gnutls:gnutls.git
11 years agoUpdate gnulib files. Fix syntax-check usage.
Simon Josefsson [Tue, 2 Aug 2011 23:16:03 +0000 (01:16 +0200)]
Update gnulib files.  Fix syntax-check usage.

11 years agoAdd NEWS entries. Use copyright ranges (now permitted).
Simon Josefsson [Tue, 2 Aug 2011 23:09:43 +0000 (01:09 +0200)]
Add NEWS entries.  Use copyright ranges (now permitted).

11 years agoSync with TP.
Simon Josefsson [Tue, 2 Aug 2011 22:44:22 +0000 (00:44 +0200)]
Sync with TP.

11 years agoMore GTK-DOC improvements.
Simon Josefsson [Tue, 2 Aug 2011 20:37:24 +0000 (22:37 +0200)]
More GTK-DOC improvements.

11 years agoSimplify GTK-DOC makefile IGNORE_HFILES.
Simon Josefsson [Tue, 2 Aug 2011 20:06:25 +0000 (22:06 +0200)]
Simplify GTK-DOC makefile IGNORE_HFILES.

11 years agoupdated
Nikos Mavrogiannopoulos [Tue, 2 Aug 2011 19:44:20 +0000 (21:44 +0200)]
updated

11 years agoFix GTK-DOC manual.
Simon Josefsson [Tue, 2 Aug 2011 19:32:32 +0000 (21:32 +0200)]
Fix GTK-DOC manual.

11 years agodetect premature termination of connection
Nikos Mavrogiannopoulos [Mon, 1 Aug 2011 20:16:09 +0000 (22:16 +0200)]
detect premature termination of connection

11 years agothe deprecated_config_file from 2.12.x was incorporated.
Nikos Mavrogiannopoulos [Mon, 1 Aug 2011 18:39:18 +0000 (20:39 +0200)]
the deprecated_config_file from 2.12.x was incorporated.

11 years agodocumentation update
Nikos Mavrogiannopoulos [Mon, 1 Aug 2011 18:27:41 +0000 (20:27 +0200)]
documentation update

11 years agoAdd GTK-DOC Since: tags for 3.0.0 additions.
Simon Josefsson [Tue, 2 Aug 2011 18:42:54 +0000 (20:42 +0200)]
Add GTK-DOC Since: tags for 3.0.0 additions.

11 years agoadded asserts.
Nikos Mavrogiannopoulos [Mon, 1 Aug 2011 16:21:14 +0000 (18:21 +0200)]
added asserts.

11 years agoRefer to nettle alone and p11-kit.
Nikos Mavrogiannopoulos [Mon, 1 Aug 2011 16:08:11 +0000 (18:08 +0200)]
Refer to nettle alone and p11-kit.

11 years agoDon't try to do PKCS#11 login if session is already logged in.
Stef Walter [Mon, 1 Aug 2011 09:12:57 +0000 (11:12 +0200)]
Don't try to do PKCS#11 login if session is already logged in.

 * It is possible for new PKCS#11 sessions to be logged in if
   another logged in session already exists.
 * In these cases, don't log in, but detect the condition and
   return success.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoWhen finding private keys fail, return error code.
Stef Walter [Mon, 1 Aug 2011 09:11:01 +0000 (11:11 +0200)]
When finding private keys fail, return error code.

 * Previously this would result in an endless loop.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoMark the config argument of gnutls_pkcs11_init() as unused
Stef Walter [Mon, 1 Aug 2011 07:45:44 +0000 (09:45 +0200)]
Mark the config argument of gnutls_pkcs11_init() as unused

 * Since its no longer used.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoAdded GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED flag for gnutls_x509_crt_list_import.
Nikos Mavrogiannopoulos [Sun, 31 Jul 2011 19:11:49 +0000 (21:11 +0200)]
Added GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED flag for gnutls_x509_crt_list_import.
It checks whether the list to be imported is properly sorted.

