gnutls:gnutls.git
12 years agoUpdate gnulib files.
Simon Josefsson [Tue, 26 Jan 2010 17:41:32 +0000 (18:41 +0100)]
Update gnulib files.

12 years agoAdded copyright notices!
Nikos Mavrogiannopoulos [Tue, 26 Jan 2010 16:54:38 +0000 (17:54 +0100)]
Added copyright notices!

12 years agoGenerated.
Simon Josefsson [Tue, 26 Jan 2010 15:19:58 +0000 (16:19 +0100)]
Generated.

12 years agoImprove.
Simon Josefsson [Tue, 26 Jan 2010 15:18:35 +0000 (16:18 +0100)]
Improve.

12 years agoIgnore more.
Simon Josefsson [Tue, 26 Jan 2010 15:06:40 +0000 (16:06 +0100)]
Ignore more.

12 years agoUpdate gnulib files.
Simon Josefsson [Tue, 26 Jan 2010 14:49:33 +0000 (15:49 +0100)]
Update gnulib files.

12 years agoUpdate gnulib files.
Simon Josefsson [Tue, 26 Jan 2010 14:48:47 +0000 (15:48 +0100)]
Update gnulib files.

12 years agoFix.
Simon Josefsson [Tue, 26 Jan 2010 14:46:18 +0000 (15:46 +0100)]
Fix.

12 years agoUpdate gnulib files.
Simon Josefsson [Tue, 26 Jan 2010 14:45:54 +0000 (15:45 +0100)]
Update gnulib files.

12 years agoFix
Simon Josefsson [Tue, 26 Jan 2010 14:45:36 +0000 (15:45 +0100)]
Fix

12 years agoUpdate gnulib files.
Simon Josefsson [Tue, 26 Jan 2010 14:43:17 +0000 (15:43 +0100)]
Update gnulib files.

12 years agoUpdate gnulib files.
Simon Josefsson [Tue, 26 Jan 2010 14:39:52 +0000 (15:39 +0100)]
Update gnulib files.

12 years agoDocumented addition of new priority strings.
Nikos Mavrogiannopoulos [Fri, 22 Jan 2010 21:40:37 +0000 (22:40 +0100)]
Documented addition of new priority strings.

12 years agoDocumented Steve Dispensa's patch addition.
Nikos Mavrogiannopoulos [Fri, 22 Jan 2010 21:36:23 +0000 (22:36 +0100)]
Documented Steve Dispensa's patch addition.

12 years agoAdded tests for new behaviour of client.
Nikos Mavrogiannopoulos [Fri, 22 Jan 2010 21:27:35 +0000 (22:27 +0100)]
Added tests for new behaviour of client.

12 years agoRevert "Always allow initial negotiation. Disable subsequent unsafe renegotiations."
Nikos Mavrogiannopoulos [Fri, 22 Jan 2010 21:21:16 +0000 (22:21 +0100)]
Revert "Always allow initial negotiation. Disable subsequent unsafe renegotiations."
This reverts commit 1e4981cfbec360a19cfb7470ce96093aaa95b32e.

Ah, this was to twart the attack (description by Daniel Kahn Gilmor):
The problem, as i understand it, is that the client is incapable of
telling whether the plaintext prefix injection attack has already
happened.  I don't think disabling renegotiation for the session
resolves the problem.

For a server which does not announce and enforce safe renegotiation,
what the client sees as an initial connection may unknowingly actually
be renegotiating an existing session that was started by an attacker.

The concern isn't that the (legitimate) client will have their session
re-negotiated by an attacker; it's that the MITM attacker can trick the
server into viewing the client's initial authentication as a
re-negotiation of a TLS session already underway.

for servers which do odd things like apply the credentials of the
post-renegotiation client to the traffic that happened before the
renegotiation (e.g. HTTPS, with client-side certificates required only
for certain subdirectories), a safe-renegotiation-aware client *should*
refuse to connect to servers which do not announce safe renegotiation if
they want to resist this attack.

12 years agoAdded safe-renegotiation subdir.
Nikos Mavrogiannopoulos [Thu, 21 Jan 2010 22:53:56 +0000 (23:53 +0100)]
Added safe-renegotiation subdir.

12 years agoAdded safe renegotiation test cases. Added priority string option to
Nikos Mavrogiannopoulos [Thu, 21 Jan 2010 22:30:16 +0000 (23:30 +0100)]
Added safe renegotiation test cases. Added priority string option to
completely disable renegotiation to assist in testing more cases.

