diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-04-04 08:38:23 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-04-04 08:38:23 +0000 |
commit | 8fbe8bf3c948246964d1993cef851b3aea6e9ce1 (patch) | |
tree | c75b0f7ddc234790aa87ba040ffc2787f4cc965e | |
parent | d22847d7d50ff10d490616061f1b61ff09336ac1 (diff) | |
download | gnutls-8fbe8bf3c948246964d1993cef851b3aea6e9ce1.tar.gz |
Replaced mktime() with mktime_utc(). This corrects a bug with
the localtime returned by mktime().
-rw-r--r-- | ChangeLog | 826 | ||||
-rw-r--r-- | configure.in | 1 | ||||
-rw-r--r-- | lib/defines.h | 15 | ||||
-rw-r--r-- | lib/x509_verify.c | 258 |
4 files changed, 634 insertions, 466 deletions
@@ -1,9 +1,41 @@ +2002-04-03 14:54 nmav <nmav@gnutls.org> + + * lib/auth_cert.c: + + In gnutls_find_acceptable_client_cert() corrected bug in callback + parameters, and used alloca for issuers_dn allocation. + +2002-04-03 12:59 nmav <nmav@gnutls.org> + + * lib/: defines.h, gnutls_mem.h, gnutls_x509.c: + + removed unneeded memsets + +2002-04-03 12:58 nmav <nmav@gnutls.org> + + * src/: serv-gaa.c, serv.c, serv.gaa: + + added --quit parameter + +2002-04-02 13:17 nmav <nmav@gnutls.org> + + * configure.in, lib/auth_cert.c, lib/defines.h, + lib/gnutls_algorithms.c, lib/gnutls_buffers.c, + lib/gnutls_handshake.c, lib/gnutls_mem.h, lib/x509_asn1.c, + lib/x509_der.c, src/serv-gaa.c, src/serv-gaa.h, src/serv.c, + src/serv.gaa: + + preliminary support for alloca() + 2002-03-31 06:04 nmav <nmav@gnutls.org> - * lib/: auth_cert.c, gnutls_errors.c, gnutls_errors.h, - gnutls_gcry.c, gnutls_global.c, gnutls_pk.c, gnutls_privkey.c, - gnutls_x509.c, x509_asn1.h, x509_extensions.c, x509_sig_check.c, - x509_verify.c: + * lib/: auth_cert.c (tags: gnutls_0_4_0), gnutls_errors.c (tags: + gnutls_0_4_0), gnutls_errors.h (tags: gnutls_0_4_0), gnutls_gcry.c + (tags: gnutls_0_4_0), gnutls_global.c (tags: gnutls_0_4_0), + gnutls_pk.c, gnutls_privkey.c (tags: gnutls_0_4_0), gnutls_x509.c + (tags: gnutls_0_4_0), x509_asn1.h (tags: gnutls_0_4_0), + x509_extensions.c (tags: gnutls_0_4_0), x509_sig_check.c (tags: + gnutls_0_4_0), x509_verify.c (tags: gnutls_0_4_0): Error codes of ASN.1 parser are now independent, with a map to gnutls' error codes. @@ -16,15 +48,17 @@ 2002-03-30 10:00 nmav <nmav@gnutls.org> - * lib/gnutls_openpgp.c: + * lib/gnutls_openpgp.c (tags: gnutls_0_4_0): Added the text for gnutls_openpgp_extract_key_pk_algorithm. 2002-03-30 09:52 nmav <nmav@gnutls.org> - * ChangeLog, doc/tex/ex1.tex, doc/tex/ex2.tex, doc/tex/ex3.tex, - doc/tex/serv1.tex, lib/gnutls.h.in.in, lib/gnutls_x509.c, - src/cli.c, src/serv.c: + * ChangeLog, doc/tex/ex1.tex (tags: gnutls_0_4_0), doc/tex/ex2.tex + (tags: gnutls_0_4_0), doc/tex/ex3.tex (tags: gnutls_0_4_0), + doc/tex/serv1.tex (tags: gnutls_0_4_0), lib/gnutls.h.in.in (tags: + gnutls_0_4_0), lib/gnutls_x509.c, src/cli.c (tags: gnutls_0_4_0), + src/serv.c (tags: gnutls_0_4_0): Removed the CRL list parameter from gnutls_certificate_set_x509_trust_*. @@ -38,49 +72,59 @@ 2002-03-29 18:35 nmav <nmav@gnutls.org> - * lib/: auth_cert.c, crypt_srpsha1.c, gnutls_x509.c: + * lib/: auth_cert.c, crypt_srpsha1.c (tags: gnutls_0_4_0), + gnutls_x509.c: Added ability to read DSA DER formatted keys, and corrected bugs in DER certificate reading. 2002-03-29 12:12 nmav <nmav@gnutls.org> - * lib/: gnutls_algorithms.c, gnutls_cipher.c, gnutls_cipher_int.c, - gnutls_cipher_int.h, gnutls_compress.c, gnutls_compress_int.c, - gnutls_compress_int.h, gnutls_constate.c, gnutls_handshake.c, - gnutls_hash_int.c, gnutls_hash_int.h, gnutls_int.h, gnutls_kx.c, - gnutls_sig.c, gnutls_srp.c, gnutls_state.c, gnutls_ui.c, - x509_sig_check.c: + * lib/: gnutls_algorithms.c (tags: gnutls_0_4_0), gnutls_cipher.c, + gnutls_cipher_int.c (tags: gnutls_0_4_0), gnutls_cipher_int.h + (tags: gnutls_0_4_0), gnutls_compress.c (tags: gnutls_0_4_0), + gnutls_compress_int.c (tags: gnutls_0_4_0), gnutls_compress_int.h + (tags: gnutls_0_4_0), gnutls_constate.c (tags: gnutls_0_4_0), + gnutls_handshake.c (tags: gnutls_0_4_0), gnutls_hash_int.c (tags: + gnutls_0_4_0), gnutls_hash_int.h (tags: gnutls_0_4_0), gnutls_int.h + (tags: gnutls_0_4_0), gnutls_kx.c (tags: gnutls_0_4_0), + gnutls_sig.c (tags: gnutls_0_4_0), gnutls_srp.c (tags: + gnutls_0_4_0), gnutls_state.c (tags: gnutls_0_4_0), gnutls_ui.c + (tags: gnutls_0_4_0), x509_sig_check.c: Prefixed with underscore several internal functions. 2002-03-29 11:38 nmav <nmav@gnutls.org> - * lib/: auth_cert.c, auth_dhe.c, auth_rsa.c, gnutls_algorithms.c, - gnutls_algorithms.h, gnutls_cert.c, gnutls_cert.h, gnutls_global.c, - gnutls_x509.c: + * lib/: auth_cert.c, auth_dhe.c (tags: gnutls_0_4_0), auth_rsa.c, + gnutls_algorithms.c, gnutls_algorithms.h (tags: gnutls_0_4_0), + gnutls_cert.c (tags: gnutls_0_4_0), gnutls_cert.h (tags: + gnutls_0_4_0), gnutls_global.c, gnutls_x509.c: removed unneeded functions 2002-03-29 11:38 nmav <nmav@gnutls.org> - * src/: cli-gaa.c, cli-gaa.h, cli.c, cli.gaa: + * src/: cli-gaa.c (tags: gnutls_0_4_0), cli-gaa.h (tags: + gnutls_0_4_0), cli.c, cli.gaa (tags: gnutls_0_4_0): added crlf option 2002-03-29 11:16 nmav <nmav@gnutls.org> * ChangeLog, doc/TODO, lib/auth_rsa.c, lib/gnutls_int.h, - lib/gnutls_pk.c, lib/gnutls_pk.h, lib/gnutls_sig.c, lib/x509_der.c, - lib/x509_sig_check.c, src/cli.c, src/serv-gaa.c, src/serv-gaa.h, - src/serv.gaa: + lib/gnutls_pk.c, lib/gnutls_pk.h (tags: gnutls_0_4_0), + lib/gnutls_sig.c, lib/x509_der.c (tags: gnutls_0_4_0), + lib/x509_sig_check.c, src/cli.c, src/serv-gaa.c (tags: + gnutls_0_4_0), src/serv-gaa.h (tags: gnutls_0_4_0), src/serv.gaa + (tags: gnutls_0_4_0): Some cleanups in the certificate authentication. Parameters are passed together with the length, to avoid abuse. 