11 years agoAdded GNUTLS_E_CERTIFICATE_LIST_UNSORTED.
Nikos Mavrogiannopoulos [Sun, 31 Jul 2011 15:47:42 +0000 (17:47 +0200)]
Added GNUTLS_E_CERTIFICATE_LIST_UNSORTED.
If a certificate list is loaded then verify
that it is sorted with order to starts with
the subject and finished with the trusted
root. That way we make sure we don't send
data that violate the TLS protocol.

11 years agodocumentation updates.
Nikos Mavrogiannopoulos [Sun, 31 Jul 2011 11:03:58 +0000 (13:03 +0200)]
documentation updates.

11 years agoupdated changelog gnutls_3_0_0
Nikos Mavrogiannopoulos [Fri, 29 Jul 2011 20:15:23 +0000 (22:15 +0200)]
updated changelog

11 years agoreleased 3.0.0
Nikos Mavrogiannopoulos [Fri, 29 Jul 2011 20:13:36 +0000 (22:13 +0200)]
released 3.0.0

11 years agoupdated version
Nikos Mavrogiannopoulos [Thu, 28 Jul 2011 17:49:45 +0000 (19:49 +0200)]
updated version

11 years agoCorrected typo.
Nikos Mavrogiannopoulos [Thu, 28 Jul 2011 17:39:10 +0000 (19:39 +0200)]
Corrected typo.

11 years agodocumented updates.
Nikos Mavrogiannopoulos [Wed, 27 Jul 2011 20:10:49 +0000 (22:10 +0200)]
documented updates.

11 years agoAdded Petr.
Nikos Mavrogiannopoulos [Wed, 27 Jul 2011 20:10:35 +0000 (22:10 +0200)]
Added Petr.

11 years agoAdded gnutls_pcert_list_import_x509_raw() and few doc fixes.
Nikos Mavrogiannopoulos [Wed, 27 Jul 2011 15:42:33 +0000 (17:42 +0200)]
Added gnutls_pcert_list_import_x509_raw() and few doc fixes.

11 years agocorrected for libnettle.
Nikos Mavrogiannopoulos [Wed, 27 Jul 2011 14:00:04 +0000 (16:00 +0200)]
corrected for libnettle.

11 years agofix zlib handling in gnutls.pc
Andreas Metzler [Fri, 24 Jun 2011 15:56:38 +0000 (17:56 +0200)]
fix zlib handling in gnutls.pc

Only add zlib to gnutls.pc's Requies.private if zlib ships a pkg-config
file. Ancient (<< 1.2.3.1) versions don't. Otherwise add -lz to
Libs.private.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agognutls_global_init_extra() is not needed for SRP.
Nikos Mavrogiannopoulos [Wed, 27 Jul 2011 13:51:19 +0000 (15:51 +0200)]
gnutls_global_init_extra() is not needed for SRP.

11 years agodocumented changes.
Nikos Mavrogiannopoulos [Mon, 25 Jul 2011 17:19:30 +0000 (19:19 +0200)]
documented changes.

11 years agowritev_emu: stop on the first incomplete write
Sjoerd Simons [Mon, 25 Jul 2011 16:54:32 +0000 (17:54 +0100)]
writev_emu: stop on the first incomplete write

Just like standard writev, we should only move on to the next block if
all the previous ones have been successfully written out. Otherwise
there is a potential for data loss and/or confusing push functions.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoincreased size of fdl.
Nikos Mavrogiannopoulos [Sun, 24 Jul 2011 13:01:01 +0000 (15:01 +0200)]
increased size of fdl.

11 years agoAdded debug message to indicate usage of compatibility mode for /etc/gnutls/pkcs11...
Nikos Mavrogiannopoulos [Sun, 24 Jul 2011 11:48:21 +0000 (13:48 +0200)]
Added debug message to indicate usage of compatibility mode for /etc/gnutls/pkcs11.conf

11 years agoremoved pgp key from authors file.
Nikos Mavrogiannopoulos [Sun, 24 Jul 2011 11:23:36 +0000 (13:23 +0200)]
removed pgp key from authors file.

