gnutls:gnutls.git
9 years agochanged license headers to 2.1. Reported by Andreas Metzler.
Nikos Mavrogiannopoulos [Sun, 24 Mar 2013 18:44:06 +0000 (19:44 +0100)]
changed license headers to 2.1. Reported by Andreas Metzler.

9 years agoupdated
Nikos Mavrogiannopoulos [Sun, 24 Mar 2013 11:41:22 +0000 (12:41 +0100)]
updated

9 years agoupdated copyright
Nikos Mavrogiannopoulos [Sat, 23 Mar 2013 20:23:28 +0000 (21:23 +0100)]
updated copyright

9 years agoAdded gnutls_mac_get_nonce_size()
Nikos Mavrogiannopoulos [Sat, 23 Mar 2013 10:49:52 +0000 (11:49 +0100)]
Added gnutls_mac_get_nonce_size()

9 years agoupdated
Nikos Mavrogiannopoulos [Fri, 22 Mar 2013 18:25:10 +0000 (19:25 +0100)]
updated

9 years agodoc update
Nikos Mavrogiannopoulos [Fri, 22 Mar 2013 17:48:11 +0000 (18:48 +0100)]
doc update

9 years agocorrected file location
Nikos Mavrogiannopoulos [Fri, 22 Mar 2013 07:50:28 +0000 (08:50 +0100)]
corrected file location

9 years agouse return instead of exit
Nikos Mavrogiannopoulos [Thu, 21 Mar 2013 20:37:29 +0000 (21:37 +0100)]
use return instead of exit

9 years agouse the proper defines
Nikos Mavrogiannopoulos [Thu, 21 Mar 2013 17:00:40 +0000 (18:00 +0100)]
use the proper defines

9 years agoFixes in openpgp handshake with fingerprints. Reported by Joke de Buhr.
Nikos Mavrogiannopoulos [Thu, 21 Mar 2013 16:50:09 +0000 (17:50 +0100)]
Fixes in openpgp handshake with fingerprints. Reported by Joke de Buhr.

9 years agoopenpgp-auth tests gnutls_openpgp_set_recv_key_function() as well.
Nikos Mavrogiannopoulos [Thu, 21 Mar 2013 16:49:20 +0000 (17:49 +0100)]
openpgp-auth tests gnutls_openpgp_set_recv_key_function() as well.

9 years agocorrect issue with the (deprecated) external key signing and TLS 1.2
Nikos Mavrogiannopoulos [Thu, 21 Mar 2013 15:46:14 +0000 (16:46 +0100)]
correct issue with the (deprecated) external key signing and TLS 1.2

9 years agouse clock_gettime when we can
Nikos Mavrogiannopoulos [Tue, 19 Mar 2013 20:57:50 +0000 (21:57 +0100)]
use clock_gettime when we can

9 years agoremoved R20
Nikos Mavrogiannopoulos [Tue, 19 Mar 2013 20:33:00 +0000 (21:33 +0100)]
removed R20

9 years agoSalsa20R20 -> Salsa20
Nikos Mavrogiannopoulos [Tue, 19 Mar 2013 07:52:14 +0000 (08:52 +0100)]
Salsa20R20 -> Salsa20

9 years agouse the exported variant of _gnutls_hmac_fast().
Nikos Mavrogiannopoulos [Tue, 19 Mar 2013 07:46:06 +0000 (08:46 +0100)]
use the exported variant of _gnutls_hmac_fast().

9 years agoThe HMAC subsystem can now be used for other MAC algorithms, like UMAC. UMAC-96 and...
Nikos Mavrogiannopoulos [Tue, 19 Mar 2013 07:13:54 +0000 (08:13 +0100)]
The HMAC subsystem can now be used for other MAC algorithms, like UMAC. UMAC-96 and UMAC-128 were conditionally added.

9 years agouse RSA ciphersuite to compare ciphers.
Nikos Mavrogiannopoulos [Sun, 17 Mar 2013 11:30:27 +0000 (12:30 +0100)]
use RSA ciphersuite to compare ciphers.

9 years agocorrected bug in stream ciphers and added new cipher to the new padding format.
Nikos Mavrogiannopoulos [Sun, 17 Mar 2013 11:22:11 +0000 (12:22 +0100)]
corrected bug in stream ciphers and added new cipher to the new padding format.

