gnutls:gnutls.git
3 years agoupdated gnulib
Nikos Mavrogiannopoulos [Sun, 4 Jan 2015 10:09:52 +0000 (11:09 +0100)]
updated gnulib

3 years agognutls-cli-debug: corrected the skip of ignored checks
Nikos Mavrogiannopoulos [Fri, 2 Jan 2015 10:49:55 +0000 (12:49 +0200)]
gnutls-cli-debug: corrected the skip of ignored checks

3 years agodoc update
Nikos Mavrogiannopoulos [Wed, 31 Dec 2014 14:52:06 +0000 (16:52 +0200)]
doc update

3 years agodoc update
Nikos Mavrogiannopoulos [Wed, 31 Dec 2014 08:01:12 +0000 (10:01 +0200)]
doc update

3 years agocerttool: --pubkey-info will load a public key from stdin
Nikos Mavrogiannopoulos [Wed, 31 Dec 2014 08:00:11 +0000 (10:00 +0200)]
certtool: --pubkey-info will load a public key from stdin

3 years agoinclude netinet/in.h if present to access ipv6 related structures
Nikos Mavrogiannopoulos [Wed, 31 Dec 2014 07:40:03 +0000 (09:40 +0200)]
include netinet/in.h if present to access ipv6 related structures

Based on patch by Rumko.
https://savannah.gnu.org/support/?108713

3 years agoDon't call _gnutls_cipher_encrypt2 with textlen = 0 in _gnutls_auth_cipher_encrypt2_tag
Matthias-Christian Ott [Tue, 30 Dec 2014 09:58:43 +0000 (11:58 +0200)]
Don't call _gnutls_cipher_encrypt2 with textlen = 0 in _gnutls_auth_cipher_encrypt2_tag

If the plaintext is shorter than the block size of the used cipher,
_gnutls_auth_cipher_encrypt2_tag calls _gnutls_cipher_encrypt2 with
textlen = 0. By definition _gnutls_cipher_encrypt2 does nothing in this
case and thus does not need to be called.

3 years agoHandle zero length plaintext for VIA PadLock functions
Matthias-Christian Ott [Tue, 30 Dec 2014 09:57:36 +0000 (11:57 +0200)]
Handle zero length plaintext for VIA PadLock functions

If the plaintext is shorter than the block size of the used cipher,
_gnutls_auth_cipher_encrypt2_tag calls _gnutls_cipher_encrypt2 with
textlen = 0. padlock_ecb_encrypt and padlock_cbc_encrypt assume that the
plaintext length (last parameter) is greater than zero and segfault
otherwise. The assembler code for both functions is automatically
generated and imported from OpenSSL, so to ease maintenance the length
should be validated in the functions that call padlock_ecb_encrypt or
padlock_cbc_encrypt.

3 years agotests: enhanced openpgp-keyring test
Nikos Mavrogiannopoulos [Sun, 28 Dec 2014 09:14:47 +0000 (11:14 +0200)]
tests: enhanced openpgp-keyring test

3 years agoopenpgp: properly print names in oneline output as well
Nikos Mavrogiannopoulos [Sun, 28 Dec 2014 09:13:10 +0000 (11:13 +0200)]
openpgp: properly print names in oneline output as well

3 years agoupdates in openpgp DSA key printing
Nikos Mavrogiannopoulos [Sun, 28 Dec 2014 09:11:18 +0000 (11:11 +0200)]
updates in openpgp DSA key printing

3 years agoproperly print openpgp names
Nikos Mavrogiannopoulos [Sun, 28 Dec 2014 08:59:23 +0000 (10:59 +0200)]
properly print openpgp names

3 years agotools: use OCSP functions only when OCSP is enabled
Nikos Mavrogiannopoulos [Wed, 24 Dec 2014 22:16:49 +0000 (00:16 +0200)]
tools: use OCSP functions only when OCSP is enabled

3 years agoCorrected encoding and decoding of ANSI X9.62
Nikos Mavrogiannopoulos [Wed, 24 Dec 2014 17:08:54 +0000 (19:08 +0200)]
Corrected encoding and decoding of ANSI X9.62

That affects gnutls_pubkey_export_ecc_x962() and
gnutls_pubkey_import_ecc_x962().

