gnutls:gnutls.git
2 years agolist gnutls_pubkey_get_verify_algorithm as deprected gnutls_3_3_x
Nikos Mavrogiannopoulos [Fri, 27 Feb 2015 15:28:58 +0000 (16:28 +0100)]
list gnutls_pubkey_get_verify_algorithm as deprected

2 years agocorrected typo in gnutls_handshake(), spotted by Andris Mednis
Nikos Mavrogiannopoulos [Thu, 26 Feb 2015 12:03:35 +0000 (13:03 +0100)]
corrected typo in gnutls_handshake(), spotted by Andris Mednis

2 years agoreleased 3.3.13 gnutls_3_3_13
Nikos Mavrogiannopoulos [Wed, 25 Feb 2015 21:33:32 +0000 (22:33 +0100)]
released 3.3.13

2 years agotests: added checks for invalid X.509 certificate signatures
Nikos Mavrogiannopoulos [Fri, 20 Feb 2015 21:24:23 +0000 (22:24 +0100)]
tests: added checks for invalid X.509 certificate signatures

2 years agodoc update: document that session_get_data() must be used in non-resumed sessions
Nikos Mavrogiannopoulos [Tue, 24 Feb 2015 09:28:26 +0000 (10:28 +0100)]
doc update: document that session_get_data() must be used in non-resumed sessions

2 years agotests: testcompat: disable tests with NULL ciphersuites; debian doesn't support them
Nikos Mavrogiannopoulos [Sat, 21 Feb 2015 11:09:48 +0000 (12:09 +0100)]
tests: testcompat: disable tests with NULL ciphersuites; debian doesn't support them

2 years agodoc update
Nikos Mavrogiannopoulos [Sat, 21 Feb 2015 11:06:30 +0000 (12:06 +0100)]
doc update

2 years agofixed handling of GNUTLS_E_INT_CHECK_AGAIN
Nikos Mavrogiannopoulos [Sat, 21 Feb 2015 11:01:34 +0000 (12:01 +0100)]
fixed handling of GNUTLS_E_INT_CHECK_AGAIN

2 years agotests: require DTLS 1.2 when using GCM
Nikos Mavrogiannopoulos [Sat, 21 Feb 2015 10:54:26 +0000 (11:54 +0100)]
tests: require DTLS 1.2 when using GCM

2 years agocorrected check which prevented client to sent an unacceptable for the version cipher...
Nikos Mavrogiannopoulos [Sat, 21 Feb 2015 10:46:13 +0000 (11:46 +0100)]
corrected check which prevented client to sent an unacceptable for the version ciphersuite

2 years agofixed sequence number copy
Nikos Mavrogiannopoulos [Fri, 20 Feb 2015 10:13:55 +0000 (11:13 +0100)]
fixed sequence number copy

2 years agodoc update
Nikos Mavrogiannopoulos [Tue, 17 Feb 2015 18:40:38 +0000 (19:40 +0100)]
doc update

2 years agowhen importing a certificate ensure that the signature parameters match
Nikos Mavrogiannopoulos [Tue, 17 Feb 2015 13:20:10 +0000 (14:20 +0100)]
when importing a certificate ensure that the signature parameters match

2 years agodoc update
Nikos Mavrogiannopoulos [Sat, 14 Feb 2015 17:04:27 +0000 (18:04 +0100)]
doc update

2 years agoAllow AESNI GCM accelaration in x86
Nikos Mavrogiannopoulos [Sat, 14 Feb 2015 17:02:01 +0000 (18:02 +0100)]
Allow AESNI GCM accelaration in x86

2 years agohandle differently OCSP responses that are revoked and of unknown status
Nikos Mavrogiannopoulos [Wed, 4 Feb 2015 09:14:55 +0000 (10:14 +0100)]
handle differently OCSP responses that are revoked and of unknown status