9 years agoAdded salsa20 cipher, and ciphersuites.
Nikos Mavrogiannopoulos [Sun, 17 Mar 2013 11:16:28 +0000 (12:16 +0100)]
Added salsa20 cipher, and ciphersuites.

9 years agosearch only for slots with tokens and avoid caching to prevent issues with multiple...
Nikos Mavrogiannopoulos [Sun, 17 Mar 2013 08:33:42 +0000 (09:33 +0100)]
search only for slots with tokens and avoid caching to prevent issues with multiple threads.

9 years agoupdated
Nikos Mavrogiannopoulos [Sat, 16 Mar 2013 11:49:06 +0000 (12:49 +0100)]
updated

9 years agoAdded gnutls_privkey_status()
Nikos Mavrogiannopoulos [Sat, 16 Mar 2013 11:46:58 +0000 (12:46 +0100)]
Added gnutls_privkey_status()

9 years agoavoid internal error
Nikos Mavrogiannopoulos [Sat, 16 Mar 2013 11:34:32 +0000 (12:34 +0100)]
avoid internal error

9 years agouse correct type for rv
Nikos Mavrogiannopoulos [Sat, 16 Mar 2013 11:32:57 +0000 (12:32 +0100)]
use correct type for rv

9 years agoupdated
Nikos Mavrogiannopoulos [Sat, 16 Mar 2013 11:03:08 +0000 (12:03 +0100)]
updated

9 years agoscan slots on PKCS #11 providers only when needed, not on initialization.
Nikos Mavrogiannopoulos [Sat, 16 Mar 2013 11:00:30 +0000 (12:00 +0100)]
scan slots on PKCS #11 providers only when needed, not on initialization.

9 years agodoc update
Nikos Mavrogiannopoulos [Fri, 15 Mar 2013 19:05:50 +0000 (20:05 +0100)]
doc update

9 years agodocumented the new configure options
Nikos Mavrogiannopoulos [Fri, 15 Mar 2013 17:15:34 +0000 (18:15 +0100)]
documented the new configure options

9 years agoPrivate key parameters are overwritten with zeros on deinitialization.
Nikos Mavrogiannopoulos [Fri, 15 Mar 2013 17:11:24 +0000 (18:11 +0100)]
Private key parameters are overwritten with zeros on deinitialization.

9 years agodoc updates
Nikos Mavrogiannopoulos [Fri, 15 Mar 2013 16:59:30 +0000 (17:59 +0100)]
doc updates

9 years agosimplified text
Nikos Mavrogiannopoulos [Fri, 15 Mar 2013 16:46:23 +0000 (17:46 +0100)]
simplified text

9 years agobumped version
Nikos Mavrogiannopoulos [Fri, 15 Mar 2013 16:29:44 +0000 (17:29 +0100)]
bumped version

9 years agoAdded gnutls_privkey_sign_raw_data()
Nikos Mavrogiannopoulos [Thu, 14 Mar 2013 22:15:36 +0000 (23:15 +0100)]
Added gnutls_privkey_sign_raw_data()

9 years agosimplified code
Nikos Mavrogiannopoulos [Thu, 14 Mar 2013 18:27:17 +0000 (19:27 +0100)]
simplified code

9 years agognutls-serv may run without certificate, but will issue a warning
Nikos Mavrogiannopoulos [Thu, 14 Mar 2013 15:03:52 +0000 (16:03 +0100)]
gnutls-serv may run without certificate, but will issue a warning

9 years agognutls-serv issues an error if no certificate and key pair was set.
Nikos Mavrogiannopoulos [Thu, 14 Mar 2013 14:35:01 +0000 (15:35 +0100)]
gnutls-serv issues an error if no certificate and key pair was set.

9 years agognutls 3.1.10 is LGPLv2.1
Nikos Mavrogiannopoulos [Thu, 14 Mar 2013 14:11:52 +0000 (15:11 +0100)]
gnutls 3.1.10 is LGPLv2.1

9 years agoAdded several ifdefs to avoid using disabled code.
Nikos Mavrogiannopoulos [Wed, 13 Mar 2013 18:33:40 +0000 (19:33 +0100)]
Added several ifdefs to avoid using disabled code.

