gnutls:gnutls.git
3 years agocorrected return codes gnutls_2_8_x
Nikos Mavrogiannopoulos [Tue, 25 Feb 2014 14:57:55 +0000 (15:57 +0100)]
corrected return codes

3 years agoCorrected PKCS #1 encoding.
Nikos Mavrogiannopoulos [Tue, 11 Feb 2014 07:49:33 +0000 (08:49 +0100)]
Corrected PKCS #1 encoding.

6 years agoApplied patch on IKE extension by Micah Anderson
Nikos Mavrogiannopoulos [Sat, 2 Oct 2010 21:32:45 +0000 (23:32 +0200)]
Applied patch on IKE extension by Micah Anderson

7 years agoFix objdir != srcdir build issue for libgnutlsxx.
Simon Josefsson [Sat, 14 Aug 2010 10:51:02 +0000 (12:51 +0200)]
Fix objdir != srcdir build issue for libgnutlsxx.

Reported by "carlo.bramix@libero.it" <carlo.bramix@libero.it>.

7 years agoRevert "When generating private key allow usage of --pkcs-cipher flag."
Nikos Mavrogiannopoulos [Sat, 26 Jun 2010 19:54:36 +0000 (21:54 +0200)]
Revert "When generating private key allow usage of --pkcs-cipher flag."

This reverts commit e72dcf4095adad4811aa440ff44d272d633cdf9d.

7 years agoWhen generating private key allow usage of --pkcs-cipher flag.
Nikos Mavrogiannopoulos [Sat, 26 Jun 2010 19:51:03 +0000 (21:51 +0200)]
When generating private key allow usage of --pkcs-cipher flag.

7 years agoAdd.
Simon Josefsson [Mon, 15 Mar 2010 13:49:15 +0000 (14:49 +0100)]
Add.

7 years agoUpgrade libtasn1 to v2.5.
Simon Josefsson [Mon, 15 Mar 2010 13:49:00 +0000 (14:49 +0100)]
Upgrade libtasn1 to v2.5.

7 years agoBump version.
Simon Josefsson [Mon, 15 Mar 2010 13:30:42 +0000 (14:30 +0100)]
Bump version.

7 years agoUpdate.
Simon Josefsson [Mon, 15 Mar 2010 13:29:37 +0000 (14:29 +0100)]
Update.

7 years agoGenerated. gnutls_2_8_6
Simon Josefsson [Mon, 15 Mar 2010 12:59:39 +0000 (13:59 +0100)]
Generated.

7 years agoVersion 2.8.6.
Simon Josefsson [Mon, 15 Mar 2010 12:49:45 +0000 (13:49 +0100)]
Version 2.8.6.

7 years agoBackport tests/openpgp-certs fixes.
Simon Josefsson [Mon, 15 Mar 2010 10:24:45 +0000 (11:24 +0100)]
Backport tests/openpgp-certs fixes.

7 years agoUpdate gnulib files.
Simon Josefsson [Fri, 6 Nov 2009 09:04:55 +0000 (10:04 +0100)]
Update gnulib files.

7 years agoBackport fix for inet_ntop/inet_pton link problem.
Simon Josefsson [Mon, 15 Mar 2010 09:32:50 +0000 (10:32 +0100)]
Backport fix for inet_ntop/inet_pton link problem.

7 years agoAdd.
Simon Josefsson [Mon, 15 Mar 2010 08:32:14 +0000 (09:32 +0100)]
Add.

7 years agoSync with TP.
Simon Josefsson [Mon, 15 Mar 2010 08:29:21 +0000 (09:29 +0100)]
Sync with TP.

7 years agoUse INET_NTOP_LIB and INET_PTON_LIB.
Simon Josefsson [Tue, 3 Nov 2009 06:45:02 +0000 (07:45 +0100)]
Use INET_NTOP_LIB and INET_PTON_LIB.

7 years agoFix.
Simon Josefsson [Wed, 20 Jan 2010 15:27:53 +0000 (16:27 +0100)]
Fix.

