c, lib/gnutls_extensions.c,
4147 lib/gnutls_extensions.h, lib/gnutls_handshake.c, lib/gnutls_int.h,
4148 lib/gnutls_kx.c, lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h,
4149 lib/gnutls_record.c, lib/gnutls_session_pack.c, lib/gnutls_state.c,
4150 lib/gnutls_str.c, lib/gnutls_str.h, lib/includes/gnutls/compat.h,
4151 lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, lib/pkcs11.c,
4152 lib/x509/dn.c, libextra/ext_inner_application.c,
4153 libextra/ext_inner_application.h, libextra/gnutls_extra.c,
4154 libextra/gnutls_ia.c, src/cli.c, src/serv.c, tests/Makefile.am,
4155 tests/oprfi.c, tests/tlsia.c: Simplified and made more safe the
4156 packing of data for session storage. Extensions use the internal API
4157 to store/retrieve during resumption. Removed OPRFI since it was never standardized and was never actually
4158 included in gnutls since it was in inactive ifdef. This was instead
4159 of rewriting it to use the new API.
4161 2010-06-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4163 * lib/gnutls_buffers.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
4164 lib/gnutls_str.c, lib/gnutls_str.h, lib/gnutls_supplemental.c,
4165 lib/gnutls_supplemental.h, lib/openpgp/output.c, lib/pkcs11.c,
4166 lib/x509/dn.c, lib/x509/output.c: The gnutls_string code was
4167 simplified and integrated with the buffer to avoid having two named
4170 2010-06-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4172 * lib/pakchois/pakchois.c: Properly handle fork() case.
4174 2010-06-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4176 * libextra/gnutls_extra.c: Register the md5 handler if gcrypt is in
4177 fips mode once gnutls_global_init_extra() is called.
4179 2010-06-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4181 * src/tests.c: corrected tests.
4183 2010-06-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4185 * lib/pakchois/pakchois.c, lib/pakchois/pakchois.h, lib/pkcs11.c:
4186 Added new calls to pakchois to open an absolute filename.
4188 2010-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4190 * lib/includes/gnutls/pkcs11.h: Removed several comments that
4191 pointed to Alon's implementation comments. We use inline C comments
4192 to generate documentation (not doxygen).
4194 2010-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4196 * lib/Makefile.am, lib/ext_session_ticket.c,
4197 lib/gnutls_algorithms.c, lib/gnutls_buffers.c,
4198 lib/gnutls_buffers.h, lib/gnutls_handshake.c,
4199 lib/gnutls_handshake.h, lib/gnutls_int.h, lib/gnutls_kx.c,
4200 lib/gnutls_mbuffers.c, lib/gnutls_record.c, lib/gnutls_state.c: More
4201 fixes for the rebase.
4203 2010-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4205 * AUTHORS: Added Jonathan.
4207 2010-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4209 * lib/pakchois/pakchois.c: Provider unref must be done after all
4210 sessions have been closed.
4212 2010-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4214 * lib/Makefile.am: Several fixes for the broken rebase.
4216 2010-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4218 * doc/cha-intro-tls.texi: Merged with master.
4220 2010-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4222 * lib/gnutls_handshake.c, lib/gnutls_mbuffers.h,
4223 lib/gnutls_record.c: Some other changes to mbuffers to make gnutls
4224 (a bit more) agnostic on their internal structure.
4226 2010-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4228 * lib/x509/verify.c: Corrected prefered hash algorithm return value
4231 2010-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4233 * lib/gnutls_global.c: Use GCRYCTL_ENABLE_QUICK_RANDOM when using
4236 2010-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4238 * .gitignore: Ignore more files.
4240 2010-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4242 * tests/sha2/sha2-dsa: Remove the correct file
4244 2010-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4246 * tests/sha2/key-ca-dsa.pem, tests/sha2/key-dsa.pem: Added missing
4249 2010-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4251 * lib/gnutls_pk.c, lib/gnutls_pk.h, lib/gnutls_pubkey.c,
4252 lib/includes/gnutls/abstract.h, lib/includes/gnutls/x509.h,
4253 lib/x509/crq.c, lib/x509/x509.c, src/certtool.c: The
4254 get_preferred_hash_algorithm() functions have now an extra argument
4255 to indicate whether it is mandatory to use this algorithm.
4257 2010-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4259 * doc/examples/ex-crq.c, lib/includes/gnutls/x509.h,
4260 lib/libgnutls.map, lib/x509/crq.c: Added
4261 gnutls_x509_crq_get_preferred_hash_algorithm().
4263 2010-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4265 * NEWS, lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
4266 lib/includes/gnutls/x509.h, lib/libgnutls.map, lib/x509/privkey.c,
4267 lib/x509/verify.c, lib/x509/x509.c, src/certtool.c: Added
4268 gnutls_pubkey_get_preferred_hash_algorithm() and
4269 gnutls_x509_crt_get_preferred_hash_algorithm() to allow determining
4270 the hash algorithm to use during signing. This is needed in the case
4271 of DSA that uses specific versions of SHA depending on the size of
4274 2010-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4276 * doc/gnutls.texi, lib/Makefile.am, lib/build-aux/config.rpath,
4277 lib/gcrypt/pk.c, lib/gnutls_privkey.c, lib/pkcs11.c,
4278 lib/pkcs11_privkey.c, lib/x509/privkey.c, lib/x509/sign.c,
4279 lib/x509/sign.h, lib/x509/verify.c, lib/x509/x509.c, src/pkcs11.c:
4280 Several fixes after big rebase.
4282 2010-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4284 * tests/sha2/Makefile.am, tests/sha2/sha2-dsa: Test the DSA with
4287 2010-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4289 * lib/x509/mpi.c: Print debugging information on error.
4291 2010-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4293 * NEWS, lib/gcrypt/pk.c, lib/gnutls_pk.c, lib/gnutls_sig.c,
4294 lib/nettle/mpi.c, lib/nettle/pk.c, lib/opencdk/pubkey.c,
4295 lib/opencdk/sig-check.c, lib/opencdk/verify.c,
4296 lib/openpgp/gnutls_openpgp.c, lib/openpgp/pgp.c,
4297 lib/openpgp/privkey.c, lib/pkcs11_privkey.c, lib/x509/privkey.c,
4298 lib/x509/x509_int.h: Nettle library can now parse the PGP integers.
4299 Except for SHA-224/384/512 nettle seems to be fully working now.
4301 2010-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4303 * src/certtool.c: use --sec-param to generate privkey.
4305 2010-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4307 * tests/openpgpself.c: reduced log level to a sane one
4309 2010-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4311 * tests/pathlen/ca-no-pathlen.pem,
4312 tests/pathlen/no-ca-or-pathlen.pem: Corrected for new output of
4313 --print-certificate-info
4315 2010-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4317 * tests/sha2/sha2: Print information on failure.
4319 2010-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4321 * lib/libgnutls.map, src/certtool.c: Print exp1 and exp2 if they are
4324 2010-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4326 * tests/pkcs1-padding/pkcs1-pad, tests/pkcs12-decode/pkcs12,
4327 tests/pkcs8-decode/pkcs8, tests/userid/userid: Only print output if
4330 2010-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4332 * lib/m4/hooks.m4, lib/pakchois/pakchois.c: Some pakchois fixes.
4334 2010-05-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4336 * lib/gnutls_global.c: Fixup to compile with nettle
4338 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4340 * lib/m4/hooks.m4: Do not bother with MODPATH. We don't use it.
4342 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4344 * lib/debug.c, lib/debug.h: Added again _gnutls_dump_mpi() to assist
4347 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4349 * tests/pkcs12_encode.c: Added debugging
4351 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4353 * lib/gnutls_sig.c: Allow DSA with other than SHA1 algorithms in
4356 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4358 * lib/pkix_asn1_tab.c: removed more stuff.
4360 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4362 * lib/pkix.asn, lib/x509/common.c: LocalKeyId and XmppAddr were
4365 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4367 * lib/pkix.asn, lib/pkix_asn1_tab.c: No need for those OIDs any
4370 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4372 * tests/dn2.c: Corrected to support new EV_ values.
4374 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4376 * tests/crq_key_id.c, tests/cve-2009-1416.c, tests/pkcs12_s2k_pem.c:
4377 avoid calling gcrypt directly.
4379 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4381 * NEWS, lib/includes/gnutls/crypto.h, lib/libgnutls.map,
4382 lib/random.c, lib/random.h, src/crypt.c, src/psk.c,
4383 tests/mini-eagain.c: exported gnutls_rnd().
4385 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4387 * lib/x509/common.c, lib/x509/common.h, lib/x509/dn.c: The
4388 recognition of DN elements is now self contained. It does not need
4389 entries in pkix.asn.
4391 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4393 * lib/pkix.asn, lib/pkix_asn1_tab.c, lib/x509/common.c: Added
4394 support for EV certificate attributes.
4396 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4398 * lib/m4/hooks.m4, lib/nettle/cipher.c: Fixed nettle detection and
4401 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4403 * lib/gnutls_dh_primes.c: documentation updates
4405 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4407 * src/certtool-common.h, src/certtool.c, src/prime.c: Generate
4408 dh-params also used --sec-param.
4410 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4412 * lib/nettle/mpi.c: Document that the generator is the generator of
4413 the subgroup and not the group.
4415 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4417 * src/cli.c: Corrected certificate callback.
4419 2010-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4421 * lib/gcrypt/Makefile.am, lib/nettle/Makefile.am,
4422 lib/nettle/cipher.c: More AES stuff (still doesn't work).
4424 2010-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4426 * lib/nettle/pk.c: Correction in RSA encryption.
4428 2010-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4430 * lib/nettle/cipher.c: Fixed issue with AES.
4432 2010-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4434 * NEWS, lib/gnutls_algorithms.c, lib/includes/gnutls/gnutls.h.in,
4435 lib/libgnutls.map, lib/openpgp/output.c, lib/x509/output.c,
4436 lib/x509/privkey.c, src/certtool-gaa.c, src/certtool-gaa.h,
4437 src/certtool.c, src/certtool.gaa: Added
4438 gnutls_sec_param_to_pk_bits() et al. to allow select bit sizes for
4439 private keys using a human understandable scale.
4441 2010-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4443 * NEWS, lib/gnutls_algorithms.c, lib/includes/gnutls/gnutls.h.in,
4444 lib/x509/common.h: Added support for SHA224 and SHA256 in DSA.
4446 2010-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4448 * lib/m4/hooks.m4: Always use included pakchois.
4450 2010-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4452 * doc/examples/ex-cert-select-pkcs11.c: make sure all lines fit in
4455 2010-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4457 * doc/cha-cert-auth.texi: make example more compact by removing
4460 2010-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4462 * doc/cha-bib.texi, doc/cha-cert-auth.texi: Added bibliographic
4463 reference to PKCS #11.
4465 2010-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4467 * doc/cha-cert-auth.texi: Added sketch for PKCS #11 usage.
4469 2010-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4471 * doc/credentials/x509-server-dsa.pem,
4472 doc/credentials/x509-server-key-dsa.pem: Added 2048 bit DSA key
4474 2010-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4476 * lib/opencdk/armor.c, lib/opencdk/read-packet.c,
4477 lib/opencdk/stream.c, lib/opencdk/write-packet.c: Increased log
4478 level of several messages.
4480 2010-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4482 * doc/credentials/x509/key.pem: Corrected coefficient and exp[12]
4485 2010-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4487 * lib/nettle/pk.c: Added blinding in RSA. Correct broken private
4488 keys on import. Nettle uses more values than gcrypt does from RSA
4489 decryption and it seemed that some values in our stored private keys
4490 were messy (generated by very old gnutls).
4492 2010-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4494 * doc/examples/ex-cert-select-pkcs11.c, lib/gnutls_x509.c,
4495 lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, lib/pkcs11_int.h,
4496 lib/pkcs11_privkey.c, lib/pkcs11_write.c, src/cli.c: Simplified
4497 internal API. The only question that remains now is how to handle
4498 the gnutls_pkcs11_privkey_t. Currently it opens a session and
4499 maintains a handle to the object. This will require locks to be
4500 added on operations. Alternatively new sessions may be opened for
4501 each operation performed. This is guarranteed by PKCS #11 to be
4502 thread safe but will of course require to ask for the PIN again.
4504 2010-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4506 * lib/pakchois/pakchois.c: Removed debugging print.
4508 2010-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4510 * lib/Makefile.am, lib/configure.ac, lib/m4/hooks.m4,
4511 lib/pakchois/errors.c, lib/pakchois/pakchois.c,
4512 lib/pakchois/pakchois.h, lib/pakchois/pakchois11.h: Added a modified
4513 pakchois library (to open arbitrary pkcs11 modules). Current gnutls
4514 works only with this one.
4516 2010-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4518 * doc/cha-gtls-app.texi: Added missing file.
4520 2010-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4522 * doc/TODO: Removed finished items.
4524 2010-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4526 * lib/pkcs11_write.c: Noted that there things to be done.
4528 2010-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4530 * doc/Makefile.am, doc/cha-cert-auth.texi: Added documentation on
4533 2010-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4535 * lib/gcrypt/pk.c, lib/gnutls_pk.c, lib/gnutls_pk.h,
4536 lib/opencdk/pubkey.c, lib/openpgp/privkey.c, lib/x509/privkey.c:
4537 Common code for calculation of RSA exp1 and exp2. Also update the
4538 openpgp code to calculate those values.
4540 2010-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4542 * lib/auth_dh_common.c, lib/gnutls_dh_primes.c, lib/x509/privkey.c:
4545 2010-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4547 * lib/auth_dh_common.c, lib/gcrypt/mpi.c, lib/gnutls_mpi.c:
4548 Corrected nicely hidden bug that caused accesses to uninitialized
4549 variables if the gcry_mpi_print() functions were pessimists and
4550 returned more size than actually needed for the print.
4552 2010-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4554 * lib/gcrypt/pk.c: Added some sanity checks.
4556 2010-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4558 * NEWS, doc/cha-auth.texi, doc/cha-bib.texi,
4559 doc/cha-cert-auth.texi, doc/cha-ciphersuites.texi,
4560 doc/cha-copying.texi, doc/cha-functions.texi,
4561 doc/cha-internals.texi, doc/cha-intro-tls.texi,
4562 doc/cha-library.texi, doc/cha-preface.texi, doc/cha-programs.texi,
4563 doc/cha-tls-app.texi, doc/gnutls.texi,
4564 lib/includes/gnutls/pkcs11.h, lib/libgnutls.map, lib/pkcs11.c:
4565 Documentation updates. Separated big gnutls.texi to chapter to allow
4566 easier maintainance.
4568 2010-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4570 * lib/Makefile.am, lib/gcrypt/mpi.c, lib/gcrypt/pk.c,
4571 lib/includes/gnutls/crypto.h, lib/includes/gnutls/pkcs11.h,
4572 lib/includes/gnutls/x509.h, lib/libgnutls.map, lib/nettle/pk.c,
4573 lib/pkcs11.c, lib/pkcs11_int.h, lib/pkcs11_privkey.c,
4574 lib/pkcs11_write.c, lib/x509/privkey.c, lib/x509/x509_int.h,
4575 src/certtool-common.h, src/certtool-gaa.c, src/certtool-gaa.h,
4576 src/certtool.c, src/certtool.gaa, src/crypt-gaa.c, src/pkcs11.c:
4577 Added support to copy certificates and private keys to tokens. New
4578 functions: gnutls_pkcs11_copy_x509_crt()
4579 gnutls_pkcs11_copy_x509_privkey() gnutls_pkcs11_delete_url() Certtool was updated to allow copying certificates and private keys
4580 to tokens. Deleting an object has issues (segfault) but it seems to
4581 be related with libopensc and its pkcs11 API.
4583 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4585 * lib/x509/verify.c: Added gnutls_pubkey_verify_hash(),
4586 gnutls_pubkey_get_verify_algorithm().
4588 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4590 * lib/pkcs11.c, src/pkcs11.c: Added gnutls_pubkey_import_pkcs11(),
4591 gnutls_pubkey_import_rsa_raw(), gnutls_pubkey_import_dsa_raw(),
4592 gnutls_pkcs11_obj_export().
4594 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4596 * NEWS: Tried to document recent changes.
4598 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4600 * lib/gnutls_x509.c, lib/pkcs11.c, lib/pkcs11_int.h,
4601 src/certtool-gaa.c, src/certtool.gaa, src/pkcs11.c: Added
4602 gnutls_pubkey_t abstract type to handle public keys. It can
4603 currently import/export public keys from existing certificate types
4604 as well as from PKCS #11 URL. This allows generating a certificate
4605 or certificate request from a given public key (currently one could
4606 only generate them from a given private key). PKCS#11 API augmented to allow reading arbitrary objects instead of
4607 just certificates. Certtool updated to list those objects.
4609 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4611 * lib/pkcs11.c: Added gnutls_pkcs11_token_get_flags() to distinguish
4612 between hardware and soft tokens.
4614 2010-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4616 * lib/Makefile.am: Added support for libnettle backend. This uses
4617 gmp for big number operations. It is not currently completed. It
4618 lacks RSA blinding as well as optimizations.
4620 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4622 * lib/x509/sign.c: Corrected bug in DSA signature generation.
4624 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4626 * lib/x509/x509_int.h: Added operations to sign CRLs, certificates
4627 and requests with an abstract key and thus with a PKCS #11 key as
4630 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4632 * lib/includes/gnutls/privkey.h: privkey.h -> abstract.h
4634 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4636 * lib/gnutls_x509.c: The gnutls-cli --x509cafile can now be a PKCS
4637 #11 URL. It can read gnome-keyring's certificates and use them in
4640 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4642 * lib/gnutls_x509.c: Corrections in openpgp private key usage.
4644 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4646 * tests/x509self.c: Updated self tests and examples to avoid using
4647 deprecated functions such as
4648 gnutls_certificate_server_set_retrieve_function and the sign
4651 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4653 * lib/includes/gnutls/privkey.h, lib/pkcs11_int.h: Added
4654 documentation for most of the new functions.
4656 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4658 * lib/pkcs11.c: Documented that it was initially based on neon
4659 pkcs11 and got ideas from pkcs11-helper library.
4661 2010-05-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4663 * lib/pkcs11.c: Corrections to properly handle token removal and
4666 2010-05-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4668 * lib/Makefile.am, lib/gnutls_x509.c, lib/includes/gnutls/pkcs11.h,
4669 lib/includes/gnutls/privkey.h, lib/pkcs11.c, lib/x509/sign.c: Added
4670 gnutls_pkcs11_privkey_t and gnutls_privkey_t types. Those are an
4671 abstract private key type that can be used to sign/encrypt any
4672 private key of pkcs11,x509 or openpgp types. Added support for
4673 PKCS11 in gnutls-cli/gnutls-serv.
4675 2010-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4677 * src/certtool.c, src/pkcs11.c: Added several helper functions, to
4678 allow printing of tokens.
4680 2010-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4682 * lib/pkcs11.c, src/certtool-gaa.c, src/certtool.c,
4683 src/certtool.gaa, src/pkcs11.c: Added ability to export certificates
4684 from PKCS #11 tokens. Added ability to list trusted certificates,
4685 or only certificates with a corresponding private key or just all.
4687 2010-05-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4689 * lib/Makefile.am, lib/configure.ac, lib/includes/gnutls/pkcs11.h,
4690 lib/pkcs11.c, src/certtool-gaa.c, src/certtool-gaa.h,
4691 src/certtool.gaa, src/pkcs11.c: Added initial PKCS #11 support.
4692 Certtool can now print lists of certificates available in system.
4694 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4696 * NEWS, lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
4697 lib/libgnutls.map, lib/x509/common.h, lib/x509/verify.c,
4698 lib/x509/x509.c, lib/x509/x509_int.h: Added
4699 gnutls_pubkey_verify_hash(), gnutls_pubkey_get_verify_algorithm().
4701 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4703 * NEWS, configure.ac, lib/gnutls_pubkey.c,
4704 lib/includes/gnutls/abstract.h, lib/includes/gnutls/pkcs11.h,
4705 lib/libgnutls.map, lib/pkcs11.c, lib/pkcs11_int.h, lib/x509/x509.c,
4706 src/pkcs11.c: Added gnutls_pubkey_import_pkcs11(),
4707 gnutls_pubkey_import_rsa_raw(), gnutls_pubkey_import_dsa_raw(),
4708 gnutls_pkcs11_obj_export().
4710 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4712 * .gitignore: Ignore files that should be ignored.
4714 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4716 * NEWS, src/certtool-gaa.c, src/certtool.gaa: Tried to document
4719 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4721 * lib/Makefile.am, lib/gnutls_pubkey.c, lib/gnutls_x509.c,
4722 lib/includes/gnutls/abstract.h, lib/includes/gnutls/pkcs11.h,
4723 lib/libgnutls.map, lib/pkcs11.c, lib/pkcs11_int.h,
4724 lib/pkcs11_privkey.c, lib/x509/common.c, lib/x509/common.h,
4725 lib/x509/mpi.c, lib/x509/x509.c, lib/x509/x509_int.h,
4726 src/certtool-common.h, src/certtool-gaa.c, src/certtool-gaa.h,
4727 src/certtool.c, src/certtool.gaa, src/pkcs11.c: Added
4728 gnutls_pubkey_t abstract type to handle public keys. It can
4729 currently import/export public keys from existing certificate types
4730 as well as from PKCS #11 URL. This allows generating a certificate
4731 or certificate request from a given public key (currently one could
4732 only generate them from a given private key). PKCS#11 API augmented to allow reading arbitrary objects instead of
4733 just certificates. Certtool updated to list those objects.
4735 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4737 * lib/includes/gnutls/pkcs11.h, lib/pkcs11.c: Added
4738 gnutls_pkcs11_token_get_flags() to distinguish between hardware and
4741 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4743 * lib/Makefile.am, lib/libgnutlsxx.map, lib/m4/hooks.m4: Export all
4744 symbols from C++ library. This library doesn't contain any internal
4745 symbols anyway and there is no reason to mess with the C++ ABI that
4746 hasn't got the problems of C.
4748 2010-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4750 * configure.ac, doc/examples/ex-serv-export.c,
4751 doc/examples/ex-serv-psk.c, doc/examples/ex-serv1.c,
4752 lib/Makefile.am, lib/auth_srp.c, lib/cipher-libgcrypt.c,
4753 lib/configure.ac, lib/gcrypt/Makefile.am, lib/gcrypt/cipher.c,
4754 lib/gcrypt/mac.c, lib/gcrypt/mpi.c, lib/gcrypt/pk.c,
4755 lib/gcrypt/rnd.c, lib/gnutls_global.c, lib/gnutls_mpi.c,
4756 lib/gnutls_srp.c, lib/m4/hooks.m4, lib/mac-libgcrypt.c,
4757 lib/mpi-libgcrypt.c, lib/nettle/Makefile.am, lib/nettle/cipher.c,
4758 lib/nettle/mac.c, lib/nettle/mpi.c, lib/nettle/pk.c,
4759 lib/nettle/rnd.c, lib/pk-libgcrypt.c, lib/rnd-libgcrypt.c,
4760 src/certtool.c, src/cli.c, src/serv.c, tests/chainverify.c: Added
4761 support for libnettle backend. This uses gmp for big number
4762 operations. It is not currently completed. It lacks RSA blinding as
4763 well as optimizations.
4765 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4767 * doc/manpages/gnutls-cli.1, src/cli-gaa.c, src/cli.gaa,
4768 src/serv-gaa.c, src/serv.gaa: Documented that the --file options in
4769 gnutls-cli and gnutls-serv can accept a PKCS #11 URL.
4771 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4773 * lib/x509/sign.c: Corrected bug in DSA signature generation.
4775 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4777 * lib/gnutls_privkey.c, lib/includes/gnutls/abstract.h,
4778 lib/libgnutls.map, lib/x509/crl_write.c, lib/x509/crq.c,
4779 lib/x509/mpi.c, lib/x509/sign.c, lib/x509/x509_int.h,
4780 lib/x509/x509_write.c: Added operations to sign CRLs, certificates
4781 and requests with an abstract key and thus with a PKCS #11 key as
4784 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4786 * lib/auth_cert.c, lib/auth_cert.h, lib/gnutls_privkey.c,
4787 lib/gnutls_sig.h, lib/gnutls_x509.h,
4788 lib/includes/gnutls/abstract.h, lib/includes/gnutls/privkey.h,
4789 lib/openpgp/gnutls_openpgp.h: privkey.h -> abstract.h
4791 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4793 * lib/Makefile.am, lib/configure.ac, lib/gnutls_x509.c, src/cli.c:
4794 The gnutls-cli --x509cafile can now be a PKCS #11 URL. It can read
4795 gnome-keyring's certificates and use them in the trusted list.
4797 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4799 * lib/pkcs11.c: Documented that gnutls_global_init calls
4802 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4804 * src/cli.c: Only send termination request to avoid stalling on
4805 servers that do not reply.
4807 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4809 * lib/gnutls_handshake.c, lib/gnutls_state.c, lib/gnutls_state.h:
4810 Corrected issue on the %SSL3_RECORD_VERSION priority string. It now
4811 works even when resuming a session.
4813 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4815 * doc/examples/Makefile.am, doc/examples/ex-cert-select-pkcs11.c,
4816 doc/gnutls.texi: Added initial example.
4818 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4820 * lib/auth_cert.h, lib/gnutls_x509.c, lib/openpgp/gnutls_openpgp.c:
4821 Corrections in openpgp private key usage.
4823 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4825 * doc/examples/ex-cert-select.c, tests/Makefile.am,
4826 tests/pkcs12_s2k.c, tests/x509dn.c, tests/x509signself.c: Updated
4827 self tests and examples to avoid using deprecated functions such as
4828 gnutls_certificate_server_set_retrieve_function and the sign
4831 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4833 * lib/gnutlsxx.cpp, lib/includes/gnutls/gnutlsxx.h, src/tests.c: Use
4834 the new callback function.
4836 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4838 * lib/gnutls_privkey.c, lib/includes/gnutls/pkcs11.h,
4839 lib/includes/gnutls/privkey.h, lib/libgnutls.map, lib/pkcs11.c,
4840 lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/x509/privkey.c: Added
4841 documentation for most of the new functions.
4843 2010-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4845 * lib/pkcs11.c: Documented that it was initially based on neon
4846 pkcs11 and got ideas from pkcs11-helper library.
4848 2010-05-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4850 * lib/gnutls_x509.c, lib/libgnutls.map, lib/pkcs11.c,
4851 lib/pkcs11_int.h, lib/pkcs11_privkey.c, src/common.c: Corrections to
4852 properly handle token removal and insert.
4854 2010-05-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4856 * lib/includes/gnutls/compat.h, lib/includes/gnutls/gnutls.h.in:
4857 Deprecated the sign callback.
4859 2010-05-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4861 * doc/manpages/Makefile.am, lib/Makefile.am, lib/auth_cert.c,
4862 lib/auth_cert.h, lib/auth_dhe.c, lib/auth_rsa.c,
4863 lib/auth_rsa_export.c, lib/auth_srp_rsa.c, lib/gnutls_cert.c,
4864 lib/gnutls_cert.h, lib/gnutls_global.c, lib/gnutls_int.h,
4865 lib/gnutls_privkey.c, lib/gnutls_sig.c, lib/gnutls_sig.h,
4866 lib/gnutls_state.c, lib/gnutls_str.c, lib/gnutls_x509.c,
4867 lib/gnutls_x509.h, lib/includes/gnutls/compat.h,
4868 lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
4869 lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/privkey.h,
4870 lib/includes/gnutls/x509.h, lib/libgnutls.map,
4871 lib/openpgp/gnutls_openpgp.c, lib/openpgp/gnutls_openpgp.h,
4872 lib/openpgp/openpgp_int.h, lib/pkcs11.c, lib/pkcs11_int.h,
4873 lib/pkcs11_privkey.c, lib/x509/privkey.c, lib/x509/sign.c,
4874 lib/x509/sign.h, lib/x509/x509_int.h, src/cli.c, src/common.c,
4875 src/common.h, src/pkcs11.c, src/serv.c: Added
4876 gnutls_pkcs11_privkey_t and gnutls_privkey_t types. Those are an
4877 abstract private key type that can be used to sign/encrypt any
4878 private key of pkcs11,x509 or openpgp types. Added support for
4879 PKCS11 in gnutls-cli/gnutls-serv.
4881 2010-05-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4883 * .gitignore: ignore unrelated to gnutls files.
4885 2010-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4887 * lib/includes/gnutls/pkcs11.h, lib/libgnutls.map, lib/pkcs11.c,
4888 src/certtool-common.h, src/certtool-gaa.c, src/certtool-gaa.h,
4889 src/certtool.c, src/certtool.gaa, src/pkcs11.c: Added several helper
4890 functions, to allow printing of tokens.
4892 2010-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4894 * lib/gnutls_errors.c, lib/gnutls_str.c,
4895 lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/pkcs11.h,
4896 lib/pkcs11.c, src/certtool-common.h, src/certtool-gaa.c,
4897 src/certtool-gaa.h, src/certtool.c, src/certtool.gaa, src/pkcs11.c:
4898 Added ability to export certificates from PKCS #11 tokens. Added
4899 ability to list trusted certificates, or only certificates with a
4900 corresponding private key or just all.
4902 2010-05-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4904 * lib/Makefile.am, lib/auth_srp.c, lib/configure.ac,
4905 lib/gnutls.pc.in, lib/gnutls_constate.c, lib/gnutls_errors.c,
4906 lib/gnutls_handshake.c, lib/gnutls_kx.c, lib/gnutls_psk.c,
4907 lib/gnutls_str.c, lib/gnutls_str.h, lib/includes/Makefile.am,
4908 lib/includes/gnutls/pkcs11.h, lib/libgnutls.map,
4909 lib/openpgp/gnutls_openpgp.c, lib/pkcs11.c, lib/x509/common.c,
4910 lib/x509/dn.c, src/Makefile.am, src/certtool-common.h,
4911 src/certtool-gaa.c, src/certtool-gaa.h, src/certtool.c,
4912 src/certtool.gaa, src/pkcs11.c: Added initial PKCS #11 support.
4913 Certtool can now print lists of certificates available in system.
4915 2010-03-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4917 * lib/x509/verify.c: Optimized the check_if_same().
4919 2010-02-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
4921 * lib/gnutls_algorithms.c, lib/x509/common.c, lib/x509/common.h:
4922 Added a forgoten by god OID for RSA. Warn using the actual OID on
4923 unknown public key algorithms.
4925 2009-12-09 Jonathan Bastien-Filiatrault <joe@x2a.org>
4927 * lib/ext_session_ticket.c: Adapt session ticket support to mbuffer
4930 2009-08-16 Jonathan Bastien-Filiatrault <joe@x2a.org>
4932 * lib/gnutls_handshake.c, lib/gnutls_handshake.h, lib/gnutls_kx.c,
4933 lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h: Use mbuffers for
4934 handshake synthesis.
4936 2009-08-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
4938 * lib/gnutls_buffers.c, lib/gnutls_buffers.h,
4939 lib/gnutls_handshake.c: Make _gnutls_handshake_io_send_int accept a
4942 2009-08-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
4944 * lib/gnutls_buffers.c, lib/gnutls_buffers.h,
4945 lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_state.c:
4946 Simplify handshake send buffer logic.
4948 2009-08-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
4950 * lib/gnutls_buffers.c: Fix interrupted write braino.
4952 2009-08-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
4954 * lib/gnutls_mbuffers.c: Avoid pointer warning.
4956 2009-08-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
4958 * lib/gnutls_buffers.c, lib/gnutls_mbuffers.c,
4959 lib/gnutls_mbuffers.h: Remove now useless
4960 _gnutls_mbuffer_enqueue{,copy} functions.
4962 2009-08-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
4964 * lib/gnutls_buffers.c, lib/gnutls_buffers.h,
4965 lib/gnutls_mbuffers.c, lib/gnutls_record.c: Allocate data buffer
4966 with mbuffer_st structure as suggested by Nikos.
4968 2009-08-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
4970 * lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h: Prepare for mbuffer
4971 allocation by the caller.
4973 2009-08-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
4975 * lib/gnutls_buffers.c: GNUify some missed GNUification.
4977 2009-08-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
4979 * lib/gnutls_buffers.c: Harmonize read and write function names.
4981 2009-08-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
4983 * lib/gnutls_buffers.c: Now that LEVEL and LEVEL_EQ are fixed, use
4986 2009-08-15 Jonathan Bastien-Filiatrault <joe@x2a.org>
4988 * lib/gnutls_errors.h: Make LEVEL and LEVEL_EQ macros safer. Once again, I got bit by this pretty hard.
4990 2009-08-09 Jonathan Bastien-Filiatrault <joe@x2a.org>
4992 * lib/gnutls_record.c: Use a datum for ciphered data in
4995 2009-08-09 Jonathan Bastien-Filiatrault <joe@x2a.org>
4997 * lib/gnutls_buffers.h: Remove the prototype for the non-existant
4998 function _gnutls_io_write_buffered2.
5000 2009-08-09 Jonathan Bastien-Filiatrault <joe@x2a.org>
5002 * lib/gnutls_int.h, lib/gnutls_record.c: Cleanup of the remaining
5003 internals.record_send_buffer mess.
5005 2009-08-09 Jonathan Bastien-Filiatrault <joe@x2a.org>
5007 * lib/gnutls_buffers.c: Remove yet another !@#$% instance of
5008 redundant hexadecimal dumping.
5010 2009-08-09 Jonathan Bastien-Filiatrault <joe@x2a.org>
5012 * lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_record.c:
5013 Modify slightly the contract of _gnutls_io_write_buffered as
5014 suggested by Nikos Mavrogiannopoulos.
5016 2009-08-09 Jonathan Bastien-Filiatrault <joe@x2a.org>
5018 * lib/gnutls_buffers.c, lib/gnutls_mbuffers.c,
5019 lib/gnutls_mbuffers.h: Pass datums to mbuffers by address instead of
5022 2009-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5024 * lib/gnutls_handshake.c, lib/gnutls_record.c: Corrected case where
5025 handshake data were received during a session. It now stores them
5026 for future use by a gnutls_handshake(). Reported by Peter
5027 Hendrickson <pdh@wiredyne.com>.
5029 2009-08-06 Jonathan Bastien-Filiatrault <joe@x2a.org>
5031 * lib/gnutls_buffers.c: Simplify _gnutls_io_write_buffered and
5032 _gnutls_io_write_flush with mbuffers.
5034 2009-08-06 Jonathan Bastien-Filiatrault <joe@x2a.org>
5036 * lib/gnutls_int.h, lib/gnutls_state.c: Change type of
5037 internals.record_send_buffer to a mbuffer.
5039 2009-08-06 Jonathan Bastien-Filiatrault <joe@x2a.org>
5041 * lib/gnutls_buffers.c: Extract a simple_write function from
5042 _gnutls_io_write_buffered.
5044 2009-08-06 Jonathan Bastien-Filiatrault <joe@x2a.org>
5046 * lib/gnutls_buffers.c: Add dump_bytes function.
5048 2009-08-06 Jonathan Bastien-Filiatrault <joe@x2a.org>
5050 * lib/Makefile.am, lib/gnutls_int.h, lib/gnutls_mbuffers.c,
5051 lib/gnutls_mbuffers.h: Add gnutls_mbuffers.{c,h} with some basic
5054 2009-08-01 Jonathan Bastien-Filiatrault <joe@x2a.org>
5056 * lib/gnutls_algorithms.c: Do not rely on version ordering; use
5057 switch..case instead.
5059 2009-08-01 Jonathan Bastien-Filiatrault <joe@x2a.org>
5061 * lib/auth_cert.c: Remove hardcoded version checks in auth_cert.c.
5063 2009-08-01 Jonathan Bastien-Filiatrault <joe@x2a.org>
5065 * lib/gnutls_state.c: Remove hardcoded version check in
5068 2009-08-01 Jonathan Bastien-Filiatrault <joe@x2a.org>
5070 * lib/gnutls_cipher.c: Remove hardcoded version checks in
5073 2009-08-01 Jonathan Bastien-Filiatrault <joe@x2a.org>
5075 * lib/gnutls_sig.c: Remove hardcoded version checks in gnutls_sig.c.
5077 2009-08-01 Jonathan Bastien-Filiatrault <joe@x2a.org>
5079 * lib/gnutls_handshake.c: Remove hardcoded version checks in
5082 2009-08-01 Jonathan Bastien-Filiatrault <joe@x2a.org>
5084 * lib/gnutls_algorithms.c: Add version check function for selectable
5085 signature/hash certificate algorithms.
5087 2009-08-01 Jonathan Bastien-Filiatrault <joe@x2a.org>
5089 * lib/gnutls_algorithms.c: Add version check functions for
5090 non-minimal padding.
5092 2009-08-01 Jonathan Bastien-Filiatrault <joe@x2a.org>
5094 * lib/gnutls_algorithms.c, lib/gnutls_algorithms.h: Add version
5095 check function for explicit IV.
5097 2009-08-01 Jonathan Bastien-Filiatrault <joe@x2a.org>
5099 * lib/gnutls_algorithms.h: Add version check functions for
5100 selectable PRF and extension handling.
5102 2010-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5104 * doc/announce.txt, doc/gnutls.texi, doc/manpages/gnutls-cli.1,
5105 doc/manpages/gnutls-serv.1, lib/ext_safe_renegotiation.c,
5106 lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_priority.c,
5107 lib/gnutls_state.c, tests/safe-renegotiation/srn1.c,
5108 tests/safe-renegotiation/srn5.c, tests/safe-renegotiation/testsrn:
5109 Splitted safe renegotiation capabilities to %SAFE_RENEGOTIATION: will enable safe renegotiation. This is the
5110 most secure and recommended option for clients. However this will
5111 prevent from connecting to legacy servers. %PARTIAL_RENEGOTIATION: Prevents renegotiation with clients and
5112 servers not supporting the safe renegotiation extension. (this is
5113 the default) %UNSAFE_RENEGOTIATION: Permits (re-)handshakes even unsafe ones.
5115 2010-05-31 Simon Josefsson <simon@josefsson.org>
5117 * doc/gnutls.texi: Minor fix.
5119 2010-05-31 Simon Josefsson <simon@josefsson.org>
5121 * GNUmakefile, maint.mk: Update gnulib files.
5123 2010-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5125 * doc/gnutls.texi: Documented the defaults.
5127 2010-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5129 * doc/gnutls.texi: Added INITIAL_SAFE_RENEGOTIATION and other small
5132 2010-05-28 Simon Josefsson <simon@josefsson.org>
5134 * doc/gnutls.texi: Update.
5136 2010-05-28 Simon Josefsson <simon@josefsson.org>
5138 * tests/safe-renegotiation/README: Add.
5140 2010-05-28 Simon Josefsson <simon@josefsson.org>
5142 * .x-sc_prohibit_strings_without_use, build-aux/c++defs.h,
5143 build-aux/gendocs.sh, build-aux/gnupload, build-aux/vc-list-files,
5144 configure.ac, doc/gendocs_template, gl/Makefile.am, gl/error.c,
5145 gl/m4/asm-underscore.m4, gl/m4/gnulib-cache.m4,
5146 gl/m4/gnulib-common.m4, gl/m4/gnulib-comp.m4, gl/m4/netdb_h.m4,
5147 gl/m4/stdio_h.m4, gl/m4/unistd_h.m4, gl/m4/valgrind-tests.m4,
5148 gl/netdb.in.h, gl/stdio-write.c, gl/stdio.in.h,
5149 gl/tests/Makefile.am, gl/tests/init.sh, gl/tests/test-lseek.sh,
5150 gl/tests/test-vc-list-files-cvs.sh,
5151 gl/tests/test-vc-list-files-git.sh, gl/tests/test-verify.c,
5152 gl/tests/test-verify.sh, gl/tests/verify.h, gl/unistd.in.h,
5153 gl/vasnprintf.c, gl/wchar.in.h, gtk-doc.make,
5154 lib/build-aux/c++defs.h, lib/gl/Makefile.am,
5155 lib/gl/m4/asm-underscore.m4, lib/gl/m4/fcntl-o.m4,
5156 lib/gl/m4/gettext.m4, lib/gl/m4/gnulib-common.m4,
5157 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/iconv.m4, lib/gl/m4/intl.m4,
5158 lib/gl/m4/netdb_h.m4, lib/gl/m4/po.m4, lib/gl/m4/stdio_h.m4,
5159 lib/gl/m4/unistd_h.m4, lib/gl/netdb.in.h, lib/gl/stdio-write.c,
5160 lib/gl/stdio.in.h, lib/gl/tests/Makefile.am, lib/gl/tests/init.sh,
5161 lib/gl/tests/test-vasprintf.c, lib/gl/tests/test-verify.c,
5162 lib/gl/tests/test-verify.sh, lib/gl/tests/verify.h,
5163 lib/gl/unistd.in.h, lib/gl/vasnprintf.c, lib/gl/wchar.in.h,
5164 libextra/gl/m4/gnulib-common.m4, m4/valgrind.m4, maint.mk: Update
5165 gnulib files, use valgrind-tests module, fix syntax-check problems.
5167 2010-05-28 Simon Josefsson <simon@josefsson.org>
5169 * doc/announce.txt: Doc fix.
5171 2010-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5173 * lib/x509/common.h, lib/x509/privkey.c, lib/x509/sign.c,
5174 lib/x509/verify.c: Use correct hashing algorithms for DSA with q
5177 2010-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5179 * lib/gnutls_algorithms.c: Better checks in loops.
5181 2010-05-22 Simon Josefsson <simon@josefsson.org>
5183 * lib/x509/crl.c: Doc fix.
5185 2010-05-22 Simon Josefsson <simon@josefsson.org>
5189 2010-05-22 Simon Josefsson <simon@josefsson.org>
5193 2010-05-22 Simon Josefsson <simon@josefsson.org>
5195 * doc/reference/Makefile.am, gtk-doc.make, m4/gtk-doc.m4: Support
5198 2010-05-22 Simon Josefsson <simon@josefsson.org>
5200 * cfg.mk: Also build PDF manual.
5202 2010-05-22 Simon Josefsson <simon@josefsson.org>
5204 * doc/gnutls.texi: Fix node/section usage.
5206 2010-05-22 Simon Josefsson <simon@josefsson.org>
5208 * tests/safe-renegotiation/srn5.c: Fix self test.
5210 2010-05-22 Simon Josefsson <simon@josefsson.org>
5212 * lib/gnutls_handshake.c: Readd lost fix from Nikos.
5214 2010-05-22 Simon Josefsson <simon@josefsson.org>
5216 * lib/ext_safe_renegotiation.c: Readd lost fix from Nikos.
5218 2010-05-22 Simon Josefsson <simon@josefsson.org>
5222 2010-05-22 Simon Josefsson <simon@josefsson.org>
5224 * lib/gnutls_errors.c, libextra/includes/gnutls/openssl.h,
5225 libextra/openssl_compat.c: Doc fixes.
5227 2010-05-22 Simon Josefsson <simon@josefsson.org>
5229 * lib/x509/x509.c: Doc fix.
