1 2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3 * README, README-alpha: simplified README
5 2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
7 * lib/accelerated/intel/aes-x86.h: documented extra alignment
9 2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 * lib/gnutls_record.c: cleaned-up code
13 2011-09-04 Andreas Metzler <ametzler@downhill.at.eu.org>
15 * configure.ac: Add p11-kit-1 to gnutls.pc Requires.private. If building with PKCS#11 support append p11-kit-1 to gnutls.pc
16 Requires.private. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
18 2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
20 * .gitignore: more files to ignore
22 2011-09-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
24 * doc/cha-gtls-app.texi: documentation updates
26 2011-09-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
28 * lib/gnutlsxx.cpp: updated for lowat
30 2011-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
32 * doc/cha-auth.texi, doc/cha-cert-auth.texi,
33 doc/cha-functions.texi, doc/cha-gtls-app.texi,
34 doc/cha-intro-tls.texi: documentation updates. @acronym was removed
37 2011-09-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
39 * lib/includes/gnutls/compat.h: set_lowat was removed as a macro.
41 2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
43 * doc/cha-programs.texi: simplified examples
45 2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
47 * doc/examples/ex-serv-pgp.c, tests/openpgp-certs/testcerts:
48 explicitly enable openpgp certtype in tests.
50 2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
54 2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
56 * configure.ac, m4/hooks.m4: bumped version
58 2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
60 * doc/cha-bib.texi, doc/cha-gtls-app.texi, doc/latex/gnutls.bib:
63 2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
65 * tests/openpgpself.c: explicitly enable openpgp certtype in tests.
67 2011-09-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
69 * doc/cha-gtls-app.texi, lib/system_override.c: Added documentation
70 on asynchronous operation.
72 2011-08-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
74 * configure.ac: do not exit configure if p11-kit is not found.
76 2011-08-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
78 * NEWS, lib/gnutls_priority.c: OpenPGP certificate type priority is
79 not enabled by default.
81 2011-08-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
83 * NEWS, doc/cha-gtls-app.texi, lib/gnutls_handshake.c,
84 lib/gnutls_int.h, lib/gnutls_priority.c: Added %NO_EXTENSIONS
87 2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
89 * doc/printlist.c: doc fixes
91 2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
93 * tests/suite/testcompat-main: disabled test
95 2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
97 * libextra/openssl_compat.c, libextra/openssl_compat.h: removed old
98 and unused compatibility functions.
100 2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
102 * lib/includes/gnutls/x509.h, lib/x509/crl.c, lib/x509/crq.c,
103 lib/x509/extensions.c, lib/x509/key_decode.c, lib/x509/output.c,
104 lib/x509/privkey.c, lib/x509/x509.c, lib/x509/x509_int.h,
105 libextra/gnutls_openssl.c, src/crywrap/crywrap.c: corrected sign
106 type errors for integers.
108 2011-08-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
110 * lib/gnutls_record.c: Corrected error checking in
113 2011-08-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
115 * doc/cha-gtls-app.texi: doc updates
117 2011-08-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
119 * NEWS, src/certtool-cfg.c, src/common.h: removed unneeded header.
122 2011-08-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
124 * lib/nettle/ecc.h, lib/nettle/ecc_free.c,
125 lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
126 lib/nettle/ecc_mulmod.c, lib/nettle/ecc_projective_add_point.c,
127 lib/nettle/ecc_projective_dbl_point.c,
128 lib/nettle/ecc_projective_dbl_point_3.c,
129 lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
130 lib/nettle/ecc_verify_hash.c: Avoid assert() and do not include
133 2011-08-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
135 * tests/suite/testcompat: skip if datefudge is not available
137 2011-08-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
139 * lib/accelerated/x86.h: Modified cpuid for 32-bit x86 to avoid a
140 gcc issue (not finding a register).
142 2011-08-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
144 * NEWS, src/Makefile.am, src/benchmark-cipher.c,
145 src/benchmark-tls.c, src/benchmark.h, src/cli-gaa.c, src/cli-gaa.h,
146 src/cli.gaa: Benchmark applications were incorporated to gnutls-cli
148 2011-08-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
150 * lib/algorithms/ciphersuites.c: Corrected DH-ANON ciphersuite
153 2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
155 * doc/cha-cert-auth.texi, doc/gnutls-pgp.eps, doc/gnutls-x509.eps:
158 2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
160 * NEWS, lib/x509/x509.c: XmppAddr -> UTF8String
162 2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
164 * lib/openpgp/gnutls_openpgp.c, lib/openpgp/privkey.c,
165 lib/x509/x509.c: more updates in private key copy.
167 2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
169 * lib/accelerated/intel/aes-x86.h: removed unused variable.
171 2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
173 * NEWS, lib/gnutls_privkey.c, lib/gnutls_x509.c,
174 lib/includes/gnutls/abstract.h, lib/openpgp/gnutls_openpgp.c,
175 lib/openpgp/gnutls_openpgp.h, lib/openpgp/privkey.c,
176 lib/x509/x509.c: gnutls_certificate_set_x509_key() and
177 gnutls_certificate_set_openpgp_key() operate as in gnutls 2.10.x and
178 do not require to hold the structures.
180 2011-08-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
182 * lib/accelerated/intel/aes-gcm-x86.c,
183 lib/accelerated/intel/aes-x86.c: removed unused variables.
185 2011-08-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
187 * lib/gnutls_record.c: Allow out-of-order change_cipher_spec in
190 2011-08-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
192 * doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
193 doc/cha-intro-tls.texi, doc/examples/ex-cert-select-pkcs11.c,
194 lib/gnutls_buffers.c, lib/gnutls_pubkey.c, lib/gnutls_record.c:
195 documentation changes.
197 2011-08-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
199 * doc/examples/ex-client-srp.c, doc/examples/ex-serv-srp.c:
200 gnutls/extra.h is not required for SRP.
202 2011-08-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
204 * doc/latex/gnutls.tex: leave an empty page
206 2011-08-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
208 * doc/cha-auth.texi, doc/cha-bib.texi, doc/cha-cert-auth.texi,
209 doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
210 doc/latex/gnutls.bib, doc/latex/gnutls.tex: documentation updates
212 2011-08-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
214 * lib/nettle/rnd.c: unlock rnd mutex on error.
216 2011-08-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
218 * doc/cha-bib.texi, doc/latex/gnutls.bib: bibliography updated
220 2011-08-22 Andreas Metzler <ametzler@debian.org>
222 * lib/libgnutls.map: Export export_gnutls_openpgp_privkey_sign_hash. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
224 2011-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
226 * lib/gnutls_buffers.c, lib/system.c: AIX check moved to system.c.
228 2011-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
230 * src/crywrap/crywrap.c: Handle memory allocation errors.
232 2011-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
234 * doc/manpages/Makefile.am, doc/manpages/crywrap.8: The crywrap
235 manpage was removed due to license reasons.
237 2011-08-22 Ludovic Courtès <ludo@gnu.org>
239 * guile/tests/priorities.scm: guile: Fix `priorities' test to use
240 `run-test'. This is a followup to commit
241 cd7b8102316cd4151356c4b2b7909c7435593890 ("guile: Fix tests to match
242 the `exit' behavior introduced in Guile 2.0.1.").
244 2011-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
246 * src/crywrap/Makefile.am: include README to distribution.
248 2011-08-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
250 * lib/gnutls_ui.c: documentation fixes.
252 2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
254 * doc/cha-cert-auth.texi, doc/cha-internals.texi,
255 doc/cha-intro-tls.texi, doc/cha-library.texi,
256 doc/scripts/mytexi2latex: Use texinfo's word break.
258 2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
260 * NEWS, m4/hooks.m4: updated for release
262 2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
264 * src/crywrap/Makefile.am: Added missing file
266 2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
268 * po/cs.po.in, po/fi.po.in, po/nl.po.in, po/pl.po.in, po/sv.po.in,
269 po/uk.po.in: Sync with TP.
271 2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
273 * lib/Makefile.am: corrected typo
275 2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
277 * lib/gnutls_buffers.c: Added hack for AIX systems that may not set
278 errno property on EAGAIN.
280 2011-08-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
282 * doc/examples/ex-cert-select-pkcs11.c: simplified PKCS #11 token
285 2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
287 * doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
288 lib/gnutls_record.c, lib/system_override.c: documentation updates
290 2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
292 * .gitignore: updated ignored files.
294 2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
296 * tests/resume.c: Corrected session resumption test.
298 2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
300 * tests/utils.c: Avoid using vfprintf() and use a combination of
301 vsnprintf and fputs instead. My gnulib has issues with them.
303 2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
305 * gl/Makefile.am, gl/m4/gnulib-cache.m4: added vfprintf-posix
308 2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
310 * configure.ac: depend on p11-kit 0.4+.
312 2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
314 * NEWS, lib/Makefile.am, lib/auth/cert.c, lib/auth/cert.h,
315 lib/gnutls_cert.c, lib/gnutls_str_array.h, lib/gnutls_x509.c,
316 lib/openpgp/gnutls_openpgp.c: Removed the limitation of one name per
319 2011-08-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
321 * doc/cha-auth.texi: rephrased text on anonymous authentication.
323 2011-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
325 * doc/cha-programs.texi: small update in psktool
327 2011-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
329 * NEWS: updated crywrap
331 2011-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
333 * NEWS: documented changes
335 2011-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
337 * lib/auth/cert.c, lib/auth/cert.h, lib/gnutls_cert.c,
338 lib/gnutls_state.c, lib/gnutls_ui.c, lib/gnutls_x509.c,
339 lib/openpgp/gnutls_openpgp.c: gnutls_certificate_set_x509_key_file()
340 and friends support server name indication. If multiple
341 certificates are set using this function the proper one will be
342 selected during a handshake, with the limitation of a single name
345 2011-08-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
347 * lib/x509/x509.c: Documentation fixes.
349 2011-08-17 Simon Josefsson <simon@josefsson.org>
351 * cfg.mk, src/crywrap/crywrap.c: Fix syntax-check nits.
353 2011-08-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
355 * NEWS, lib/algorithms/ciphers.c: Added AES-256-GCM. Reported by
358 2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
360 * NEWS: documented fix
362 2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
364 * lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, src/p11common.c:
365 Introduced GNUTLS_PKCS11_PIN_WRONG flag to indicate the previously
368 2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
370 * NEWS: documented fix
372 2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
374 * doc/cha-programs.texi: some discussion on tokens.
376 2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
378 * lib/pkcs11.c: Corrected issue when asking multiple times for PIN.
380 2011-08-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
382 * configure.ac: corrected configure test
384 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
386 * src/crywrap/crywrap.c: dhparams have now the 'r' option.
388 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
390 * src/crywrap/crywrap.c: use audit_log
392 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
394 * src/crywrap/crywrap.c, src/crywrap/crywrap.h: removed unneeded
397 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
399 * src/cli.c: unload_file was modified to accept a pointer.
401 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
403 * NEWS, src/crywrap/Makefile.am, src/crywrap/crywrap.c: corrected
404 child process cleanup and added option to specify diffie hellman
407 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
409 * .gitignore: more files to ignore
411 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
413 * doc/manpages/crywrap.8, src/crywrap/crywrap.c,
414 src/crywrap/crywrap.h: Corrected crywrap's verification procedure.
416 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
418 * src/serv.c: use gnutls_sec_param_to_pk_bits() for DH parameter
421 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
423 * .gitignore, configure.ac, doc/manpages/Makefile.am,
424 doc/manpages/crywrap.8, gl/Makefile.am, gl/alphasort.c,
425 gl/argp-ba.c, gl/argp-eexst.c, gl/argp-fmtstream.c,
426 gl/argp-fmtstream.h, gl/argp-fs-xinl.c, gl/argp-help.c,
427 gl/argp-namefrob.h, gl/argp-parse.c, gl/argp-pin.c, gl/argp-pv.c,
428 gl/argp-pvh.c, gl/argp-xinl.c, gl/argp.h, gl/basename-lgpl.c,
429 gl/dirent.in.h, gl/dirname-lgpl.c, gl/dirname.h, gl/dosname.h,
430 gl/fpucw.h, gl/frexp.c, gl/frexpl.c, gl/fseeko.c, gl/fseterr.c,
431 gl/fseterr.h, gl/getopt.c, gl/getopt.in.h, gl/getopt1.c,
432 gl/getopt_int.h, gl/getsubopt.c, gl/isnan.c, gl/isnand-nolibm.h,
433 gl/isnand.c, gl/isnanf-nolibm.h, gl/isnanf.c, gl/isnanl-nolibm.h,
434 gl/isnanl.c, gl/m4/alphasort.m4, gl/m4/argp.m4, gl/m4/dirent_h.m4,
435 gl/m4/dirname.m4, gl/m4/double-slash-root.m4, gl/m4/dup2.m4,
436 gl/m4/eealloc.m4, gl/m4/environ.m4, gl/m4/exponentd.m4,
437 gl/m4/exponentf.m4, gl/m4/exponentl.m4, gl/m4/frexp.m4,
438 gl/m4/frexpl.m4, gl/m4/getcwd.m4, gl/m4/getopt.m4,
439 gl/m4/getsubopt.m4, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
440 gl/m4/isnand.m4, gl/m4/isnanf.m4, gl/m4/isnanl.m4, gl/m4/ldexpl.m4,
441 gl/m4/lstat.m4, gl/m4/malloca.m4, gl/m4/math_h.m4,
442 gl/m4/mempcpy.m4, gl/m4/mode_t.m4, gl/m4/nocrash.m4, gl/m4/open.m4,
443 gl/m4/printf-frexp.m4, gl/m4/printf-frexpl.m4, gl/m4/putenv.m4,
444 gl/m4/rawmemchr.m4, gl/m4/scandir.m4, gl/m4/setenv.m4,
445 gl/m4/signbit.m4, gl/m4/sleep.m4, gl/m4/stat.m4,
446 gl/m4/strchrnul.m4, gl/m4/strndup.m4, gl/m4/strnlen.m4,
447 gl/m4/symlink.m4, gl/m4/sysexits.m4, gl/m4/vfprintf-posix.m4,
448 gl/m4/vprintf-posix.m4, gl/math.in.h, gl/mempcpy.c,
449 gl/printf-frexp.c, gl/printf-frexp.h, gl/printf-frexpl.c,
450 gl/printf-frexpl.h, gl/rawmemchr.c, gl/rawmemchr.valgrind,
451 gl/scandir.c, gl/signbitd.c, gl/signbitf.c, gl/signbitl.c,
452 gl/sleep.c, gl/strchrnul.c, gl/strchrnul.valgrind, gl/stripslash.c,
453 gl/strndup.c, gl/strnlen.c, gl/sysexits.in.h, gl/tests/Makefile.am,
454 gl/tests/dummy.c, gl/tests/dup2.c, gl/tests/fpucw.h,
455 gl/tests/getcwd-lgpl.c, gl/tests/ignore-value.h, gl/tests/lstat.c,
456 gl/tests/malloca.c, gl/tests/malloca.h, gl/tests/malloca.valgrind,
457 gl/tests/minus-zero.h, gl/tests/nan.h, gl/tests/open.c,
458 gl/tests/putenv.c, gl/tests/same-inode.h, gl/tests/setenv.c,
459 gl/tests/stat.c, gl/tests/symlink.c, gl/tests/test-argp-2.sh,
460 gl/tests/test-argp.c, gl/tests/test-dirent.c, gl/tests/test-dup2.c,
461 gl/tests/test-environ.c, gl/tests/test-fprintf-posix.h,
462 gl/tests/test-frexp.c, gl/tests/test-frexpl.c,
463 gl/tests/test-fseeko3.c, gl/tests/test-fseeko3.sh,
464 gl/tests/test-fseterr.c, gl/tests/test-getcwd-lgpl.c,
465 gl/tests/test-getopt.c, gl/tests/test-getopt.h,
466 gl/tests/test-getopt_long.h, gl/tests/test-ignore-value.c,
467 gl/tests/test-isnand-nolibm.c, gl/tests/test-isnand.h,
468 gl/tests/test-isnanf-nolibm.c, gl/tests/test-isnanf.h,
469 gl/tests/test-isnanl-nolibm.c, gl/tests/test-isnanl.h,
470 gl/tests/test-lstat.c, gl/tests/test-lstat.h,
471 gl/tests/test-malloc-gnu.c, gl/tests/test-malloca.c,
472 gl/tests/test-math.c, gl/tests/test-open.c, gl/tests/test-open.h,
473 gl/tests/test-printf-frexp.c, gl/tests/test-printf-frexpl.c,
474 gl/tests/test-printf-posix.h, gl/tests/test-printf-posix.output,
475 gl/tests/test-rawmemchr.c, gl/tests/test-setenv.c,
476 gl/tests/test-signbit.c, gl/tests/test-sleep.c,
477 gl/tests/test-stat.c, gl/tests/test-stat.h,
478 gl/tests/test-strchrnul.c, gl/tests/test-strnlen.c,
479 gl/tests/test-symlink.c, gl/tests/test-symlink.h,
480 gl/tests/test-sysexits.c, gl/tests/test-unsetenv.c,
481 gl/tests/test-vfprintf-posix.c, gl/tests/test-vfprintf-posix.sh,
482 gl/tests/test-vprintf-posix.c, gl/tests/test-vprintf-posix.sh,
483 gl/tests/unsetenv.c, gl/vfprintf.c, gl/vprintf.c, m4/hooks.m4,
484 src/Makefile.am, src/crywrap/Makefile.am, src/crywrap/README,
485 src/crywrap/crywrap.c, src/crywrap/crywrap.h, src/crywrap/primes.h:
486 Added crywrap to the distributed programs.
488 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
490 * lib/accelerated/intel/.gitignore: files to ignore
492 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
494 * doc/cha-internals.texi: doc updates
496 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
498 * doc/cha-auth.texi, doc/cha-cert-auth.texi,
499 doc/cha-ciphersuites.texi, doc/cha-errors.texi,
500 doc/cha-functions.texi, doc/cha-gtls-app.texi,
501 doc/cha-internals.texi, doc/cha-intro-tls.texi,
502 doc/cha-library.texi, doc/cha-support.texi: do not use capitals in
505 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
507 * .gitignore, doc/latex/.gitignore: more files to ignore.