2 years agocompilation fix with return on void function; reported by David Marx
Nikos Mavrogiannopoulos [Sun, 1 Feb 2015 12:35:40 +0000 (13:35 +0100)]
compilation fix with return on void function; reported by David Marx

2 years agodoc update
Nikos Mavrogiannopoulos [Thu, 29 Jan 2015 13:31:08 +0000 (14:31 +0100)]
doc update

2 years agoset the appropriate direction when _gnutls_io_write_flush() is called
Nikos Mavrogiannopoulos [Thu, 29 Jan 2015 13:21:18 +0000 (14:21 +0100)]
set the appropriate direction when _gnutls_io_write_flush() is called

2 years agodocumented using a session with fork or multiple threads
Nikos Mavrogiannopoulos [Wed, 28 Jan 2015 08:56:21 +0000 (09:56 +0100)]
documented using a session with fork or multiple threads

2 years agoprint errno in a more uniform way
Nikos Mavrogiannopoulos [Sun, 25 Jan 2015 09:17:06 +0000 (10:17 +0100)]
print errno in a more uniform way

2 years agoon certificate import check whether the two signature algorithms match
Nikos Mavrogiannopoulos [Mon, 19 Jan 2015 08:29:31 +0000 (09:29 +0100)]
on certificate import check whether the two signature algorithms match

2 years agosimplified _gnutls_writev() by requiring the total length
Nikos Mavrogiannopoulos [Sun, 25 Jan 2015 07:15:01 +0000 (08:15 +0100)]
simplified _gnutls_writev() by requiring the total length

2 years agodon't be so verbose about the OCSP nonce; it is universally unsupported
Nikos Mavrogiannopoulos [Mon, 19 Jan 2015 14:32:09 +0000 (15:32 +0100)]
don't be so verbose about the OCSP nonce; it is universally unsupported

2 years agoOCSP check the whole cert chain
Tim Ruehsen [Sat, 17 Jan 2015 13:32:35 +0000 (14:32 +0100)]
OCSP check the whole cert chain

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2 years agoreleased 3.3.12 gnutls_3_3_12
Nikos Mavrogiannopoulos [Sat, 17 Jan 2015 08:09:22 +0000 (09:09 +0100)]
released 3.3.12

2 years agodoc update
Nikos Mavrogiannopoulos [Fri, 16 Jan 2015 19:54:51 +0000 (20:54 +0100)]
doc update

2 years agobumped versions
Nikos Mavrogiannopoulos [Fri, 16 Jan 2015 19:21:05 +0000 (20:21 +0100)]
bumped versions

2 years agodoc update
Nikos Mavrogiannopoulos [Fri, 16 Jan 2015 19:14:42 +0000 (20:14 +0100)]
doc update

2 years agocorrected typos
Nikos Mavrogiannopoulos [Fri, 16 Jan 2015 14:54:53 +0000 (15:54 +0100)]
corrected typos

Reported by Guido Kroon.

2 years agoAdded the notion of obsolete versions
Nikos Mavrogiannopoulos [Fri, 16 Jan 2015 13:16:58 +0000 (14:16 +0100)]
Added the notion of obsolete versions

That prevents using these versions as record version numbers, unless
they are the only protocol supported. This avoids the issues with
servers that have banned SSL 3.0 record versions.

2 years agoocsptool: follow the documented process for gnutls_x509_crt_get_authority_info_access
Nikos Mavrogiannopoulos [Fri, 16 Jan 2015 09:16:47 +0000 (10:16 +0100)]
ocsptool: follow the documented process for gnutls_x509_crt_get_authority_info_access

2 years agognutls_x509_crt_get_authority_info_access: doc update
Nikos Mavrogiannopoulos [Fri, 16 Jan 2015 09:15:08 +0000 (10:15 +0100)]
gnutls_x509_crt_get_authority_info_access: doc update