7 years agoAdd.
Simon Josefsson [Wed, 20 Jan 2010 15:27:28 +0000 (16:27 +0100)]
Add.

7 years agoMake sure libgcrypt's dependency on libgpg-error is known.
Simon Josefsson [Thu, 5 Nov 2009 13:12:16 +0000 (14:12 +0100)]
Make sure libgcrypt's dependency on libgpg-error is known.

7 years agoFix public key identifier change.
Simon Josefsson [Wed, 20 Jan 2010 10:01:09 +0000 (11:01 +0100)]
Fix public key identifier change.

7 years agoAdd note about public key id difference.
Simon Josefsson [Wed, 20 Jan 2010 10:01:06 +0000 (11:01 +0100)]
Add note about public key id difference.

7 years agoFix warning.
Simon Josefsson [Wed, 20 Jan 2010 09:40:34 +0000 (10:40 +0100)]
Fix warning.

7 years agoFix copyright. Add.
Simon Josefsson [Wed, 20 Jan 2010 09:39:03 +0000 (10:39 +0100)]
Fix copyright.  Add.

7 years agoImprove.
Simon Josefsson [Wed, 20 Jan 2010 09:38:54 +0000 (10:38 +0100)]
Improve.

7 years agoAdd.
Simon Josefsson [Wed, 20 Jan 2010 09:34:29 +0000 (10:34 +0100)]
Add.

7 years agoFix copyright. Add two NEWS blurbs.
Simon Josefsson [Wed, 20 Jan 2010 09:32:54 +0000 (10:32 +0100)]
Fix copyright.  Add two NEWS blurbs.

7 years agoWhen checking self signature also check the signatures of all subkeys.
Nikos Mavrogiannopoulos [Tue, 12 Jan 2010 19:20:30 +0000 (20:20 +0100)]
When checking self signature also check the signatures of all subkeys.
Ilari Liusvaara noticed and reported the issue and provided test vectors as well.

certtool --pgp-certificate-info will check self signatures.

Added self tests for self-sigs.

7 years agoMerge branch 'gnutls_2_8_x' of ssh://git.sv.gnu.org/srv/git/gnutls into gnutls_2_8_x
Nikos Mavrogiannopoulos [Tue, 12 Jan 2010 18:52:39 +0000 (19:52 +0100)]
Merge branch 'gnutls_2_8_x' of ssh://git.sv.gnu.org/srv/git/gnutls into gnutls_2_8_x

7 years agoImprove example of printing cert info.
Simon Josefsson [Fri, 4 Dec 2009 12:36:58 +0000 (13:36 +0100)]
Improve example of printing cert info.

7 years agoCorrected two issues that affected certificate request generation.
Nikos Mavrogiannopoulos [Fri, 27 Nov 2009 22:41:46 +0000 (00:41 +0200)]
Corrected two issues that affected certificate request generation.
1. Null padding is added on integers (found thanks to Wilankar Trupti <trupti.wilankar@hp.com>)
2. In optional SignatureAlgorithm parameters field for DSA keys the DSA parameters were added. Those
were rejected by verisign. Gnutls no longer adds those parameters there since other implementations
don't do either and having them does not seem to offer anything (anyway you need the signer's certificate
to verify thus public key will be available).

7 years agoAdd.
Simon Josefsson [Mon, 9 Nov 2009 14:48:39 +0000 (15:48 +0100)]
Add.

7 years agoLink to libgcrypt explicitly when libgcrypt functions are used.
Simon Josefsson [Fri, 6 Nov 2009 07:32:04 +0000 (08:32 +0100)]
Link to libgcrypt explicitly when libgcrypt functions are used.

7 years agoAdd.
Simon Josefsson [Fri, 6 Nov 2009 16:23:34 +0000 (17:23 +0100)]
Add.

7 years agoFix --disable-valgrind-tests.
Simon Josefsson [Fri, 6 Nov 2009 16:21:43 +0000 (17:21 +0100)]
Fix --disable-valgrind-tests.