11 years agoupdated changelog. gnutls_2_99_4
Nikos Mavrogiannopoulos [Sat, 23 Jul 2011 15:08:36 +0000 (17:08 +0200)]
updated changelog.

11 years agoreleased 2.99.4
Nikos Mavrogiannopoulos [Sat, 23 Jul 2011 14:43:33 +0000 (16:43 +0200)]
released 2.99.4

11 years agoHonor uninitialized private key in destructor
Petr Písař [Wed, 29 Jun 2011 20:54:33 +0000 (22:54 +0200)]
Honor uninitialized private key in destructor

Fixes bug #107730.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoCorrected initialization of key when generating request. Reported by Petr Pisar.
Nikos Mavrogiannopoulos [Sat, 23 Jul 2011 14:27:47 +0000 (16:27 +0200)]
Corrected initialization of key when generating request. Reported by Petr Pisar.

11 years agoupdated.
Nikos Mavrogiannopoulos [Sat, 23 Jul 2011 14:19:15 +0000 (16:19 +0200)]
updated.

11 years agoThe crippled status of an gnutls_x509_privkey_t was removed.
Nikos Mavrogiannopoulos [Sat, 23 Jul 2011 14:14:27 +0000 (16:14 +0200)]
The crippled status of an gnutls_x509_privkey_t was removed.

11 years agoExample compilation fix.
Nikos Mavrogiannopoulos [Sat, 23 Jul 2011 14:05:47 +0000 (16:05 +0200)]
Example compilation fix.

11 years agopkcs11: Use p11_kit_pin_xxx() functionality when 'pinfile' is in uris.
Stef Walter [Thu, 7 Jul 2011 17:05:17 +0000 (19:05 +0200)]
pkcs11: Use p11_kit_pin_xxx() functionality when 'pinfile' is in uris.

 * This allows other apps to register a handler for a specific pinfile
   and then that application will be able to provide the PIN for
   those URIs.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoAdded compatibility mode with /etc/gnutls/pkcs11.conf
Nikos Mavrogiannopoulos [Fri, 22 Jul 2011 10:32:55 +0000 (13:32 +0300)]
Added compatibility mode with /etc/gnutls/pkcs11.conf

11 years agoUpdates in upward negotiation section.
Nikos Mavrogiannopoulos [Thu, 21 Jul 2011 14:44:11 +0000 (17:44 +0300)]
Updates in upward negotiation section.

11 years agoCorrected bibliography
Nikos Mavrogiannopoulos [Thu, 21 Jul 2011 13:46:49 +0000 (16:46 +0300)]
Corrected bibliography

11 years agocorrected section names.
Nikos Mavrogiannopoulos [Thu, 21 Jul 2011 12:34:14 +0000 (15:34 +0300)]
corrected section names.

11 years agoUpdated information on required libraries.
Nikos Mavrogiannopoulos [Thu, 21 Jul 2011 12:12:31 +0000 (15:12 +0300)]
Updated information on required libraries.

11 years agoCorrected typos.
Nikos Mavrogiannopoulos [Thu, 21 Jul 2011 12:08:55 +0000 (15:08 +0300)]
Corrected typos.

11 years agoupdated function listing.
Nikos Mavrogiannopoulos [Tue, 28 Jun 2011 11:10:11 +0000 (14:10 +0300)]
updated function listing.

11 years agoAdded gnutls_alert_get_strname().
Nikos Mavrogiannopoulos [Tue, 28 Jun 2011 11:09:00 +0000 (14:09 +0300)]
Added gnutls_alert_get_strname().