5231 2010-05-22 Simon Josefsson <simon@josefsson.org>
5233 * Makefile.am, NEWS, README, cfg.mk, configure.ac, doc/Makefile.am,
5234 doc/credentials/Makefile.am, doc/cyclo/Makefile.am, doc/errcodes.c,
5235 doc/examples/Makefile.am, doc/examples/ex-client-srp.c,
5236 doc/examples/ex-serv-anon.c, doc/examples/ex-serv-pgp.c,
5237 doc/examples/ex-serv-psk.c, doc/examples/ex-serv-srp.c,
5238 doc/examples/ex-serv1.c, doc/gnutls.texi, doc/manpages/Makefile.am,
5239 doc/printlist.c, guile/Makefile.am, guile/modules/Makefile.am,
5240 guile/modules/gnutls.scm, guile/modules/gnutls/build/enums.scm,
5241 guile/modules/gnutls/build/priorities.scm,
5242 guile/modules/gnutls/build/smobs.scm,
5243 guile/modules/gnutls/build/utils.scm,
5244 guile/modules/gnutls/extra.scm, guile/src/Makefile.am,
5245 guile/src/core.c, guile/src/errors.c, guile/src/errors.h,
5246 guile/src/extra.c, guile/src/make-enum-header.scm,
5247 guile/src/make-enum-map.scm, guile/src/make-session-priorities.scm,
5248 guile/src/make-smob-header.scm, guile/src/make-smob-types.scm,
5249 guile/src/utils.c, guile/src/utils.h, guile/tests/Makefile.am,
5250 guile/tests/anonymous-auth.scm, guile/tests/errors.scm,
5251 guile/tests/openpgp-auth.scm, guile/tests/openpgp-keyring.scm,
5252 guile/tests/openpgp-keys.scm, guile/tests/pkcs-import-export.scm,
5253 guile/tests/session-record-port.scm, guile/tests/srp-base64.scm,
5254 guile/tests/x509-auth.scm, guile/tests/x509-certificates.scm,
5255 lib/Makefile.am, lib/auth_anon.c, lib/auth_anon.h, lib/auth_cert.c,
5256 lib/auth_cert.h, lib/auth_dh_common.c, lib/auth_dh_common.h,
5257 lib/auth_dhe.c, lib/auth_dhe_psk.c, lib/auth_psk.c, lib/auth_psk.h,
5258 lib/auth_psk_passwd.c, lib/auth_psk_passwd.h, lib/auth_rsa.c,
5259 lib/auth_rsa_export.c, lib/auth_srp.c, lib/auth_srp.h,
5260 lib/auth_srp_passwd.c, lib/auth_srp_passwd.h, lib/auth_srp_rsa.c,
5261 lib/auth_srp_sb64.c, lib/cipher-libgcrypt.c, lib/configure.ac,
5262 lib/crypto-api.c, lib/crypto.c, lib/crypto.h, lib/cryptodev.c,
5263 lib/debug.c, lib/debug.h, lib/ext_cert_type.c, lib/ext_cert_type.h,
5264 lib/ext_max_record.c, lib/ext_max_record.h, lib/ext_oprfi.c,
5265 lib/ext_oprfi.h, lib/ext_safe_renegotiation.c,
5266 lib/ext_safe_renegotiation.h, lib/ext_server_name.c,
5267 lib/ext_server_name.h, lib/ext_session_ticket.c,
5268 lib/ext_session_ticket.h, lib/ext_signature.c, lib/ext_signature.h,
5269 lib/ext_srp.c, lib/ext_srp.h, lib/gnutls_alert.c,
5270 lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
5271 lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_auth.h,
5272 lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_cert.c,
5273 lib/gnutls_cert.h, lib/gnutls_cipher.c, lib/gnutls_cipher.h,
5274 lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h,
5275 lib/gnutls_compress.c, lib/gnutls_compress.h,
5276 lib/gnutls_constate.c, lib/gnutls_constate.h, lib/gnutls_datum.c,
5277 lib/gnutls_datum.h, lib/gnutls_db.c, lib/gnutls_db.h,
5278 lib/gnutls_dh.c, lib/gnutls_dh.h, lib/gnutls_dh_primes.c,
5279 lib/gnutls_errors.c, lib/gnutls_errors.h, lib/gnutls_extensions.c,
5280 lib/gnutls_extensions.h, lib/gnutls_global.c, lib/gnutls_global.h,
5281 lib/gnutls_handshake.c, lib/gnutls_handshake.h,
5282 lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_helper.c,
5283 lib/gnutls_int.h, lib/gnutls_kx.c, lib/gnutls_kx.h,
5284 lib/gnutls_mem.c, lib/gnutls_mem.h, lib/gnutls_mpi.c,
5285 lib/gnutls_mpi.h, lib/gnutls_num.c, lib/gnutls_num.h,
5286 lib/gnutls_pk.c, lib/gnutls_pk.h, lib/gnutls_priority.c,
5287 lib/gnutls_psk.c, lib/gnutls_psk_netconf.c, lib/gnutls_record.c,
5288 lib/gnutls_record.h, lib/gnutls_rsa_export.c,
5289 lib/gnutls_rsa_export.h, lib/gnutls_session.c,
5290 lib/gnutls_session_pack.c, lib/gnutls_session_pack.h,
5291 lib/gnutls_sig.c, lib/gnutls_sig.h, lib/gnutls_srp.c,
5292 lib/gnutls_srp.h, lib/gnutls_state.c, lib/gnutls_state.h,
5293 lib/gnutls_str.c, lib/gnutls_str.h, lib/gnutls_supplemental.c,
5294 lib/gnutls_supplemental.h, lib/gnutls_ui.c, lib/gnutls_v2_compat.c,
5295 lib/gnutls_v2_compat.h, lib/gnutls_x509.c, lib/gnutls_x509.h,
5296 lib/includes/Makefile.am, lib/includes/gnutls/crypto.h,
5297 lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
5298 lib/includes/gnutls/pkcs12.h, lib/includes/gnutls/x509.h,
5299 lib/libgnutls.map, lib/libgnutlsxx.map, lib/m4/hooks.m4,
5300 lib/mac-libgcrypt.c, lib/minitasn1/Makefile.am,
5301 lib/mpi-libgcrypt.c, lib/opencdk/Makefile.am,
5302 lib/openpgp/Makefile.am, lib/openpgp/compat.c,
5303 lib/openpgp/extras.c, lib/openpgp/gnutls_openpgp.c,
5304 lib/openpgp/output.c, lib/openpgp/pgp.c, lib/openpgp/pgpverify.c,
5305 lib/openpgp/privkey.c, lib/pk-libgcrypt.c, lib/random.c,
5306 lib/random.h, lib/rnd-libgcrypt.c, lib/x509/Makefile.am,
5307 lib/x509/common.c, lib/x509/common.h, lib/x509/crl.c,
5308 lib/x509/crl_write.c, lib/x509/crq.c, lib/x509/dn.c,
5309 lib/x509/extensions.c, lib/x509/mpi.c, lib/x509/output.c,
5310 lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c, lib/x509/pkcs12_encr.c,
5311 lib/x509/pkcs7.c, lib/x509/privkey.c, lib/x509/privkey_pkcs8.c,
5312 lib/x509/rfc2818_hostname.c, lib/x509/sign.c, lib/x509/verify.c,
5313 lib/x509/x509.c, lib/x509/x509_int.h, lib/x509/x509_write.c,
5314 lib/x509_b64.c, lib/x509_b64.h, libextra/Makefile.am,
5315 libextra/configure.ac, libextra/ext_inner_application.c,
5316 libextra/ext_inner_application.h, libextra/fipsmd5.c,
5317 libextra/gl/Makefile.am, libextra/gnutls_extra.c,
5318 libextra/gnutls_ia.c, libextra/gnutls_openssl.c,
5319 libextra/includes/Makefile.am, libextra/includes/gnutls/extra.h,
5320 libextra/includes/gnutls/openssl.h, libextra/libgnutls-extra.map,
5321 libextra/m4/hooks.m4, libextra/openssl_compat.c,
5322 libextra/openssl_compat.h, src/Makefile.am, src/benchmark.c,
5323 src/certtool-cfg.c, src/certtool.c, src/cli.c, src/common.c,
5324 src/crypt.c, src/list.h, src/prime.c, src/psk.c, src/serv.c,
5325 src/tests.c, src/tls_test.c, tests/Makefile.am, tests/anonself.c,
5326 tests/certder.c, tests/certificate_set_x509_crl.c,
5327 tests/chainverify.c, tests/crq_apis.c, tests/crq_key_id.c,
5328 tests/crypto_rng.c, tests/cve-2008-4989.c, tests/cve-2009-1415.c,
5329 tests/cve-2009-1416.c, tests/dhepskself.c, tests/dn.c, tests/dn2.c,
5330 tests/finished.c, tests/gc.c, tests/hostname-check.c,
5331 tests/init_roundtrip.c, tests/key-id/Makefile.am,
5332 tests/key-id/key-id, tests/mini-eagain.c,
5333 tests/mini-x509-rehandshake.c, tests/mini-x509.c, tests/mini.c,
5334 tests/moredn.c, tests/mpi.c, tests/netconf-psk.c,
5335 tests/nist-pkits/pkits, tests/nist-pkits/pkits_crl,
5336 tests/nist-pkits/pkits_crt, tests/nist-pkits/pkits_pkcs12,
5337 tests/nist-pkits/pkits_smime, tests/nul-in-x509-names.c,
5338 tests/openpgp-certs/Makefile.am, tests/openpgp-certs/testcerts,
5339 tests/openpgp-certs/testselfsigs, tests/openpgp-keyring.c,
5340 tests/openpgpself.c, tests/openssl.c, tests/oprfi.c,
5341 tests/parse_ca.c, tests/pathlen/Makefile.am, tests/pathlen/pathlen,
5342 tests/pgps2kgnu.c, tests/pkcs1-padding/Makefile.am,
5343 tests/pkcs1-padding/pkcs1-pad, tests/pkcs12-decode/Makefile.am,
5344 tests/pkcs12-decode/pkcs12, tests/pkcs12_encode.c,
5345 tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c,
5346 tests/pkcs8-decode/Makefile.am, tests/pkcs8-decode/pkcs8,
5347 tests/pskself.c, tests/resume.c, tests/rfc2253-escape-test,
5348 tests/rsa-md5-collision/Makefile.am,
5349 tests/rsa-md5-collision/rsa-md5-collision,
5350 tests/safe-renegotiation/Makefile.am,
5351 tests/safe-renegotiation/srn0.c, tests/safe-renegotiation/srn1.c,
5352 tests/safe-renegotiation/srn2.c, tests/safe-renegotiation/srn3.c,
5353 tests/safe-renegotiation/srn4.c, tests/safe-renegotiation/srn5.c,
5354 tests/safe-renegotiation/testsrn, tests/set_pkcs12_cred.c,
5355 tests/setcredcrash.c, tests/sha2/Makefile.am, tests/sha2/sha2,
5356 tests/simple.c, tests/tlsia.c, tests/userid/Makefile.am,
5357 tests/userid/userid, tests/utils.c, tests/utils.h,
5358 tests/x509_altname.c, tests/x509dn.c, tests/x509paths/chain,
5359 tests/x509self.c, tests/x509sign-verify.c, tests/x509signself.c:
5360 Change GNUTLS into GnuTLS.
5362 2010-05-22 Simon Josefsson <simon@josefsson.org>
5364 * AUTHORS, ChangeLog.1, NEWS, README, README-alpha, THANKS,
5365 doc/gnutls.texi, doc/manpages/gnutls-cli-debug.1,
5366 doc/manpages/gnutls-cli.1, doc/manpages/gnutls-serv.1,
5367 doc/manpages/srptool.1, doc/reference/gnutls-docs.sgml,
5368 lib/ext_safe_renegotiation.c, lib/gnutls_handshake.c,
5369 src/cli-gaa.c, src/cli.gaa, src/serv-gaa.c, src/serv.gaa,
5370 src/tls_test-gaa.c, src/tls_test.gaa: Change GNU TLS into GnuTLS.
5372 2010-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5374 * lib/ext_safe_renegotiation.c, lib/gnutls_handshake.c: Ignore
5375 parsing of ciphersuite or extensions when safe renegotiation is
5378 2010-05-22 Simon Josefsson <simon@josefsson.org>
5380 * tests/safe-renegotiation/Makefile.am,
5381 tests/safe-renegotiation/srn5.c: Add test of self renegotiation
5384 2010-05-22 Simon Josefsson <simon@josefsson.org>
5386 * tests/safe-renegotiation/Makefile.am,
5387 tests/safe-renegotiation/README, tests/safe-renegotiation/srn4.c:
5388 Add more rengotiation self tests.
5390 2010-05-22 Simon Josefsson <simon@josefsson.org>
5392 * tests/safe-renegotiation/Makefile.am,
5393 tests/safe-renegotiation/README, tests/safe-renegotiation/srn0.c:
5394 Add more safe renegotiation self test.
5396 2010-05-21 Simon Josefsson <simon@josefsson.org>
5398 * NEWS, doc/announce.txt, doc/gnutls.texi,
5399 doc/manpages/Makefile.am, lib/ext_safe_renegotiation.c,
5400 lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
5401 tests/safe-renegotiation/srn2.c: Remove
5402 gnutls_safe_negotiation_set_initial and
5403 gnutls_safe_renegotiation_set.
5405 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5407 * lib/gnutls_priority.c: Documented behavioral change.
5409 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5411 * lib/gnutls_int.h, lib/gnutls_priority.c: Because we want to
5412 differentiate the behavior of server and client with regards to safe
5413 renegotiation. If a server didn't have either SAFE_RENEGOTIATION or
5414 UNSAFE_RENEGOTIATION set the safe renegotiation will be the default.
5415 This (as well as the safe_renegotiation_set flag) has to be removed
5416 once safe renegotiation is default in both server and client side.
5418 2010-05-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5420 * lib/gnutls_state.c: Emulate old gnutls behavior regarding safe
5421 renegotiation if the priority_* functions are not called.
5423 2010-05-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5425 * lib/includes/gnutls/x509.h: Corrected typo. Reported by Clint
5428 2010-05-03 Simon Josefsson <simon@josefsson.org>
5430 * tests/safe-renegotiation/Makefile.am,
5431 tests/safe-renegotiation/srn1.c, tests/safe-renegotiation/srn3.c:
5432 tests: Add srn3 to test inverse of what srn1 is testing.
5434 2010-05-03 Simon Josefsson <simon@josefsson.org>
5436 * tests/safe-renegotiation/Makefile.am,
5437 tests/safe-renegotiation/srn2.c: tests: Add another safe
5438 renegotiation self tests.
5440 2010-05-03 Simon Josefsson <simon@josefsson.org>
5442 * tests/safe-renegotiation/srn1.c: Also test
5443 gnutls_safe_renegotiation_status API.
5445 2010-05-03 Simon Josefsson <simon@josefsson.org>
5447 * tests/safe-renegotiation/Makefile.am,
5448 tests/safe-renegotiation/srn1.c: tests: Add first self-test of safe
5449 renegotiation extension.
5451 2010-05-03 Simon Josefsson <simon@josefsson.org>
5453 * tests/Makefile.am, tests/mini-x509-rehandshake.c: tests: Add small
5454 X.509 rehandshake test.
5456 2010-05-03 Simon Josefsson <simon@josefsson.org>
5458 * tests/mini-x509.c: Protect against infloops.
5460 2010-05-03 Simon Josefsson <simon@josefsson.org>
5462 * tests/Makefile.am, tests/mini-x509.c: tests: Add mini-x509
5465 2010-04-30 Simon Josefsson <simon@josefsson.org>
5467 * doc/gnutls.texi: Improve text, based on suggestions from Tomas
5468 Hoger <thoger@redhat.com>.
5470 2010-04-29 Simon Josefsson <simon@josefsson.org>
5472 * lib/gnutls_handshake.c: Fix typo.
5474 2010-04-29 Simon Josefsson <simon@josefsson.org>
5476 * lib/gnutls_handshake.c: Improve renegotiation debug messages.
5478 2010-04-29 Simon Josefsson <simon@josefsson.org>
5480 * doc/announce.txt: Add.
5482 2010-04-29 Simon Josefsson <simon@josefsson.org>
5486 2010-04-29 Simon Josefsson <simon@josefsson.org>
5488 * doc/gnutls.texi: Add section on safe renegotiation.
5490 2010-04-29 Simon Josefsson <simon@josefsson.org>
5492 * lib/gnutls_record.c: Remove debug code.
5494 2010-04-25 Simon Josefsson <simon@josefsson.org>
5496 * doc/gnutls.texi: Mention shared library map file and GTK-DOC
5499 2010-04-22 Simon Josefsson <simon@josefsson.org>
5501 * doc/announce.txt: Update URL.
5503 2010-04-22 Simon Josefsson <simon@josefsson.org>
5505 * AUTHORS: Update my OpenPGP key.
5507 2010-04-22 Simon Josefsson <simon@josefsson.org>
5509 * doc/announce.txt: Update my key.
5511 2010-04-22 Simon Josefsson <simon@josefsson.org>
5513 * doc/announcement-template.txt: Remove.
5515 2010-04-22 Simon Josefsson <simon@josefsson.org>
5517 * doc/ANNOUNCE, doc/announce.txt: Prepare 2.10.0 release notes.
5519 2010-04-22 Simon Josefsson <simon@josefsson.org>
5521 * NEWS: Add 2.8.x NEWS entries.
5523 2010-04-22 Simon Josefsson <simon@josefsson.org>
5525 * libextra/configure.ac: Also bump libgnutls-extra version.
5527 2010-04-22 Simon Josefsson <simon@josefsson.org>
5529 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4: Bump
5532 2010-04-22 Simon Josefsson <simon@josefsson.org>
5534 * build-aux/gendocs.sh: Chmod +x.
5536 2010-04-22 Simon Josefsson <simon@josefsson.org>
5538 * ChangeLog: Generated.
5540 2010-04-22 Simon Josefsson <simon@josefsson.org>
5542 * NEWS: Version 2.9.10.
5544 2010-04-21 Simon Josefsson <simon@josefsson.org>
5546 * NEWS, lib/minitasn1/Makefile.am, lib/minitasn1/coding.c,
5547 lib/minitasn1/decoding.c, lib/minitasn1/element.h,
5548 lib/minitasn1/gstr.h, lib/minitasn1/libtasn1.h,
5549 lib/minitasn1/parser_aux.c, lib/minitasn1/parser_aux.h,
5550 lib/minitasn1/structure.h, lib/minitasn1/version.c: Upgrade to
5551 libtasn1 version 2.6.
5553 2010-04-21 Simon Josefsson <simon@josefsson.org>
5555 * gl/Makefile.am, gl/m4/gnulib-comp.m4, gl/m4/ioctl.m4,
5556 gl/m4/netdb_h.m4, gl/stdbool.in.h, gl/tests/test-lseek.sh,
5557 gl/tests/test-select-in.sh, gl/tests/test-stdbool.c,
5558 gl/tests/test-stdint.c, lib/gl/Makefile.am, lib/gl/m4/netdb_h.m4,
5559 lib/gl/m4/visibility.m4, lib/gl/stdbool.in.h,
5560 lib/gl/tests/test-stdbool.c, lib/gl/tests/test-stdint.c,
5561 lib/gl/tests/test-vasprintf.c, maint.mk: Update gnulib files.
5563 2010-04-21 Simon Josefsson <simon@josefsson.org>
5565 * configure.ac: Structure fork check together.
5567 2010-04-15 Simon Josefsson <simon@josefsson.org>
5569 * lib/gnutls_priority.c: Fix compiler warning.
5571 2010-04-15 Simon Josefsson <simon@josefsson.org>
5573 * gl/override/top/maint.mk.diff, libextra/gl/hmac-md5.c,
5574 libextra/gl/md5.c, maint.mk: Update gnulib files.
5576 2010-04-15 Simon Josefsson <simon@josefsson.org>
5578 * lib/crypto-api.c, lib/gnutls_priority.c: Indent code.
5580 2010-04-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5582 * lib/crypto-api.c, lib/includes/gnutls/crypto.h: Use size_t instead
5583 of int for input variables that represent sizes.
5585 2010-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5587 * lib/gnutls_priority.c: Free the priority structure on error.
5588 Reported by Paul Aurich.
5590 2010-04-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5592 * lib/gnutls_priority.c: The string is colon separated. Reported by
5595 2010-04-14 Simon Josefsson <simon@josefsson.org>
5597 * lib/includes/gnutls/gnutls.h.in: Fix indent bug.
5599 2010-04-14 Simon Josefsson <simon@josefsson.org>
5601 * cfg.mk, doc/examples/examples.h, guile/src/errors.h,
5602 guile/src/utils.h, lib/auth_cert.h, lib/auth_dh_common.h,
5603 lib/crypto.h, lib/ext_oprfi.h, lib/ext_safe_renegotiation.h,
5604 lib/ext_session_ticket.h, lib/ext_signature.h,
5605 lib/gnutls_algorithms.h, lib/gnutls_cipher_int.h,
5606 lib/gnutls_compress.h, lib/gnutls_cryptodev.h, lib/gnutls_errors.h,
5607 lib/gnutls_extensions.h, lib/gnutls_hash_int.h, lib/gnutls_int.h,
5608 lib/gnutls_mpi.h, lib/gnutls_pk.h, lib/gnutls_sig.h,
5609 lib/gnutls_srp.h, lib/gnutls_state.h, lib/gnutls_str.h,
5610 lib/gnutls_supplemental.h, lib/includes/gnutls/crypto.h,
5611 lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
5612 lib/includes/gnutls/pkcs12.h, lib/includes/gnutls/x509.h,
5613 lib/opencdk/context.h, lib/opencdk/filters.h, lib/opencdk/keydb.h,
5614 lib/opencdk/main.h, lib/opencdk/opencdk.h, lib/opencdk/packet.h,
5615 lib/opencdk/stream.h, lib/opencdk/types.h,
5616 lib/openpgp/gnutls_openpgp.h, lib/openpgp/openpgp_int.h,
5617 lib/x509/pbkdf2-sha1.h, lib/x509/x509_int.h,
5618 libextra/includes/gnutls/extra.h,
5619 libextra/includes/gnutls/openssl.h, src/certtool-cfg.h,
5620 src/certtool-common.h, src/common.h: More indentation.
5622 2010-04-14 Simon Josefsson <simon@josefsson.org>
5626 2010-04-14 Simon Josefsson <simon@josefsson.org>
5630 2010-04-14 Simon Josefsson <simon@josefsson.org>
5634 2010-04-14 Simon Josefsson <simon@josefsson.org>
5636 * doc/manpages/Makefile.am: Generated.
5638 2010-04-14 Simon Josefsson <simon@josefsson.org>
5640 * doc/examples/ex-client-tlsia.c, doc/examples/ex-verify.c,
5641 doc/examples/ex-x509-info.c, lib/auth_cert.c, lib/auth_rsa.c,
5642 lib/ext_cert_type.c, lib/ext_max_record.c, lib/ext_oprfi.c,
5643 lib/ext_safe_renegotiation.c, lib/ext_server_name.c,
5644 lib/ext_session_ticket.c, lib/ext_signature.c,
5645 lib/gnutls_algorithms.c, lib/gnutls_auth.c, lib/gnutls_buffers.c,
5646 lib/gnutls_cert.c, lib/gnutls_cipher.c, lib/gnutls_compress.c,
5647 lib/gnutls_constate.c, lib/gnutls_extensions.c,
5648 lib/gnutls_global.c, lib/gnutls_handshake.c, lib/gnutls_kx.c,
5649 lib/gnutls_priority.c, lib/gnutls_record.c,
5650 lib/gnutls_session_pack.c, lib/gnutls_sig.c, lib/gnutls_state.c,
5651 lib/gnutls_v2_compat.c, lib/gnutls_x509.c,
5652 lib/minitasn1/decoding.c, lib/opencdk/read-packet.c,
5653 lib/opencdk/sig-check.c, lib/x509/pkcs12.c, lib/x509/verify.c,
5654 libextra/gl/hmac-md5.c, libextra/gl/md5.c, src/benchmark.c,
5655 src/certtool.c, src/cli.c, src/serv.c, src/tests.c, src/tls_test.c,
5656 tests/anonself.c, tests/certder.c, tests/chainverify.c,
5657 tests/crq_apis.c, tests/crq_key_id.c, tests/cve-2008-4989.c,
5658 tests/dhepskself.c, tests/dn.c, tests/dn2.c, tests/finished.c,
5659 tests/gc.c, tests/hostname-check.c, tests/init_roundtrip.c,
5660 tests/mini-eagain.c, tests/mini.c, tests/netconf-psk.c,
5661 tests/nul-in-x509-names.c, tests/openpgp-keyring.c,
5662 tests/openpgpself.c, tests/parse_ca.c, tests/pkcs12_encode.c,
5663 tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c, tests/pskself.c,
5664 tests/resume.c, tests/set_pkcs12_cred.c, tests/simple.c,
5665 tests/tlsia.c, tests/utils.c, tests/x509_altname.c, tests/x509dn.c,
5666 tests/x509self.c, tests/x509sign-verify.c, tests/x509signself.c:
5669 2010-04-14 Simon Josefsson <simon@josefsson.org>
5671 * NEWS, lib/crypto-api.c, lib/ext_safe_renegotiation.c,
5672 lib/gnutls_algorithms.c, lib/gnutls_cert.c, lib/libgnutls.map,
5673 lib/x509/x509.c: Export new ABIs. Doc fixes for new APIs.
5675 2010-04-14 Simon Josefsson <simon@josefsson.org>
5677 * tests/safe-renegotiation/Makefile.am: Disable self-test
5678 temporarily until we make it work cross-platform.
5680 2010-04-13 Simon Josefsson <simon@josefsson.org>
5682 * NEWS, lib/ext_safe_renegotiation.c, lib/gnutls_algorithms.c,
5683 lib/includes/gnutls/gnutls.h.in: Doc fixes.
5685 2010-04-13 Simon Josefsson <simon@josefsson.org>
5687 * doc/manpages/Makefile.am, src/certtool-gaa.c: Generated.
5689 2010-04-13 Simon Josefsson <simon@josefsson.org>
5691 * doc/reference/Makefile.am: Ignore c++defs.h.
5693 2010-04-13 Simon Josefsson <simon@josefsson.org>
5695 * .x-sc_prohibit_empty_lines_at_EOF, GNUmakefile,
5696 build-aux/c++defs.h, build-aux/warn-on-use.h, doc/certtool.cfg,
5697 doc/credentials/gnutls-http-serv, doc/credentials/params.pem,
5698 doc/credentials/x509/Makefile.am, doc/credentials/x509/cert.pem,
5699 doc/credentials/x509/clicert-dsa.pem, gl/Makefile.am, gl/fseeko.c,
5700 gl/m4/fseeko.m4, gl/m4/gnulib-common.m4, gl/m4/gnulib-comp.m4,
5701 gl/m4/lib-link.m4, gl/m4/memchr.m4, gl/m4/stdio_h.m4,
5702 gl/m4/stdlib_h.m4, gl/m4/string_h.m4, gl/m4/time_h.m4,
5703 gl/m4/unistd_h.m4, gl/m4/vasnprintf.m4, gl/stdio-impl.h,
5704 gl/stdio.in.h, gl/stdlib.in.h, gl/string.in.h, gl/sys_socket.in.h,
5705 gl/sys_stat.in.h, gl/sys_time.in.h, gl/tests/Makefile.am,
5706 gl/tests/ioctl.c, gl/tests/sys_ioctl.in.h,
5707 gl/tests/test-vasnprintf.c, gl/time.in.h, gl/unistd.in.h,
5708 gl/vasnprintf.c, gl/wchar.in.h, guile/modules/gnutls/extra.scm,
5709 guile/tests/x509-auth.scm, guile/tests/x509-certificate.pem,
5710 lib/build-aux/c++defs.h, lib/build-aux/warn-on-use.h,
5711 lib/ext_cert_type.h, lib/gl/Makefile.am, lib/gl/fseeko.c,
5712 lib/gl/m4/fseeko.m4, lib/gl/m4/gnulib-common.m4,
5713 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/lib-link.m4,
5714 lib/gl/m4/memchr.m4, lib/gl/m4/stdio_h.m4, lib/gl/m4/stdlib_h.m4,
5715 lib/gl/m4/string_h.m4, lib/gl/m4/threadlib.m4, lib/gl/m4/time_h.m4,
5716 lib/gl/m4/time_r.m4, lib/gl/m4/unistd_h.m4,
5717 lib/gl/m4/vasnprintf.m4, lib/gl/stdio-impl.h, lib/gl/stdio.in.h,
5718 lib/gl/stdlib.in.h, lib/gl/string.in.h, lib/gl/sys_socket.in.h,
5719 lib/gl/sys_stat.in.h, lib/gl/tests/Makefile.am,
5720 lib/gl/tests/test-vasnprintf.c, lib/gl/time.in.h, lib/gl/time_r.c,
5721 lib/gl/unistd.in.h, lib/gl/vasnprintf.c, lib/gl/wchar.in.h,
5722 lib/minitasn1/Makefile.am, lib/minitasn1/README,
5723 lib/opencdk/keydb.h, lib/opencdk/packet.h,
5724 libextra/gl/m4/gnulib-common.m4, libextra/gl/m4/gnulib-comp.m4,
5725 libextra/gl/m4/lib-link.m4, maint.mk, src/certtool.gaa,
5726 src/cfg/Makefile.am, src/crypt.gaa, src/tls_test.gaa,
5727 tests/key-id/ca-gnutls-keyid.pem, tests/key-id/ca-no-keyid.pem,
5728 tests/key-id/ca-weird-keyid.pem,
5729 tests/pkcs1-padding/pkcs1-pad-broken.pem,
5730 tests/pkcs1-padding/pkcs1-pad-broken2.pem,
5731 tests/pkcs1-padding/pkcs1-pad-broken3.pem,
5732 tests/pkcs1-padding/pkcs1-pad-ok.pem,
5733 tests/pkcs1-padding/pkcs1-pad-ok2.pem,
5734 tests/safe-renegotiation/Makefile.am, tests/test25.pem: Update
5735 gnulib files, fix syntax-check warnings.
5737 2010-03-31 Simon Josefsson <simon@josefsson.org>
5739 * .gitignore, gl/m4/wchar_h.m4, lib/gl/m4/wchar_h.m4: Add forgotten
5740 gnulib files, and fix .gitignore.
5742 2010-03-31 Simon Josefsson <simon@josefsson.org>
5746 2010-03-31 Simon Josefsson <simon@josefsson.org>
5748 * lib/po/LINGUAS, lib/po/it.po.in, lib/po/nl.po.in: Sync with TP.
5750 2010-03-31 Simon Josefsson <simon@josefsson.org>
5752 * .x-sc_program_name, .x-sc_the_the, cfg.mk,
5753 lib/ext_safe_renegotiation.c, lib/gnutls_handshake.c,
5754 lib/m4/hooks.m4, lib/opencdk/sig-check.c, src/certtool.c,
5755 src/serv.c, tests/dn.c, tests/mini.c: Update gnulib files. Fix
5756 syntax-check warnings.
5758 2010-03-31 Simon Josefsson <simon@josefsson.org>
5760 * build-aux/c++defs.h, build-aux/vc-list-files,
5761 build-aux/warn-on-use.h, gl/Makefile.am, gl/accept.c,
5762 gl/arpa_inet.in.h, gl/bind.c, gl/connect.c, gl/getaddrinfo.c,
5763 gl/gettext.h, gl/gettimeofday.c, gl/m4/arpa_inet_h.m4,
5764 gl/m4/getaddrinfo.m4, gl/m4/gettimeofday.m4,
5765 gl/m4/gnulib-common.m4, gl/m4/gnulib-comp.m4, gl/m4/inet_ntop.m4,
5766 gl/m4/inet_pton.m4, gl/m4/lseek.m4, gl/m4/netdb_h.m4,
5767 gl/m4/stddef_h.m4, gl/m4/stdio_h.m4, gl/m4/stdlib_h.m4,
5768 gl/m4/string_h.m4, gl/m4/sys_ioctl_h.m4, gl/m4/sys_select_h.m4,
5769 gl/m4/sys_socket_h.m4, gl/m4/sys_stat_h.m4, gl/m4/sys_time_h.m4,
5770 gl/m4/time_h.m4, gl/m4/unistd_h.m4, gl/m4/warn-on-use.m4,
5771 gl/m4/wchar.m4, gl/netdb.in.h, gl/netinet_in.in.h, gl/recv.c,
5772 gl/select.c, gl/send.c, gl/stdint.in.h, gl/stdio.in.h,
5773 gl/stdlib.in.h, gl/string.in.h, gl/sys_select.in.h,
5774 gl/sys_socket.in.h, gl/sys_stat.in.h, gl/sys_time.in.h,
5775 gl/tests/Makefile.am, gl/tests/ioctl.c, gl/tests/sys_ioctl.in.h,
5776 gl/tests/test-vc-list-files-git.sh, gl/time.in.h, gl/unistd.in.h,
5777 gl/wchar.in.h, lib/build-aux/c++defs.h,
5778 lib/build-aux/warn-on-use.h, lib/gl/Makefile.am, lib/gl/gettext.h,
5779 lib/gl/m4/gnulib-common.m4, lib/gl/m4/gnulib-comp.m4,
5780 lib/gl/m4/intldir.m4, lib/gl/m4/lseek.m4, lib/gl/m4/netdb_h.m4,
5781 lib/gl/m4/printf-posix.m4, lib/gl/m4/stddef_h.m4,
5782 lib/gl/m4/stdio_h.m4, lib/gl/m4/stdlib_h.m4, lib/gl/m4/string_h.m4,
5783 lib/gl/m4/strings_h.m4, lib/gl/m4/sys_socket_h.m4,
5784 lib/gl/m4/sys_stat_h.m4, lib/gl/m4/time_h.m4,
5785 lib/gl/m4/unistd_h.m4, lib/gl/m4/visibility.m4,
5786 lib/gl/m4/warn-on-use.m4, lib/gl/m4/wchar.m4, lib/gl/netdb.in.h,
5787 lib/gl/stdint.in.h, lib/gl/stdio.in.h, lib/gl/stdlib.in.h,
5788 lib/gl/string.in.h, lib/gl/sys_socket.in.h, lib/gl/sys_stat.in.h,
5789 lib/gl/tests/Makefile.am, lib/gl/time.in.h, lib/gl/unistd.in.h,
5790 lib/gl/wchar.in.h, libextra/gl/m4/gnulib-common.m4,
5791 libextra/gl/m4/gnulib-comp.m4, maint.mk: Update gnulib files.
5793 2010-03-30 Simon Josefsson <simon@josefsson.org>
5795 * m4/valgrind.m4: Check for what we use. Bump serial.
5797 2010-03-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5799 * m4/valgrind.m4, tests/Makefile.am: Valgrind -q is now set by the
5800 valgrind detection script to avoid issue when running tests without
5803 2010-03-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5805 * lib/gnutls_cert.c: increased small value for certificates. Typical
5806 certificates are much longer than that.
5808 2010-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5810 * configure.ac, tests/Makefile.am, tests/anonself.c,
5811 tests/certder.c, tests/chainverify.c, tests/crq_apis.c,
5812 tests/crq_key_id.c, tests/cve-2009-1415.c, tests/dhepskself.c,
5813 tests/dn.c, tests/dn2.c, tests/finished.c, tests/gc.c,
5814 tests/hostname-check.c, tests/init_roundtrip.c,
5815 tests/mini-eagain.c, tests/mini.c, tests/moredn.c, tests/mpi.c,
5816 tests/netconf-psk.c, tests/nul-in-x509-names.c,
5817 tests/openpgp-keyring.c, tests/openpgpself.c, tests/openssl.c,
5818 tests/parse_ca.c, tests/pkcs12_encode.c, tests/pkcs12_s2k.c,
5819 tests/pskself.c, tests/resume.c, tests/set_pkcs12_cred.c,
5820 tests/sha2/sha2, tests/simple.c, tests/tlsia.c,
5821 tests/x509_altname.c, tests/x509dn.c, tests/x509self.c,
5822 tests/x509sign-verify.c, tests/x509signself.c: Reduced several
5823 unneeded messages during the make check procedure. Verbose messages
5824 can be obtained with --verbose.
5826 2010-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5828 * doc/Makefile.am: use mv -f to avoid interactiveness.
5830 2010-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5832 * tests/dn2.c: Modified to account for postalcode.
5834 2010-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5836 * NEWS: added news entry for postalcode.
5838 2010-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5840 * lib/includes/gnutls/x509.h, lib/pkix.asn, lib/pkix_asn1_tab.c,
5841 lib/x509/common.c: Display postalCode and Name X.509 DN attributes
5842 correctly. Based on patch by Pavan Konjarla.
5844 2010-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5846 * lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
5847 lib/includes/gnutls/gnutls.h.in, src/serv-gaa.c, src/serv.gaa: Each
5848 ciphersuite is now tight with a minimum TLS version and a maximum
5849 one. It is valid if it is between (and including) those. This was
5850 added to deprecate TLS_RSA_EXPORT_WITH_RC4_40_MD5 which is not
5851 available with TLS 1.1. Reported by Adrian F. Dimcev.
5853 2010-03-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5855 * .gitignore: Ignore more files.
5857 2010-03-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5859 * NEWS, lib/auth_cert.c, lib/auth_cert.h, lib/gnutls_alert.c,
5860 lib/gnutls_cert.c, lib/includes/gnutls/gnutls.h.in,
5861 lib/libgnutls.map, src/cli.c: Added
5862 gnutls_certificate_set_verify_function() to allow checking
5863 (verifying) certificate before the handshake is completed.
5865 2010-03-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5867 * doc/examples/ex-rfc2818.c, doc/examples/ex-verify.c: Use the flags
5868 for expiration instead of getting the time of each certificate.
5870 2010-03-17 Simon Josefsson <simon@josefsson.org>
5872 * README-alpha: Mention datefudge.
5874 2010-03-17 Simon Josefsson <simon@josefsson.org>
5876 * tests/pkcs1-padding/pkcs1-pad: Skip test if datefudge is not
5879 2010-03-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5881 * lib/gnutls_priority.c: INITIAL_SAFE_RENEGOTIATION implies
5884 2010-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5886 * lib/includes/gnutls/gnutls.h.in: Added missing prototype.
5888 2010-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5890 * tests/safe-renegotiation/testsrn: made SAFE_RENEGOTIATION flags
5893 2010-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5895 * lib/x509/verify.c, src/certtool.c: gnutls_x509_crt_verify() and
5896 gnutls_x509_crt_list_verify() behave identically. That means that
5897 gnutls_x509_crt_verify() will now check dates as well. Certool --verify-chain will use the GNUTLS_VERIFY_DO_NOT_ALLOW_SAME
5898 flag to gnutls_x509_crt_verify() to force verification even if
5899 certificates are the same. The only exception is at the final
5900 certificate (self-checking) where the extra flag
5901 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT is specified to allow for v1 CA
5904 2010-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5906 * lib/x509/common.c: Handle dates before 1-1-1970 (handle as being
5909 2010-03-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5911 * tests/pkcs1-padding/pkcs1-pad: Fail if required programs are not
5914 2010-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5916 * NEWS, doc/manpages/gnutls-cli.1, doc/manpages/gnutls-serv.1,
5917 lib/ext_safe_renegotiation.c, lib/gnutls_priority.c,
5918 lib/gnutls_record.c: Safe renegotiation is not enabled by default in
5921 2010-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5923 * doc/manpages/gnutls-cli.1, lib/gnutls_priority.c: better
5924 documentation for %INITIAL_SAFE_RENEGOTIATION
5926 2010-03-15 Simon Josefsson <simon@josefsson.org>
5930 2010-03-15 Simon Josefsson <simon@josefsson.org>
5932 * tests/openpgp-certs/Makefile.am, tests/openpgp-certs/testselfsigs:
5933 Rewrite tests/openpgp-certs/testselfsigs portably for Solaris. Fix
5936 2010-03-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5938 * tests/safe-renegotiation/testsrn: localhost -> 127.0.0.1 to work
5939 in places where localhost does not resolve.
5941 2010-03-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5943 * NEWS, lib/includes/gnutls/x509.h, lib/x509/verify.c: Extended time
5944 verification to trusted certificate list as well. Introduced the
5945 flag GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS that will prevent the
5946 trusted certificate list verification.
5948 2010-03-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5950 * src/tests.c, src/tests.h, src/tls_test.c: Added tests for safe
5951 renegotiation. Removed old tests for obsolete features (lzo) and
5952 tests that were not actually working (srp).
5954 2010-03-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5956 * lib/gnutls_extensions.c, lib/gnutls_extensions.h,
5957 lib/gnutls_handshake.c, lib/includes/gnutls/gnutls.h.in,
5958 tests/safe-renegotiation/testsrn: Extension generation in SSL 3.0
5959 (as a reply to SCSV) is not using common code with normal extension
5960 generation. Solve issue reported by Tomas Mraz that caused SSL 3.0
5963 2010-03-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5965 * lib/x509/verify.c: Removed artificial constrained that prevented
5966 end-user certificates, being added to the trusted list, treated as
5967 trusted. Suggestion and patch by Tomas Mraz.
5969 2010-03-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5971 * doc/manpages/gnutls-cli.1: Documented that
5972 initial_safe_renegotiation is the default.
5974 2010-03-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5976 * src/serv.c: gnutls-serv will terminate connection on rehandshake
5979 2010-03-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5981 * lib/gnutls_alert.c, lib/gnutls_errors.c, lib/gnutls_handshake.c,
5982 lib/includes/gnutls/gnutls.h.in: Avoid sending alerts during
5983 handshake. Alerts might be interrupted and return a non-fatal error
5984 which will propagate and in many cases it shouldn't. Avoid sending no renegotiation alert when a client connects to an
5985 unsafe server. Thanks to Tomas Hoger for the report.
5987 2010-02-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
5989 * src/cli.c: On handshake error send appropriate alert and terminate
5992 2010-02-18 Simon Josefsson <simon@josefsson.org>
5994 * doc/reference/gnutls-docs.sgml: Add id's to chapters.
5996 2010-02-18 Simon Josefsson <simon@josefsson.org>
5998 * .gitignore: Update.
6000 2010-02-18 Simon Josefsson <simon@josefsson.org>
6002 * lib/po/zh_CN.po: Remove.
6004 2010-02-18 Simon Josefsson <simon@josefsson.org>
6006 * src/Makefile.am: Fix -lrt usage.
6008 2010-02-18 Simon Josefsson <simon@josefsson.org>
6010 * src/benchmark.c: Use gnulib gettime module. Indent.
6012 2010-02-18 Simon Josefsson <simon@josefsson.org>
6014 * lib/po/zh_CN.po: Add.
6016 2010-02-18 Simon Josefsson <simon@josefsson.org>
6018 * lib/gl/netdb.in.h: Update gnulib files.
6020 2010-02-18 Simon Josefsson <simon@josefsson.org>
6022 * gl/Makefile.am, gl/gettime.c, gl/gettimeofday.c,
6023 gl/m4/clock_time.m4, gl/m4/gettime.m4, gl/m4/gnulib-cache.m4,
6024 gl/m4/gnulib-comp.m4, gl/m4/timespec.m4, gl/netdb.in.h,
6025 gl/tests/Makefile.am, gl/tests/gettimeofday.c, gl/timespec.h: Update
6028 2010-02-17 Simon Josefsson <simon@josefsson.org>
6030 * lib/cryptodev.c: Indent. Don't include fcntl.h and sys/ioctl.h on
6031 (for example) Windows.
6033 2010-02-17 Simon Josefsson <simon@josefsson.org>
6035 * tests/safe-renegotiation/testsrn: Fix objdir != srcdir.