3 years agotools: document the available curves
Nikos Mavrogiannopoulos [Wed, 24 Dec 2014 16:34:04 +0000 (18:34 +0200)]
tools: document the available curves

3 years agodoc update
Nikos Mavrogiannopoulos [Tue, 23 Dec 2014 11:18:28 +0000 (13:18 +0200)]
doc update

3 years agoUse hints to support incomplete PKCS#11 URIs
Nikos Mavrogiannopoulos [Tue, 23 Dec 2014 10:24:35 +0000 (12:24 +0200)]
Use hints to support incomplete PKCS#11 URIs

3 years agocompletely separated the two gnulibs to avoid conflicts
Nikos Mavrogiannopoulos [Tue, 23 Dec 2014 10:52:23 +0000 (12:52 +0200)]
completely separated the two gnulibs to avoid conflicts

3 years agoupdated gnulib
Nikos Mavrogiannopoulos [Tue, 23 Dec 2014 10:33:53 +0000 (12:33 +0200)]
updated gnulib

3 years agodoc update
Nikos Mavrogiannopoulos [Mon, 22 Dec 2014 09:08:38 +0000 (11:08 +0200)]
doc update

3 years agowhen importing object CAs from PKCS#11 URL, import the marked as trusted only
Nikos Mavrogiannopoulos [Mon, 22 Dec 2014 09:06:44 +0000 (11:06 +0200)]
when importing object CAs from PKCS#11 URL, import the marked as trusted only

3 years agopkcs11: when matching objects, also match the label
Nikos Mavrogiannopoulos [Mon, 22 Dec 2014 09:06:06 +0000 (11:06 +0200)]
pkcs11: when matching objects, also match the label

3 years agoadded missing variable
Nikos Mavrogiannopoulos [Sun, 21 Dec 2014 18:42:00 +0000 (20:42 +0200)]
added missing variable

3 years agoAdded p11-kit cflags in x509/
Nikos Mavrogiannopoulos [Sun, 21 Dec 2014 18:37:11 +0000 (20:37 +0200)]
Added p11-kit cflags in x509/

3 years agoAdded softhsm.h to share code in softhsm detection
Nikos Mavrogiannopoulos [Sun, 21 Dec 2014 11:16:17 +0000 (13:16 +0200)]
Added softhsm.h to share code in softhsm detection

Conflicts:
tests/suite/pkcs11-chainverify.c
tests/suite/pkcs11-privkey.c

3 years agoDirectly import PKCS #11 object URLs as trusted certificates
Nikos Mavrogiannopoulos [Sun, 21 Dec 2014 11:00:53 +0000 (13:00 +0200)]
Directly import PKCS #11 object URLs as trusted certificates

That is, don't treat them as trusted modules, because they aren't
a token URL, but rather a direct reference to specific objects.

3 years agocorrected documentation for the cork/uncork functions
Nikos Mavrogiannopoulos [Fri, 19 Dec 2014 08:40:58 +0000 (10:40 +0200)]
corrected documentation for the cork/uncork functions

Reported by Jaak Ristioja.

3 years agodoc update
Nikos Mavrogiannopoulos [Fri, 19 Dec 2014 08:35:10 +0000 (10:35 +0200)]
doc update

3 years agodoc update
Nikos Mavrogiannopoulos [Fri, 19 Dec 2014 08:30:54 +0000 (10:30 +0200)]
doc update

3 years agoAdded more precise version check in _gnutls_version_lowest
Nikos Mavrogiannopoulos [Fri, 19 Dec 2014 08:25:40 +0000 (10:25 +0200)]
Added more precise version check in _gnutls_version_lowest

3 years agoThe record version in the client Hello will be set to the lowest supported protocol
Nikos Mavrogiannopoulos [Fri, 21 Nov 2014 15:10:33 +0000 (16:10 +0100)]
The record version in the client Hello will be set to the lowest supported protocol

There should have been no harm in keeping it SSL 3.0 but
unfortunately in draft-thomson-sslv3-diediedie-00
it has been marked as MUST NOT do that. That will be fixed in a later
revision but since then there are servers not accepting SSL 3.0
as a valid record version (note that this is about the record
version, which describes the format of the packet, nothing to
do with the negotiated version).