12 years agoAdded the --rehandshake option to gnutls-cli to allow connection and immediate rehand...
Nikos Mavrogiannopoulos [Thu, 21 Jan 2010 21:47:53 +0000 (22:47 +0100)]
Added the --rehandshake option to gnutls-cli to allow connection and immediate rehandshake.

12 years agoMore carefull copying of data. Check for the malicious case where a server does initi...
Nikos Mavrogiannopoulos [Thu, 21 Jan 2010 21:20:07 +0000 (22:20 +0100)]
More carefull copying of data. Check for the malicious case where a server does initial unsafe negotiation and proceeds with a safe renegotiation.

12 years agoAlways allow initial negotiation. Disable subsequent unsafe renegotiations.
Nikos Mavrogiannopoulos [Thu, 21 Jan 2010 21:22:09 +0000 (22:22 +0100)]
Always allow initial negotiation. Disable subsequent unsafe renegotiations.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12 years agoSafe renegotiation variable cleanup. No longer clear variables that
Nikos Mavrogiannopoulos [Thu, 21 Jan 2010 20:42:07 +0000 (21:42 +0100)]
Safe renegotiation variable cleanup. No longer clear variables that
should stay across rehandshakes.

12 years agoDocumented the crypto-api functions and made the API tolerant to NULL IV.
Nikos Mavrogiannopoulos [Thu, 21 Jan 2010 20:17:44 +0000 (21:17 +0100)]
Documented the crypto-api functions and made the API tolerant to NULL IV.

12 years agoAdded documentation of rehandshake usage in gnutls if full-duplex capability is required.
Nikos Mavrogiannopoulos [Thu, 21 Jan 2010 08:44:38 +0000 (09:44 +0100)]
Added documentation of rehandshake usage in gnutls if full-duplex capability is required.

12 years agoReduced asserts to reduce unneeded printings.
Nikos Mavrogiannopoulos [Thu, 21 Jan 2010 08:43:37 +0000 (09:43 +0100)]
Reduced asserts to reduce unneeded printings.

12 years agoRemoved rehandshake initiation capability from client and transferred it
Nikos Mavrogiannopoulos [Thu, 21 Jan 2010 08:42:11 +0000 (09:42 +0100)]
Removed rehandshake initiation capability from client and transferred it
to the echo server. Once the server receives a string **REHANDSHAKE**
will request a rehandshake.

12 years agoHere is another patch that fixes an interoperability problem with safe
Steve Dispensa [Tue, 19 Jan 2010 19:05:37 +0000 (20:05 +0100)]
Here is another patch that fixes an interoperability problem with safe
renegotiation and resumption. In copying forward the safe renegotiation
state across resumptions, I got a little carried away and copied too much
data (new connections should start with empty RI data).

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12 years agoModified extensions (session ticket, oprfi) to store internal data in gnutls internal...
Nikos Mavrogiannopoulos [Fri, 15 Jan 2010 04:03:03 +0000 (05:03 +0100)]
Modified extensions (session ticket, oprfi) to store internal data in gnutls internal structure
and input data only in the security_parameters extension structure.

Session ticket extension will call the user supplied hello function on resumption.

(the current API to handle that is inexistant. To be revised)

12 years agoFurther cleanup the extension internal structure. Now if values are not
Nikos Mavrogiannopoulos [Thu, 14 Jan 2010 17:56:29 +0000 (18:56 +0100)]
Further cleanup the extension internal structure. Now if values are not
saved and restored when resumming they will be initialized to zero.

12 years agoTests compile with --enable-gcc-warnings.
Nikos Mavrogiannopoulos [Wed, 13 Jan 2010 19:48:07 +0000 (20:48 +0100)]
Tests compile with --enable-gcc-warnings.

12 years agoSpecify in detail what to be copied when resuming. It seems there
Nikos Mavrogiannopoulos [Wed, 13 Jan 2010 19:38:26 +0000 (20:38 +0100)]
Specify in detail what to be copied when resuming. It seems there
are extensions (like safe renegotiation) that do not need to read
the stored values. Moreover this might overcome any bugs by the
extensions that used to store pointers in the extension structure.

12 years agoInitialize the default value to 0. It seemed to have default value of 0 when non...
Nikos Mavrogiannopoulos [Wed, 13 Jan 2010 19:33:16 +0000 (20:33 +0100)]
Initialize the default value to 0. It seemed to have default value of 0 when non resuming :)

12 years agoRemoved warnings.
Nikos Mavrogiannopoulos [Wed, 13 Jan 2010 17:52:47 +0000 (18:52 +0100)]
Removed warnings.

