gnutls:gnutls.git
11 years agoUpdate gnulib files.
Simon Josefsson [Fri, 20 May 2011 20:37:02 +0000 (22:37 +0200)]
Update gnulib files.

11 years agoclient side ECC fixes.
Nikos Mavrogiannopoulos [Fri, 20 May 2011 19:07:31 +0000 (21:07 +0200)]
client side ECC fixes.

11 years agocorrected debugging.
Nikos Mavrogiannopoulos [Fri, 20 May 2011 19:07:12 +0000 (21:07 +0200)]
corrected debugging.

11 years agoAccount 'A' in calculations for point doubling.
Nikos Mavrogiannopoulos [Fri, 20 May 2011 18:50:03 +0000 (20:50 +0200)]
Account 'A' in calculations for point doubling.

11 years agoAdded new gnulib and error.h.
Nikos Mavrogiannopoulos [Fri, 20 May 2011 10:50:01 +0000 (12:50 +0200)]
Added new gnulib and error.h.

11 years agoremoved debugging.
Nikos Mavrogiannopoulos [Fri, 20 May 2011 10:49:54 +0000 (12:49 +0200)]
removed debugging.

11 years agoadded error.h
Nikos Mavrogiannopoulos [Fri, 20 May 2011 10:42:47 +0000 (12:42 +0200)]
added error.h

11 years agoInitial ecc support. Adds support for anonymous ECDH ciphersuites.
Nikos Mavrogiannopoulos [Mon, 16 May 2011 20:20:17 +0000 (22:20 +0200)]
Initial ecc support. Adds support for anonymous ECDH ciphersuites.

11 years agomore win32 fixes.
Nikos Mavrogiannopoulos [Tue, 17 May 2011 20:54:58 +0000 (22:54 +0200)]
more win32 fixes.

11 years agocorrections in win32 version.
Nikos Mavrogiannopoulos [Tue, 17 May 2011 20:49:38 +0000 (22:49 +0200)]
corrections in win32 version.

11 years agoSome debugging moved to a higher level.
Nikos Mavrogiannopoulos [Tue, 17 May 2011 14:14:48 +0000 (16:14 +0200)]
Some debugging moved to a higher level.

11 years agoAdded benchmark utility that tests the encryption time in TLS packets.
Nikos Mavrogiannopoulos [Tue, 17 May 2011 11:12:07 +0000 (13:12 +0200)]
Added benchmark utility that tests the encryption time in TLS packets.

11 years agocorrected message reporting.
Nikos Mavrogiannopoulos [Mon, 16 May 2011 22:21:38 +0000 (00:21 +0200)]
corrected message reporting.

11 years agoCorrected PIN caching.
Nikos Mavrogiannopoulos [Mon, 16 May 2011 21:45:37 +0000 (23:45 +0200)]
Corrected PIN caching.

11 years agoassign value
Nikos Mavrogiannopoulos [Mon, 16 May 2011 20:29:45 +0000 (22:29 +0200)]
assign value

11 years agoreduce the repetitions for rabin-miller to a sensible value.
Nikos Mavrogiannopoulos [Sun, 15 May 2011 22:17:25 +0000 (00:17 +0200)]
reduce the repetitions for rabin-miller to a sensible value.

11 years agodiscuss missing algorithms.
Nikos Mavrogiannopoulos [Sat, 14 May 2011 17:49:54 +0000 (19:49 +0200)]
discuss missing algorithms.

11 years agoupdated
Nikos Mavrogiannopoulos [Tue, 10 May 2011 13:13:13 +0000 (15:13 +0200)]
updated

11 years agoCorrectly import and export pkcs11-urls with ID field set.
Nikos Mavrogiannopoulos [Tue, 10 May 2011 10:19:09 +0000 (12:19 +0200)]
Correctly import and export pkcs11-urls with ID field set.

11 years agoeliminated last instances of strcpy() and strcat() to keep pendantics happy.
Nikos Mavrogiannopoulos [Tue, 10 May 2011 08:59:45 +0000 (10:59 +0200)]
eliminated last instances of strcpy() and strcat() to keep pendantics happy.

11 years agoupdate on compatibility issues text.
Nikos Mavrogiannopoulos [Mon, 9 May 2011 17:12:16 +0000 (19:12 +0200)]
update on compatibility issues text.

11 years agodoc update in gnutls_pkcs11_init()
Nikos Mavrogiannopoulos [Mon, 9 May 2011 17:10:16 +0000 (19:10 +0200)]
doc update in gnutls_pkcs11_init()

11 years agoremoved references that produced nothing in pdf.
Nikos Mavrogiannopoulos [Sun, 8 May 2011 08:11:45 +0000 (10:11 +0200)]
removed references that produced nothing in pdf.