3 years agocorrected documentation of gnutls_cork()
Nikos Mavrogiannopoulos [Fri, 19 Dec 2014 06:56:44 +0000 (08:56 +0200)]
corrected documentation of gnutls_cork()

3 years agoRevert "guile: Remove RSA parameters and related procedures."
Ludovic Courtès [Fri, 12 Dec 2014 20:53:23 +0000 (21:53 +0100)]
Revert "guile: Remove RSA parameters and related procedures."

This reverts commit 9f5788469f6f3f3fdd4cf064621a903607f10f2f;
this will be done in the 3.4 branch, as for the C library.
Update NEWS accordingly.

3 years agoUpdate 'NEWS'.
Ludovic Courtès [Fri, 12 Dec 2014 12:52:52 +0000 (13:52 +0100)]
Update 'NEWS'.

3 years agoguile: Open binary file in binary mode, for the sake of MinGW.
Ludovic Courtès [Thu, 11 Dec 2014 18:06:18 +0000 (19:06 +0100)]
guile: Open binary file in binary mode, for the sake of MinGW.

Reported by Eli Zaretskii <eliz@gnu.org>.

* guile/tests/openpgp-keyring.scm: Use 'open-file' with "rb" instead of
  'open-input-file'.

3 years agoguile: Link with '-no-undefined'.
Ludovic Courtès [Thu, 11 Dec 2014 18:04:17 +0000 (19:04 +0100)]
guile: Link with '-no-undefined'.

Fixes builds on MinGW.
Reported by Eli Zaretskii <eliz@gnu.org>.

* guile/src/Makefile.am (guile_gnutls_v_2_la_LDFLAGS): Add
  -no-undefined.

3 years agoguile: Build with warnings.
Ludovic Courtès [Thu, 4 Dec 2014 21:15:57 +0000 (22:15 +0100)]
guile: Build with warnings.

* guile/src/Makefile.am (AM_CFLAGS) [HAVE_GCC]: Add -Wall -Wextra
  -Wno-unused-parameter.

3 years agoguile: Remove the deprecated priority API.
Ludovic Courtès [Thu, 4 Dec 2014 21:14:57 +0000 (22:14 +0100)]
guile: Remove the deprecated priority API.

* guile/modules/gnutls/build/priorities.scm: Remove.
* guile/src/make-session-priorities.scm: Remove.
* guile/modules/Makefile.am (EXTRA_DIST): Adjust accordingly.
* guile/src/Makefile.am (EXTRA_DIST): Likewise.
  (GENERATED_BINDINGS): Remove 'priorities.i.c'.
  (priorities.i.c): Remove target.
* guile/src/core.c: Don't include it.
  (scm_gnutls_set_default_priority_x): Remove.
* guile/modules/gnutls.in (gnutls): Adjust export list.
* guile/tests/session-record-port.scm: Use 'set-session-priorities!'.
* guile/tests/x509-auth.scm: Likewise.

3 years agoguile: Remove RSA parameters and related procedures.
Ludovic Courtès [Thu, 4 Dec 2014 21:15:16 +0000 (22:15 +0100)]
guile: Remove RSA parameters and related procedures.