11 years agodocumentation fixes
Nikos Mavrogiannopoulos [Mon, 27 Jun 2011 13:16:57 +0000 (16:16 +0300)]
documentation fixes

11 years agoUpgraded to LGPLv3.
Nikos Mavrogiannopoulos [Wed, 22 Jun 2011 22:38:13 +0000 (00:38 +0200)]
Upgraded to LGPLv3.

11 years agoupdated cover.
Nikos Mavrogiannopoulos [Wed, 22 Jun 2011 22:19:31 +0000 (00:19 +0200)]
updated cover.

11 years agoimprovements on fdl.
Nikos Mavrogiannopoulos [Tue, 21 Jun 2011 16:51:32 +0000 (18:51 +0200)]
improvements on fdl.

11 years agoAdded LRN.
Nikos Mavrogiannopoulos [Tue, 21 Jun 2011 16:18:03 +0000 (18:18 +0200)]
Added LRN.

11 years agodocumentation updates.
Nikos Mavrogiannopoulos [Mon, 20 Jun 2011 23:42:39 +0000 (01:42 +0200)]
documentation updates.

11 years agognutls_srp_verifier() returns data allocated with gnutls_malloc()
Nikos Mavrogiannopoulos [Mon, 20 Jun 2011 23:02:20 +0000 (01:02 +0200)]
gnutls_srp_verifier() returns data allocated with gnutls_malloc()
for consistency.

11 years agoreduced error message.
Nikos Mavrogiannopoulos [Mon, 20 Jun 2011 23:01:15 +0000 (01:01 +0200)]
reduced error message.

11 years agosimplified text.
Nikos Mavrogiannopoulos [Mon, 20 Jun 2011 19:01:46 +0000 (21:01 +0200)]
simplified text.

11 years agoFDL is now included using a tiny font.
Nikos Mavrogiannopoulos [Mon, 20 Jun 2011 18:47:29 +0000 (20:47 +0200)]
FDL is now included using a tiny font.

11 years agoTables were also made floating
Nikos Mavrogiannopoulos [Mon, 20 Jun 2011 18:21:18 +0000 (20:21 +0200)]
Tables were also made floating

11 years agofigures were made floating.
Nikos Mavrogiannopoulos [Mon, 20 Jun 2011 17:15:40 +0000 (19:15 +0200)]
figures were made floating.

11 years agoAdded high-quality pdf images.
Nikos Mavrogiannopoulos [Mon, 20 Jun 2011 16:38:26 +0000 (18:38 +0200)]
Added high-quality pdf images.

11 years agomore files to ignore
Nikos Mavrogiannopoulos [Sun, 19 Jun 2011 21:34:09 +0000 (23:34 +0200)]
more files to ignore

11 years agoupdated documentation to allow latex output.
Nikos Mavrogiannopoulos [Sun, 19 Jun 2011 20:23:02 +0000 (22:23 +0200)]
updated documentation to allow latex output.

11 years agocorrected typos
Nikos Mavrogiannopoulos [Sun, 19 Jun 2011 16:04:32 +0000 (18:04 +0200)]
corrected typos

11 years agoindented code.
Nikos Mavrogiannopoulos [Sun, 19 Jun 2011 07:46:56 +0000 (09:46 +0200)]
indented code.
Corrected PKCS #11 example.

11 years agoadded missing file. gnutls_2_99_3
Nikos Mavrogiannopoulos [Sat, 18 Jun 2011 19:17:12 +0000 (21:17 +0200)]
added missing file.

11 years agobumped version.
Nikos Mavrogiannopoulos [Sat, 18 Jun 2011 19:11:16 +0000 (21:11 +0200)]
bumped version.

11 years agoAdded new PKCS #11 flags to force an object being private or not.
Nikos Mavrogiannopoulos [Sat, 18 Jun 2011 09:53:14 +0000 (11:53 +0200)]
Added new PKCS #11 flags to force an object being private or not.
Those are GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE and GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE.
p11tool supports now the --no-private and --private options.