11 years agoAdded missing nodes.
Nikos Mavrogiannopoulos [Sun, 8 May 2011 08:02:56 +0000 (10:02 +0200)]
Added missing nodes.

11 years agoAdded discussion on compatibility issues.
Nikos Mavrogiannopoulos [Sun, 8 May 2011 07:52:39 +0000 (09:52 +0200)]
Added discussion on compatibility issues.

11 years agoundef X509_NAME before including openssl.h.
Nikos Mavrogiannopoulos [Sat, 7 May 2011 21:34:07 +0000 (23:34 +0200)]
undef X509_NAME before including openssl.h.

11 years agoAdded gnutls_global_set_audit_log_function() that allows associating TLS session...
Nikos Mavrogiannopoulos [Sat, 7 May 2011 19:28:23 +0000 (21:28 +0200)]
Added gnutls_global_set_audit_log_function() that allows associating TLS session with several important issues.

11 years agoupdates
Nikos Mavrogiannopoulos [Sat, 7 May 2011 16:50:22 +0000 (18:50 +0200)]
updates

11 years agoAdded gnutls_x509_crq_verify().
Nikos Mavrogiannopoulos [Sat, 7 May 2011 16:44:21 +0000 (18:44 +0200)]
Added gnutls_x509_crq_verify().

11 years agocerttool can now load private keys and public keys from PKCS #11 tokens (via URLs).
Nikos Mavrogiannopoulos [Sat, 7 May 2011 10:52:41 +0000 (12:52 +0200)]
certtool can now load private keys and public keys from PKCS #11 tokens (via URLs).

11 years agognutls_pkcs11_privkey_import_url() will correctly set algorithm of private key.
Nikos Mavrogiannopoulos [Sat, 7 May 2011 09:44:13 +0000 (11:44 +0200)]
gnutls_pkcs11_privkey_import_url() will correctly set algorithm of private key.

11 years agoNo libgnutls-extra is required for certtool or p11tool.
Nikos Mavrogiannopoulos [Sat, 7 May 2011 07:48:00 +0000 (09:48 +0200)]
No libgnutls-extra is required for certtool or p11tool.

11 years agoDo not use /tmp for temporary file. Just use the local (test) directory.
Nikos Mavrogiannopoulos [Fri, 6 May 2011 23:12:51 +0000 (01:12 +0200)]
Do not use /tmp for temporary file. Just use the local (test) directory.

11 years agoAdded a check to verify that we don't try forever trying to verify too many wildcards.
Nikos Mavrogiannopoulos [Thu, 5 May 2011 20:56:15 +0000 (22:56 +0200)]
Added a check to verify that we don't try forever trying to verify too many wildcards.

11 years ago_gnutls_hostname_compare() was incredibly slow when over ten wildcards were present...
Nikos Mavrogiannopoulos [Thu, 5 May 2011 20:31:05 +0000 (22:31 +0200)]
_gnutls_hostname_compare() was incredibly slow when over ten wildcards were present. Set a limit on 6 wildcards to avoid any denial of service attack. Reported by Kalle Olavi Niemitalo.

11 years agoUse c_toupper to avoid converting characters non in the english ASCII set. Reported...
Nikos Mavrogiannopoulos [Thu, 5 May 2011 20:17:28 +0000 (22:17 +0200)]
Use c_toupper to avoid converting characters non in the english ASCII set. Reported by Kalle Olavi Niemitalo.

11 years agouse > 0 instead of == 1.
Nikos Mavrogiannopoulos [Thu, 5 May 2011 20:09:45 +0000 (22:09 +0200)]
use > 0 instead of == 1.

11 years agoAdded gnutls_certificate_get_issuer() to allow getting the issuer a certificate from...
Nikos Mavrogiannopoulos [Tue, 3 May 2011 12:07:08 +0000 (14:07 +0200)]
Added gnutls_certificate_get_issuer() to allow getting the issuer a certificate from the certificate credentials structure.

11 years agoescape dashes in manpage
Andreas Metzler [Sat, 30 Apr 2011 13:32:33 +0000 (15:32 +0200)]
escape dashes in manpage

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoAdded missing m4 gl files.
Nikos Mavrogiannopoulos [Sun, 1 May 2011 09:32:10 +0000 (11:32 +0200)]
Added missing m4 gl files.

11 years agodocumented previous updates.
Nikos Mavrogiannopoulos [Sun, 1 May 2011 09:23:41 +0000 (11:23 +0200)]
documented previous updates.