509 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
511 * NEWS, lib/pkcs11.c: If a module is dlopened twice, then
512 deinitialize the second load.
514 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
516 * doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
517 doc/cha-library.texi, lib/gnutls_buffers.c, lib/gnutls_record.c:
518 documentation updates
520 2011-08-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
522 * doc/cha-library.texi: memory handling section is no longer
525 2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
527 * doc/cha-gtls-app.texi: Added discussion on DTLS functionality
529 2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
531 * doc/cha-programs.texi, doc/cha-support.texi, doc/cha-tls-app.texi:
534 2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
536 * doc/cha-gtls-app.texi: updated openssl text
538 2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
540 * doc/cha-gtls-app.texi: correct typos
542 2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
544 * doc/manpages/gnutls-cli.1: do not escape \#
546 2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
548 * doc/cha-cert-auth.texi, doc/cha-intro-tls.texi: more updates
550 2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
552 * doc/cha-bib.texi, doc/cha-preface.texi, doc/latex/gnutls.bib:
553 Added reference to anderson's book
555 2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
557 * doc/Makefile.am, doc/cha-cert-auth.texi, doc/cha-internals.texi,
558 doc/gnutls-certificate-user-use-case.eps,
559 doc/gnutls-extensions.eps, doc/gnutls.texi,
560 doc/scripts/mytexi2latex, lib/x509/crl_write.c, lib/x509/crq.c,
561 lib/x509/pkcs12.c, lib/x509/privkey_pkcs8.c, lib/x509/x509.c:
562 Internals section updated.
564 2011-08-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
566 * doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/examples/ex-crq.c,
567 lib/gnutls_pubkey.c, lib/includes/gnutls/compat.h,
568 lib/includes/gnutls/x509.h, lib/pkcs11.c, lib/pkcs11_write.c,
569 lib/x509/crq.c: Documentation updates. gnutls_x509_crq_sign2() and
570 gnutls_x509_crl_sign2() were removed from the deprecate list to ease
571 generation of crl and crq structures.
573 2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
575 * doc/alert-printlist.c, doc/cha-intro-tls.texi,
576 doc/cha-library.texi, doc/cha-programs.texi, doc/errcodes.c,
577 doc/printlist.c: updates
579 2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
581 * doc/latex/gnutls.tex: changed paper size.
583 2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
585 * lib/gnutls_global.c: doc update
587 2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
589 * doc/alert-printlist.c, doc/errcodes.c, doc/printlist.c: reduced
590 space taken by descriptions.
592 2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
594 * doc/cha-gtls-app.texi, doc/cha-intro-tls.texi: more updates.
596 2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
598 * NEWS: documented fixes
600 2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
602 * lib/accelerated/intel/aes-x86.c, lib/accelerated/intel/aes-x86.h:
603 Force alignment for AES-NI to the runtime rather than on the
604 structures. Corrects issue on some systems (reported by Andreas
607 2011-08-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
609 * doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
610 doc/cha-library.texi, lib/system_override.c: Added session
611 initialization discussion
613 2011-08-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
615 * doc/cha-cert-auth.texi: more updates
617 2011-08-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
619 * doc/cha-auth.texi, doc/cha-gtls-app.texi, lib/gnutls_psk.c,
620 lib/gnutls_x509.c, lib/openpgp/gnutls_openpgp.c: updated
623 2011-08-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
625 * lib/pkcs11.c: document flags
627 2011-08-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
629 * NEWS: corrected typo
631 2011-08-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
633 * lib/README: removed reference to pakchois
635 2011-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
637 * lib/pkcs11.c: Prevent from loading twice the same module.
639 2011-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
641 * lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s,
642 lib/accelerated/intel/asm/appro-aes-x86-64.s,
643 lib/accelerated/intel/asm/appro-aes-x86.s: Added note.GNU-stack to
644 prevent marking the library as using an executable stack. Reported
647 2011-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
649 * configure.ac: bumped version
651 2011-08-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
653 * lib/accelerated/intel/asm/appro-aes-x86-64.s,
654 lib/accelerated/intel/asm/appro-aes-x86.s: Included appro's updates
657 2011-08-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
659 * lib/auth/cert.c: better placement of ifdefs.
661 2011-08-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
663 * doc/Makefile.am, doc/cha-gtls-app.texi, doc/cha-internals.texi,
664 doc/gnutls-extensions.eps, doc/gnutls-extensions_st.eps,
665 doc/gnutls-mod_auth_st.eps, doc/gnutls-modauth.eps,
666 doc/latex/Makefile.am, doc/latex/gnutls.tex,
667 doc/scripts/mytexi2latex: Added discussion of the provided
668 cryptographic functions. Internals is now included in the latex
669 document (needs rewrite though)
671 2011-08-03 Simon Josefsson <simon@josefsson.org>
673 * lib/Makefile.am, lib/accelerated/Makefile.am,
674 lib/accelerated/accelerated.c, lib/accelerated/cryptodev.c,
675 lib/accelerated/intel/Makefile.am,
676 lib/accelerated/intel/aes-gcm-x86.c,
677 lib/accelerated/intel/aes-x86.c, lib/algorithms.h,
678 lib/algorithms/Makefile.am, lib/algorithms/cert_types.c,
679 lib/algorithms/ciphers.c, lib/algorithms/ciphersuites.c,
680 lib/algorithms/ecc.c, lib/algorithms/kx.c, lib/algorithms/mac.c,
681 lib/algorithms/protocols.c, lib/algorithms/publickey.c,
682 lib/algorithms/secparams.c, lib/algorithms/sign.c,
683 lib/auth/Makefile.am, lib/auth/anon.c, lib/auth/anon.h,
684 lib/auth/anon_ecdh.c, lib/auth/cert.c, lib/auth/cert.h,
685 lib/auth/dh_common.c, lib/auth/dh_common.h, lib/auth/dhe.c,
686 lib/auth/dhe_psk.c, lib/auth/ecdh_common.c, lib/auth/ecdh_common.h,
687 lib/auth/psk.c, lib/auth/psk.h, lib/auth/psk_passwd.c,
688 lib/auth/psk_passwd.h, lib/auth/rsa.c, lib/auth/rsa_export.c,
689 lib/auth/srp.c, lib/auth/srp.h, lib/auth/srp_passwd.c,
690 lib/auth/srp_passwd.h, lib/auth/srp_rsa.c, lib/auth/srp_sb64.c,
691 lib/crypto-api.c, lib/crypto-backend.c, lib/crypto-backend.h,
692 lib/crypto.h, lib/debug.c, lib/debug.h, lib/ext/Makefile.am,
693 lib/ext/cert_type.c, lib/ext/cert_type.h, lib/ext/ecc.c,
694 lib/ext/ecc.h, lib/ext/max_record.c, lib/ext/max_record.h,
695 lib/ext/safe_renegotiation.c, lib/ext/safe_renegotiation.h,
696 lib/ext/server_name.c, lib/ext/server_name.h,
697 lib/ext/session_ticket.c, lib/ext/session_ticket.h,
698 lib/ext/signature.c, lib/ext/signature.h, lib/ext/srp.c,
699 lib/ext/srp.h, lib/gcrypt/Makefile.am, lib/gcrypt/cipher.c,
700 lib/gcrypt/init.c, lib/gcrypt/mac.c, lib/gcrypt/mpi.c,
701 lib/gcrypt/pk.c, lib/gcrypt/rnd.c, lib/gnutls_alert.c,
702 lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_auth.h,
703 lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_cert.c,
704 lib/gnutls_cipher.c, lib/gnutls_cipher.h, lib/gnutls_cipher_int.c,
705 lib/gnutls_cipher_int.h, lib/gnutls_compress.c,
706 lib/gnutls_compress.h, lib/gnutls_constate.c,
707 lib/gnutls_constate.h, lib/gnutls_datum.c, lib/gnutls_datum.h,
708 lib/gnutls_db.c, lib/gnutls_db.h, lib/gnutls_dh.c, lib/gnutls_dh.h,
709 lib/gnutls_dh_primes.c, lib/gnutls_dtls.c, lib/gnutls_dtls.h,
710 lib/gnutls_ecc.c, lib/gnutls_errors.c, lib/gnutls_errors.h,
711 lib/gnutls_extensions.c, lib/gnutls_extensions.h,
712 lib/gnutls_global.c, lib/gnutls_global.h, lib/gnutls_handshake.c,
713 lib/gnutls_handshake.h, lib/gnutls_hash_int.c,
714 lib/gnutls_hash_int.h, lib/gnutls_helper.c, lib/gnutls_int.h,
715 lib/gnutls_kx.c, lib/gnutls_kx.h, lib/gnutls_mbuffers.c,
716 lib/gnutls_mbuffers.h, lib/gnutls_mem.c, lib/gnutls_mem.h,
717 lib/gnutls_mpi.c, lib/gnutls_mpi.h, lib/gnutls_num.c,
718 lib/gnutls_num.h, lib/gnutls_pcert.c, lib/gnutls_pk.c,
719 lib/gnutls_pk.h, lib/gnutls_priority.c, lib/gnutls_privkey.c,
720 lib/gnutls_psk.c, lib/gnutls_pubkey.c, lib/gnutls_record.c,
721 lib/gnutls_record.h, lib/gnutls_rsa_export.c,
722 lib/gnutls_rsa_export.h, lib/gnutls_session.c,
723 lib/gnutls_session_pack.c, lib/gnutls_session_pack.h,
724 lib/gnutls_sig.c, lib/gnutls_sig.h, lib/gnutls_srp.c,
725 lib/gnutls_srp.h, lib/gnutls_state.c, lib/gnutls_state.h,
726 lib/gnutls_str.c, lib/gnutls_str.h, lib/gnutls_supplemental.c,
727 lib/gnutls_supplemental.h, lib/gnutls_ui.c, lib/gnutls_v2_compat.c,
728 lib/gnutls_v2_compat.h, lib/gnutls_x509.c, lib/gnutls_x509.h,
729 lib/hash.c, lib/includes/Makefile.am,
730 lib/includes/gnutls/abstract.h, lib/includes/gnutls/compat.h,
731 lib/includes/gnutls/crypto.h, lib/includes/gnutls/dtls.h,
732 lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/gnutlsxx.h,
733 lib/includes/gnutls/openpgp.h, lib/includes/gnutls/pkcs11.h,
734 lib/includes/gnutls/pkcs12.h, lib/includes/gnutls/x509.h,
735 lib/libgnutls.map, lib/libgnutlsxx.map, lib/locks.c,
736 lib/nettle/Makefile.am, lib/nettle/cipher.c, lib/nettle/ecc_free.c,
737 lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
738 lib/nettle/ecc_mulmod.c, lib/nettle/ecc_points.c,
739 lib/nettle/ecc_projective_add_point.c,
740 lib/nettle/ecc_projective_dbl_point.c,
741 lib/nettle/ecc_projective_dbl_point_3.c,
742 lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
743 lib/nettle/ecc_verify_hash.c, lib/nettle/egd.c, lib/nettle/init.c,
744 lib/nettle/mac.c, lib/nettle/mpi.c, lib/nettle/pk.c,
745 lib/nettle/rnd.c, lib/opencdk/Makefile.am, lib/opencdk/armor.c,
746 lib/opencdk/context.h, lib/opencdk/filters.h, lib/opencdk/hash.c,
747 lib/opencdk/kbnode.c, lib/opencdk/keydb.c, lib/opencdk/literal.c,
748 lib/opencdk/main.c, lib/opencdk/main.h, lib/opencdk/misc.c,
749 lib/opencdk/new-packet.c, lib/opencdk/opencdk.h,
750 lib/opencdk/packet.h, lib/opencdk/pubkey.c,
751 lib/opencdk/read-packet.c, lib/opencdk/seskey.c,
752 lib/opencdk/sig-check.c, lib/opencdk/stream.c,
753 lib/opencdk/stream.h, lib/opencdk/types.h,
754 lib/opencdk/write-packet.c, lib/openpgp/Makefile.am,
755 lib/openpgp/compat.c, lib/openpgp/extras.c,
756 lib/openpgp/gnutls_openpgp.c, lib/openpgp/output.c,
757 lib/openpgp/pgp.c, lib/openpgp/pgpverify.c, lib/openpgp/privkey.c,
758 lib/pkcs11.c, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
759 lib/pkcs11_write.c, lib/random.c, lib/random.h, lib/system.c,
760 lib/system_override.c, lib/x509/Makefile.am, lib/x509/common.c,
761 lib/x509/common.h, lib/x509/crl.c, lib/x509/crl_write.c,
762 lib/x509/crq.c, lib/x509/dn.c, lib/x509/extensions.c,
763 lib/x509/key_decode.c, lib/x509/key_encode.c, lib/x509/mpi.c,
764 lib/x509/output.c, lib/x509/pbkdf2-sha1.c, lib/x509/pkcs12.c,
765 lib/x509/pkcs12_bag.c, lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c,
766 lib/x509/privkey.c, lib/x509/privkey_pkcs8.c,
767 lib/x509/rfc2818_hostname.c, lib/x509/sign.c,
768 lib/x509/verify-high.c, lib/x509/verify.c, lib/x509/x509.c,
769 lib/x509/x509_int.h, lib/x509/x509_write.c, lib/x509_b64.c,
770 lib/x509_b64.h: Clarify license and copyright.
772 2011-08-03 Simon Josefsson <simon@josefsson.org>
774 * README: Clarify licensing.
776 2011-08-03 Simon Josefsson <simon@josefsson.org>
778 * lib/AUTHORS, lib/ChangeLog, lib/NEWS, lib/autogen.sh,
779 lib/build-aux/arg-nonnull.h, lib/build-aux/c++defs.h,
780 lib/build-aux/config.rpath, lib/build-aux/warn-on-use.h,
781 libextra/AUTHORS, libextra/COPYING, libextra/ChangeLog,
782 libextra/NEWS, libextra/README, libextra/build-aux/config.rpath:
785 2011-08-03 Simon Josefsson <simon@josefsson.org>
787 * libextra/includes/gnutls/extra.h: Finish removal of inner
788 application extension support.