9 years agoDocument mechanism used for *_key_id() creation.
Daniel Kahn Gillmor [Tue, 12 Mar 2013 23:19:12 +0000 (19:19 -0400)]
Document mechanism used for *_key_id() creation.

For the rationale behind this, see the gnutls-devl thread 'X.509 "Key
Identifiers" in GnuTLS' found either at
http://lists.gnutls.org/pipermail/gnutls-devel/2013-March/006182.html
and
http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/6674

9 years agoAdded gnutls_session_get_desc()
Nikos Mavrogiannopoulos [Tue, 12 Mar 2013 17:23:49 +0000 (18:23 +0100)]
Added gnutls_session_get_desc()

9 years agoAdded options to disable more key exchange mechanisms.
Nikos Mavrogiannopoulos [Mon, 11 Mar 2013 19:15:07 +0000 (20:15 +0100)]
Added options to disable more key exchange mechanisms.

In that DHE was separated from ECDHE.

9 years agoremoved unneeded code
Nikos Mavrogiannopoulos [Mon, 11 Mar 2013 18:45:43 +0000 (19:45 +0100)]
removed unneeded code

9 years agoWhen requesting DANE data resolve a service name into a port number. Reported by...
Nikos Mavrogiannopoulos [Sun, 10 Mar 2013 09:45:05 +0000 (10:45 +0100)]
When requesting DANE data resolve a service name into a port number. Reported by James Cloos.

9 years agoremoved
Nikos Mavrogiannopoulos [Fri, 8 Mar 2013 20:05:30 +0000 (21:05 +0100)]
removed

9 years agodoc update
Nikos Mavrogiannopoulos [Fri, 8 Mar 2013 19:51:43 +0000 (20:51 +0100)]
doc update

9 years agoavoid duplicate memory allocation in _gnutls_x509_get_dn()
Nikos Mavrogiannopoulos [Fri, 8 Mar 2013 19:39:47 +0000 (20:39 +0100)]
avoid duplicate memory allocation in _gnutls_x509_get_dn()

9 years agoThe default dane output is type 03 now.
Nikos Mavrogiannopoulos [Fri, 8 Mar 2013 18:27:13 +0000 (19:27 +0100)]
The default dane output is type 03 now.

9 years agosimplified
Nikos Mavrogiannopoulos [Fri, 8 Mar 2013 17:56:18 +0000 (18:56 +0100)]
simplified

9 years agoReturn proper also when loading a private key.
Nikos Mavrogiannopoulos [Fri, 8 Mar 2013 17:53:10 +0000 (18:53 +0100)]
Return proper also when loading a private key.

9 years agoGNUTLS_TPMKEY_FMT_DER -> GNUTLS_TPMKEY_FMT_RAW
Nikos Mavrogiannopoulos [Fri, 8 Mar 2013 17:44:57 +0000 (18:44 +0100)]
GNUTLS_TPMKEY_FMT_DER -> GNUTLS_TPMKEY_FMT_RAW

9 years agoreturn unimplemented feature on encounter of a known but unsupported url
Nikos Mavrogiannopoulos [Fri, 8 Mar 2013 17:40:06 +0000 (18:40 +0100)]
return unimplemented feature on encounter of a known but unsupported url

9 years agoupdates in danetool
Nikos Mavrogiannopoulos [Thu, 7 Mar 2013 22:04:33 +0000 (23:04 +0100)]
updates in danetool

9 years agoAdded configure option to disable the build of tests.
Nikos Mavrogiannopoulos [Thu, 7 Mar 2013 09:19:26 +0000 (10:19 +0100)]
Added configure option to disable the build of tests.

9 years agoupdated example template.
Nikos Mavrogiannopoulos [Thu, 7 Mar 2013 02:04:02 +0000 (03:04 +0100)]
updated example template.

9 years agoupdated
Nikos Mavrogiannopoulos [Thu, 7 Mar 2013 00:12:02 +0000 (01:12 +0100)]
updated

9 years agocorrected allocation size
Nikos Mavrogiannopoulos [Wed, 6 Mar 2013 23:51:49 +0000 (00:51 +0100)]
corrected allocation size

9 years agosimplified text
Nikos Mavrogiannopoulos [Wed, 6 Mar 2013 23:37:17 +0000 (00:37 +0100)]
simplified text

9 years agoFixes in cpu and cross-compilation detection
Nikos Mavrogiannopoulos [Wed, 6 Mar 2013 10:22:01 +0000 (11:22 +0100)]
Fixes in cpu and cross-compilation detection

9 years agoPlaced back _gnutls_x509_compare_raw_dn().
Nikos Mavrogiannopoulos [Wed, 6 Mar 2013 10:00:32 +0000 (11:00 +0100)]
Placed back _gnutls_x509_compare_raw_dn().