11 years agoCheck for openssl 1.0.x to test DTLS.
Nikos Mavrogiannopoulos [Sat, 30 Apr 2011 20:28:24 +0000 (22:28 +0200)]
Check for openssl 1.0.x to test DTLS.

11 years agoguile: Fix tests to match the `exit' behavior introduced in Guile 2.0.1.
Ludovic Courtès [Thu, 28 Apr 2011 17:41:08 +0000 (19:41 +0200)]
guile: Fix tests to match the `exit' behavior introduced in Guile 2.0.1.

This fix makes tests behave correctly wrt. to the Guile bug fix at
<http://git.sv.gnu.org/cgit/guile.git/commit/?id=e309f3bf9ee910c4772353ca3ff95f6f4ef466b5>.

11 years agoremoved pakchois dependency
Nikos Mavrogiannopoulos [Sat, 23 Apr 2011 14:59:47 +0000 (16:59 +0200)]
removed pakchois dependency

11 years agoupdated for release gnutls_2_99_1
Nikos Mavrogiannopoulos [Sat, 23 Apr 2011 08:54:47 +0000 (10:54 +0200)]
updated for release

11 years agoadded missing header.
Nikos Mavrogiannopoulos [Sat, 23 Apr 2011 08:54:39 +0000 (10:54 +0200)]
added missing header.

11 years agopass tag=CC to libtool. It seems automake cannot really work with assembler sources.
Nikos Mavrogiannopoulos [Sat, 23 Apr 2011 08:46:16 +0000 (10:46 +0200)]
pass tag=CC to libtool. It seems automake cannot really work with assembler sources.

11 years agodocumentation fixes.
Nikos Mavrogiannopoulos [Sat, 23 Apr 2011 08:08:39 +0000 (10:08 +0200)]
documentation fixes.

11 years agostart counting from 2009 for ChangeLog.
Nikos Mavrogiannopoulos [Fri, 22 Apr 2011 12:14:18 +0000 (14:14 +0200)]
start counting from 2009 for ChangeLog.

11 years agoRemoved incorrect test on IPAddresses (was relying on IPaddresses encoded as text)
Nikos Mavrogiannopoulos [Fri, 22 Apr 2011 12:01:38 +0000 (14:01 +0200)]
Removed incorrect test on IPAddresses (was relying on IPaddresses encoded as text)

11 years agognutls_x509_crt_check_hostname() will never compare against IPaddress.
Nikos Mavrogiannopoulos [Thu, 21 Apr 2011 16:51:56 +0000 (18:51 +0200)]
gnutls_x509_crt_check_hostname() will never compare against IPaddress.
(previous comparison was flawed)

11 years agoAdded gnutls_certificate_set_retrieve_function2() to replace
Nikos Mavrogiannopoulos [Wed, 20 Apr 2011 22:21:56 +0000 (00:21 +0200)]
Added gnutls_certificate_set_retrieve_function2() to replace
gnutls_certificate_set_retrieve_function(). The new one is a
efficient for busy servers because it eliminates the need
for the server to encode the certificate to DER format.

11 years agoAdded GNUTLS_E_USER_ERROR
Nikos Mavrogiannopoulos [Wed, 20 Apr 2011 18:08:12 +0000 (20:08 +0200)]
Added GNUTLS_E_USER_ERROR

11 years agoEliminated the need for sign_algo in gnutls_pcert_st. This means
Nikos Mavrogiannopoulos [Wed, 20 Apr 2011 17:45:20 +0000 (19:45 +0200)]
Eliminated the need for sign_algo in gnutls_pcert_st. This means
that we don't follow RFC5246 by letter, but there wasn't any other
implementation using the sign_algorithm part of the certificate
selection, and this helps reduce complexity.

11 years agoAdded readme for libcfg.
Nikos Mavrogiannopoulos [Wed, 20 Apr 2011 17:31:11 +0000 (19:31 +0200)]
Added readme for libcfg.

11 years agoNo need to check for -maes and -mpclmul with the current AES-NI code.
Nikos Mavrogiannopoulos [Wed, 20 Apr 2011 17:26:08 +0000 (19:26 +0200)]
No need to check for -maes and -mpclmul with the current AES-NI code.

11 years agoupdated
Nikos Mavrogiannopoulos [Sun, 17 Apr 2011 21:54:59 +0000 (23:54 +0200)]
updated

11 years agoCombined external abstract API with internal usage of gnutls_cert.
Nikos Mavrogiannopoulos [Sun, 17 Apr 2011 10:13:46 +0000 (12:13 +0200)]
Combined external abstract API with internal usage of gnutls_cert.
This results to a gnutls_pcert_st struct exported in abstract.h.