7 years agoCorrected bug fix author.
Nikos Mavrogiannopoulos [Thu, 5 Nov 2009 21:32:00 +0000 (23:32 +0200)]
Corrected bug fix author.

7 years agoDocumented previous fix.
Nikos Mavrogiannopoulos [Thu, 5 Nov 2009 21:14:25 +0000 (23:14 +0200)]
Documented previous fix.

7 years agoCleanups and several bug fixes found by Tomas Mraz.
Nikos Mavrogiannopoulos [Thu, 5 Nov 2009 21:09:51 +0000 (23:09 +0200)]
Cleanups and several bug fixes found by Tomas Mraz.

"I've patched the following problems in the code found by review of
gnutls-2.8.5 code done by Steve Grubb.

See the patch attached.

The gnutls_constate.c bug might be potentially serious so I've decided
to mail it to you directly, not to the public mailing list.

The auth_cert.c change is just cleanup of the code.

In gnutls_openssl.c I've just fixed the potential crasher, correct fix
would require using asprintf or precomputed length of the buffer to
allocate a memory.

The certtool.c change is again just a cleanup."

7 years agoBack port Solaris work around for __func__ bug.
Simon Josefsson [Thu, 5 Nov 2009 13:25:40 +0000 (14:25 +0100)]
Back port Solaris work around for __func__ bug.

Reported by Dagobert Michelsen <dam@opencsw.org>
in <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3947>.

7 years agoBump versions.
Simon Josefsson [Mon, 2 Nov 2009 12:08:40 +0000 (13:08 +0100)]
Bump versions.

7 years agoGenerated. gnutls_2_8_5
Simon Josefsson [Mon, 2 Nov 2009 11:18:03 +0000 (12:18 +0100)]
Generated.

7 years agoVersion 2.8.5.
Simon Josefsson [Mon, 2 Nov 2009 11:07:13 +0000 (12:07 +0100)]
Version 2.8.5.

7 years agoAdd.
Simon Josefsson [Mon, 2 Nov 2009 10:34:14 +0000 (11:34 +0100)]
Add.

7 years agoFix time bomb in chainverify self-test.
Simon Josefsson [Mon, 2 Nov 2009 10:25:27 +0000 (11:25 +0100)]
Fix time bomb in chainverify self-test.

Reported by Andreas Metzler <ametzler@downhill.at.eu.org>
in <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3925>.

7 years agoRevert "1. Fix for memory leaks on interrupted handshake."
Simon Josefsson [Mon, 2 Nov 2009 10:30:39 +0000 (11:30 +0100)]
Revert "1. Fix for memory leaks on interrupted handshake."

This reverts commit 15b31cfc7888aafb4135fb1bc92c710eeaebb4c0.
Let's not pull this into the next release, it wasn't in the
release candidate.

7 years ago1. Fix for memory leaks on interrupted handshake.
Nikos Mavrogiannopoulos [Sun, 1 Nov 2009 09:42:07 +0000 (11:42 +0200)]
1. Fix for memory leaks on interrupted handshake.
2. Fixes issue where a TLS 1.2 client will wrongly calculate hashes if the server will select a different than 1.2 protocol.
3. In TLS 1.2 when a certificate request is sent, support is not complete. In that case abort the handshake. By checking
TLS 1.2 it seems that the algorithms to be used for the signature in the certificate verify message are negotiated not at
the client/server hello messages but rather selected by the server at the certificate request. This might not look as bad, but
since in this message we have to sign all previous handshake messages, it forces us to keep all the handshake messages into a
buffer until this point... I don't know who proposed this change to the TLS WG, but it seems it wasn't really thought of.

7 years agoWhen resuming a session do not overwrite the initial session data with resumed
Nikos Mavrogiannopoulos [Wed, 28 Oct 2009 08:54:26 +0000 (10:54 +0200)]
When resuming a session do not overwrite the initial session data with resumed
session data. Discovered on discussion at help-gnutls with Sebastien Decugis.

7 years agoAdd.
Simon Josefsson [Mon, 26 Oct 2009 12:33:55 +0000 (13:33 +0100)]
Add.