790 2011-08-03 Simon Josefsson <simon@josefsson.org>
792 * lib/includes/gnutls/abstract.h, lib/includes/gnutls/dtls.h: More
795 2011-08-03 Simon Josefsson <simon@josefsson.org>
797 * .x-sc_GPL_version, .x-sc_avoid_if_before_free,
798 .x-sc_bindtextdomain, .x-sc_cast_of_alloca_return_value,
799 .x-sc_cast_of_argument_to_free, .x-sc_file_system,
800 .x-sc_m4_quote_check, .x-sc_makefile_check, .x-sc_program_name,
801 .x-sc_prohibit_HAVE_MBRTOWC, .x-sc_prohibit_S_IS_definition,
802 .x-sc_prohibit_empty_lines_at_EOF,
803 .x-sc_prohibit_strings_without_use, .x-sc_space_tab, .x-sc_the_the,
804 .x-sc_two_space_separator_in_usage, .x-sc_useless_cpp_parens,
805 GNUmakefile, THANKS, build-aux/arg-nonnull.h, build-aux/c++defs.h,
806 build-aux/config.rpath, build-aux/snippet/_Noreturn.h,
807 build-aux/snippet/arg-nonnull.h, build-aux/snippet/c++defs.h,
808 build-aux/snippet/warn-on-use.h, build-aux/useless-if-before-free,
809 build-aux/vc-list-files, build-aux/warn-on-use.h, cfg.mk,
810 configure.ac, doc/Makefile.am, gl/Makefile.am, gl/alignof.h,
811 gl/alloca.c, gl/errno.in.h, gl/error.c, gl/float.c, gl/float.in.h,
812 gl/fseek.c, gl/fseeko.c, gl/ftell.c, gl/intprops.h,
813 gl/m4/alloca.m4, gl/m4/errno_h.m4, gl/m4/error.m4,
814 gl/m4/extensions.m4, gl/m4/float_h.m4, gl/m4/fpieee.m4,
815 gl/m4/fseek.m4, gl/m4/fseeko.m4, gl/m4/ftell.m4, gl/m4/ftello.m4,
816 gl/m4/getdelim.m4, gl/m4/getline.m4, gl/m4/getpagesize.m4,
817 gl/m4/getpass.m4, gl/m4/gettime.m4, gl/m4/gettimeofday.m4,
818 gl/m4/gnulib-cache.m4, gl/m4/gnulib-common.m4,
819 gl/m4/gnulib-comp.m4, gl/m4/hmac-md5.m4, gl/m4/include_next.m4,
820 gl/m4/largefile.m4, gl/m4/lseek.m4, gl/m4/malloc.m4, gl/m4/md5.m4,
821 gl/m4/memchr.m4, gl/m4/memmem.m4, gl/m4/memxor.m4,
822 gl/m4/mmap-anon.m4, gl/m4/po.m4, gl/m4/printf.m4,
823 gl/m4/read-file.m4, gl/m4/realloc.m4, gl/m4/snprintf.m4,
824 gl/m4/strcase.m4, gl/m4/strdup.m4, gl/m4/strerror.m4,
825 gl/m4/string_h.m4, gl/m4/strings_h.m4, gl/m4/strverscmp.m4,
826 gl/m4/time_r.m4, gl/m4/vsnprintf.m4, gl/m4/warn-on-use.m4,
827 gl/m4/warnings.m4, gl/netdb.in.h, gl/netinet_in.in.h,
828 gl/stdarg.in.h, gl/stddef.in.h, gl/stdint.in.h, gl/stdio.in.h,
829 gl/stdlib.in.h, gl/strerror-override.c, gl/strerror-override.h,
830 gl/strerror.c, gl/string.in.h, gl/strings.in.h, gl/sys_socket.in.h,
831 gl/sys_stat.in.h, gl/sys_time.in.h, gl/sys_uio.in.h,
832 gl/tests/Makefile.am, gl/tests/fcntl.in.h, gl/tests/fpucw.h,
833 gl/tests/init.sh, gl/tests/macros.h, gl/tests/test-float.c,
834 gl/tests/test-fseek.c, gl/tests/test-fseek.sh,
835 gl/tests/test-fseek2.sh, gl/tests/test-ftell.c,
836 gl/tests/test-ftell.sh, gl/tests/test-ftell2.sh,
837 gl/tests/test-ftell3.c, gl/tests/test-intprops.c,
838 gl/tests/test-snprintf.c, gl/tests/test-strerror.c,
839 gl/tests/test-vc-list-files-cvs.sh,
840 gl/tests/test-vc-list-files-git.sh, gl/tests/test-verify.c,
841 gl/tests/test-vsnprintf.c, gl/time.in.h, gl/timespec.h,
842 gl/unistd.in.h, gl/verify.h, gl/wchar.in.h, lib/Makefile.am,
843 lib/hash.c, lib/pkcs11_privkey.c, maint.mk, src/benchmark-cipher.c,
844 src/certtool.c, src/cli.c, src/serv.c, tests/Makefile.am,
845 tests/scripts/common.sh: Update gnulib files. Fix syntax-check
848 2011-08-03 Simon Josefsson <simon@josefsson.org>
850 * NEWS, README: Add NEWS entries. Use copyright ranges (now
853 2011-08-03 Simon Josefsson <simon@josefsson.org>
855 * po/LINGUAS, po/cs.po.in, po/fi.po.in, po/nl.po.in, po/pl.po.in,
856 po/sv.po.in, po/uk.po.in: Sync with TP.
858 2011-08-02 Simon Josefsson <simon@josefsson.org>
860 * doc/manpages/Makefile.am, doc/reference/Makefile.am,
861 doc/reference/gnutls-docs.sgml, lib/algorithms/secparams.c,
862 lib/crypto-api.c, lib/gnutls_cert.c, lib/gnutls_db.c,
863 lib/gnutls_global.c, lib/gnutls_privkey.c, lib/gnutls_pubkey.c,
864 lib/includes/gnutls/abstract.h, lib/includes/gnutls/gnutls.h.in,
865 lib/includes/gnutls/pkcs11.h, lib/locks.c, lib/openpgp/privkey.c,
866 lib/pkcs11.c, lib/pkcs11_secret.c, lib/pkcs11_write.c,
867 lib/random.c, lib/system_override.c, lib/x509/crl_write.c,
868 lib/x509/crq.c, lib/x509/privkey.c, lib/x509/x509.c: More GTK-DOC
871 2011-08-02 Simon Josefsson <simon@josefsson.org>
873 * doc/reference/Makefile.am: Simplify GTK-DOC makefile
876 2011-08-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
878 * lib/includes/gnutls/gnutls.h.in: updated
880 2011-08-02 Simon Josefsson <simon@josefsson.org>
882 * lib/algorithms/sign.c, lib/gnutls_dtls.c, lib/gnutls_pubkey.c,
883 lib/gnutls_record.c, lib/includes/gnutls/abstract.h,
884 lib/includes/gnutls/crypto.h, lib/includes/gnutls/dtls.h,
885 lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
886 lib/includes/gnutls/pkcs11.h, lib/nettle/ecc_free.c,
887 lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
888 lib/nettle/ecc_mulmod.c, lib/nettle/ecc_points.c,
889 lib/nettle/ecc_projective_add_point.c,
890 lib/nettle/ecc_projective_dbl_point.c,
891 lib/nettle/ecc_projective_dbl_point_3.c,
892 lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
893 lib/nettle/ecc_verify_hash.c, lib/pkcs11.c: Fix GTK-DOC manual.
895 2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
897 * lib/gnutls_record.c: detect premature termination of connection
899 2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
901 * NEWS, lib/includes/gnutls/pkcs11.h, lib/pkcs11.c: the
902 deprecated_config_file from 2.12.x was incorporated.
904 2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
906 * lib/pkcs11.c: documentation update
908 2011-08-02 Simon Josefsson <simon@josefsson.org>
910 * doc/manpages/Makefile.am, doc/reference/gnutls-docs.sgml,
911 lib/algorithms/ecc.c, lib/crypto-api.c, lib/gnutls_alert.c,
912 lib/gnutls_cert.c, lib/gnutls_dtls.c, lib/gnutls_global.c,
913 lib/gnutls_pcert.c, lib/gnutls_pubkey.c, lib/gnutls_record.c,
914 lib/gnutls_state.c, lib/system_override.c, lib/x509/crl.c,
915 lib/x509/privkey.c, lib/x509/verify-high.c, lib/x509/x509.c: Add
916 GTK-DOC Since: tags for 3.0.0 additions.
918 2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
920 * lib/pkcs11_privkey.c: added asserts.
922 2011-08-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
924 * README, README-alpha: Refer to nettle alone and p11-kit.
926 2011-08-01 Stef Walter <stefw@collabora.co.uk>
928 * lib/pkcs11.c: Don't try to do PKCS#11 login if session is already
929 logged in. * It is possible for new PKCS#11 sessions to be logged in if another logged in session already exists. * In these cases, don't log in, but detect the condition and return success. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
931 2011-08-01 Stef Walter <stefw@collabora.co.uk>
933 * lib/pkcs11_privkey.c: When finding private keys fail, return error
934 code. * Previously this would result in an endless loop. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
936 2011-08-01 Stef Walter <stefw@collabora.co.uk>
938 * lib/includes/gnutls/pkcs11.h, lib/pkcs11.c: Mark the config
939 argument of gnutls_pkcs11_init() as unused * Since its no longer used. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
941 2011-07-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
943 * NEWS, lib/gnutls_str.h, lib/gnutls_x509.c,
944 lib/includes/gnutls/x509.h, lib/x509/x509.c, tests/x509cert.c: Added
945 GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED flag for
946 gnutls_x509_crt_list_import. It checks whether the list to be
947 imported is properly sorted.
949 2011-07-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
951 * NEWS, lib/gnutls_errors.c, lib/gnutls_x509.c,
952 lib/includes/gnutls/gnutls.h.in: Added
953 GNUTLS_E_CERTIFICATE_LIST_UNSORTED. If a certificate list is loaded
954 then verify that it is sorted with order to starts with the subject
955 and finished with the trusted root. That way we make sure we don't
956 send data that violate the TLS protocol.
958 2011-07-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
960 * doc/cha-cert-auth.texi, doc/latex/macros.tex: documentation
963 2011-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
965 * ChangeLog: updated changelog
967 2011-07-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
969 * NEWS: released 3.0.0
971 2011-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
973 * configure.ac: updated version
975 2011-07-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
977 * src/certtool-gaa.c, src/certtool.gaa: Corrected typo.
979 2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
981 * NEWS: documented updates.
983 2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
985 * THANKS: Added Petr.
987 2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
989 * lib/gnutls_pcert.c, lib/gnutls_privkey.c,
990 lib/includes/gnutls/abstract.h, lib/libgnutls.map: Added
991 gnutls_pcert_list_import_x509_raw() and few doc fixes.
993 2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
995 * lib/gnutls.pc.in: corrected for libnettle.
997 2011-06-24 Andreas Metzler <ametzler@downhill.at.eu.org>
999 * configure.ac: fix zlib handling in gnutls.pc Only add zlib to gnutls.pc's Requies.private if zlib ships a
1000 pkg-config file. Ancient (<< 1.2.3.1) versions don't. Otherwise add
1001 -lz to Libs.private. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1003 2011-07-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1005 * doc/examples/ex-client-srp.c, doc/examples/ex-serv-srp.c:
1006 gnutls_global_init_extra() is not needed for SRP.
1008 2011-07-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1010 * NEWS: documented changes.
1012 2011-07-25 Sjoerd Simons <sjoerd.simons@collabora.co.uk>
1014 * lib/gnutls_buffers.c: writev_emu: stop on the first incomplete
1015 write Just like standard writev, we should only move on to the next block
1016 if all the previous ones have been successfully written out.
1017 Otherwise there is a potential for data loss and/or confusing push
1018 functions. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1020 2011-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1022 * doc/latex/fdl.tex: increased size of fdl.
1024 2011-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1026 * lib/pkcs11.c: Added debug message to indicate usage of
1027 compatibility mode for /etc/gnutls/pkcs11.conf
1029 2011-07-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1031 * AUTHORS: removed pgp key from authors file.
1033 2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1035 * ChangeLog: updated changelog.
1037 2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1039 * NEWS, configure.ac, doc/announce.txt, m4/hooks.m4: released 2.99.4
1041 2011-06-29 Petr PÃsaÅ™ <petr.pisar@atlas.cz>
1043 * lib/gnutls_privkey.c: Honor uninitialized private key in
1044 destructor Fixes bug #107730. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1046 2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1048 * src/certtool.c: Corrected initialization of key when generating
1049 request. Reported by Petr Pisar.
1051 2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1055 2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1057 * lib/gnutls_rsa_export.c, lib/x509/privkey.c,
1058 lib/x509/privkey_pkcs8.c, lib/x509/x509_int.h: The crippled status
1059 of an gnutls_x509_privkey_t was removed.
1061 2011-07-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1063 * doc/examples/ex-pkcs11-list.c: Example compilation fix.
1065 2011-07-07 Stef Walter <stefw@collabora.co.uk>
1067 * configure.ac, lib/includes/gnutls/pkcs11.h, lib/pkcs11.c,
1068 lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_write.c: pkcs11:
1069 Use p11_kit_pin_xxx() functionality when 'pinfile' is in uris. * This allows other apps to register a handler for a specific
1070 pinfile and then that application will be able to provide the PIN
1071 for those URIs. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1073 2011-07-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1075 * lib/pkcs11.c: Added compatibility mode with
1076 /etc/gnutls/pkcs11.conf
1078 2011-07-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1080 * doc/cha-tls-app.texi: Updates in upward negotiation section.
1082 2011-07-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1084 * doc/latex/gnutls.bib: Corrected bibliography
1086 2011-07-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1088 * doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
1089 doc/cha-intro-tls.texi, doc/cha-library.texi,
1090 doc/cha-programs.texi, doc/cha-tls-app.texi: corrected section
1093 2011-07-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1095 * doc/cha-library.texi, doc/cha-support.texi, lib/gnutls_errors.c,
1096 lib/gnutls_srp.c: Updated information on required libraries.
1098 2011-07-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1100 * doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
1101 doc/cha-intro-tls.texi, doc/cha-library.texi, doc/cha-preface.texi:
1104 2011-06-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1106 * doc/.gitignore, doc/Makefile.am, doc/alert-printlist.c,
1107 doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
1108 doc/cha-intro-tls.texi, doc/cha-library.texi, doc/gnutls.texi,
1109 doc/latex/Makefile.am, doc/latex/gnutls.tex, doc/latex/macros.tex,
1110 doc/scripts/gdoc, doc/scripts/mytexi2latex, doc/scripts/sort1.pl,
1111 doc/scripts/split.pl, lib/gnutls_x509.c: updated function listing.
1113 2011-06-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1115 * lib/gnutls_alert.c, lib/includes/gnutls/gnutls.h.in,
1116 lib/libgnutls.map: Added gnutls_alert_get_strname().