* guile/modules/gnutls/build/smobs.scm (%rsa-parameters-smob): Remove.
  (%gnutls-smobs): Remove it.
* guile/src/core.c (scm_gnutls_make_rsa_parameters,
  scm_gnutls_pkcs1_import_rsa_parameters,
  scm_gnutls_pkcs1_export_rsa_parameters,
  scm_gnutls_set_certificate_credentials_rsa_export_params_x): Remove.
* guile/modules/gnutls.in: Adjust export list.
* guile/tests/openpgp-auth.scm (import-rsa-params): Remove.
  Remove references to it and to
  'set-certificate-credentials-rsa-export-parameters!'.
* guile/tests/x509-auth.scm: Likewise.
* doc/gnutls-guile.texi (Representation of Binary Data): Remove
  references to RSA parameters.  Adjust example accordingly.
  (OpenPGP Authentication Guile Example): Likewise.

3 years agognutls_rnd: doc update
Nikos Mavrogiannopoulos [Fri, 12 Dec 2014 08:35:29 +0000 (09:35 +0100)]
gnutls_rnd: doc update

3 years agognutls_pkcs12_simple_parse: doc update
Nikos Mavrogiannopoulos [Fri, 12 Dec 2014 07:48:24 +0000 (08:48 +0100)]
gnutls_pkcs12_simple_parse: doc update

3 years agoimproved documentation on dane
Nikos Mavrogiannopoulos [Fri, 12 Dec 2014 07:26:53 +0000 (08:26 +0100)]
improved documentation on dane

3 years agop11tool: use Sleep() in windows
Nikos Mavrogiannopoulos [Thu, 11 Dec 2014 18:03:28 +0000 (19:03 +0100)]
p11tool: use Sleep() in windows

3 years agocerttool: ensure that default_serial_int is 64-bits or more
Nikos Mavrogiannopoulos [Thu, 11 Dec 2014 18:01:16 +0000 (19:01 +0100)]
certtool: ensure that default_serial_int is 64-bits or more

3 years agouse select() instead of alarm for better portability
Nikos Mavrogiannopoulos [Thu, 11 Dec 2014 17:59:27 +0000 (18:59 +0100)]
use select() instead of alarm for better portability

Based on patch by Eli Zaretskii.

3 years agoreleased 3.3.11 gnutls_3_3_11
Nikos Mavrogiannopoulos [Thu, 11 Dec 2014 08:02:10 +0000 (09:02 +0100)]
released 3.3.11

3 years agobumped version
Nikos Mavrogiannopoulos [Thu, 11 Dec 2014 05:09:06 +0000 (06:09 +0100)]
bumped version

3 years agotestcompat: corrected usage of null cipher
Nikos Mavrogiannopoulos [Thu, 11 Dec 2014 05:08:33 +0000 (06:08 +0100)]
testcompat: corrected usage of null cipher

3 years agoadded the .check function in FIPS140-2 code
Nikos Mavrogiannopoulos [Wed, 10 Dec 2014 14:40:49 +0000 (15:40 +0100)]
added the .check function in FIPS140-2 code

3 years ago_gnutls_x509_get_dn() always return a null terminated string
Nikos Mavrogiannopoulos [Fri, 5 Dec 2014 09:37:25 +0000 (10:37 +0100)]
_gnutls_x509_get_dn() always return a null terminated string

3 years agoif the rnd structure doesn't provide check, _gnutls_rnd_check() will succeed
Nikos Mavrogiannopoulos [Tue, 2 Dec 2014 09:50:45 +0000 (10:50 +0100)]
if the rnd structure doesn't provide check, _gnutls_rnd_check() will succeed

3 years agoReorganized, and eliminated memory leak in _gnutls_x509_crt_check_revocation()
Nikos Mavrogiannopoulos [Sun, 30 Nov 2014 20:44:10 +0000 (21:44 +0100)]
Reorganized, and eliminated memory leak in _gnutls_x509_crt_check_revocation()

Reported by Tim Rühsen.