6037 2010-02-17 Simon Josefsson <simon@josefsson.org>
6039 * tests/safe-renegotiation/testsrn: Drop bashism. Make it work on
6042 2010-02-17 Simon Josefsson <simon@josefsson.org>
6046 2010-02-17 Simon Josefsson <simon@josefsson.org>
6050 2010-02-17 Simon Josefsson <simon@josefsson.org>
6052 * doc/manpages/Makefile.am: Generated.
6054 2010-02-17 Simon Josefsson <simon@josefsson.org>
6056 * doc/reference/Makefile.am, doc/reference/gnutls-docs.sgml,
6057 lib/ext_safe_renegotiation.c, lib/ext_signature.c,
6058 lib/gnutls_supplemental.c: More GTK-DOC fixes.
6060 2010-02-17 Simon Josefsson <simon@josefsson.org>
6062 * lib/gnutls_db.c: Doc fix.
6064 2010-02-17 Simon Josefsson <simon@josefsson.org>
6066 * lib/openpgp/gnutls_openpgp.c: Doc fix.
6068 2010-02-17 Simon Josefsson <simon@josefsson.org>
6070 * lib/includes/gnutls/gnutls.h.in: Doc fix.
6072 2010-02-17 Simon Josefsson <simon@josefsson.org>
6074 * lib/includes/gnutls/gnutls.h.in: Fix enum doc.
6076 2010-02-17 Simon Josefsson <simon@josefsson.org>
6078 * lib/includes/gnutls/gnutls.h.in: More enum docs.
6080 2010-02-17 Simon Josefsson <simon@josefsson.org>
6082 * lib/includes/gnutls/crypto.h: More enum documentation.
6084 2010-02-17 Simon Josefsson <simon@josefsson.org>
6086 * libextra/gnutls_ia.c: Doc fix.
6088 2010-02-17 Simon Josefsson <simon@josefsson.org>
6090 * lib/includes/gnutls/x509.h: More enum documentation.
6092 2010-02-17 Simon Josefsson <simon@josefsson.org>
6094 * libextra/includes/gnutls/extra.h: Document more.
6096 2010-02-17 Simon Josefsson <simon@josefsson.org>
6098 * lib/includes/gnutls/openpgp.h: Document more.
6100 2010-02-17 Simon Josefsson <simon@josefsson.org>
6102 * lib/includes/gnutls/pkcs12.h: Document enum.
6104 2010-02-17 Simon Josefsson <simon@josefsson.org>
6106 * lib/includes/gnutls/gnutls.h.in: More enum.
6108 2010-02-17 Simon Josefsson <simon@josefsson.org>
6110 * lib/includes/gnutls/gnutls.h.in: Fix typo.
6112 2010-02-17 Simon Josefsson <simon@josefsson.org>
6114 * lib/includes/gnutls/gnutls.h.in: More GTK-DOC documentation.
6116 2010-02-17 Simon Josefsson <simon@josefsson.org>
6118 * lib/includes/gnutls/gnutls.h.in: Improve GTK-DOC coverage.
6120 2010-02-17 Simon Josefsson <simon@josefsson.org>
6122 * lib/includes/gnutls/crypto.h: Fix comments, for GTK-DOC.
6124 2010-02-17 Simon Josefsson <simon@josefsson.org>
6126 * doc/reference/Makefile.am: Ignore more headers.
6128 2010-02-17 Simon Josefsson <simon@josefsson.org>
6130 * lib/x509/crl.c: Doc fix.
6132 2010-02-17 Simon Josefsson <simon@josefsson.org>
6134 * lib/includes/gnutls/crypto.h: Fix for GTK-DOC parse breakage.
6136 2010-02-17 Simon Josefsson <simon@josefsson.org>
6138 * doc/reference/Makefile.am: Ignore gnutlsxx.h too, GTK-DOC doesn't
6141 2010-02-17 Simon Josefsson <simon@josefsson.org>
6143 * doc/reference/Makefile.am: Need crypto.h too.
6145 2010-02-17 Simon Josefsson <simon@josefsson.org>
6147 * doc/reference/Makefile.am: Improve header ignores.
6149 2010-02-17 Simon Josefsson <simon@josefsson.org>
6151 * lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
6152 lib/minitasn1/element.c, lib/minitasn1/errors.c,
6153 lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
6154 lib/minitasn1/structure.c: Upgrade to libtasn1 2.5 snapshot, for
6157 2010-02-17 Simon Josefsson <simon@josefsson.org>
6159 * lib/includes/gnutls/openpgp.h: Another GTK-DOC fix.
6161 2010-02-17 Simon Josefsson <simon@josefsson.org>
6163 * lib/auth_srp_sb64.c, lib/crypto-api.c, lib/crypto.c,
6164 lib/ext_safe_renegotiation.c, lib/ext_server_name.c,
6165 lib/ext_signature.c, lib/gnutls_alert.c, lib/gnutls_algorithms.c,
6166 lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_buffers.c,
6167 lib/gnutls_cert.c, lib/gnutls_compress.c, lib/gnutls_db.c,
6168 lib/gnutls_dh_primes.c, lib/gnutls_errors.c,
6169 lib/gnutls_extensions.c, lib/gnutls_global.c,
6170 lib/gnutls_handshake.c, lib/gnutls_mem.c, lib/gnutls_priority.c,
6171 lib/gnutls_psk.c, lib/gnutls_psk_netconf.c, lib/gnutls_record.c,
6172 lib/gnutls_rsa_export.c, lib/gnutls_session.c, lib/gnutls_srp.c,
6173 lib/gnutls_state.c, lib/gnutls_str.c, lib/gnutls_ui.c,
6174 lib/gnutls_x509.c, lib/includes/gnutls/crypto.h,
6175 lib/opencdk/stream.c, lib/openpgp/compat.c, lib/openpgp/extras.c,
6176 lib/openpgp/gnutls_openpgp.c, lib/openpgp/output.c,
6177 lib/openpgp/pgp.c, lib/openpgp/pgpverify.c, lib/openpgp/privkey.c,
6178 lib/x509/common.c, lib/x509/crl.c, lib/x509/crl_write.c,
6179 lib/x509/crq.c, lib/x509/dn.c, lib/x509/output.c,
6180 lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c, lib/x509/pkcs7.c,
6181 lib/x509/privkey.c, lib/x509/privkey_pkcs8.c,
6182 lib/x509/rfc2818_hostname.c, lib/x509/verify.c, lib/x509/x509.c,
6183 lib/x509/x509_write.c, lib/x509_b64.c, libextra/gnutls_extra.c,
6184 libextra/gnutls_ia.c, libextra/openssl_compat.c: Fix GTK-DOC syntax.
6185 Unfortunately this looses some information.
6187 2010-02-17 Simon Josefsson <simon@josefsson.org>
6189 * lib/auth_srp_sb64.c, lib/crypto-api.c,
6190 lib/ext_safe_renegotiation.c, lib/gnutls_anon_cred.c,
6191 lib/gnutls_auth.c, lib/gnutls_cert.c, lib/gnutls_db.c,
6192 lib/gnutls_dh.c, lib/gnutls_handshake.c, lib/gnutls_mem.c,
6193 lib/gnutls_priority.c, lib/gnutls_psk.c, lib/gnutls_record.c,
6194 lib/gnutls_session.c, lib/gnutls_srp.c, lib/gnutls_state.c,
6195 lib/gnutls_x509.c, lib/x509/crl.c, lib/x509/crl_write.c,
6196 lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c, lib/x509/pkcs7.c,
6197 lib/x509/privkey.c, lib/x509/privkey_pkcs8.c, lib/x509/sign.c,
6198 lib/x509/verify.c, lib/x509/x509.c, lib/x509/x509_write.c,
6199 libextra/openssl_compat.c: Align indentation of GTK-DOC comments.
6201 2010-02-17 Simon Josefsson <simon@josefsson.org>
6203 * lib/po/vi.po.in: Sync with TP.
6205 2010-02-17 Simon Josefsson <simon@josefsson.org>
6207 * doc/examples/Makefile.am: Silence gnulib warning about fseek.
6209 2010-02-17 Simon Josefsson <simon@josefsson.org>
6211 * build-aux/gendocs.sh, build-aux/gnupload, gl/Makefile.am,
6212 gl/m4/getdelim.m4, gl/m4/getline.m4, gl/m4/gettimeofday.m4,
6213 gl/m4/gnulib-comp.m4, gl/m4/stdio_h.m4, gl/m4/sys_time_h.m4,
6214 gl/netdb.in.h, gl/stdio.in.h, gl/sys_time.in.h,
6215 gl/tests/test-getdelim.c, gl/tests/test-getline.c,
6216 gl/tests/test-gettimeofday.c, lib/gl/Makefile.am,
6217 lib/gl/m4/stdio_h.m4, lib/gl/netdb.in.h, lib/gl/stdio.in.h,
6218 maint.mk: Update gnulib files.
6220 2010-02-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6222 * lib/gnutls_session_pack.c: Corrected calculation of session data
6223 for PSK ciphersuites. Solves issue #107256 reported by Wolfgang
6226 2010-02-03 Simon Josefsson <simon@josefsson.org>
6228 * doc/ANNOUNCE: Add announcement message.
6230 2010-01-27 Simon Josefsson <simon@josefsson.org>
6234 2010-01-27 Simon Josefsson <simon@josefsson.org>
6238 2010-01-27 Simon Josefsson <simon@josefsson.org>
6240 * lib/po/LINGUAS, lib/po/cs.po.in, lib/po/de.po.in,
6241 lib/po/fr.po.in, lib/po/ms.po.in, lib/po/nl.po.in, lib/po/pl.po.in,
6242 lib/po/sv.po.in, lib/po/zh_CN.po.in: Sync with TP.
6244 2010-01-27 Simon Josefsson <simon@josefsson.org>
6246 * build-aux/gnupload, doc/gendocs_template,
6247 gl/tests/test-gettimeofday.c, gl/tests/test-memchr.c,
6248 gl/tests/test-read-file.c, gl/tests/test-sockets.c,
6249 lib/gl/tests/test-memchr.c, lib/gl/tests/test-read-file.c,
6250 lib/gl/tests/test-sockets.c: Update gnulib files.
6252 2010-01-27 Simon Josefsson <simon@josefsson.org>
6256 2010-01-27 Simon Josefsson <simon@josefsson.org>
6258 * NEWS, lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
6259 lib/minitasn1/element.c, lib/minitasn1/errors.c,
6260 lib/minitasn1/gstr.c, lib/minitasn1/int.h,
6261 lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
6262 lib/minitasn1/structure.c: Use libtasn1 v2.4.
6264 2010-01-27 Simon Josefsson <simon@josefsson.org>
6266 * lib/gnutls.pc.in: Fix license.
6268 2010-01-27 Simon Josefsson <simon@josefsson.org>
6270 * .clcopying: Fix license.
6272 2010-01-27 Simon Josefsson <simon@josefsson.org>
6274 * AUTHORS: Fix license.
6276 2010-01-27 Simon Josefsson <simon@josefsson.org>
6278 * tests/key-id/README, tests/libgcrypt.supp,
6279 tests/rsa-md5-collision/Makefile.am,
6280 tests/rsa-md5-collision/README, tests/rsa-md5-collision/mbox,
6281 tests/userid/userid.pem: License fix.
6283 2010-01-27 Simon Josefsson <simon@josefsson.org>
6285 * ChangeLog, cfg.mk, configure.ac, doc/Makefile.am,
6286 doc/credentials/Makefile.am, doc/cyclo/Makefile.am, doc/errcodes.c,
6287 doc/examples/Makefile.am, doc/extract-guile-c-doc.scm,
6288 doc/gendocs_template, doc/manpages/Makefile.am, doc/printlist.c,
6289 gl/gnulib.mk, gl/m4/onceonly_2_57.m4, gl/tests/gnulib.mk,
6290 guile/Makefile.am, guile/modules/Makefile.am,
6291 guile/modules/gnutls.scm, guile/modules/gnutls/build/enums.scm,
6292 guile/modules/gnutls/build/priorities.scm,
6293 guile/modules/gnutls/build/smobs.scm,
6294 guile/modules/gnutls/build/utils.scm,
6295 guile/modules/gnutls/extra.scm,
6296 guile/modules/system/documentation/c-snarf.scm,
6297 guile/modules/system/documentation/output.scm,
6298 guile/pre-inst-guile.in, guile/src/Makefile.am, guile/src/core.c,
6299 guile/src/errors.c, guile/src/errors.h, guile/src/extra.c,
6300 guile/src/make-enum-header.scm, guile/src/make-enum-map.scm,
6301 guile/src/make-session-priorities.scm,
6302 guile/src/make-smob-header.scm, guile/src/make-smob-types.scm,
6303 guile/src/utils.c, guile/src/utils.h, guile/tests/Makefile.am,
6304 guile/tests/anonymous-auth.scm, guile/tests/errors.scm,
6305 guile/tests/openpgp-auth.scm, guile/tests/openpgp-keyring.scm,
6306 guile/tests/openpgp-keys.scm, guile/tests/pkcs-import-export.scm,
6307 guile/tests/session-record-port.scm, guile/tests/srp-base64.scm,
6308 guile/tests/x509-auth.scm, guile/tests/x509-certificates.scm,
6309 lib/Makefile.am, lib/auth_anon.c, lib/auth_anon.h, lib/auth_cert.c,
6310 lib/auth_cert.h, lib/auth_dh_common.c, lib/auth_dh_common.h,
6311 lib/auth_dhe.c, lib/auth_dhe_psk.c, lib/auth_psk.c, lib/auth_psk.h,
6312 lib/auth_psk_passwd.c, lib/auth_psk_passwd.h, lib/auth_rsa.c,
6313 lib/auth_rsa_export.c, lib/auth_srp.c, lib/auth_srp.h,
6314 lib/auth_srp_passwd.c, lib/auth_srp_passwd.h, lib/auth_srp_rsa.c,
6315 lib/auth_srp_sb64.c, lib/cipher-libgcrypt.c, lib/configure.ac,
6316 lib/crypto-api.c, lib/crypto.c, lib/crypto.h, lib/cryptodev.c,
6317 lib/debug.c, lib/debug.h, lib/ext_cert_type.c, lib/ext_cert_type.h,
6318 lib/ext_max_record.c, lib/ext_max_record.h, lib/ext_oprfi.c,
6319 lib/ext_oprfi.h, lib/ext_safe_renegotiation.c,
6320 lib/ext_safe_renegotiation.h, lib/ext_server_name.c,
6321 lib/ext_server_name.h, lib/ext_session_ticket.c,
6322 lib/ext_session_ticket.h, lib/ext_signature.c, lib/ext_signature.h,
6323 lib/ext_srp.c, lib/ext_srp.h, lib/gnutls_alert.c,
6324 lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
6325 lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_auth.h,
6326 lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_cert.c,
6327 lib/gnutls_cert.h, lib/gnutls_cipher.c, lib/gnutls_cipher.h,
6328 lib/gnutls_cipher_int.h, lib/gnutls_compress.c,
6329 lib/gnutls_compress.h, lib/gnutls_constate.c,
6330 lib/gnutls_constate.h, lib/gnutls_datum.c, lib/gnutls_datum.h,
6331 lib/gnutls_db.c, lib/gnutls_db.h, lib/gnutls_dh.c, lib/gnutls_dh.h,
6332 lib/gnutls_dh_primes.c, lib/gnutls_errors.c, lib/gnutls_errors.h,
6333 lib/gnutls_extensions.c, lib/gnutls_extensions.h,
6334 lib/gnutls_global.c, lib/gnutls_global.h, lib/gnutls_handshake.c,
6335 lib/gnutls_handshake.h, lib/gnutls_hash_int.c,
6336 lib/gnutls_hash_int.h, lib/gnutls_helper.c, lib/gnutls_int.h,
6337 lib/gnutls_kx.c, lib/gnutls_kx.h, lib/gnutls_mem.c,
6338 lib/gnutls_mem.h, lib/gnutls_mpi.c, lib/gnutls_mpi.h,
6339 lib/gnutls_num.c, lib/gnutls_num.h, lib/gnutls_pk.c,
6340 lib/gnutls_pk.h, lib/gnutls_priority.c, lib/gnutls_psk.c,
6341 lib/gnutls_psk_netconf.c, lib/gnutls_record.c, lib/gnutls_record.h,
6342 lib/gnutls_rsa_export.c, lib/gnutls_rsa_export.h,
6343 lib/gnutls_session.c, lib/gnutls_session_pack.c,
6344 lib/gnutls_session_pack.h, lib/gnutls_sig.c, lib/gnutls_sig.h,
6345 lib/gnutls_srp.c, lib/gnutls_srp.h, lib/gnutls_state.c,
6346 lib/gnutls_state.h, lib/gnutls_str.c, lib/gnutls_str.h,
6347 lib/gnutls_supplemental.c, lib/gnutls_supplemental.h,
6348 lib/gnutls_ui.c, lib/gnutls_v2_compat.c, lib/gnutls_v2_compat.h,
6349 lib/gnutls_x509.c, lib/gnutls_x509.h, lib/includes/Makefile.am,
6350 lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
6351 lib/includes/gnutls/openpgp.h, lib/includes/gnutls/pkcs12.h,
6352 lib/includes/gnutls/x509.h, lib/libgnutls.map, lib/libgnutlsxx.map,
6353 lib/m4/hooks.m4, lib/mac-libgcrypt.c, lib/minitasn1/Makefile.am,
6354 lib/minitasn1/gstr.c, lib/minitasn1/int.h,
6355 lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
6356 lib/minitasn1/structure.c, lib/mpi-libgcrypt.c,
6357 lib/opencdk/Makefile.am, lib/opencdk/armor.c,
6358 lib/opencdk/context.h, lib/opencdk/filters.h, lib/opencdk/hash.c,
6359 lib/opencdk/kbnode.c, lib/opencdk/keydb.c, lib/opencdk/literal.c,
6360 lib/opencdk/main.c, lib/opencdk/main.h, lib/opencdk/misc.c,
6361 lib/opencdk/new-packet.c, lib/opencdk/opencdk.h,
6362 lib/opencdk/packet.h, lib/opencdk/pubkey.c,
6363 lib/opencdk/read-packet.c, lib/opencdk/seskey.c,
6364 lib/opencdk/sig-check.c, lib/opencdk/stream.c,
6365 lib/opencdk/stream.h, lib/opencdk/types.h, lib/opencdk/verify.c,
6366 lib/opencdk/write-packet.c, lib/openpgp/Makefile.am,
6367 lib/openpgp/compat.c, lib/openpgp/extras.c,
6368 lib/openpgp/gnutls_openpgp.c, lib/openpgp/output.c,
6369 lib/openpgp/pgp.c, lib/openpgp/pgpverify.c, lib/openpgp/privkey.c,
6370 lib/pk-libgcrypt.c, lib/po/cs.po.in, lib/po/de.po.in,
6371 lib/po/fr.po.in, lib/po/ms.po.in, lib/po/nl.po.in, lib/po/pl.po.in,
6372 lib/po/sv.po.in, lib/random.c, lib/random.h, lib/rnd-libgcrypt.c,
6373 lib/x509/Makefile.am, lib/x509/common.c, lib/x509/common.h,
6374 lib/x509/crl.c, lib/x509/crl_write.c, lib/x509/crq.c,
6375 lib/x509/dn.c, lib/x509/extensions.c, lib/x509/mpi.c,
6376 lib/x509/output.c, lib/x509/pbkdf2-sha1.c, lib/x509/pkcs12.c,
6377 lib/x509/pkcs12_bag.c, lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c,
6378 lib/x509/privkey.c, lib/x509/privkey_pkcs8.c,
6379 lib/x509/rfc2818_hostname.c, lib/x509/sign.c, lib/x509/verify.c,
6380 lib/x509/x509.c, lib/x509/x509_int.h, lib/x509/x509_write.c,
6381 lib/x509_b64.c, lib/x509_b64.h, libextra/Makefile.am,
6382 libextra/configure.ac, libextra/ext_inner_application.c,
6383 libextra/ext_inner_application.h, libextra/fipsmd5.c,
6384 libextra/gl/Makefile.am, libextra/gnutls-extra.pc.in,
6385 libextra/gnutls_extra.c, libextra/gnutls_ia.c,
6386 libextra/gnutls_openssl.c, libextra/includes/Makefile.am,
6387 libextra/includes/gnutls/extra.h,
6388 libextra/includes/gnutls/openssl.h, libextra/libgnutls-extra.map,
6389 libextra/m4/hooks.m4, libextra/openssl_compat.c,
6390 libextra/openssl_compat.h, m4/guile.m4, m4/valgrind.m4,
6391 src/Makefile.am, src/common.c, src/serv.c, tests/Makefile.am,
6392 tests/anonself.c, tests/certder.c,
6393 tests/certificate_set_x509_crl.c, tests/chainverify.c,
6394 tests/crq_apis.c, tests/crq_key_id.c, tests/crypto_rng.c,
6395 tests/cve-2008-4989.c, tests/cve-2009-1415.c,
6396 tests/cve-2009-1416.c, tests/dhepskself.c, tests/dn.c, tests/dn2.c,
6397 tests/finished.c, tests/gc.c, tests/hostname-check.c,
6398 tests/init_roundtrip.c, tests/key-id/Makefile.am,
6399 tests/key-id/key-id, tests/mini-eagain.c, tests/mini.c,
6400 tests/moredn.c, tests/mpi.c, tests/netconf-psk.c,
6401 tests/nist-pkits/pkits, tests/nist-pkits/pkits_crl,
6402 tests/nist-pkits/pkits_crt, tests/nist-pkits/pkits_pkcs12,
6403 tests/nist-pkits/pkits_smime, tests/nul-in-x509-names.c,
6404 tests/openpgp-certs/Makefile.am, tests/openpgp-keyring.c,
6405 tests/openpgpself.c, tests/openssl.c, tests/oprfi.c,
6406 tests/parse_ca.c, tests/pathlen/Makefile.am, tests/pathlen/pathlen,
6407 tests/pgps2kgnu.c, tests/pkcs1-padding/Makefile.am,
6408 tests/pkcs1-padding/pkcs1-pad, tests/pkcs12-decode/Makefile.am,
6409 tests/pkcs12-decode/pkcs12, tests/pkcs12_encode.c,
6410 tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c,
6411 tests/pkcs8-decode/Makefile.am, tests/pkcs8-decode/pkcs8,
6412 tests/pskself.c, tests/resume.c, tests/rfc2253-escape-test,
6413 tests/rsa-md5-collision/Makefile.am,
6414 tests/rsa-md5-collision/rsa-md5-collision, tests/set_pkcs12_cred.c,
6415 tests/setcredcrash.c, tests/sha2/Makefile.am, tests/sha2/sha2,
6416 tests/simple.c, tests/tlsia.c, tests/userid/Makefile.am,
6417 tests/userid/userid, tests/utils.c, tests/utils.h,
6418 tests/x509_altname.c, tests/x509dn.c, tests/x509paths/chain,
6419 tests/x509self.c, tests/x509sign-verify.c, tests/x509signself.c:
6420 Update copyright years.
6422 2010-01-27 Simon Josefsson <simon@josefsson.org>
6424 * Makefile.am: Fix license.
6426 2010-01-27 Simon Josefsson <simon@josefsson.org>
6428 * README: Fix license.
6430 2010-01-27 Simon Josefsson <simon@josefsson.org>
6432 * README-alpha: Fix license.
6434 2010-01-27 Simon Josefsson <simon@josefsson.org>
6436 * src/cli.c: Fix license.
6438 2010-01-27 Simon Josefsson <simon@josefsson.org>
6440 * src/crypt.c: Fix license.
6442 2010-01-27 Simon Josefsson <simon@josefsson.org>
6444 * src/tls_test.c: Fix license.
6446 2010-01-27 Simon Josefsson <simon@josefsson.org>
6448 * src/tests.c: Fix license.
6450 2010-01-27 Simon Josefsson <simon@josefsson.org>
6452 * src/psk.c: Fix license.
6454 2010-01-27 Simon Josefsson <simon@josefsson.org>
6456 * src/prime.c: Fix license.
6458 2010-01-27 Simon Josefsson <simon@josefsson.org>
6460 * src/certtool.c: Fix license.
6462 2010-01-27 Simon Josefsson <simon@josefsson.org>
6464 * src/certtool-cfg.c: Fix copyright/license.
6466 2010-01-27 Simon Josefsson <simon@josefsson.org>
6468 * src/benchmark.c: Indent and fix copyright notices.
6470 2010-01-27 Simon Josefsson <simon@josefsson.org>
6472 * build-aux/gnupload, gl/tests/test-gettimeofday.c,
6473 gl/tests/test-memchr.c, gl/tests/test-read-file.c,
6474 gl/tests/test-sockets.c, lib/gl/tests/test-memchr.c,
6475 lib/gl/tests/test-read-file.c, lib/gl/tests/test-sockets.c: Update
6478 2010-01-27 Simon Josefsson <simon@josefsson.org>
6480 * ChangeLog, ChangeLog.1, THANKS, build-aux/gnupload, cfg.mk,
6481 doc/Makefile.am, doc/credentials/Makefile.am,
6482 doc/cyclo/Makefile.am, doc/errcodes.c, doc/examples/Makefile.am,
6483 doc/extract-guile-c-doc.scm, doc/manpages/Makefile.am,
6484 doc/printlist.c, gl/tests/test-gettimeofday.c,
6485 gl/tests/test-memchr.c, gl/tests/test-read-file.c,
6486 gl/tests/test-sockets.c, guile/Makefile.am,
6487 guile/modules/Makefile.am, guile/modules/gnutls.scm,
6488 guile/modules/gnutls/build/enums.scm,
6489 guile/modules/gnutls/build/priorities.scm,
6490 guile/modules/gnutls/build/smobs.scm,
6491 guile/modules/gnutls/build/utils.scm,
6492 guile/modules/gnutls/extra.scm,
6493 guile/modules/system/documentation/c-snarf.scm,
6494 guile/modules/system/documentation/output.scm,
6495 guile/pre-inst-guile.in, guile/src/errors.h,
6496 guile/src/make-enum-header.scm, guile/src/make-enum-map.scm,
6497 guile/src/make-session-priorities.scm,
6498 guile/src/make-smob-header.scm, guile/src/make-smob-types.scm,
6499 guile/src/utils.h, guile/tests/anonymous-auth.scm,
6500 guile/tests/errors.scm, guile/tests/openpgp-auth.scm,
6501 guile/tests/openpgp-keyring.scm, guile/tests/openpgp-keys.scm,
6502 guile/tests/pkcs-import-export.scm,
6503 guile/tests/session-record-port.scm, guile/tests/srp-base64.scm,
6504 guile/tests/x509-auth.scm, guile/tests/x509-certificates.scm,
6505 lib/Makefile.am, lib/auth_anon.c, lib/auth_anon.h, lib/auth_cert.c,
6506 lib/auth_cert.h, lib/auth_dh_common.c, lib/auth_dh_common.h,
6507 lib/auth_dhe.c, lib/auth_dhe_psk.c, lib/auth_psk.c, lib/auth_psk.h,
6508 lib/auth_psk_passwd.c, lib/auth_psk_passwd.h, lib/auth_rsa.c,
6509 lib/auth_rsa_export.c, lib/auth_srp.c, lib/auth_srp.h,
6510 lib/auth_srp_passwd.c, lib/auth_srp_passwd.h, lib/auth_srp_rsa.c,
6511 lib/auth_srp_sb64.c, lib/cipher-libgcrypt.c, lib/crypto-api.c,
6512 lib/crypto.c, lib/crypto.h, lib/cryptodev.c, lib/debug.c,
6513 lib/debug.h, lib/ext_cert_type.c, lib/ext_cert_type.h,
6514 lib/ext_max_record.c, lib/ext_max_record.h, lib/ext_oprfi.c,
6515 lib/ext_oprfi.h, lib/ext_safe_renegotiation.c,
6516 lib/ext_safe_renegotiation.h, lib/ext_server_name.c,
6517 lib/ext_server_name.h, lib/ext_session_ticket.c,
6518 lib/ext_session_ticket.h, lib/ext_signature.c, lib/ext_signature.h,
6519 lib/ext_srp.c, lib/ext_srp.h, lib/gl/tests/test-memchr.c,
6520 lib/gl/tests/test-read-file.c, lib/gl/tests/test-sockets.c,
6521 lib/gnutls_alert.c, lib/gnutls_algorithms.c,
6522 lib/gnutls_algorithms.h, lib/gnutls_anon_cred.c, lib/gnutls_auth.c,
6523 lib/gnutls_auth.h, lib/gnutls_buffers.c, lib/gnutls_buffers.h,
6524 lib/gnutls_cert.c, lib/gnutls_cert.h, lib/gnutls_cipher.c,
6525 lib/gnutls_cipher.h, lib/gnutls_cipher_int.c,
6526 lib/gnutls_cipher_int.h, lib/gnutls_compress.c,
6527 lib/gnutls_compress.h, lib/gnutls_constate.c,
6528 lib/gnutls_constate.h, lib/gnutls_datum.c, lib/gnutls_datum.h,
6529 lib/gnutls_db.c, lib/gnutls_db.h, lib/gnutls_dh.c, lib/gnutls_dh.h,
6530 lib/gnutls_dh_primes.c, lib/gnutls_errors.c, lib/gnutls_errors.h,
6531 lib/gnutls_extensions.c, lib/gnutls_extensions.h,
6532 lib/gnutls_global.c, lib/gnutls_global.h, lib/gnutls_handshake.c,
6533 lib/gnutls_handshake.h, lib/gnutls_hash_int.c,
6534 lib/gnutls_hash_int.h, lib/gnutls_helper.c, lib/gnutls_int.h,
6535 lib/gnutls_kx.c, lib/gnutls_kx.h, lib/gnutls_mem.c,
6536 lib/gnutls_mem.h, lib/gnutls_mpi.c, lib/gnutls_mpi.h,
6537 lib/gnutls_num.c, lib/gnutls_num.h, lib/gnutls_pk.c,
6538 lib/gnutls_pk.h, lib/gnutls_priority.c, lib/gnutls_psk.c,
6539 lib/gnutls_psk_netconf.c, lib/gnutls_record.c, lib/gnutls_record.h,
6540 lib/gnutls_rsa_export.c, lib/gnutls_rsa_export.h,
6541 lib/gnutls_session.c, lib/gnutls_session_pack.c,
6542 lib/gnutls_session_pack.h, lib/gnutls_sig.c, lib/gnutls_sig.h,
6543 lib/gnutls_srp.c, lib/gnutls_srp.h, lib/gnutls_state.c,
6544 lib/gnutls_state.h, lib/gnutls_str.c, lib/gnutls_str.h,
6545 lib/gnutls_supplemental.c, lib/gnutls_supplemental.h,
6546 lib/gnutls_ui.c, lib/gnutls_v2_compat.c, lib/gnutls_v2_compat.h,
6547 lib/gnutls_x509.c, lib/gnutls_x509.h, lib/includes/Makefile.am,
6548 lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
6549 lib/includes/gnutls/openpgp.h, lib/includes/gnutls/pkcs12.h,
6550 lib/includes/gnutls/x509.h, lib/libgnutls.map, lib/libgnutlsxx.map,
6551 lib/mac-libgcrypt.c, lib/minitasn1/Makefile.am,
6552 lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
6553 lib/minitasn1/element.c, lib/minitasn1/gstr.c,
6554 lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
6555 lib/minitasn1/structure.c, lib/mpi-libgcrypt.c,
6556 lib/opencdk/Makefile.am, lib/opencdk/hash.c,
6557 lib/openpgp/Makefile.am, lib/openpgp/compat.c,
6558 lib/openpgp/extras.c, lib/openpgp/gnutls_openpgp.c,
6559 lib/openpgp/output.c, lib/openpgp/pgp.c, lib/openpgp/pgpverify.c,
6560 lib/openpgp/privkey.c, lib/pk-libgcrypt.c, lib/random.c,
6561 lib/random.h, lib/rnd-libgcrypt.c, lib/x509/Makefile.am,
6562 lib/x509/common.c, lib/x509/common.h, lib/x509/crl.c,
6563 lib/x509/crl_write.c, lib/x509/crq.c, lib/x509/dn.c,
6564 lib/x509/extensions.c, lib/x509/mpi.c, lib/x509/output.c,
6565 lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c, lib/x509/pkcs7.c,
6566 lib/x509/privkey.c, lib/x509/privkey_pkcs8.c,
6567 lib/x509/rfc2818_hostname.c, lib/x509/sign.c, lib/x509/verify.c,
6568 lib/x509/x509.c, lib/x509/x509_int.h, lib/x509/x509_write.c,
6569 lib/x509_b64.c, lib/x509_b64.h, libextra/Makefile.am,
6570 libextra/ext_inner_application.c, libextra/ext_inner_application.h,
6571 libextra/fipsmd5.c, libextra/gl/Makefile.am,
6572 libextra/gnutls-extra.pc.in, libextra/gnutls_extra.c,
6573 libextra/gnutls_ia.c, libextra/gnutls_openssl.c,
6574 libextra/includes/Makefile.am, libextra/includes/gnutls/extra.h,
6575 libextra/includes/gnutls/openssl.h, libextra/libgnutls-extra.map,
6576 libextra/openssl_compat.c, libextra/openssl_compat.h,
6577 src/Makefile.am, src/benchmark.c, src/certtool-cfg.c,
6578 src/certtool.c, src/common.c, src/crypt.c, src/prime.c, src/psk.c,
6579 src/serv.c, src/tests.c, src/tls_test.c, tests/Makefile.am,
6580 tests/anonself.c, tests/certder.c, tests/chainverify.c,
6581 tests/crq_apis.c, tests/crq_key_id.c, tests/crypto_rng.c,
6582 tests/cve-2008-4989.c, tests/cve-2009-1415.c,
6583 tests/cve-2009-1416.c, tests/dhepskself.c, tests/dn.c, tests/dn2.c,
6584 tests/finished.c, tests/gc.c, tests/hostname-check.c,
6585 tests/init_roundtrip.c, tests/key-id/Makefile.am,
6586 tests/key-id/key-id, tests/mini-eagain.c, tests/mini.c,
6587 tests/moredn.c, tests/mpi.c, tests/netconf-psk.c,
6588 tests/nist-pkits/pkits, tests/nist-pkits/pkits_crl,
6589 tests/nist-pkits/pkits_crt, tests/nist-pkits/pkits_pkcs12,
6590 tests/nist-pkits/pkits_smime, tests/nul-in-x509-names.c,
6591 tests/openpgp-certs/Makefile.am, tests/openpgp-certs/testcerts,
6592 tests/openpgp-certs/testselfsigs, tests/openpgp-keyring.c,
6593 tests/openpgpself.c, tests/openssl.c, tests/oprfi.c,
6594 tests/parse_ca.c, tests/pathlen/Makefile.am, tests/pathlen/pathlen,
6595 tests/pkcs1-padding/Makefile.am, tests/pkcs1-padding/pkcs1-pad,
6596 tests/pkcs12-decode/Makefile.am, tests/pkcs12-decode/pkcs12,
6597 tests/pkcs12_encode.c, tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c,
6598 tests/pkcs8-decode/Makefile.am, tests/pkcs8-decode/pkcs8,
6599 tests/pskself.c, tests/resume.c, tests/rfc2253-escape-test,
6600 tests/rsa-md5-collision/Makefile.am,
6601 tests/rsa-md5-collision/rsa-md5-collision,
6602 tests/safe-renegotiation/Makefile.am,
6603 tests/safe-renegotiation/testsrn, tests/set_pkcs12_cred.c,
6604 tests/setcredcrash.c, tests/sha2/Makefile.am, tests/sha2/sha2,
6605 tests/simple.c, tests/tlsia.c, tests/userid/Makefile.am,
6606 tests/userid/userid, tests/utils.c, tests/utils.h,
6607 tests/x509_altname.c, tests/x509dn.c, tests/x509paths/chain,
6608 tests/x509self.c, tests/x509sign-verify.c, tests/x509signself.c: Fix
6609 FSF copyright notices.
6611 2010-01-27 Simon Josefsson <simon@josefsson.org>
6613 * THANKS, doc/gnutls.texi: doc: Fix pkg-config recommendation. Reported by Claudio Saavedra <csaavedra@igalia.com> in
6615 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4095>.
6617 2010-01-27 Simon Josefsson <simon@josefsson.org>
6619 * NEWS, THANKS, src/cli.c: gnutls-cli: Handle reading binary data
6620 from server. Reported by and tiny patch from Vitaly Mayatskikh
6621 <v.mayatskih@gmail.com> in
6623 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4096>.
6625 2010-01-26 Simon Josefsson <simon@josefsson.org>
6627 * build-aux/update-copyright, gl/Makefile.am,
6628 gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/tests/Makefile.am,
6629 gl/tests/test-update-copyright.sh: Update gnulib files.
6631 2010-01-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6633 * tests/openpgp-certs/testcerts, tests/openpgp-certs/testselfsigs,
6634 tests/safe-renegotiation/testsrn: Added copyright notices!
6636 2010-01-26 Simon Josefsson <simon@josefsson.org>
6638 * NEWS, doc/manpages/Makefile.am: Generated.
6640 2010-01-26 Simon Josefsson <simon@josefsson.org>
6642 * .gitignore: Improve.
6644 2010-01-26 Simon Josefsson <simon@josefsson.org>
6646 * doc/reference/Makefile.am: Ignore more.
6648 2010-01-26 Simon Josefsson <simon@josefsson.org>
6650 * .gitignore, lib/gl/m4/warn-on-use.m4: Update gnulib files.
6652 2010-01-26 Simon Josefsson <simon@josefsson.org>
6654 * gl/m4/warn-on-use.m4, lib/build-aux/arg-nonnull.h,
6655 lib/build-aux/warn-on-use.h: Update gnulib files.
6657 2010-01-26 Simon Josefsson <simon@josefsson.org>
6661 2010-01-26 Simon Josefsson <simon@josefsson.org>
6663 * lib/gl/tests/macros.h, lib/gl/tests/signature.h: Update gnulib
6666 2010-01-26 Simon Josefsson <simon@josefsson.org>
6670 2010-01-26 Simon Josefsson <simon@josefsson.org>
6672 * gl/tests/macros.h, gl/tests/signature.h,
6673 gl/tests/test-sys_ioctl.c: Update gnulib files.