1118 2011-06-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1120 * lib/algorithms/cert_types.c, lib/algorithms/ciphers.c,
1121 lib/algorithms/ecc.c, lib/algorithms/kx.c, lib/algorithms/mac.c,
1122 lib/algorithms/protocols.c, lib/algorithms/publickey.c,
1123 lib/algorithms/secparams.c, lib/algorithms/sign.c, lib/auth/cert.c,
1124 lib/auth/psk.c, lib/auth/rsa_export.c, lib/crypto-api.c,
1125 lib/crypto-backend.c, lib/ext/max_record.c,
1126 lib/ext/safe_renegotiation.c, lib/ext/server_name.c,
1127 lib/ext/session_ticket.c, lib/gcrypt/mpi.c, lib/gnutls_alert.c,
1128 lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_buffers.c,
1129 lib/gnutls_cert.c, lib/gnutls_dh_primes.c, lib/gnutls_dtls.c,
1130 lib/gnutls_errors.c, lib/gnutls_global.c, lib/gnutls_handshake.c,
1131 lib/gnutls_mpi.c, lib/gnutls_pcert.c, lib/gnutls_priority.c,
1132 lib/gnutls_privkey.c, lib/gnutls_psk.c, lib/gnutls_pubkey.c,
1133 lib/gnutls_record.c, lib/gnutls_sig.c, lib/gnutls_state.c,
1134 lib/gnutls_str.c, lib/gnutls_ui.c, lib/gnutls_x509.c,
1135 lib/minitasn1/decoding.c, lib/minitasn1/errors.c,
1136 lib/nettle/ecc_verify_hash.c, lib/opencdk/kbnode.c,
1137 lib/opencdk/sig-check.c, lib/openpgp/extras.c,
1138 lib/openpgp/gnutls_openpgp.c, lib/openpgp/output.c,
1139 lib/openpgp/pgp.c, lib/openpgp/privkey.c, lib/pkcs11.c,
1140 lib/pkcs11_privkey.c, lib/pkcs11_secret.c, lib/pkcs11_write.c,
1141 lib/random.c, lib/x509/common.c, lib/x509/crl.c,
1142 lib/x509/crl_write.c, lib/x509/crq.c, lib/x509/dn.c,
1143 lib/x509/extensions.c, lib/x509/output.c, lib/x509/pkcs12.c,
1144 lib/x509/pkcs12_bag.c, lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c,
1145 lib/x509/privkey.c, lib/x509/privkey_pkcs8.c,
1146 lib/x509/rfc2818_hostname.c, lib/x509/sign.c,
1147 lib/x509/verify-high.c, lib/x509/verify.c, lib/x509/x509.c,
1148 lib/x509/x509_write.c: documentation fixes
1150 2011-06-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1152 * NEWS, lib/COPYING, lib/accelerated/accelerated.c,
1153 lib/accelerated/cryptodev.c, lib/auth/anon.c, lib/auth/anon_ecdh.c,
1154 lib/auth/cert.c, lib/auth/dh_common.c, lib/auth/dhe.c,
1155 lib/auth/dhe_psk.c, lib/auth/ecdh_common.c, lib/auth/psk.c,
1156 lib/auth/psk_passwd.c, lib/auth/rsa.c, lib/auth/rsa_export.c,
1157 lib/auth/srp.c, lib/auth/srp_passwd.c, lib/auth/srp_rsa.c,
1158 lib/auth/srp_sb64.c, lib/crypto-api.c, lib/crypto-backend.c,
1159 lib/debug.c, lib/ext/cert_type.c, lib/ext/ecc.c,
1160 lib/ext/max_record.c, lib/ext/safe_renegotiation.c,
1161 lib/ext/server_name.c, lib/ext/session_ticket.c,
1162 lib/ext/signature.c, lib/ext/srp.c, lib/gnutls_alert.c,
1163 lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_buffers.c,
1164 lib/gnutls_cert.c, lib/gnutls_cipher.c, lib/gnutls_cipher_int.c,
1165 lib/gnutls_compress.c, lib/gnutls_constate.c, lib/gnutls_datum.c,
1166 lib/gnutls_db.c, lib/gnutls_dh.c, lib/gnutls_dh_primes.c,
1167 lib/gnutls_dtls.c, lib/gnutls_ecc.c, lib/gnutls_errors.c,
1168 lib/gnutls_extensions.c, lib/gnutls_global.c,
1169 lib/gnutls_handshake.c, lib/gnutls_hash_int.c, lib/gnutls_helper.c,
1170 lib/gnutls_kx.c, lib/gnutls_mbuffers.c, lib/gnutls_mem.c,
1171 lib/gnutls_mpi.c, lib/gnutls_num.c, lib/gnutls_pcert.c,
1172 lib/gnutls_pk.c, lib/gnutls_priority.c, lib/gnutls_privkey.c,
1173 lib/gnutls_psk.c, lib/gnutls_pubkey.c, lib/gnutls_record.c,
1174 lib/gnutls_rsa_export.c, lib/gnutls_session.c,
1175 lib/gnutls_session_pack.c, lib/gnutls_sig.c, lib/gnutls_srp.c,
1176 lib/gnutls_state.c, lib/gnutls_str.c, lib/gnutls_supplemental.c,
1177 lib/gnutls_ui.c, lib/gnutls_v2_compat.c, lib/gnutls_x509.c,
1178 lib/hash.c, lib/locks.c, lib/nettle/cipher.c,
1179 lib/nettle/ecc_free.c, lib/nettle/ecc_make_key.c,
1180 lib/nettle/ecc_map.c, lib/nettle/ecc_mulmod.c,
1181 lib/nettle/ecc_points.c, lib/nettle/ecc_projective_add_point.c,
1182 lib/nettle/ecc_projective_dbl_point.c,
1183 lib/nettle/ecc_projective_dbl_point_3.c,
1184 lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
1185 lib/nettle/ecc_verify_hash.c, lib/nettle/egd.c, lib/nettle/init.c,
1186 lib/nettle/mac.c, lib/nettle/mpi.c, lib/nettle/pk.c,
1187 lib/nettle/rnd.c, lib/opencdk/armor.c, lib/opencdk/hash.c,
1188 lib/opencdk/kbnode.c, lib/opencdk/keydb.c, lib/opencdk/literal.c,
1189 lib/opencdk/main.c, lib/opencdk/misc.c, lib/opencdk/new-packet.c,
1190 lib/opencdk/pubkey.c, lib/opencdk/read-packet.c,
1191 lib/opencdk/seskey.c, lib/opencdk/sig-check.c,
1192 lib/opencdk/stream.c, lib/opencdk/write-packet.c,
1193 lib/openpgp/compat.c, lib/openpgp/extras.c,
1194 lib/openpgp/gnutls_openpgp.c, lib/openpgp/output.c,
1195 lib/openpgp/pgp.c, lib/openpgp/pgpverify.c, lib/openpgp/privkey.c,
1196 lib/pkcs11.c, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
1197 lib/pkcs11_write.c, lib/random.c, lib/system.c,
1198 lib/system_override.c, lib/x509/common.c, lib/x509/crl.c,
1199 lib/x509/crl_write.c, lib/x509/crq.c, lib/x509/dn.c,
1200 lib/x509/extensions.c, lib/x509/key_decode.c,
1201 lib/x509/key_encode.c, lib/x509/mpi.c, lib/x509/output.c,
1202 lib/x509/pbkdf2-sha1.c, lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c,
1203 lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c, lib/x509/privkey.c,
1204 lib/x509/privkey_pkcs8.c, lib/x509/rfc2818_hostname.c,
1205 lib/x509/sign.c, lib/x509/verify-high.c, lib/x509/verify.c,
1206 lib/x509/x509.c, lib/x509/x509_write.c, lib/x509_b64.c: Upgraded to
1209 2011-06-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1211 * doc/latex/cover.tex.in: updated cover.
1213 2011-06-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1215 * doc/latex/fdl.tex: improvements on fdl.
1217 2011-06-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1219 * AUTHORS: Added LRN.
1221 2011-06-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1223 * doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
1224 doc/cha-intro-tls.texi, doc/cha-library.texi,
1225 doc/cha-programs.texi, doc/scripts/mytexi2latex: documentation
1228 2011-06-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1230 * NEWS, lib/gnutls_srp.c, lib/gnutls_srp.h: gnutls_srp_verifier()
1231 returns data allocated with gnutls_malloc() for consistency.
1233 2011-06-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1235 * lib/gnutls_errors.c: reduced error message.
1237 2011-06-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1239 * doc/cha-intro-tls.texi: simplified text.
1241 2011-06-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1243 * doc/latex/fdl.tex, doc/latex/gnutls.tex: FDL is now included using
1246 2011-06-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1248 * doc/cha-auth.texi, doc/cha-intro-tls.texi,
1249 doc/examples/ex-client1.c, doc/scripts/mytexi2latex: Tables were
1252 2011-06-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1254 * doc/cha-cert-auth.texi, doc/cha-internals.texi,
1255 doc/cha-intro-tls.texi, doc/cha-library.texi,
1256 doc/scripts/mytexi2latex: figures were made floating.
1258 2011-06-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1260 * doc/latex/cover.tex.in, doc/scripts/mytexi2latex: Added
1261 high-quality pdf images.
1263 2011-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1265 * .gitignore, doc/latex/.gitignore: more files to ignore
1267 2011-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1269 * configure.ac, doc/Makefile.am, doc/cha-auth.texi,
1270 doc/cha-bib.texi, doc/cha-cert-auth.texi,
1271 doc/cha-ciphersuites.texi, doc/cha-errors.texi,
1272 doc/cha-functions.texi, doc/cha-gtls-app.texi,
1273 doc/cha-internals.texi, doc/cha-intro-tls.texi,
1274 doc/cha-library.texi, doc/cha-preface.texi, doc/cha-programs.texi,
1275 doc/cha-support.texi, doc/cha-tls-app.texi, doc/errcodes.c,
1276 doc/examples/ex-client1.c, doc/examples/ex-pkcs11-list.c,
1277 doc/examples/ex-serv-anon.c, doc/gnutls.texi,
1278 doc/latex/Makefile.am, doc/latex/cover.tex.in, doc/latex/fdl.tex,
1279 doc/latex/gnutls.bib, doc/latex/gnutls.tex, doc/latex/macros.tex,
1280 doc/printlist.c, doc/scripts/mytexi2latex, doc/scripts/sort1.pl,
1281 doc/signatures.texi: updated documentation to allow latex output.
1283 2011-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1285 * lib/gnutls_record.c, lib/x509/crq.c, lib/x509/x509.c,
1286 lib/x509/x509_write.c: corrected typos
1288 2011-06-19 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1290 * doc/cha-cert-auth.texi, doc/examples/Makefile.am,
1291 doc/examples/ex-cert-select.c, doc/examples/ex-client-udp.c,
1292 doc/examples/ex-crq.c, doc/examples/ex-pkcs11-list.c,
1293 doc/examples/ex-session-info.c, doc/examples/ex-verify.c: indented
1294 code. Corrected PKCS #11 example.
1296 2011-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1298 * doc/Makefile.am: added missing file.
1300 2011-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1302 * AUTHORS, NEWS, lib/includes/gnutls/gnutls.h.in, m4/hooks.m4:
1305 2011-06-18 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1307 * NEWS, lib/gnutls_errors.c, lib/includes/gnutls/pkcs11.h,
1308 lib/pkcs11.c, lib/pkcs11_write.c, src/p11tool-gaa.c,
1309 src/p11tool-gaa.h, src/p11tool.c, src/p11tool.gaa, src/p11tool.h,
1310 src/pkcs11.c: Added new PKCS #11 flags to force an object being
1311 private or not. Those are GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE and
1312 GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE. p11tool supports now the
1313 --no-private and --private options.
1315 2011-06-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1317 * src/p11common.c: Limit the number of attempts with the same PIN,
1318 to avoid attempting again and again with a wrong PIN.
1320 2011-06-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1322 * lib/pkcs11_write.c: When writing an object with CKA_TRUSTED set
1323 CKA_PRIVATE explicitly to FALSE, to allow the SO to write it.
1324 Reported by Rickard Bellgrim.
1326 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1330 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1332 * src/pkcs11.c: removed unneeded test.
1334 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1336 * lib/pkcs11.c: Enforce the GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO even if
1337 GNUTLS_PKCS11_OBJ_FLAG_LOGIN is specified.
1339 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1341 * src/Makefile.am, src/p11common.c, src/pkcs11.c: Use common code
1342 for PKCS #11 callbacks across clients. Require SO login to write a
1345 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1347 * lib/algorithms/ciphersuites.c, lib/ext/safe_renegotiation.h: bit
1348 fields changed to unsigned.
1350 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1352 * lib/gnutls_pubkey.c, lib/x509/privkey.c: Moved null check before
1355 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1357 * lib/opencdk/keydb.c: removed unreachable code warning
1359 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1361 * lib/opencdk/hash.c, lib/opencdk/main.h, lib/opencdk/stream.c,
1362 lib/opencdk/write-packet.c: eliminated wipemem().
1364 2011-06-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1366 * lib/gnutls_pk.c: corrected uninitialized variable warning.
1368 2011-06-16 Rickard Bellgrim <rickard@opendnssec.org>
1370 * lib/pkcs11_write.c: The CKA_SUBJECT must be specified for a
1371 certificate. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1373 2011-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1375 * lib/includes/gnutls/pkcs11.h, lib/pkcs11.c, src/pkcs11.c: When
1376 setting the TRUSTED flag login as security officer.
1378 2011-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1380 * lib/pkcs11_write.c: write label in PKCS #11 privkey.
1382 2011-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1384 * lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/pkcs11.c,
1385 lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
1386 lib/pkcs11_write.c: define ck_bool_t to be compatible with PKCS #11
1389 2011-06-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1391 * configure.ac: ignore more warnings.
1393 2011-06-09 Stef Walter <stefw@collabora.co.uk>
1395 * lib/Makefile.am, lib/pkcs11_int.h, lib/pkcs11_spec.h: Use pkcs11.h
1396 specification file from p11-kit. * Remove one included briefly in gnutls. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1398 2011-06-09 Stef Walter <stefw@collabora.co.uk>
1400 * lib/pkcs11.c, src/cli.c, src/p11common.c, src/pkcs11.c,
1401 tests/suite/mini-eagain2.c: Fix up compiler warnings. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1403 2011-06-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1405 * lib/pkcs11_spec.h: Added missing file
1407 2011-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1409 * doc/cha-cert-auth.texi: document new config file format and path.
1411 2011-06-07 Stef Walter <stefw@collabora.co.uk>
1413 * configure.ac, doc/examples/Makefile.am, lib/Makefile.am,
1414 lib/auth/cert.c, lib/gnutls_global.c, lib/gnutls_privkey.c,
1415 lib/gnutls_pubkey.c, lib/gnutls_x509.c, lib/pakchois/README,
1416 lib/pakchois/dlopen.c, lib/pakchois/dlopen.h,
1417 lib/pakchois/errors.c, lib/pakchois/pakchois.c,
1418 lib/pakchois/pakchois.h, lib/pakchois/pakchois11.h, lib/pkcs11.c,
1419 lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
1420 lib/pkcs11_write.c, src/Makefile.am, src/certtool-common.c,
1421 src/certtool.c, src/cli.c, src/p11tool.c, src/serv.c: The attached
1422 patch ports gnutls to p11-kit. p11-kit is added as a dependency.
1423 p11-kit itself has no dependencies outside of basic libc stuff. The
1424 source code for p11-kit is available both in git and tarball form.
1425 [3] If the gnutls dependency on p11-kit is disabled (via a configure
1426 option) then the PKCS#11 support is disabled. This is useful in bare
1427 bones embedded systems or places where very minimal dependencies are
1430 2011-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1432 * doc/manpages/Makefile.am: updated
1434 2011-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1436 * lib/pkcs11.c, lib/pkcs11_privkey.c: Return error code when an
1437 object is not found. Only request for token insertion if the
1438 expected data is not found. Based on patch by Stef Walter.
1440 2011-06-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1442 * configure.ac: Depend on automake 1.11.
1444 2011-06-06 Stef Walter <stefw@collabora.co.uk>
1446 * tests/suite/Makefile.am: tests: Build eagain-cli with correct
1447 libraries * Add -ldl -lpthread to linker flags Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1449 2011-05-30 Stef Walter <stefw@collabora.co.uk>
1451 * src/cli.c: gnutls-cli: Fix uninitialized variable when PKCS#11
1452 uris in use. * When PKCS#11 URIs are in use previously tried to free
1453 uninitialized memory. Initialize to zero. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1455 2011-05-30 Stef Walter <stefw@collabora.co.uk>
1457 * lib/pkcs11.c: pkcs11: Accept CKR_USER_ALREADY_LOGGED_IN as
1458 successful result for PAP Login * When doing CKF_PROTECTED_AUTHENTICATION_PATH login, accept CKR_USER_ALREADY_LOGGED_IN as a successful result. * Another code path, or another consumer of the same PKCS#11 module may have already logged in. * This is what the non PAP code path already does. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1460 2011-06-06 Stef Walter <stefw@collabora.co.uk>
1462 * lib/auth/srp.c, lib/auth/srp_rsa.c, lib/ext/session_ticket.c,
1463 lib/gnutls_compress.c, lib/hash.c, lib/nettle/ecc_mulmod.c,
1464 lib/x509/common.c: Remove unused variables * GCC 4.6.0 prints a warning, and build failes with -Wunused Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1466 2011-06-06 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1468 * lib/nettle/rnd.c: use gnutls_assert_val() in EGD errors.
1470 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1472 * tests/dsa/testdsa, tests/openpgp-certs/testcerts,
1473 tests/scripts/common.sh, tests/suite/testcompat-main,
1474 tests/suite/testsrn: Corrected fail() shell function. Reported by
1477 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1479 * tests/dsa/testdsa: Corrected typo. Reported by Andreas Metzler.
1481 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1483 * doc/manpages/Makefile.am: regenerated makefile.
1485 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1487 * lib/x509/common.c: documentation fix.
1489 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1491 * lib/accelerated/intel/Makefile.am,
1492 lib/accelerated/intel/aes-x86.c,
1493 lib/accelerated/intel/asm/appro-aes-gcm-x86.s: pclmul is not used on
1494 intel 32-bit systems.