2 years agoocsptool-common: iterate through all AIA items prior to decidig the OCSP server
Nikos Mavrogiannopoulos [Thu, 15 Jan 2015 14:49:53 +0000 (15:49 +0100)]
ocsptool-common: iterate through all AIA items prior to decidig the OCSP server

2 years agosimplified text for inline-commands-prefix
Nikos Mavrogiannopoulos [Tue, 13 Jan 2015 21:47:59 +0000 (22:47 +0100)]
simplified text for inline-commands-prefix

2 years agodoc update: added urls of savannah reports
Nikos Mavrogiannopoulos [Mon, 12 Jan 2015 22:53:10 +0000 (23:53 +0100)]
doc update: added urls of savannah reports

2 years agodoc update
Nikos Mavrogiannopoulos [Mon, 12 Jan 2015 22:17:38 +0000 (23:17 +0100)]
doc update

2 years agognutls-cli: added --starttls-proto option
Nikos Mavrogiannopoulos [Mon, 12 Jan 2015 22:14:35 +0000 (23:14 +0100)]
gnutls-cli: added --starttls-proto option

2 years agopkcs11: cleanup the name of types
Nikos Mavrogiannopoulos [Mon, 12 Jan 2015 16:28:50 +0000 (17:28 +0100)]
pkcs11: cleanup the name of types

Conflicts:
lib/pkcs11.c

2 years agopkcs11: when importing a public key, import it's data as well (version 2 fix)
Nikos Mavrogiannopoulos [Mon, 12 Jan 2015 16:12:56 +0000 (17:12 +0100)]
pkcs11: when importing a public key, import it's data as well (version 2 fix)

2 years agodoc update
Nikos Mavrogiannopoulos [Mon, 12 Jan 2015 16:02:03 +0000 (17:02 +0100)]
doc update

2 years agopkcs11: when importing a public key, import it's data as well
Nikos Mavrogiannopoulos [Sun, 11 Jan 2015 21:15:10 +0000 (22:15 +0100)]
pkcs11: when importing a public key, import it's data as well

2 years agodoc update
Nikos Mavrogiannopoulos [Sun, 11 Jan 2015 15:16:49 +0000 (16:16 +0100)]
doc update

2 years agodoc update
Nikos Mavrogiannopoulos [Sat, 10 Jan 2015 17:33:56 +0000 (18:33 +0100)]
doc update

2 years agoWhen setting up TLS with cert-type OpenPGP from a client,
Nikos Mavrogiannopoulos [Sat, 10 Jan 2015 11:12:25 +0000 (12:12 +0100)]
When setting up TLS with cert-type OpenPGP from a client,
the server verifies if it supports the extension’s contents
in _gnutls_session_cert_type_supported().  This function
checks for cred->get_cert_callback but not cred->get_cert_callback2.
As a result, servers setup for OpenPGP certificate credential
callback with gnutls_certificate_set_retrieve_function2() are
unable to use the OpenPGP certificate type.

The solution is to consider cred->get_cert_callback2 alongside
cred->get_cert_callback in _gnutls_session_cert_type_supported().

Patch by Rick van Rein.

2 years agognutls_privkey_import_openpgp_raw: do not release the cached value
Nikos Mavrogiannopoulos [Sat, 10 Jan 2015 10:56:48 +0000 (11:56 +0100)]
gnutls_privkey_import_openpgp_raw: do not release the cached value

2 years agodoc update
Nikos Mavrogiannopoulos [Thu, 8 Jan 2015 09:48:56 +0000 (10:48 +0100)]
doc update

2 years agoWhen receiving a TLS record with multiple handshake packets, parse them in one go
Nikos Mavrogiannopoulos [Thu, 8 Jan 2015 08:35:59 +0000 (09:35 +0100)]
When receiving a TLS record with multiple handshake packets, parse them in one go

That resolves:
https://savannah.gnu.org/support/?108712

2 years agoguile: Call 'load-extension' both during expansion and at run time.
Ludovic Courtès [Thu, 8 Jan 2015 09:18:07 +0000 (10:18 +0100)]
guile: Call 'load-extension' both during expansion and at run time.