6675 2010-01-26 Simon Josefsson <simon@josefsson.org>
6677 * GNUmakefile, build-aux/arg-nonnull.h, build-aux/config.rpath,
6678 build-aux/gendocs.sh, build-aux/gnupload, build-aux/link-warning.h,
6679 build-aux/pmccabe2html, build-aux/useless-if-before-free,
6680 build-aux/vc-list-files, build-aux/warn-on-use.h, gl/Makefile.am,
6681 gl/accept.c, gl/alignof.h, gl/alloca.c, gl/alloca.in.h,
6682 gl/arpa_inet.in.h, gl/asnprintf.c, gl/bind.c, gl/c-ctype.c,
6683 gl/c-ctype.h, gl/close-hook.c, gl/close-hook.h, gl/close.c,
6684 gl/connect.c, gl/errno.in.h, gl/error.c, gl/error.h, gl/fclose.c,
6685 gl/float+.h, gl/float.in.h, gl/fseeko.c, gl/gai_strerror.c,
6686 gl/getaddrinfo.c, gl/getdelim.c, gl/getline.c, gl/getpass.c,
6687 gl/getpass.h, gl/gettext.h, gl/inet_ntop.c, gl/inet_pton.c,
6688 gl/intprops.h, gl/listen.c, gl/lseek.c, gl/m4/00gnulib.m4,
6689 gl/m4/alloca.m4, gl/m4/arpa_inet_h.m4, gl/m4/autobuild.m4,
6690 gl/m4/close.m4, gl/m4/errno_h.m4, gl/m4/error.m4,
6691 gl/m4/extensions.m4, gl/m4/fclose.m4, gl/m4/float_h.m4,
6692 gl/m4/fseeko.m4, gl/m4/getaddrinfo.m4, gl/m4/getdelim.m4,
6693 gl/m4/getline.m4, gl/m4/getpass.m4, gl/m4/gettimeofday.m4,
6694 gl/m4/gnulib-cache.m4, gl/m4/gnulib-common.m4,
6695 gl/m4/gnulib-comp.m4, gl/m4/gnulib-tool.m4, gl/m4/hostent.m4,
6696 gl/m4/include_next.m4, gl/m4/inet_ntop.m4, gl/m4/inet_pton.m4,
6697 gl/m4/intmax_t.m4, gl/m4/inttypes_h.m4, gl/m4/lib-ld.m4,
6698 gl/m4/lib-link.m4, gl/m4/lib-prefix.m4, gl/m4/longlong.m4,
6699 gl/m4/lseek.m4, gl/m4/malloc.m4, gl/m4/manywarnings.m4,
6700 gl/m4/memchr.m4, gl/m4/minmax.m4, gl/m4/mmap-anon.m4,
6701 gl/m4/multiarch.m4, gl/m4/netdb_h.m4, gl/m4/netinet_in_h.m4,
6702 gl/m4/perror.m4, gl/m4/printf.m4, gl/m4/read-file.m4,
6703 gl/m4/readline.m4, gl/m4/realloc.m4, gl/m4/select.m4,
6704 gl/m4/servent.m4, gl/m4/size_max.m4, gl/m4/snprintf.m4,
6705 gl/m4/sockets.m4, gl/m4/socklen.m4, gl/m4/sockpfaf.m4,
6706 gl/m4/stdarg.m4, gl/m4/stdbool.m4, gl/m4/stddef_h.m4,
6707 gl/m4/stdint.m4, gl/m4/stdint_h.m4, gl/m4/stdio_h.m4,
6708 gl/m4/stdlib_h.m4, gl/m4/strerror.m4, gl/m4/string_h.m4,
6709 gl/m4/sys_ioctl_h.m4, gl/m4/sys_select_h.m4, gl/m4/sys_socket_h.m4,
6710 gl/m4/sys_stat_h.m4, gl/m4/sys_time_h.m4, gl/m4/time_h.m4,
6711 gl/m4/ungetc.m4, gl/m4/unistd_h.m4, gl/m4/vasnprintf.m4,
6712 gl/m4/version-etc.m4, gl/m4/warnings.m4, gl/m4/wchar.m4,
6713 gl/m4/wchar_t.m4, gl/m4/wint_t.m4, gl/m4/xsize.m4, gl/memchr.c,
6714 gl/minmax.h, gl/netdb.in.h, gl/netinet_in.in.h,
6715 gl/override/lib/gettext.h.diff, gl/perror.c, gl/printf-args.c,
6716 gl/printf-args.h, gl/printf-parse.c, gl/printf-parse.h,
6717 gl/progname.c, gl/progname.h, gl/read-file.c, gl/read-file.h,
6718 gl/readline.c, gl/readline.h, gl/realloc.c, gl/recv.c, gl/select.c,
6719 gl/send.c, gl/setsockopt.c, gl/shutdown.c, gl/size_max.h,
6720 gl/snprintf.c, gl/socket.c, gl/sockets.c, gl/sockets.h,
6721 gl/stdarg.in.h, gl/stdbool.in.h, gl/stddef.in.h, gl/stdint.in.h,
6722 gl/stdio-impl.h, gl/stdio-write.c, gl/stdio.in.h, gl/stdlib.in.h,
6723 gl/strerror.c, gl/string.in.h, gl/sys_select.in.h,
6724 gl/sys_socket.in.h, gl/sys_stat.in.h, gl/sys_time.in.h,
6725 gl/tests/Makefile.am, gl/tests/dummy.c, gl/tests/gettimeofday.c,
6726 gl/tests/ioctl.c, gl/tests/sys_ioctl.in.h, gl/tests/test-alignof.c,
6727 gl/tests/test-alloca-opt.c, gl/tests/test-arpa_inet.c,
6728 gl/tests/test-c-ctype.c, gl/tests/test-errno.c,
6729 gl/tests/test-fseeko.c, gl/tests/test-getaddrinfo.c,
6730 gl/tests/test-getdelim.c, gl/tests/test-getline.c,
6731 gl/tests/test-gettimeofday.c, gl/tests/test-inet_ntop.c,
6732 gl/tests/test-inet_pton.c, gl/tests/test-lseek.c,
6733 gl/tests/test-memchr.c, gl/tests/test-netdb.c,
6734 gl/tests/test-netinet_in.c, gl/tests/test-perror.c,
6735 gl/tests/test-read-file.c, gl/tests/test-select-fd.c,
6736 gl/tests/test-select-stdin.c, gl/tests/test-select.c,
6737 gl/tests/test-snprintf.c, gl/tests/test-stdbool.c,
6738 gl/tests/test-stddef.c, gl/tests/test-stdint.c,
6739 gl/tests/test-stdio.c, gl/tests/test-stdlib.c,
6740 gl/tests/test-strerror.c, gl/tests/test-string.c,
6741 gl/tests/test-sys_select.c, gl/tests/test-sys_socket.c,
6742 gl/tests/test-sys_stat.c, gl/tests/test-sys_time.c,
6743 gl/tests/test-time.c, gl/tests/test-unistd.c,
6744 gl/tests/test-vasnprintf.c, gl/tests/test-vc-list-files-cvs.sh,
6745 gl/tests/test-vc-list-files-git.sh, gl/tests/test-version-etc.c,
6746 gl/tests/test-version-etc.sh, gl/tests/test-wchar.c,
6747 gl/tests/verify.h, gl/tests/w32sock.h, gl/tests/zerosize-ptr.h,
6748 gl/time.in.h, gl/unistd.in.h, gl/vasnprintf.c, gl/vasnprintf.h,
6749 gl/version-etc-fsf.c, gl/version-etc.c, gl/version-etc.h,
6750 gl/w32sock.h, gl/wchar.in.h, gl/xsize.h,
6751 lib/build-aux/config.rpath, lib/build-aux/link-warning.h,
6752 lib/gl/Makefile.am, lib/gl/alignof.h, lib/gl/alloca.in.h,
6753 lib/gl/asnprintf.c, lib/gl/asprintf.c, lib/gl/byteswap.in.h,
6754 lib/gl/c-ctype.c, lib/gl/c-ctype.h, lib/gl/close-hook.c,
6755 lib/gl/close-hook.h, lib/gl/errno.in.h, lib/gl/float+.h,
6756 lib/gl/float.in.h, lib/gl/fseeko.c, lib/gl/gettext.h,
6757 lib/gl/lseek.c, lib/gl/m4/00gnulib.m4, lib/gl/m4/alloca.m4,
6758 lib/gl/m4/byteswap.m4, lib/gl/m4/codeset.m4, lib/gl/m4/errno_h.m4,
6759 lib/gl/m4/extensions.m4, lib/gl/m4/float_h.m4, lib/gl/m4/fseeko.m4,
6760 lib/gl/m4/func.m4, lib/gl/m4/gettext.m4, lib/gl/m4/glibc2.m4,
6761 lib/gl/m4/glibc21.m4, lib/gl/m4/gnulib-cache.m4,
6762 lib/gl/m4/gnulib-common.m4, lib/gl/m4/gnulib-comp.m4,
6763 lib/gl/m4/gnulib-tool.m4, lib/gl/m4/iconv.m4,
6764 lib/gl/m4/include_next.m4, lib/gl/m4/intdiv0.m4, lib/gl/m4/intl.m4,
6765 lib/gl/m4/intldir.m4, lib/gl/m4/intlmacosx.m4, lib/gl/m4/intmax.m4,
6766 lib/gl/m4/intmax_t.m4, lib/gl/m4/inttypes-pri.m4,
6767 lib/gl/m4/inttypes_h.m4, lib/gl/m4/lcmessage.m4,
6768 lib/gl/m4/ld-output-def.m4, lib/gl/m4/ld-version-script.m4,
6769 lib/gl/m4/lib-ld.m4, lib/gl/m4/lib-link.m4,
6770 lib/gl/m4/lib-prefix.m4, lib/gl/m4/lock.m4, lib/gl/m4/longlong.m4,
6771 lib/gl/m4/lseek.m4, lib/gl/m4/malloc.m4, lib/gl/m4/memchr.m4,
6772 lib/gl/m4/memmem.m4, lib/gl/m4/minmax.m4, lib/gl/m4/mmap-anon.m4,
6773 lib/gl/m4/multiarch.m4, lib/gl/m4/netdb_h.m4, lib/gl/m4/nls.m4,
6774 lib/gl/m4/po.m4, lib/gl/m4/printf-posix.m4, lib/gl/m4/printf.m4,
6775 lib/gl/m4/progtest.m4, lib/gl/m4/read-file.m4,
6776 lib/gl/m4/realloc.m4, lib/gl/m4/size_max.m4, lib/gl/m4/snprintf.m4,
6777 lib/gl/m4/sockets.m4, lib/gl/m4/socklen.m4, lib/gl/m4/sockpfaf.m4,
6778 lib/gl/m4/stdbool.m4, lib/gl/m4/stddef_h.m4, lib/gl/m4/stdint.m4,
6779 lib/gl/m4/stdint_h.m4, lib/gl/m4/stdio_h.m4, lib/gl/m4/stdlib_h.m4,
6780 lib/gl/m4/strcase.m4, lib/gl/m4/string_h.m4,
6781 lib/gl/m4/strings_h.m4, lib/gl/m4/strverscmp.m4,
6782 lib/gl/m4/sys_socket_h.m4, lib/gl/m4/sys_stat_h.m4,
6783 lib/gl/m4/threadlib.m4, lib/gl/m4/time_h.m4, lib/gl/m4/time_r.m4,
6784 lib/gl/m4/uintmax_t.m4, lib/gl/m4/ungetc.m4, lib/gl/m4/unistd_h.m4,
6785 lib/gl/m4/vasnprintf.m4, lib/gl/m4/vasprintf.m4,
6786 lib/gl/m4/visibility.m4, lib/gl/m4/vsnprintf.m4,
6787 lib/gl/m4/wchar.m4, lib/gl/m4/wchar_t.m4, lib/gl/m4/wint_t.m4,
6788 lib/gl/m4/xsize.m4, lib/gl/memchr.c, lib/gl/memmem.c,
6789 lib/gl/minmax.h, lib/gl/netdb.in.h,
6790 lib/gl/override/lib/gettext.h.diff, lib/gl/printf-args.c,
6791 lib/gl/printf-args.h, lib/gl/printf-parse.c, lib/gl/printf-parse.h,
6792 lib/gl/read-file.c, lib/gl/read-file.h, lib/gl/realloc.c,
6793 lib/gl/size_max.h, lib/gl/snprintf.c, lib/gl/sockets.c,
6794 lib/gl/sockets.h, lib/gl/stdbool.in.h, lib/gl/stddef.in.h,
6795 lib/gl/stdint.in.h, lib/gl/stdio-impl.h, lib/gl/stdio-write.c,
6796 lib/gl/stdio.in.h, lib/gl/stdlib.in.h, lib/gl/str-two-way.h,
6797 lib/gl/strcasecmp.c, lib/gl/string.in.h, lib/gl/strings.in.h,
6798 lib/gl/strncasecmp.c, lib/gl/strverscmp.c, lib/gl/sys_socket.in.h,
6799 lib/gl/sys_stat.in.h, lib/gl/tests/Makefile.am,
6800 lib/gl/tests/dummy.c, lib/gl/tests/intprops.h,
6801 lib/gl/tests/test-alloca-opt.c, lib/gl/tests/test-byteswap.c,
6802 lib/gl/tests/test-c-ctype.c, lib/gl/tests/test-errno.c,
6803 lib/gl/tests/test-fseeko.c, lib/gl/tests/test-func.c,
6804 lib/gl/tests/test-memchr.c, lib/gl/tests/test-netdb.c,
6805 lib/gl/tests/test-read-file.c, lib/gl/tests/test-snprintf.c,
6806 lib/gl/tests/test-stdbool.c, lib/gl/tests/test-stddef.c,
6807 lib/gl/tests/test-stdint.c, lib/gl/tests/test-stdio.c,
6808 lib/gl/tests/test-stdlib.c, lib/gl/tests/test-string.c,
6809 lib/gl/tests/test-strings.c, lib/gl/tests/test-strverscmp.c,
6810 lib/gl/tests/test-sys_socket.c, lib/gl/tests/test-sys_stat.c,
6811 lib/gl/tests/test-time.c, lib/gl/tests/test-unistd.c,
6812 lib/gl/tests/test-vasnprintf.c, lib/gl/tests/test-vasprintf.c,
6813 lib/gl/tests/test-vsnprintf.c, lib/gl/tests/test-wchar.c,
6814 lib/gl/tests/verify.h, lib/gl/tests/zerosize-ptr.h,
6815 lib/gl/time.in.h, lib/gl/time_r.c, lib/gl/unistd.in.h,
6816 lib/gl/vasnprintf.c, lib/gl/vasnprintf.h, lib/gl/vasprintf.c,
6817 lib/gl/vsnprintf.c, lib/gl/w32sock.h, lib/gl/wchar.in.h,
6818 lib/gl/xsize.h, libextra/build-aux/config.rpath,
6819 libextra/gl/gnulib.mk, libextra/gl/hmac-md5.c, libextra/gl/hmac.h,
6820 libextra/gl/m4/00gnulib.m4, libextra/gl/m4/extensions.m4,
6821 libextra/gl/m4/gnulib-cache.m4, libextra/gl/m4/gnulib-common.m4,
6822 libextra/gl/m4/gnulib-comp.m4, libextra/gl/m4/gnulib-tool.m4,
6823 libextra/gl/m4/hmac-md5.m4, libextra/gl/m4/ld-output-def.m4,
6824 libextra/gl/m4/ld-version-script.m4, libextra/gl/m4/lib-ld.m4,
6825 libextra/gl/m4/lib-link.m4, libextra/gl/m4/lib-prefix.m4,
6826 libextra/gl/m4/md5.m4, libextra/gl/m4/memxor.m4, libextra/gl/md5.c,
6827 libextra/gl/md5.h, libextra/gl/memxor.c, libextra/gl/memxor.h,
6828 maint.mk: Update gnulib files.
6830 2010-01-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6832 * NEWS: Documented addition of new priority strings.
6834 2010-01-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6836 * NEWS: Documented Steve Dispensa's patch addition.
6838 2010-01-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6840 * tests/safe-renegotiation/testsrn: Added tests for new behaviour of
6843 2010-01-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6845 * lib/gnutls_handshake.c: Revert "Always allow initial negotiation.
6846 Disable subsequent unsafe renegotiations." This reverts commit
6847 1e4981cfbec360a19cfb7470ce96093aaa95b32e. Ah, this was to twart the attack (description by Daniel Kahn
6848 Gilmor): The problem, as i understand it, is that the client is
6849 incapable of telling whether the plaintext prefix injection attack
6850 has already happened. I don't think disabling renegotiation for the
6851 session resolves the problem. For a server which does not announce and enforce safe renegotiation,
6852 what the client sees as an initial connection may unknowingly
6853 actually be renegotiating an existing session that was started by an
6854 attacker. The concern isn't that the (legitimate) client will have their
6855 session re-negotiated by an attacker; it's that the MITM attacker
6856 can trick the server into viewing the client's initial
6857 authentication as a re-negotiation of a TLS session already
6858 underway. for servers which do odd things like apply the credentials of the
6859 post-renegotiation client to the traffic that happened before the
6860 renegotiation (e.g. HTTPS, with client-side certificates required
6861 only for certain subdirectories), a safe-renegotiation-aware client
6862 *should* refuse to connect to servers which do not announce safe
6863 renegotiation if they want to resist this attack.
6865 2010-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6867 * configure.ac: Added safe-renegotiation subdir.
6869 2010-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6871 * lib/ext_safe_renegotiation.c, lib/gnutls_handshake.c,
6872 lib/gnutls_int.h, lib/gnutls_priority.c, tests/Makefile.am,
6873 tests/safe-renegotiation/Makefile.am,
6874 tests/safe-renegotiation/params.dh,
6875 tests/safe-renegotiation/testsrn: Added safe renegotiation test
6876 cases. Added priority string option to completely disable
6877 renegotiation to assist in testing more cases.
6879 2010-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6881 * src/cli-gaa.c, src/cli-gaa.h, src/cli.c, src/cli.gaa: Added the
6882 --rehandshake option to gnutls-cli to allow connection and immediate
6885 2010-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6887 * lib/ext_safe_renegotiation.c: More carefull copying of data. Check
6888 for the malicious case where a server does initial unsafe
6889 negotiation and proceeds with a safe renegotiation.
6891 2010-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6893 * lib/gnutls_handshake.c: Always allow initial negotiation. Disable
6894 subsequent unsafe renegotiations. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
6896 2010-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6898 * lib/ext_safe_renegotiation.c, lib/gnutls_handshake.c,
6899 lib/gnutls_int.h, lib/gnutls_state.c: Safe renegotiation variable
6900 cleanup. No longer clear variables that should stay across
6903 2010-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6905 * lib/crypto-api.c, lib/gnutls_cipher_int.c: Documented the
6906 crypto-api functions and made the API tolerant to NULL IV.
6908 2010-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6910 * lib/gnutls_handshake.c: Added documentation of rehandshake usage
6911 in gnutls if full-duplex capability is required.
6913 2010-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6915 * lib/gnutls_buffers.c: Reduced asserts to reduce unneeded
6918 2010-01-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6920 * src/cli.c, src/serv.c: Removed rehandshake initiation capability
6921 from client and transferred it to the echo server. Once the server
6922 receives a string **REHANDSHAKE** will request a rehandshake.
6924 2010-01-19 Steve Dispensa <dispensa@phonefactor.com>
6926 * lib/gnutls_handshake.c: Here is another patch that fixes an
6927 interoperability problem with safe renegotiation and resumption. In
6928 copying forward the safe renegotiation state across resumptions, I
6929 got a little carried away and copied too much data (new connections
6930 should start with empty RI data). Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
6932 2010-01-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6934 * lib/ext_oprfi.c, lib/ext_session_ticket.c, lib/gnutls_constate.c,
6935 lib/gnutls_handshake.c, lib/gnutls_int.h: Modified extensions
6936 (session ticket, oprfi) to store internal data in gnutls internal
6937 structure and input data only in the security_parameters extension
6938 structure. Session ticket extension will call the user supplied hello function
6939 on resumption. (the current API to handle that is inexistant. To be revised)
6941 2010-01-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6943 * lib/ext_session_ticket.c, lib/gnutls_constate.c,
6944 lib/gnutls_int.h, lib/gnutls_session_pack.c: Further cleanup the
6945 extension internal structure. Now if values are not saved and
6946 restored when resumming they will be initialized to zero.
6948 2010-01-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6950 * tests/chainverify.c, tests/crq_apis.c, tests/crq_key_id.c,
6951 tests/cve-2008-4989.c, tests/dn2.c, tests/finished.c, tests/mini.c,
6952 tests/pkcs12_s2k_pem.c, tests/tlsia.c, tests/x509sign-verify.c:
6953 Tests compile with --enable-gcc-warnings.
6955 2010-01-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6957 * lib/ext_safe_renegotiation.h, lib/gnutls_constate.c,
6958 lib/gnutls_extensions.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
6959 lib/gnutls_state.c, tests/resume.c, tests/simple.c: Specify in
6960 detail what to be copied when resuming. It seems there are
6961 extensions (like safe renegotiation) that do not need to read the
6962 stored values. Moreover this might overcome any bugs by the
6963 extensions that used to store pointers in the extension structure.
6965 2010-01-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6967 * lib/ext_safe_renegotiation.c: Initialize the default value to 0.
6968 It seemed to have default value of 0 when non resuming :)
6970 2010-01-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6972 * doc/examples/ex-client-tlsia.c, tests/utils.c: Removed warnings.
6974 2010-01-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6976 * configure.ac: Added -Wno-int-to-pointer-cast to enable compilation
6977 when enable-gcc-warnings is given.
6979 2010-01-13 Steve Dispensa <dispensa@phonefactor.com>
6981 * lib/gnutls_handshake.c: Here are two more patches. The first adds
6982 support for renegotiation of resumption. Also, I found a bug in my initial implementation - I was incorrectly
6983 sending the SCSV on all connections, not only those using SSLv3, as
6984 should have been the case. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
6986 2010-01-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6988 * NEWS, doc/manpages/gnutls-cli.1, doc/manpages/gnutls-serv.1:
6989 Documentation updates.
6991 2010-01-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6993 * lib/gnutls_handshake.c: When denying an initial negotiation due to
6994 missing safe renegotiation extension reply with NO_RENEGOTIATION
6997 2010-01-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
6999 * lib/gnutls_extensions.c, lib/gnutls_handshake.c,
7000 lib/includes/gnutls/gnutls.h.in, tests/resume.c: When resuming no
7001 extensions were parsed thus the safe renegotiation extension was
7002 ignored as well causing a false detection of unsafe session.
7003 Corrected by making a special class of extensions called RESUMED.
7004 Those are parsed even when resuming (normally we don't do it to
7005 prevent clients overwriting capabilities and credentials).
7007 2010-01-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7009 * lib/ext_safe_renegotiation.c, lib/ext_safe_renegotiation.h,
7010 lib/gnutls_alert.c, lib/gnutls_algorithms.c,
7011 lib/gnutls_algorithms.h, lib/gnutls_extensions.c,
7012 lib/gnutls_extensions.h, lib/gnutls_handshake.c, lib/gnutls_int.h,
7013 lib/gnutls_priority.c, lib/includes/gnutls/gnutls.h.in: Added Steve
7014 Dispensa's patch for safe renegotiation (with artistic changes).
7015 Effectively reverted my previous patch
7016 1a338cbaaeec11d958de8da4d1ae036979fccf3e.
7018 2010-01-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7020 * THANKS: Updated thanks file.
7022 2010-01-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7024 * NEWS, lib/opencdk/sig-check.c, src/certtool.c,
7025 tests/openpgp-certs/Makefile.am, tests/openpgp-certs/testselfsigs:
7026 When checking self signature also check the signatures of all
7027 subkeys. Ilari Liusvaara noticed and reported the issue and
7028 provided test vectors as well. certtool --pgp-certificate-info will check self signatures. Added self tests for self-sigs.
7030 2010-01-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7032 * tests/gc.c: hash_fast -> hmac_fast
7034 2010-01-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7036 * doc/manpages/gnutls-cli.1, doc/manpages/gnutls-serv.1,
7037 lib/Makefile.am, lib/ext_safe_renegotiation.c,
7038 lib/ext_safe_renegotiation.h, lib/gnutls_errors.c,
7039 lib/gnutls_extensions.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
7040 lib/gnutls_priority.c, lib/includes/gnutls/gnutls.h.in, src/cli.c,
7041 src/serv.c: Added safe renegotiation patch from Steve Dispensa,
7042 modified to suit gnutls code style and error checking. Modified to
7043 conform to draft-ietf-tls-renegotiation-03.txt. gnutls-cli will search input for **RENEGOTIATION** to perform a
7044 renegotiation and gnutls-serv will perform one if requested.
7046 2010-01-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7048 * lib/x509/mpi.c: Corrections for --disable-extra-pki configure flag
7049 to work. Patch by Bill Randle.
7051 2010-01-04 Andreas Metzler <ametzler@downhill.at.eu.org>
7053 * ChangeLog, doc/certtool.cfg, doc/gnutls.texi, lib/gnutls_auth.c,
7054 lib/gnutls_priority.c, lib/gnutls_session.c, lib/openpgp/pgp.c,
7055 lib/openpgp/privkey.c: Typo fixes: successful, precedence, preferred
7057 2009-12-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7059 * lib/cryptodev.c: define EALG_MAX_BLOCK_LEN if not there.
7061 2009-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7063 * libextra/fipsmd5.c: use C99 initializations
7065 2009-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7067 * NEWS, lib/Makefile.am, lib/compat.c, lib/crypto-api.c,
7068 lib/crypto.c, lib/crypto.h, lib/gnutls_cipher.c,
7069 lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h,
7070 lib/gnutls_hash_int.c, lib/gnutls_hash_int.h,
7071 lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
7072 lib/libgnutls.map, libextra/fipsmd5.c, src/benchmark.c: Reverted all
7073 previous changes to combine hashes with MAC algorithms. It is now
7074 permissible to register a hash algorithm separately from a MAC.
7076 2009-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7078 * lib/crypto-api.c, lib/crypto.c, lib/crypto.h,
7079 lib/ext_session_ticket.c, lib/gnutls_algorithms.c,
7080 lib/gnutls_algorithms.h, lib/gnutls_cipher.c,
7081 lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h,
7082 lib/gnutls_constate.c, lib/gnutls_constate.h,
7083 lib/gnutls_handshake.c, lib/gnutls_hash_int.c,
7084 lib/gnutls_hash_int.h, lib/gnutls_int.h, lib/gnutls_priority.c,
7085 lib/gnutls_psk_netconf.c, lib/gnutls_sig.c, lib/gnutls_srp.c,
7086 lib/gnutls_state.c, lib/gnutls_ui.c, lib/includes/gnutls/crypto.h,
7087 lib/includes/gnutls/gnutls.h.in, lib/mac-libgcrypt.c,
7088 lib/opencdk/dummy.c, lib/opencdk/filters.h, lib/opencdk/hash.c,
7089 lib/opencdk/kbnode.c, lib/opencdk/main.h, lib/opencdk/opencdk.h,
7090 lib/opencdk/pubkey.c, lib/opencdk/sig-check.c,
7091 lib/opencdk/verify.c, lib/x509/crq.c, lib/x509/pbkdf2-sha1.c,
7092 lib/x509/pkcs12.c, lib/x509/pkcs12_encr.c, lib/x509/privkey.c,
7093 lib/x509/sign.c, lib/x509/verify.c, lib/x509/x509.c,
7094 lib/x509/x509_int.h, libextra/fipsmd5.c, libextra/gnutls_openssl.c:
7095 Revert "Merged the two internal hash API functions, to simplify and
7096 reduce code." This reverts commit bc3e43d5f121e404aa32212dcfcc5027de807056. Conflicts: lib/crypto.c lib/gnutls_cipher.c lib/gnutls_hash_int.c lib/gnutls_hash_int.h lib/includes/gnutls/crypto.h lib/mac-libgcrypt.c
7098 2009-12-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7100 * lib/gnutls_hash_int.c, lib/includes/gnutls/crypto.h,
7101 lib/mac-libgcrypt.c, libextra/gnutls_openssl.c, tests/gc.c: Revert
7102 "Added plain MD5 hash check and corrected gnutls_hash_fast() usage
7103 in openssl.c" This reverts commit 54486afbfcf3398846d5c20d3094bdb7d0a43ff2.
7105 2009-12-04 Simon Josefsson <simon@josefsson.org>
7107 * doc/examples/ex-x509-info.c: Improve example of printing cert
7110 2009-12-04 Simon Josefsson <simon@josefsson.org>
7112 * doc/gnutls.texi: Typo fix. Reported by Laurence <lfinsto@gwdg.de> in
7114 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4036>.
7116 2009-12-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7118 * lib/compat.c, lib/gnutls_algorithms.h: fixes for compilation.
7120 2009-12-03 Simon Josefsson <simon@josefsson.org>
7122 * lib/gnutls_cert.c: Check return value from
7123 gnutls_x509_crt_get_key_usage.
7125 2009-12-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7127 * NEWS, tests/pathlen/ca-no-pathlen.pem,
7128 tests/pathlen/no-ca-or-pathlen.pem: This is a follow-up to commit
7129 3d8da5765133c6ced37bf29b5a07f950b8c26cd7, that fixes some issues
7130 with DSA and RSA certificate encoding. Due to that the shown public
7131 key IDs are different than the ones in previous gnutls versions.
7133 2009-12-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7135 * lib/gnutls_cipher.c: reduced calls to gnutls_hash on
7136 encryption/decryption. Only initialize MAC when needed.
7138 2009-12-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7140 * lib/gnutls_hash_int.c, lib/includes/gnutls/crypto.h,
7141 lib/mac-libgcrypt.c, libextra/gnutls_openssl.c, tests/gc.c: Added
7142 plain MD5 hash check and corrected gnutls_hash_fast() usage in
7143 openssl.c Corrected new hash API bug that prevented usage of plain
7146 2009-12-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7148 * NEWS, doc/gnutls.texi, lib/Makefile.am, lib/compat.c,
7149 lib/crypto.c, lib/ext_session_ticket.c, lib/gnutls_algorithms.c,
7150 lib/gnutls_algorithms.h, lib/gnutls_cipher.c,
7151 lib/includes/gnutls/crypto.h, lib/libgnutls.map,
7152 lib/opencdk/read-packet.c, lib/x509/privkey_pkcs8.c,
7153 src/benchmark.c, tests/gc.c: Exported gnutls_cipher_get_block_size()
7154 and all hash functions added to libgnutls.map. Expanded benchmark
7155 with 3DES and ARCFOUR. Corrected test that used non-existing symbol.
7157 2009-12-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7159 * lib/m4/hooks.m4: Corrected check for cryptodev. Only enable it if
7160 --enable-cryptodev is specified.
7162 2009-12-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7164 * lib/cryptodev.c, lib/gnutls_cryptodev.h, lib/gnutls_hash_int.c,
7165 lib/gnutls_hash_int.h, lib/mac-libgcrypt.c, lib/x509/mpi.c:
7166 Corrected compilation issues.
7168 2009-11-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7170 * configure.ac, lib/m4/hooks.m4: Moved cryptodev check to
7171 lib/m4/hooks.m4 and now --enable-cryptodev actually works.
7173 2009-11-30 Simon Josefsson <simon@josefsson.org>
7175 * lib/gnutls_x509.c: Doc fix.
7177 2009-11-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7179 * lib/cryptodev.c: corrected old type.
7181 2009-11-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7183 * lib/cryptodev.c: Only include cryptodev.h if cryptodev is there.
7185 2009-11-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7187 * lib/crypto-api.c, lib/crypto.c, lib/crypto.h,
7188 lib/ext_session_ticket.c, lib/gnutls_algorithms.c,
7189 lib/gnutls_algorithms.h, lib/gnutls_cipher.c,
7190 lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h,
7191 lib/gnutls_constate.c, lib/gnutls_constate.h,
7192 lib/gnutls_handshake.c, lib/gnutls_hash_int.c,
7193 lib/gnutls_hash_int.h, lib/gnutls_int.h, lib/gnutls_priority.c,
7194 lib/gnutls_psk_netconf.c, lib/gnutls_sig.c, lib/gnutls_srp.c,
7195 lib/gnutls_state.c, lib/gnutls_ui.c, lib/includes/gnutls/crypto.h,
7196 lib/includes/gnutls/gnutls.h.in, lib/mac-libgcrypt.c,
7197 lib/opencdk/dummy.c, lib/opencdk/filters.h, lib/opencdk/hash.c,
7198 lib/opencdk/kbnode.c, lib/opencdk/main.h, lib/opencdk/opencdk.h,
7199 lib/opencdk/pubkey.c, lib/opencdk/sig-check.c,
7200 lib/opencdk/verify.c, lib/x509/crq.c, lib/x509/pbkdf2-sha1.c,
7201 lib/x509/pkcs12.c, lib/x509/pkcs12_encr.c, lib/x509/privkey.c,
7202 lib/x509/sign.c, lib/x509/verify.c, lib/x509/x509.c,
7203 lib/x509/x509_int.h, libextra/fipsmd5.c, libextra/gnutls_openssl.c:
7204 Merged the two internal hash API functions, to simplify and reduce
7205 code. gnutls_hmac* and gnutls_hash* were merged to gnutls_hash API.
7207 2009-11-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7209 * .gitignore, configure.ac, lib/Makefile.am, lib/crypto-api.c,
7210 lib/crypto.c, lib/cryptodev.c, lib/gnutls_cipher_int.c,
7211 lib/gnutls_cryptodev.h, lib/gnutls_errors.c, lib/gnutls_global.c,
7212 lib/gnutls_hash_int.c, lib/gnutls_hash_int.h,
7213 lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
7214 lib/libgnutls.map, src/Makefile.am, src/benchmark.c: Added cryptodev
7215 support (/dev/crypto). Tested with
7216 http://www.logix.cz/michal/devel/cryptodev/. Added benchmark
7217 utility for AES. Exported API to access encryption algorithms.
7219 2009-11-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7221 * NEWS: Documented certtool's certificate request generation fix.
7223 2009-11-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7225 * lib/x509/mpi.c: Corrected two issues that affected certificate
7226 request generation. 1. Null padding is added on integers (found thanks to Wilankar
7227 Trupti <trupti.wilankar@hp.com>) 2. In optional SignatureAlgorithm parameters field for DSA keys the
7228 DSA parameters were added. Those were rejected by verisign. Gnutls
7229 no longer adds those parameters there since other implementations
7230 don't do either and having them does not seem to offer anything
7231 (anyway you need the signer's certificate to verify thus public key
7234 2009-11-27 Simon Josefsson <simon@josefsson.org>
7236 * doc/manpages/Makefile.am, tests/key-id/key-id,
7237 tests/nist-pkits/gnutls_test_entry, tests/x509paths/chain: More
7238 fixes of grep -q problem.
7240 2009-11-27 Simon Josefsson <simon@josefsson.org>
7244 2009-11-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7246 * src/certtool-gaa.c, src/certtool-gaa.h, src/certtool.c,
7247 src/certtool.gaa: Allow exporting of Certificate requests to DER
7248 format. Added option --no-crq-extensions to avoid adding extensions
7251 2009-11-23 Simon Josefsson <simon@josefsson.org>
7253 * tests/rfc2253-escape-test: Don't use 'grep -q', to fix portability
7254 to OpenSolaris. Reported by "Dr. David Kirkby" <david.kirkby@onetel.net> in
7256 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3993>.
7258 2009-11-16 Simon Josefsson <simon@josefsson.org>
7260 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
7261 libextra/configure.ac: Bump versions.
7263 2009-11-15 Simon Josefsson <simon@josefsson.org>
7265 * doc/guile.texi: Doc fix.
7267 2009-11-15 Simon Josefsson <simon@josefsson.org>
7269 * gl/Makefile.am, gl/intprops.h, gl/m4/sys_stat_h.m4,
7270 gl/m4/unistd_h.m4, gl/sys_stat.in.h, gl/unistd.in.h,
7271 gl/version-etc.c, lib/gl/Makefile.am, lib/gl/m4/sys_stat_h.m4,
7272 lib/gl/m4/unistd_h.m4, lib/gl/sys_stat.in.h,
7273 lib/gl/tests/intprops.h, lib/gl/unistd.in.h, maint.mk: Update gnulib
7276 2009-11-09 Simon Josefsson <simon@josefsson.org>
7278 * ChangeLog: Generated.
7280 2009-11-09 Simon Josefsson <simon@josefsson.org>
7282 * NEWS: Version 2.9.9.
7284 2009-11-09 Simon Josefsson <simon@josefsson.org>
7286 * build-aux/pmccabe2html, gl/Makefile.am, gl/getpagesize.c,
7287 gl/m4/getpagesize.m4, gl/m4/gnulib-comp.m4, gl/tests/test-fseeko.c,
7288 lib/gl/Makefile.am, lib/gl/getpagesize.c, lib/gl/m4/getpagesize.m4,
7289 lib/gl/m4/gnulib-comp.m4, lib/gl/tests/test-fseeko.c: Update gnulib
7292 2009-11-09 Simon Josefsson <simon@josefsson.org>
7296 2009-11-09 Simon Josefsson <simon@josefsson.org>
7298 * src/certtool.c: Cleanup header inclusion.
7300 2009-11-09 Simon Josefsson <simon@josefsson.org>
7304 2009-11-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7306 * lib/gnutls_algorithms.c: More dead code removed. Based on
7307 suggestions by Steve Grubb and Tomaz Mraz
7309 2009-11-06 Simon Josefsson <simon@josefsson.org>
7313 2009-11-06 Simon Josefsson <simon@josefsson.org>
7315 * configure.ac, m4/valgrind.m4: Fix --disable-valgrind-tests.
7317 2009-11-06 Simon Josefsson <simon@josefsson.org>
7319 * gl/tests/Makefile.am: Update gnulib files.
7321 2009-11-06 Simon Josefsson <simon@josefsson.org>
7323 * gl/m4/getaddrinfo.m4, gl/m4/gnulib-comp.m4, maint.mk: Update
7326 2009-11-06 Simon Josefsson <simon@josefsson.org>
7328 * src/Makefile.am: Link to libgcrypt explicitly when libgcrypt
7331 2009-11-06 Simon Josefsson <simon@josefsson.org>
7333 * src/certtool.c, src/serv.c: Fix libgcrypt usage.
7335 2009-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7337 * lib/gnutls_handshake.c: Simplified code which was based on older
7338 version of internal structures. Based on observations by Steve
7339 Grubb and Tomas Mraz.
7341 2009-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7343 * NEWS: Corrected bug fix author.
7345 2009-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7347 * NEWS: Documented previous commit.
7349 2009-11-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7351 * lib/auth_cert.c, lib/gnutls_constate.c, lib/gnutls_sig.c,
7352 libextra/gnutls_openssl.c, src/certtool.c, src/cfg/cfg+.c,
7353 src/cfg/platon/str/strdyn.c, src/serv.c: Cleanups and several bug
7354 fixes found by Tomas Mraz. "I've patched the following problems in the code found by review of
7355 gnutls-2.8.5 code done by Steve Grubb. See the patch attached. The gnutls_constate.c bug might be potentially serious so I've
7356 decided to mail it to you directly, not to the public mailing list. The auth_cert.c change is just cleanup of the code. In gnutls_openssl.c I've just fixed the potential crasher, correct
7357 fix would require using asprintf or precomputed length of the buffer
7358 to allocate a memory. The certtool.c change is again just a cleanup."
7360 2009-11-05 Simon Josefsson <simon@josefsson.org>
7362 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
7363 libextra/configure.ac: Bump versions.
7365 2009-11-05 Simon Josefsson <simon@josefsson.org>
7367 * ChangeLog: Generated.
7369 2009-11-05 Simon Josefsson <simon@josefsson.org>
7371 * NEWS: Version 2.9.8.
7373 2009-11-05 Simon Josefsson <simon@josefsson.org>
7375 * lib/gl/tests/test-func.c: Update gnulib files.
7377 2009-11-05 Simon Josefsson <simon@josefsson.org>
7379 * gl/m4/gnulib-comp.m4, gl/m4/inet_ntop.m4, gl/m4/inet_pton.m4,
7380 gl/tests/Makefile.am, gl/tests/test-inet_ntop.c,
7381 gl/tests/test-inet_pton.c, gl/tests/test-sys_socket.c,
7382 lib/gl/tests/test-func.c, lib/gl/tests/test-sys_socket.c,
7383 libextra/gl/md5.c: Update gnulib files.
7385 2009-11-05 Simon Josefsson <simon@josefsson.org>
7387 * lib/m4/hooks.m4: Make sure libgcrypt's dependency on libgpg-error
7390 2009-11-05 Simon Josefsson <simon@josefsson.org>
7392 * doc/manpages/Makefile.am: Fix API name change.
7394 2009-11-05 Simon Josefsson <simon@josefsson.org>
7396 * doc/gnutls.texi: Fix API name change.
7398 2009-11-05 Simon Josefsson <simon@josefsson.org>
7400 * doc/examples/ex-cert-select.c, doc/examples/ex-client-psk.c,
7401 doc/examples/ex-pkcs12.c, doc/examples/ex-serv-anon.c,
7402 doc/examples/ex-serv-export.c, doc/examples/ex-serv-pgp.c,
7403 doc/examples/ex-serv-psk.c, doc/examples/ex-serv-srp.c,
7404 doc/examples/ex-serv1.c, guile/src/core.c, lib/auth_cert.c,
7405 lib/auth_dhe.c, lib/auth_rsa_export.c, lib/auth_srp.c,
7406 lib/auth_srp_passwd.c, lib/auth_srp_rsa.c, lib/ext_cert_type.c,
7407 lib/ext_server_name.c, lib/ext_session_ticket.c,
7408 lib/ext_signature.c, lib/gnutls_algorithms.c, lib/gnutls_buffers.c,
7409 lib/gnutls_cert.c, lib/gnutls_cipher.c, lib/gnutls_errors.c,
7410 lib/gnutls_extensions.c, lib/gnutls_handshake.c,
7411 lib/gnutls_hash_int.c, lib/gnutls_mpi.c, lib/gnutls_priority.c,
7412 lib/gnutls_psk.c, lib/gnutls_record.c, lib/gnutls_session_pack.c,
7413 lib/gnutls_sig.c, lib/gnutls_state.c, lib/gnutls_str.c,
7414 lib/gnutls_supplemental.c, lib/gnutls_ui.c, lib/gnutls_x509.c,
7415 lib/minitasn1/decoding.c, lib/opencdk/armor.c, lib/opencdk/keydb.c,
7416 lib/opencdk/literal.c, lib/opencdk/misc.c,
7417 lib/opencdk/new-packet.c, lib/opencdk/read-packet.c,
7418 lib/opencdk/sig-check.c, lib/opencdk/stream.c,
7419 lib/opencdk/verify.c, lib/openpgp/gnutls_openpgp.c,
7420 lib/openpgp/output.c, lib/openpgp/pgp.c, lib/x509/crq.c,
7421 lib/x509/dn.c, lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c,
7422 lib/x509/privkey_pkcs8.c, lib/x509/verify.c, lib/x509/x509_write.c,
7423 libextra/gl/md5.c, libextra/gnutls_openssl.c, src/certtool-cfg.c,
7424 src/cli.c, src/common.c, src/crypt.c, src/psk.c, src/serv.c,
7425 tests/anonself.c, tests/chainverify.c, tests/crq_apis.c,
7426 tests/cve-2008-4989.c, tests/cve-2009-1415.c, tests/dhepskself.c,
7427 tests/dn2.c, tests/finished.c, tests/hostname-check.c,
7428 tests/mini-eagain.c, tests/mini.c, tests/nul-in-x509-names.c,
7429 tests/openpgpself.c, tests/oprfi.c, tests/pkcs12_encode.c,
7430 tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c, tests/pskself.c,
7431 tests/resume.c, tests/tlsia.c, tests/x509_altname.c,
7432 tests/x509dn.c, tests/x509self.c, tests/x509sign-verify.c,
7433 tests/x509signself.c: Indent code.
7435 2009-11-05 Simon Josefsson <simon@josefsson.org>
7437 * doc/examples/ex-cert-select.c, src/cli.c: Fix API name change.
7439 2009-11-05 Simon Josefsson <simon@josefsson.org>
7441 * NEWS, doc/manpages/Makefile.am, lib/ext_signature.c,
7442 lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Fix NEWS blurb.
7443 Shorten new API name.
7445 2009-11-05 Simon Josefsson <simon@josefsson.org>
7447 * lib/ext_signature.c: Doc fix, add Since tag.
7449 2009-11-05 Simon Josefsson <simon@josefsson.org>
7451 * lib/ext_signature.c: Indent code.
7453 2009-11-05 Simon Josefsson <simon@josefsson.org>
7455 * gl/m4/inet_ntop.m4, gl/m4/inet_pton.m4: Fix compile error. Tiny patch by Brad Hards <bradh@frogmouth.net> in
7457 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3943>.
7459 2009-11-05 Simon Josefsson <simon@josefsson.org>
7461 * lib/ext_signature.c: Fix compile errors. Tiny patch from Brad Hards <bradh@frogmouth.net> in
7463 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3942>.
7465 2009-11-05 Simon Josefsson <simon@josefsson.org>
7467 * lib/auth_cert.c: Fix compile errors. Tiny patch from Brad Hards <bradh@frogmouth.net> in
7469 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3941>.
7471 2009-11-05 Simon Josefsson <simon@josefsson.org>
7473 * gl/Makefile.am, gl/m4/stdlib_h.m4, gl/stdlib.in.h,
7474 gl/tests/test-getaddrinfo.c, lib/gl/Makefile.am,
7475 lib/gl/m4/stdlib_h.m4, lib/gl/stdlib.in.h: Update gnulib files.
7477 2009-11-05 Simon Josefsson <simon@josefsson.org>
7481 2009-11-05 Simon Josefsson <simon@josefsson.org>
7483 * lib/po/vi.po.in: Sync with TP.
7485 2009-11-03 Simon Josefsson <simon@josefsson.org>
7487 * doc/examples/Makefile.am, src/Makefile.am, tests/Makefile.am: Use
7488 INET_NTOP_LIB and INET_PTON_LIB.
7490 2009-11-03 Simon Josefsson <simon@josefsson.org>
7492 * build-aux/pmccabe2html, build-aux/useless-if-before-free,
7493 gl/m4/fseeko.m4, gl/m4/gnulib-comp.m4, gl/m4/inet_ntop.m4,
7494 gl/m4/inet_pton.m4, gl/m4/pmccabe2html.m4, gl/m4/ungetc.m4,
7495 gl/sockets.c, gl/stdio.in.h, gl/sys_stat.in.h,
7496 gl/tests/test-arpa_inet.c, gl/tests/test-getaddrinfo.c,
7497 gl/tests/test-getdelim.c, gl/tests/test-getline.c,
7498 gl/tests/test-gettimeofday.c, gl/tests/test-memchr.c,
7499 gl/tests/test-netinet_in.c, gl/tests/test-select-stdin.c,
7500 gl/tests/test-select.c, gl/tests/test-sockets.c,
7501 gl/tests/test-stddef.c, gl/tests/test-stdint.c,
7502 gl/tests/test-stdio.c, gl/tests/test-stdlib.c,
7503 gl/tests/test-strerror.c, gl/tests/test-string.c,
7504 gl/tests/test-sys_select.c, gl/tests/test-sys_socket.c,
7505 gl/tests/test-sys_stat.c, gl/tests/test-sys_time.c,
7506 gl/tests/test-time.c, gl/tests/test-unistd.c,
7507 gl/tests/test-version-etc.c, gl/tests/test-wchar.c,
7508 lib/gl/m4/fseeko.m4, lib/gl/m4/ungetc.m4, lib/gl/sockets.c,
7509 lib/gl/stdio.in.h, lib/gl/sys_stat.in.h,
7510 lib/gl/tests/test-memchr.c, lib/gl/tests/test-sockets.c,
7511 lib/gl/tests/test-stddef.c, lib/gl/tests/test-stdint.c,
7512 lib/gl/tests/test-stdio.c, lib/gl/tests/test-stdlib.c,
7513 lib/gl/tests/test-string.c, lib/gl/tests/test-strverscmp.c,
7514 lib/gl/tests/test-sys_socket.c, lib/gl/tests/test-sys_stat.c,
7515 lib/gl/tests/test-time.c, lib/gl/tests/test-unistd.c,
7516 lib/gl/tests/test-wchar.c, libextra/gl/md5.c, maint.mk: Update
7519 2009-11-02 Simon Josefsson <simon@josefsson.org>
7523 2009-11-02 Simon Josefsson <simon@josefsson.org>
7525 * tests/chainverify.c: Fix time bomb in chainverify self-test. Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
7527 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3925>.
7529 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7531 * NEWS: Documented change for certificate retrieval callbacks.