9 years agocheck revocation prior to reading local certs.
Nikos Mavrogiannopoulos [Wed, 6 Mar 2013 09:54:32 +0000 (10:54 +0100)]
check revocation prior to reading local certs.

9 years agodeinitialize the certificate
Nikos Mavrogiannopoulos [Wed, 6 Mar 2013 03:12:42 +0000 (04:12 +0100)]
deinitialize the certificate

9 years agoupdated
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 22:02:14 +0000 (23:02 +0100)]
updated

9 years agoWhen cross compiling do not check for ca certificates.
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 21:58:57 +0000 (22:58 +0100)]
When cross compiling do not check for ca certificates.

9 years agoauto-detect CA certificates only if with-default-trust-store-file is not provided.
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 21:51:21 +0000 (22:51 +0100)]
auto-detect CA certificates only if with-default-trust-store-file is not provided.

9 years agocorrected parameters.
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 20:33:38 +0000 (21:33 +0100)]
corrected parameters.

9 years agoAdded functions that remove certificates from a trust list.
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 20:28:56 +0000 (21:28 +0100)]
Added functions that remove certificates from a trust list.

9 years agoupdated doc
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 20:27:48 +0000 (21:27 +0100)]
updated doc

9 years agoCheck for revoked certs in android and do not add. Suggested by David Woodhouse.
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 18:57:57 +0000 (19:57 +0100)]
Check for revoked certs in android and do not add. Suggested by David Woodhouse.

9 years agocorrected add_system_trust() in the unsupported system case.
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 17:27:07 +0000 (18:27 +0100)]
corrected add_system_trust() in the unsupported system case.

9 years agoSeveral optimizations on certificate comparisons including DN. This speeds up CA...
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 15:46:32 +0000 (16:46 +0100)]
Several optimizations on certificate comparisons including DN. This speeds up CA certificate loading, and certificate verification.

9 years agoRevert "When making the hash list of the CAs avoid calling get_raw_*_dn() which is...
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 15:01:20 +0000 (16:01 +0100)]
Revert "When making the hash list of the CAs avoid calling get_raw_*_dn() which is very costly."

This reverts commit 1b7d66354e9b4d174b58233f4dd8ab46a1d45f14.

9 years agoupdated
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 14:56:23 +0000 (15:56 +0100)]
updated

9 years agoWhen making the hash list of the CAs avoid calling get_raw_*_dn() which is very costly.
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 14:55:34 +0000 (15:55 +0100)]
When making the hash list of the CAs avoid calling get_raw_*_dn() which is very costly.

9 years agoAdded new functions to get the LDAP DN in an allocated buffer.
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 14:55:09 +0000 (15:55 +0100)]
Added new functions to get the LDAP DN in an allocated buffer.

9 years agoRemoved unused code.
Nikos Mavrogiannopoulos [Tue, 5 Mar 2013 14:24:23 +0000 (15:24 +0100)]
Removed unused code.

9 years agofix description of id_size parameter
Daniel Kahn Gillmor [Tue, 5 Mar 2013 07:30:04 +0000 (02:30 -0500)]
fix description of id_size parameter

9 years agohandle the interesting variance between directories
Nikos Mavrogiannopoulos [Mon, 4 Mar 2013 23:43:24 +0000 (00:43 +0100)]
handle the interesting variance between directories

9 years agotest for ANDROID or __ANDROID__
Nikos Mavrogiannopoulos [Mon, 4 Mar 2013 05:25:51 +0000 (06:25 +0100)]
test for ANDROID or __ANDROID__

9 years agoupdated
Nikos Mavrogiannopoulos [Mon, 4 Mar 2013 05:03:56 +0000 (06:03 +0100)]
updated

9 years agocall gl_EARLY earlier, and add AM_PROG_AR.
Nikos Mavrogiannopoulos [Mon, 4 Mar 2013 04:55:37 +0000 (05:55 +0100)]
call gl_EARLY earlier, and add AM_PROG_AR.