3 years agodoc update
Nikos Mavrogiannopoulos [Fri, 28 Nov 2014 13:39:58 +0000 (14:39 +0100)]
doc update

3 years agognutls-cli-debug: Added check for whether %NO_EXTENSIONS is required
Nikos Mavrogiannopoulos [Tue, 25 Nov 2014 10:47:56 +0000 (11:47 +0100)]
gnutls-cli-debug: Added check for whether %NO_EXTENSIONS is required

3 years agognutls_session_get_desc: allow proper printing of the NULL KX
Nikos Mavrogiannopoulos [Fri, 28 Nov 2014 09:32:22 +0000 (10:32 +0100)]
gnutls_session_get_desc: allow proper printing of the NULL KX

3 years agognutls_certificate_set_x509_key_*: eliminated memory leak when certificate could...
Nikos Mavrogiannopoulos [Tue, 25 Nov 2014 20:52:23 +0000 (21:52 +0100)]
gnutls_certificate_set_x509_key_*: eliminated memory leak when certificate could not be parsed

Reported by Georg Richter.

3 years agognutls-cli-debug: do not print error on unknown protocols
Nikos Mavrogiannopoulos [Mon, 24 Nov 2014 21:39:23 +0000 (22:39 +0100)]
gnutls-cli-debug: do not print error on unknown protocols

3 years agodocumented the limitations of the loading functions
Nikos Mavrogiannopoulos [Mon, 24 Nov 2014 18:16:42 +0000 (19:16 +0100)]
documented the limitations of the loading functions

3 years agocorrected memleak in read_key_mem()
Nikos Mavrogiannopoulos [Mon, 24 Nov 2014 17:54:28 +0000 (18:54 +0100)]
corrected memleak in read_key_mem()

Patch by Georg Richter.

3 years agognutls-cli-debug: Added check for sorted certificate chain
Nikos Mavrogiannopoulos [Mon, 24 Nov 2014 12:27:09 +0000 (13:27 +0100)]
gnutls-cli-debug: Added check for sorted certificate chain

3 years agorestore only the documented behavior
Nikos Mavrogiannopoulos [Sat, 22 Nov 2014 09:55:21 +0000 (10:55 +0100)]
restore only the documented behavior

3 years agodoc update
Nikos Mavrogiannopoulos [Fri, 21 Nov 2014 20:07:21 +0000 (21:07 +0100)]
doc update

3 years agotests: added test for GNUTLS_E_GOT_APPLICATION_DATA on rehandshake
Nikos Mavrogiannopoulos [Fri, 21 Nov 2014 19:42:21 +0000 (20:42 +0100)]
tests: added test for GNUTLS_E_GOT_APPLICATION_DATA on rehandshake

Conflicts:
tests/Makefile.am

3 years agotreat GNUTLS_E_GOT_APPLICATION_DATA as non-fatal if initial negotiation is complete
Nikos Mavrogiannopoulos [Fri, 21 Nov 2014 19:18:08 +0000 (20:18 +0100)]
treat GNUTLS_E_GOT_APPLICATION_DATA as non-fatal if initial negotiation is complete

This corrects a regression introduced in b5a0de2e6da98866cafb770c3141b7353d030ab2
Reported by Dan Winship. https://savannah.gnu.org/support/?108690

3 years agodoc update
Nikos Mavrogiannopoulos [Fri, 21 Nov 2014 14:41:08 +0000 (15:41 +0100)]
doc update

3 years agoRevert "The priority modifier %LATEST_RECORD_VERSION is now the default"
Nikos Mavrogiannopoulos [Fri, 21 Nov 2014 14:40:57 +0000 (15:40 +0100)]
Revert "The priority modifier %LATEST_RECORD_VERSION is now the default"

This reverts commit 96b408b20fe8707306f38cba6f652556b99a47e4.

3 years ago_rnd_get_event: use memset to avoid valgrind complaints
Nikos Mavrogiannopoulos [Thu, 13 Nov 2014 14:38:34 +0000 (15:38 +0100)]
_rnd_get_event: use memset to avoid valgrind complaints

3 years agocompilation fix for FIPS140-2 mode
Nikos Mavrogiannopoulos [Fri, 21 Nov 2014 14:29:08 +0000 (15:29 +0100)]
compilation fix for FIPS140-2 mode

3 years agodeinitialize the OCSP response der data
Nikos Mavrogiannopoulos [Fri, 21 Nov 2014 14:02:40 +0000 (15:02 +0100)]
deinitialize the OCSP response der data

That also makes sure that reinitialization of ASN1 structures
are done when it is required only.