This change will allow a certificate retrieval callback that
does not require gnutls to decode or encode the provided certificate.

11 years agoRestored HMAC-MD5 for compatibility. Although considered weak, several sites require...
Nikos Mavrogiannopoulos [Sat, 16 Apr 2011 20:46:56 +0000 (22:46 +0200)]
Restored HMAC-MD5 for compatibility. Although considered weak, several sites require it for connection. It is enabled for "NORMAL" and "PERFORMANCE" priority strings.

11 years agoTry to detect AES-NI on Intel and AMD machines only.
Nikos Mavrogiannopoulos [Sat, 16 Apr 2011 18:10:34 +0000 (20:10 +0200)]
Try to detect AES-NI on Intel and AMD machines only.

11 years agoAdded Andy Polyakov's version of AES-NI optimizations.
Nikos Mavrogiannopoulos [Sat, 16 Apr 2011 16:39:29 +0000 (18:39 +0200)]
Added Andy Polyakov's version of AES-NI optimizations.

11 years agomore files to ignore
Nikos Mavrogiannopoulos [Sat, 16 Apr 2011 16:11:33 +0000 (18:11 +0200)]
more files to ignore

11 years agoCOMP-ZLIB -> COMP-DEFLATE
Nikos Mavrogiannopoulos [Sat, 16 Apr 2011 16:05:31 +0000 (18:05 +0200)]
COMP-ZLIB -> COMP-DEFLATE

11 years agoLink with pthreads.
Nikos Mavrogiannopoulos [Sat, 16 Apr 2011 15:52:00 +0000 (17:52 +0200)]
Link with pthreads.

11 years agoread API from new directories as well.
Nikos Mavrogiannopoulos [Sat, 16 Apr 2011 14:18:47 +0000 (16:18 +0200)]
read API from new directories as well.

11 years agocorrected filename
Nikos Mavrogiannopoulos [Sat, 16 Apr 2011 14:14:58 +0000 (16:14 +0200)]
corrected filename

11 years agoremoved conditional compilation
Nikos Mavrogiannopoulos [Sat, 16 Apr 2011 14:12:57 +0000 (16:12 +0200)]
removed conditional compilation

11 years agoremoved conditional compilation.
Nikos Mavrogiannopoulos [Sat, 16 Apr 2011 12:08:47 +0000 (14:08 +0200)]
removed conditional compilation.

11 years agouse correct header.
Nikos Mavrogiannopoulos [Sat, 16 Apr 2011 12:07:05 +0000 (14:07 +0200)]
use correct header.

11 years agodocumented directories.
Nikos Mavrogiannopoulos [Fri, 15 Apr 2011 22:48:54 +0000 (00:48 +0200)]
documented directories.

11 years agoMoved cryptodev to accelerated/
Nikos Mavrogiannopoulos [Fri, 15 Apr 2011 22:48:46 +0000 (00:48 +0200)]
Moved cryptodev to accelerated/

11 years agoSession tickets are included unconditionally.
Nikos Mavrogiannopoulos [Fri, 15 Apr 2011 22:39:15 +0000 (00:39 +0200)]
Session tickets are included unconditionally.

11 years agoThe auth_ and ext_ files were moved to respective directories.
Nikos Mavrogiannopoulos [Fri, 15 Apr 2011 22:38:08 +0000 (00:38 +0200)]
The auth_ and ext_ files were moved to respective directories.

11 years agoReorganized sections in documentation.
Nikos Mavrogiannopoulos [Fri, 15 Apr 2011 16:23:17 +0000 (18:23 +0200)]
Reorganized sections in documentation.

11 years agoremoved unneeded comment.
Nikos Mavrogiannopoulos [Fri, 15 Apr 2011 16:15:51 +0000 (18:15 +0200)]
removed unneeded comment.

11 years agoAdded missing headers.
Nikos Mavrogiannopoulos [Fri, 15 Apr 2011 07:49:39 +0000 (09:49 +0200)]
Added missing headers.

11 years agox509paths tests moved to suite/.
Nikos Mavrogiannopoulos [Fri, 15 Apr 2011 07:47:09 +0000 (09:47 +0200)]
x509paths tests moved to suite/.

11 years agoAdded interoperability tests with openssl.
Nikos Mavrogiannopoulos [Fri, 15 Apr 2011 07:27:55 +0000 (09:27 +0200)]
Added interoperability tests with openssl.

11 years agoCorrected SSLv2 header parsing.
Nikos Mavrogiannopoulos [Fri, 15 Apr 2011 07:27:10 +0000 (09:27 +0200)]
Corrected SSLv2 header parsing.