Fixes <https://bugzilla.redhat.com/show_bug.cgi?id=1177847>.

* guile/modules/gnutls.in: Wrap '%libdir' definition and
  'load-extension' call in 'eval-when'.
* NEWS: Update.

2 years agodoc update
Nikos Mavrogiannopoulos [Tue, 6 Jan 2015 20:38:21 +0000 (21:38 +0100)]
doc update

2 years agoin DTLS don't combine multiple packets which exceed MTU
Nikos Mavrogiannopoulos [Tue, 6 Jan 2015 09:17:14 +0000 (10:17 +0100)]
in DTLS don't combine multiple packets which exceed MTU

Resolves: https://savannah.gnu.org/support/?108715

2 years agoAdded more precise check of push functions availability
Nikos Mavrogiannopoulos [Tue, 6 Jan 2015 09:01:47 +0000 (10:01 +0100)]
Added more precise check of push functions availability

2 years agodanetool: only compile when dane is enabled
Nikos Mavrogiannopoulos [Tue, 6 Jan 2015 12:39:19 +0000 (13:39 +0100)]
danetool: only compile when dane is enabled

2 years agoAllow a random generator with the same priority to re-register
Nikos Mavrogiannopoulos [Thu, 11 Dec 2014 09:15:54 +0000 (10:15 +0100)]
Allow a random generator with the same priority to re-register

That corrects an issue where the library is deinitialized, and
reinitialization wouldn't register the same rnd module.
Reported by Stanislav Zidek.

2 years agocerttool: modified check for READ_NUMERIC
Nikos Mavrogiannopoulos [Sun, 4 Jan 2015 22:19:33 +0000 (23:19 +0100)]
certtool: modified check for READ_NUMERIC

2 years agocerttool: use 64-bit type for CRL serial number
Nikos Mavrogiannopoulos [Sun, 4 Jan 2015 21:46:16 +0000 (22:46 +0100)]
certtool: use 64-bit type for CRL serial number

2 years agocerttool: check for overflows when reading serial numbers
Nikos Mavrogiannopoulos [Sun, 4 Jan 2015 21:43:00 +0000 (22:43 +0100)]
certtool: check for overflows when reading serial numbers

2 years agocerttool: use int64_t as type for integers read
Nikos Mavrogiannopoulos [Sun, 4 Jan 2015 19:44:21 +0000 (20:44 +0100)]
certtool: use int64_t as type for integers read

2 years agognutls-cli-debug: more precise handling of SMTP protocol
Nikos Mavrogiannopoulos [Sun, 4 Jan 2015 19:30:39 +0000 (20:30 +0100)]
gnutls-cli-debug: more precise handling of SMTP protocol

Patch by Andreas Metzler.

2 years agodoc update
Nikos Mavrogiannopoulos [Sun, 4 Jan 2015 13:18:12 +0000 (14:18 +0100)]
doc update

2 years agoupdated gnulib
Nikos Mavrogiannopoulos [Sun, 4 Jan 2015 10:09:52 +0000 (11:09 +0100)]
updated gnulib

2 years agognutls-cli-debug: corrected the skip of ignored checks
Nikos Mavrogiannopoulos [Fri, 2 Jan 2015 10:49:55 +0000 (12:49 +0200)]
gnutls-cli-debug: corrected the skip of ignored checks

2 years agodoc update
Nikos Mavrogiannopoulos [Wed, 31 Dec 2014 14:52:06 +0000 (16:52 +0200)]
doc update

2 years agodoc update
Nikos Mavrogiannopoulos [Wed, 31 Dec 2014 08:01:12 +0000 (10:01 +0200)]
doc update

2 years agocerttool: --pubkey-info will load a public key from stdin
Nikos Mavrogiannopoulos [Wed, 31 Dec 2014 08:00:11 +0000 (10:00 +0200)]
certtool: --pubkey-info will load a public key from stdin

