Added support for RFC7366 (encrypt then authenticate)
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 3 Nov 2014 13:23:48 +0000 (14:23 +0100)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Mon, 3 Nov 2014 16:09:01 +0000 (17:09 +0100)
commite93cef18471962b001dac0f792cb569f1a4cde58
treea8e33fc6c302a7126fc177d1f4a8f0e16fabf52b
parente29d027872fb61a6e7117d3b920626bbc638ac64
Added support for RFC7366 (encrypt then authenticate)

It implements a revised version of RFC7366, to avoid interoperability
issues: http://www.ietf.org/mail-archive/web/tls/current/msg14349.html
This is currently enabled by default, unless %NO_ETM, or %COMPAT
is specified.
17 files changed:
doc/cha-gtls-app.texi
lib/ext/Makefile.am
lib/ext/etm.c [new file with mode: 0644]
lib/ext/etm.h [new file with mode: 0644]
lib/gnutls_buffers.c
lib/gnutls_cipher.c
lib/gnutls_cipher_int.c
lib/gnutls_cipher_int.h
lib/gnutls_constate.c
lib/gnutls_extensions.c
lib/gnutls_int.h
lib/gnutls_priority.c
lib/gnutls_session_pack.c
lib/includes/gnutls/gnutls.h.in
lib/libgnutls.map
lib/priority_options.gperf
src/common.c