1496 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1498 * lib/accelerated/intel/aes-x86.c, lib/gnutls_global.h,
1499 lib/gnutls_priority.c: When AES and GCM acceleration is available
1500 increase the priority of AES-GCM ciphersuites in performance and
1503 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1505 * lib/gcrypt/cipher.c, lib/gcrypt/pk.c: prevent compilation of
1506 gcrypt support since it is incomplete.
1508 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1510 * lib/Makefile.am, lib/algorithms/ciphers.c,
1511 lib/algorithms/ciphersuites.c, lib/gcrypt/cipher.c,
1512 lib/nettle/cipher.c, m4/hooks.m4: do not use NETTLE_LIBS to include
1513 hogweed and gmp. removed ENABLE_CAMELLIA and NETTLE_GCM.
1515 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1517 * src/benchmark-tls.c: improved benchmark.
1519 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1521 * doc/Makefile.am, doc/cha-cert-auth.texi, doc/cha-internals.texi,
1522 doc/cha-intro-tls.texi, doc/cha-library.texi,
1523 doc/cha-programs.texi, doc/examples/ex-session-info.c,
1524 doc/gnutls-certificate-user-use-case.pdf,
1525 doc/gnutls-client-server-use-case.pdf,
1526 doc/gnutls-extensions_st.pdf, doc/gnutls-handshake-sequence.pdf,
1527 doc/gnutls-handshake-state.pdf, doc/gnutls-internals.pdf,
1528 doc/gnutls-layers.pdf, doc/gnutls-logo.pdf,
1529 doc/gnutls-mod_auth_st.pdf, doc/gnutls-objects.pdf,
1530 doc/gnutls-pgp.pdf, doc/gnutls-x509.pdf, doc/gnutls.texi: Updated
1531 documentation. Removed all .pdf files. They were not needed.
1533 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1535 * lib/algorithms.h, lib/algorithms/ciphersuites.c,
1536 lib/gnutls_handshake.c: Avoid memory allocations when requesting the
1537 supported ciphersuites.
1539 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1541 * lib/accelerated/intel/aes-x86.c: more verbose if the PCLMUL
1542 instruction is detected.
1544 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1546 * tests/cipher-test.c: Added debugging ability to cipher-test.
1548 2011-06-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1550 * doc/TODO: more cleanup.
1552 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1554 * doc/TODO: Added new TODO items.
1556 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1558 * doc/TODO: removed completed items from todo list
1560 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1562 * lib/gnutls_priority.c: reinstated MAC-ALL semantics.
1564 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1566 * .gitignore: more files to ignore.
1568 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1570 * lib/gnutls_session_pack.c: store the ECC curve in the session
1571 resumption parameters.
1573 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1575 * NEWS, doc/cha-cert-auth.texi, doc/examples/ex-verify.c,
1576 lib/gnutls_cert.c, lib/includes/gnutls/x509.h, lib/libgnutls.map,
1577 lib/x509/verify-high.c, tests/Makefile.am, tests/x509cert-tl.c:
1578 Added gnutls_x509_trust_list_add_named_crt() and
1579 gnutls_x509_trust_list_verify_named_crt() that allow having a list
1580 of certificates in the trusted list that will be associated with a
1581 name (e.g. server name) and will not be used as CAs.
1583 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1585 * NEWS, doc/cha-intro-tls.texi,
1586 lib/accelerated/intel/aes-gcm-x86.c,
1587 lib/accelerated/intel/aes-x86.c, lib/algorithms/ciphersuites.c,
1588 lib/gnutls_priority.c, lib/includes/gnutls/gnutls.h.in,
1589 lib/nettle/cipher.c: Added SuiteB ciphersuites. Added SUITEB128 and
1590 SUITEB192 priority strings. SECURE256 was renamed to SECURE192
1591 (because TLS ciphersuite's security level was not enough to justify
1594 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1596 * NEWS, lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map:
1597 gnutls_ecc_curve_get() was added.
1599 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1601 * lib/gnutls_state.c: The PRF is now read from the ciphersuite
1604 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1606 * src/common.c: Print information on elliptic curve sessions.
1608 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1610 * lib/abstract_int.h, lib/gnutls_pubkey.c, lib/gnutls_sig.c,
1611 lib/gnutls_sig.h, lib/includes/gnutls/abstract.h,
1612 lib/includes/gnutls/compat.h, lib/libgnutls.map, lib/x509/common.c,
1613 lib/x509/common.h, lib/x509/crq.c, lib/x509/privkey.c,
1614 lib/x509/verify.c, lib/x509/x509.c, lib/x509/x509_int.h: Split
1615 pubkey_verify_sig() to pubkey_verify_hashed_data() and
1616 pubkey_verify_data(). Added gnutls_pubkey_verify_data2() to allow
1617 verification of a signature when the signature algorithm cannot be
1618 determined by the signature and the public key only.
1620 2011-06-04 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1622 * lib/gnutls_hash_int.h, lib/gnutls_sig.c: Allow all SHA algorithms
1625 2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1627 * lib/x509/verify.c: fixes for
1628 http://tools.ietf.org/html/draft-mavrogiannopoulos-tls-dss-00
1630 2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1632 * lib/auth/cert.h, lib/gnutls_cert.c, lib/gnutls_handshake.c:
1633 simplified _gnutls_selected_cert_supported_kx().
1635 2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1637 * lib/gnutls_pubkey.c, lib/nettle/pk.c, lib/x509/verify.c:
1638 Truncation of ECDSA and DSA signatures moved to
1639 _wrap_nettle_pk_sign() and _wrap_nettle_pk_verify().
1641 2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1643 * lib/algorithms.h, lib/algorithms/ciphersuites.c,
1644 lib/algorithms/sign.c, lib/ext/signature.c, lib/gnutls_buffers.c,
1645 lib/gnutls_buffers.h, lib/gnutls_handshake.c, lib/gnutls_int.h,
1646 lib/gnutls_sig.c, lib/nettle/pk.c: Simplified the handling of
1647 handshake messages to be hashed. Instead of doing a hash during the
1648 handshake process we now keep the data until handshake is over and
1649 hash them on demand. This uses more memory but eliminates issues
1650 with TLS 1.2 and makes the handling simpler.
1652 2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1654 * lib/ext/signature.c, lib/gnutls_pubkey.c, lib/nettle/pk.c,
1655 lib/x509/common.h, lib/x509/verify.c: Hash algorithms used for DSA
1656 and ECDSA correspond to draft-mavrogiannopoulos-tls-dss-00.txt.
1658 2011-06-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1660 * lib/ext/ecc.c: updated
1662 2011-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1664 * doc/cha-internals.texi, doc/gnutls.texi: Added refint macro to
1665 refer to internal -non exported- functions. Used it to reference to
1666 the gnutls_*_register() functions.
1668 2011-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1670 * NEWS, lib/Makefile.am, lib/auth/psk_passwd.c, lib/auth/rsa.c,
1671 lib/auth/rsa_export.c, lib/auth/srp_passwd.c, lib/crypto-api.c,
1672 lib/crypto-backend.c, lib/crypto-backend.h, lib/crypto.c,
1673 lib/ext/session_ticket.c, lib/gnutls_cipher.c,
1674 lib/gnutls_cipher_int.h, lib/gnutls_handshake.c,
1675 lib/gnutls_hash_int.h, lib/gnutls_mpi.c, lib/gnutls_mpi.h,
1676 lib/gnutls_pk.c, lib/includes/gnutls/crypto.h, lib/libgnutls.map,
1677 lib/nettle/mpi.c, lib/nettle/pk.c, lib/opencdk/misc.c,
1678 lib/pkcs11_secret.c, lib/random.h, lib/x509/pkcs12.c,
1679 lib/x509/privkey_pkcs8.c, libextra/gnutls_openssl.c, src/psk.c,
1680 src/srptool.c, tests/Makefile.am, tests/crypto_rng.c,
1681 tests/rng-fork.c: gnutls/crypto.h no longer includes functions to
1682 register ciphers. Thus the following functions - gnutls_crypto_bigint_register - gnutls_crypto_cipher_register - gnutls_crypto_digest_register - gnutls_crypto_mac_register - gnutls_crypto_pk_register - gnutls_crypto_rnd_register - gnutls_crypto_single_cipher_register - gnutls_crypto_single_digest_register - gnutls_crypto_single_mac_register are only available internally
1683 via crypto-backend.h.
1685 2011-06-02 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1687 * build-aux/config.rpath: updated
1689 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1691 * lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s,
1692 lib/accelerated/intel/asm/appro-aes-gcm-x86.s,
1693 lib/accelerated/intel/asm/appro-aes-x86-64.s,
1694 lib/accelerated/intel/asm/appro-aes-x86.s: typos and date fix in
1697 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1699 * src/benchmark-tls.c: Added benchmark on GCM ciphersuites and
1700 arcfour for comparison.
1702 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1704 * lib/gnutls_int.h: corrected typo.
1706 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1708 * lib/accelerated/intel/aes-gcm-x86.c,
1709 lib/accelerated/intel/aes-x86.c: indented code
1711 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1713 * src/benchmark.c: properly initialize benchmarks.
1715 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1717 * configure.ac, m4/hooks.m4: bumped version.
1719 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1721 * lib/accelerated/intel/aes-gcm-x86.c: Corrections in encryption and
1722 decryption of incomplete blocks.
1724 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1726 * lib/accelerated/intel/aes-gcm-x86.c, lib/gnutls_int.h,
1727 lib/gnutls_state.c: Use nettle's memxor or gnulib's if it doesn't
1730 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1732 * NEWS, lib/accelerated/intel/Makefile.am,
1733 lib/accelerated/intel/aes-gcm-x86.c,
1734 lib/accelerated/intel/aes-x86.c, lib/accelerated/intel/aes-x86.h,
1735 lib/accelerated/intel/asm/appro-aes-gcm-x86-64.s,
1736 lib/accelerated/intel/asm/appro-aes-gcm-x86.s, lib/gnutls_num.c,
1737 lib/gnutls_num.h, tests/cipher-test.c: Added AES-GCM optimizations
1738 using the PCLMULQDQ instruction. Uses Andy Polyakov's assembly code.
1740 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1742 * lib/crypto-api.c: documented usage of gnutls_cipher_add_auth().
1744 2011-06-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1746 * doc/cha-intro-tls.texi: updates.
1748 2011-05-31 Roman Bogorodskiy <bogorodskiy@gmail.com>
1750 * lib/Makefile.am: Prevent including installed gnutls' headers.
1752 2011-05-31 Roman Bogorodskiy <bogorodskiy@gmail.com>
1754 * src/udp-serv.c: Add missing <netinet/in.h> to get sockaddr_in.
1756 2011-05-31 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1758 * doc/cha-intro-tls.texi: Compatibility text updated.
1760 2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1762 * lib/accelerated/intel/asm/appro-aes-x86-64.s,
1763 lib/accelerated/intel/asm/appro-aes-x86.s: Added new AES code by
1766 2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1768 * doc/credentials/x509/ca-key.pem: Added missing file.
1770 2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1772 * .gitignore: more files to ignore
1774 2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1776 * lib/nettle/Makefile.am, lib/nettle/ecc_free.c,
1777 lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
1778 lib/nettle/ecc_mulmod.c, lib/nettle/ecc_points.c,
1779 lib/nettle/ecc_projective_add_point.c,
1780 lib/nettle/ecc_projective_dbl_point_3.c,
1781 lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
1782 lib/nettle/ecc_test.c, lib/nettle/ecc_verify_hash.c: Added FSF
1783 copyright to public domain files.
1785 2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1787 * configure.ac, lib/accelerated/x86.h: Use cpuid.h if it exists, to
1788 use the x86 CPUID instruction.
1790 2011-05-29 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1792 * THANKS: Added Dash.
1794 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1796 * lib/gnutls_compress.c, lib/gnutls_compress.h,
1797 lib/gnutls_handshake.c: simplified
1798 _gnutls_supported_compression_methods().
1800 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1802 * lib/gnutls_constate.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
1803 lib/gnutls_session_pack.c, lib/gnutls_v2_compat.c: Correctly set
1804 compression method when resuming sessions. Reported by Dash Shendy.
1806 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1808 * lib/gnutls_hash_int.c: digest_length() uses int as input.
1810 2011-05-28 Stef Walter <stefw@collabora.co.uk>
1812 * lib/nettle/cipher.c: Fix warnings with GCC 4.5.2
1814 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1816 * doc/credentials/Makefile.am, doc/credentials/x509/Makefile.am:
1817 Corrected EXTRA_DIST
1819 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1821 * tests/suite/testcompat-main: updated keys.
1823 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1825 * lib/auth/cert.c, lib/auth/cert.h, lib/gnutls_handshake.c,
1826 lib/gnutls_handshake.h: Take into account each and every advertized
1827 public key algorithm when selecting a certificate. Previously we
1828 were assuming only RSA or DSA, or ANY.
1830 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1832 * doc/credentials/gnutls-http-serv, src/serv-gaa.c, src/serv-gaa.h,
1833 src/serv.c, src/serv.gaa: Added feature to specify ecc private keys
1836 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1838 * lib/algorithms.h, lib/gnutls_handshake.c, lib/gnutls_state.c:
1839 Corrected ECC ciphersuite detection.
1841 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1843 * doc/credentials/x509-ca-key.pem, doc/credentials/x509-ca.pem,
1844 doc/credentials/x509-client-key.pem,
1845 doc/credentials/x509-client.pem, doc/credentials/x509-other-ca.pem,
1846 doc/credentials/x509-proxy-key.pem, doc/credentials/x509-proxy.pem,
1847 doc/credentials/x509-server-dsa.pem,
1848 doc/credentials/x509-server-key-dsa.pem,
1849 doc/credentials/x509-server-key.pem,
1850 doc/credentials/x509-server.pem, doc/credentials/x509-trust.pem,
1851 doc/credentials/x509/ca.pem, doc/credentials/x509/cert-dsa.pem,
1852 doc/credentials/x509/cert-ecc.pem,
1853 doc/credentials/x509/cert-rsa.pem, doc/credentials/x509/cert.pem,
1854 doc/credentials/x509/clicert-dsa.pem,
1855 doc/credentials/x509/clicert.pem, doc/credentials/x509/key-dsa.pem,
1856 doc/credentials/x509/key-ecc.pem, doc/credentials/x509/key-rsa.pem,
1857 doc/credentials/x509/key.pem, lib/nettle/pk.c, lib/x509/verify.c:
1858 Laxed verification checks for DSA to allow SHA256 in place of
1859 SHA224. Added new certificate sets in doc/credentials/x509/.
1861 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1863 * lib/gnutls_priority.c: ECDHE and ECDSA were added to deafult
1866 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1868 * lib/auth/rsa.c, lib/x509/key_encode.c, lib/x509/privkey_pkcs8.c:
1869 gnutls_secure_malloc() is no longer used.
1871 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1873 * lib/auth/dhe_psk.c, lib/auth/psk.c: deinitialize PSK key memory.
1875 2011-05-28 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1877 * lib/auth/psk.c: explicitly request for client key in server side.
1879 2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1881 * NEWS, lib/algorithms/ciphersuites.c, lib/algorithms/kx.c,
1882 lib/auth/anon.c, lib/auth/anon_ecdh.c, lib/auth/dh_common.c,
1883 lib/auth/dh_common.h, lib/auth/dhe.c, lib/auth/dhe_psk.c,
1884 lib/auth/ecdh_common.c, lib/auth/ecdh_common.h, lib/gnutls_state.c,
1885 lib/includes/gnutls/gnutls.h.in: Added ECDHE-PSK ciphersuites for
1888 2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1890 * doc/gnutls-guile.texi: Corrections.
1892 2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1894 * doc/.gitignore: ignore tex files.
1896 2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1898 * doc/cha-copying.texi: Do not list all licenses in the manual of
1899 gnutls. Just the license of the manual is enough.
1901 2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1903 * doc/Makefile.am, doc/cha-ciphersuites.texi,
1904 doc/cha-functions.texi, doc/cha-preface.texi,
1905 doc/gnutls-guile.texi, doc/guile.texi, guile/src/core.c: guile
1906 bindings added as a separate document.
1908 2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1910 * doc/gnutls.texi: reorganization. Removed guile bindings.