2 years agoinclude netinet/in.h if present to access ipv6 related structures
Nikos Mavrogiannopoulos [Wed, 31 Dec 2014 07:40:03 +0000 (09:40 +0200)]
include netinet/in.h if present to access ipv6 related structures

Based on patch by Rumko.
https://savannah.gnu.org/support/?108713

2 years agoDon't call _gnutls_cipher_encrypt2 with textlen = 0 in _gnutls_auth_cipher_encrypt2_tag
Matthias-Christian Ott [Tue, 30 Dec 2014 09:58:43 +0000 (11:58 +0200)]
Don't call _gnutls_cipher_encrypt2 with textlen = 0 in _gnutls_auth_cipher_encrypt2_tag

If the plaintext is shorter than the block size of the used cipher,
_gnutls_auth_cipher_encrypt2_tag calls _gnutls_cipher_encrypt2 with
textlen = 0. By definition _gnutls_cipher_encrypt2 does nothing in this
case and thus does not need to be called.

2 years agoHandle zero length plaintext for VIA PadLock functions
Matthias-Christian Ott [Tue, 30 Dec 2014 09:57:36 +0000 (11:57 +0200)]
Handle zero length plaintext for VIA PadLock functions

If the plaintext is shorter than the block size of the used cipher,
_gnutls_auth_cipher_encrypt2_tag calls _gnutls_cipher_encrypt2 with
textlen = 0. padlock_ecb_encrypt and padlock_cbc_encrypt assume that the
plaintext length (last parameter) is greater than zero and segfault
otherwise. The assembler code for both functions is automatically
generated and imported from OpenSSL, so to ease maintenance the length
should be validated in the functions that call padlock_ecb_encrypt or
padlock_cbc_encrypt.

2 years agotests: enhanced openpgp-keyring test
Nikos Mavrogiannopoulos [Sun, 28 Dec 2014 09:14:47 +0000 (11:14 +0200)]
tests: enhanced openpgp-keyring test

2 years agoopenpgp: properly print names in oneline output as well
Nikos Mavrogiannopoulos [Sun, 28 Dec 2014 09:13:10 +0000 (11:13 +0200)]
openpgp: properly print names in oneline output as well

2 years agoupdates in openpgp DSA key printing
Nikos Mavrogiannopoulos [Sun, 28 Dec 2014 09:11:18 +0000 (11:11 +0200)]
updates in openpgp DSA key printing

2 years agoproperly print openpgp names
Nikos Mavrogiannopoulos [Sun, 28 Dec 2014 08:59:23 +0000 (10:59 +0200)]
properly print openpgp names

2 years agotools: use OCSP functions only when OCSP is enabled
Nikos Mavrogiannopoulos [Wed, 24 Dec 2014 22:16:49 +0000 (00:16 +0200)]
tools: use OCSP functions only when OCSP is enabled

2 years agoCorrected encoding and decoding of ANSI X9.62
Nikos Mavrogiannopoulos [Wed, 24 Dec 2014 17:08:54 +0000 (19:08 +0200)]
Corrected encoding and decoding of ANSI X9.62

That affects gnutls_pubkey_export_ecc_x962() and
gnutls_pubkey_import_ecc_x962().

2 years agotools: document the available curves
Nikos Mavrogiannopoulos [Wed, 24 Dec 2014 16:34:04 +0000 (18:34 +0200)]
tools: document the available curves

2 years agodoc update
Nikos Mavrogiannopoulos [Tue, 23 Dec 2014 11:18:28 +0000 (13:18 +0200)]
doc update

2 years agoUse hints to support incomplete PKCS#11 URIs
Nikos Mavrogiannopoulos [Tue, 23 Dec 2014 10:24:35 +0000 (12:24 +0200)]
Use hints to support incomplete PKCS#11 URIs