7 years agoFix expired cert.
Simon Josefsson [Tue, 20 Oct 2009 09:27:13 +0000 (11:27 +0200)]
Fix expired cert.

7 years agoAdd.
Simon Josefsson [Wed, 14 Oct 2009 15:27:20 +0000 (17:27 +0200)]
Add.

7 years agoRegenerate.
Simon Josefsson [Wed, 14 Oct 2009 15:24:35 +0000 (17:24 +0200)]
Regenerate.

7 years agoWork around 'Cannot find OID: 1.2.840.113549.1.9.21' PKCS#12 problem.
Simon Josefsson [Wed, 14 Oct 2009 14:17:50 +0000 (16:17 +0200)]
Work around 'Cannot find OID: 1.2.840.113549.1.9.21' PKCS#12 problem.

Reported by Michael Welsh Duggan <mwd@cert.org> in
<http://permalink.gmane.org/gmane.network.gnutls.general/1786>.

7 years agoguile: Adjust for Guile 1.9.3+.
Ludovic Courtès [Mon, 28 Sep 2009 20:46:33 +0000 (22:46 +0200)]
guile: Adjust for Guile 1.9.3+.

* guile/src/core.c (mark_session_record_port, free_session_record_port):
  Conditionalize on `SCM_MAJOR_VERSION == 1 && SCM_MINOR_VERSION <= 8'.
  (scm_init_gnutls_session_record_port_type): Adjust accordingly.
  (make_session_record_port): Use `scm_gc_malloc_pointerless ()' when
  available.

7 years agoguile: Syntactic nitpicking.
Ludovic Courtès [Mon, 28 Sep 2009 20:40:08 +0000 (22:40 +0200)]
guile: Syntactic nitpicking.

* guile/src/core.c (SCM_GNUTLS_MAKE_SESSION_DATA,
  SCM_GNUTLS_SET_SESSION_RECORD_PORT): Remove extraneous semicolon.

7 years agoguile: Use Guile's malloc routines.
Ludovic Courtès [Mon, 28 Sep 2009 20:39:03 +0000 (22:39 +0200)]
guile: Use Guile's malloc routines.

* guile/src/core.c (scm_init_gnutls): Use Guile's malloc routines.

7 years agoFix integer/pointer cast warnings in the Guile bindings on x86_64.
Ludovic Courtès [Wed, 23 Sep 2009 09:07:13 +0000 (11:07 +0200)]
Fix integer/pointer cast warnings in the Guile bindings on x86_64.

* guile/src/core.c (do_fill_port, fill_session_record_port_input,
  scm_gnutls_set_session_transport_fd_x): Make sure pointer/integer casts
  use integers of the right size.

7 years agoUpdate Guile bindings to the current OpenPGP API.
Ludovic Courtès [Wed, 23 Sep 2009 09:04:06 +0000 (11:04 +0200)]
Update Guile bindings to the current OpenPGP API.

* guile/src/extra.c (scm_gnutls_openpgp_certificate_id,
  scm_gnutls_openpgp_certificate_id_x): Use
  the newer `gnutls_openpgp_crt_get_key_id ()'.

7 years agoTurn off auto-compilation when using Guile 1.9+.
Ludovic Courtès [Wed, 23 Sep 2009 08:44:29 +0000 (10:44 +0200)]
Turn off auto-compilation when using Guile 1.9+.

* guile/src/Makefile.am (GUILE_FOR_BUILD): Turn off auto-compilation
  with Guile 1.9+.

* guile/tests/Makefile.am (TESTS_ENVIRONMENT): Likewise.

* doc/Makefile.am (GUILE_FOR_BUILD): Likewise.

8 years agoBump versions.
Simon Josefsson [Fri, 18 Sep 2009 09:22:15 +0000 (11:22 +0200)]
Bump versions.

8 years agoGenerated. gnutls_2_8_4
Simon Josefsson [Fri, 18 Sep 2009 08:24:57 +0000 (10:24 +0200)]
Generated.