1912 2011-05-27 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1914 * doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
1915 doc/gnutls.texi: reorganization and added section on parameter
1918 2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1920 * lib/Makefile.am, lib/auth/Makefile.am, lib/ext/Makefile.am,
1921 lib/nettle/Makefile.am: Added new headers.
1923 2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1925 * NEWS: document elliptic curves addition.
1927 2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1929 * m4/hooks.m4: libgcrypt support was removed.
1931 2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1933 * NEWS: listed newly added functions.
1935 2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1937 * lib/nettle/Makefile.am, lib/nettle/ecc.h,
1938 lib/nettle/ecc_make_key.c, lib/nettle/ecc_shared_secret.c,
1939 lib/nettle/ecc_sign_hash.c, lib/nettle/ecc_verify_hash.c,
1940 lib/nettle/mp_unsigned_bin.c: Use nettle's functions for integer
1943 2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1945 * lib/algorithms/publickey.c, lib/gnutls_sig.c: more updates for
1948 2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1950 * lib/ext/ecc.c: reduced debugging.
1952 2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1954 * lib/gnutls_pubkey.c, lib/gnutls_sig.c: Changes to allow ECDH-DSA
1955 with client mode certificates.
1957 2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1959 * tests/certs/ca-cert-ecc.pem, tests/certs/ca-ecc.pem,
1960 tests/certs/cert-ecc.pem, tests/certs/ecc.pem,
1961 tests/suite/testcompat-main: Added server and client mode tests for
1964 2011-05-26 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1966 * lib/ext/session_ticket.c, lib/gnutls_db.c, lib/gnutls_dtls.c,
1967 lib/gnutls_global.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
1968 lib/gnutls_session_pack.c, lib/gnutls_v2_compat.c,
1969 lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
1970 lib/nettle/rnd.c, lib/opencdk/keydb.c, lib/opencdk/literal.c,
1971 lib/opencdk/read-packet.c, lib/opencdk/sig-check.c,
1972 lib/openpgp/gnutls_openpgp.c, lib/system.c, lib/system.h,
1973 lib/x509/common.c, lib/x509/verify.c, tests/chainverify.c: Added
1974 gnutls_global_set_time_function() to allow overriding the default
1975 system time() function.
1977 2011-05-25 Giuseppe Scrivano <gscrivano@gnu.org>
1979 * doc/cha-programs.texi: Fix example in the documentation. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1981 2011-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1983 * doc/cha-programs.texi: updated documentation on PSK. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
1985 2011-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1987 * lib/nettle/ecc_projective_add_point.c: If Q=-P return the point at
1990 2011-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1992 * tests/chainverify.c: Added elliptic curves chain certificate.
1994 2011-05-25 Nikos Mavrogiannopoulos <nmav@gnutls.org>
1996 * lib/gnutls_buffers.c: do not try to write to a socket when no
1999 2011-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2001 * tests/openpgpself.c: increased log level
2003 2011-05-24 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2005 * lib/gnutls_buffers.h, lib/gnutls_handshake.c:
2006 _gnutls_handshake_hash_buffer_clear was replaced by
2007 _gnutls_buffer_clear();
2009 2011-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2011 * lib/nettle/pk.c: Only warn on invalid security level hashes.
2013 2011-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2015 * src/certtool.c: SHA256 is the default hash algorithm in certtool.
2017 2011-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2019 * lib/gnutls_pk.c, lib/gnutls_pk.h, lib/gnutls_privkey.c,
2020 lib/gnutls_sig.c, lib/x509/verify.c: Several updates to allow
2021 generation and signing of an ECC certificate.
2023 2011-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2025 * doc/manpages/certtool.1: updated certtool info.
2027 2011-05-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2029 * lib/algorithms/ciphersuites.c: corrected bug in ciphersuite name
2032 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2034 * doc/cha-auth.texi: Discussed the newly added ciphersuites.
2036 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2038 * doc/Makefile.am: Added algorithms/ to function index.
2040 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2042 * lib/algorithms/ciphersuites.c: Added ECC ciphersuites from
2045 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2047 * src/certtool.c: Print the private key after generation. Print ECC
2050 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2052 * lib/algorithms/ecc.c, lib/gnutls_ecc.c,
2053 lib/includes/gnutls/abstract.h, lib/includes/gnutls/x509.h,
2054 lib/libgnutls.map, lib/x509/privkey.c: Added
2055 gnutls_x509_privkey_import_ecc_raw() and
2056 gnutls_x509_privkey_export_ecc_raw().
2058 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2060 * lib/x509/privkey.c: Decode PEM ECC private keys.
2062 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2064 * lib/algorithms.h, lib/algorithms/ecc.c, lib/x509/key_encode.c,
2065 lib/x509/privkey.c, src/certtool-gaa.c, src/certtool-gaa.h,
2066 src/certtool.c, src/certtool.gaa: updates to allow the generation of
2069 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2071 * lib/x509_b64.c: do not crash on null message.
2073 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2075 * .gitignore: updated
2077 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2079 * lib/algorithms/ciphersuites.c, lib/algorithms/kx.c,
2080 lib/auth/cert.c, lib/auth/dhe.c, lib/gnutls_pk.c, lib/gnutls_pk.h,
2081 lib/gnutls_pubkey.c, lib/gnutls_sig.c, lib/gnutls_state.c,
2082 lib/includes/gnutls/gnutls.h.in, lib/nettle/ecc_sign_hash.c,
2083 lib/nettle/pk.c, lib/nettle/rnd.c, lib/nettle/rnd.h,
2084 lib/x509/common.h, lib/x509/verify.c: Added support for verifying
2085 server certificates with ECDSA.
2087 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2089 * lib/ext/ecc.c: Only reply with ECC Packet format extension if we
2090 have negotiated ECC.
2092 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2094 * tests/pathlen/ca-no-pathlen.pem,
2095 tests/pathlen/no-ca-or-pathlen.pem, tests/pkcs12_s2k_pem.c: leak fix
2096 and updates for new formats.
2098 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2100 * tests/suite/testcompat-main: Added ECDHE-RSA tests.
2102 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2104 * lib/algorithms/secparams.c, lib/gnutls_pubkey.c: always put
2105 leading zero to output keys
2107 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2109 * lib/x509/output.c: print the bits together with the security
2112 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2114 * lib/x509/privkey.c, lib/x509/privkey_pkcs8.c: leaks fixes.
2116 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2118 * lib/pkcs11.c: corrected file descriptor leak.
2120 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2122 * libextra/gnutls_extra.c: gnutls_algorithms.h -> algorithms.h
2124 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2126 * lib/x509/key_decode.c, lib/x509/key_encode.c: corrected ECC public
2127 key encoding/decoding.
2129 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2131 * src/certtool-common.c, src/certtool.c: Corrected bug in public key
2132 import. print information on ECC public keys.
2134 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2136 * lib/includes/gnutls/crypto.h, lib/nettle/pk.c,
2137 lib/x509/key_encode.c, lib/x509/x509_int.h: No need to keep Z in
2138 parameters since the pubkey can always be converted to an affine
2141 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2143 * lib/algorithms/secparams.c, lib/gnutls_pubkey.c,
2144 lib/includes/gnutls/abstract.h, lib/libgnutls.map,
2145 lib/x509/common.c, lib/x509/key_decode.c, lib/x509/mpi.c,
2146 lib/x509/output.c: print information on ECC certificates.
2148 2011-05-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2150 * lib/abstract_int.h, lib/algorithms.h, lib/algorithms/ecc.c,
2151 lib/auth/anon.h, lib/auth/ecdh_common.c, lib/auth/ecdh_common.h,
2152 lib/auth/rsa.c, lib/auth/rsa_export.c, lib/ext/ecc.c,
2153 lib/gnutls.asn, lib/gnutls_asn1_tab.c, lib/gnutls_ecc.c,
2154 lib/gnutls_ecc.h, lib/gnutls_errors.c, lib/gnutls_int.h,
2155 lib/gnutls_pk.c, lib/gnutls_pk.h, lib/gnutls_privkey.c,
2156 lib/gnutls_pubkey.c, lib/gnutls_rsa_export.c,
2157 lib/gnutls_rsa_export.h, lib/gnutls_sig.c, lib/gnutls_sig.h,
2158 lib/gnutls_state.c, lib/gnutls_state.h,
2159 lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
2160 lib/libgnutls.map, lib/nettle/ecc_test.c, lib/nettle/pk.c,
2161 lib/openpgp/openpgp_int.h, lib/openpgp/pgp.c,
2162 lib/openpgp/privkey.c, lib/x509/Makefile.am, lib/x509/common.c,
2163 lib/x509/common.h, lib/x509/crq.c, lib/x509/key_decode.c,
2164 lib/x509/key_encode.c, lib/x509/mpi.c, lib/x509/privkey.c,
2165 lib/x509/privkey_pkcs8.c, lib/x509/verify.c, lib/x509/x509.c,
2166 lib/x509/x509_int.h, lib/x509/x509_write.c: gnutls_pk_params_st is
2167 used internally to transfer public key parameters. This replaces the
2168 raw bigint_t arrays.
2170 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2172 * lib/algorithms.h, lib/algorithms/ciphersuites.c,
2173 lib/algorithms/ecc.c, lib/auth/ecdh_common.c, lib/ext/ecc.c,
2174 lib/ext/ecc.h: Curve TLS ID is being stored in algorithms/ecc.c.
2176 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2178 * configure.ac, lib/Makefile.am, lib/algorithms.h,
2179 lib/algorithms/Makefile.am, lib/algorithms/cert_types.c,
2180 lib/algorithms/ciphers.c, lib/algorithms/ciphersuites.c,
2181 lib/algorithms/ecc.c, lib/algorithms/kx.c, lib/algorithms/mac.c,
2182 lib/algorithms/protocols.c, lib/algorithms/publickey.c,
2183 lib/algorithms/secparams.c, lib/algorithms/sign.c, lib/auth/cert.c,
2184 lib/auth/dh_common.c, lib/auth/dhe.c, lib/auth/ecdh_common.c,
2185 lib/auth/rsa.c, lib/auth/rsa_export.c, lib/ext/session_ticket.c,
2186 lib/ext/signature.c, lib/ext/srp.c, lib/gnutls_algorithms.c,
2187 lib/gnutls_algorithms.h, lib/gnutls_auth.c, lib/gnutls_cert.c,
2188 lib/gnutls_cipher.c, lib/gnutls_cipher_int.c,
2189 lib/gnutls_compress.c, lib/gnutls_constate.c, lib/gnutls_ecc.c,
2190 lib/gnutls_handshake.c, lib/gnutls_kx.c, lib/gnutls_priority.c,
2191 lib/gnutls_record.c, lib/gnutls_sig.c, lib/gnutls_state.c,
2192 lib/gnutls_v2_compat.c, lib/gnutls_x509.c, lib/nettle/ecc_test.c,
2193 lib/nettle/mpi.c, lib/opencdk/read-packet.c, lib/x509/common.h,
2194 lib/x509/privkey_pkcs8.c: gnutls_algorithms.c was split into
2195 manageable files in algorithms/.
2197 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2199 * lib/gnutls_handshake.c: use the _gnutls_session_is_ecc() to check
2202 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2204 * lib/auth/ecdh_common.c, lib/gnutls_algorithms.c,
2205 lib/includes/gnutls/gnutls.h.in, lib/nettle/pk.c, lib/x509/x509.c:
2206 Added OIDs and definitions for ECDSA signature algorithm.
2208 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2210 * src/benchmark-tls.c: Print purpose of testing.
2212 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2214 * src/benchmark-tls.c: compare ECDH and DH on the same security
2217 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2219 * doc/cha-intro-tls.texi, lib/gnutls_algorithms.c,
2220 lib/gnutls_algorithms.h, lib/gnutls_priority.c: Added ability to
2221 specify curves as priority strings.
2223 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2225 * lib/nettle/ecc.h: removed ecc_is_valid_idx() prototype
2227 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2229 * lib/nettle/ecc.h, lib/nettle/ecc_make_key.c,
2230 lib/nettle/ecc_map.c, lib/nettle/ecc_mulmod.c,
2231 lib/nettle/ecc_points.c, lib/nettle/ecc_projective_add_point.c,
2232 lib/nettle/ecc_projective_dbl_point.c,
2233 lib/nettle/ecc_projective_dbl_point_3.c,
2234 lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_test.c,
2235 lib/nettle/ecc_verify_hash.c, lib/nettle/pk.c: Dropped ltc_ from
2236 function and type names.
2238 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2240 * tests/x509cert.c: corrected memory leak.
2242 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2244 * lib/nettle/cipher.c: use new nettle's name for gcm_aes_auth().
2246 2011-05-21 Simon Josefsson <simon@josefsson.org>
2248 * gl/hmac-md5.c, gl/m4/valgrind-tests.m4, gl/memxor.c, gl/memxor.h,
2249 gl/override/lib/hmac-md5.c.diff, gl/override/lib/memxor.c.diff,
2250 gl/override/lib/memxor.h.diff,
2251 gl/override/m4/valgrind-tests.m4.diff: Override gnulib code with fix
2252 for memxor and valgrind.
2254 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2256 * lib/auth/anon_ecdh.c, lib/auth/dh_common.c, lib/auth/dhe.c,
2257 lib/auth/ecdh_common.c, lib/gnutls_algorithms.c,
2258 lib/gnutls_global.c, lib/gnutls_handshake.c, lib/gnutls_state.c,
2259 lib/gnutls_state.h, lib/includes/gnutls/gnutls.h.in: Added support
2260 for ECDHE-RSA ciphersuites.
2262 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2264 * tests/eagain-common.h: inlined function to avoid gcc warnings
2266 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2268 * lib/nettle/Makefile.am, lib/nettle/ecc.h, lib/nettle/ecc_free.c,
2269 lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
2270 lib/nettle/ecc_mulmod.c, lib/nettle/ecc_points.c,
2271 lib/nettle/ecc_projective_add_point.c,
2272 lib/nettle/ecc_projective_dbl_point.c,
2273 lib/nettle/ecc_projective_dbl_point_3.c,
2274 lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
2275 lib/nettle/ecc_test.c, lib/nettle/ecc_verify_hash.c,
2276 lib/nettle/ltc_ecc_map.c, lib/nettle/ltc_ecc_mulmod.c,
2277 lib/nettle/ltc_ecc_points.c,
2278 lib/nettle/ltc_ecc_projective_add_point.c,
2279 lib/nettle/ltc_ecc_projective_dbl_point.c: Added previous code that
2280 was fixed for y^2 = x^3 - 3x + b, because all secg curves have a
2281 fixed to -3. Simplified file naming scheme.
2283 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2285 * lib/gnutls_algorithms.c, lib/gnutls_int.h: Added SECP224R1.
2287 2011-05-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2289 * src/Makefile.am, src/benchmark-cipher.c, src/benchmark-tls.c,
2290 src/benchmark.c, src/benchmark.h: updates to benchmarks.
2292 2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2294 * lib/gnutls_algorithms.c, lib/gnutls_int.h, lib/gnutls_priority.c,
2295 lib/nettle/ecc_test.c: Added curve SECP512R1.
2297 2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2299 * src/benchmark-cipher.c, src/benchmark-common.c, src/benchmark.c:
2300 benchmark ECDH and DH.
2302 2011-05-20 Simon Josefsson <simon@josefsson.org>
2304 * build-aux/config.rpath, gl/Makefile.am, gl/alignof.h,
2305 gl/glthread/lock.c, gl/glthread/lock.h, gl/glthread/threadlib.c,
2306 gl/hmac-md5.c, gl/intprops.h, gl/m4/gnulib-cache.m4,
2307 gl/m4/gnulib-comp.m4, gl/m4/strerror.m4, gl/m4/strerror_r.m4,
2308 gl/m4/thread.m4, gl/m4/valgrind-tests.m4, gl/m4/yield.m4,
2309 gl/memxor.c, gl/memxor.h, gl/stdint.in.h, gl/strerror-impl.h,
2310 gl/strerror.c, gl/strerror_r.c, gl/tests/Makefile.am,
2311 gl/tests/dummy.c, gl/tests/glthread/thread.c,
2312 gl/tests/glthread/thread.h, gl/tests/glthread/yield.h,
2313 gl/tests/test-intprops.c, gl/tests/test-lock.c,
2314 gl/tests/test-strerror.c, gl/tests/test-strerror_r.c: Update gnulib
2317 2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2319 * lib/auth/ecdh_common.c, lib/gnutls_handshake.c, src/common.c:
2320 client side ECC fixes.