2 years agocompletely separated the two gnulibs to avoid conflicts
Nikos Mavrogiannopoulos [Tue, 23 Dec 2014 10:52:23 +0000 (12:52 +0200)]
completely separated the two gnulibs to avoid conflicts

2 years agoupdated gnulib
Nikos Mavrogiannopoulos [Tue, 23 Dec 2014 10:33:53 +0000 (12:33 +0200)]
updated gnulib

2 years agodoc update
Nikos Mavrogiannopoulos [Mon, 22 Dec 2014 09:08:38 +0000 (11:08 +0200)]
doc update

2 years agowhen importing object CAs from PKCS#11 URL, import the marked as trusted only
Nikos Mavrogiannopoulos [Mon, 22 Dec 2014 09:06:44 +0000 (11:06 +0200)]
when importing object CAs from PKCS#11 URL, import the marked as trusted only

2 years agopkcs11: when matching objects, also match the label
Nikos Mavrogiannopoulos [Mon, 22 Dec 2014 09:06:06 +0000 (11:06 +0200)]
pkcs11: when matching objects, also match the label

2 years agoadded missing variable
Nikos Mavrogiannopoulos [Sun, 21 Dec 2014 18:42:00 +0000 (20:42 +0200)]
added missing variable

2 years agoAdded p11-kit cflags in x509/
Nikos Mavrogiannopoulos [Sun, 21 Dec 2014 18:37:11 +0000 (20:37 +0200)]
Added p11-kit cflags in x509/

2 years agoAdded softhsm.h to share code in softhsm detection
Nikos Mavrogiannopoulos [Sun, 21 Dec 2014 11:16:17 +0000 (13:16 +0200)]
Added softhsm.h to share code in softhsm detection

Conflicts:
tests/suite/pkcs11-chainverify.c
tests/suite/pkcs11-privkey.c

2 years agoDirectly import PKCS #11 object URLs as trusted certificates
Nikos Mavrogiannopoulos [Sun, 21 Dec 2014 11:00:53 +0000 (13:00 +0200)]
Directly import PKCS #11 object URLs as trusted certificates

That is, don't treat them as trusted modules, because they aren't
a token URL, but rather a direct reference to specific objects.

2 years agocorrected documentation for the cork/uncork functions
Nikos Mavrogiannopoulos [Fri, 19 Dec 2014 08:40:58 +0000 (10:40 +0200)]
corrected documentation for the cork/uncork functions

Reported by Jaak Ristioja.

2 years agodoc update
Nikos Mavrogiannopoulos [Fri, 19 Dec 2014 08:35:10 +0000 (10:35 +0200)]
doc update

2 years agodoc update
Nikos Mavrogiannopoulos [Fri, 19 Dec 2014 08:30:54 +0000 (10:30 +0200)]
doc update

2 years agoAdded more precise version check in _gnutls_version_lowest
Nikos Mavrogiannopoulos [Fri, 19 Dec 2014 08:25:40 +0000 (10:25 +0200)]
Added more precise version check in _gnutls_version_lowest

2 years agoThe record version in the client Hello will be set to the lowest supported protocol
Nikos Mavrogiannopoulos [Fri, 21 Nov 2014 15:10:33 +0000 (16:10 +0100)]
The record version in the client Hello will be set to the lowest supported protocol

There should have been no harm in keeping it SSL 3.0 but
unfortunately in draft-thomson-sslv3-diediedie-00
it has been marked as MUST NOT do that. That will be fixed in a later
revision but since then there are servers not accepting SSL 3.0
as a valid record version (note that this is about the record
version, which describes the format of the packet, nothing to
do with the negotiated version).

2 years agocorrected documentation of gnutls_cork()
Nikos Mavrogiannopoulos [Fri, 19 Dec 2014 06:56:44 +0000 (08:56 +0200)]
corrected documentation of gnutls_cork()

2 years agoRevert "guile: Remove RSA parameters and related procedures."
Ludovic Courtès [Fri, 12 Dec 2014 20:53:23 +0000 (21:53 +0100)]
Revert "guile: Remove RSA parameters and related procedures."