12 years agoAdded -Wno-int-to-pointer-cast to enable compilation when enable-gcc-warnings is...
Nikos Mavrogiannopoulos [Wed, 13 Jan 2010 17:34:15 +0000 (18:34 +0100)]
Added -Wno-int-to-pointer-cast to enable compilation when enable-gcc-warnings is given.

12 years agoHere are two more patches. The first adds support for renegotiation of
Steve Dispensa [Wed, 13 Jan 2010 17:14:24 +0000 (18:14 +0100)]
Here are two more patches. The first adds support for renegotiation of
resumption.

Also, I found a bug in my initial implementation - I was incorrectly sending
the SCSV on all connections, not only those using SSLv3, as should have been
the case.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
12 years agoDocumentation updates.
Nikos Mavrogiannopoulos [Tue, 12 Jan 2010 20:30:04 +0000 (21:30 +0100)]
Documentation updates.

12 years agoWhen denying an initial negotiation due to missing safe renegotiation
Nikos Mavrogiannopoulos [Tue, 12 Jan 2010 19:24:06 +0000 (20:24 +0100)]
When denying an initial negotiation due to missing safe renegotiation
extension reply with NO_RENEGOTIATION alert.

12 years agoWhen resuming no extensions were parsed thus the safe
Nikos Mavrogiannopoulos [Tue, 12 Jan 2010 19:17:07 +0000 (20:17 +0100)]
When resuming no extensions were parsed thus the safe
renegotiation extension was ignored as well causing a
false detection of unsafe session. Corrected by making
a special class of extensions called RESUMED. Those are
parsed even when resuming (normally we don't do it to
prevent clients overwriting capabilities and credentials).

12 years agoAdded Steve Dispensa's patch for safe renegotiation (with artistic changes).
Nikos Mavrogiannopoulos [Tue, 12 Jan 2010 18:39:50 +0000 (19:39 +0100)]
Added Steve Dispensa's patch for safe renegotiation (with artistic changes).
Effectively reverted my previous patch 1a338cbaaeec11d958de8da4d1ae036979fccf3e.

12 years agoUpdated thanks file.
Nikos Mavrogiannopoulos [Tue, 12 Jan 2010 18:17:28 +0000 (19:17 +0100)]
Updated thanks file.

12 years agoWhen checking self signature also check the signatures of all subkeys.
Nikos Mavrogiannopoulos [Tue, 12 Jan 2010 17:34:39 +0000 (18:34 +0100)]
When checking self signature also check the signatures of all subkeys.
Ilari Liusvaara noticed and reported the issue and provided test vectors as well.

certtool --pgp-certificate-info will check self signatures.

Added self tests for self-sigs.

12 years agohash_fast -> hmac_fast
Nikos Mavrogiannopoulos [Mon, 11 Jan 2010 19:25:31 +0000 (20:25 +0100)]
hash_fast -> hmac_fast

12 years agoAdded safe renegotiation patch from Steve Dispensa, modified to suit gnutls
Nikos Mavrogiannopoulos [Sun, 10 Jan 2010 13:21:42 +0000 (14:21 +0100)]
Added safe renegotiation patch from Steve Dispensa, modified to suit gnutls
code style and error checking. Modified to conform to draft-ietf-tls-renegotiation-03.txt.

gnutls-cli will search input for **RENEGOTIATION** to perform a renegotiation
and gnutls-serv will perform one if requested.

12 years agoCorrections for --disable-extra-pki configure flag to work. Patch by Bill Randle.
Nikos Mavrogiannopoulos [Sun, 10 Jan 2010 11:30:11 +0000 (12:30 +0100)]
Corrections for --disable-extra-pki configure flag to work. Patch by Bill Randle.

12 years agoTypo fixes: successful, precedence, preferred
Andreas Metzler [Tue, 5 Jan 2010 04:56:08 +0000 (23:56 -0500)]
Typo fixes: successful, precedence, preferred

12 years agodefine EALG_MAX_BLOCK_LEN if not there.
Nikos Mavrogiannopoulos [Fri, 18 Dec 2009 10:03:23 +0000 (12:03 +0200)]
define EALG_MAX_BLOCK_LEN if not there.