2322 2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2324 * src/cli.c: corrected debugging.
2326 2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2328 * lib/auth/ecdh_common.c, lib/gnutls_algorithms.c,
2329 lib/gnutls_algorithms.h, lib/gnutls_global.c,
2330 lib/includes/gnutls/crypto.h, lib/nettle/ecc.h,
2331 lib/nettle/ecc_free.c, lib/nettle/ecc_make_key.c,
2332 lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
2333 lib/nettle/ecc_test.c, lib/nettle/ecc_verify_hash.c,
2334 lib/nettle/ltc_ecc_map.c, lib/nettle/ltc_ecc_mulmod.c,
2335 lib/nettle/ltc_ecc_points.c,
2336 lib/nettle/ltc_ecc_projective_add_point.c,
2337 lib/nettle/ltc_ecc_projective_dbl_point.c, lib/nettle/pk.c,
2338 lib/x509/x509_int.h: Account 'A' in calculations for point doubling.
2340 2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2342 * gl/Makefile.am, gl/alignof.h, gl/close-hook.c, gl/close-hook.h,
2343 gl/error.c, gl/error.h, gl/fd-hook.c, gl/fd-hook.h,
2344 gl/glthread/lock.c, gl/glthread/lock.h, gl/glthread/threadlib.c,
2345 gl/intprops.h, gl/m4/error.m4, gl/m4/fcntl_h.m4, gl/m4/fseeko.m4,
2346 gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/inttypes.m4,
2347 gl/m4/manywarnings.m4, gl/m4/memchr.m4, gl/m4/netdb_h.m4,
2348 gl/m4/stdint.m4, gl/m4/stdio_h.m4, gl/m4/strerror.m4,
2349 gl/m4/strerror_r.m4, gl/m4/string_h.m4, gl/m4/sys_uio_h.m4,
2350 gl/m4/thread.m4, gl/m4/unistd_h.m4, gl/m4/warnings.m4,
2351 gl/m4/wchar_h.m4, gl/m4/yield.m4, gl/malloc.c, gl/netdb.in.h,
2352 gl/realloc.c, gl/sockets.c, gl/stdint.in.h, gl/stdio.in.h,
2353 gl/stdlib.in.h, gl/strerror-impl.h, gl/strerror.c, gl/strerror_r.c,
2354 gl/string.in.h, gl/sys_socket.in.h, gl/sys_uio.in.h,
2355 gl/tests/Makefile.am, gl/tests/dummy.c, gl/tests/fcntl.in.h,
2356 gl/tests/glthread/thread.c, gl/tests/glthread/thread.h,
2357 gl/tests/glthread/yield.h, gl/tests/intprops.h,
2358 gl/tests/inttypes.in.h, gl/tests/test-fcntl-h.c,
2359 gl/tests/test-intprops.c, gl/tests/test-inttypes.c,
2360 gl/tests/test-lock.c, gl/tests/test-strerror.c,
2361 gl/tests/test-strerror_r.c, gl/tests/test-sys_socket.c,
2362 gl/tests/test-sys_uio.c, gl/unistd.in.h, gl/verify.h, gl/wchar.in.h:
2363 Added new gnulib and error.h.
2365 2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2367 * lib/gnutls_global.c: removed debugging.
2369 2011-05-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2371 * cfg.mk: added error.h
2373 2011-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2375 * lib/Makefile.am, lib/auth/Makefile.am, lib/auth/anon.h,
2376 lib/auth/anon_ecdh.c, lib/auth/ecdh_common.c,
2377 lib/auth/ecdh_common.h, lib/ext/Makefile.am, lib/ext/ecc.c,
2378 lib/ext/ecc.h, lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
2379 lib/gnutls_dh.c, lib/gnutls_ecc.c, lib/gnutls_ecc.h,
2380 lib/gnutls_errors.c, lib/gnutls_extensions.c, lib/gnutls_global.c,
2381 lib/gnutls_int.h, lib/gnutls_pk.c, lib/gnutls_pk.h,
2382 lib/gnutls_priority.c, lib/gnutls_state.c, lib/gnutls_state.h,
2383 lib/includes/gnutls/crypto.h, lib/includes/gnutls/gnutls.h.in,
2384 lib/nettle/Makefile.am, lib/nettle/ecc.h, lib/nettle/ecc_free.c,
2385 lib/nettle/ecc_make_key.c, lib/nettle/ecc_shared_secret.c,
2386 lib/nettle/ecc_sign_hash.c, lib/nettle/ecc_test.c,
2387 lib/nettle/ecc_verify_hash.c, lib/nettle/gnettle.h,
2388 lib/nettle/ltc_ecc_map.c, lib/nettle/ltc_ecc_mulmod.c,
2389 lib/nettle/ltc_ecc_points.c,
2390 lib/nettle/ltc_ecc_projective_add_point.c,
2391 lib/nettle/ltc_ecc_projective_dbl_point.c,
2392 lib/nettle/mp_unsigned_bin.c, lib/nettle/mpi.c, lib/nettle/multi.c,
2393 lib/nettle/pk.c, lib/nettle/rnd.c, lib/nettle/rnd.h,
2394 lib/x509/x509_int.h: Initial ecc support. Adds support for anonymous
2397 2011-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2399 * src/benchmark-common.c, src/benchmark.h: more win32 fixes.
2401 2011-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2403 * src/benchmark-common.c: corrections in win32 version.
2405 2011-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2407 * lib/ext/signature.c, lib/gnutls_extensions.c: Some debugging moved
2410 2011-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2412 * src/Makefile.am, src/benchmark-common.c, src/benchmark-tls.c,
2413 src/benchmark.c, src/benchmark.h, tests/eagain-common.h: Added
2414 benchmark utility that tests the encryption time in TLS packets.
2416 2011-05-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2418 * src/p11common.c: corrected message reporting.
2420 2011-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2422 * src/p11common.c: Corrected PIN caching.
2424 2011-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2426 * lib/gnutls_record.c: assign value
2428 2011-05-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2430 * lib/nettle/mpi.c: reduce the repetitions for rabin-miller to a
2433 2011-05-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2435 * doc/cha-intro-tls.texi: discuss missing algorithms.
2437 2011-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2441 2011-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2443 * lib/gnutls_str.c, lib/gnutls_str.h, lib/pkcs11.c: Correctly import
2444 and export pkcs11-urls with ID field set.
2446 2011-05-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2448 * lib/nettle/egd.c, lib/opencdk/literal.c, lib/opencdk/misc.c,
2449 lib/opencdk/read-packet.c, lib/pkcs11.c, lib/x509/common.c,
2450 lib/x509_b64.c, lib/x509_b64.h: eliminated last instances of
2451 strcpy() and strcat() to keep pendantics happy.
2453 2011-05-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2455 * doc/cha-intro-tls.texi: update on compatibility issues text.
2457 2011-05-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2459 * lib/pkcs11.c: doc update in gnutls_pkcs11_init()
2461 2011-05-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2463 * doc/cha-preface.texi: removed references that produced nothing in
2466 2011-05-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2468 * doc/cha-intro-tls.texi: Added missing nodes.
2470 2011-05-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2472 * doc/cha-intro-tls.texi: Added discussion on compatibility issues.
2474 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2476 * libextra/gnutls_openssl.c: undef X509_NAME before including
2479 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2481 * NEWS, doc/cha-gtls-app.texi, lib/accelerated/intel/aes-x86.c,
2482 lib/auth/rsa.c, lib/auth/rsa_export.c, lib/auth/srp.c,
2483 lib/gnutls_buffers.c, lib/gnutls_dtls.c, lib/gnutls_errors.c,
2484 lib/gnutls_errors.h, lib/gnutls_global.c, lib/gnutls_global.h,
2485 lib/gnutls_handshake.c, lib/gnutls_record.c,
2486 lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli.c,
2487 src/serv.c: Added gnutls_global_set_audit_log_function() that allows
2488 associating TLS session with several important issues.
2490 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2492 * NEWS, lib/x509/crq.c: updates
2494 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2496 * NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
2497 lib/x509/crq.c, lib/x509/x509_write.c, tests/crq_key_id.c: Added
2498 gnutls_x509_crq_verify().
2500 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2502 * doc/manpages/certtool.1, src/Makefile.am, src/certtool-common.c,
2503 src/certtool-common.h, src/certtool.c, src/common.c,
2504 src/p11common.c, src/p11common.h, src/pkcs11.c: certtool can now
2505 load private keys and public keys from PKCS #11 tokens (via URLs).
2507 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2509 * lib/pkcs11_privkey.c: gnutls_pkcs11_privkey_import_url() will
2510 correctly set algorithm of private key.
2512 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2514 * src/Makefile.am, src/certtool.c, src/p11tool.c: No libgnutls-extra
2515 is required for certtool or p11tool.
2517 2011-05-07 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2519 * tests/rng-fork.c: Do not use /tmp for temporary file. Just use the
2520 local (test) directory.
2522 2011-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2524 * tests/hostname-check.c: Added a check to verify that we don't try
2525 forever trying to verify too many wildcards.
2527 2011-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2529 * THANKS, lib/gnutls_str.c, lib/gnutls_str.h, lib/openpgp/pgp.c,
2530 lib/x509/rfc2818_hostname.c: _gnutls_hostname_compare() was
2531 incredibly slow when over ten wildcards were present. Set a limit on
2532 6 wildcards to avoid any denial of service attack. Reported by Kalle
2535 2011-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2537 * lib/gnutls_str.c, lib/opencdk/misc.c: Use c_toupper to avoid
2538 converting characters non in the english ASCII set. Reported by
2539 Kalle Olavi Niemitalo.
2541 2011-05-05 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2543 * lib/x509/verify-high.c: use > 0 instead of == 1.
2545 2011-05-03 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2547 * .gitignore, NEWS, lib/gnutls_cert.c,
2548 lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/x509.h,
2549 lib/libgnutls.map, lib/x509/verify-high.c, tests/Makefile.am,
2550 tests/x509cert.c: Added gnutls_certificate_get_issuer() to allow
2551 getting the issuer a certificate from the certificate credentials
2554 2011-04-30 Andreas Metzler <ametzler@downhill.at.eu.org>
2556 * doc/manpages/p11tool.1: escape dashes in manpage Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2558 2011-05-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2560 * .gitignore, gl/m4/.gitignore, gl/m4/byteswap.m4,
2561 gl/m4/codeset.m4, gl/m4/fcntl-o.m4, gl/m4/fcntl_h.m4,
2562 gl/m4/func.m4, gl/m4/gettext.m4, gl/m4/glibc2.m4, gl/m4/glibc21.m4,
2563 gl/m4/hmac-md5.m4, gl/m4/iconv.m4, gl/m4/intdiv0.m4, gl/m4/intl.m4,
2564 gl/m4/intldir.m4, gl/m4/intlmacosx.m4, gl/m4/intmax.m4,
2565 gl/m4/inttypes-pri.m4, gl/m4/lcmessage.m4, gl/m4/ld-output-def.m4,
2566 gl/m4/ld-version-script.m4, gl/m4/lock.m4, gl/m4/md5.m4,
2567 gl/m4/memmem.m4, gl/m4/memxor.m4, gl/m4/nls.m4, gl/m4/po.m4,
2568 gl/m4/printf-posix.m4, gl/m4/progtest.m4, gl/m4/strcase.m4,
2569 gl/m4/strdup.m4, gl/m4/strings_h.m4, gl/m4/strverscmp.m4,
2570 gl/m4/threadlib.m4, gl/m4/time_r.m4, gl/m4/uintmax_t.m4,
2571 gl/m4/valgrind-tests.m4, gl/m4/vasprintf.m4, gl/m4/visibility.m4,
2572 gl/m4/vsnprintf.m4, gl/tests/.gitignore, gl/tests/intprops.h,
2573 gl/tests/test-byteswap.c, gl/tests/test-func.c,
2574 gl/tests/test-hmac-md5.c, gl/tests/test-md5.c,
2575 gl/tests/test-strings.c, gl/tests/test-strverscmp.c,
2576 gl/tests/test-u64.c, gl/tests/test-vasprintf.c,
2577 gl/tests/test-vsnprintf.c: Added missing m4 gl files.
2579 2011-05-01 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2581 * NEWS: documented previous updates.
2583 2011-04-30 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2585 * tests/suite/testcompat-main: Check for openssl 1.0.x to test DTLS.
2587 2011-04-28 Ludovic Courtès <ludo@gnu.org>
2589 * guile/modules/Makefile.am, guile/modules/gnutls/build/tests.scm,
2590 guile/tests/anonymous-auth.scm, guile/tests/errors.scm,
2591 guile/tests/openpgp-auth.scm, guile/tests/openpgp-keyring.scm,
2592 guile/tests/openpgp-keys.scm, guile/tests/pkcs-import-export.scm,
2593 guile/tests/session-record-port.scm, guile/tests/srp-base64.scm,
2594 guile/tests/x509-auth.scm, guile/tests/x509-certificates.scm: guile:
2595 Fix tests to match the `exit' behavior introduced in Guile 2.0.1. This fix makes tests behave correctly wrt. to the Guile bug fix at
2597 <http://git.sv.gnu.org/cgit/guile.git/commit/?id=e309f3bf9ee910c4772353ca3ff95f6f4ef466b5>.
2599 2011-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2601 * lib/gnutls.pc.in: removed pakchois dependency
2603 2011-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2605 * NEWS, configure.ac: updated for release
2607 2011-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2609 * tests/x509dn.c: added missing header.
2611 2011-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2613 * lib/accelerated/intel/Makefile.am: pass tag=CC to libtool. It
2614 seems automake cannot really work with assembler sources.
2616 2011-04-23 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2618 * lib/gnutls_pcert.c, lib/openpgp/gnutls_openpgp.c: documentation
2621 2011-04-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2623 * cfg.mk: start counting from 2009 for ChangeLog.
2625 2011-04-22 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2627 * tests/hostname-check.c: Removed incorrect test on IPAddresses (was
2628 relying on IPaddresses encoded as text)
2630 2011-04-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2632 * lib/x509/rfc2818_hostname.c: gnutls_x509_crt_check_hostname() will
2633 never compare against IPaddress. (previous comparison was flawed)
2635 2011-04-21 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2637 * doc/examples/ex-cert-select.c, lib/auth/cert.c, lib/auth/cert.h,
2638 lib/gnutls_cert.c, lib/includes/gnutls/abstract.h,
2639 lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/certtool.c,
2640 src/cli.c, tests/x509dn.c: Added
2641 gnutls_certificate_set_retrieve_function2() to replace
2642 gnutls_certificate_set_retrieve_function(). The new one is a
2643 efficient for busy servers because it eliminates the need for the
2644 server to encode the certificate to DER format.
2646 2011-04-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2648 * lib/gnutls_alert.c, lib/gnutls_errors.c,
2649 lib/includes/gnutls/gnutls.h.in: Added GNUTLS_E_USER_ERROR
2651 2011-04-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2653 * lib/auth/cert.c, lib/ext/signature.c, lib/ext/signature.h,
2654 lib/gnutls_pcert.c, lib/includes/gnutls/abstract.h,
2655 lib/libgnutls.map: Eliminated the need for sign_algo in
2656 gnutls_pcert_st. This means that we don't follow RFC5246 by letter,
2657 but there wasn't any other implementation using the sign_algorithm
2658 part of the certificate selection, and this helps reduce complexity.
2660 2011-04-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2662 * src/cfg/Makefile.am, src/cfg/README: Added readme for libcfg.
2664 2011-04-20 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2666 * configure.ac: No need to check for -maes and -mpclmul with the
2667 current AES-NI code.