This reverts commit 9f5788469f6f3f3fdd4cf064621a903607f10f2f;
this will be done in the 3.4 branch, as for the C library.
Update NEWS accordingly.

2 years agoUpdate 'NEWS'.
Ludovic Courtès [Fri, 12 Dec 2014 12:52:52 +0000 (13:52 +0100)]
Update 'NEWS'.

2 years agoguile: Open binary file in binary mode, for the sake of MinGW.
Ludovic Courtès [Thu, 11 Dec 2014 18:06:18 +0000 (19:06 +0100)]
guile: Open binary file in binary mode, for the sake of MinGW.

Reported by Eli Zaretskii <eliz@gnu.org>.

* guile/tests/openpgp-keyring.scm: Use 'open-file' with "rb" instead of
  'open-input-file'.

2 years agoguile: Link with '-no-undefined'.
Ludovic Courtès [Thu, 11 Dec 2014 18:04:17 +0000 (19:04 +0100)]
guile: Link with '-no-undefined'.

Fixes builds on MinGW.
Reported by Eli Zaretskii <eliz@gnu.org>.

* guile/src/Makefile.am (guile_gnutls_v_2_la_LDFLAGS): Add
  -no-undefined.

2 years agoguile: Build with warnings.
Ludovic Courtès [Thu, 4 Dec 2014 21:15:57 +0000 (22:15 +0100)]
guile: Build with warnings.

* guile/src/Makefile.am (AM_CFLAGS) [HAVE_GCC]: Add -Wall -Wextra
  -Wno-unused-parameter.

2 years agoguile: Remove the deprecated priority API.
Ludovic Courtès [Thu, 4 Dec 2014 21:14:57 +0000 (22:14 +0100)]
guile: Remove the deprecated priority API.

* guile/modules/gnutls/build/priorities.scm: Remove.
* guile/src/make-session-priorities.scm: Remove.
* guile/modules/Makefile.am (EXTRA_DIST): Adjust accordingly.
* guile/src/Makefile.am (EXTRA_DIST): Likewise.
  (GENERATED_BINDINGS): Remove 'priorities.i.c'.
  (priorities.i.c): Remove target.
* guile/src/core.c: Don't include it.
  (scm_gnutls_set_default_priority_x): Remove.
* guile/modules/gnutls.in (gnutls): Adjust export list.
* guile/tests/session-record-port.scm: Use 'set-session-priorities!'.
* guile/tests/x509-auth.scm: Likewise.

2 years agoguile: Remove RSA parameters and related procedures.
Ludovic Courtès [Thu, 4 Dec 2014 21:15:16 +0000 (22:15 +0100)]
guile: Remove RSA parameters and related procedures.

* guile/modules/gnutls/build/smobs.scm (%rsa-parameters-smob): Remove.
  (%gnutls-smobs): Remove it.
* guile/src/core.c (scm_gnutls_make_rsa_parameters,
  scm_gnutls_pkcs1_import_rsa_parameters,
  scm_gnutls_pkcs1_export_rsa_parameters,
  scm_gnutls_set_certificate_credentials_rsa_export_params_x): Remove.
* guile/modules/gnutls.in: Adjust export list.
* guile/tests/openpgp-auth.scm (import-rsa-params): Remove.
  Remove references to it and to
  'set-certificate-credentials-rsa-export-parameters!'.
* guile/tests/x509-auth.scm: Likewise.
* doc/gnutls-guile.texi (Representation of Binary Data): Remove
  references to RSA parameters.  Adjust example accordingly.
  (OpenPGP Authentication Guile Example): Likewise.

2 years agognutls_rnd: doc update
Nikos Mavrogiannopoulos [Fri, 12 Dec 2014 08:35:29 +0000 (09:35 +0100)]
gnutls_rnd: doc update