12 years agouse C99 initializations
Nikos Mavrogiannopoulos [Sat, 5 Dec 2009 11:24:42 +0000 (13:24 +0200)]
use C99 initializations

12 years agoReverted all previous changes to combine hashes with MAC algorithms.
Nikos Mavrogiannopoulos [Sat, 5 Dec 2009 09:47:33 +0000 (11:47 +0200)]
Reverted all previous changes to combine hashes with MAC algorithms.
It is now permissible to register a hash algorithm separately from
a MAC.

12 years agoRevert "Merged the two internal hash API functions, to simplify and reduce code."
Nikos Mavrogiannopoulos [Sat, 5 Dec 2009 08:08:22 +0000 (10:08 +0200)]
Revert "Merged the two internal hash API functions, to simplify and reduce code."

This reverts commit bc3e43d5f121e404aa32212dcfcc5027de807056.

Conflicts:

lib/crypto.c
lib/gnutls_cipher.c
lib/gnutls_hash_int.c
lib/gnutls_hash_int.h
lib/includes/gnutls/crypto.h
lib/mac-libgcrypt.c

12 years agoRevert "Added plain MD5 hash check and corrected gnutls_hash_fast() usage in openssl.c"
Nikos Mavrogiannopoulos [Sat, 5 Dec 2009 07:58:55 +0000 (09:58 +0200)]
Revert "Added plain MD5 hash check and corrected gnutls_hash_fast() usage in openssl.c"

This reverts commit 54486afbfcf3398846d5c20d3094bdb7d0a43ff2.

12 years agoImprove example of printing cert info.
Simon Josefsson [Fri, 4 Dec 2009 12:36:58 +0000 (13:36 +0100)]
Improve example of printing cert info.

12 years agoTypo fix.
Simon Josefsson [Fri, 4 Dec 2009 10:51:34 +0000 (11:51 +0100)]
Typo fix.

Reported by Laurence <lfinsto@gwdg.de> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4036>.

12 years agofixes for compilation.
Nikos Mavrogiannopoulos [Thu, 3 Dec 2009 23:58:28 +0000 (01:58 +0200)]
fixes for compilation.

12 years agoCheck return value from gnutls_x509_crt_get_key_usage.
Simon Josefsson [Thu, 3 Dec 2009 14:06:19 +0000 (15:06 +0100)]
Check return value from gnutls_x509_crt_get_key_usage.

12 years agoThis is a follow-up to commit 3d8da5765133c6ced37bf29b5a07f950b8c26cd7, that fixes
Nikos Mavrogiannopoulos [Wed, 2 Dec 2009 21:12:45 +0000 (23:12 +0200)]
This is a follow-up to commit 3d8da5765133c6ced37bf29b5a07f950b8c26cd7, that fixes
some issues with DSA and RSA certificate encoding. Due to that the shown public key IDs are different
than the ones in previous gnutls versions.

12 years agoreduced calls to gnutls_hash on encryption/decryption. Only initialize MAC when needed.
Nikos Mavrogiannopoulos [Wed, 2 Dec 2009 20:33:06 +0000 (22:33 +0200)]
reduced calls to gnutls_hash on encryption/decryption. Only initialize MAC when needed.

12 years agoAdded plain MD5 hash check and corrected gnutls_hash_fast() usage in openssl.c
Nikos Mavrogiannopoulos [Wed, 2 Dec 2009 19:51:40 +0000 (21:51 +0200)]
Added plain MD5 hash check and corrected gnutls_hash_fast() usage in openssl.c
Corrected new hash API bug that prevented usage of plain hash functions.

12 years agoExported gnutls_cipher_get_block_size() and all hash functions added to libgnutls...
Nikos Mavrogiannopoulos [Wed, 2 Dec 2009 19:12:22 +0000 (21:12 +0200)]
Exported gnutls_cipher_get_block_size() and all hash functions added to libgnutls.map.
Expanded benchmark with 3DES and ARCFOUR. Corrected test that used non-existing symbol.

12 years agoCorrected check for cryptodev. Only enable it if --enable-cryptodev is specified.
Nikos Mavrogiannopoulos [Wed, 2 Dec 2009 18:36:44 +0000 (20:36 +0200)]
Corrected check for cryptodev. Only enable it if --enable-cryptodev is specified.

12 years agoCorrected compilation issues.
Nikos Mavrogiannopoulos [Tue, 1 Dec 2009 21:32:44 +0000 (23:32 +0200)]
Corrected compilation issues.

12 years agoMoved cryptodev check to lib/m4/hooks.m4 and now --enable-cryptodev actually works.
Nikos Mavrogiannopoulos [Mon, 30 Nov 2009 20:20:46 +0000 (22:20 +0200)]
Moved cryptodev check to lib/m4/hooks.m4 and now --enable-cryptodev actually works.