11 years agoLimit the number of attempts with the same PIN, to avoid attempting again and again...
Nikos Mavrogiannopoulos [Fri, 17 Jun 2011 18:38:34 +0000 (20:38 +0200)]
Limit the number of attempts with the same PIN, to avoid attempting again and again with a wrong PIN.

11 years agoWhen writing an object with CKA_TRUSTED set CKA_PRIVATE explicitly to FALSE, to allow...
Nikos Mavrogiannopoulos [Fri, 17 Jun 2011 18:31:58 +0000 (20:31 +0200)]
When writing an object with CKA_TRUSTED set CKA_PRIVATE explicitly to FALSE, to allow the SO to write it. Reported by Rickard Bellgrim.

11 years agoupdated
Nikos Mavrogiannopoulos [Thu, 16 Jun 2011 18:50:45 +0000 (20:50 +0200)]
updated

11 years agoremoved unneeded test.
Nikos Mavrogiannopoulos [Thu, 16 Jun 2011 18:44:19 +0000 (20:44 +0200)]
removed unneeded test.

11 years agoEnforce the GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO even if GNUTLS_PKCS11_OBJ_FLAG_LOGIN...
Nikos Mavrogiannopoulos [Thu, 16 Jun 2011 18:42:11 +0000 (20:42 +0200)]
Enforce the GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO even if GNUTLS_PKCS11_OBJ_FLAG_LOGIN is specified.

11 years agoUse common code for PKCS #11 callbacks across clients.
Nikos Mavrogiannopoulos [Thu, 16 Jun 2011 18:39:52 +0000 (20:39 +0200)]
Use common code for PKCS #11 callbacks across clients.
Require SO login to write a trusted object.

11 years agobit fields changed to unsigned.
Nikos Mavrogiannopoulos [Thu, 16 Jun 2011 18:19:30 +0000 (20:19 +0200)]
bit fields changed to unsigned.

11 years agoMoved null check before initialization.
Nikos Mavrogiannopoulos [Thu, 16 Jun 2011 18:13:55 +0000 (20:13 +0200)]
Moved null check before initialization.

11 years agoremoved unreachable code warning
Nikos Mavrogiannopoulos [Thu, 16 Jun 2011 18:09:43 +0000 (20:09 +0200)]
removed unreachable code warning

11 years agoeliminated wipemem().
Nikos Mavrogiannopoulos [Thu, 16 Jun 2011 18:07:39 +0000 (20:07 +0200)]
eliminated wipemem().

11 years agocorrected uninitialized variable warning.
Nikos Mavrogiannopoulos [Thu, 16 Jun 2011 18:02:27 +0000 (20:02 +0200)]
corrected uninitialized variable warning.

11 years agoThe CKA_SUBJECT must be specified for a certificate.
Rickard Bellgrim [Thu, 16 Jun 2011 06:43:31 +0000 (08:43 +0200)]
The CKA_SUBJECT must be specified for a certificate.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoWhen setting the TRUSTED flag login as security officer.
Nikos Mavrogiannopoulos [Wed, 15 Jun 2011 19:32:19 +0000 (21:32 +0200)]
When setting the TRUSTED flag login as security officer.

11 years agowrite label in PKCS #11 privkey.
Nikos Mavrogiannopoulos [Wed, 15 Jun 2011 18:55:15 +0000 (20:55 +0200)]
write label in PKCS #11 privkey.

11 years agodefine ck_bool_t to be compatible with PKCS #11 bool type.
Nikos Mavrogiannopoulos [Wed, 15 Jun 2011 18:52:11 +0000 (20:52 +0200)]
define ck_bool_t to be compatible with PKCS #11 bool type.

11 years agoignore more warnings.
Nikos Mavrogiannopoulos [Wed, 15 Jun 2011 19:39:48 +0000 (21:39 +0200)]
ignore more warnings.