7533 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7535 * src/cli.c: do not use gnutls_x509_crt_get_signature_algorithm() on
7538 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7540 * lib/auth_cert.c: Do not check signature algorithms for certificate
7541 selection when using openpgp certificates.
7543 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7545 * doc/manpages/gnutls-cli.1: Avoid code duplication by using all the
7546 functions defined in gnutls_algorithms to map from TLS 1.2 signature
7547 algorithm numbers to gnutls signature algorithms. Added minimal documentation for SIGN-* in gnutls-cli priority
7548 strings. Corrected bug in signature algorithm extension generation.
7550 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7552 * lib/auth_cert.c, lib/auth_dhe.c, lib/ext_signature.c,
7553 lib/ext_signature.h, lib/gnutls_algorithms.c,
7554 lib/gnutls_algorithms.h, lib/gnutls_int.h, lib/gnutls_sig.c: Avoid
7555 code duplication by using all the functions defined in
7556 gnutls_algorithms to map from TLS 1.2 signature algorithm numbers to
7557 gnutls signature algorithms. Added minimal documentation for SIGN-* in gnutls-cli priority
7558 strings. Corrected bug in signature algorithm extension generation.
7560 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7562 * lib/auth_cert.c, lib/auth_dhe.c, lib/auth_rsa_export.c,
7563 lib/auth_srp_rsa.c, lib/gnutls_sig.c, lib/gnutls_sig.h: Rationalized
7564 function names for signature generation and verification during
7565 handshake. _gnutls_tls_sign_hdata ->
7566 _gnutls_handshake_sign_cert_vrfy _gnutls_verify_sig_hdata ->
7567 _gnutls_handshake_verify_cert_vrfy _gnutls_tls_sign_params ->
7568 _gnutls_handshake_sign_data _gnutls_verify_sig_params ->
7569 _gnutls_handshake_verify_data
7571 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7573 * lib/ext_signature.c: Do not output error if a server replies with
7574 a SignatureAlgorithms extension.
7576 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7578 * tests/dn2.c, tests/pathlen/ca-no-pathlen.pem: RSA_SHA -> RSA_SHA1
7580 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7582 * NEWS: Documented memory leak fix.
7584 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7586 * NEWS, doc/examples/ex-cert-select.c, doc/gnutls.texi,
7587 lib/auth_cert.c, lib/ext_cert_type.c, lib/ext_cert_type.h,
7588 lib/ext_signature.c, lib/ext_signature.h, lib/gnutls_alert.c,
7589 lib/gnutls_sig.c, lib/gnutls_state.c, lib/gnutls_state.h,
7590 lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli.c: Final
7591 touch on signature algorithms in TLS 1.2 support. Added function
7592 gnutls_session_sign_algorithm_get_requested() for callbacks to be
7593 able to verify they return a correct certificate as well as
7594 documentation for its usage.
7596 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7598 * lib/Makefile.am, lib/auth_cert.c, lib/auth_cert.h,
7599 lib/ext_signature.c, lib/ext_signature.h, lib/gnutls_algorithms.c,
7600 lib/gnutls_algorithms.h, lib/gnutls_cert.c, lib/gnutls_cert.h,
7601 lib/gnutls_errors.c, lib/gnutls_extensions.c,
7602 lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_priority.c,
7603 lib/gnutls_sig.c, lib/gnutls_sig.h, lib/gnutls_state.c,
7604 lib/gnutls_state.h, lib/gnutls_x509.c,
7605 lib/includes/gnutls/gnutls.h.in, lib/openpgp/gnutls_openpgp.c:
7606 Improved TLS 1.2 support. Added support for the SignatureAlgorithm
7607 extension as well for the SignatureAlgorithm in certificate request. Limitation for TLS 1.2 clients: Only SHA1 or SHA256 are supported for generating signatures in
7608 certificate verify message. That is to avoid storing all handshake
7609 messages in memory. To be reconsidered in the future.
7611 2009-11-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7613 * lib/gnutls_global.c: fixes in order to compile with -Werror
7615 2009-10-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7617 * lib/ext_cert_type.c, lib/gnutls_cipher.c: remove unnessesary
7620 2009-10-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7622 * lib/ext_cert_type.c: correctly check extension size.
7624 2009-10-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7626 * NEWS, lib/gnutls_handshake.c: When resuming a session do not
7627 overwrite the initial session data with resumed session data.
7628 Discovered on discussion at help-gnutls with Sebastien Decugis.
7630 2009-10-26 Simon Josefsson <simon@josefsson.org>
7632 * lib/gnutls_cipher.c, lib/gnutls_handshake.c, src/certtool.c: Fix
7633 code style so it compiles with gcc 4.4 with warnings.
7635 2009-10-26 Simon Josefsson <simon@josefsson.org>
7637 * gl/Makefile.am, gl/m4/sys_stat_h.m4, gl/sys_stat.in.h,
7638 lib/gl/Makefile.am, lib/gl/m4/sys_stat_h.m4, lib/gl/sys_stat.in.h:
7639 Update gnulib files.
7641 2009-10-26 Simon Josefsson <simon@josefsson.org>
7643 * .gitignore: Drop unknown mini-hfail.
7645 2009-10-26 Simon Josefsson <simon@josefsson.org>
7649 2009-10-25 Daiki Ueno <ueno@unixuser.org>
7651 * lib/gnutls_handshake.c: Enable ClientHello to carry arbitrary
7652 length extension data.
7654 2009-10-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7656 * lib/includes/gnutls/pkcs12.h, lib/pkix.asn, lib/pkix_asn1_tab.c,
7657 lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c, lib/x509/x509_int.h,
7658 src/certtool.c: Added GNUTLS_BAG_SECRET that adds support for
7659 storing a randomly generated key into a PKCS-12 structure. This is a
7660 gnutls extension, since PKCS-12 does not specify what should be in
7661 the secret bag. What we do is store the key as OCTET string and
7662 specify an OID of the PKCS-9 random nonce.
7664 2009-10-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7666 * NEWS, lib/x509/privkey_pkcs8.c: Corrected warnings in picky
7667 compilers and rearanged code.
7669 2009-10-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7671 * doc/manpages/certtool.1, lib/cipher-libgcrypt.c,
7672 lib/gnutls_algorithms.c, lib/includes/gnutls/gnutls.h.in,
7673 lib/includes/gnutls/x509.h, lib/pkix.asn, lib/pkix_asn1_tab.c,
7674 lib/x509/pkcs12_bag.c, lib/x509/privkey_pkcs8.c,
7675 lib/x509/x509_int.h, src/certtool-gaa.c, src/certtool-gaa.h,
7676 src/certtool.c, src/certtool.gaa: Added support for the AES family
7677 of ciphers in the PKCS8 and 12 encryption options.
7679 2009-10-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7681 * .gitignore: Do not print auto-generated files.
7683 2009-10-23 Simon Josefsson <simon@josefsson.org>
7687 2009-10-23 Simon Josefsson <simon@josefsson.org>
7689 * lib/gnutlsxx.cpp: Fix forgotten braces. Reported by Jason Pettiss <jpettiss@yahoo.com>.
7691 2009-10-23 Simon Josefsson <simon@josefsson.org>
7693 * lib/gnutlsxx.cpp: Indent code.
7695 2009-10-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7697 * lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_cipher.c,
7698 lib/gnutls_handshake.c, lib/gnutls_handshake.h,
7699 lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_int.h,
7700 lib/gnutls_sig.c, lib/gnutls_state.c: 1. Fix for memory leaks on interrupted handshake. 2. Fixes issue where a TLS 1.2 client will wrongly calculate hashes
7701 if the server will select a different than 1.2 protocol. 3. In TLS 1.2 when a certificate request is sent, support is not
7702 complete. In that case abort the handshake. By checking TLS 1.2 it
7703 seems that the algorithms to be used for the signature in the
7704 certificate verify message are negotiated not at the client/server
7705 hello messages but rather selected by the server at the certificate
7706 request. This might not look as bad, but since in this message we
7707 have to sign all previous handshake messages, it forces us to keep
7708 all the handshake messages into a buffer until this point... I don't
7709 know who proposed this change to the TLS WG, but it seems it wasn't
7712 2009-10-20 Simon Josefsson <simon@josefsson.org>
7714 * tests/chainverify.c: Fix expired cert.
7716 2009-10-16 Simon Josefsson <simon@josefsson.org>
7718 * src/cli.c: Make sure we use libgcrypt correctly.
7720 2009-10-15 Simon Josefsson <simon@josefsson.org>
7722 * gl/m4/time_h.m4: Update gnulib files.
7724 2009-10-15 Simon Josefsson <simon@josefsson.org>
7726 * gl/Makefile.am, gl/m4/gnulib-comp.m4, gl/m4/sys_stat_h.m4,
7727 gl/sys_stat.in.h, gl/tests/Makefile.am, gl/tests/test-sys_stat.c,
7728 gl/tests/test-time.c, gl/time.in.h, gl/unistd.in.h,
7729 lib/gl/Makefile.am, lib/gl/m4/gnulib-comp.m4,
7730 lib/gl/m4/sys_stat_h.m4, lib/gl/sys_stat.in.h,
7731 lib/gl/tests/test-sys_stat.c, lib/gl/unistd.in.h: Update gnulib
7734 2009-10-15 Simon Josefsson <simon@josefsson.org>
7736 * lib/libgnutlsxx.map: Export C++ symbol visibility. Tiny patch from Boyan Kasarov <bkasarov@gmail.com>.
7738 2009-10-14 Simon Josefsson <simon@josefsson.org>
7740 * lib/pkix_asn1_tab.c: Regenerate.
7742 2009-10-14 Simon Josefsson <simon@josefsson.org>
7746 2009-10-14 Simon Josefsson <simon@josefsson.org>
7748 * tests/pkcs12_encode.c: Fix MAC password.
7750 2009-10-14 Simon Josefsson <simon@josefsson.org>
7752 * tests/pkcs12_encode.c: Use better friendly names.
7754 2009-10-14 Simon Josefsson <simon@josefsson.org>
7756 * tests/Makefile.am, tests/pkcs12_encode.c: Add self test to test
7759 2009-10-14 Simon Josefsson <simon@josefsson.org>
7761 * lib/pkix.asn: Work around 'Cannot find OID: 1.2.840.113549.1.9.21'
7762 PKCS#12 problem. Reported by Michael Welsh Duggan <mwd@cert.org> in
7763 <http://permalink.gmane.org/gmane.network.gnutls.general/1786>.
7765 2009-10-14 Simon Josefsson <simon@josefsson.org>
7767 * doc/gnutls.texi: Mention that sometimes CA certs needs to be
7768 included in PKCS#12 files. Reported by Ivars Suba <Ivars.Suba@bank.lv>.
7770 2009-10-07 Simon Josefsson <simon@josefsson.org>
7772 * lib/gnutls_priority.c: After setting priorities using new API,
7773 update current TLS version.
7775 2009-10-06 Simon Josefsson <simon@josefsson.org>
7777 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
7778 libextra/configure.ac: Bump versions.
7780 2009-10-06 Simon Josefsson <simon@josefsson.org>
7782 * ChangeLog: Generated.
7784 2009-10-06 Simon Josefsson <simon@josefsson.org>
7786 * NEWS: Version 2.9.7.
7788 2009-10-06 Simon Josefsson <simon@josefsson.org>
7790 * gl/Makefile.am, gl/m4/gnulib-comp.m4, gl/m4/stdio_h.m4,
7791 gl/m4/unistd_h.m4, gl/progname.c, gl/stdio.in.h, gl/unistd.in.h,
7792 lib/gl/Makefile.am, lib/gl/m4/stdio_h.m4, lib/gl/m4/unistd_h.m4,
7793 lib/gl/stdio.in.h, lib/gl/unistd.in.h, maint.mk: Update gnulib
7796 2009-10-06 Simon Josefsson <simon@josefsson.org>
7800 2009-10-06 Simon Josefsson <simon@josefsson.org>
7802 * lib/libgnutlsxx.map: Fix symbol export rules. Tiny patch by Boyan Kasarov <bkasarov@gmail.com>.
7804 2009-10-06 Simon Josefsson <simon@josefsson.org>
7806 * lib/gnutlsxx.cpp: Include config.h. Tiny patch from Boyan Kasarov <bkasarov@gmail.com>.
7808 2009-10-01 Daiki Ueno <ueno@unixuser.org>
7810 * lib/gnutls_sig.c: Reserve enough room for hash buffers. This fixes x509self self-test.
7812 2009-09-30 Simon Josefsson <simon@josefsson.org>
7814 * gl/Makefile.am, gl/m4/sys_stat_h.m4, gl/m4/unistd_h.m4,
7815 gl/tests/Makefile.am, gl/unistd.in.h, lib/gl/Makefile.am,
7816 lib/gl/m4/sys_stat_h.m4, lib/gl/m4/unistd_h.m4,
7817 lib/gl/tests/Makefile.am, lib/gl/unistd.in.h: Update gnulib files.
7819 2009-09-30 Simon Josefsson <simon@josefsson.org>
7823 2009-09-30 Simon Josefsson <simon@josefsson.org>
7825 * lib/gnutls_priority.c: Attempt to negotiate TLS 1.2 by default.
7827 2009-09-30 Simon Josefsson <simon@josefsson.org>
7831 2009-09-30 Simon Josefsson <simon@josefsson.org>
7833 * lib/auth_cert.c: Fix comment.
7835 2009-09-30 Daiki Ueno <ueno@unixuser.org>
7837 * lib/auth_cert.c, lib/auth_dhe.c, lib/auth_rsa_export.c,
7838 lib/auth_srp_rsa.c, lib/gnutls_sig.c, lib/gnutls_sig.h: Fix
7839 server-side TLS 1.2 support.
7841 2009-09-30 Daiki Ueno <ueno@unixuser.org>
7843 * lib/gnutls_sig.c: Calculate DER-encoded DigestInfo on-the-fly
7844 rather than hard code it.
7846 2009-09-28 Ludovic Courtès <ludo@gnu.org>
7848 * configure.ac, guile/src/core.c: guile: Adjust for Guile 1.9.3+. * guile/src/core.c (mark_session_record_port,
7849 free_session_record_port): Conditionalize on `SCM_MAJOR_VERSION == 1
7850 && SCM_MINOR_VERSION <= 8'. (scm_init_gnutls_session_record_port_type): Adjust accordingly. (make_session_record_port): Use `scm_gc_malloc_pointerless ()'
7853 2009-09-28 Ludovic Courtès <ludo@gnu.org>
7855 * guile/src/core.c: guile: Syntactic nitpicking. * guile/src/core.c (SCM_GNUTLS_MAKE_SESSION_DATA, SCM_GNUTLS_SET_SESSION_RECORD_PORT): Remove extraneous semicolon.
7857 2009-09-28 Ludovic Courtès <ludo@gnu.org>
7859 * guile/src/core.c: guile: Use Guile's malloc routines. * guile/src/core.c (scm_init_gnutls): Use Guile's malloc routines.
7861 2009-09-23 Simon Josefsson <simon@josefsson.org>
7863 * lib/ext_server_name.c: Clarify gnutls_server_name_set usage. Reported by Daniel Black <daniel@cacert.org> in
7865 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3878>.
7867 2009-09-23 Ludovic Courtès <ludo@gnu.org>
7869 * guile/src/core.c: Fix integer/pointer cast warnings in the Guile
7870 bindings on x86_64. * guile/src/core.c (do_fill_port, fill_session_record_port_input, scm_gnutls_set_session_transport_fd_x): Make sure pointer/integer
7871 casts use integers of the right size.
7873 2009-09-23 Ludovic Courtès <ludo@gnu.org>
7875 * guile/src/extra.c: Update Guile bindings to the current OpenPGP
7876 API. * guile/src/extra.c (scm_gnutls_openpgp_certificate_id, scm_gnutls_openpgp_certificate_id_x): Use the newer `gnutls_openpgp_crt_get_key_id ()'.
7878 2009-09-23 Ludovic Courtès <ludo@gnu.org>
7880 * doc/Makefile.am, guile/src/Makefile.am, guile/tests/Makefile.am:
7881 Turn off auto-compilation when using Guile 1.9+. * guile/src/Makefile.am (GUILE_FOR_BUILD): Turn off auto-compilation with Guile 1.9+. * guile/tests/Makefile.am (TESTS_ENVIRONMENT): Likewise. * doc/Makefile.am (GUILE_FOR_BUILD): Likewise.
7883 2009-09-23 Ludovic Courtès <ludo@gnu.org>
7885 * guile/src/core.c, guile/src/errors.c, guile/src/extra.c,
7886 guile/src/utils.c, guile/src/utils.h: Fix inclusion of <config.h> in
7887 Guile bindings. * guile/src/core.c, guile/src/errors.c, guile/src/extra.c, guile/src/utils.c: Include <config.h> first, as suggested by Simon Josefsson. * guile/src/utils.h: Don't include <config.h>.
7889 2009-09-22 Simon Josefsson <simon@josefsson.org>
7891 * gl/unistd.in.h, lib/gl/unistd.in.h: Update gnulib files.
7893 2009-09-22 Simon Josefsson <simon@josefsson.org>
7895 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
7896 libextra/configure.ac: Bump versions.
7898 2009-09-22 Simon Josefsson <simon@josefsson.org>
7900 * build-aux/gendocs.sh: Chmod.
7902 2009-09-22 Simon Josefsson <simon@josefsson.org>
7904 * ChangeLog: Generated.
7906 2009-09-22 Simon Josefsson <simon@josefsson.org>
7908 * NEWS: Version 2.9.6.
7910 2009-09-22 Simon Josefsson <simon@josefsson.org>
7912 * gl/Makefile.am, gl/m4/getdelim.m4, gl/m4/stdio_h.m4,
7913 gl/m4/stdlib_h.m4, gl/m4/sys_stat_h.m4, gl/m4/unistd_h.m4,
7914 gl/stdio.in.h, gl/stdlib.in.h, gl/sys_stat.in.h, gl/unistd.in.h,
7915 lib/gl/Makefile.am, lib/gl/m4/stdio_h.m4, lib/gl/m4/stdlib_h.m4,
7916 lib/gl/m4/sys_stat_h.m4, lib/gl/m4/unistd_h.m4, lib/gl/stdio.in.h,
7917 lib/gl/stdlib.in.h, lib/gl/sys_stat.in.h, lib/gl/unistd.in.h,
7918 maint.mk: Update gnulib files.
7920 2009-09-13 Brad Hards <bradh@frogmouth.net>
7922 * lib/x509/x509.c: Add forgotten documentation bits for issuer
7923 altname Signed-off-by: Simon Josefsson <simon@josefsson.org>
7925 2009-09-11 Simon Josefsson <simon@josefsson.org>
7927 * build-aux/gendocs.sh, gl/m4/getaddrinfo.m4, gl/m4/getline.m4,
7928 gl/m4/readline.m4, gl/m4/select.m4, gl/m4/sockets.m4,
7929 gl/m4/socklen.m4, gl/m4/sockpfaf.m4, lib/gl/m4/sockets.m4,
7930 lib/gl/m4/socklen.m4, lib/gl/m4/sockpfaf.m4, lib/gl/m4/time_r.m4:
7931 Update gnulib files.
7933 2009-09-11 Simon Josefsson <simon@josefsson.org>
7935 * lib/gnutls_cipher.c: Add debug message. Tiny patch from Miroslav
7936 Kratochvil <exa.exa@gmail.com> in
7937 <http://thread.gmane.org/gmane.network.gnutls.general/1758>.
7939 2009-09-11 Daiki Ueno <ueno@unixuser.org>
7941 * lib/Makefile.am: Fix out-of-tree build. Fix out-of-tree build; gnutls.h is generated in the build tree.
7943 2009-09-10 Simon Josefsson <simon@josefsson.org>
7945 * NEWS, lib/m4/hooks.m4: Enable Camellia by default.
7947 2009-09-10 Simon Josefsson <simon@josefsson.org>
7949 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
7950 libextra/configure.ac: Bump versions.
7952 2009-09-10 Simon Josefsson <simon@josefsson.org>
7954 * ChangeLog: Generated.
7956 2009-09-10 Simon Josefsson <simon@josefsson.org>
7958 * NEWS: Version 2.9.5.
7960 2009-09-10 Simon Josefsson <simon@josefsson.org>
7962 * configure.ac: Bump version.
7964 2009-09-10 Simon Josefsson <simon@josefsson.org>
7966 * gl/Makefile.am, gl/m4/stdio_h.m4, gl/m4/string_h.m4,
7967 gl/m4/sys_stat_h.m4, gl/m4/unistd_h.m4, gl/stdio.in.h,
7968 gl/string.in.h, gl/sys_stat.in.h, gl/unistd.in.h,
7969 lib/gl/Makefile.am, lib/gl/m4/stdio_h.m4, lib/gl/m4/string_h.m4,
7970 lib/gl/m4/sys_stat_h.m4, lib/gl/m4/unistd_h.m4, lib/gl/stdio.in.h,
7971 lib/gl/string.in.h, lib/gl/sys_stat.in.h, lib/gl/unistd.in.h,
7972 maint.mk: Update gnulib files.
7974 2009-09-10 Simon Josefsson <simon@josefsson.org>
7978 2009-09-10 Simon Josefsson <simon@josefsson.org>
7982 2009-09-10 Simon Josefsson <simon@josefsson.org>
7984 * lib/m4/hooks.m4: Bump library version for new APIs.
7986 2009-09-10 Simon Josefsson <simon@josefsson.org>
7988 * lib/x509/output.c, lib/x509/x509.c: Indent.
7990 2009-09-10 Simon Josefsson <simon@josefsson.org>
7992 * lib/libgnutls.map: Move the new ABIs to the GNUTLS_2_10 section.
7994 2009-09-09 Brad Hards <bradh@frogmouth.net>
7996 * doc/manpages/Makefile.am, lib/includes/gnutls/x509.h,
7997 lib/libgnutls.map, lib/x509/output.c, lib/x509/x509.c,
7998 tests/Makefile.am, tests/x509_altname.c: Add X509 Issuer Altname
7999 functions Signed-off-by: Simon Josefsson <simon@josefsson.org>
8001 2009-09-07 Simon Josefsson <simon@josefsson.org>
8003 * tests/key-id/key-id: Don't use ! to negate exit status. Reported
8004 by "Tom G. Christensen" <tgc@jupiterrise.com> in
8006 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3861>.
8008 2009-09-03 Simon Josefsson <simon@josefsson.org>
8010 * gl/Makefile.am, gl/close.c, gl/inet_ntop.c, gl/inet_pton.c,
8011 gl/m4/sys_stat_h.m4, gl/sys_stat.in.h, gl/tests/Makefile.am,
8012 gl/unistd.in.h, lib/gl/Makefile.am, lib/gl/m4/sys_stat_h.m4,
8013 lib/gl/sys_stat.in.h, lib/gl/unistd.in.h, maint.mk: Update gnulib
8016 2009-09-03 Simon Josefsson <simon@josefsson.org>
8018 * NEWS, lib/configure.ac, lib/m4/hooks.m4, libextra/configure.ac:
8021 2009-09-03 Simon Josefsson <simon@josefsson.org>
8023 * cfg.mk: Commit cyclo/ dir too.
8025 2009-09-03 Simon Josefsson <simon@josefsson.org>
8027 * ChangeLog: Generated.
8029 2009-09-03 Simon Josefsson <simon@josefsson.org>
8031 * NEWS: Version 2.9.4.
8033 2009-09-03 Simon Josefsson <simon@josefsson.org>
8035 * tests/hostname-check.c: Build when OpenPGP is disabled.
8037 2009-09-03 Simon Josefsson <simon@josefsson.org>
8041 2009-09-03 Simon Josefsson <simon@josefsson.org>
8045 2009-09-03 Simon Josefsson <simon@josefsson.org>
8047 * cfg.mk: Ugly hack for autobuilder.
8049 2009-09-01 Simon Josefsson <simon@josefsson.org>
8053 2009-09-01 Simon Josefsson <simon@josefsson.org>
8055 * lib/gnutls_priority.c: Use SHA256 as MAC by default.
8057 2009-09-01 Simon Josefsson <simon@josefsson.org>
8061 2009-09-01 Daiki Ueno <ueno@unixuser.org>
8063 * lib/gnutls_algorithms.c: Add SHA-2 cipher suites. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8065 2009-09-01 Daiki Ueno <ueno@unixuser.org>
8067 * lib/debug.c: Print NewSessionTicket handshake. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8069 2009-08-31 Simon Josefsson <simon@josefsson.org>
8073 2009-08-31 Simon Josefsson <simon@josefsson.org>
8075 * lib/x509/x509.c: Handle XMPP SANs properly. Reported by Howard
8076 Chu <hyc@symas.com> in <https://savannah.gnu.org/support/?106975>.
8078 2009-08-31 Simon Josefsson <simon@josefsson.org>
8080 * lib/auth_dhe.c: Need another header.
8082 2009-08-31 Simon Josefsson <simon@josefsson.org>
8084 * AUTHORS, NEWS: Add.
8086 2009-08-31 Simon Josefsson <simon@josefsson.org>
8088 * lib/gnutls_algorithms.c: Add comment explaining where magic values
8091 2009-08-31 Daiki Ueno <ueno@unixuser.org>
8093 * lib/auth_cert.c: Fix parsing Certificate Request for TLS 1.2. Fix the logic to skip supported_signature_algorithms in Certificate
8094 Request. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8096 2009-08-31 Daiki Ueno <ueno@unixuser.org>
8098 * lib/gnutls_handshake.c, lib/gnutls_pk.c, lib/gnutls_state.c: Use
8099 SHA256 for PRF if TLS 1.2. Use SHA256 for the basis of PRF, and for the hash over handshake
8100 messages. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8102 2009-08-31 Daiki Ueno <ueno@unixuser.org>
8104 * lib/auth_dhe.c, lib/auth_rsa_export.c, lib/auth_srp_rsa.c,
8105 lib/gnutls_sig.c, lib/gnutls_sig.h: Respect TLS signature algorithm
8106 in server KX. Verify signature of DH parameters in Server Key Exchange with the
8107 embedded signature algorithm. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8109 2009-08-31 Daiki Ueno <ueno@unixuser.org>
8111 * lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
8112 lib/gnutls_int.h: Add functions for TLS signature algorithm. Add functions to convert TLS signature algorithm from/to constants
8113 defined by GnuTLS. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8115 2009-08-31 Simon Josefsson <simon@josefsson.org>
8119 2009-08-31 Simon Josefsson <simon@josefsson.org>
8121 * maint.mk: Update gnulib files.
8123 2009-08-31 Simon Josefsson <simon@josefsson.org>
8127 2009-08-25 Fabian Keil <fk@fabiankeil.de>
8129 * src/serv.c: Remove dead store in listen_socket(). Signed-off-by: Simon Josefsson <simon@josefsson.org>
8131 2009-08-25 Fabian Keil <fk@fabiankeil.de>
8133 * lib/gnutls_buffers.c: Remove dead store in
8134 _gnutls_io_write_buffered(). Signed-off-by: Simon Josefsson <simon@josefsson.org>
8136 2009-08-24 Fabian Keil <fk@fabiankeil.de>
8138 * lib/x509/x509.c: Remove dead store in
8139 gnutls_x509_crt_list_import(). Signed-off-by: Simon Josefsson <simon@josefsson.org>
8141 2009-08-24 Fabian Keil <fk@fabiankeil.de>
8143 * lib/auth_srp_passwd.c: Remove dead store in pwd_put_values(). Signed-off-by: Simon Josefsson <simon@josefsson.org>
8145 2009-08-24 Fabian Keil <fk@fabiankeil.de>
8147 * src/certtool.c: Remove dead store in pkcs12_info(). Signed-off-by: Simon Josefsson <simon@josefsson.org>
8149 2009-08-25 Fabian Keil <fk@fabiankeil.de>
8151 * lib/auth_cert.c: Remove write-only variable info in
8152 _gnutls_proc_cert_cert_req(). Signed-off-by: Simon Josefsson <simon@josefsson.org>
8154 2009-08-25 Fabian Keil <fk@fabiankeil.de>
8156 * lib/auth_rsa_export.c: Remove write-only variable info in
8157 gen_rsa_export_server_kx(). Signed-off-by: Simon Josefsson <simon@josefsson.org>
8159 2009-08-25 Fabian Keil <fk@fabiankeil.de>
8161 * src/cfg/shared.c: Remove write-only variable sep_ar_idx in
8162 split_multi_arg(). Signed-off-by: Simon Josefsson <simon@josefsson.org>
8164 2009-08-24 Fabian Keil <fk@fabiankeil.de>
8166 * lib/x509/pkcs12.c: Remove write-only variable tmp_size in
8167 _pkcs12_decode_safe_content(). Signed-off-by: Simon Josefsson <simon@josefsson.org>
8169 2009-08-29 Fabian Keil <fk@fabiankeil.de>
8171 * THANKS: Remove duplicates. Two exact ones and a pretty close one. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8173 2009-08-25 Fabian Keil <fk@fabiankeil.de>
8175 * lib/auth_srp_passwd.c: Mark what looks like a bug in in
8176 _gnutls_srp_pwd_read_entry() Signed-off-by: Simon Josefsson <simon@josefsson.org>
8178 2009-08-24 Fabian Keil <fk@fabiankeil.de>
8180 * src/crypt.c: In main(), rename salt to salt_size and don't bother
8181 reading info.salt which we don't use anyway. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8183 2009-08-31 Simon Josefsson <simon@josefsson.org>
8185 * lib/opencdk/misc.c: (cdk_strlist_next): Handle NULL root value better. Based on report
8186 by Fabian Keil <fk@fabiankeil.de>.
8188 2009-08-24 Fabian Keil <fk@fabiankeil.de>
8190 * lib/x509/output.c: In print_extensions(), declare the *_idx
8191 variables as int instead of size_t. While it shouldn't make a difference, it makes more sense to me.
8192 It's also consistent with (at least) print_crl(). Signed-off-by: Simon Josefsson <simon@josefsson.org>
8194 2009-08-24 Fabian Keil <fk@fabiankeil.de>
8196 * lib/x509/output.c: In print_extensions(), initialize *_idx
8197 variables once before entering the for loop instead of each run. Otherwise checking them is pointless as they always will be zero. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8199 2009-08-24 Fabian Keil <fk@fabiankeil.de>
8201 * lib/x509/output.c: In print_crq(), initialize challenge and
8202 extensions once before entering the for loop instead of each run. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8204 2009-08-24 Fabian Keil <fk@fabiankeil.de>
8206 * lib/x509/output.c: In print_crl(), initialize aki_idx and crl_nr
8207 once before entering the for loop instead of each run. Otherwise the "error: more than one AKI extension\n" and "error:
8208 more than one CRL number\n" checks want work. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8210 2009-08-28 Simon Josefsson <simon@josefsson.org>
8212 * tests/x509dn.c: Likewise.
8214 2009-08-28 Simon Josefsson <simon@josefsson.org>
8216 * tests/x509dn.c: Don't use deprecated type.
8218 2009-08-28 Simon Josefsson <simon@josefsson.org>
8220 * cfg.mk: Overwrite gettext's size_max.m4 to make sure we use one
8223 2009-08-28 Simon Josefsson <simon@josefsson.org>
8225 * gl/Makefile.am, gl/m4/gnulib-comp.m4, gl/m4/stdlib_h.m4,
8226 gl/m4/sys_socket_h.m4, gl/m4/unistd_h.m4, gl/progname.c,
8227 gl/stdlib.in.h, gl/sys_socket.in.h, gl/tests/Makefile.am,
8228 gl/unistd.in.h, gl/vasnprintf.c, lib/gl/Makefile.am,
8229 lib/gl/m4/stdlib_h.m4, lib/gl/m4/sys_socket_h.m4,
8230 lib/gl/m4/unistd_h.m4, lib/gl/stdlib.in.h, lib/gl/sys_socket.in.h,
8231 lib/gl/tests/test-func.c, lib/gl/unistd.in.h, lib/gl/vasnprintf.c,
8232 libextra/gl/override/lib/md5.c.diff: Update gnulib files.
8234 2009-08-28 Simon Josefsson <simon@josefsson.org>
8236 * configure.ac, lib/configure.ac, lib/gnutls_handshake.c,
8237 lib/gnutls_handshake.h, lib/gnutls_str.h, lib/opencdk/Makefile.am,
8238 lib/x509/privkey_pkcs8.c, libextra/configure.ac: Fix use of
8239 deprecated types, for now and the future.
8241 2009-08-28 Simon Josefsson <simon@josefsson.org>
8245 2009-08-28 Simon Josefsson <simon@josefsson.org>
8247 * lib/x509/crq.c: Fix gnutls_datum usage.
8249 2009-08-28 Simon Josefsson <simon@josefsson.org>
8251 * lib/gnutls_buffers.c, lib/gnutls_pk.c, lib/gnutls_str.c,
8252 lib/gnutls_x509.c, lib/includes/gnutls/gnutls.h.in,
8253 lib/opencdk/pubkey.c, lib/openpgp/gnutls_openpgp.c,
8254 lib/x509/common.c, lib/x509/extensions.c, lib/x509/mpi.c,
8255 lib/x509/privkey_pkcs8.c, lib/x509/x509_write.c, src/certtool.c,
8256 tests/openpgp_test.c, tests/resume.c, tests/x509_test.c,
8257 tests/x509dn.c, tests/x509sign-verify.c: Fix deprecated usage of
8260 2009-08-27 Dan Fandrich <dan@coneharvesters.com>
8262 * lib/opencdk/new-packet.c, lib/opencdk/packet.h,
8263 lib/opencdk/pubkey.c, lib/opencdk/read-packet.c,
8264 lib/opencdk/stream.c, lib/opencdk/stream.h, lib/opencdk/verify.c,
8265 lib/x509/crq.c: Fix compiler warning bugs for OpenWatcom. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8267 2009-08-25 Daiki Ueno <ueno@unixuser.org>
8269 * tests/resume.c: Fix double-free Signed-off-by: Simon Josefsson <simon@josefsson.org>
8271 2009-08-24 Simon Josefsson <simon@josefsson.org>
8273 * .gitattributes: Disable whitespace for file that need it.
8275 2009-08-20 Simon Josefsson <simon@josefsson.org>
8277 * tests/hostname-check.c: Add check of OpenPGP cert too.
8279 2009-08-20 Simon Josefsson <simon@josefsson.org>
8283 2009-08-20 Simon Josefsson <simon@josefsson.org>
8285 * libextra/gl/override/lib/md5.c.diff: Work around whitespace commit
8288 2009-08-20 Simon Josefsson <simon@josefsson.org>
8290 * gl/Makefile.am, gl/m4/stdio_h.m4, gl/select.c, gl/stdio.in.h,
8291 lib/gl/Makefile.am, lib/gl/m4/stdio_h.m4, lib/gl/stdio.in.h,
8292 maint.mk: Update gnulib files.
8294 2009-08-20 Simon Josefsson <simon@josefsson.org>
8296 * libextra/gl/gnulib.mk, libextra/gl/m4/gnulib-cache.m4,
8297 libextra/gl/md5.c, libextra/gl/override/lib/md5.c.diff: Reduce stack
8298 usage and remove code.
8300 2009-08-20 Simon Josefsson <simon@josefsson.org>
8302 * lib/gnutls_int.h: Remove unused constant.
8304 2009-08-20 Simon Josefsson <simon@josefsson.org>
8306 * lib/gnutls_errors.c: Reduce stack usage.
8308 2009-08-20 Simon Josefsson <simon@josefsson.org>
8310 * lib/openpgp/pgp.c: Fix OpenPGP hostname comparison.
8312 2009-08-20 Simon Josefsson <simon@josefsson.org>
8314 * lib/openpgp/output.c, lib/openpgp/pgp.c: Reduce stack usage.
8316 2009-08-20 Simon Josefsson <simon@josefsson.org>
8318 * lib/x509/output.c: Reduce stack usage.
8320 2009-08-20 Simon Josefsson <simon@josefsson.org>
8322 * .x-sc_m4_quote_check, lib/gnutls_sig.c,
8323 lib/opencdk/write-packet.c: Fix syntax-check nits.
8325 2009-08-20 Daiki Ueno <ueno@unixuser.org>
8327 * lib/libgnutls.map, lib/opencdk/keydb.c, tests/dn2.c, tests/mpi.c,
8328 tests/resume.c: Fix memleaks. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8330 2009-08-19 Simon Josefsson <simon@josefsson.org>
8332 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
8333 libextra/configure.ac: Bump versions.
8335 2009-08-19 Simon Josefsson <simon@josefsson.org>
8337 * doc/gnutls.texi: Fix references.
8339 2009-08-19 Simon Josefsson <simon@josefsson.org>
8341 * cfg.mk: Also commit devel/ web pages.
8343 2009-08-19 Simon Josefsson <simon@josefsson.org>
8345 * ChangeLog: Fix ChangeLog.
8347 2009-08-19 Simon Josefsson <simon@josefsson.org>
8349 * ChangeLog: Generated.
8351 2009-08-19 Simon Josefsson <simon@josefsson.org>
8353 * NEWS: Version 2.9.3.
8355 2009-08-19 Simon Josefsson <simon@josefsson.org>
8357 * lib/ext_session_ticket.c: Typo.
8359 2009-08-19 Simon Josefsson <simon@josefsson.org>
8361 * lib/gnutls_sig.c: Need gnutls_algorithms.h for prototypes.
8363 2009-08-19 Simon Josefsson <simon@josefsson.org>
8367 2009-08-18 Jonathan Bastien-Filiatrault <joe@x2a.org>
8369 * lib/auth_cert.c, lib/gnutls_algorithms.c,
8370 lib/gnutls_algorithms.h, lib/gnutls_cipher.c,
8371 lib/gnutls_handshake.c, lib/gnutls_sig.c, lib/gnutls_state.c:
8372 Replace explicit version checks with feature checks Signed-off-by: Simon Josefsson <simon@josefsson.org>
8374 2009-08-19 Simon Josefsson <simon@josefsson.org>
8376 * doc/gnutls.texi: Reformat paragraphs.
8378 2009-08-19 Simon Josefsson <simon@josefsson.org>
8380 * doc/manpages/Makefile.am, src/cli-gaa.c, src/cli-gaa.h,
8381 src/serv-gaa.c, src/serv-gaa.h: Generated.
8383 2009-08-19 Simon Josefsson <simon@josefsson.org>
8385 * doc/gnutls.texi: Typo.
8387 2009-08-19 Simon Josefsson <simon@josefsson.org>
8389 * doc/gnutls.texi: Add cross reference.
8391 2009-08-19 Simon Josefsson <simon@josefsson.org>
8393 * doc/gnutls.texi: Add.
8395 2009-08-19 Simon Josefsson <simon@josefsson.org>
8397 * doc/reference/gnutls-docs.sgml, lib/ext_session_ticket.c: Fix
8400 2009-08-19 Simon Josefsson <simon@josefsson.org>
8404 2009-08-19 Simon Josefsson <simon@josefsson.org>
8406 * lib/libgnutls.map: Fix namespace of new APIs.
8408 2009-08-19 Simon Josefsson <simon@josefsson.org>
8410 * lib/ext_session_ticket.c, lib/gnutls_extensions.c,
8411 lib/gnutls_session_pack.c: Fix whitespace.
8413 2009-08-19 Daiki Ueno <ueno@unixuser.org>
8415 * doc/TODO, lib/Makefile.am, lib/ext_session_ticket.c,
8416 lib/ext_session_ticket.h, lib/gnutls_constate.c,
8417 lib/gnutls_extensions.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
8418 lib/gnutls_session_pack.c, lib/gnutls_state.c,
8419 lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
8420 lib/m4/hooks.m4, src/cli.c, src/cli.gaa, src/serv.c, src/serv.gaa,
8421 tests/resume.c: session ticket support Signed-off-by: Simon Josefsson <simon@josefsson.org>
8423 2009-08-19 Simon Josefsson <simon@josefsson.org>
8425 * cfg.mk: Fix indent rule.
8427 2009-08-19 Daiki Ueno <ueno@unixuser.org>
8429 * doc/gnutls.texi: internals doc update Hi, When I wrote SessionTicket extension I referred to the manual node
8430 "Adding a New TLS Extension", and noticed that it is not up to date.
8431 So, here is a patch. Signed-off-by: Simon Josefsson <simon@josefsson.org>
8433 2009-08-18 Simon Josefsson <simon@josefsson.org>
8435 * gl/stdio.in.h, lib/gl/Makefile.am, lib/gl/m4/gnulib-cache.m4,
8436 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/memmove.m4, lib/gl/memmove.c,
8437 lib/gl/stdio.in.h, maint.mk: Update gnulib files.
8439 2009-08-15 Simon Josefsson <simon@josefsson.org>
8441 * gl/m4/stddef_h.m4, lib/gl/m4/stddef_h.m4: Update gnulib files.
8443 2009-08-15 Simon Josefsson <simon@josefsson.org>
8445 * .gitignore: Don't ignore gl/ files!
8447 2009-08-15 Simon Josefsson <simon@josefsson.org>
8449 * gl/tests/test-stddef.c, lib/gl/tests/test-stddef.c: Update gnulib
8452 2009-08-15 Simon Josefsson <simon@josefsson.org>
8454 * gl/Makefile.am, gl/m4/gnulib-comp.m4, gl/m4/wchar.m4,
8455 gl/stddef.in.h, gl/stdlib.in.h, gl/string.in.h,
8456 gl/tests/Makefile.am, gl/tests/test-stdio.c,
8457 gl/tests/test-stdlib.c, gl/tests/test-string.c,
8458 gl/tests/test-unistd.c, gl/tests/test-wchar.c, gl/unistd.in.h,
8459 lib/gl/Makefile.am, lib/gl/m4/gnulib-comp.m4, lib/gl/m4/wchar.m4,
8460 lib/gl/stddef.in.h, lib/gl/stdlib.in.h, lib/gl/string.in.h,
8461 lib/gl/tests/Makefile.am, lib/gl/tests/test-stdio.c,
8462 lib/gl/tests/test-stdlib.c, lib/gl/tests/test-string.c,
8463 lib/gl/tests/test-time.c, lib/gl/tests/test-unistd.c,
8464 lib/gl/tests/test-wchar.c, lib/gl/time.in.h, lib/gl/unistd.in.h,
8465 maint.mk: Update gnulib files.
8467 2009-08-14 Simon Josefsson <simon@josefsson.org>
8469 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
8470 libextra/configure.ac: Bump versions.
8472 2009-08-14 Simon Josefsson <simon@josefsson.org>
8474 * ChangeLog: Generated.
8476 2009-08-14 Simon Josefsson <simon@josefsson.org>
8478 * NEWS: Version 2.9.2.
8480 2009-08-14 Simon Josefsson <simon@josefsson.org>
8482 * NEWS: Add 2.8.3 entry.
8484 2009-08-14 Simon Josefsson <simon@josefsson.org>
8486 * gl/Makefile.am, gl/m4/close.m4, gl/m4/fclose.m4,
8487 gl/m4/gnulib-comp.m4, gl/m4/sys_ioctl_h.m4, gl/m4/sys_socket_h.m4,
8488 gl/m4/unistd_h.m4, gl/tests/Makefile.am, gl/tests/sys_ioctl.in.h,
8489 gl/tests/test-stdio.c, gl/tests/test-stdlib.c,
8490 gl/tests/test-string.c, gl/tests/test-unistd.c,
8491 gl/tests/test-version-etc.sh, gl/unistd.in.h, gl/vasnprintf.c,
8492 lib/gl/Makefile.am, lib/gl/m4/sys_socket_h.m4,
8493 lib/gl/m4/threadlib.m4, lib/gl/m4/unistd_h.m4,
8494 lib/gl/tests/test-stdio.c, lib/gl/tests/test-stdlib.c,
8495 lib/gl/tests/test-string.c, lib/gl/tests/test-unistd.c,
8496 lib/gl/unistd.in.h, lib/gl/vasnprintf.c: Update gnulib files.