12 years agoDoc fix.
Simon Josefsson [Mon, 30 Nov 2009 18:02:26 +0000 (19:02 +0100)]
Doc fix.

12 years agocorrected old type.
Nikos Mavrogiannopoulos [Sun, 29 Nov 2009 22:25:01 +0000 (00:25 +0200)]
corrected old type.

12 years agoOnly include cryptodev.h if cryptodev is there.
Nikos Mavrogiannopoulos [Sun, 29 Nov 2009 22:12:29 +0000 (00:12 +0200)]
Only include cryptodev.h if cryptodev is there.

12 years agoMerged the two internal hash API functions, to simplify and reduce code.
Nikos Mavrogiannopoulos [Sun, 29 Nov 2009 10:08:44 +0000 (12:08 +0200)]
Merged the two internal hash API functions, to simplify and reduce code.
gnutls_hmac* and gnutls_hash* were merged to gnutls_hash API.

12 years agoAdded cryptodev support (/dev/crypto). Tested with http://www.logix.cz/michal/devel...
Nikos Mavrogiannopoulos [Sat, 28 Nov 2009 22:11:12 +0000 (00:11 +0200)]
Added cryptodev support (/dev/crypto). Tested with logix.cz/michal/devel/cryptodev/.
Added benchmark utility for AES. Exported API to access encryption algorithms.

12 years agoDocumented certtool's certificate request generation fix.
Nikos Mavrogiannopoulos [Fri, 27 Nov 2009 22:48:15 +0000 (00:48 +0200)]
Documented certtool's certificate request generation fix.

12 years agoCorrected two issues that affected certificate request generation.
Nikos Mavrogiannopoulos [Fri, 27 Nov 2009 22:41:46 +0000 (00:41 +0200)]
Corrected two issues that affected certificate request generation.
1. Null padding is added on integers (found thanks to Wilankar Trupti <trupti.wilankar@hp.com>)
2. In optional SignatureAlgorithm parameters field for DSA keys the DSA parameters were added. Those
were rejected by verisign. Gnutls no longer adds those parameters there since other implementations
don't do either and having them does not seem to offer anything (anyway you need the signer's certificate
to verify thus public key will be available).

12 years agoMore fixes of grep -q problem.
Simon Josefsson [Fri, 27 Nov 2009 16:01:10 +0000 (17:01 +0100)]
More fixes of grep -q problem.

12 years agoAdd.
Simon Josefsson [Fri, 27 Nov 2009 15:53:46 +0000 (16:53 +0100)]
Add.

12 years agoAllow exporting of Certificate requests to DER format.
Nikos Mavrogiannopoulos [Tue, 24 Nov 2009 19:23:54 +0000 (21:23 +0200)]
Allow exporting of Certificate requests to DER format.
Added option --no-crq-extensions to avoid adding extensions to a request.

12 years agoDon't use 'grep -q', to fix portability to OpenSolaris.
Simon Josefsson [Mon, 23 Nov 2009 10:12:30 +0000 (11:12 +0100)]
Don't use 'grep -q', to fix portability to OpenSolaris.

Reported by "Dr. David Kirkby" <david.kirkby@onetel.net> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3993>.

12 years agoBump versions.
Simon Josefsson [Mon, 16 Nov 2009 13:45:01 +0000 (14:45 +0100)]
Bump versions.

12 years agoDoc fix.
Simon Josefsson [Sun, 15 Nov 2009 15:51:14 +0000 (16:51 +0100)]
Doc fix.

12 years agoUpdate gnulib files.
Simon Josefsson [Sun, 15 Nov 2009 15:30:10 +0000 (16:30 +0100)]
Update gnulib files.

12 years agoGenerated. gnutls_2_9_9
Simon Josefsson [Mon, 9 Nov 2009 18:27:56 +0000 (19:27 +0100)]
Generated.

12 years agoVersion 2.9.9.
Simon Josefsson [Mon, 9 Nov 2009 18:16:45 +0000 (19:16 +0100)]
Version 2.9.9.

12 years agoUpdate gnulib files.
Simon Josefsson [Mon, 9 Nov 2009 16:26:51 +0000 (17:26 +0100)]
Update gnulib files.

12 years agoAdd.
Simon Josefsson [Mon, 9 Nov 2009 14:48:31 +0000 (15:48 +0100)]
Add.

12 years agoCleanup header inclusion.
Simon Josefsson [Mon, 9 Nov 2009 14:46:11 +0000 (15:46 +0100)]
Cleanup header inclusion.