3 years agoNORMAL priority: prioritize the less than 256-bits curves at the lowest level
Nikos Mavrogiannopoulos [Mon, 17 Nov 2014 19:28:17 +0000 (20:28 +0100)]
NORMAL priority: prioritize the less than 256-bits curves at the lowest level

3 years agoproperly reset the zombie mode in FIPS mode
Nikos Mavrogiannopoulos [Sun, 16 Nov 2014 17:27:01 +0000 (18:27 +0100)]
properly reset the zombie mode in FIPS mode

This amends 9158f590f4a18c84fc9eb41877b29d73b30af879

3 years agodoc update
Nikos Mavrogiannopoulos [Sat, 15 Nov 2014 09:34:38 +0000 (10:34 +0100)]
doc update

3 years agoFixed SRTP profile configuration in cli.c and serv.c.
David Weber [Fri, 14 Nov 2014 12:49:24 +0000 (14:49 +0200)]
Fixed SRTP profile configuration in cli.c and serv.c.

I have tested the fix in 3.3.10. This commit is UNTESTED as i am unable
to compile gnutls (./configure complains about gl_INIT and ggl_INIT).

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3 years agognutls-cli: print info on the OCSP status request
Nikos Mavrogiannopoulos [Fri, 14 Nov 2014 16:30:31 +0000 (17:30 +0100)]
gnutls-cli: print info on the OCSP status request

3 years agouse the original DER/BER data when verifying an OCSP response
Nikos Mavrogiannopoulos [Fri, 14 Nov 2014 15:17:58 +0000 (16:17 +0100)]
use the original DER/BER data when verifying an OCSP response

Conflicts:
lib/x509/ocsp.c

3 years agowindows: updated _gnutls_ucs2_to_utf8()
Nikos Mavrogiannopoulos [Fri, 14 Nov 2014 07:43:22 +0000 (08:43 +0100)]
windows: updated _gnutls_ucs2_to_utf8()

3 years agognutls-cli-debug: check for OCSP status response
Nikos Mavrogiannopoulos [Fri, 14 Nov 2014 06:57:19 +0000 (07:57 +0100)]
gnutls-cli-debug: check for OCSP status response

Conflicts:
src/tests.c

3 years agoadded check for servers that disallow the SSL 3.0 record version
Nikos Mavrogiannopoulos [Thu, 13 Nov 2014 08:16:29 +0000 (09:16 +0100)]
added check for servers that disallow the SSL 3.0 record version

3 years agocorrected crq test case; reported by Andreas Metzler
Nikos Mavrogiannopoulos [Fri, 14 Nov 2014 06:45:49 +0000 (07:45 +0100)]
corrected crq test case; reported by Andreas Metzler

3 years agoset the GNUTLS_PIN_CONTEXT_SPECIFIC flag on PIN callback
Nikos Mavrogiannopoulos [Thu, 13 Nov 2014 19:56:27 +0000 (20:56 +0100)]
set the GNUTLS_PIN_CONTEXT_SPECIFIC flag on PIN callback

3 years agornd: removed the packed attribute from event_st
Nikos Mavrogiannopoulos [Thu, 13 Nov 2014 08:27:38 +0000 (09:27 +0100)]
rnd: removed the packed attribute from event_st

That prevents a SIGBUS on solaris sparc systems.
Reported by Thomas Thorberger.

3 years agodoc update
Nikos Mavrogiannopoulos [Thu, 13 Nov 2014 08:22:08 +0000 (09:22 +0100)]
doc update

3 years agoThe priority modifier %LATEST_RECORD_VERSION is now the default
Nikos Mavrogiannopoulos [Thu, 13 Nov 2014 08:18:31 +0000 (09:18 +0100)]
The priority modifier %LATEST_RECORD_VERSION is now the default

This works-around issue with servers that forbit the SSL 3.0
version number from the first packet of the record protocol.