11 years agocorrected illegal DSA key.
Nikos Mavrogiannopoulos [Fri, 15 Apr 2011 07:26:28 +0000 (09:26 +0200)]
corrected illegal DSA key.

11 years agoEnabled the extra safe renegotiation tests.
Nikos Mavrogiannopoulos [Thu, 14 Apr 2011 20:01:43 +0000 (22:01 +0200)]
Enabled the extra safe renegotiation tests.

11 years agoremoved opaque PRF from m4.
Nikos Mavrogiannopoulos [Thu, 14 Apr 2011 19:37:56 +0000 (21:37 +0200)]
removed opaque PRF from m4.

11 years agoremoved text about select().
Nikos Mavrogiannopoulos [Thu, 14 Apr 2011 15:13:07 +0000 (17:13 +0200)]
removed text about select().

11 years agocheck for libdl that pakchois needs.
Nikos Mavrogiannopoulos [Wed, 13 Apr 2011 18:17:15 +0000 (20:17 +0200)]
check for libdl that pakchois needs.

11 years agoAdded readme about pakchois and removed checks
Nikos Mavrogiannopoulos [Wed, 13 Apr 2011 18:00:20 +0000 (20:00 +0200)]
Added readme about pakchois and removed checks
for pakchois in Makefile.am.

11 years agoReorganization in configure file.
Nikos Mavrogiannopoulos [Wed, 13 Apr 2011 17:58:36 +0000 (19:58 +0200)]
Reorganization in configure file.
Pakchois is not longer checked for being present. The included version
is always used.

11 years agoAdded missing gnulib files
Nikos Mavrogiannopoulos [Wed, 13 Apr 2011 17:58:08 +0000 (19:58 +0200)]
Added missing gnulib files

11 years agoAdded missing const.
Nikos Mavrogiannopoulos [Wed, 13 Apr 2011 17:50:28 +0000 (19:50 +0200)]
Added missing const.

11 years agoDon't include <gcrypt.h> when it's not needed.
Ludovic Courtès [Tue, 12 Apr 2011 21:36:09 +0000 (23:36 +0200)]
Don't include <gcrypt.h> when it's not needed.

11 years agofixed and updates in documentation
Nikos Mavrogiannopoulos [Wed, 13 Apr 2011 15:27:44 +0000 (17:27 +0200)]
fixed and updates in documentation

11 years agoUpdated crypto layers documentation.
Nikos Mavrogiannopoulos [Wed, 13 Apr 2011 15:16:07 +0000 (17:16 +0200)]
Updated crypto layers documentation.

11 years agoUpdates in the AES-NI accelerator.
Nikos Mavrogiannopoulos [Tue, 12 Apr 2011 11:44:51 +0000 (13:44 +0200)]
Updates in the AES-NI accelerator.

11 years agoAdded gnutls_cipher_set_iv().
Nikos Mavrogiannopoulos [Tue, 12 Apr 2011 10:18:02 +0000 (12:18 +0200)]
Added gnutls_cipher_set_iv().

11 years agoAdded test vectors for AES,SHAxxx and MD5.
Nikos Mavrogiannopoulos [Tue, 12 Apr 2011 10:11:51 +0000 (12:11 +0200)]
Added test vectors for AES,SHAxxx and MD5.

11 years agoIncreased priority of CPU assisted ciphers.
Nikos Mavrogiannopoulos [Tue, 12 Apr 2011 10:10:59 +0000 (12:10 +0200)]
Increased priority of CPU assisted ciphers.

11 years agoDo not rely on lowat being set.
Nikos Mavrogiannopoulos [Tue, 12 Apr 2011 09:57:02 +0000 (11:57 +0200)]
Do not rely on lowat being set.

11 years agoAdded README explaining the usage of Intel AES library.
Nikos Mavrogiannopoulos [Mon, 11 Apr 2011 21:16:50 +0000 (23:16 +0200)]
Added README explaining the usage of Intel AES library.

11 years agoCorrected parsing error in TLS, when many handshake messages
Nikos Mavrogiannopoulos [Mon, 11 Apr 2011 18:38:18 +0000 (20:38 +0200)]
Corrected parsing error in TLS, when many handshake messages
were packed in a single record message.

11 years agofixes in acceleration detection.
Nikos Mavrogiannopoulos [Mon, 11 Apr 2011 14:26:35 +0000 (16:26 +0200)]
fixes in acceleration detection.
Added Intel's library code for AES-NI acceleration.

11 years agoPurged all references of LZO.
Nikos Mavrogiannopoulos [Mon, 11 Apr 2011 07:10:02 +0000 (09:10 +0200)]
Purged all references of LZO.