9 years agocorrected link
Nikos Mavrogiannopoulos [Mon, 4 Mar 2013 04:45:57 +0000 (05:45 +0100)]
corrected link

9 years agoremoved Werror from automake rules
Nikos Mavrogiannopoulos [Sun, 3 Mar 2013 20:12:08 +0000 (21:12 +0100)]
removed Werror from automake rules

9 years agoAdded flag
Nikos Mavrogiannopoulos [Sun, 3 Mar 2013 09:06:35 +0000 (10:06 +0100)]
Added flag

9 years agoremoved
Nikos Mavrogiannopoulos [Sun, 3 Mar 2013 09:06:12 +0000 (10:06 +0100)]
removed

9 years agochanges to avoid compilation of programs that cannot be.
Nikos Mavrogiannopoulos [Sun, 3 Mar 2013 09:00:18 +0000 (10:00 +0100)]
changes to avoid compilation of programs that cannot be.

9 years agomore simplifications to gnutls_x509_trust_list_add_system_trust()
Nikos Mavrogiannopoulos [Sun, 3 Mar 2013 08:35:59 +0000 (09:35 +0100)]
more simplifications to gnutls_x509_trust_list_add_system_trust()

9 years agoupdated
Nikos Mavrogiannopoulos [Sun, 3 Mar 2013 00:32:50 +0000 (01:32 +0100)]
updated

9 years agocorrected reading from directory.
Nikos Mavrogiannopoulos [Sun, 3 Mar 2013 00:23:45 +0000 (01:23 +0100)]
corrected reading from directory.

9 years agognutls_x509_trust_list_add_system_trust() was made to work in android 4.x.
Nikos Mavrogiannopoulos [Sat, 2 Mar 2013 23:58:59 +0000 (00:58 +0100)]
gnutls_x509_trust_list_add_system_trust() was made to work in android 4.x.

9 years agoupdated
Nikos Mavrogiannopoulos [Sat, 2 Mar 2013 10:15:36 +0000 (11:15 +0100)]
updated

9 years agoMore cleanups in gnutls_x509_trust_list_add_system_trust()
Nikos Mavrogiannopoulos [Sat, 2 Mar 2013 10:13:51 +0000 (11:13 +0100)]
More cleanups in gnutls_x509_trust_list_add_system_trust()

9 years agoSelect CPU optimizations based on target cpu rather than the host.
Nikos Mavrogiannopoulos [Sat, 2 Mar 2013 09:57:04 +0000 (10:57 +0100)]
Select CPU optimizations based on target cpu rather than the host.

9 years agosome simplifications in gnutls_x509_trust_list_add_system_trust()
Nikos Mavrogiannopoulos [Sat, 2 Mar 2013 09:18:45 +0000 (10:18 +0100)]
some simplifications in gnutls_x509_trust_list_add_system_trust()

9 years agoUse ARCFOUR cipher by default to be compatible with devices like android that don...
Nikos Mavrogiannopoulos [Fri, 1 Mar 2013 19:42:18 +0000 (20:42 +0100)]
Use ARCFOUR cipher by default to be compatible with devices like android that don't support AES

9 years agoAdded verify flags for DANE to enforce verification and restrict it to a field.
Nikos Mavrogiannopoulos [Fri, 1 Mar 2013 15:54:12 +0000 (16:54 +0100)]
Added verify flags for DANE to enforce verification and restrict it to a field.

9 years agoadded empty ChangeLog
Nikos Mavrogiannopoulos [Thu, 28 Feb 2013 23:40:24 +0000 (00:40 +0100)]
added empty ChangeLog

9 years agoupdated gnulib
Nikos Mavrogiannopoulos [Thu, 28 Feb 2013 23:05:36 +0000 (00:05 +0100)]
updated gnulib

9 years agoAdded gnutls_pkcs11_privkey_status
Nikos Mavrogiannopoulos [Wed, 27 Feb 2013 19:41:06 +0000 (20:41 +0100)]
Added gnutls_pkcs11_privkey_status

9 years agoupdated gnutls_3_1_9
Nikos Mavrogiannopoulos [Wed, 27 Feb 2013 19:09:45 +0000 (20:09 +0100)]
updated