8 years agoVersion 2.8.4.
Simon Josefsson [Fri, 18 Sep 2009 08:16:06 +0000 (10:16 +0200)]
Version 2.8.4.

8 years agoEnable Camellia by default.
Simon Josefsson [Fri, 18 Sep 2009 07:40:49 +0000 (09:40 +0200)]
Enable Camellia by default.

8 years agoAdd.
Simon Josefsson [Mon, 31 Aug 2009 19:07:16 +0000 (21:07 +0200)]
Add.

8 years agoHandle XMPP SANs properly.
Simon Josefsson [Mon, 31 Aug 2009 18:59:14 +0000 (20:59 +0200)]
Handle XMPP SANs properly.
Reported by Howard Chu <hyc@symas.com> in
<https://savannah.gnu.org/support/?106975>.

8 years agoFix compiler warning bugs for OpenWatcom.
Dan Fandrich [Fri, 28 Aug 2009 00:02:17 +0000 (17:02 -0700)]
Fix compiler warning bugs for OpenWatcom.

Signed-off-by: Simon Josefsson <simon@josefsson.org>
8 years agoAdd.
Simon Josefsson [Thu, 20 Aug 2009 17:05:10 +0000 (19:05 +0200)]
Add.

8 years agoFix OpenPGP hostname comparison.
Simon Josefsson [Thu, 20 Aug 2009 10:21:09 +0000 (12:21 +0200)]
Fix OpenPGP hostname comparison.

8 years agoBump versions.
Simon Josefsson [Tue, 18 Aug 2009 21:30:05 +0000 (23:30 +0200)]
Bump versions.

8 years agoPull in SIZE_MAX fix from gnulib, to fix IRIX build.
Simon Josefsson [Mon, 17 Aug 2009 13:54:55 +0000 (15:54 +0200)]
Pull in SIZE_MAX fix from gnulib, to fix IRIX build.

Reported by "Tom G. Christensen" <tgc@jupiterrise.com>
in <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3782>.

8 years agoGenerated. gnutls_2_8_3
Simon Josefsson [Thu, 13 Aug 2009 10:15:50 +0000 (12:15 +0200)]
Generated.

8 years agoVersion 2.8.3.
Simon Josefsson [Thu, 13 Aug 2009 09:52:58 +0000 (11:52 +0200)]
Version 2.8.3.

8 years agoNeed to add LIBSOCKET because we link to ../lib's gnulib library, for mingw.
Simon Josefsson [Mon, 10 Aug 2009 13:09:04 +0000 (15:09 +0200)]
Need to add LIBSOCKET because we link to ../lib's gnulib library, for mingw.

8 years agoFix.
Simon Josefsson [Thu, 13 Aug 2009 09:25:09 +0000 (11:25 +0200)]
Fix.

8 years agoFix.
Simon Josefsson [Thu, 13 Aug 2009 09:19:25 +0000 (11:19 +0200)]
Fix.

8 years agoFix.
Simon Josefsson [Thu, 13 Aug 2009 09:18:58 +0000 (11:18 +0200)]
Fix.

8 years agoAdd.
Simon Josefsson [Thu, 13 Aug 2009 09:18:19 +0000 (11:18 +0200)]
Add.

8 years ago(gnutls_x509_crt_import): Re-initialize the ASN.1 structure.
Simon Josefsson [Thu, 13 Aug 2009 09:16:08 +0000 (11:16 +0200)]
(gnutls_x509_crt_import): Re-initialize the ASN.1 structure.

If this is not done here, the next certificate loading may fail
because asn1_der_decoding modified the ASN.1 structure.  Triggered by
the hostname-check self-test.

8 years agoAdd.
Simon Josefsson [Wed, 12 Aug 2009 07:23:30 +0000 (09:23 +0200)]
Add.

8 years agoAdd -I to get to ../lib's gnulib.
Simon Josefsson [Wed, 12 Aug 2009 07:17:51 +0000 (09:17 +0200)]
Add -I to get to ../lib's gnulib.

8 years agoAdd.
Simon Josefsson [Wed, 12 Aug 2009 07:00:10 +0000 (09:00 +0200)]
Add.