3 years agotestcompat: updated gnutls_3_3_10
Nikos Mavrogiannopoulos [Mon, 10 Nov 2014 07:43:28 +0000 (08:43 +0100)]
testcompat: updated

3 years agobumped version
Nikos Mavrogiannopoulos [Mon, 10 Nov 2014 07:41:05 +0000 (08:41 +0100)]
bumped version

3 years agodoc update
Nikos Mavrogiannopoulos [Sun, 9 Nov 2014 22:04:52 +0000 (23:04 +0100)]
doc update

3 years agoAdded check with the invalid crq sent by Sean Burford
Nikos Mavrogiannopoulos [Fri, 31 Oct 2014 09:08:00 +0000 (10:08 +0100)]
Added check with the invalid crq sent by Sean Burford

3 years agowhen exporting curve coordinates to X9.63 format, perform additional sanity checks...
Nikos Mavrogiannopoulos [Fri, 31 Oct 2014 09:00:32 +0000 (10:00 +0100)]
when exporting curve coordinates to X9.63 format, perform additional sanity checks on input

Reported by Sean Burford.

3 years agodoc update
Nikos Mavrogiannopoulos [Sat, 8 Nov 2014 07:38:00 +0000 (08:38 +0100)]
doc update

3 years agodoc: updated text on session tickets
Nikos Mavrogiannopoulos [Sat, 8 Nov 2014 07:35:01 +0000 (08:35 +0100)]
doc: updated text on session tickets

3 years agotools: include arpa/inet.h in socket.c
Nikos Mavrogiannopoulos [Fri, 7 Nov 2014 20:46:58 +0000 (21:46 +0100)]
tools: include arpa/inet.h in socket.c

3 years agodoc: use the same port for DTLS client and server
Nikos Mavrogiannopoulos [Fri, 7 Nov 2014 18:18:22 +0000 (19:18 +0100)]
doc: use the same port for DTLS client and server

3 years agopkcs11: pass the correct user type to protected authentication login
Nikos Mavrogiannopoulos [Fri, 7 Nov 2014 18:01:57 +0000 (19:01 +0100)]
pkcs11: pass the correct user type to protected authentication login

3 years agodoc: corrected values for INSECURE level
Nikos Mavrogiannopoulos [Fri, 7 Nov 2014 09:22:11 +0000 (10:22 +0100)]
doc: corrected values for INSECURE level

3 years agodoc update
Nikos Mavrogiannopoulos [Fri, 7 Nov 2014 08:00:46 +0000 (09:00 +0100)]
doc update

3 years agopkcs11_login: set the correct user type on reauthentication
Nikos Mavrogiannopoulos [Fri, 7 Nov 2014 06:49:54 +0000 (07:49 +0100)]
pkcs11_login: set the correct user type on reauthentication

3 years agopkcs11: force login on tokens that require it
Nikos Mavrogiannopoulos [Thu, 6 Nov 2014 20:30:31 +0000 (21:30 +0100)]
pkcs11: force login on tokens that require it

3 years agoadded support for PKCS #11 keys that require reauthentication and simplified pkcs11_login
Nikos Mavrogiannopoulos [Thu, 6 Nov 2014 18:51:04 +0000 (19:51 +0100)]
added support for PKCS #11 keys that require reauthentication and simplified pkcs11_login

3 years agoapplied patch by A. Klitzing to improve compatibile with some apple systems
Nikos Mavrogiannopoulos [Thu, 6 Nov 2014 20:35:21 +0000 (21:35 +0100)]
applied patch by A. Klitzing to improve compatibile with some apple systems

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
3 years agognutls-cli-debug: backported changes from 3.4.0 branch
Nikos Mavrogiannopoulos [Wed, 5 Nov 2014 18:32:45 +0000 (19:32 +0100)]
gnutls-cli-debug: backported changes from 3.4.0 branch