Added the --disable-client-cert option, to prevent the server asking the client for a certificate.

Generated.

Version 2.0.0.

Add.

Add 1.6.x entries.

Fix.

Use three-digit versions.

Fix.

Use libtasn1 v1.1.

Bump versions.

Use libtasn1 v1.0.

Drop gnits mode.

Also don't build ex-serv-anon when anonymous ciphers are disabled.

Don't try to build ex-client1 if anonymous ciphers are disabled.

Generated.

Version 1.7.19.

Add.

Support GNUTLS_CRD_PSK and GNUTLS_CRD_IA.

Handle GNUTLS_CRD_IA in print_info().

Add.

Doc fix.

Revert "Check that value is negative before using gnutls_error_is_fatal."

This reverts commit 9949a4b0b6b62a0ff3c05fee4283928d1a53b675.

Have gnutls_error_is_fatal return 0 on positive "errors".
Would fix bug reported by Andreas Metzler
<ametzler@downhill.at.eu.org> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2293
see also <http://bugs.debian.org/439640>.

Check that value is negative before using gnutls_error_is_fatal.
Fixes bug reported by Andreas Metzler <ametzler@downhill.at.eu.org>
in <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2293>
see also <http://bugs.debian.org/439640>.

Add.

Upgrade to OpenCDK 0.6.4.

Add.

Upgrade gnulib files.

No need for getline.h.

Add.

Upgrade gnulib files.

Add.

Update gnulib files.

Bump versions.

Don't build pgp example if pgp has been disabled.

Generated.

Version 1.7.18.

Add.

Bump version.

Add.

Add.

Fix pointer mix for different sized variables.
Tiny patch from <http://cvs.fedora.redhat.com/viewcvs/devel/gnutls/gnutls-1.6.3-incompat-pointers.patch?rev=1.1&view=auto>.

Typo.

Install images in info directory.

More image renaming.

Rename images to deal with texinfo brokenness.
See <http://thread.gmane.org/gmane.comp.tex.texinfo.bugs/3533>.

Remove my-bib-macros, not used.

Fix warning.  Tiny patch from Andreas Metzler <ametzler@downhill.at.eu.org>.

Fix warning.  Tiny patch from Andreas Metzler <ametzler@downhill.at.eu.org>.

Generated.

Typo.

Version 1.7.17.

Generated.

Add.

Add gnutls_openpgp_privkey_sign_hash.

Use *_t types consistently.

Use const and pointers to gnutls_datum_t in sign callback.

Fix warnings.

Update.

Set shared library version correctly.

New errors GNUTLS_E_APPLICATION_ERROR_MIN..GNUTLS_E_APPLICATION_ERROR_MAX.

Add gnutls_sign_callback_get.

* includes/gnutls/gnutls.h.in (gnutls_sign_callback_get): Add.

* lib/gnutls_cert.c (gnutls_sign_callback_set): Move here from
gnutls_sig.c.  Doc fix.
(gnutls_sign_callback_get): New function.

* lib/gnutls_sig.c (gnutls_sign_callback_set): Removed.

(gnutls_error_is_fatal): Return default is 1 for unknown error codes.

Update.

External signing callback interface.
* includes/gnutls/gnutls.h.in (gnutls_sign_func): New type.
(gnutls_sign_callback_set): New function.

* includes/gnutls/x509.h (gnutls_x509_privkey_sign_hash): New
function.

* lib/gnutls_x509.c (gnutls_certificate_set_x509_key_mem): Handle
NULL key.  Doc fix.

* lib/gnutls_sig.c (_gnutls_tls_sign_hdata): Pass session to
_gnutls_tls_sign.
(_gnutls_tls_sign_params): Likewise.
(_gnutls_tls_sign): Add new parameter 'session'.  Call sign
callback if appropriate.
(gnutls_sign_callback_set): New function.

* lib/gnutls_x509.c (read_key_mem): Support a NULL key.

* lib/gnutls_int.h (internals_st): Add sign_func,
sign_func_userdata.

* lib/auth_dhe.c (gen_dhe_server_kx): Use length of certificate
list to decide wheter to sign, not presence of private key.
* lib/auth_cert.c (_gnutls_gen_cert_client_cert_vrfy): Likewise.

* lib/auth_rsa_export.c (gen_rsa_export_server_kx): Likewise.

* lib/auth_cert.c(_gnutls_get_selected_cert): Don't require that
private key is present.

* lib/auth_rsa_export.c (gen_rsa_export_server_kx): Don't check
key size when key is not present, assume it is > 512 bits.

* lib/x509/privkey.c (gnutls_x509_privkey_sign_hash): New
function.

* tests/Makefile.am: Add x509signself.

Add.

Build x509self.

New file.

Add.

Disable TLS 1.2 by default, at least until RFC is out and we've done
simple interop of it.

Add.

Add.

Sync with TP.

Add.

Capitalized subsection titles.

* doc/gnutls.texi: Capitalized subsection titles.

* doc/signatures.texi: Likewise.

Signed-off-by: Simon Josefsson <simon@josefsson.org>

Add.

Fixed CPPFLAGS for Guile code and documentation.

* doc/Makefile.am (SNARF_CPPFLAGS): Added
  `{top_srcdir,top_builddir}/includes' and `top_builddir'.
  (core.c.texi): Added `&&' between the `make' command and the
  `$(GUILE_FOR_BUILD)' command.  Use `$(MAKE)' instead of `make'.
  (extra.c.texi): Likewise.

* src/Makefile.am (AM_CPPFLAGS): Added
  `{top_srcdir,top_builddir}/includes'.

Signed-off-by: Simon Josefsson <simon@josefsson.org>

Bump versions.

Generated.

Version 1.7.16.

Add.

Add.

Update gnulib files.

Updated `NEWS'.

Signed-off-by: Simon Josefsson <simon@josefsson.org>

Fixed erroneous checks and sloppy return values in certificate selection.

* lib/auth_cert.c (_gnutls_get_selected_cert): Dereference
  APR_CERT_LIST_LENGTH, APR_PKEY and APR_CERT_LIST when validating their
  value.
  (_gnutls_server_select_cert): When IDX < 0, set RET to
  `GNUTLS_E_INSUFFICIENT_CREDENTIALS'.

Signed-off-by: Simon Josefsson <simon@josefsson.org>

Add.

Add.

Update gnulib files.

Add.

Bump versions.

On starttls EOF on stdin, clear EOF flag to make future reads work OK.
Needed for Mac OS X.  Report and tiny patch by Hal Eden
<n.mavrogiannopoulos@gmail.com>.

Update.

Add.

Avoid make errors regarding internals.texi.
See <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2233>.

Fix build failure in doc/ when guile isn't installed built yet.

Manual: Capitalized section and chapter titles.

* doc/gnutls.texi: Capitalized section and chapter titles.
  (Certificate to XML convertion functions): Fixed typo both in node
  name and chapter title.  Updated menu.

* doc/internals.texi: Likewise.

Signed-off-by: Simon Josefsson <simon@josefsson.org>

Add.

Manual: Small Guile fixes.

* doc/guile.texi: Fixed typos, added cross-refs to the Guile manual.

Signed-off-by: Simon Josefsson <simon@josefsson.org>

Add.

Generated.