12 years agoFix.
Simon Josefsson [Mon, 9 Nov 2009 14:42:55 +0000 (15:42 +0100)]
Fix.

12 years agoMore dead code removed. Based on suggestions by Steve Grubb and Tomaz Mraz
Nikos Mavrogiannopoulos [Fri, 6 Nov 2009 18:18:53 +0000 (20:18 +0200)]
More dead code removed. Based on suggestions by Steve Grubb and Tomaz Mraz

12 years agoAdd.
Simon Josefsson [Fri, 6 Nov 2009 16:22:58 +0000 (17:22 +0100)]
Add.

12 years agoFix --disable-valgrind-tests.
Simon Josefsson [Fri, 6 Nov 2009 16:21:43 +0000 (17:21 +0100)]
Fix --disable-valgrind-tests.

12 years agoUpdate gnulib files.
Simon Josefsson [Fri, 6 Nov 2009 09:04:55 +0000 (10:04 +0100)]
Update gnulib files.

12 years agoUpdate gnulib files.
Simon Josefsson [Fri, 6 Nov 2009 07:44:20 +0000 (08:44 +0100)]
Update gnulib files.

12 years agoLink to libgcrypt explicitly when libgcrypt functions are used.
Simon Josefsson [Fri, 6 Nov 2009 07:32:04 +0000 (08:32 +0100)]
Link to libgcrypt explicitly when libgcrypt functions are used.

12 years agoFix libgcrypt usage.
Simon Josefsson [Fri, 6 Nov 2009 07:29:45 +0000 (08:29 +0100)]
Fix libgcrypt usage.

12 years agoSimplified code which was based on older version of internal structures.
Nikos Mavrogiannopoulos [Thu, 5 Nov 2009 21:42:22 +0000 (23:42 +0200)]
Simplified code which was based on older version of internal structures.
Based on observations by Steve Grubb and Tomas Mraz.

12 years agoCorrected bug fix author.
Nikos Mavrogiannopoulos [Thu, 5 Nov 2009 21:32:17 +0000 (23:32 +0200)]
Corrected bug fix author.

12 years agoDocumented previous commit.
Nikos Mavrogiannopoulos [Thu, 5 Nov 2009 21:13:43 +0000 (23:13 +0200)]
Documented previous commit.

12 years agoCleanups and several bug fixes found by Tomas Mraz.
Nikos Mavrogiannopoulos [Thu, 5 Nov 2009 21:09:51 +0000 (23:09 +0200)]
Cleanups and several bug fixes found by Tomas Mraz.

"I've patched the following problems in the code found by review of
gnutls-2.8.5 code done by Steve Grubb.

See the patch attached.

The gnutls_constate.c bug might be potentially serious so I've decided
to mail it to you directly, not to the public mailing list.

The auth_cert.c change is just cleanup of the code.

In gnutls_openssl.c I've just fixed the potential crasher, correct fix
would require using asprintf or precomputed length of the buffer to
allocate a memory.

The certtool.c change is again just a cleanup."

12 years agoBump versions.
Simon Josefsson [Thu, 5 Nov 2009 16:41:27 +0000 (17:41 +0100)]
Bump versions.

12 years agoGenerated. gnutls_2_9_8
Simon Josefsson [Thu, 5 Nov 2009 16:31:27 +0000 (17:31 +0100)]
Generated.

12 years agoVersion 2.9.8.
Simon Josefsson [Thu, 5 Nov 2009 16:07:26 +0000 (17:07 +0100)]
Version 2.9.8.

12 years agoUpdate gnulib files.
Simon Josefsson [Thu, 5 Nov 2009 14:06:43 +0000 (15:06 +0100)]
Update gnulib files.

12 years agoUpdate gnulib files.
Simon Josefsson [Thu, 5 Nov 2009 13:44:12 +0000 (14:44 +0100)]
Update gnulib files.

12 years agoMake sure libgcrypt's dependency on libgpg-error is known.
Simon Josefsson [Thu, 5 Nov 2009 13:12:16 +0000 (14:12 +0100)]
Make sure libgcrypt's dependency on libgpg-error is known.

12 years agoFix API name change.
Simon Josefsson [Thu, 5 Nov 2009 09:00:57 +0000 (10:00 +0100)]
Fix API name change.

12 years agoFix API name change.
Simon Josefsson [Thu, 5 Nov 2009 08:59:12 +0000 (09:59 +0100)]
Fix API name change.