11 years agoUse pkcs11.h specification file from p11-kit.
Stef Walter [Thu, 9 Jun 2011 18:29:04 +0000 (20:29 +0200)]
Use pkcs11.h specification file from p11-kit.

 * Remove one included briefly in gnutls.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoFix up compiler warnings.
Stef Walter [Thu, 9 Jun 2011 08:38:38 +0000 (10:38 +0200)]
Fix up compiler warnings.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoAdded missing file
Nikos Mavrogiannopoulos [Thu, 9 Jun 2011 16:01:27 +0000 (18:01 +0200)]
Added missing file

11 years agodocument new config file format and path.
Nikos Mavrogiannopoulos [Tue, 7 Jun 2011 18:23:59 +0000 (20:23 +0200)]
document new config file format and path.

11 years agoThe attached patch ports gnutls to p11-kit.
Stef Walter [Tue, 7 Jun 2011 18:20:17 +0000 (20:20 +0200)]
The attached patch ports gnutls to p11-kit.
p11-kit is added as a dependency. p11-kit itself has no dependencies outside of basic libc stuff. The source code for p11-kit is available both in git and tarball form. [3]
If the gnutls dependency on p11-kit is disabled (via a configure option) then the PKCS#11 support is disabled. This is useful in bare bones embedded systems or places where very minimal dependencies are limited.

11 years agoupdated
Nikos Mavrogiannopoulos [Tue, 7 Jun 2011 17:20:15 +0000 (19:20 +0200)]
updated

11 years agoReturn error code when an object is not found.
Nikos Mavrogiannopoulos [Tue, 7 Jun 2011 17:07:24 +0000 (19:07 +0200)]
Return error code when an object is not found.
Only request for token insertion if the expected data is not found.

Based on patch by Stef Walter.

11 years agoDepend on automake 1.11.
Nikos Mavrogiannopoulos [Tue, 7 Jun 2011 05:14:27 +0000 (07:14 +0200)]
Depend on automake 1.11.

11 years agotests: Build eagain-cli with correct libraries
Stef Walter [Mon, 6 Jun 2011 16:48:54 +0000 (16:48 +0000)]
tests: Build eagain-cli with correct libraries

 * Add -ldl -lpthread to linker flags

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agognutls-cli: Fix uninitialized variable when PKCS#11 uris in use.
Stef Walter [Mon, 30 May 2011 19:29:12 +0000 (21:29 +0200)]
gnutls-cli: Fix uninitialized variable when PKCS#11 uris in use.

 * When PKCS#11 URIs are in use previously tried to free uninitialized
   memory. Initialize to zero.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agopkcs11: Accept CKR_USER_ALREADY_LOGGED_IN as successful result for PAP Login
Stef Walter [Mon, 30 May 2011 19:35:25 +0000 (21:35 +0200)]
pkcs11: Accept CKR_USER_ALREADY_LOGGED_IN as successful result for PAP Login

 * When doing CKF_PROTECTED_AUTHENTICATION_PATH login, accept
   CKR_USER_ALREADY_LOGGED_IN as a successful result.
 * Another code path, or another consumer of the same PKCS#11 module
   may have already logged in.
 * This is what the non PAP code path already does.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agoRemove unused variables
Stef Walter [Mon, 6 Jun 2011 16:20:55 +0000 (16:20 +0000)]
Remove unused variables

 * GCC 4.6.0 prints a warning, and build failes with -Wunused

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
11 years agouse gnutls_assert_val() in EGD errors.
Nikos Mavrogiannopoulos [Mon, 6 Jun 2011 16:21:41 +0000 (18:21 +0200)]
use gnutls_assert_val() in EGD errors.

11 years agoCorrected fail() shell function. Reported by Andreas Metzler.
Nikos Mavrogiannopoulos [Sun, 5 Jun 2011 19:09:46 +0000 (21:09 +0200)]
Corrected fail() shell function. Reported by Andreas Metzler.