8498 2009-08-13 Simon Josefsson <simon@josefsson.org>
8500 * gl/tests/test-version-etc.sh: Update gnulib files.
8502 2009-08-13 Simon Josefsson <simon@josefsson.org>
8504 * gl/tests/test-version-etc.sh: Update gnulib files.
8506 2009-08-13 Simon Josefsson <simon@josefsson.org>
8508 * configure.ac: Don't generate gzip archives.
8510 2009-08-13 Simon Josefsson <simon@josefsson.org>
8512 * lib/Makefile.am, lib/gnutls_buffers.c, lib/gnutls_int.h,
8513 lib/io_debug.h: Remove io_debug.h stuff, it is superseded by
8514 self-tests like mini-eagain.c.
8516 2009-08-13 Simon Josefsson <simon@josefsson.org>
8520 2009-08-13 Simon Josefsson <simon@josefsson.org>
8524 2009-08-13 Simon Josefsson <simon@josefsson.org>
8526 * lib/x509/x509.c: (gnutls_x509_crt_import): Re-initialize the ASN.1 structure. If this is not done here, the next certificate loading may fail
8527 because asn1_der_decoding modified the ASN.1 structure. Triggered
8528 by the hostname-check self-test.
8530 2009-08-13 Simon Josefsson <simon@josefsson.org>
8532 * cfg.mk: Revert "Always build vc checkouts with debugging." This reverts commit b68235be4d1ff7739456e0c5d8c28c6e96e15a14. It
8533 breaks because -Wdisabled-optimizations will cause an error when
8534 optimizations are disabled.
8536 2009-08-13 Simon Josefsson <simon@josefsson.org>
8538 * cfg.mk: Always build vc checkouts with debugging.
8540 2009-08-13 Simon Josefsson <simon@josefsson.org>
8542 * tests/hostname-check.c: Fix.
8544 2009-08-13 Simon Josefsson <simon@josefsson.org>
8546 * tests/hostname-check.c: Add another SAN/CN collision test.
8547 Reported by Daniel Stenberg <daniel@haxx.se> in
8548 <http://permalink.gmane.org/gmane.network.gnutls.general/1735>.
8550 2009-08-12 Simon Josefsson <simon@josefsson.org>
8552 * tests/hostname-check.c: Fix logic.
8554 2009-08-12 Simon Josefsson <simon@josefsson.org>
8556 * tests/hostname-check.c: Test when SAN and CN differs. Inspired by
8557 report by Daniel Stenberg <daniel@haxx.se> in
8558 <http://permalink.gmane.org/gmane.network.gnutls.general/1734>.
8560 2009-08-12 Simon Josefsson <simon@josefsson.org>
8562 * libextra/Makefile.am, libextra/gl/m4/sockets.m4: Use include
8565 2009-08-12 Simon Josefsson <simon@josefsson.org>
8567 * libextra/gl/m4/sockets.m4: Add, needed for -lws2_32 in libextra.
8569 2009-08-12 Simon Josefsson <simon@josefsson.org>
8571 * libextra/m4/hooks.m4: Add.
8573 2009-08-11 Simon Josefsson <simon@josefsson.org>
8575 * lib/gnutls_algorithms.c: Doc fix.
8577 2009-08-11 Simon Josefsson <simon@josefsson.org>
8579 * lib/gnutls_algorithms.c, lib/gnutls_anon_cred.c,
8580 lib/gnutls_auth.c, lib/gnutls_cert.c, lib/gnutls_psk.c,
8581 lib/gnutls_srp.c, lib/gnutls_state.c, lib/gnutls_x509.c,
8582 lib/openpgp/gnutls_openpgp.c, lib/openpgp/pgp.c,
8583 libextra/gnutls_ia.c: Fix typos in documentation. Reported by Daiki
8584 Ueno <ueno> in <https://savannah.gnu.org/support/?106969>.
8586 2009-08-10 Simon Josefsson <simon@josefsson.org>
8588 * gl/m4/gnulib-comp.m4, gl/m4/sys_select_h.m4, gl/stdio-write.c,
8589 gl/sys_select.in.h, gl/tests/gettimeofday.c,
8590 gl/tests/test-sys_select.c, gl/tests/test-version-etc.sh,
8591 lib/gl/m4/gnulib-comp.m4, lib/gl/stdio-write.c, maint.mk: Update
8594 2009-08-10 Simon Josefsson <simon@josefsson.org>
8596 * libextra/Makefile.am: Need to add LIBSOCKET because we link to
8597 ../lib's gnulib library, for mingw.
8599 2009-08-10 Simon Josefsson <simon@josefsson.org>
8601 * lib/po/cs.po.in, lib/po/fr.po.in, lib/po/nl.po.in,
8602 lib/po/pl.po.in, lib/po/sv.po.in: Sync with TP.
8604 2009-08-10 Simon Josefsson <simon@josefsson.org>
8606 * NEWS: Add 2.8.x news entries.
8608 2009-08-10 Simon Josefsson <simon@josefsson.org>
8610 * cfg.mk: Fix usage.
8612 2009-08-10 Simon Josefsson <simon@josefsson.org>
8614 * cfg.mk: Copy cyclomatic code complexity charts too.
8616 2009-08-10 Simon Josefsson <simon@josefsson.org>
8620 2009-08-10 Simon Josefsson <simon@josefsson.org>
8622 * lib/gnutls_global.c: Look only for latest _required_
8623 libgcrypt/libtasn1 version. Reported by Marco d'Itri <md@linux.it> via Andreas Metzler
8624 <ametzler@downhill.at.eu.org> as Debian BTS #540449.
8626 2009-08-10 Simon Josefsson <simon@josefsson.org>
8630 2009-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8632 * : commit c529f792e4c899080eb1f6e104c8552fa0770356 Author: Nikos
8633 Mavrogiannopoulos <nmav@gnutls.org> Date: Sat Aug 8 09:06:57 2009
8636 2009-08-07 Simon Josefsson <simon@josefsson.org>
8640 2009-08-07 Simon Josefsson <simon@josefsson.org>
8644 2009-08-07 Simon Josefsson <simon@josefsson.org>
8648 2009-08-07 Simon Josefsson <simon@josefsson.org>
8650 * lib/x509/output.c: Check for NUL in SANs and replace accordingly.
8652 2009-08-07 Simon Josefsson <simon@josefsson.org>
8654 * tests/Makefile.am, tests/hostname-check.README,
8655 tests/hostname-check.c: Move comment into source.
8657 2009-08-07 Simon Josefsson <simon@josefsson.org>
8659 * lib/x509/common.c: Refuse to return DNs with embedded NULs which
8660 breaks other code. Problem published by Dan Kaminsky and Moxie Marlinspike at
8663 2009-08-07 Simon Josefsson <simon@josefsson.org>
8665 * lib/x509/common.c: Revert everything since last release, to allow
8666 minimal patch to be applied.
8668 2009-08-06 Simon Josefsson <simon@josefsson.org>
8670 * tests/Makefile.am: Fix invocation of rfc2253-escape-test. Reported by Brad Hards <bradh@frogmouth.net> in
8672 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3750>.
8674 2009-08-06 Simon Josefsson <simon@josefsson.org>
8676 * build-aux/vc-list-files, gl/Makefile.am, gl/error.c, gl/fseeko.c,
8677 gl/m4/gnulib-comp.m4, gl/m4/lib-link.m4, gl/m4/stdio_h.m4,
8678 gl/m4/unistd_h.m4, gl/socket.c, gl/sockets.c, gl/stdio.in.h,
8679 gl/tests/Makefile.am, gl/tests/test-select.c,
8680 gl/tests/test-stdio.c, gl/tests/test-stdlib.c,
8681 gl/tests/test-string.c, gl/tests/test-unistd.c,
8682 gl/tests/test-version-etc.c, gl/tests/test-version-etc.sh,
8683 gl/unistd.in.h, gl/version-etc.c, gl/version-etc.h,
8684 lib/gl/Makefile.am, lib/gl/fseeko.c, lib/gl/m4/iconv.m4,
8685 lib/gl/m4/lib-link.m4, lib/gl/m4/stdio_h.m4, lib/gl/m4/time_h.m4,
8686 lib/gl/m4/unistd_h.m4, lib/gl/sockets.c, lib/gl/stdio.in.h,
8687 lib/gl/tests/test-stdio.c, lib/gl/tests/test-stdlib.c,
8688 lib/gl/tests/test-string.c, lib/gl/tests/test-unistd.c,
8689 lib/gl/time.in.h, lib/gl/unistd.in.h, libextra/gl/m4/lib-link.m4,
8690 libextra/gl/md5.h, maint.mk: Update gnulib files.
8692 2009-08-05 Simon Josefsson <simon@josefsson.org>
8694 * tests/Makefile.am, tests/rfc2253-escape-test: Add self-test of RFC
8697 2009-08-04 Simon Josefsson <simon@josefsson.org>
8699 * lib/x509/common.c: Simplify and fix mem leak.
8701 2009-08-04 Simon Josefsson <simon@josefsson.org>
8703 * lib/x509/common.c: Don't use fixed size buffer for strings.
8705 2009-08-04 Simon Josefsson <simon@josefsson.org>
8707 * tests/nul-in-x509-names.c: Exit with failure on failure.
8709 2009-08-04 Simon Josefsson <simon@josefsson.org>
8711 * tests/nul-in-x509-names.c: Fix output.
8713 2009-08-04 Simon Josefsson <simon@josefsson.org>
8715 * lib/gnutls_str.c: Cleanup code.
8717 2009-08-04 Tomas Hoger <thoger@redhat.com>
8719 * lib/gnutls_str.c, lib/gnutls_str.h, lib/openpgp/pgp.c,
8720 lib/x509/rfc2818_hostname.c: GnuTLS vs. NULL chars in CNs Check cert name size in _gnutls_hostname_compare() This is needed to protect against NULL (\0) characters embedded
8721 in X509 certificates' CNs or subjectAltNames, that can be used
8722 to fool SSL certificate verification as was demonstrated by Moxie
8723 Marlinspike on BH USA 2009:
8724 http://www.blackhat.com/html/bh-usa-09/bh-usa-09-archives.html#MarlinspikeSigned-off-by: Simon Josefsson <simon@josefsson.org>
8726 2009-08-04 Simon Josefsson <simon@josefsson.org>
8728 * tests/Makefile.am, tests/nul-in-x509-names.c: Add self-test for
8729 NUL in X.509 CN/SAN problem.
8731 2009-08-03 Simon Josefsson <simon@josefsson.org>
8733 * lib/x509/common.c: Fix typo.
8735 2009-08-03 Simon Josefsson <simon@josefsson.org>
8737 * tests/chainverify.c: Fix expected output, a cert have expired.
8739 2009-08-03 Simon Josefsson <simon@josefsson.org>
8741 * lib/x509/common.c: Fix crash.
8743 2009-08-03 Simon Josefsson <simon@josefsson.org>
8745 * tests/mini-eagain.c: Make it build.
8747 2009-07-29 Simon Josefsson <simon@josefsson.org>
8749 * .gitignore: Drop .c and sort.
8751 2009-07-29 Simon Josefsson <simon@josefsson.org>
8753 * NEWS, lib/minitasn1/errors.c, lib/minitasn1/libtasn1.h: Use
8756 2009-07-29 Simon Josefsson <simon@josefsson.org>
8760 2009-07-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8762 * : commit c02e9f1459330119d2947a4e46fb60c0e12fa32d Author: Nikos
8763 Mavrogiannopoulos <nmav@gnutls.org> Date: Sun Jul 26 15:22:06 2009
8766 2009-07-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8768 * lib/x509/common.c: do not allow null character in DN.
8770 2009-07-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8772 * .gitignore: updated files to be ignored.
8774 2009-07-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8776 * tests/dn.c: Typo fix in test output. Patch by Brad Hards
8777 <bradh@frogmouth.net>
8779 2009-07-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8781 * THANKS: Removed duplicate entry of Daniel and added Fabian, Brad
8784 2009-07-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8786 * doc/examples/ex-serv-anon.c, doc/examples/ex-serv-export.c,
8787 doc/examples/ex-serv-pgp.c, doc/examples/ex-serv-psk.c,
8788 doc/examples/ex-serv-srp.c, doc/examples/ex-serv1.c,
8789 lib/auth_cert.c, lib/gnutls_buffers.c, lib/gnutls_mpi.c,
8790 lib/gnutls_pk.c, lib/gnutls_sig.c, lib/opencdk/stream.c,
8791 lib/opencdk/write-packet.c, lib/openpgp/pgp.c,
8792 lib/openpgp/privkey.c, lib/x509/privkey_pkcs8.c, src/certtool.c,
8793 src/psk.c: Several bug fixes by Fabian Keil (some were modified by
8796 2009-07-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8798 * tests/mini-eagain.c: reduced transferred data size.
8800 2009-07-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8802 * lib/auth_srp.c, lib/gnutls_buffers.c, lib/gnutls_errors.c,
8803 lib/gnutls_record.c, lib/gnutls_supplemental.c,
8804 lib/opencdk/armor.c, lib/opencdk/keydb.c, lib/opencdk/literal.c,
8805 lib/opencdk/read-packet.c, lib/opencdk/sig-check.c,
8806 lib/opencdk/stream.c, src/certtool-cfg.c, tests/chainverify.c: Added
8807 casts to reduce warnings (based on report by Brad Hards).
8809 2009-07-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8811 * .gitignore: Added more stuff to have a clean status.
8813 2009-07-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8815 * README-alpha: Documentation corrections by Brad Hards.
8817 2009-07-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8819 * lib/x509/crq.c: size_t and unsigned int fixes.
8821 2009-07-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8823 * lib/gnutls_str.c: There are cases where those buffers might
8826 2009-07-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8828 * lib/gnutls_handshake.c: Patch by Tim Kosse: "If
8829 _gnutls_send_finished fails with GNUTLS_E_AGAIN or GNUTLS_E_AGAIN it
8830 eventually gets called a second time. It however does not call _gnutls_send_handshake with a NULL pointer
8831 on repeated calls, ultimately leading to an internal error in
8832 _gnutls_handshake_io_send_int."
8834 2009-07-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8836 * lib/auth_cert.h, lib/gnutls_ui.c: Corrected
8837 gnutls_certificate_client_get_request_status(). Based on observation
8838 by Peter Hendrickson <pdh@wiredyne.com>.
8840 2009-07-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8842 * lib/gnutls_buffers.c, tests/Makefile.am, tests/mini-eagain.c:
8843 Added bug fix that allows gnutls_record_recv/send resuming from
8844 previously interrupted actions. Patch by from Tim Kosse
8845 <tim.kosse@filezilla-project.org>. Added a self test to check those functions in handling interrupted
8848 2009-06-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8850 * : commit 21a7186bf83084a2bc85bbb7ddb600ccd070f1c2 Author: Simon
8851 Josefsson <simon@josefsson.org> Date: Tue Jun 23 23:04:51 2009
8854 2009-06-23 Simon Josefsson <simon@josefsson.org>
8856 * lib/gnutls_errors.c: Doc fix.
8858 2009-06-22 Simon Josefsson <simon@josefsson.org>
8862 2009-06-22 Simon Josefsson <simon@josefsson.org>
8864 * tests/Makefile.am, tests/dn2.c: Add self-test of off-by-one size
8867 2009-06-22 Simon Josefsson <simon@josefsson.org>
8871 2009-06-22 Simon Josefsson <simon@josefsson.org>
8875 2009-06-22 Simon Josefsson <simon@josefsson.org>
8877 * lib/x509/dn.c: Fix off-by-one size computation that leads to
8878 truncated strings. Reported by Tim Kosse
8879 <tim.kosse@filezilla-project.org> in
8881 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3651>.
8883 2009-06-18 Simon Josefsson <simon@josefsson.org>
8885 * gl/Makefile.am, gl/errno.in.h, gl/getpagesize.c,
8886 gl/m4/errno_h.m4, gl/m4/gnulib-comp.m4, gl/m4/memchr.m4,
8887 gl/m4/string_h.m4, gl/memchr.valgrind, gl/strerror.c,
8888 gl/string.in.h, gl/tests/Makefile.am, gl/tests/getpagesize.c,
8889 lib/gl/Makefile.am, lib/gl/errno.in.h, lib/gl/getpagesize.c,
8890 lib/gl/m4/errno_h.m4, lib/gl/m4/gnulib-comp.m4,
8891 lib/gl/m4/memchr.m4, lib/gl/m4/string_h.m4, lib/gl/memchr.valgrind,
8892 lib/gl/string.in.h, lib/gl/tests/Makefile.am,
8893 lib/gl/tests/getpagesize.c: Update gnulib files.
8895 2009-06-18 Simon Josefsson <simon@josefsson.org>
8897 * libextra/m4/hooks.m4: Fix --disable-openssl-compatibility
8898 parameter. Reported by Matthias Drochner <M.Drochner@fz-juelich.de>
8901 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3646>.
8903 2009-06-17 Simon Josefsson <simon@josefsson.org>
8905 * doc/gnutls.texi: Typo.
8907 2009-06-17 Simon Josefsson <simon@josefsson.org>
8909 * tests/mpi.c: Fix build error.
8911 2009-06-17 Simon Josefsson <simon@josefsson.org>
8915 2009-06-17 Simon Josefsson <simon@josefsson.org>
8917 * lib/gnutls_ui.c: Return proper MPI lengths in bits. Reported by
8918 Peter Hendrickson <pdh@wiredyne.com> in
8920 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3607>.
8922 2009-06-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
8924 * : commit fad0d9b3289087dbd56176e7a1ccb498cf5ef099 Author: Simon
8925 Josefsson <simon@josefsson.org> Date: Wed Jun 10 17:55:05 2009
8928 2009-06-10 Simon Josefsson <simon@josefsson.org>
8932 2009-06-10 Simon Josefsson <simon@josefsson.org>
8934 * tests/pkcs12_s2k.c: Improve test vectors.
8936 2009-06-10 Simon Josefsson <simon@josefsson.org>
8938 * NEWS, tests/Makefile.am, tests/pkcs12_s2k_pem.c: Added new
8939 self-test pkcs12_s2k_pem.
8941 2009-06-10 Simon Josefsson <simon@josefsson.org>
8945 2009-06-10 Simon Josefsson <simon@josefsson.org>
8949 2009-06-10 Simon Josefsson <simon@josefsson.org>
8951 * lib/x509/pkcs12_encr.c: Fix PKCS#12 string to key function for
8952 1/128 inputs. Reported by "Kukosa, Tomas"
8953 <tomas.kukosa@siemens-enterprise.com> in
8954 <http://permalink.gmane.org/gmane.network.gnutls.general/1663>.
8956 2009-06-09 Simon Josefsson <simon@josefsson.org>
8958 * gl/Makefile.am, gl/m4/getpagesize.m4, gl/m4/gnulib-comp.m4,
8959 gl/m4/memchr.m4, gl/m4/mmap-anon.m4, gl/memchr.c,
8960 gl/tests/Makefile.am, gl/tests/getpagesize.c,
8961 gl/tests/test-memchr.c, gl/tests/zerosize-ptr.h,
8962 lib/gl/Makefile.am, lib/gl/m4/getpagesize.m4,
8963 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/memchr.m4,
8964 lib/gl/m4/mmap-anon.m4, lib/gl/memchr.c, lib/gl/tests/Makefile.am,
8965 lib/gl/tests/getpagesize.c, lib/gl/tests/test-memchr.c,
8966 lib/gl/tests/zerosize-ptr.h: Update gnulib files.
8968 2009-06-09 Simon Josefsson <simon@josefsson.org>
8970 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
8971 libextra/configure.ac: Bump versions.
8973 2009-06-09 Simon Josefsson <simon@josefsson.org>
8975 * ChangeLog: Generated.
8977 2009-06-09 Simon Josefsson <simon@josefsson.org>
8979 * gl/m4/gnulib-comp.m4, gl/m4/version-etc.m4,
8980 gl/tests/test-alignof.c, gl/version-etc.c: Update gnulib files.
8982 2009-06-08 Simon Josefsson <simon@josefsson.org>
8984 * NEWS: Version 2.9.1.
8986 2009-06-08 Simon Josefsson <simon@josefsson.org>
8988 * lib/gnutls_extensions.c: Mark global extfunc_size as having static
8991 2009-06-08 Simon Josefsson <simon@josefsson.org>
8995 2009-06-08 Simon Josefsson <simon@josefsson.org>
8997 * tests/Makefile.am, tests/init_roundtrip.c: Add self-test to detect
8998 extension init/deinit problem.
9000 2009-06-08 Simon Josefsson <simon@josefsson.org>
9002 * lib/gnutls_extensions.c: Deinitalize extension global variable
9003 properly. See <http://bugs.gentoo.org/272388>.
9005 2009-06-03 Simon Josefsson <simon@josefsson.org>
9007 * gl/Makefile.am, gl/alignof.h, gl/m4/gnulib-cache.m4,
9008 gl/m4/gnulib-comp.m4, gl/tests/Makefile.am,
9009 gl/tests/test-alignof.c, lib/gl/alignof.h: Update gnulib files.
9011 2009-06-03 Simon Josefsson <simon@josefsson.org>
9013 * lib/auth_srp.c, lib/debug.c, lib/debug.h, lib/gnutls_errors.c,
9014 lib/gnutls_errors.h, lib/libgnutls.map, lib/pk-libgcrypt.c,
9015 tests/mpi.c: Rename _gnutls_dump_mpi to _gnutls_mpi_log. Rewrite to
9016 use less stack space.
9018 2009-06-03 Simon Josefsson <simon@josefsson.org>
9020 * configure.ac: Reduce stack size limit check.
9022 2009-06-03 Simon Josefsson <simon@josefsson.org>
9024 * lib/x509/output.c: Reduce stack size.
9026 2009-06-03 Simon Josefsson <simon@josefsson.org>
9028 * lib/x509/output.c: Fix malloc failure error strings.
9030 2009-06-03 Simon Josefsson <simon@josefsson.org>
9032 * tests/crq_apis.c: Test more.
9034 2009-06-03 Simon Josefsson <simon@josefsson.org>
9036 * lib/x509/common.c: (_gnutls_x509_oid_data2string): Return proper @res_size for NULL
9039 2009-06-03 Simon Josefsson <simon@josefsson.org>
9041 * lib/x509/crq.c: Indent.
9043 2009-06-03 Simon Josefsson <simon@josefsson.org>
9045 * lib/x509/crq.c: Doc fix.
9047 2009-06-03 Simon Josefsson <simon@josefsson.org>
9049 * lib/x509/crq.c: Reduce stack usage.
9051 2009-06-03 Simon Josefsson <simon@josefsson.org>
9053 * lib/x509/crq.c: Doc fix.
9055 2009-06-03 Simon Josefsson <simon@josefsson.org>
9057 * lib/x509/crq.c: Simplify.
9059 2009-06-03 Simon Josefsson <simon@josefsson.org>
9061 * tests/crq_apis.c: Test more.
9063 2009-06-03 Simon Josefsson <simon@josefsson.org>
9065 * lib/x509/crq.c: Reduce stack usage.
9067 2009-06-03 Simon Josefsson <simon@josefsson.org>
9069 * tests/crq_apis.c: Test more.
9071 2009-06-03 Simon Josefsson <simon@josefsson.org>
9073 * lib/x509/crq.c: Reduce stack usage.
9075 2009-06-03 Simon Josefsson <simon@josefsson.org>
9077 * lib/x509/crq.c: Fix uninitialized variable access.
9079 2009-06-03 Simon Josefsson <simon@josefsson.org>
9081 * lib/x509/crq.c: Reduce stack frame usage.
9083 2009-06-03 Simon Josefsson <simon@josefsson.org>
9085 * lib/x509/x509_write.c: Reduce stack usage.
9087 2009-06-02 Simon Josefsson <simon@josefsson.org>
9089 * gl/m4/manywarnings.m4: Update gnulib files.
9091 2009-06-02 Simon Josefsson <simon@josefsson.org>
9093 * tests/crq_apis.c: Add.
9095 2009-06-02 Simon Josefsson <simon@josefsson.org>
9097 * lib/x509/crq.c: Don't assert on expected errors.
9099 2009-06-01 Simon Josefsson <simon@josefsson.org>
9103 2009-06-01 Simon Josefsson <simon@josefsson.org>
9105 * tests/Makefile.am: Add crq self-test.
9107 2009-06-01 Simon Josefsson <simon@josefsson.org>
9109 * lib/x509/extensions.c: Reduce stack usage.
9111 2009-06-01 Simon Josefsson <simon@josefsson.org>
9113 * lib/x509/crq.c: Reduce stack usage. Fix build failure wrt
9116 2009-06-01 Simon Josefsson <simon@josefsson.org>
9118 * lib/includes/gnutls/x509.h: Doc fix.
9120 2009-06-01 Simon Josefsson <simon@josefsson.org>
9122 * lib/x509/crq.c: Doc fix.
9124 2009-06-01 Simon Josefsson <simon@josefsson.org>
9126 * lib/x509/crq.c: Return buffer size for NULL/0 inputs. Fix output
9127 buffer size computation.
9129 2009-06-01 Simon Josefsson <simon@josefsson.org>
9131 * lib/x509/extensions.c: Fix mem leak.
9133 2009-06-01 Simon Josefsson <simon@josefsson.org>
9135 * lib/x509/crq.c: Don't assert for expected errors.
9137 2009-06-01 Simon Josefsson <simon@josefsson.org>
9139 * configure.ac: Export wstack.
9141 2009-06-01 Simon Josefsson <simon@josefsson.org>
9143 * lib/configure.ac, libextra/configure.ac: Fix WSTACK_CFLAGS.
9145 2009-06-01 Simon Josefsson <simon@josefsson.org>
9147 * src/serv.c: Improve logging and fix warnings.
9149 2009-06-01 Simon Josefsson <simon@josefsson.org>
9151 * configure.ac, lib/Makefile.am, lib/openpgp/Makefile.am,
9152 lib/x509/Makefile.am, libextra/Makefile.am: Check stack size.
9154 2009-06-01 Simon Josefsson <simon@josefsson.org>
9156 * gl/m4/manywarnings.m4: Update gnulib files.
9158 2009-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
9160 * doc/TODO: Added gnutls_dh_get_prime_bits limitation.
9162 2009-05-28 Simon Josefsson <simon@josefsson.org>
9164 * lib/x509/pkcs12_bag.c, lib/x509/verify.c, lib/x509/x509.c,
9165 lib/x509/x509_write.c: Doc fix. Reported by Peter Hendrickson
9168 2009-05-28 Simon Josefsson <simon@josefsson.org>
9172 2009-05-28 Simon Josefsson <simon@josefsson.org>
9174 * configure.ac, lib/configure.ac, lib/m4/hooks.m4,
9175 libextra/configure.ac: Bump versions.
9177 2009-05-28 Simon Josefsson <simon@josefsson.org>
9179 * cfg.mk: Fix paths.
9181 2009-05-28 Simon Josefsson <simon@josefsson.org>
9183 * ChangeLog: Generated.
9185 2009-05-28 Simon Josefsson <simon@josefsson.org>
9187 * NEWS: Version 2.9.0.
9189 2009-05-28 Simon Josefsson <simon@josefsson.org>
9191 * cfg.mk: Fix paths for alpha release.
9193 2009-05-28 Simon Josefsson <simon@josefsson.org>
9195 * lib/gnutls_ui.c: Doc fix.
9197 2009-05-28 Simon Josefsson <simon@josefsson.org>
9199 * build-aux/gnupload: Update gnulib files.
9201 2009-05-27 Simon Josefsson <simon@josefsson.org>
9203 * doc/manpages/srptool.1: Fix.
9205 2009-05-27 Simon Josefsson <simon@josefsson.org>
9209 2009-05-27 Simon Josefsson <simon@josefsson.org>
9211 * doc/manpages/gnutls-serv.1: Doc fix.
9213 2009-05-27 Simon Josefsson <simon@josefsson.org>
9215 * lib/gnutls_psk.c: Doc fix.
9217 2009-05-27 Simon Josefsson <simon@josefsson.org>
9219 * lib/x509/pkcs7.c: Doc fix.
9221 2009-05-27 Simon Josefsson <simon@josefsson.org>
9223 * doc/Makefile.am: Cleanup rules.
9225 2009-05-27 Simon Josefsson <simon@josefsson.org>
9227 * doc/Makefile.am, doc/gnutls.texi, lib/Makefile.am,
9228 lib/openpgp/Makefile.am, lib/x509/Makefile.am, libextra/Makefile.am:
9229 Move API texinfo generation into doc/.
9231 2009-05-27 Simon Josefsson <simon@josefsson.org>
9233 * gl/m4/include_next.m4, gl/m4/size_max.m4,
9234 lib/gl/m4/include_next.m4, lib/gl/m4/size_max.m4: Update gnulib
9237 2009-05-27 Simon Josefsson <simon@josefsson.org>
9239 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
9240 libextra/configure.ac: Bump versions.
9242 2009-05-27 Simon Josefsson <simon@josefsson.org>
9244 * ChangeLog: Generated.
9246 2009-05-27 Simon Josefsson <simon@josefsson.org>
9248 * NEWS: Version 2.8.0.
9250 2009-05-27 Simon Josefsson <simon@josefsson.org>
9254 2009-05-27 Simon Josefsson <simon@josefsson.org>
9256 * doc/announcement-template.txt: Typo.
9258 2009-05-27 Simon Josefsson <simon@josefsson.org>
9262 2009-05-27 Simon Josefsson <simon@josefsson.org>
9264 * NEWS, cfg.mk, configure.ac, lib/configure.ac,
9265 libextra/configure.ac: Prepare for stable release.
9267 2009-05-27 Simon Josefsson <simon@josefsson.org>
9269 * configure.ac, lib/configure.ac, lib/m4/hooks.m4,
9270 libextra/configure.ac: Bump versions.
9272 2009-05-27 Simon Josefsson <simon@josefsson.org>
9276 2009-05-27 Simon Josefsson <simon@josefsson.org>
9278 * lib/gnutls_ui.c: Doc fix. Reported by Peter Hendrickson
9281 2009-05-26 Simon Josefsson <simon@josefsson.org>
9283 * src/select.c: Remove unused file, replaced by poll from gnulib.
9285 2009-05-26 Simon Josefsson <simon@josefsson.org>
9287 * doc/Makefile.am: Fix generation of error_codes.texi and
9290 2009-05-26 Simon Josefsson <simon@josefsson.org>
9292 * ChangeLog: Generated.
9294 2009-05-26 Simon Josefsson <simon@josefsson.org>
9296 * doc/announcement-template.txt: Fix.
9298 2009-05-26 Simon Josefsson <simon@josefsson.org>
9300 * NEWS: Version 2.7.14.
9302 2009-05-26 Simon Josefsson <simon@josefsson.org>
9304 * src/certtool-gaa.c, src/serv-gaa.c: Regenerate.
9306 2009-05-26 Simon Josefsson <simon@josefsson.org>
9310 2009-05-26 Simon Josefsson <simon@josefsson.org>
9314 2009-05-26 Simon Josefsson <simon@josefsson.org>
9316 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
9317 libextra/configure.ac: Bump versions.
9319 2009-05-26 Simon Josefsson <simon@josefsson.org>
9321 * lib/gnutls_global.c, lib/includes/gnutls/compat.h,
9322 libextra/gnutls_extra.c, libextra/includes/gnutls/extra.h,
9323 libextra/includes/gnutls/openssl.h, tests/openssl.c, tests/simple.c:
9324 Fix version symbol namespace.
9326 2009-05-26 Simon Josefsson <simon@josefsson.org>
9328 * doc/examples/ex-serv-anon.c, doc/examples/ex-serv-export.c,
9329 doc/examples/ex-serv-pgp.c, doc/examples/ex-serv-psk.c,
9330 doc/examples/ex-serv1.c, doc/examples/ex-session-info.c,
9331 doc/gnutls.texi, doc/manpages/certtool.1,
9332 doc/manpages/gnutls-serv.1, lib/auth_anon.c, lib/auth_dh_common.c,
9333 lib/auth_dhe.c, lib/auth_dhe_psk.c, lib/gnutls_anon_cred.c,
9334 lib/gnutls_errors.c, lib/gnutls_handshake.c, lib/gnutls_psk.c,
9335 lib/gnutls_record.c, lib/gnutls_ui.c,
9336 lib/includes/gnutls/gnutls.h.in, libextra/gnutls_ia.c,
9337 src/certtool.gaa, src/prime.c, src/serv.c, src/serv.gaa,
9338 src/tls_test.c, tests/anonself.c, tests/dhepskself.c,
9339 tests/openpgpself.c, tests/oprfi.c, tests/resume.c, tests/tlsia.c,
9340 tests/x509dn.c, tests/x509self.c, tests/x509signself.c: Doc fixes.
9341 Suggested by Peter Hendrickson <pdh@wiredyne.com>.
9343 2009-05-26 Simon Josefsson <simon@josefsson.org>
9345 * lib/gnutls_auth.c: Doc fix. Reported by Peter Hendrickson
9348 2009-05-25 Simon Josefsson <simon@josefsson.org>
9350 * ChangeLog: Generated.
9352 2009-05-25 Simon Josefsson <simon@josefsson.org>
9354 * NEWS: Version 2.7.13.
9356 2009-05-25 Simon Josefsson <simon@josefsson.org>
9358 * doc/announcement-template.txt: Fix.
9360 2009-05-25 Simon Josefsson <simon@josefsson.org>
9364 2009-05-25 Simon Josefsson <simon@josefsson.org>
9368 2009-05-25 Simon Josefsson <simon@josefsson.org>
9370 * doc/announcement-template.txt: Improve.
9372 2009-05-25 Simon Josefsson <simon@josefsson.org>
9374 * lib/libgnutls.map: Sort symbols.
9376 2009-05-25 Simon Josefsson <simon@josefsson.org>
9378 * lib/libgnutls.map: Auto-generate from GnuTLS 2.6.x list of
9379 exported symbols. No substantial change.
9381 2009-05-25 Simon Josefsson <simon@josefsson.org>
9383 * lib/libgnutls.map: Move functions. Reported by Andreas Metzler
9384 <ametzler@downhill.at.eu.org> in
9386 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3578>.
9388 2009-05-25 Simon Josefsson <simon@josefsson.org>
9390 * lib/libgnutls.map: Move gnutls_x509_crq_set_key back to old ABI
9391 namespace. Reported by Andreas Metzler
9392 <ametzler@downhill.at.eu.org> in
9394 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3576>.
9396 2009-05-25 Simon Josefsson <simon@josefsson.org>
9400 2009-05-25 Simon Josefsson <simon@josefsson.org>
9402 * tests/chainverify.c: Fix expired certs. Exit early to make it
9403 easier to find failing test. Reported by Andreas Metzler
9404 <ametzler@downhill.at.eu.org> in
9406 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3580>.
9408 2009-05-20 Simon Josefsson <simon@josefsson.org>
9412 2009-05-20 Simon Josefsson <simon@josefsson.org>
9414 * AUTHORS: Fix PGP key.
9416 2009-05-20 Simon Josefsson <simon@josefsson.org>
9418 * doc/gnutls.texi, src/Makefile.am, src/README, src/README.srptool:
9419 Removed duplicated documentation.
9421 2009-05-20 Simon Josefsson <simon@josefsson.org>
9425 2009-05-20 Simon Josefsson <simon@josefsson.org>
9427 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
9428 libextra/configure.ac: Bump versions.
9430 2009-05-20 Simon Josefsson <simon@josefsson.org>
9432 * ChangeLog: Generated.
9434 2009-05-20 Simon Josefsson <simon@josefsson.org>
9436 * NEWS: Version 2.7.12.
9438 2009-05-20 Simon Josefsson <simon@josefsson.org>
9440 * NEWS, src/serv.c, src/tls_test.c: Fix gnutls-serv and
9441 gnutls-cli-debug on Windows.
9443 2009-05-20 Simon Josefsson <simon@josefsson.org>
9445 * gl/getdelim.c: Update gnulib files.
9447 2009-05-20 Simon Josefsson <simon@josefsson.org>
9449 * NEWS, doc/reference/Makefile.am, lib/minitasn1/libtasn1.h,
9450 lib/minitasn1/parser_aux.c: Use libtasn1 2.2.
9452 2009-05-20 Simon Josefsson <simon@josefsson.org>
9456 2009-05-20 Simon Josefsson <simon@josefsson.org>
9458 * build-aux/gnupload, gl/Makefile.am, gl/m4/sys_socket_h.m4,
9459 gl/sys_socket.in.h, gl/tests/test-sys_socket.c, lib/gl/Makefile.am,
9460 lib/gl/m4/sys_socket_h.m4, lib/gl/sys_socket.in.h,
9461 lib/gl/tests/test-sys_socket.c, maint.mk: Update gnulib files.
9463 2009-05-20 Simon Josefsson <simon@josefsson.org>
9465 * lib/gl/Makefile.am, lib/gl/m4/gnulib-cache.m4,
9466 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/vsnprintf.m4,
9467 lib/gl/tests/Makefile.am, lib/gl/tests/test-vsnprintf.c,
9468 lib/gl/vsnprintf.c: Replace vsnprintf if needed.
9470 2009-05-20 Simon Josefsson <simon@josefsson.org>
9474 2009-05-20 Simon Josefsson <simon@josefsson.org>
9476 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
9477 libextra/configure.ac: Bump versions.
9479 2009-05-20 Simon Josefsson <simon@josefsson.org>
9481 * tests/crq_key_id.c: Reorder gcry quick random to make it
9482 effective. Reported by Andreas Metzler
9483 <ametzler@downhill.at.eu.org> in
9485 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3570>.
9487 2009-05-18 Simon Josefsson <simon@josefsson.org>
9489 * ChangeLog: Generated.
9491 2009-05-18 Simon Josefsson <simon@josefsson.org>
9493 * NEWS: Version 2.7.11.
9495 2009-05-18 Simon Josefsson <simon@josefsson.org>
9497 * NEWS, cfg.mk, configure.ac, doc/examples/Makefile.am,
9498 lib/Makefile.am, lib/configure.ac, lib/openpgp/Makefile.am,
9499 lib/x509/Makefile.am, libextra/Makefile.am, libextra/configure.ac,
9500 src/Makefile.am, tests/Makefile.am: Don't build with warnings all
9501 the time. Use a WERROR_CFLAGS.
9503 2009-05-18 Simon Josefsson <simon@josefsson.org>
9505 * maint.mk: Update gnulib files.
9507 2009-05-18 Simon Josefsson <simon@josefsson.org>
9511 2009-05-18 Simon Josefsson <simon@josefsson.org>
9513 * src/serv.c: Don't use unportable NI_MAXHOST/NI_MAXSERV.
9515 2009-05-17 Simon Josefsson <simon@josefsson.org>
9517 * src/Makefile.am: Link getaddrinfo libraries. Reported by "Tom G.
9518 Christensen" <tgc@jupiterrise.com> in
9520 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3560>.
9522 2009-05-17 Simon Josefsson <simon@josefsson.org>
9524 * NEWS, configure.ac, lib/configure.ac: Need to run AC_PROG_CXX
9527 2009-05-16 Simon Josefsson <simon@josefsson.org>
9529 * doc/doxygen/Doxyfile.in, libextra/gl/Makefile.am: Fix old gnulib
9530 lgpl/ paths. Reported by "Tom G. Christensen" <tgc@jupiterrise.com>
9533 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3556>.
9535 2009-05-14 Simon Josefsson <simon@josefsson.org>
9539 2009-05-14 Simon Josefsson <simon@josefsson.org>
9541 * lib/minitasn1/Makefile.am: Need -DASN1_BUILDING for libtasn1.
9543 2009-05-14 Simon Josefsson <simon@josefsson.org>
9545 * doc/announcement-template.txt: Add.
9547 2009-05-14 Simon Josefsson <simon@josefsson.org>
9551 2009-05-14 Simon Josefsson <simon@josefsson.org>
9553 * lib/minitasn1/Makefile.am: Fix -I's after gnulib changes.
9554 Reported by "Tom G. Christensen" <tgc@jupiterrise.com> in
9556 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3548>.
9558 2009-05-14 Simon Josefsson <simon@josefsson.org>
9560 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
9561 libextra/configure.ac: Bump versions.
9563 2009-05-13 Simon Josefsson <simon@josefsson.org>
9565 * ChangeLog: Generated.
9567 2009-05-13 Simon Josefsson <simon@josefsson.org>
9569 * NEWS: Version 2.7.10.
9571 2009-05-13 Simon Josefsson <simon@josefsson.org>
9573 * gl/Makefile.am, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
9574 gl/tests/Makefile.am, gl/tests/test-alignof.c, lib/gl/Makefile.am,
9575 lib/gl/m4/gnulib-cache.m4, lib/gl/m4/gnulib-comp.m4,
9576 lib/gl/tests/Makefile.am, lib/gl/tests/test-alignof.c: Avoid failing
9579 2009-05-13 Simon Josefsson <simon@josefsson.org>
9581 * lib/gnutls_algorithms.c, lib/gnutls_auth.c, lib/gnutls_buffers.c,
9582 lib/gnutls_cert.c, lib/gnutls_global.c, lib/gnutls_priority.c,
9583 lib/gnutls_psk.c, lib/gnutls_session.c, lib/gnutls_state.c,
9584 lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
9585 lib/includes/gnutls/pkcs12.h, lib/includes/gnutls/x509.h,
9586 lib/openpgp/extras.c, lib/openpgp/gnutls_openpgp.c,
9587 lib/openpgp/pgp.c, lib/openpgp/privkey.c, lib/x509/crq.c,
9588 lib/x509/dn.c, lib/x509/pkcs12_bag.c, lib/x509/x509.c,
9589 lib/x509/x509_write.c, libextra/gnutls_ia.c: Doc fixes for GTK-DOC.
9591 2009-05-13 Simon Josefsson <simon@josefsson.org>
9593 * lib/ext_server_name.c, lib/gnutls_priority.c,
9594 lib/gnutls_record.c, lib/gnutls_srp.c, lib/gnutls_state.c,
9595 lib/gnutls_ui.c, lib/gnutls_x509.c,
9596 lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/x509.h,
9597 lib/x509/crq.c, lib/x509/dn.c, lib/x509/pkcs7.c,
9598 lib/x509/privkey.c, lib/x509/verify.c, lib/x509/x509.c,
9599 lib/x509/x509_write.c: Doc fixes for GTK-DOC.
9601 2009-05-13 Simon Josefsson <simon@josefsson.org>
9603 * lib/includes/gnutls/crypto.h, lib/includes/gnutls/openpgp.h,
9604 lib/includes/gnutls/x509.h, lib/openpgp/gnutls_openpgp.c,
9605 lib/x509/dn.c, lib/x509/output.c, lib/x509/pkcs7.c,
9606 lib/x509/verify.c, lib/x509/x509.c: Doc fixes for GTK-DOC.