2669 2011-04-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2671 * .gitignore: updated
2673 2011-04-17 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2675 * lib/Makefile.am, lib/abstract_int.h, lib/auth/cert.c,
2676 lib/auth/cert.h, lib/auth/dhe.c, lib/auth/rsa.c,
2677 lib/auth/rsa_export.c, lib/auth/srp_rsa.c, lib/ext/signature.c,
2678 lib/ext/signature.h, lib/gnutls_algorithms.c, lib/gnutls_cert.c,
2679 lib/gnutls_cert.h, lib/gnutls_handshake.c, lib/gnutls_int.h,
2680 lib/gnutls_mpi.c, lib/gnutls_pcert.c, lib/gnutls_privkey.c,
2681 lib/gnutls_pubkey.c, lib/gnutls_sig.c, lib/gnutls_sig.h,
2682 lib/gnutls_state.c, lib/gnutls_ui.c, lib/gnutls_x509.c,
2683 lib/gnutls_x509.h, lib/includes/gnutls/abstract.h,
2684 lib/opencdk/pubkey.c, lib/openpgp/gnutls_openpgp.c,
2685 lib/openpgp/gnutls_openpgp.h, lib/openpgp/openpgp_int.h,
2686 lib/openpgp/pgp.c, lib/openpgp/pgpverify.c, lib/openpgp/privkey.c,
2687 lib/pkcs11_int.h, lib/x509/common.h, lib/x509/pkcs12_encr.c,
2688 lib/x509/sign.c, lib/x509/verify-high.c, lib/x509/verify.c,
2689 lib/x509/x509.c, lib/x509/x509_int.h: Combined external abstract API
2690 with internal usage of gnutls_cert. This results to a
2691 gnutls_pcert_st struct exported in abstract.h. This change will allow a certificate retrieval callback that does
2692 not require gnutls to decode or encode the provided certificate.
2694 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2696 * NEWS, lib/gnutls_priority.c: Restored HMAC-MD5 for compatibility.
2697 Although considered weak, several sites require it for connection.
2698 It is enabled for "NORMAL" and "PERFORMANCE" priority strings.
2700 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2702 * lib/accelerated/intel/aes-x86.c: Try to detect AES-NI on Intel and
2705 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2707 * NEWS, configure.ac, lib/accelerated/intel/Makefile.am,
2708 lib/accelerated/intel/README, lib/accelerated/intel/aes-x86.c,
2709 lib/accelerated/intel/asm/appro-aes-x86-64.s,
2710 lib/accelerated/intel/asm/appro-aes-x86.s,
2711 lib/accelerated/intel/asm/x64_iaesx64.s,
2712 lib/accelerated/intel/asm/x86_iaesx86.s,
2713 lib/accelerated/intel/iaes_asm_interface.h,
2714 lib/accelerated/intel/iaesni.h, lib/accelerated/intel/license.txt:
2715 Added Andy Polyakov's version of AES-NI optimizations.
2717 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2719 * .gitignore: more files to ignore
2721 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2723 * src/tests.c: COMP-ZLIB -> COMP-DEFLATE
2725 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2727 * lib/Makefile.am, m4/hooks.m4: Link with pthreads.
2729 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2731 * doc/Makefile.am: read API from new directories as well.
2733 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2735 * lib/accelerated/Makefile.am: corrected filename
2737 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2739 * lib/ext/session_ticket.c: removed conditional compilation
2741 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2743 * lib/ext/session_ticket.h: removed conditional compilation.
2745 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2747 * lib/accelerated/cryptodev.c: use correct header.
2749 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2751 * lib/README: documented directories.
2753 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2755 * lib/Makefile.am, lib/accelerated/Makefile.am,
2756 lib/accelerated/cryptodev.c, lib/accelerated/cryptodev.h,
2757 lib/cryptodev.c, lib/gnutls_cryptodev.h, lib/gnutls_global.c: Moved
2758 cryptodev to accelerated/
2760 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2762 * lib/gnutls_extensions.c, lib/gnutls_handshake.c: Session tickets
2763 are included unconditionally.
2765 2011-04-16 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2767 * configure.ac, lib/Makefile.am, lib/auth/Makefile.am,
2768 lib/auth/anon.c, lib/auth/anon.h, lib/auth/cert.c, lib/auth/cert.h,
2769 lib/auth/dh_common.c, lib/auth/dh_common.h, lib/auth/dhe.c,
2770 lib/auth/dhe_psk.c, lib/auth/psk.c, lib/auth/psk.h,
2771 lib/auth/psk_passwd.c, lib/auth/psk_passwd.h, lib/auth/rsa.c,
2772 lib/auth/rsa_export.c, lib/auth/srp.c, lib/auth/srp.h,
2773 lib/auth/srp_passwd.c, lib/auth/srp_passwd.h, lib/auth/srp_rsa.c,
2774 lib/auth/srp_sb64.c, lib/auth_anon.c, lib/auth_anon.h,
2775 lib/auth_cert.c, lib/auth_cert.h, lib/auth_dh_common.c,
2776 lib/auth_dh_common.h, lib/auth_dhe.c, lib/auth_dhe_psk.c,
2777 lib/auth_psk.c, lib/auth_psk.h, lib/auth_psk_passwd.c,
2778 lib/auth_psk_passwd.h, lib/auth_rsa.c, lib/auth_rsa_export.c,
2779 lib/auth_srp.c, lib/auth_srp.h, lib/auth_srp_passwd.c,
2780 lib/auth_srp_passwd.h, lib/auth_srp_rsa.c, lib/auth_srp_sb64.c,
2781 lib/ext/Makefile.am, lib/ext/cert_type.c, lib/ext/cert_type.h,
2782 lib/ext/max_record.c, lib/ext/max_record.h,
2783 lib/ext/safe_renegotiation.c, lib/ext/safe_renegotiation.h,
2784 lib/ext/server_name.c, lib/ext/server_name.h,
2785 lib/ext/session_ticket.c, lib/ext/session_ticket.h,
2786 lib/ext/signature.c, lib/ext/signature.h, lib/ext/srp.c,
2787 lib/ext/srp.h, lib/ext_cert_type.c, lib/ext_cert_type.h,
2788 lib/ext_max_record.c, lib/ext_max_record.h,
2789 lib/ext_safe_renegotiation.c, lib/ext_safe_renegotiation.h,
2790 lib/ext_server_name.c, lib/ext_server_name.h,
2791 lib/ext_session_ticket.c, lib/ext_session_ticket.h,
2792 lib/ext_signature.c, lib/ext_signature.h, lib/ext_srp.c,
2793 lib/ext_srp.h, lib/gnutls_anon_cred.c, lib/gnutls_auth.c,
2794 lib/gnutls_cert.c, lib/gnutls_extensions.c, lib/gnutls_handshake.c,
2795 lib/gnutls_psk.c, lib/gnutls_record.c, lib/gnutls_session_pack.c,
2796 lib/gnutls_sig.c, lib/gnutls_srp.c, lib/gnutls_state.c,
2797 lib/gnutls_ui.c, lib/gnutls_x509.c, lib/openpgp/gnutls_openpgp.h,
2798 m4/hooks.m4: The auth_ and ext_ files were moved to respective
2801 2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2803 * doc/cha-intro-tls.texi: Reorganized sections in documentation.
2805 2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2807 * doc/examples/ex-cxx.cpp: removed unneeded comment.
2809 2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2811 * tests/cve-2009-1416.c, tests/pkcs12_s2k_pem.c: Added missing
2814 2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2816 * tests/suite/Makefile.am, tests/suite/chain, tests/suite/testbig,
2817 tests/suite/testbig-main, tests/suite/testcompat,
2818 tests/suite/testcompat-main, tests/suite/x509paths/.gitignore,
2819 tests/suite/x509paths/README, tests/x509paths/README,
2820 tests/x509paths/chain: x509paths tests moved to suite/.
2822 2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2824 * tests/certs/cert-rsa-2432.pem, tests/certs/rsa-2432.pem,
2825 tests/scripts/common.sh, tests/suite/Makefile.am,
2826 tests/suite/testbig, tests/suite/testbig-main: Added
2827 interoperability tests with openssl.
2829 2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2831 * lib/gnutls_buffers.c: Corrected SSLv2 header parsing.
2833 2011-04-15 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2835 * doc/credentials/x509-server-dsa.pem,
2836 doc/credentials/x509-server-key-dsa.pem: corrected illegal DSA key.
2838 2011-04-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2840 * tests/suite/Makefile.am, tests/suite/testsrn: Enabled the extra
2841 safe renegotiation tests.
2843 2011-04-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2845 * m4/hooks.m4: removed opaque PRF from m4.
2847 2011-04-14 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2849 * lib/gnutls_buffers.c: removed text about select().
2851 2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2853 * configure.ac, lib/Makefile.am: check for libdl that pakchois
2856 2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2858 * lib/Makefile.am, lib/pakchois/README: Added readme about pakchois
2859 and removed checks for pakchois in Makefile.am.
2861 2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2863 * configure.ac, m4/hooks.m4: Reorganization in configure file.
2864 Pakchois is not longer checked for being present. The included
2865 version is always used.
2867 2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2869 * gl/.gitignore, gl/asprintf.c, gl/byteswap.in.h, gl/hmac-md5.c,
2870 gl/hmac.h, gl/md5.c, gl/md5.h, gl/memmem.c, gl/memxor.c,
2871 gl/memxor.h, gl/str-two-way.h, gl/strcasecmp.c, gl/strdup.c,
2872 gl/strings.in.h, gl/strncasecmp.c, gl/strverscmp.c, gl/time_r.c,
2873 gl/u64.h, gl/unistd.h, gl/vasprintf.c, gl/vsnprintf.c,
2874 gl/warn-on-use.h, gl/wchar.h: Added missing gnulib files
2876 2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2878 * lib/crypto-api.c: Added missing const.
2880 2011-04-12 Ludovic Courtès <ludo@gnu.org>
2882 * NEWS, src/certtool-common.c, src/certtool.c, src/p11tool.c,
2883 tests/crq_key_id.c, tests/cve-2009-1416.c, tests/pkcs12_s2k_pem.c:
2884 Don't include <gcrypt.h> when it's not needed.
2886 2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2888 * doc/cha-internals.texi: fixed and updates in documentation
2890 2011-04-13 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2892 * doc/gnutls-crypto-layers.eps: Updated crypto layers documentation.
2894 2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2896 * NEWS, lib/accelerated/intel/Makefile.am,
2897 lib/accelerated/intel/aes-x86.c,
2898 lib/accelerated/intel/asm/x64_do_rdtsc.s,
2899 lib/accelerated/intel/asm/x86_do_rdtsc.s, tests/cipher-test.c:
2900 Updates in the AES-NI accelerator.
2902 2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2904 * lib/crypto-api.c, lib/includes/gnutls/crypto.h, lib/libgnutls.map:
2905 Added gnutls_cipher_set_iv().
2907 2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2909 * tests/Makefile.am, tests/cipher-test.c: Added test vectors for
2912 2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2914 * lib/accelerated/intel/aes-x86.c, lib/crypto.c,
2915 lib/includes/gnutls/crypto.h: Increased priority of CPU assisted
2918 2011-04-12 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2920 * src/cli.c: Do not rely on lowat being set.
2922 2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2924 * lib/accelerated/Makefile.am, lib/accelerated/intel/Makefile.am,
2925 lib/accelerated/intel/README: Added README explaining the usage of
2928 2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2930 * lib/gnutls_buffers.c: Corrected parsing error in TLS, when many
2931 handshake messages were packed in a single record message.
2933 2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2935 * .gitignore, configure.ac, lib/accelerated/Makefile.am,
2936 lib/accelerated/accelerated.c, lib/accelerated/aes-x86.c,
2937 lib/accelerated/aes-x86.h, lib/accelerated/intel/Makefile.am,
2938 lib/accelerated/intel/aes-x86.c, lib/accelerated/intel/aes-x86.h,
2939 lib/accelerated/intel/asm/x64_do_rdtsc.s,
2940 lib/accelerated/intel/asm/x64_iaesx64.s,
2941 lib/accelerated/intel/asm/x86_do_rdtsc.s,
2942 lib/accelerated/intel/asm/x86_iaesx86.s,
2943 lib/accelerated/intel/iaes_asm_interface.h,
2944 lib/accelerated/intel/iaesni.h, lib/accelerated/intel/license.txt,
2945 m4/gcc.m4: fixes in acceleration detection. Added Intel's library
2946 code for AES-NI acceleration.
2948 2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2950 * guile/modules/gnutls/build/enums.scm, lib/libgnutls.map,
2951 libextra/Makefile.am: Purged all references of LZO.
2953 2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2955 * configure.ac: removed duplicate test
2957 2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2959 * doc/examples/ex-cxx.cpp, gl/time.in.h: No need to under restrict
2960 for C++. Only use config.h.
2962 2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2964 * NEWS, lib/includes/gnutls/gnutls.h.in, lib/system_override.c:
2965 gnutls_transport_set_global_errno() is no more.
2967 2011-04-11 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2969 * tests/eagain-common.h, tests/safe-renegotiation/Makefile.am,
2970 tests/safe-renegotiation/srn0.c, tests/safe-renegotiation/srn1.c,
2971 tests/safe-renegotiation/srn2.c, tests/safe-renegotiation/srn3.c,
2972 tests/safe-renegotiation/srn4.c, tests/safe-renegotiation/srn5.c:
2973 Combined the safe renegotiation tests with the again-common lib.
2975 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2977 * NEWS, configure.ac, doc/cha-intro-tls.texi, doc/cha-preface.texi,
2978 doc/cha-programs.texi, lib/gnutls_compress.c, lib/gnutls_errors.c,
2979 lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in,
2980 lib/libgnutls.map, libextra/gnutls_extra.c, m4/hooks.m4: Support for
2983 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2985 * NEWS, configure.ac: bumped version
2987 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2989 * .gitignore, gl/time.h, gl/time.in.h: updated time.h.in
2991 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
2993 * lib/gnutls_algorithms.c, lib/gnutls_dtls.c, lib/gnutls_mem.c,
2994 lib/gnutls_psk.c, lib/gnutls_record.c,
2995 lib/includes/gnutls/gnutls.h.in, lib/pkcs11.c,
2996 lib/pkcs11_privkey.c, lib/x509/verify-high.c, lib/x509/verify.c:
2997 Corrected documentation of several API functions.
2999 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3001 * doc/cha-gtls-app.texi, doc/cha-library.texi: documentation
3004 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3006 * doc/scripts/gdoc, doc/scripts/sort2.pl: remove perl warnings from
3009 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3011 * configure.ac, lib/Makefile.am, lib/accelerated/Makefile.am,
3012 lib/accelerated/accelerated.c, lib/accelerated/accelerated.h,
3013 lib/accelerated/aes-x86.c, lib/accelerated/aes-x86.h,
3014 lib/accelerated/x86.h, lib/gnutls_global.c, m4/gcc.m4: Added support
3015 for x86 intel AES instruction acceleration if detected.
3017 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3019 * gl/time.h, gl/unistd.h, gl/warn-on-use.h, gl/wchar.h: Added gl/
3022 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3024 * cfg.mk: corrected po directory and build-aux paths.
3026 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3028 * doc/examples/Makefile.am: include gnulib files.
3030 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3032 * doc/TODO: updated TODO
3034 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3036 * tests/openpgp-certs/testselfsigs: Use --infile in certtool to
3037 avoid issues with streams in windows. Patch by LRN.
3039 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3041 * lib/opencdk/armor.c: Changes armor.c to be able to handle both LF
3042 and CRLF inputs (output is still either LF-only or CRLF-only
3043 depending on the platform). Patch by LRN. Optimizations in the usage of strlen().
3045 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3047 * src/cli.c, src/psk.c, src/serv.c, src/srptool.c, src/tests.c:
3048 Define variables within the intended scope (not windows). Based on
3051 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3053 * doc/examples/ex-cert-select-pkcs11.c, src/common.c, src/pkcs11.c:
3054 Use getpass.h (from gnulib). Patch by LRN.
3056 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3058 * lib/pakchois/dlopen.c: Return correct value for dlclose() in
3059 windows. Patch by LRN.
3061 2011-04-10 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3063 * tests/openpgp-auth.c: Disable openpgp-auth run in windows due to
3064 lack of socketpair(). Patch by LRN.
3066 2011-04-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3068 * Makefile.am: gl before lib or libextra
3070 2011-04-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3072 * ChangeLog: generated
3074 2011-04-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3078 2011-04-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3080 * .gitignore, doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
3081 doc/examples/Makefile.am, doc/examples/ex-client-udp.c,
3082 doc/examples/udp.c, lib/gnutls_state.c: Added documentation for
3085 2011-04-09 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3089 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3091 * tests/chainverify.c: disable test in windows.
3093 2011-04-08 Nikos Mavrogiannopoulos <nmav@gnutls.org>
3095 * tests/mini-x509-rehandshake.c, tests/openpgp-auth.c,
projects / gnutls:gnutls.git / blob