8 years agoDoc fix.
Simon Josefsson [Tue, 11 Aug 2009 01:06:59 +0000 (03:06 +0200)]
Doc fix.

8 years agoFix typos in documentation.
Simon Josefsson [Tue, 11 Aug 2009 01:01:02 +0000 (03:01 +0200)]
Fix typos in documentation.
Reported by Daiki Ueno <ueno> in
<https://savannah.gnu.org/support/?106969>.

8 years agoreduced transferred data size.
Nikos Mavrogiannopoulos [Wed, 15 Jul 2009 19:00:43 +0000 (22:00 +0300)]
reduced transferred data size.

8 years agoAdd.
Simon Josefsson [Mon, 10 Aug 2009 13:52:48 +0000 (15:52 +0200)]
Add.

8 years agoRevert "do not allow null character in DN."
Simon Josefsson [Mon, 10 Aug 2009 13:49:06 +0000 (15:49 +0200)]
Revert "do not allow null character in DN."

This reverts commit 21bc1439e5ce485dfc34ae7da425a7d4126888af.

8 years agoBump versions.
Simon Josefsson [Mon, 10 Aug 2009 13:03:27 +0000 (15:03 +0200)]
Bump versions.

8 years agoGenerated. gnutls_2_8_2
Simon Josefsson [Mon, 10 Aug 2009 12:44:38 +0000 (14:44 +0200)]
Generated.

8 years agoVersion 2.8.2.
Simon Josefsson [Mon, 10 Aug 2009 12:33:19 +0000 (14:33 +0200)]
Version 2.8.2.

8 years agoAdd.
Simon Josefsson [Mon, 10 Aug 2009 12:18:14 +0000 (14:18 +0200)]
Add.

8 years agoLook only for latest _required_ libgcrypt/libtasn1 version.
Simon Josefsson [Mon, 10 Aug 2009 12:15:29 +0000 (14:15 +0200)]
Look only for latest _required_ libgcrypt/libtasn1 version.

Reported by Marco d'Itri <md@linux.it> via Andreas Metzler
<ametzler@downhill.at.eu.org> as Debian BTS #540449.

8 years agoAdd.
Simon Josefsson [Mon, 10 Aug 2009 11:32:10 +0000 (13:32 +0200)]
Add.

8 years agoThere are cases where those buffers might overlap
Nikos Mavrogiannopoulos [Wed, 1 Jul 2009 19:23:33 +0000 (22:23 +0300)]
There are cases where those buffers might overlap

8 years agoAdd.
Simon Josefsson [Thu, 6 Aug 2009 23:22:34 +0000 (01:22 +0200)]
Add.

8 years agoFix expected output, a cert have expired.
Simon Josefsson [Mon, 3 Aug 2009 21:40:23 +0000 (23:40 +0200)]
Fix expected output, a cert have expired.

8 years agoMake it build.
Simon Josefsson [Mon, 3 Aug 2009 21:11:39 +0000 (23:11 +0200)]
Make it build.

8 years agoCheck for NUL in SANs and replace accordingly.
Simon Josefsson [Thu, 6 Aug 2009 22:39:13 +0000 (00:39 +0200)]
Check for NUL in SANs and replace accordingly.

8 years agoRefuse to return DNs with embedded NULs which breaks other code.
Simon Josefsson [Thu, 6 Aug 2009 22:24:44 +0000 (00:24 +0200)]
Refuse to return DNs with embedded NULs which breaks other code.

Problem published by Dan Kaminsky and Moxie Marlinspike at BlackHat09.

8 years ago(_gnutls_x509_oid_data2string): Return proper @res_size for NULL res.
Simon Josefsson [Wed, 3 Jun 2009 04:36:41 +0000 (06:36 +0200)]
(_gnutls_x509_oid_data2string): Return proper @res_size for NULL res.

8 years agoCleanup code.
Simon Josefsson [Tue, 4 Aug 2009 11:18:18 +0000 (13:18 +0200)]
Cleanup code.