9608 2009-05-13 Simon Josefsson <simon@josefsson.org>
9612 2009-05-13 Simon Josefsson <simon@josefsson.org>
9614 * doc/examples/ex-alert.c, doc/examples/ex-cert-select.c,
9615 doc/examples/ex-client-psk.c, doc/examples/ex-client-resume.c,
9616 doc/examples/ex-client-srp.c, doc/examples/ex-client-tlsia.c,
9617 doc/examples/ex-client1.c, doc/examples/ex-client2.c,
9618 doc/examples/ex-crq.c, doc/examples/ex-pkcs12.c,
9619 doc/examples/ex-rfc2818.c, doc/examples/ex-serv-anon.c,
9620 doc/examples/ex-serv-export.c, doc/examples/ex-serv-pgp.c,
9621 doc/examples/ex-serv-psk.c, doc/examples/ex-serv-srp.c,
9622 doc/examples/ex-serv1.c, doc/examples/ex-session-info.c,
9623 doc/examples/ex-verify.c, doc/examples/ex-x509-info.c,
9624 doc/examples/tcp.c: Place examples in public domain. After
9625 discussion with Karl.
9627 2009-05-13 Simon Josefsson <simon@josefsson.org>
9629 * gl/alignof.h, gl/m4/gnulib-comp.m4, gl/tests/Makefile.am,
9630 gl/tests/test-alignof.c, lib/gl/alignof.h,
9631 lib/gl/m4/gnulib-comp.m4, lib/gl/tests/Makefile.am,
9632 lib/gl/tests/test-alignof.c, maint.mk: Update gnulib files.
9634 2009-05-13 Simon Josefsson <simon@josefsson.org>
9636 * lib/opencdk/keydb.c: Avoid sprintf.
9638 2009-05-13 Simon Josefsson <simon@josefsson.org>
9640 * doc/examples/ex-client-tlsia.c, lib/opencdk/literal.c,
9641 lib/opencdk/misc.c, src/common.c, tests/chainverify.c,
9642 tests/tlsia.c: Fix warnings.
9644 2009-05-13 Simon Josefsson <simon@josefsson.org>
9648 2009-05-13 Simon Josefsson <simon@josefsson.org>
9650 * doc/gnutls.texi: Fix.
9652 2009-05-13 Simon Josefsson <simon@josefsson.org>
9656 2009-05-13 Simon Josefsson <simon@josefsson.org>
9658 * lib/pk-libgcrypt.c: Fix crash.
9660 2009-05-12 Simon Josefsson <simon@josefsson.org>
9662 * lib/gnutls_cert.c: Doc fix.
9664 2009-05-12 Simon Josefsson <simon@josefsson.org>
9666 * lib/gnutls_dh_primes.c: Doc fix.
9668 2009-05-12 Simon Josefsson <simon@josefsson.org>
9670 * lib/minitasn1/Makefile.am, lib/minitasn1/errors.h: Drop removed
9673 2009-05-12 Simon Josefsson <simon@josefsson.org>
9675 * NEWS, lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
9676 lib/minitasn1/element.c, lib/minitasn1/element.h,
9677 lib/minitasn1/errors.c, lib/minitasn1/gstr.c, lib/minitasn1/gstr.h,
9678 lib/minitasn1/int.h, lib/minitasn1/libtasn1.h,
9679 lib/minitasn1/parser_aux.c, lib/minitasn1/parser_aux.h,
9680 lib/minitasn1/structure.c, lib/minitasn1/structure.h: Upgrade
9683 2009-05-12 Simon Josefsson <simon@josefsson.org>
9685 * lib/gnutls_global.c, libextra/gnutls_extra.c: Doc fixes. Remove
9688 2009-05-12 Simon Josefsson <simon@josefsson.org>
9690 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
9691 libextra/configure.ac: Bump versions.
9693 2009-05-11 Simon Josefsson <simon@josefsson.org>
9695 * ChangeLog: Generated.
9697 2009-05-11 Simon Josefsson <simon@josefsson.org>
9699 * NEWS: Version 2.7.9.
9701 2009-05-11 Simon Josefsson <simon@josefsson.org>
9703 * lib/configure.ac, libextra/configure.ac: Drop obsolete stuff.
9705 2009-05-11 Simon Josefsson <simon@josefsson.org>
9707 * configure.ac: Drop obsolete stuff.
9709 2009-05-11 Simon Josefsson <simon@josefsson.org>
9711 * gl/Makefile.am, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
9712 gl/m4/ld-output-def.m4, gl/m4/ld-version-script.m4,
9713 lib/gl/Makefile.am, lib/gl/m4/gnulib-cache.m4,
9714 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/ld-output-def.m4,
9715 lib/gl/m4/ld-version-script.m4, libextra/gl/gnulib.mk,
9716 libextra/gl/m4/gnulib-cache.m4, libextra/gl/m4/gnulib-comp.m4,
9717 libextra/gl/m4/ld-output-def.m4,
9718 libextra/gl/m4/ld-version-script.m4: Move gnulib tests into proper
9721 2009-05-11 Simon Josefsson <simon@josefsson.org>
9725 2009-05-11 Simon Josefsson <simon@josefsson.org>
9727 * doc/manpages/Makefile.am: Generated.
9729 2009-05-11 Simon Josefsson <simon@josefsson.org>
9731 * doc/scripts/gdoc: Fix gnutls_priority_init documentation.
9733 2009-05-11 Simon Josefsson <simon@josefsson.org>
9735 * doc/scripts/gdoc: Revert "Fix man output for "%COMPAT" in
9736 docstrings." This reverts commit d10f1872bcbf7eb63632a8ce2e50728f42bd03fa.
9738 2009-05-11 Simon Josefsson <simon@josefsson.org>
9740 * doc/scripts/gdoc: Fix man output for "%COMPAT" in docstrings.
9742 2009-05-11 Simon Josefsson <simon@josefsson.org>
9744 * doc/manpages/Makefile.am: When writing man pages, don't append to
9747 2009-05-11 Simon Josefsson <simon@josefsson.org>
9749 * lib/gnutls_priority.c: Doc fix.
9751 2009-05-11 Simon Josefsson <simon@josefsson.org>
9753 * NEWS, doc/examples/Makefile.am, lib/gl/Makefile.am,
9754 lib/gl/m4/gnulib-cache.m4, lib/gl/m4/gnulib-comp.m4,
9755 lib/gl/tests/Makefile.am, lib/gl/tests/test-lseek.c,
9756 lib/gl/tests/test-lseek.sh, src/Makefile.am, tests/Makefile.am: Fix
9757 MinGW build failures.
9759 2009-05-11 Simon Josefsson <simon@josefsson.org>
9761 * lib/autogen.sh: Add.
9763 2009-05-11 Simon Josefsson <simon@josefsson.org>
9765 * maint.mk: Update gnulib files.
9767 2009-05-11 Simon Josefsson <simon@josefsson.org>
9769 * gtk-doc.make: Fix syntax-check.
9771 2009-05-11 Simon Josefsson <simon@josefsson.org>
9773 * gtk-doc.make, m4/gtk-doc.m4: Upgrade gtk-doc files.
9775 2009-05-11 Simon Josefsson <simon@josefsson.org>
9777 * cfg.mk, gl/sys_socket.in.h, gl/tests/test-vc-list-files-git.sh,
9778 lib/gl/Makefile.am, lib/gl/m4/gnulib-cache.m4,
9779 lib/gl/m4/gnulib-comp.m4, lib/gl/sys_socket.in.h,
9780 lib/gl/tests/Makefile.am, lib/gl/tests/test-lseek.c,
9781 lib/gl/tests/test-lseek.sh, libextra/gl/gnulib.mk,
9782 libextra/gl/m4/gnulib-cache.m4, libextra/gl/m4/gnulib-comp.m4:
9783 Update gnulib files.
9785 2009-05-10 Simon Josefsson <simon@josefsson.org>
9787 * tests/chainverify.c: Verisign CA v1 cert has expired! Change
9788 expected results. Also test expiration code more.
9790 2009-05-08 Simon Josefsson <simon@josefsson.org>
9792 * doc/Makefile.am: Don't always rebuild manual.
9794 2009-05-08 Simon Josefsson <simon@josefsson.org>
9796 * gl/m4/sys_socket_h.m4, lib/gl/m4/sys_socket_h.m4: Update gnulib
9799 2009-05-08 Simon Josefsson <simon@josefsson.org>
9801 * gl/Makefile.am, lib/gl/Makefile.am: Update gnulib files.
9803 2009-05-08 Simon Josefsson <simon@josefsson.org>
9805 * gl/Makefile.am, gl/alignof.h, lib/gl/Makefile.am: Update gnulib
9808 2009-05-08 Simon Josefsson <simon@josefsson.org>
9812 2009-05-08 Simon Josefsson <simon@josefsson.org>
9816 2009-05-08 Simon Josefsson <simon@josefsson.org>
9818 * build-aux/gnupload, gl/Makefile.am, gl/m4/errno_h.m4,
9819 gl/m4/gnulib-comp.m4, gl/m4/multiarch.m4, gl/m4/sys_socket_h.m4,
9820 gl/m4/vasnprintf.m4, gl/sys_socket.in.h,
9821 gl/tests/test-sys_socket.c, lib/gl/Makefile.am, lib/gl/alignof.h,
9822 lib/gl/m4/errno_h.m4, lib/gl/m4/gnulib-comp.m4,
9823 lib/gl/m4/multiarch.m4, lib/gl/m4/sys_socket_h.m4,
9824 lib/gl/m4/vasnprintf.m4, lib/gl/sys_socket.in.h,
9825 lib/gl/tests/test-sys_socket.c, maint.mk: Update gnulib files.
9827 2009-05-08 Simon Josefsson <simon@josefsson.org>
9829 * cfg.mk: Fix -Werror handling.
9831 2009-05-08 Simon Josefsson <simon@josefsson.org>
9833 * lib/x509/output.c: Fix warnings.
9835 2009-05-07 Simon Josefsson <simon@josefsson.org>
9837 * doc/examples/ex-serv-anon.c, doc/examples/ex-serv-export.c,
9838 doc/examples/ex-serv-pgp.c, doc/examples/ex-serv-psk.c,
9839 doc/examples/ex-serv-srp.c, doc/examples/ex-serv1.c,
9840 tests/anonself.c, tests/dhepskself.c, tests/openpgpself.c,
9841 tests/oprfi.c, tests/pskself.c, tests/resume.c, tests/tlsia.c,
9842 tests/x509dn.c, tests/x509self.c, tests/x509signself.c: Fix
9845 2009-05-07 Simon Josefsson <simon@josefsson.org>
9849 2009-05-07 Simon Josefsson <simon@josefsson.org>
9851 * tests/anonself.c, tests/dhepskself.c, tests/openpgpself.c,
9852 tests/oprfi.c, tests/pskself.c, tests/resume.c, tests/tlsia.c,
9853 tests/x509dn.c, tests/x509self.c, tests/x509signself.c: Use memset
9854 instead of deprecated bzero.
9856 2009-05-07 Simon Josefsson <simon@josefsson.org>
9858 * NEWS, src/certtool-cfg.c, src/serv.c: Fix build failure on systems
9859 without AF_INET6, e.g., Solaris 2.6. Reported by "Tom G.
9860 Christensen" <tgc@jupiterrise.com> in
9862 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3524>.
9864 2009-05-06 Simon Josefsson <simon@josefsson.org>
9866 * doc/Makefile.am: Drop README.GIT.
9868 2009-05-06 Simon Josefsson <simon@josefsson.org>
9870 * tests/Makefile.am: Need to link directly to libgcrypt here.
9872 2009-05-06 Simon Josefsson <simon@josefsson.org>
9874 * lib/mpi-libgcrypt.c: Don't use casts that break strict-aliasing
9877 2009-05-06 Simon Josefsson <simon@josefsson.org>
9879 * README-alpha: Fix.
9881 2009-05-06 Simon Josefsson <simon@josefsson.org>
9883 * configure.ac: Fix.
9885 2009-05-05 Simon Josefsson <simon@josefsson.org>
9887 * README-alpha, doc/README.GIT: Replace doc/README.GIT with
9890 2009-05-05 Simon Josefsson <simon@josefsson.org>
9892 * README-alpha: Fix.
9894 2009-05-05 Simon Josefsson <simon@josefsson.org>
9896 * README-alpha: Add.
9898 2009-05-03 Simon Josefsson <simon@josefsson.org>
9900 * NEWS, lib/libgnutls.map: Fix build failure when LZO is enabled.
9902 2009-05-03 Simon Josefsson <simon@josefsson.org>
9904 * lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
9905 libextra/includes/gnutls/extra.h: Fix gtk-doc warnings.
9907 2009-05-03 Simon Josefsson <simon@josefsson.org>
9911 2009-05-03 Simon Josefsson <simon@josefsson.org>
9913 * lib/gnutls_asn1_tab.c, lib/pkix_asn1_tab.c: Regenerated libtasn1
9916 2009-05-03 Simon Josefsson <simon@josefsson.org>
9918 * doc/Makefile.am: Build tools before using them.
9920 2009-05-03 Simon Josefsson <simon@josefsson.org>
9922 * .x-sc_GPL_version, .x-sc_avoid_if_before_free,
9923 .x-sc_cast_of_alloca_return_value, .x-sc_cast_of_argument_to_free,
9924 .x-sc_file_system, .x-sc_m4_quote_check, .x-sc_makefile_check,
9925 .x-sc_program_name, .x-sc_prohibit_HAVE_MBRTOWC,
9926 .x-sc_prohibit_S_IS_definition, .x-sc_space_tab, .x-sc_the_the,
9927 .x-sc_two_space_separator_in_usage, .x-sc_useless_cpp_parens, NEWS,
9928 cfg.mk, doc/examples/ex-serv-export.c, doc/gnutls.texi,
9929 gtk-doc.make, lib/gnutls.asn, lib/m4/hooks.m4,
9930 lib/openpgp/Makefile.am, lib/pkix.asn, lib/x509/Makefile.am,
9931 libextra/m4/hooks.m4, m4/valgrind.m4, src/Makefile.am,
9932 src/certtool-cfg.c, src/certtool.c, src/crypt.c, src/psk.c,
9933 src/serv.c, src/tls_test.c, tests/Makefile.am, tests/resume.c,
9934 tests/x509dn.c: Fix syntax-check warnings.
9936 2009-05-03 Simon Josefsson <simon@josefsson.org>
9938 * doc/reference/Makefile.am, gtk-doc.make: Upgrade gtk-doc files.
9940 2009-05-03 Simon Josefsson <simon@josefsson.org>
9942 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
9943 libextra/configure.ac: Bump versions.
9945 2009-05-03 Simon Josefsson <simon@josefsson.org>
9947 * ChangeLog: Generated.
9949 2009-05-03 Simon Josefsson <simon@josefsson.org>
9951 * NEWS: Version 2.7.8.
9953 2009-05-03 Simon Josefsson <simon@josefsson.org>
9955 * gl/Makefile.am, gl/gettext.h, gl/m4/wchar.m4, gl/wchar.in.h,
9956 lib/gl/Makefile.am, lib/gl/gettext.h, lib/gl/m4/wchar.m4,
9957 lib/gl/wchar.in.h: Update gnulib files.
9959 2009-05-03 Simon Josefsson <simon@josefsson.org>
9961 * tests/pkcs1-padding/pkcs1-pad: Fix self test fails because of
9962 expired certs using datefudge.
9964 2009-05-01 Simon Josefsson <simon@josefsson.org>
9966 * tests/chainverify.c: Print cert details. Fix verifying expired
9969 2009-05-01 Simon Josefsson <simon@josefsson.org>
9971 * tests/cve-2008-4989.c: Avoid time checks.
9973 2009-04-30 Simon Josefsson <simon@josefsson.org>
9975 * tests/Makefile.am, tests/cve-2009-1415.c, tests/cve-2009-1416.c:
9976 Add self-tests for security problems.
9978 2009-04-30 Simon Josefsson <simon@josefsson.org>
9982 2009-04-30 Simon Josefsson <simon@josefsson.org>
9984 * lib/gnutls_cert.c, lib/includes/gnutls/gnutls.h.in,
9985 lib/includes/gnutls/x509.h, lib/x509/verify.c, src/common.c:
9986 libgnutls: Check activation/expiration times on untrusted
9987 certificates. Reported by Romain Francoise.
9989 2009-04-30 Simon Josefsson <simon@josefsson.org>
9991 * lib/gnutls_pk.c: Fix DSA key generation.
9993 2009-04-30 Simon Josefsson <simon@josefsson.org>
9995 * cfg.mk: Use modern git names.
9997 2009-04-30 Simon Josefsson <simon@josefsson.org>
9999 * NEWS: Add old NEWS entries.
10001 2009-04-30 Simon Josefsson <simon@josefsson.org>
10003 * doc/gnutls.texi: Document how to use TLS exporters.
10005 2009-04-30 Simon Josefsson <simon@josefsson.org>
10007 * src/serv.c: Fix getaddrinfo/bind loop.
10009 2009-04-28 Simon Josefsson <simon@josefsson.org>
10011 * maint.mk: Update gnulib files.
10013 2009-04-27 Simon Josefsson <simon@josefsson.org>
10015 * : Replace PDF with official ZIP file. The PDFs have the same
10016 SHA-1. The file was downloaded from:
10018 http://csrc.nist.gov/groups/ST/crypto_apps_infra/documents/PKI%20Testing%20Page.htmUsing the direct link:
10020 http://csrc.nist.gov/groups/ST/crypto_apps_infra/documents/certpath1.07.zip
10022 2009-04-27 Simon Josefsson <simon@josefsson.org>
10026 2009-04-27 Simon Josefsson <simon@josefsson.org>
10028 * build-aux/useless-if-before-free, build-aux/vc-list-files,
10029 gl/Makefile.am, gl/m4/gnulib-comp.m4, gl/tests/Makefile.am,
10030 gl/tests/test-vc-list-files-cvs.sh,
10031 gl/tests/test-vc-list-files-git.sh, maint.mk: Update gnulib files.
10033 2009-04-27 Simon Josefsson <simon@josefsson.org>
10035 * src/certtool.c: Fix some error messages.
10037 2009-04-27 Simon Josefsson <simon@josefsson.org>
10039 * gl/m4/lib-link.m4, gl/m4/lib-prefix.m4, gl/vasnprintf.c,
10040 lib/gl/m4/lib-link.m4, lib/gl/m4/lib-prefix.m4,
10041 lib/gl/vasnprintf.c, libextra/gl/m4/lib-link.m4,
10042 libextra/gl/m4/lib-prefix.m4, maint.mk: Update gnulib files.
10044 2009-04-27 Simon Josefsson <simon@josefsson.org>
10048 2009-04-27 Simon Josefsson <simon@josefsson.org>
10052 2009-04-27 Simon Josefsson <simon@josefsson.org>
10054 * lib/libgnutls.map: Move symbols new with gnutls 2.8.x under
10055 GNUTLS_2_8 version.
10057 2009-04-24 Simon Josefsson <simon@josefsson.org>
10059 * NEWS, src/serv.c: gnutls-serv: Listen on all interfaces.
10061 2009-04-24 Simon Josefsson <simon@josefsson.org>
10063 * maint.mk: Update gnulib files.
10065 2009-04-24 Simon Josefsson <simon@josefsson.org>
10067 * lib/pk-libgcrypt.c: Cleanup code and fix memory leaks.
10069 2009-04-23 Simon Josefsson <simon@josefsson.org>
10071 * doc/gendocs_template: Update gnulib files.
10073 2009-04-23 Simon Josefsson <simon@josefsson.org>
10075 * NEWS, doc/gnutls.texi: Improve texinfo section names.
10077 2009-04-23 Simon Josefsson <simon@josefsson.org>
10079 * tests/x509sign-verify.c: Also test DSA keys.
10081 2009-04-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10083 * lib/x509/verify.c: release allocated mpis in
10084 _gnutls_x509_verify_algorithm().
10086 2009-04-21 Simon Josefsson <simon@josefsson.org>
10088 * tests/libgcrypt.supp: Suppress more for modern libgcrypt.
10090 2009-04-21 Simon Josefsson <simon@josefsson.org>
10092 * tests/x509sign-verify.c: Cleanup code.
10094 2009-04-21 Simon Josefsson <simon@josefsson.org>
10096 * src/cli.c: Pass proper socket to libgnutls on Windows.
10098 2009-04-21 Simon Josefsson <simon@josefsson.org>
10100 * gl/Makefile.am, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
10101 gl/sockets.c, gl/sockets.h, gl/tests/Makefile.am, gl/tests/dummy.c,
10102 gl/tests/sockets.c, gl/tests/sockets.h: Need sockets module.
10104 2009-04-20 Simon Josefsson <simon@josefsson.org>
10106 * lib/libgnutls.map: Make check needs more symbols.
10108 2009-04-20 Simon Josefsson <simon@josefsson.org>
10110 * NEWS, lib/Makefile.am, lib/libgnutls.map, libextra/Makefile.am,
10111 libextra/libgnutls-extra.map, libextra/libgnutls-extra.vers: Improve
10112 version scripts. Limit exported symbols on systems without linker
10115 2009-04-20 Simon Josefsson <simon@josefsson.org>
10119 2009-04-20 Simon Josefsson <simon@josefsson.org>
10121 * NEWS, build-aux/gendocs.sh, configure.ac, lib/configure.ac,
10122 lib/m4/hooks.m4, libextra/configure.ac: Bump version.
10124 2009-04-20 Simon Josefsson <simon@josefsson.org>
10126 * ChangeLog: Generated.
10128 2009-04-20 Simon Josefsson <simon@josefsson.org>
10130 * NEWS: Version 2.7.7.
10132 2009-04-20 Simon Josefsson <simon@josefsson.org>
10134 * doc/manpages/Makefile.am: Generated.
10136 2009-04-20 Simon Josefsson <simon@josefsson.org>
10138 * doc/gnutls.texi: Really generate DSA key in example.
10140 2009-04-20 Simon Josefsson <simon@josefsson.org>
10142 * lib/x509/x509.c: Fix return value. Doc fix.
10144 2009-04-20 Simon Josefsson <simon@josefsson.org>
10146 * doc/gnutls.texi: Explain how to generate DSA key.
10148 2009-04-20 Simon Josefsson <simon@josefsson.org>
10150 * lib/gnutls_x509.c, lib/x509/x509.c: Doc fix for new APIs.
10152 2009-04-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10154 * NEWS, lib/pk-libgcrypt.c: Corrected possible memory corruption on
10155 signature verification failure. Reported by Miroslav Kratochvil
10156 <exa.exa@gmail.com>
10158 2009-04-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10160 * doc/printlist.c: Added small patch from Romain Francoise to remove
10163 2009-04-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10165 * lib/includes/gnutls/x509.h, lib/x509/privkey.c, lib/x509/x509.c,
10166 tests/Makefile.am, tests/x509sign-verify.c: Added self test for
10167 gnutls_x509_crt_verify_hash() and
10168 gnutls_x509_crt_get_verify_algorithm(). Added some notes in
10169 gnutls_x509_privkey_sign_hash().
10171 2009-04-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10173 * NEWS, lib/includes/gnutls/x509.h, lib/x509/verify.c,
10174 lib/x509/x509.c: gnutls_x509_crt_get_sig_algorithm was renamed to
10175 gnutls_x509_crt_get_verify_algorithm. Corrected some issues with
10178 2009-04-17 Simon Josefsson <simon@josefsson.org>
10182 2009-04-17 Simon Josefsson <simon@josefsson.org>
10184 * NEWS, lib/gnutls.pc.in: Add -ltasn1 to pkg-config file. Reported
10185 by Andreas Metzler <ametzler@downhill.at.eu.org> in
10187 <http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3467>.
10189 2009-04-17 Simon Josefsson <simon@josefsson.org>
10193 2009-04-17 Simon Josefsson <simon@josefsson.org>
10195 * cfg.mk: Use new po domain.
10197 2009-04-17 Simon Josefsson <simon@josefsson.org>
10199 * lib/po/de.po.in: Sync with TP.
10201 2009-04-17 Simon Josefsson <simon@josefsson.org>
10203 * lib/po/de.po.in: Sync with TP.
10205 2009-04-17 Simon Josefsson <simon@josefsson.org>
10207 * maint.mk: Update gnulib files.
10209 2009-04-17 Simon Josefsson <simon@josefsson.org>
10211 * lib/po/de.po.in: Sync with TP.
10213 2009-04-16 Simon Josefsson <simon@josefsson.org>
10215 * : commit 934102c33ac89ace9a1e1d02047d54f2fea6b59b Merge: bc279f4
10216 d720f3f Author: Nikos Mavrogiannopoulos <nmav@gnutls.org> Date:
10217 Wed Apr 15 22:43:03 2009 +0300
10219 2009-04-14 Simon Josefsson <simon@josefsson.org>
10221 * build-aux/gendocs.sh, doc/gendocs_template, doc/lgpl-2.1.texi:
10222 Update gnulib files.
10224 2009-04-11 Simon Josefsson <simon@josefsson.org>
10226 * gl/Makefile.am, gl/m4/inet_ntop.m4, maint.mk: Update gnulib files.
10228 2009-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10230 * NEWS: documented Cedric Bail's function addition
10232 2009-04-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10234 * : commit 258d2e873f61d5543c674f46a6247b4a379d2cca Author: Simon
10235 Josefsson <simon@josefsson.org> Date: Fri Apr 3 15:20:09 2009
10238 2009-04-03 Simon Josefsson <simon@josefsson.org>
10240 * lib/po/POTFILES.in: Fix filenames.
10242 2009-04-03 Simon Josefsson <simon@josefsson.org>
10244 * cfg.mk: Fix PODIR.
10246 2009-04-03 Simon Josefsson <simon@josefsson.org>
10248 * Makefile.am, configure.ac, lib/Makefile.am, lib/configure.ac,
10249 lib/po/LINGUAS, lib/po/Makevars, lib/po/POTFILES.in,
10250 lib/po/cs.po.in, lib/po/de.po.in, lib/po/fr.po.in, lib/po/ms.po.in,
10251 lib/po/nl.po.in, lib/po/pl.po.in, lib/po/sv.po.in, lib/po/vi.po.in,
10252 po/LINGUAS, po/Makevars, po/POTFILES.in, po/cs.po.in, po/de.po.in,
10253 po/fr.po.in, po/ms.po.in, po/nl.po.in, po/pl.po.in, po/sv.po.in,
10254 po/vi.po.in: Move i18n dir back to lib/, after discussion with
10257 2009-04-03 Simon Josefsson <simon@josefsson.org>
10259 * configure.ac, gl/Makefile.am, gl/m4/gnulib-cache.m4,
10260 gl/m4/gnulib-comp.m4, gl/m4/ld-version-script.m4,
10261 m4/linker-script.m4: Use linker-script from gnulib.
10263 2009-04-03 Simon Josefsson <simon@josefsson.org>
10265 * configure.ac, gl/Makefile.am, gl/m4/gnulib-cache.m4,
10266 gl/m4/gnulib-comp.m4, gl/m4/ld-output-def.m4, lib/configure.ac,
10267 libextra/configure.ac, m4/output-def.m4: Use output-def test from
10270 2009-04-03 Simon Josefsson <simon@josefsson.org>
10272 * configure.ac, lib/Makefile.am, lib/libgnutls.map,
10273 lib/libgnutls.vers, lib/libgnutlsxx.map, lib/libgnutlsxx.vers:
10274 Rename linker script.
10276 2009-04-03 Simon Josefsson <simon@josefsson.org>
10278 * lib/Makefile.am, lib/m4/hooks.m4, libextra/Makefile.am: Use
10279 DLL_VERSION variable name.
10281 2009-03-30 Simon Josefsson <simon@josefsson.org>
10283 * po/LINGUAS, po/cs.po.in: Sync with TP.
10285 2009-03-30 Simon Josefsson <simon@josefsson.org>
10287 * lib/gnutls_global.c, lib/openpgp/output.c, lib/x509/output.c: Fix
10290 2009-03-30 Simon Josefsson <simon@josefsson.org>
10292 * configure.ac: Only add warnings when using gcc. Don't use
10293 -Wformat-nonliteral.
10295 2009-03-30 Simon Josefsson <simon@josefsson.org>
10297 * GNUmakefile, build-aux/gnupload, gl/Makefile.am, gl/close-hook.c,
10298 gl/close-hook.h, gl/close.c, gl/fseeko.c, gl/gai_strerror.c,
10299 gl/m4/close.m4, gl/m4/gnulib-common.m4, gl/m4/gnulib-comp.m4,
10300 gl/m4/printf.m4, gl/m4/select.m4, gl/m4/stdarg.m4,
10301 gl/m4/sys_select_h.m4, gl/readline.c, gl/select.c, gl/setsockopt.c,
10302 gl/stdint.in.h, gl/sys_select.in.h, gl/sys_socket.in.h,
10303 gl/tests/Makefile.am, gl/tests/sockets.c, gl/tests/sockets.h,
10304 gl/tests/test-getaddrinfo.c, gl/tests/test-sockets.c,
10305 gl/unistd.in.h, gl/vasnprintf.c, gl/winsock-select.c,
10306 lib/gl/Makefile.am, lib/gl/close-hook.c, lib/gl/close-hook.h,
10307 lib/gl/fseeko.c, lib/gl/m4/gnulib-common.m4,
10308 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/printf.m4, lib/gl/sockets.c,
10309 lib/gl/sockets.h, lib/gl/stdint.in.h, lib/gl/sys_socket.in.h,
10310 lib/gl/tests/test-sockets.c, lib/gl/unistd.in.h,
10311 lib/gl/vasnprintf.c, lib/gl/w32sock.h,
10312 libextra/gl/m4/gnulib-common.m4, maint.mk: Update gnulib files.
10314 2009-03-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10316 * lib/includes/gnutls/x509.h, lib/x509/verify.c, lib/x509/x509.c,
10317 lib/x509/x509_int.h: Applied patch by Cedric Bail to add functions
10318 gnutls_x509_crt_verify_hash() and
10319 gnutls_x509_crt_get_sig_algorithm().
10321 2009-03-23 Simon Josefsson <simon@josefsson.org>
10323 * cfg.mk: Fix bootstrap.
10325 2009-03-23 Simon Josefsson <simon@josefsson.org>
10327 * Makefile.am, cfg.mk, configure.ac, lib/Makefile.am,
10328 lib/configure.ac: Fix po paths.
10330 2009-03-23 Simon Josefsson <simon@josefsson.org>
10332 * lib/po/LINGUAS, lib/po/Makevars, lib/po/POTFILES.in,
10333 lib/po/de.po.in, lib/po/fr.po.in, lib/po/ms.po.in, lib/po/nl.po.in,
10334 lib/po/pl.po.in, lib/po/sv.po.in, lib/po/vi.po.in, po/LINGUAS,
10335 po/Makevars, po/POTFILES.in, po/de.po.in, po/fr.po.in, po/ms.po.in,
10336 po/nl.po.in, po/pl.po.in, po/sv.po.in, po/vi.po.in: Move lib/po to
10337 po/ since the gettext domain is global for gnutls.
10339 2009-03-04 Simon Josefsson <simon@josefsson.org>
10341 * lib/x509/Makefile.am: Cosmetic fix.
10343 2009-03-04 Simon Josefsson <simon@josefsson.org>
10345 * lib/gnutls_global.c, lib/x509/x509_int.h: Be compatible with
10346 libtasn1 before v1.6.
10348 2009-03-04 Simon Josefsson <simon@josefsson.org>
10352 2009-03-04 Simon Josefsson <simon@josefsson.org>
10354 * NEWS, lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
10355 lib/minitasn1/element.c, lib/minitasn1/errors.c,
10356 lib/minitasn1/errors.h, lib/minitasn1/gstr.c, lib/minitasn1/int.h,
10357 lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
10358 lib/minitasn1/structure.c: Update to minitasn1 v1.8.
10360 2009-03-04 Simon Josefsson <simon@josefsson.org>
10362 * lib/gnutls_global.c, lib/gnutls_global.h, lib/x509/common.c,
10363 lib/x509/crl.c, lib/x509/crq.c, lib/x509/dn.c,
10364 lib/x509/extensions.c, lib/x509/pkcs12.c, lib/x509/pkcs7.c,
10365 lib/x509/x509.c: Use modern libtasn1 interfaces.
10367 2009-03-02 Simon Josefsson <simon@josefsson.org>
10371 2009-03-02 Simon Josefsson <simon@josefsson.org>
10373 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
10374 libextra/configure.ac: Bump version.
10376 2009-03-02 Simon Josefsson <simon@josefsson.org>
10378 * doc/Makefile.am: Add -I's for errcodes/printlist. Reported by
10379 Roman Bogorodskiy <novel@FreeBSD.org> in
10381 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3435>.
10383 2009-02-27 Simon Josefsson <simon@josefsson.org>
10385 * ChangeLog: Generated.
10387 2009-02-27 Simon Josefsson <simon@josefsson.org>
10389 * doc/Makefile.am: Fix distcheck.
10391 2009-02-27 Simon Josefsson <simon@josefsson.org>
10393 * doc/Makefile.am: Fix.
10395 2009-02-27 Simon Josefsson <simon@josefsson.org>
10397 * doc/Makefile.am: Remove error_codes.texi and algorithms.texi to
10398 fix make distcheck.
10400 2009-02-27 Simon Josefsson <simon@josefsson.org>
10402 * doc/Makefile.am: Update --css-include path to fix distcheck.
10404 2009-02-27 Simon Josefsson <simon@josefsson.org>
10406 * NEWS: Version 2.7.6.
10408 2009-02-27 Simon Josefsson <simon@josefsson.org>
10412 2009-02-27 Simon Josefsson <simon@josefsson.org>
10414 * gl/tests/test-fseeko2.sh, lib/gl/tests/test-fseeko2.sh: Update
10417 2009-02-27 Simon Josefsson <simon@josefsson.org>
10419 * gl/m4/gnulib-comp.m4, gl/m4/printf.m4, gl/m4/stdint.m4,
10420 gl/m4/stdlib_h.m4, gl/m4/vasnprintf.m4, gl/tests/Makefile.am,
10421 gl/tests/test-fseeko.c, gl/tests/test-getaddrinfo.c,
10422 gl/vasnprintf.c, lib/gl/m4/gnulib-comp.m4, lib/gl/m4/printf.m4,
10423 lib/gl/m4/stdint.m4, lib/gl/m4/stdlib_h.m4,
10424 lib/gl/m4/vasnprintf.m4, lib/gl/tests/Makefile.am,
10425 lib/gl/tests/test-fseeko.c, lib/gl/vasnprintf.c: Update gnulib
10428 2009-02-27 Simon Josefsson <simon@josefsson.org>
10430 * gl/m4/ungetc.m4, lib/gl/m4/ungetc.m4: Update gnulib files.
10432 2009-02-27 Simon Josefsson <simon@josefsson.org>
10434 * doc/scripts/gdoc: Revert %-hack that lead to syntax errors in
10437 2009-02-24 Simon Josefsson <simon@josefsson.org>
10439 * src/certtool.c: Minor cleanup.
10441 2009-02-24 Simon Josefsson <simon@josefsson.org>
10443 * NEWS, src/certtool-cfg.c: certtool: Query for multiple dnsName
10444 subjectAltName in interactive mode.
10446 2009-02-23 Simon Josefsson <simon@josefsson.org>
10448 * gl/m4/include_next.m4, lib/gl/m4/include_next.m4: Update gnulib
10451 2009-02-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10453 * NEWS: documented pkix.asn change
10455 2009-02-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10457 * lib/pkix.asn: Removed several unneeded parameters from pkix tree.
10458 This reduces initial memory usage after gnutls_global_init() from
10459 140kb (in amd64) to 50kb.
10461 2009-02-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10463 * lib/x509/dn.c, tests/crq_key_id.c: Added more verbose information.
10465 2009-02-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10467 * lib/pkix.asn, lib/pkix_asn1_tab.c, lib/x509/dn.c,
10468 tests/crq_key_id.c: Revert "Added more verbose debugging info" This reverts commit c2d3596cddbb54ac4f19c44b15a03ee1fcceab12.
10470 2009-02-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
10472 * lib/pkix.asn, lib/pkix_asn1_tab.c, lib/x509/dn.c,
10473 tests/crq_key_id.c: Added more verbose debugging info
10475 2009-02-22 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
10477 * doc/TODO: removed items that have already been done or solved.
10479 2009-02-22 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
10481 * NEWS: documented the SSL3_RECORD_VERSION priority string
10483 2009-02-22 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
10485 * doc/scripts/gdoc, lib/gnutls_priority.c: Applied patch by Martin
10486 von Gagern: The attached patch fixes gnutls_priority_init(3), but in
10487 a very hackish way, treating a percent sign as indicating a constant
10488 only if it is not immediately preceded by a double quote.
10490 2009-02-21 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
10492 * doc/manpages/gnutls-cli.1: Corrected listing of special keywords.
10493 Reported by Martin von Gagern.
10495 2009-02-21 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
10497 * doc/manpages/gnutls-cli.1, lib/gnutls_handshake.c,
10498 lib/gnutls_int.h, lib/gnutls_priority.c: Added %SSL3_RECORD_VERSION
10499 priority option that allows to specify the client hello message
10500 record version. Used to overcome buggy TLS servers. Report by Martin
10503 2009-02-15 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
10505 * lib/x509/verify.c: Corrected bit disable (was flipping instead).
10506 Initialy reported by Daniel Kahn Gillmor on 9/1/2008. Many thanks to
10507 moog@sysdev.oucs.ox.ac.uk for bringing this into my attention.
10509 2009-02-11 Simon Josefsson <simon@josefsson.org>
10513 2009-02-11 Simon Josefsson <simon@josefsson.org>
10515 * NEWS, src/serv.c: gnutls-serv: No longer disable MAC padding by
10518 2009-02-11 Simon Josefsson <simon@josefsson.org>
10520 * src/serv.c: More gnulib usage.
10522 2009-02-11 Simon Josefsson <simon@josefsson.org>
10524 * src/cli.c: Use more gnulib interfaces.
10526 2009-02-11 Simon Josefsson <simon@josefsson.org>
10530 2009-02-11 Simon Josefsson <simon@josefsson.org>
10532 * doc/gnutls.texi: Update gnutls-serv --help output.
10534 2009-02-11 Simon Josefsson <simon@josefsson.org>
10536 * doc/gnutls.texi: Update gnutls-cli --help output.
10538 2009-02-11 Simon Josefsson <simon@josefsson.org>
10540 * NEWS, lib/gnutls_int.h, lib/gnutls_priority.c, lib/gnutls_x509.c:
10541 libgnutls: Add new priority strings for allowing RSA-MD5 and V1-CA.
10543 2009-02-11 Simon Josefsson <simon@josefsson.org>
10545 * NEWS, src/cli.c: gnutls-cli: Don't permit V1 CAs by default.
10547 2009-02-11 Simon Josefsson <simon@josefsson.org>
10549 * doc/Makefile.am, doc/errcodes.c, doc/printlist.c,
10550 src/Makefile.am, src/errcodes.c, src/printlist.c: Move doc related
10551 tools from src/ to doc/.
10553 2009-02-11 Simon Josefsson <simon@josefsson.org>
10555 * src/common.c: Typo.
10557 2009-02-11 Simon Josefsson <simon@josefsson.org>
10559 * src/common.c: Typo.
10561 2009-02-11 Simon Josefsson <simon@josefsson.org>
10563 * src/common.c: Print OpenPGP cert info using libgnutls.
10565 2009-02-11 Simon Josefsson <simon@josefsson.org>
10567 * NEWS, lib/openpgp/output.c: libgnutls: gnutls_openpgp_crt_print
10568 supports oneline mode.
10570 2009-02-11 Simon Josefsson <simon@josefsson.org>
10572 * tests/pathlen/ca-no-pathlen.pem,
10573 tests/pathlen/no-ca-or-pathlen.pem: Fix expected test vectors.
10575 2009-02-11 Simon Josefsson <simon@josefsson.org>
10577 * NEWS, lib/x509/output.c: libgnutls: gnutls_x509_crt_print prints
10578 signature algorithm in oneline mode.
10580 2009-02-11 Simon Josefsson <simon@josefsson.org>
10582 * gl/m4/close.m4, gl/m4/sockets.m4, gl/tests/sockets.h,
10583 gl/tests/test-sockets.c, lib/gl/m4/sockets.m4, lib/gl/sockets.h,
10584 lib/gl/tests/test-sockets.c: Update gnulib files.
10586 2009-02-11 Simon Josefsson <simon@josefsson.org>
10588 * NEWS, src/common.c: gnutls-cli: Print certificate info using
10591 2009-02-11 Simon Josefsson <simon@josefsson.org>
10593 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
10594 libextra/configure.ac: Bump versions.
10596 2009-02-11 Simon Josefsson <simon@josefsson.org>
10598 * lib/x509/output.c: Print bit size of RSA exponents.
10600 2009-02-06 Simon Josefsson <simon@josefsson.org>
10602 * ChangeLog: Generated.
10604 2009-02-06 Simon Josefsson <simon@josefsson.org>
10606 * src/Makefile.am: Need -lgnutls etc for certtool-cfg.c.
10608 2009-02-06 Simon Josefsson <simon@josefsson.org>
10610 * NEWS: Version 2.7.5.
10612 2009-02-06 Simon Josefsson <simon@josefsson.org>
10614 * NEWS: Merge in old NEWS entries.
10616 2009-02-06 Simon Josefsson <simon@josefsson.org>
10618 * lib/x509/verify.c: Move down revocation check to revert code to
10619 how it looked before. The idea is that if you have marked a cert as
10620 trusted, you may want to trust it even though some authority has
10621 revoked it. This changes back how this code used to work.
10623 2009-02-02 Simon Josefsson <simon@josefsson.org>
10625 * NEWS, doc/TODO, lib/x509/verify.c, tests/chainverify.c: Make it
10626 possible to trust intermediary certificates. Based on tiny patch
10627 from "Douglas E. Engert" <deengert@anl.gov> in
10629 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351/focus=3376>.
10631 2009-02-02 Simon Josefsson <simon@josefsson.org>
10633 * tests/chainverify.c: Add another chain from bug reports.
10635 2009-02-02 Simon Josefsson <simon@josefsson.org>
10637 * src/common.c: Print more certificate status values.
10639 2009-02-02 Simon Josefsson <simon@josefsson.org>
10641 * lib/x509/x509.c: Assert less for expected errors.
10643 2009-02-02 Simon Josefsson <simon@josefsson.org>
10645 * lib/x509/output.c: Simplify keyid printing to avoid allocation and
10648 2009-02-01 Simon Josefsson <simon@josefsson.org>
10650 * doc/manpages/Makefile.am, doc/scripts/gdoc: Update gdoc and use
10653 2009-02-01 Simon Josefsson <simon@josefsson.org>
10655 * build-aux/gnupload, gl/Makefile.am, gl/m4/00gnulib.m4,
10656 gl/m4/errno_h.m4, gl/m4/extensions.m4, gl/m4/gnulib-common.m4,
10657 gl/m4/gnulib-comp.m4, gl/m4/multiarch.m4, gl/m4/pmccabe2html.m4,
10658 gl/m4/stdlib_h.m4, gl/stdlib.in.h, gl/tests/test-getaddrinfo.c,
10659 gl/version-etc.c, gl/version-etc.h, lib/gl/Makefile.am,
10660 lib/gl/m4/00gnulib.m4, lib/gl/m4/errno_h.m4,
10661 lib/gl/m4/extensions.m4, lib/gl/m4/gnulib-common.m4,
10662 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/multiarch.m4,
10663 lib/gl/m4/stdlib_h.m4, lib/gl/stdlib.in.h,
10664 libextra/gl/m4/00gnulib.m4, libextra/gl/m4/extensions.m4,
10665 libextra/gl/m4/gnulib-common.m4, libextra/gl/m4/gnulib-comp.m4:
10666 Update gnulib files.
10668 2009-01-27 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
10670 * NEWS, lib/gnutls_handshake.c: gnutls_handshake when sending client
10671 hello during a rehandshake, will not offer a version number larger
10672 than the current. Reported by Tristan Hill <stan@saticed.me.uk>.
10674 2009-01-27 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
10676 * lib/gnutls_psk.c: result_size in gnutls_hex_encode behaves as
10677 documented. It now holds the size of the result. Reported by John
10680 2009-01-21 Simon Josefsson <simon@josefsson.org>
10682 * gl/Makefile.am, gl/arpa_inet.in.h, gl/fseeko.c, gl/m4/alloca.m4,
10683 gl/m4/errno_h.m4, gl/m4/getaddrinfo.m4, gl/m4/getline.m4,
10684 gl/m4/getpass.m4, gl/m4/gettimeofday.m4, gl/m4/gnulib-common.m4,
10685 gl/m4/inet_ntop.m4, gl/m4/inet_pton.m4, gl/m4/intmax_t.m4,
10686 gl/m4/inttypes_h.m4, gl/m4/lib-ld.m4, gl/m4/lib-link.m4,
10687 gl/m4/longlong.m4, gl/m4/malloc.m4, gl/m4/minmax.m4,
10688 gl/m4/printf.m4, gl/m4/readline.m4, gl/m4/realloc.m4,
10689 gl/m4/sockets.m4, gl/m4/sockpfaf.m4, gl/m4/stdbool.m4,
10690 gl/m4/stdint.m4, gl/m4/stdint_h.m4, gl/m4/stdio_h.m4,
10691 gl/m4/unistd_h.m4, gl/m4/vasnprintf.m4, gl/m4/wchar_t.m4,
10692 gl/m4/wint_t.m4, gl/progname.c, gl/stdint.in.h, gl/stdio.in.h,
10693 gl/strerror.c, gl/sys_stat.in.h, gl/tests/gettimeofday.c,
10694 gl/tests/ioctl.c, gl/tests/test-unistd.c, gl/unistd.in.h,
10695 gl/wchar.in.h, lib/gl/Makefile.am, lib/gl/fseeko.c,
10696 lib/gl/m4/alloca.m4, lib/gl/m4/byteswap.m4, lib/gl/m4/codeset.m4,
10697 lib/gl/m4/errno_h.m4, lib/gl/m4/gettext.m4,
10698 lib/gl/m4/gnulib-common.m4, lib/gl/m4/iconv.m4,
10699 lib/gl/m4/intldir.m4, lib/gl/m4/intlmacosx.m4, lib/gl/m4/intmax.m4,
10700 lib/gl/m4/intmax_t.m4, lib/gl/m4/inttypes-pri.m4,
10701 lib/gl/m4/inttypes_h.m4, lib/gl/m4/lcmessage.m4,
10702 lib/gl/m4/lib-ld.m4, lib/gl/m4/lib-link.m4, lib/gl/m4/lock.m4,
10703 lib/gl/m4/longlong.m4, lib/gl/m4/malloc.m4, lib/gl/m4/memmem.m4,
10704 lib/gl/m4/memmove.m4, lib/gl/m4/minmax.m4, lib/gl/m4/nls.m4,
10705 lib/gl/m4/po.m4, lib/gl/m4/printf-posix.m4, lib/gl/m4/printf.m4,
10706 lib/gl/m4/progtest.m4, lib/gl/m4/realloc.m4, lib/gl/m4/sockets.m4,
10707 lib/gl/m4/sockpfaf.m4, lib/gl/m4/stdbool.m4, lib/gl/m4/stdint.m4,
10708 lib/gl/m4/stdint_h.m4, lib/gl/m4/stdio_h.m4, lib/gl/m4/strcase.m4,
10709 lib/gl/m4/strverscmp.m4, lib/gl/m4/threadlib.m4,
10710 lib/gl/m4/uintmax_t.m4, lib/gl/m4/unistd_h.m4,
10711 lib/gl/m4/vasnprintf.m4, lib/gl/m4/wchar_t.m4, lib/gl/m4/wint_t.m4,
10712 lib/gl/stdint.in.h, lib/gl/stdio.in.h, lib/gl/sys_stat.in.h,
10713 lib/gl/tests/test-unistd.c, lib/gl/unistd.in.h, lib/gl/wchar.in.h:
10714 Update gnulib files.
10716 2009-01-21 Simon Josefsson <simon@josefsson.org>
10720 2009-01-21 Simon Josefsson <simon@josefsson.org>
10722 * libextra/gl/Makefile.am, libextra/gl/gnulib.mk,
10723 libextra/gl/m4/gnulib-cache.m4, libextra/gl/m4/gnulib-common.m4,
10724 libextra/gl/m4/lib-ld.m4, libextra/gl/m4/lib-link.m4,
10725 libextra/gl/m4/md5.m4: Add -I's in libextra/gl for stdint.h on
10726 Solaris. Reported by Dagobert Michelsen <dam@opencsw.org> in
10728 http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3388
10730 2009-01-13 Simon Josefsson <simon@josefsson.org>
10732 * lib/gnutls_state.c: Check return value properly.
10734 2009-01-13 Simon Josefsson <simon@josefsson.org>
10736 * lib/gnutls_state.c: Fix mem leak because buffer is not expanded
10739 2009-01-09 Simon Josefsson <simon@josefsson.org>
10743 2009-01-09 Simon Josefsson <simon@josefsson.org>
10745 * NEWS, lib/x509/verify.c: Permit V1 Certificate Authorities
10746 properly. Before they were mistakenly rejected even though
10747 GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT and/or
10748 GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT were supplied. Reported by
10749 "Douglas E. Engert" <deengert@anl.gov> in
10751 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.
10753 2009-01-09 Simon Josefsson <simon@josefsson.org>
10755 * src/certtool.c: Permit V1 CA's in new --verify-chain code.
10757 2009-01-09 Simon Josefsson <simon@josefsson.org>
10761 2009-01-09 Simon Josefsson <simon@josefsson.org>
10763 * tests/chainverify.c: Added chain supplied by "Douglas E. Engert"
10764 <deengert@anl.gov>.
10766 2009-01-07 Simon Josefsson <simon@josefsson.org>
10768 * src/errcodes.c, src/printlist.c: Fix license header.
10770 2009-01-07 Simon Josefsson <simon@josefsson.org>
10772 * lib/gnutls_errors.c, lib/gnutls_errors.h, lib/gnutls_global.c,
10773 lib/gnutls_global.h, lib/gnutls_int.h: Cleanup logger function type.
10775 2009-01-07 Simon Josefsson <simon@josefsson.org>
10777 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
10778 libextra/configure.ac: Bump versions.
10780 2009-01-07 Simon Josefsson <simon@josefsson.org>
10782 * ChangeLog: Generated.
10784 2009-01-07 Simon Josefsson <simon@josefsson.org>
10786 * NEWS: Version 2.7.4.
10788 2009-01-07 Simon Josefsson <simon@josefsson.org>
10790 * lib/gnutls_rsa_export.c: Doc fixes.
10792 2009-01-07 Simon Josefsson <simon@josefsson.org>
10794 * doc/examples/ex-client-psk.c, doc/examples/ex-client-resume.c,
10795 doc/examples/ex-client-srp.c, doc/examples/ex-client-tlsia.c,
10796 doc/examples/ex-client1.c, lib/gnutls_algorithms.c,
10797 lib/gnutls_rsa_export.c, lib/openpgp/output.c, lib/x509/output.c,
10798 lib/x509/privkey.c, src/cli.c, src/common.c, src/serv.c,
10799 src/tls_test.c, tests/dhepskself.c: Fix warnings.
10801 2009-01-07 Simon Josefsson <simon@josefsson.org>
10803 * build-aux/gendocs.sh, doc/gendocs_template, gl/Makefile.am,
10804 gl/m4/errno_h.m4, gl/m4/extensions.m4, gl/m4/getaddrinfo.m4,
10805 gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/inttypes_h.m4,
10806 gl/m4/lib-link.m4, gl/m4/manywarnings.m4, gl/m4/multiarch.m4,
10807 gl/m4/printf.m4, gl/m4/size_max.m4, gl/m4/stdint.m4,
10808 gl/m4/stdint_h.m4, gl/m4/wchar.m4, gl/m4/wchar_t.m4,
10809 gl/m4/wint_t.m4, gl/m4/xsize.m4, gl/stdint.in.h, gl/stdlib.in.h,
10810 gl/sys_select.in.h, gl/tests/Makefile.am,
10811 gl/tests/test-select-in.sh, gl/unistd.in.h, gl/version-etc.c,
10812 gl/wchar.in.h, lib/gl/Makefile.am, lib/gl/m4/codeset.m4,
10813 lib/gl/m4/errno_h.m4, lib/gl/m4/extensions.m4,
10814 lib/gl/m4/gettext.m4, lib/gl/m4/glibc2.m4, lib/gl/m4/glibc21.m4,
10815 lib/gl/m4/gnulib-cache.m4, lib/gl/m4/gnulib-comp.m4,
10816 lib/gl/m4/iconv.m4, lib/gl/m4/intdiv0.m4, lib/gl/m4/intlmacosx.m4,
10817 lib/gl/m4/intmax.m4, lib/gl/m4/inttypes-pri.m4,
10818 lib/gl/m4/inttypes_h.m4, lib/gl/m4/lcmessage.m4,
10819 lib/gl/m4/lib-link.m4, lib/gl/m4/multiarch.m4, lib/gl/m4/nls.m4,
10820 lib/gl/m4/po.m4, lib/gl/m4/printf-posix.m4, lib/gl/m4/printf.m4,
10821 lib/gl/m4/progtest.m4, lib/gl/m4/size_max.m4, lib/gl/m4/stdint.m4,
10822 lib/gl/m4/stdint_h.m4, lib/gl/m4/threadlib.m4,
10823 lib/gl/m4/uintmax_t.m4, lib/gl/m4/visibility.m4,
10824 lib/gl/m4/wchar.m4, lib/gl/m4/wchar_t.m4, lib/gl/m4/wint_t.m4,
10825 lib/gl/m4/xsize.m4, lib/gl/stdint.in.h, lib/gl/stdlib.in.h,
10826 lib/gl/tests/Makefile.am, lib/gl/unistd.in.h, lib/gl/wchar.in.h,
10827 libextra/gl/Makefile.am, libextra/gl/m4/extensions.m4,
10828 libextra/gl/m4/gnulib-cache.m4, libextra/gl/m4/gnulib-comp.m4,
10829 libextra/gl/m4/lib-link.m4: Update gnulib files.
10831 2009-01-07 Simon Josefsson <simon@josefsson.org>
10833 * NEWS: Fix NEWS entry.
10835 2009-01-07 Simon Josefsson <simon@josefsson.org>
10837 * tests/sha2/sha2: Fix self-test with new certtool --verify-chain
10840 2009-01-06 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
10842 * NEWS: added NEWS item about MD5 deprecation
10844 2009-01-06 Simon Josefsson <simon@josefsson.org>
10846 * tests/pkcs1-padding/pkcs1-pad: Fix expect strings to compensate
10847 for new certtool -e output.
10849 2009-01-06 Simon Josefsson <simon@josefsson.org>
10851 * NEWS, src/certtool.c: certtool: Make --verify-chain use libgnutls
10852 verification algorithm.
10854 2009-01-06 Simon Josefsson <simon@josefsson.org>
10856 * tests/chainverify.c: Test chain with EE cert signed using RSA-MD5.
10858 2009-01-06 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
10860 * lib/x509/verify.c: actually deprecate MD5 and MD2 signatures
10861 during X.509 verification by treating them as invalid unless the
10862 GNUTLS_VERIFY_ALLOW_SIGN_RSA_{MD5,MD2} flags are present.
10864 2008-12-12 Simon Josefsson <simon@josefsson.org>
10866 * NEWS: Add NEWS entries from 2.6.3.
10868 2008-12-12 Simon Josefsson <simon@josefsson.org>
10870 * tests/crq_key_id.c: Fix.
10872 2008-12-12 Simon Josefsson <simon@josefsson.org>
10874 * tests/crq_key_id.c: Make it compile. Speed up key generation.
10876 2008-12-12 Simon Josefsson <simon@josefsson.org>
10878 * tests/crq_key_id.c: Indent.
10880 2008-12-12 Simon Josefsson <simon@josefsson.org>
10882 * NEWS, tests/Makefile.am, tests/crq_key_id.c: Add crq_key_id
10883 self-test from David MarÃn Carreño.
10885 2008-12-11 Simon Josefsson <simon@josefsson.org>
10887 * configure.ac: Update manywarnings usage.
10889 2008-12-11 Simon Josefsson <simon@josefsson.org>
10893 2008-12-11 Simon Josefsson <simon@josefsson.org>
10895 * lib/x509/output.c: Print public key id for certificate requests
10898 2008-12-11 Simon Josefsson <simon@josefsson.org>
10900 * doc/manpages/Makefile.am: Generated.
10902 2008-12-11 Simon Josefsson <simon@josefsson.org>
10904 * configure.ac, lib/configure.ac, lib/m4/hooks.m4,
10905 libextra/configure.ac: Bump versions.
10907 2008-12-11 Simon Josefsson <simon@josefsson.org>
10909 * AUTHORS, NEWS, lib/includes/gnutls/x509.h, lib/x509/crq.c: gnutls:
10910 New interface to get key id for certificate requests. Patch from
10911 David MarÃn Carreño <davefx@gmail.com> in
10913 <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3321>.
10915 2008-12-10 Simon Josefsson <simon@josefsson.org>
10917 * ChangeLog: Generated.
10919 2008-12-10 Simon Josefsson <simon@josefsson.org>
10921 * NEWS: Version 2.7.3.
10923 2008-12-10 Simon Josefsson <simon@josefsson.org>
10925 * tests/chainverify.c: Check ca=false with flags too.
10927 2008-12-10 Simon Josefsson <simon@josefsson.org>
10929 * gl/override/tests/test-lseek.sh.diff, gl/tests/test-lseek.sh,
10930 lib/gl/tests/test-lseek.sh: Disable parts of gnulib self-tests that
10933 2008-12-10 Simon Josefsson <simon@josefsson.org>
10935 * lib/gl/tests/test-lseek.c, maint.mk: Update gnulib files.
10937 2008-12-10 Simon Josefsson <simon@josefsson.org>
10939 * gl/override/tests/test-lseek.c.diff,
10940 gl/override/tests/test-select-in.sh.diff, gl/tests/test-lseek.c,
10941 gl/tests/test-select-in.sh: Disable parts of gnulib self-tests that
10944 2008-12-10 Simon Josefsson <simon@josefsson.org>
10946 * doc/examples/ex-cxx.cpp: Drop config.h, not needed (hopefully?)
10947 and breaks mingw due to rpl_gmtime.
10949 2008-12-10 Simon Josefsson <simon@josefsson.org>
10951 * src/Makefile.am: Certtool need libgnutls etc for
10952 libcmd-certtool.la too, due to certtool-cfg.c.
10954 2008-12-10 Simon Josefsson <simon@josefsson.org>
10956 * tests/x509self.c: Fix comments.
10958 2008-12-10 Simon Josefsson <simon@josefsson.org>
10962 2008-12-10 Simon Josefsson <simon@josefsson.org>
10966 2008-12-10 Simon Josefsson <simon@josefsson.org>
10968 * tests/cve-2008-4989.c: Align with Nikos' patch.
10970 2008-12-10 Simon Josefsson <simon@josefsson.org>
10972 * lib/opencdk/Makefile.am, lib/opencdk/armor.c,
10973 lib/opencdk/keydb.c, lib/opencdk/literal.c, lib/opencdk/misc.c,
10974 lib/opencdk/new-packet.c, lib/opencdk/read-packet.c,
10975 lib/opencdk/sig-check.c, lib/opencdk/stream.c: Revert "Fix warnings
10976 in opencdk." This reverts commit 59cddc711e55bbd094bdf95986277fb33ba964ee.
10978 2008-12-10 Simon Josefsson <simon@josefsson.org>
10980 * lib/x509/verify.c: Revert last commit.
10982 2008-12-10 Simon Josefsson <simon@josefsson.org>
10984 * tests/chainverify.c: Add GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag
10987 2008-12-10 Simon Josefsson <simon@josefsson.org>
10989 * tests/chainverify.c: Add hbci chain.
10991 2008-12-10 Simon Josefsson <simon@josefsson.org>
10993 * tests/chainverify.c: Fix comments.
10995 2008-12-10 Simon Josefsson <simon@josefsson.org>
10997 * tests/chainverify.c: Fix order to match comments.
10999 2008-12-10 Simon Josefsson <simon@josefsson.org>
11001 * tests/chainverify.c: Don't fail on expect errors, to allow more
11002 information to be collected.
11004 2008-12-10 Simon Josefsson <simon@josefsson.org>
11006 * NEWS, lib/x509/verify.c: Revert Nikos revert, and fix verification
11007 hopefully better. The new logic is to include the CA cert in
11008 validation, but short-cut full validation of trusted certificates.
11010 2008-12-10 Simon Josefsson <simon@josefsson.org>
11012 * tests/chainverify.c: Add chain with CA having a basic constraint
11015 2008-12-10 Simon Josefsson <simon@josefsson.org>
11017 * tests/cve-2008-4989.c: Add note.
11019 2008-12-10 Simon Josefsson <simon@josefsson.org>
11021 * NEWS, tests/Makefile.am, tests/chainverify.c: Add self-test of
11022 chain verification logic.
11024 2008-12-09 Simon Josefsson <simon@josefsson.org>
11026 * tests/libgcrypt.supp: Ignore more.
11028 2008-12-05 Simon Josefsson <simon@josefsson.org>
11032 2008-12-05 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
11034 * lib/x509/verify.c: reintroduced the self signed certificate
11035 removal code. This time shouldn't have the drawbacks that used to.
11037 2008-12-05 Simon Josefsson <simon@josefsson.org>
11039 * lib/gnutls_global.c: Disable secmem rather than overriding
11040 libgcrypt memory allocators. Suggested by Werner Koch in
11042 <http://permalink.gmane.org/gmane.comp.encryption.gpg.libgcrypt.devel/2056>.
11044 2008-12-04 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
11046 * lib/gnutls_global.c: rearranged initialization stuff based on
11047 Werner's suggestions.
11049 2008-12-04 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
11051 * src/certtool.c: gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0) is
11052 being called after libgcrypt initialization (gnutls_global_init).
11054 2008-12-03 Simon Josefsson <simon@josefsson.org>
11056 * lib/opencdk/Makefile.am, lib/opencdk/armor.c,
11057 lib/opencdk/keydb.c, lib/opencdk/literal.c, lib/opencdk/misc.c,
11058 lib/opencdk/new-packet.c, lib/opencdk/read-packet.c,
11059 lib/opencdk/sig-check.c, lib/opencdk/stream.c: Fix warnings in
11062 2008-12-03 Simon Josefsson <simon@josefsson.org>
11064 * gl/m4/manywarnings.m4: Add.
11066 2008-12-01 Simon Josefsson <simon@josefsson.org>
11068 * configure.ac, gl/Makefile.am, gl/m4/gnulib-cache.m4,
11069 gl/m4/gnulib-comp.m4, gl/m4/include_next.m4, gl/m4/warnings.m4,
11070 gl/stdint.in.h, gl/sys_time.in.h, lib/gl/m4/include_next.m4,
11071 lib/gl/stdint.in.h: Update gnulib files.
11073 2008-11-29 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
11075 * tests/x509self.c: Incorporated patch (with modifications) from Joe
11076 Orton that also checks the rehandshake capabilities.
11078 2008-11-25 Simon Josefsson <simon@josefsson.org>
11080 * lib/opencdk/Makefile.am, lib/openpgp/Makefile.am,
11081 libextra/Makefile.am, tests/Makefile.am: Fix minitasn1 -I's.
11083 2008-11-25 Simon Josefsson <simon@josefsson.org>
11085 * lib/x509/Makefile.am: Fix minitasn1 -I.
11087 2008-11-25 Simon Josefsson <simon@josefsson.org>
11089 * lib/gnutls_buffers.c: Fix compiler warning.
11091 2008-11-23 Simon Josefsson <simon@josefsson.org>
11093 * src/Makefile.am: Libreadline is needed by libcmd_certtool.la, not
11094 certtool. Reported by Arfrever Frehtes Taifersar Arahesis
11095 <arfrever.fta@gmail.com> in
11097 <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3293>.
11099 2008-11-23 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
11101 * lib/opencdk/context.h, lib/opencdk/literal.c, lib/opencdk/misc.c,
11102 lib/opencdk/new-packet.c, lib/opencdk/opencdk.h,
11103 lib/opencdk/read-packet.c: Converted non-C compliant code to
11104 standard C. The usage of structures like: struct x { int el1; char str[1]; } and the trick of using a single allocation for str and the structure
11105 itself by allocating sizeof(x) + strlen()-1, are questionable. They
11106 were converted to: struct x { int el1; char *str; } and there is a single allocation of sizeof(x)+strlen() but then the
11107 str pointer is updated to point to the rest of the data.
11109 2008-11-23 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
11111 * lib/gnutls_buffers.c, lib/gnutls_int.h, lib/gnutls_str.c,
11112 lib/gnutls_str.h, lib/x509/dn.c: When reading data from a buffer
11113 (gnutls_string) avoid memmoving all remaining data. This will speed
11114 up short byte reads.
11116 2008-11-21 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
11118 * doc/TODO: reorganized goals
11120 2008-11-21 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
11122 * src/cli.c: return non zero error code on error conditions.
11124 2008-11-21 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
11126 * doc/certtool.cfg: better grouping of configuration directives
11128 2008-11-21 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
11130 * : commit 8b14ab18cf5e5214ac3d28412e0c503e83a753c1 Author: Nikos
11131 Mavrogiannopoulos <nmav@crystal.(none)> Date: Fri Nov 21 21:02:45
11134 2008-11-18 Simon Josefsson <simon@josefsson.org>
11136 * lib/gnutls_compress.c: Clean up LZO initialization.
11138 2008-11-18 Simon Josefsson <simon@josefsson.org>
11140 * lib/auth_cert.c: Don't use // comments.
11142 2008-11-18 Simon Josefsson <simon@josefsson.org>
11144 * src/Makefile.am: Change link order, so that gnulib is last.
11146 2008-11-18 Simon Josefsson <simon@josefsson.org>
11148 * maint.mk: Update gnulib files.
11150 2008-11-18 Simon Josefsson <simon@josefsson.org>
11152 * lib/po/LINGUAS: Sync with TP.
11154 2008-11-18 Simon Josefsson <simon@josefsson.org>
11156 * lib/po/LINGUAS: Sync with TP.
11158 2008-11-18 Simon Josefsson <simon@josefsson.org>
11160 * lib/po/LINGUAS, lib/po/ms.po.in: Sync with TP.
11162 2008-11-18 Simon Josefsson <simon@josefsson.org>
11164 * NEWS, configure.ac, lib/configure.ac, lib/m4/hooks.m4,
11165 libextra/configure.ac: Bump versions.
11167 2008-11-18 Simon Josefsson <simon@josefsson.org>
11169 * ChangeLog: Generated.
11171 2008-11-18 Simon Josefsson <simon@josefsson.org>
11173 * NEWS: Version 2.7.2.
11175 2008-11-18 Simon Josefsson <simon@josefsson.org>
11177 * doc/reference/Makefile.am: Add deprecated guard for libtasn1.
11179 2008-11-18 Simon Josefsson <simon@josefsson.org>
11181 * NEWS, lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
11182 lib/minitasn1/element.c, lib/minitasn1/element.h,
11183 lib/minitasn1/errors.c, lib/minitasn1/gstr.h,
11184 lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
11185 lib/minitasn1/parser_aux.h, lib/minitasn1/structure.c,
11186 lib/minitasn1/structure.h: Sync with libtasn1 v1.7.
11188 2008-11-18 Simon Josefsson <simon@josefsson.org>
11190 * doc/examples/Makefile.am, lib/Makefile.am,
11191 lib/openpgp/Makefile.am, libextra/Makefile.am: Fix WARN_CFLAGS uses.
11193 2008-11-18 Simon Josefsson <simon@josefsson.org>
11195 * lib/gnutls_compress.c: Fix warnings.
11197 2008-11-18 Simon Josefsson <simon@josefsson.org>
11199 * tests/Makefile.am: Respect ENABLE_OPENSSL.
11201 2008-11-18 Simon Josefsson <simon@josefsson.org>
11203 * configure.ac: Move gnulib EARLY early.
11205 2008-11-18 Simon Josefsson <simon@josefsson.org>
11207 * configure.ac, lib/configure.ac, lib/m4/hooks.m4,
11208 lib/m4/output-def.m4, libextra/configure.ac, m4/output-def.m4: Move
11209 C++ and -output-def detection.
11211 2008-11-18 Simon Josefsson <simon@josefsson.org>
11213 * configure.ac, lib/configure.ac, lib/m4/hooks.m4,
11214 lib/m4/linker-script.m4, libextra/configure.ac, m4/linker-script.m4:
11215 Fix linker script test.
11217 2008-11-18 Simon Josefsson <simon@josefsson.org>
11219 * configure.ac: Fix typo.
11221 2008-11-18 Simon Josefsson <simon@josefsson.org>
11223 * configure.ac, libextra/m4/hooks.m4: Print Openssl status.
11225 2008-11-18 Simon Josefsson <simon@josefsson.org>
11227 * configure.ac, lib/m4/hooks.m4: Print C++ status.
11229 2008-11-18 Simon Josefsson <simon@josefsson.org>
11231 * configure.ac: Cleanup guile tests.
11233 2008-11-17 Simon Josefsson <simon@josefsson.org>
11235 * gl/m4/warnings.m4: Update gnulib files.
11237 2008-11-17 Simon Josefsson <simon@josefsson.org>
11239 * configure.ac: Rewrite warning initializations.
11241 2008-11-17 Simon Josefsson <simon@josefsson.org>
11243 * configure.ac: Typo.
11245 2008-11-17 Simon Josefsson <simon@josefsson.org>
11247 * gl/m4/warnings.m4: Update gnulib files.
11249 2008-11-17 Simon Josefsson <simon@josefsson.org>
11251 * doc/examples/examples.h: Add.
11253 2008-11-17 Simon Josefsson <simon@josefsson.org>
11255 * configure.ac, doc/examples/Makefile.am, doc/examples/ex-alert.c,
11256 doc/examples/ex-client-psk.c, doc/examples/ex-pkcs12.c,
11257 doc/examples/ex-rfc2818.c, doc/examples/ex-session-info.c,
11258 doc/examples/ex-verify.c, doc/examples/ex-x509-info.c,
11259 doc/examples/tcp.c, gl/gettext.h, gl/override/lib/gettext.h.diff,
11260 lib/gl/gettext.h, lib/gl/override/lib/gettext.h.diff,
11261 lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_state.c,
11262 lib/gnutls_str.h, lib/openpgp/output.c, lib/x509/Makefile.am,
11263 lib/x509/dn.c, lib/x509/output.c, lib/x509/privkey.c,
11264 libextra/fipsmd5.c, libextra/gnutls_extra.c,
11265 libextra/gnutls_openssl.c, src/Makefile.am, src/cli.c,
11266 src/common.h, src/crypt.c, src/prime.c, src/psk.c, src/serv.c,
11267 src/tls_test.c, tests/Makefile.am, tests/anonself.c,
11268 tests/crypto_rng.c, tests/dhepskself.c, tests/dn.c,
11269 tests/finished.c, tests/gc.c, tests/mini.c, tests/openpgpself.c,
11270 tests/pkcs12_s2k.c, tests/pskself.c, tests/resume.c,
11271 tests/set_pkcs12_cred.c, tests/tlsia.c, tests/utils.c,
11272 tests/utils.h, tests/x509dn.c, tests/x509self.c,
11273 tests/x509signself.c: Use more warnings. Fix many warnings.
11275 2008-11-17 Simon Josefsson <simon@josefsson.org>
11277 * gl/m4/warnings.m4, gl/override/tests/test-select-out.sh.diff,
11278 gl/tests/test-select-out.sh: Update gnulib files.
11280 2008-11-17 Simon Josefsson <simon@josefsson.org>
11282 * lib/includes/gnutls/compat.h, lib/includes/gnutls/crypto.h,
11283 lib/includes/gnutls/gnutlsxx.h, lib/includes/gnutls/openpgp.h,
11284 lib/includes/gnutls/pkcs12.h, lib/includes/gnutls/x509.h: Fix
11285 cosmetic nits in header files.
11287 2008-11-17 Simon Josefsson <simon@josefsson.org>
11289 * NEWS, lib/includes/gnutls/compat.h,
11290 lib/includes/gnutls/gnutls.h.in: Fix namespace of version symbols.
11292 2008-11-17 Simon Josefsson <simon@josefsson.org>
11296 2008-11-17 Simon Josefsson <simon@josefsson.org>
11298 * lib/includes/gnutls/gnutls.h.in: Move #include's outside of C++
11301 2008-11-17 Simon Josefsson <simon@josefsson.org>
11303 * src/cli-gaa.c, src/cli-gaa.h, src/serv-gaa.c, src/serv-gaa.h:
11306 2008-11-17 Simon Josefsson <simon@josefsson.org>
11308 * src/common.c: Work around gnulib+mingw problem.
11310 2008-11-17 Simon Josefsson <simon@josefsson.org>
11312 * src/cli.gaa, src/common.h, src/serv.c, src/serv.gaa: Never include
11313 config.h in *.h files.
11315 2008-11-17 Simon Josefsson <simon@josefsson.org>
11317 * gl/m4/hostent.m4, gl/m4/servent.m4: Update gnulib files.
11319 2008-11-17 Simon Josefsson <simon@josefsson.org>
11321 * gl/override/tests/test-select-out.sh.diff,
11322 gl/tests/test-select-out.sh: Work around reported bug in gnulib
11325 2008-11-17 Simon Josefsson <simon@josefsson.org>
11327 * gl/m4/getaddrinfo.m4, gl/m4/gnulib-comp.m4, gl/m4/sockets.m4,
11328 gl/tests/test-select-out.sh, lib/gl/m4/sockets.m4: Update gnulib
11331 2008-11-17 Simon Josefsson <simon@josefsson.org>
11333 * Makefile.am, build-aux/gnupload, gl/m4/getaddrinfo.m4,
11334 gl/m4/netdb_h.m4, gl/netdb.in.h, gl/tests/sockets.h,
11335 lib/gl/Makefile.am, lib/gl/m4/gnulib-cache.m4,
11336 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/netdb_h.m4, lib/gl/netdb.in.h,
11337 lib/gl/sockets.h, lib/gl/tests/Makefile.am,
11338 libextra/gl/Makefile.am, libextra/gl/m4/gnulib-cache.m4,
11339 libextra/gl/m4/gnulib-comp.m4: Update gnulib files.
11341 2008-11-17 Simon Josefsson <simon@josefsson.org>
11343 * lib/gnutls_auth.c: Make it build.
11345 2008-11-15 Nikos Mavrogiannopoulos <nmav@crystal.(none)>
11347 * lib/gnutls_auth.c: Corrected memory leak in
11348 _gnutls_free_auth_info(). Trace and patch by Michael Weiser.
11350 2008-11-14 Simon Josefsson <simon@josefsson.org>
11352 * tests/Makefile.am: Disable openpgp-keyring when not building
11355 2008-11-14 Simon Josefsson <simon@josefsson.org>
11357 * tests/Makefile.am: Add -I for libextra too.
11359 2008-11-14 Simon Josefsson <simon@josefsson.org>
11361 * lib/gnutlsxx.cpp: Make it compile with --disable-openpgp.
11363 2008-11-14 Simon Josefsson <simon@josefsson.org>
11365 * tests/resume.c: Fix warning.
11367 2008-11-14 Simon Josefsson <simon@josefsson.org>
11369 * lib/mpi-libgcrypt.c: Don't return from void function. Reported by
11370 Jeff Cai <jeff.cai@sun.com> in
11371 https://savannah.gnu.org/support/?106549
11373 2008-11-14 Simon Josefsson <simon@josefsson.org>
11375 * lib/gnutls_int.h, libextra/ext_inner_application.c,
11376 libextra/gnutls_ia.c: Include gnutls/extra.h at the right places.
11378 2008-11-14 Simon Josefsson <simon@josefsson.org>
11380 * lib/mac-libgcrypt.c: Don't return from void function. Reported by
11381 Jeff Cai <jeff.cai@sun.com> in
11382 https://savannah.gnu.org/support/?106549
11384 2008-11-14 Simon Josefsson <simon@josefsson.org>
11386 * tests/Makefile.am, tests/pkcs12-decode/Makefile.am,
11387 tests/pkcs12-decode/pkcs12_s2k.c, tests/pkcs12_s2k.c: Move
11388 pkcs12_s2k.c test to top-level to avoid -I/etc flag duplication.
11390 2008-11-14 Simon Josefsson <simon@josefsson.org>
11392 * tests/pkcs12-decode/pkcs12: Test pkcs12_2certs.p12 too.
11394 2008-11-14 Simon Josefsson <simon@josefsson.org>
11396 * tests/pkcs12-decode/Makefile.am: Dist pkcs12_2certs.p12.
11398 2008-11-14 Simon Josefsson <simon@josefsson.org>
11400 * doc/Makefile.am: Dist README.gaa.
11402 2008-11-14 Simon Josefsson <simon@josefsson.org>
11404 * doc/Makefile.am: Remove README.autoconf.
11406 2008-11-14 Simon Josefsson <simon@josefsson.org>
11408 * lib/m4/hooks.m4: Run AC_PROG_CXX only when needed. Reported by
11409 Daniel Black <dragonheart@gentoo.org> in
11410 <https://savannah.gnu.org/support/?106542>.
11412 2008-11-13 Simon Josefsson <simon@josefsson.org>
11414 * configure.ac: Use more warnings.
11416 2008-11-13 Simon Josefsson <simon@josefsson.org>
11418 * libextra/gnutls_openssl.c: Fix warning.
11420 2008-11-13 Simon Josefsson <simon@josefsson.org>
11422 * lib/Makefile.am: Drop incorrect -I.
11424 2008-11-13 Simon Josefsson <simon@josefsson.org>
11426 * doc/README.gaa: Add.
11428 2008-11-13 Simon Josefsson <simon@josefsson.org>
11430 * configure.ac, doc/examples/ex-serv-export.c,
11431 libextra/gnutls_ia.c, src/Makefile.am, src/certtool-gaa.c,
11432 src/cli-gaa.c, src/crypt-gaa.c, src/psk-gaa.c, src/serv-gaa.c,
11433 src/tests.c, src/tls_test-gaa.c: Use more warnings. Fix warnings.
11435 2008-11-12 Simon Josefsson <simon@josefsson.org>
11437 * lib/auth_cert.c, lib/gnutls_mpi.c, lib/gnutls_pk.c,
11438 lib/mac-libgcrypt.c: Fix warnings.
11440 2008-11-12 Simon Josefsson <simon@josefsson.org>
11442 * cfg.mk: Add -Werror again, code is fixed.
11444 2008-11-12 Simon Josefsson <simon@josefsson.org>
11446 * doc/examples/Makefile.am: Use warning flags, but not for C++ code.
11448 2008-11-12 Simon Josefsson <simon@josefsson.org>
11450 * tests/Makefile.am, tests/cve-2008-4989.c: Use more warnings. Fix
11453 2008-11-12 Simon Josefsson <simon@josefsson.org>
11455 * src/Makefile.am, src/certtool-cfg.h, src/certtool-gaa.c: Use more
11456 warnings. Fix warnings.
11458 2008-11-12 Simon Josefsson <simon@josefsson.org>
11460 * lib/openpgp/Makefile.am, libextra/Makefile.am,
11461 libextra/gl/Makefile.am, libextra/gl/m4/extensions.m4,
11462 libextra/gl/m4/gnulib-cache.m4, libextra/gl/m4/gnulib-comp.m4: Use
11463 more warning flags. Need extensions in libextra.
11465 2008-11-12 Simon Josefsson <simon@josefsson.org>
11467 * lib/gnutls_buffers.c, lib/gnutls_extensions.c,
11468 lib/gnutls_extensions.h, lib/gnutls_handshake.c, lib/gnutls_mpi.c,
11469 lib/gnutls_x509.c: Fix warnings.
11471 2008-11-12 Simon Josefsson <simon@josefsson.org>
11473 * lib/includes/gnutls/gnutls.h.in: Add prototype for
11474 gnutls_certificate_set_x509_simple_pkcs12_mem.
11476 2008-11-12 Simon Josefsson <simon@josefsson.org>
11478 * lib/x509/Makefile.am: Use WARN_CFLAGS.
11480 2008-11-12 Simon Josefsson <simon@josefsson.org>
11482 * lib/ext_server_name.c, lib/gnutls_cipher.c,
11483 lib/gnutls_constate.c, lib/gnutls_extensions.c,
11484 lib/gnutls_handshake.c, lib/gnutls_record.c,
11485 lib/gnutls_supplemental.c, lib/gnutls_v2_compat.c: Fix warnings.
11487 2008-11-12 Simon Josefsson <simon@josefsson.org>
11489 * Makefile.am: Build gl/ later.
11491 2008-11-12 Simon Josefsson <simon@josefsson.org>
11493 * cfg.mk: Drop -Werror because gnutls code doesn't compile with it.
11495 2008-11-12 Simon Josefsson <simon@josefsson.org>
11497 * configure.ac, lib/Makefile.am: Disable pointer sign warnings. Use
11500 2008-11-12 Simon Josefsson <simon@josefsson.org>
11502 * configure.ac: Better warning flag hangling.
11504 2008-11-12 Simon Josefsson <simon@josefsson.org>
11506 * cfg.mk, doc/README.GIT: Drop --enable-developer-mode.
11508 2008-11-12 Simon Josefsson <simon@josefsson.org>
11510 * configure.ac: Remove debug code.
11512 2008-11-12 Simon Josefsson <simon@josefsson.org>
11514 * cfg.mk, configure.ac: Use warnings module.
11516 2008-11-12 Simon Josefsson <simon@josefsson.org>
11518 * cfg.mk, configure.ac, gl/m4/gnulib-comp.m4, gl/m4/warnings.m4,
11519 lib/configure.ac, libextra/configure.ac: Use gnulib warnings module.
11521 2008-11-12 Simon Josefsson <simon@josefsson.org>
11523 * NEWS: Add v2.6.2 entries.
11525 2008-11-12 Simon Josefsson <simon@josefsson.org>
11527 * lib/m4/hooks.m4, lib/m4/output-def.m4: Use output-def.m4.
11529 2008-11-12 Simon Josefsson <simon@josefsson.org>
11531 * lib/gnutls.pc.in, libextra/gnutls-extra.pc.in: Add URL fields.
11533 2008-11-12 Simon Josefsson <simon@josefsson.org>
11535 * lib/m4/hooks.m4, lib/m4/linker-script.m4: Fix version script
11538 2008-11-12 Simon Josefsson <simon@josefsson.org>
11540 * configure.ac, lib/configure.ac, lib/m4/hooks.m4,
11541 lib/m4/linker-script.m4, libextra/configure.ac, m4/valgrind.m4: Use
11542 external m4 files for shared tests.
11544 2008-11-12 Simon Josefsson <simon@josefsson.org>
11548 2008-11-12 Simon Josefsson <simon@josefsson.org>
11550 * tests/cve-2008-4989.c: Frob expected verify status code. With
11551 latest verify.c patch it just say the chain is invalid, rather than
11552 complaining about missing signer certificate. This is arguable more
11555 2008-11-12 Simon Josefsson <simon@josefsson.org>
11557 * lib/x509/verify.c: Remove check of last certificate in path is
11558 self signed. Causes crashes further down in the code for
11559 certificate chains that only contain one self-signed certificate.
11560 Still protects against the GNUTLS-SA-2008-3 vulnerabillity.
11561 Reported by Michael Meskes <meskes@debian.org> in
11562 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505279>.
11564 2008-11-12 Simon Josefsson <simon@josefsson.org>
11566 * gl/tests/test-select-out.sh: Comment out broken test.
11568 2008-11-11 Simon Josefsson <simon@josefsson.org>
11570 * gl/Makefile.am, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
11571 gl/m4/warnings.m4, lib/gl/Makefile.am, lib/gl/m4/gnulib-cache.m4,
11572 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/warnings.m4: Update gnulib
11575 2008-11-11 Simon Josefsson <simon@josefsson.org>
11577 * Makefile.am: Need more -I's.
11579 2008-11-11 Simon Josefsson <simon@josefsson.org>
11581 * gl/Makefile.am, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
11582 lib/gl/Makefile.am, lib/gl/m4/gnulib-cache.m4,
11583 lib/gl/m4/gnulib-comp.m4, lib/gl/m4/warnings.m4: Update gnulib
11586 2008-11-11 Simon Josefsson <simon@josefsson.org>
11588 * gl/Makefile.am, gl/fseeko.c, gl/m4/getaddrinfo.m4,
11589 gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/netdb_h.m4,
11590 gl/m4/printf.m4, gl/netdb.in.h, gl/tests/test-select-fd.c,
11591 gl/tests/test-select-in.sh, gl/tests/test-select-out.sh,
11592 lib/gl/Makefile.am, lib/gl/fseeko.c, lib/gl/m4/netdb_h.m4,
11593 lib/gl/m4/printf.m4, lib/gl/netdb.in.h: Update gnulib files.
11595 2008-11-11 Simon Josefsson <simon@josefsson.org>
11597 * tests/cve-2008-4989.c: Also test chain length of 1 since the
11598 security patch caused a crash.
11600 2008-11-11 Simon Josefsson <simon@josefsson.org>
11602 * tests/libgcrypt.supp: Add another gcrypt leak.
11604 2008-11-11 Simon Josefsson <simon@josefsson.org>
11606 * lib/gnutls_extensions.c, lib/gnutls_extensions.h,
11607 lib/gnutls_global.c: Fix mem leak.
11609 2008-11-11 Simon Josefsson <simon@josefsson.org>
11611 * tests/cve-2008-4989.c: Fix mem leaks.
11613 2008-11-11 Simon Josefsson <simon@josefsson.org>
11615 * NEWS, tests/Makefile.am, tests/cve-2008-4989.c: Add
11616 cve-2008-4989.c self-test.
11618 2008-11-10 Simon Josefsson <simon@josefsson.org>
11620 * gl/tests/gettimeofday.c, gl/tests/test-gettimeofday.c,
11621 gl/tests/test-select-fd.c, gl/tests/test-select-in.sh,
11622 gl/tests/test-select-out.sh, gl/tests/test-select-stdin.c: Update
11625 2008-11-10 Simon Josefsson <simon@josefsson.org>
11627 * gl/m4/gettimeofday.m4, gl/m4/gnulib-comp.m4,
11628 gl/m4/sys_ioctl_h.m4, gl/tests/Makefile.am,
11629 lib/gl/m4/include_next.m4, lib/gl/sys_stat.in.h: Update gnulib
11632 2008-11-10 Simon Josefsson <simon@josefsson.org>
11634 * Merge in v2.6.1 fixes.
11638 Copyright (C) 2005, 2006, 2007, 2008, 2009, 2010 Free Software
11641 Copying and distribution of this file, with or without
11642 modification, are permitted provided the copyright notice
11643 and this notice are preserved.
projects / external / libgnutls26.git / blob