2002-03-28 12:46 nmav <nmav@gnutls.org> - * lib/: gnutls_x509.c, x509_b64.c: + * lib/: gnutls_x509.c, x509_b64.c (tags: gnutls_0_4_0): Cleaned up the return values of several functions. @@ -105,7 +149,7 @@ 2002-03-26 21:05 fiorinaf <ffiorina@gnutls.org> - * lib/: x509_asn1.c, x509_asn1.h: + * lib/: x509_asn1.c (tags: gnutls_0_4_0), x509_asn1.h: add asn1_number_of_elements function @@ -123,8 +167,9 @@ 2002-03-26 19:33 nmav <nmav@gnutls.org> - * lib/: gnutls_algorithms.c, gnutls_algorithms.h, gnutls_buffers.c, - gnutls_global.c, gnutls_record.c: + * lib/: gnutls_algorithms.c, gnutls_algorithms.h, gnutls_buffers.c + (tags: gnutls_0_4_0), gnutls_global.c, gnutls_record.c (tags: + gnutls_0_4_0): Several optimizations @@ -136,15 +181,16 @@ 2002-03-26 09:51 twoaday <twoaday@gnutls.org> - * lib/: gnutls_openpgp.c, gnutls_openpgp.h: + * lib/: gnutls_openpgp.c, gnutls_openpgp.h (tags: gnutls_0_4_0): Function which is used to extract key parameters for openpgp keys. 2002-03-26 09:16 nmav <nmav@gnutls.org> * NEWS, doc/TODO, lib/gnutls.h.in.in, lib/gnutls_errors.c, - lib/gnutls_errors_int.h, lib/gnutls_pk.h, lib/gnutls_ui.h, - lib/gnutls_x509.c, src/common.c, src/gnutls-http-serv, src/serv.c: + lib/gnutls_errors_int.h (tags: gnutls_0_4_0), lib/gnutls_pk.h, + lib/gnutls_ui.h, lib/gnutls_x509.c, src/common.c, + src/gnutls-http-serv (tags: gnutls_0_4_0), src/serv.c: added gnutls_x509_extract_certificate_pk_algorithm() @@ -165,11 +211,13 @@ 2002-03-24 18:41 nmav <nmav@gnutls.org> - * NEWS, lib/Makefile.am, lib/auth_cert.c, lib/gnutls_global.c, - lib/gnutls_hash_int.c, lib/gnutls_random.c, lib/gnutls_ui.h, - lib/gnutls_x509.c, lib/pkix.asn, lib/pkix_asn1_tab.c, - lib/x509_asn1.c, lib/x509_extensions.c, lib/x509_sig_check.c, - lib/x509_verify.c, src/gnutls-http-serv, src/serv.c: + * NEWS, lib/Makefile.am (tags: gnutls_0_4_0), lib/auth_cert.c, + lib/gnutls_global.c, lib/gnutls_hash_int.c, lib/gnutls_random.c + (tags: gnutls_0_4_0), lib/gnutls_ui.h, lib/gnutls_x509.c, + lib/pkix.asn (tags: gnutls_0_4_0), lib/pkix_asn1_tab.c (tags: + gnutls_0_4_0), lib/x509_asn1.c, lib/x509_extensions.c, + lib/x509_sig_check.c, lib/x509_verify.c, src/gnutls-http-serv, + src/serv.c: Added support for RFC2630 - PKCS7 formated structures @@ -193,20 +241,24 @@ 2002-03-21 20:25 nmav <nmav@gnutls.org> - * ChangeLog, acconfig.h (tags: gnutls_0_3_92), configure.in, - lib/auth_anon.c (tags: gnutls_0_3_92), lib/auth_srp.c (tags: - gnutls_0_3_92), lib/auth_srp.h (tags: gnutls_0_3_92), - lib/auth_srp_passwd.c (tags: gnutls_0_3_92), lib/auth_srp_passwd.h - (tags: gnutls_0_3_92), lib/auth_srp_sb64.c (tags: gnutls_0_3_92), - lib/crypt.c (tags: gnutls_0_3_92), lib/crypt_bcrypt.c (tags: + * ChangeLog, acconfig.h (tags: gnutls_0_4_0, gnutls_0_3_92), + configure.in, lib/auth_anon.c (tags: gnutls_0_4_0, gnutls_0_3_92), + lib/auth_srp.c (tags: gnutls_0_4_0, gnutls_0_3_92), lib/auth_srp.h + (tags: gnutls_0_4_0, gnutls_0_3_92), lib/auth_srp_passwd.c (tags: + gnutls_0_4_0, gnutls_0_3_92), lib/auth_srp_passwd.h (tags: + gnutls_0_4_0, gnutls_0_3_92), lib/auth_srp_sb64.c (tags: + gnutls_0_4_0, gnutls_0_3_92), lib/crypt.c (tags: gnutls_0_4_0, + gnutls_0_3_92), lib/crypt_bcrypt.c (tags: gnutls_0_4_0, gnutls_0_3_92), lib/crypt_srpsha1.c (tags: gnutls_0_3_92), - lib/ext_srp.c (tags: gnutls_0_3_92), lib/ext_srp.h (tags: - gnutls_0_3_92), lib/gnutls_algorithms.c (tags: gnutls_0_3_92), - lib/gnutls_anon_cred.c (tags: gnutls_0_3_92), lib/gnutls_auth.c - (tags: gnutls_0_3_92), lib/gnutls_extensions.c (tags: - gnutls_0_3_92), lib/gnutls_session_pack.c (tags: gnutls_0_3_92), - lib/gnutls_srp.c (tags: gnutls_0_3_92), lib/gnutls_srp.h (tags: - gnutls_0_3_92), lib/gnutls_ui.c (tags: gnutls_0_3_92), src/serv.c: + lib/ext_srp.c (tags: gnutls_0_4_0, gnutls_0_3_92), lib/ext_srp.h + (tags: gnutls_0_4_0, gnutls_0_3_92), lib/gnutls_algorithms.c (tags: + gnutls_0_3_92), lib/gnutls_anon_cred.c (tags: gnutls_0_4_0, + gnutls_0_3_92), lib/gnutls_auth.c (tags: gnutls_0_4_0, + gnutls_0_3_92), lib/gnutls_extensions.c (tags: gnutls_0_4_0, + gnutls_0_3_92), lib/gnutls_session_pack.c (tags: gnutls_0_4_0, + gnutls_0_3_92), lib/gnutls_srp.c (tags: gnutls_0_3_92), + lib/gnutls_srp.h (tags: gnutls_0_4_0, gnutls_0_3_92), + lib/gnutls_ui.c (tags: gnutls_0_3_92), src/serv.c: Added hooks not to include SRP and Anonymous authentication @@ -218,7 +270,8 @@ 2002-03-21 19:44 nmav <nmav@gnutls.org> - * src/: Makefile.am, gnutls-http-serv (utags: gnutls_0_3_92): + * src/: Makefile.am (tags: gnutls_0_4_0), gnutls-http-serv (utags: + gnutls_0_3_92): Added script which runs an http server with the appropriate parameters. @@ -243,8 +296,9 @@ * lib/: auth_cert.c, gnutls_cipher.c, gnutls_compress.c (tags: gnutls_0_3_92), gnutls_compress_int.c, gnutls_compress_int.h, gnutls_constate.c, gnutls_int.h (tags: gnutls_0_3_92), - gnutls_state.c, x509_ASN.c (tags: gnutls_0_3_92), x509_ASN.y (tags: - gnutls_0_3_92), x509_asn1.c (tags: gnutls_0_3_92): + gnutls_state.c, x509_ASN.c (tags: gnutls_0_4_0, gnutls_0_3_92), + x509_ASN.y (tags: gnutls_0_4_0, gnutls_0_3_92), x509_asn1.c (tags: + gnutls_0_3_92): Improved compression support. Corrected several bugs in empty fragment sending and receiving. @@ -288,10 +342,11 @@ 2002-03-17 23:09 nmav <nmav@gnutls.org> - * ChangeLog, THANKS (tags: gnutls_0_3_92), acconfig.h, - configure.in, lib/gnutls_handshake.c (tags: gnutls_0_3_92), - lib/gnutls_int.h, lib/gnutls_mem.c (tags: gnutls_0_3_92), - lib/gnutls_mem.h (tags: gnutls_0_3_92), src/cli.c: + * ChangeLog, THANKS (tags: gnutls_0_4_0, gnutls_0_3_92), + acconfig.h, configure.in, lib/gnutls_handshake.c (tags: + gnutls_0_3_92), lib/gnutls_int.h, lib/gnutls_mem.c (tags: + gnutls_0_4_0, gnutls_0_3_92), lib/gnutls_mem.h (tags: gnutls_0_4_0, + gnutls_0_3_92), src/cli.c: Added hooks for electric fence @@ -352,8 +407,8 @@ lib/gnutls.h.in.in, lib/gnutls_algorithms.c, lib/gnutls_cert.c, lib/gnutls_constate.c, lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_kx.c (tags: gnutls_0_3_92), lib/gnutls_record.c, - lib/gnutls_state.c, lib/gnutls_state.h (tags: gnutls_0_3_92), - lib/x509_verify.c, src/common.c: + lib/gnutls_state.c, lib/gnutls_state.h (tags: gnutls_0_4_0, + gnutls_0_3_92), lib/x509_verify.c, src/common.c: removed GNUTLS_CERT_TRUSTED enumeration @@ -372,9 +427,10 @@ 2002-03-08 18:04 nmav <nmav@gnutls.org> - * lib/: gnutls_buffers.c, gnutls_buffers.h (tags: gnutls_0_3_92), - gnutls_cipher.c, gnutls_cipher.h (tags: gnutls_0_3_92), - gnutls_openpgp.c, gnutls_record.c, gnutls_state.h: + * lib/: gnutls_buffers.c, gnutls_buffers.h (tags: gnutls_0_4_0, + gnutls_0_3_92), gnutls_cipher.c, gnutls_cipher.h (tags: + gnutls_0_4_0, gnutls_0_3_92), gnutls_openpgp.c, gnutls_record.c, + gnutls_state.h: Added protection against the newly discovered CBC attacks against TLS. Experimental code. @@ -389,20 +445,21 @@ 2002-03-06 12:10 nmav <nmav@gnutls.org> * doc/protocol/: draft-ietf-tls-extensions-02.txt, - draft-ietf-tls-extensions-03.txt (tags: gnutls_0_3_92): + draft-ietf-tls-extensions-03.txt (tags: gnutls_0_4_0, + gnutls_0_3_92): Added new draft 2002-03-06 12:08 nmav <nmav@gnutls.org> * NEWS, lib/Makefile.am (tags: gnutls_0_3_92), lib/auth_cert.c, - lib/gnutls_alert.c (tags: gnutls_0_3_92), lib/gnutls_errors.c, - lib/gnutls_errors_int.h, lib/gnutls_gcry.c (tags: gnutls_0_3_92), - lib/gnutls_global.c (tags: gnutls_0_3_92), lib/gnutls_pk.c, - lib/gnutls_privkey.c, lib/gnutls_x509.c, lib/x509_ASN.c, - lib/x509_ASN.y, lib/x509_asn1.h, lib/x509_extensions.c (tags: - gnutls_0_3_92), lib/x509_sig_check.c (tags: gnutls_0_3_92), - lib/x509_verify.c: + lib/gnutls_alert.c (tags: gnutls_0_4_0, gnutls_0_3_92), + lib/gnutls_errors.c, lib/gnutls_errors_int.h, lib/gnutls_gcry.c + (tags: gnutls_0_3_92), lib/gnutls_global.c (tags: gnutls_0_3_92), + lib/gnutls_pk.c, lib/gnutls_privkey.c, lib/gnutls_x509.c, + lib/x509_ASN.c, lib/x509_ASN.y, lib/x509_asn1.h, + lib/x509_extensions.c (tags: gnutls_0_3_92), lib/x509_sig_check.c + (tags: gnutls_0_3_92), lib/x509_verify.c: Combined error codes of gnutls and ASN.1 parser. Also several cleanups in the X.509 code. @@ -424,24 +481,25 @@ 2002-03-04 17:16 nmav <nmav@gnutls.org> - * doc/tex/errors.tex (tags: gnutls_0_3_92), lib/gnutls.h.in.in: + * doc/tex/errors.tex (tags: gnutls_0_4_0, gnutls_0_3_92), + lib/gnutls.h.in.in: updated 2002-03-04 17:04 nmav <nmav@gnutls.org> - * doc/tex/: Makefile.am, auth.tex (tags: gnutls_0_3_92), - ciphersuites.tex, gnutls.tex, handshake.tex, layers.tex (tags: - gnutls_0_3_92), macros.tex (tags: gnutls_0_3_92), resumedb.tex, - translayer.tex: + * doc/tex/: Makefile.am, auth.tex (tags: gnutls_0_4_0, + gnutls_0_3_92), ciphersuites.tex, gnutls.tex, handshake.tex, + layers.tex (tags: gnutls_0_4_0, gnutls_0_3_92), macros.tex (tags: + gnutls_0_4_0, gnutls_0_3_92), resumedb.tex, translayer.tex: updated documentation 2002-03-04 09:25 nmav <nmav@gnutls.org> - * ChangeLog, configure.in, doc/scripts/gdoc (tags: gnutls_0_3_92), - lib/gnutls_cert.c, lib/gnutls_handshake.c, lib/x509_ASN.y, - lib/x509_asn1.c, lib/x509_der.c: + * ChangeLog, configure.in, doc/scripts/gdoc (tags: gnutls_0_4_0, + gnutls_0_3_92), lib/gnutls_cert.c, lib/gnutls_handshake.c, + lib/x509_ASN.y, lib/x509_asn1.c, lib/x509_der.c: changes for pretty documentation and cleanups. @@ -461,8 +519,9 @@ * ChangeLog, NEWS, configure.in, lib/auth_anon.c, lib/auth_cert.c, lib/auth_dhe.c (tags: gnutls_0_3_92), lib/auth_srp.c, - lib/gnutls_auth.c, lib/gnutls_auth_int.h (tags: gnutls_0_3_92), - lib/gnutls_errors.c, src/cli.c (utags: gnutls_0_3_91): + lib/gnutls_auth.c, lib/gnutls_auth_int.h (tags: gnutls_0_4_0, + gnutls_0_3_92), lib/gnutls_errors.c, src/cli.c (utags: + gnutls_0_3_91): Added checks in authentication type renegotiation procedure. @@ -488,12 +547,12 @@ * src/: Makefile.am (tags: gnutls_0_3_91), cli-gaa.c (tags: gnutls_0_3_91), cli-gaa.h (tags: gnutls_0_3_92, gnutls_0_3_91), cli.c, cli.gaa (tags: gnutls_0_3_92, gnutls_0_3_91), common.h - (tags: gnutls_0_3_91), crypt.c (tags: gnutls_0_3_92, + (tags: gnutls_0_3_91), crypt.c (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91), serv-gaa.c (tags: gnutls_0_3_91), serv-gaa.h (tags: gnutls_0_3_92, gnutls_0_3_91), serv.c (tags: gnutls_0_3_91), serv.gaa (tags: gnutls_0_3_92, gnutls_0_3_91), tls_test-gaa.c - (tags: gnutls_0_3_91), tls_test.gaa (tags: gnutls_0_3_92, - gnutls_0_3_91): + (tags: gnutls_0_3_91), tls_test.gaa (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91): Updated cli and server to read certificate and keys from command line parameters. client, client-debug and server are now being @@ -504,7 +563,7 @@ * lib/: gnutls_algorithms.c (tags: gnutls_0_3_91), gnutls_algorithms.h (tags: gnutls_0_3_92, gnutls_0_3_91), gnutls_handshake.c, gnutls_int.h, gnutls_priority.c (tags: - gnutls_0_3_92, gnutls_0_3_91): + gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91): Cleanups in gnutls_handshake.c and gnutls_algorithms.c. Now cipher suites get associated with a protocol version. This will allow @@ -520,14 +579,16 @@ 2002-02-28 12:39 nmav <nmav@gnutls.org> - * lib/gnutls_session.c (tags: gnutls_0_3_92, gnutls_0_3_91): + * lib/gnutls_session.c (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91): added a check in the given parameters for null 2002-02-28 12:38 nmav <nmav@gnutls.org> - * src/: tests.c (tags: gnutls_0_3_92, gnutls_0_3_91), tests.h - (tags: gnutls_0_3_92, gnutls_0_3_91), tls_test.c: + * src/: tests.c (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91), + tests.h (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91), + tls_test.c: added session resumption test @@ -540,8 +601,8 @@ 2002-02-28 08:55 nmav <nmav@gnutls.org> * src/: cli-gaa.c, cli.c, cli.gaa, serv-gaa.c, tls_test-gaa.c, - tls_test-gaa.h (tags: gnutls_0_3_92, gnutls_0_3_91), tls_test.c, - tls_test.gaa: + tls_test-gaa.h (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91), + tls_test.c, tls_test.gaa: updated gaa files, and client options. @@ -647,8 +708,8 @@ 2002-02-24 17:34 nmav <nmav@gnutls.org> - * src/openpgp/Makefile.am (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90): + * src/openpgp/Makefile.am (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90): added missing makefile.am @@ -656,15 +717,15 @@ * doc/tex/Makefile.am (tags: gnutls_0_3_91), doc/tex/serv1.tex (tags: gnutls_0_3_92, gnutls_0_3_91), lib/auth_anon.c, - lib/auth_anon.h (tags: gnutls_0_3_92, gnutls_0_3_91), - lib/auth_cert.h (tags: gnutls_0_3_92, gnutls_0_3_91), + lib/auth_anon.h (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91), + lib/auth_cert.h (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91), lib/auth_dhe.c, lib/auth_srp_passwd.c (tags: gnutls_0_3_91), lib/gnutls.h.in.in, lib/gnutls_anon_cred.c (tags: gnutls_0_3_91), lib/gnutls_cert.c (tags: gnutls_0_3_91), lib/gnutls_dh.h (tags: - gnutls_0_3_92, gnutls_0_3_91), lib/gnutls_dh_primes.c (tags: - gnutls_0_3_92, gnutls_0_3_91), lib/gnutls_int.h, lib/gnutls_ui.c - (tags: gnutls_0_3_91), src/cli.c, src/serv.c (utags: - gnutls_0_3_90): + gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91), lib/gnutls_dh_primes.c + (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91), + lib/gnutls_int.h, lib/gnutls_ui.c (tags: gnutls_0_3_91), src/cli.c, + src/serv.c (utags: gnutls_0_3_90): The Diffie Hellman parameters are now stored in the credentials structures. This will allow precomputation of signatures (for DHE @@ -741,13 +802,13 @@ gnutls_0_3_90), doc/tex/ex2.tex (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), doc/tex/layers.tex (tags: gnutls_0_3_91, gnutls_0_3_90), doc/tex/serv1.tex, doc/tex/srp1.tex - (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), + (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), lib/gnutls.h.in.in, lib/gnutls_alert.c (tags: gnutls_0_3_91, - gnutls_0_3_90), lib/gnutls_alert.h (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90), lib/gnutls_algorithms.c, - lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_kx.c (tags: - gnutls_0_3_91, gnutls_0_3_90), lib/gnutls_record.c, src/cli.c, - src/serv.c: + gnutls_0_3_90), lib/gnutls_alert.h (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), + lib/gnutls_algorithms.c, lib/gnutls_handshake.c, lib/gnutls_int.h, + lib/gnutls_kx.c (tags: gnutls_0_3_91, gnutls_0_3_90), + lib/gnutls_record.c, src/cli.c, src/serv.c: Several alert protocol changes. @@ -766,8 +827,8 @@ 2002-02-21 20:42 nmav <nmav@gnutls.org> * ChangeLog, NEWS, doc/tex/ex1.tex, doc/tex/serv1.tex, lib/debug.c, - lib/debug.h (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), - lib/gnutls.h.in.in, lib/gnutls_alert.c, src/cli.c: + lib/debug.h (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, + gnutls_0_3_90), lib/gnutls.h.in.in, lib/gnutls_alert.c, src/cli.c: Added gnutls_alert_str (allows printing alert number descriptions) @@ -791,10 +852,10 @@ 2002-02-19 18:57 twoaday <twoaday@gnutls.org> - * lib/: .cvsignore (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90), gnutls_cert.h (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90), gnutls_errors_int.h (tags: gnutls_0_3_91, - gnutls_0_3_90), gnutls_openpgp.c, gnutls_openpgp.h: + * lib/: .cvsignore (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90), gnutls_cert.h (tags: gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90), gnutls_errors_int.h (tags: + gnutls_0_3_91, gnutls_0_3_90), gnutls_openpgp.c, gnutls_openpgp.h: Applied the patches to fix the GDOC problem. Some bug fixes all over the place and the implementation of some function stubs. @@ -866,8 +927,8 @@ * doc/tex/: Makefile.am, ciphersuites.tex, cover.tex.in, errors.tex, ex1.tex, ex2.tex, gnutls.tex, layers.ps (tags: - gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), layers.tex, - serv1.tex, srp1.tex: + gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), + layers.tex, serv1.tex, srp1.tex: Added TLS Layers section. @@ -886,8 +947,8 @@ 2002-02-15 11:23 nmav <nmav@gnutls.org> * lib/: gnutls.h.in.in, gnutls_extensions.c (tags: gnutls_0_3_91, - gnutls_0_3_90), gnutls_extensions.h (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90), gnutls_record.c: + gnutls_0_3_90), gnutls_extensions.h (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), gnutls_record.c: Extension types now use a 16 bit type field (following the current draft). Some fixes in the max record size extension. @@ -982,8 +1043,8 @@ 2002-02-13 10:02 nmav <nmav@gnutls.org> - * lib/ext_cert_type.c (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90): + * lib/ext_cert_type.c (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90): It does not send the cert_type extension if only x.509 certificates are used. @@ -1008,10 +1069,11 @@ 2002-02-11 10:08 nmav <nmav@gnutls.org> - * src/: cli.c, openpgp/cli_pub.asc (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90), openpgp/cli_ring.gpg (tags: - gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), openpgp/cli_sec.asc - (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90): + * src/: cli.c, openpgp/cli_pub.asc (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), openpgp/cli_ring.gpg + (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), + openpgp/cli_sec.asc (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90): Added new client pgp keys and a keyring @@ -1110,8 +1172,8 @@ 2002-02-07 14:59 nmav <nmav@gnutls.org> - * lib/: gnutls_asn1_tab.c (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90), pkcs1_asn1_tab.c: + * lib/: gnutls_asn1_tab.c (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90), pkcs1_asn1_tab.c: Added asn1 file @@ -1133,7 +1195,8 @@ 2002-02-05 23:00 nmav <nmav@gnutls.org> - * AUTHORS (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90): + * AUTHORS (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, + gnutls_0_3_90): added Timo @@ -1204,8 +1267,9 @@ lib/gnutls_errors_int.h, lib/gnutls_extensions.c, lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_privkey.c (tags: gnutls_0_3_91, gnutls_0_3_90), lib/gnutls_x509.c, - lib/x509_verify.c, lib/x509_verify.h (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90), src/cli.c, src/common.h, src/serv.c: + lib/x509_verify.c, lib/x509_verify.h (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), src/cli.c, + src/common.h, src/serv.c: Added OpenPGP certificate support in gnutls. Several changes. @@ -1225,8 +1289,9 @@ 2002-02-03 12:38 nmav <nmav@gnutls.org> - * lib/: gnutls_record.c, gnutls_record.h (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90), gnutls_state.c, gnutls_state.h: + * lib/: gnutls_record.c, gnutls_record.h (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), gnutls_state.c, + gnutls_state.h: Moved functions unrelated to record layer to gnutls_state.c @@ -1239,7 +1304,7 @@ 2002-02-03 12:16 nmav <nmav@gnutls.org> * lib/: gnutls.h.in.in, gnutls_priority.c, gnutls_priority.h (tags: - gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90): + gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90): Added option to set the cert_type priority. @@ -1254,8 +1319,8 @@ 2002-02-03 11:36 nmav <nmav@gnutls.org> - * lib/: ext_cert_type.c, ext_cert_type.h (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90): + * lib/: ext_cert_type.c, ext_cert_type.h (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90): Added stuff for parsing the CertType extension type. @@ -1291,7 +1356,7 @@ 2002-02-01 18:51 twoaday <twoaday@gnutls.org> * src/openpgp/: pub.asc, sec.asc (utags: gnutls_0_3_90, - gnutls_0_3_91, gnutls_0_3_92): + gnutls_0_3_91, gnutls_0_4_0, gnutls_0_3_92): New files for OpenPGP tests. @@ -1306,8 +1371,8 @@ 2002-02-01 11:31 nmav <nmav@gnutls.org> - * lib/gnutls_x509.h (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90): + * lib/gnutls_x509.h (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90): added new header file @@ -1317,10 +1382,11 @@ doc/tex/ex1.tex, doc/tex/ex2.tex, doc/tex/ex3.tex, doc/tex/serv1.tex, lib/Makefile.am, lib/auth_cert.c, lib/auth_cert.h, lib/gnutls.h.in.in, lib/gnutls_cert.c, - lib/gnutls_cert.h, lib/gnutls_int_compat.c (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90), lib/gnutls_session_pack.c (tags: - gnutls_0_3_90), lib/gnutls_ui.h, lib/gnutls_x509.c, - lib/x509_extensions.c, src/cli.c, src/common.h, src/serv.c: + lib/gnutls_cert.h, lib/gnutls_int_compat.c (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), + lib/gnutls_session_pack.c (tags: gnutls_0_3_90), lib/gnutls_ui.h, + lib/gnutls_x509.c, lib/x509_extensions.c, src/cli.c, src/common.h, + src/serv.c: Several changes in certificate and key handling. * gnutls_certificate_allocate_sc() does not require the ncerts @@ -1328,12 +1394,12 @@ 2002-01-31 12:48 nmav <nmav@gnutls.org> - * Makefile.am (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), - doc/protocol/draft-ietf-tls-openpgp-keys-01.txt, doc/tex/ex3.tex, - lib/Makefile.am, lib/auth_cert.c, lib/debug.c, lib/gnutls.h.in.in, - lib/gnutls_cert.c, lib/gnutls_cert.h, lib/gnutls_state.h, - lib/gnutls_ui.c, lib/gnutls_ui.h, lib/gnutls_x509.c, src/cli.c, - src/common.h: + * Makefile.am (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, + gnutls_0_3_90), doc/protocol/draft-ietf-tls-openpgp-keys-01.txt, + doc/tex/ex3.tex, lib/Makefile.am, lib/auth_cert.c, lib/debug.c, + lib/gnutls.h.in.in, lib/gnutls_cert.c, lib/gnutls_cert.h, + lib/gnutls_state.h, lib/gnutls_ui.c, lib/gnutls_ui.h, + lib/gnutls_x509.c, src/cli.c, src/common.h: Renamed gnutls_x509pki_extract_* to gnutls_x509_extract_*. Separated gnutls_x509_extract_* functions. Now are in gnutls_x509.c. @@ -1462,7 +1528,7 @@ 2002-01-28 23:51 nmav <nmav@gnutls.org> - * lib/gnutls.asn (tags: gnutls_0_3_92, gnutls_0_3_91, + * lib/gnutls.asn (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90): Removed fake OID. @@ -1484,8 +1550,8 @@ 2002-01-28 23:43 nmav <nmav@gnutls.org> - * lib/gnutls_datum.c (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90): + * lib/gnutls_datum.c (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90): minor fixes @@ -1516,8 +1582,8 @@ 2002-01-28 18:26 nmav <nmav@gnutls.org> - * lib/: gnutls_datum.c, gnutls_datum.h (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90): + * lib/: gnutls_datum.c, gnutls_datum.h (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90): added gnutls_datum_append() @@ -1539,7 +1605,7 @@ lib/gnutls_cert.h, lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_kx.c, lib/gnutls_privkey.c, lib/gnutls_session_pack.c, lib/gnutls_sig.c (tags: gnutls_0_3_91, gnutls_0_3_90), - lib/gnutls_sig.h (tags: gnutls_0_3_92, gnutls_0_3_91, + lib/gnutls_sig.h (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), lib/gnutls_ui.c, lib/gnutls_ui.h, lib/x509_sig_check.c, src/cli.c, src/common.h, src/serv.c: @@ -1585,8 +1651,8 @@ 2002-01-27 21:12 nmav <nmav@gnutls.org> * lib/: gnutls_gcry.c (tags: gnutls_0_3_91, gnutls_0_3_90), - gnutls_gcry.h (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90), - gnutls_pk.c: + gnutls_gcry.h (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, + gnutls_0_3_90), gnutls_pk.c: corrected bug in DSA signing. @@ -1599,9 +1665,9 @@ 2002-01-27 21:10 nmav <nmav@gnutls.org> * lib/: auth_rsa.c, auth_x509.c, auth_x509.h, gnutls_handshake.c, - gnutls_handshake.h (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90), gnutls_v2_compat.c (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90): + gnutls_handshake.h (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90), gnutls_v2_compat.c (tags: + gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90): Added support to select a certificate based on the peer's cipher suite list. (ie if DSS cipher suites are requested and a DSA @@ -1617,10 +1683,10 @@ * lib/auth_dhe.c (tags: gnutls_with_dss_ciphersuites), lib/auth_dhe_dss.c, lib/auth_dhe_dss.h, lib/auth_dhe_rsa.c, - src/x509/cert-dsa.pem (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites), src/x509/key-dsa.pem - (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, - gnutls_with_dss_ciphersuites): + src/x509/cert-dsa.pem (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites), + src/x509/key-dsa.pem (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites): added missing files @@ -1655,8 +1721,8 @@ 2002-01-26 23:01 nmav <nmav@gnutls.org> * lib/: Makefile.am (tags: gnutls_with_dss_cert_support), - auth_x509.c, ext_max_record.c (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + auth_x509.c, ext_max_record.c (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), gnutls.asn, gnutls_buffers.c (tags: gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), gnutls_cert.c, gnutls_cert.h, gnutls_errors.c (tags: @@ -1666,33 +1732,36 @@ gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), gnutls_global.c (tags: gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), - gnutls_global.h (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_global.h (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, + gnutls_0_3_90, gnutls_with_dss_ciphersuites, + gnutls_with_dss_cert_support), gnutls_handshake.c (tags: + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), + gnutls_int.h (tags: gnutls_with_dss_cert_support), gnutls_pk.c, + gnutls_pk.h, gnutls_privkey.c, gnutls_privkey.h (tags: + gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), - gnutls_handshake.c (tags: gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support), gnutls_int.h (tags: - gnutls_with_dss_cert_support), gnutls_pk.c, gnutls_pk.h, - gnutls_privkey.c, gnutls_privkey.h (tags: gnutls_0_3_92, + gnutls_sig.c, pkcs1.asn, pkix.asn (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support), gnutls_sig.c, pkcs1.asn, pkix.asn - (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, - gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), - x509_sig_check.c: + gnutls_with_dss_cert_support), x509_sig_check.c: Added stuff for DSS certificates (not ready yet) 2002-01-26 22:55 nmav <nmav@gnutls.org> - * src/x509/: Makefile.am, ca.pem (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites), - cert.pem (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, - gnutls_with_dss_ciphersuites), clicert-dsa.pem (tags: + * src/x509/: Makefile.am, ca.pem (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites), cert.pem (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites), clicert-dsa.pem (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites), clicert.pem (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites), clikey-dsa.pem (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites), clikey.pem (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites), key.pem (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, - gnutls_with_dss_ciphersuites), clicert.pem (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites), - clikey-dsa.pem (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, - gnutls_with_dss_ciphersuites), clikey.pem (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites), - key.pem (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites) (utags: gnutls_with_dss_cert_support): @@ -1702,7 +1771,7 @@ * lib/: gnutls_str.c, gnutls_str.h (utags: gnutls_0_3_90, gnutls_with_dss_cert_support, gnutls_0_3_91, - gnutls_with_dss_ciphersuites, gnutls_0_3_92): + gnutls_with_dss_ciphersuites, gnutls_0_4_0, gnutls_0_3_92): added _gnutls_mem_cpy() @@ -1960,8 +2029,8 @@ 2002-01-18 16:47 nmav <nmav@gnutls.org> - * doc/protocol/rfc2440.txt (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + * doc/protocol/rfc2440.txt (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support): added openpgp rfc @@ -1979,7 +2048,7 @@ (tags: gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), lib/gnutls_cert.c, lib/gnutls_cert.h, lib/gnutls_db.c (tags: gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support), lib/gnutls_db.h (tags: + gnutls_with_dss_cert_support), lib/gnutls_db.h (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), lib/gnutls_dh.h, lib/gnutls_dh_primes.c (tags: @@ -2066,7 +2135,7 @@ gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), doc/tex/cover.tex.in (tags: gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), doc/tex/gnutls-logo.ps (tags: - gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support), doc/tex/gnutls.tex: @@ -2084,8 +2153,8 @@ 2002-01-14 09:33 nmav <nmav@gnutls.org> * NEWS, THANKS, lib/gnutls.h.in.in, lib/gnutls_cert.c, - lib/x509_b64.c, lib/x509_b64.h (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + lib/x509_b64.c, lib/x509_b64.h (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support): Added gnutls_x509pki_set_trust_mem() and @@ -2122,8 +2191,8 @@ 2002-01-05 22:00 nmav <nmav@gnutls.org> - * lib/libgnutls.m4 (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + * lib/libgnutls.m4 (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support): corrected the temp file name @@ -2251,12 +2320,12 @@ 2002-01-02 10:46 nmav <nmav@gnutls.org> - * NEWS, README (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, - gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, - gnutls_0_3_5, gnutls_0_3_2), lib/crypt_srpsha1.c, - lib/gnutls.h.in.in, lib/gnutls_handshake.c, lib/gnutls_hash_int.c, - lib/gnutls_int.h, lib/gnutls_sig.c, lib/gnutls_srp.c, - lib/gnutls_ui.c, lib/x509_sig_check.c, src/cli.c: + * NEWS, README (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, + gnutls_0_3_90, gnutls_with_dss_ciphersuites, + gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2), + lib/crypt_srpsha1.c, lib/gnutls.h.in.in, lib/gnutls_handshake.c, + lib/gnutls_hash_int.c, lib/gnutls_int.h, lib/gnutls_sig.c, + lib/gnutls_srp.c, lib/gnutls_ui.c, lib/x509_sig_check.c, src/cli.c: Cleanups in the digest code (separated from HMAC). Added gnutls_fingerprint_calc(), which calculates a fingerprint. @@ -2285,8 +2354,8 @@ 2001-12-30 17:53 nmav <nmav@gnutls.org> - * src/README.srpcrypt (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + * src/README.srpcrypt (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2): updated @@ -2477,25 +2546,25 @@ 2001-12-16 09:09 nmav <nmav@gnutls.org> - * doc/: ASN1.readme.txt, Makefile.am (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0): + * doc/: ASN1.readme.txt, Makefile.am (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0): removed ASN1.readme.txt 2001-12-14 19:52 nmav <nmav@gnutls.org> - * NEWS (tags: gnutls_0_3_0), buildconf (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0), doc/README.autoconf (tags: - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0), doc/tex/ex1.tex, doc/tex/ex2.tex, - doc/tex/gnutls.tex, doc/tex/serv1.tex, lib/gnutls.h.in, - lib/gnutls_cert.c (tags: gnutls_0_3_0), lib/gnutls_int.h, - src/cli.c, src/serv.c: + * NEWS (tags: gnutls_0_3_0), buildconf (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0), + doc/README.autoconf (tags: gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0), + doc/tex/ex1.tex, doc/tex/ex2.tex, doc/tex/gnutls.tex, + doc/tex/serv1.tex, lib/gnutls.h.in, lib/gnutls_cert.c (tags: + gnutls_0_3_0), lib/gnutls_int.h, src/cli.c, src/serv.c: renamed gnutls_x509pki_set_trust/key to gnutls_x509pki_set_trust_file/key_file @@ -2604,8 +2673,8 @@ 2001-12-09 11:02 nmav <nmav@gnutls.org> - * src/: .cvsignore (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + * src/: .cvsignore (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91), Makefile.am (tags: gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, @@ -2704,7 +2773,7 @@ * configure.in (tags: gnutls_0_2_91, gnutls_0_2_90), doc/tex/ex1.tex, doc/tex/ex2.tex, doc/tex/serv1.tex, - doc/tex/srp1.tex, lib/defines.h (tags: gnutls_0_3_92, + doc/tex/srp1.tex, lib/defines.h (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90), @@ -2743,10 +2812,11 @@ * lib/: x509_ASN.y, x509_asn1.c, x509_asn1.h (tags: gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1), x509_der.c, x509_der.h (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1) (utags: gnutls_0_3_0, gnutls_0_2_90, gnutls_0_2_91): + gnutls_0_3_1), x509_der.c, x509_der.h (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1) (utags: gnutls_0_3_0, + gnutls_0_2_90, gnutls_0_2_91): some changes to keep gcc -Wall happy @@ -2775,8 +2845,8 @@ lib/gnutls_db.h (tags: gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90), lib/gnutls_session.c (tags: gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90), - lib/gnutls_session.h (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + lib/gnutls_session.h (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90), src/cli.c, src/serv.c: @@ -2831,12 +2901,12 @@ lib/gnutls_int.h, lib/gnutls_kx.c, lib/gnutls_record.c, lib/gnutls_session_pack.c (tags: gnutls_0_2_91, gnutls_0_2_90), lib/gnutls_ui.c, lib/gnutls_ui.h, lib/x509_extensions.c (tags: - gnutls_0_2_90), lib/x509_extensions.h (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90), - src/Makefile.am (tags: gnutls_0_2_90), src/cli.c, src/common.h, - src/port.h, src/serv.c: + gnutls_0_2_90), lib/x509_extensions.h (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, + gnutls_0_2_91, gnutls_0_2_90), src/Makefile.am (tags: + gnutls_0_2_90), src/cli.c, src/common.h, src/port.h, src/serv.c: now the peer's certificate list is stored into auth info structure (instead of the certificate). several other cleanups. @@ -2906,8 +2976,8 @@ lib/auth_x509.h, lib/gnutls_algorithms.c, lib/gnutls_auth.c, lib/gnutls_db.c, lib/gnutls_int.h, lib/gnutls_record.c, lib/gnutls_session.c, lib/gnutls_session_pack.c, - lib/gnutls_session_pack.h (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + lib/gnutls_session_pack.h (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90), lib/gnutls_ui.c, lib/gnutls_ui.h, src/cli.c: @@ -2933,11 +3003,11 @@ gnutls_0_2_91, gnutls_0_2_90), lib/gnutls_db.c, lib/gnutls_handshake.c, lib/gnutls_handshake.h (tags: gnutls_0_2_91, gnutls_0_2_90), lib/gnutls_int.h, lib/gnutls_kx.c, - lib/gnutls_kx.h (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, - gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, - gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, - gnutls_0_2_91, gnutls_0_2_90), lib/gnutls_record.c, - lib/gnutls_record.h, src/cli.c, src/serv.c: + lib/gnutls_kx.h (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, + gnutls_0_3_90, gnutls_with_dss_ciphersuites, + gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, + gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90), + lib/gnutls_record.c, lib/gnutls_record.h, src/cli.c, src/serv.c: gnutls_handshake(), gnutls_read() etc. functions no longer require the 'SOCKET cd' argument. This argument is set using the function @@ -3056,11 +3126,11 @@ lib/gnutls_handshake.c, lib/gnutls_handshake.h (tags: gnutls_0_2_11), lib/gnutls_int.h, lib/gnutls_kx.c (tags: gnutls_0_2_11), lib/gnutls_priority.c (tags: gnutls_0_2_11), - lib/gnutls_record.c, lib/io_debug.h (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, - gnutls_0_2_11), src/serv.c: + lib/gnutls_record.c, lib/io_debug.h (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, + gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11), src/serv.c: more non blocking IO fixes @@ -3153,8 +3223,8 @@ * NEWS, configure.in, lib/Makefile.am, lib/ext_dnsname.c (tags: gnutls_0_2_90, gnutls_0_2_11), lib/ext_max_record.c, - lib/ext_max_record.h (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + lib/ext_max_record.h (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11), lib/ext_srp.c (tags: gnutls_0_3_0, gnutls_0_2_91, @@ -3304,8 +3374,8 @@ 2001-10-30 12:11 nmav <nmav@gnutls.org> * doc/: Makefile.am, TODO (tags: gnutls_0_2_10), - scripts/Makefile.am (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + scripts/Makefile.am (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10): @@ -3350,11 +3420,11 @@ 2001-10-22 22:09 nmav <nmav@gnutls.org> - * PGPKEYS (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, - gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, - gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, - gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, - gnutls_0_2_9): + * PGPKEYS (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, + gnutls_0_3_90, gnutls_with_dss_ciphersuites, + gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, + gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, + gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9): added file. Holds pgp keys @@ -3502,11 +3572,12 @@ 2001-10-10 09:28 nmav <nmav@gnutls.org> - * src/: Makefile.am, crypt-gaa.c (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90), - crypt.gaa (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + * src/: Makefile.am, crypt-gaa.c (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, + gnutls_0_2_91, gnutls_0_2_90), crypt.gaa (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90) (utags: gnutls_0_2_10, gnutls_0_2_11, @@ -3563,15 +3634,16 @@ 2001-10-08 07:10 nmav <nmav@gnutls.org> * doc/protocol/: draft-ietf-tls-ciphersuite-03.txt, - draft-ietf-tls-ciphersuite-05.txt (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, + draft-ietf-tls-ciphersuite-05.txt (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, + gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, + gnutls_0_2_9), draft-ietf-tls-extensions-00.txt, + draft-ietf-tls-extensions-01.txt (tags: gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9), - draft-ietf-tls-extensions-00.txt, draft-ietf-tls-extensions-01.txt - (tags: gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, - gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, - gnutls_0_2_9), draft-ietf-tls-kerb-00.txt, rfc2712.txt (tags: + draft-ietf-tls-kerb-00.txt, rfc2712.txt (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, @@ -3829,8 +3901,8 @@ (tags: gnutls_0_2_0), lib/auth_rsa.c, lib/auth_srp.c (tags: gnutls_0_2_0), lib/auth_x509.h (tags: gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0), lib/gnutls.h.in (tags: gnutls_0_2_1, gnutls_0_2_0), - lib/gnutls_auth.h (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + lib/gnutls_auth.h (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, @@ -3998,7 +4070,7 @@ gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9), prime.c (tags: - gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, @@ -4114,13 +4186,13 @@ 2001-08-02 11:49 nmav <nmav@gnutls.org> * doc/tex/: Makefile.am (tags: gnutls_0_2_2, gnutls_0_2_1, - gnutls_0_2_0), cover.tex, fdl.tex (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, - gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_4, - gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0), - gnutls.tex, macros.tex: + gnutls_0_2_0), cover.tex, fdl.tex (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, + gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, + gnutls_0_2_9, gnutls_0_2_4, gnutls_0_2_3, gnutls_0_2_2, + gnutls_0_2_1, gnutls_0_2_0), gnutls.tex, macros.tex: documentation updates @@ -4325,12 +4397,13 @@ lib/gnutls_int.h, lib/gnutls_privkey.c, lib/gnutls_record.c, lib/gnutls_sig_check.c, src/.cvsignore (tags: gnutls_0_1_9), src/asn1c.c (tags: gnutls_0_1_9), src/ca.pem, src/cli.c, - src/pkcs1.asn (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, - gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, - gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, - gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, - gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, - gnutls_0_2_0, gnutls_0_1_9), src/serv.c: + src/pkcs1.asn (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, + gnutls_0_3_90, gnutls_with_dss_ciphersuites, + gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, + gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, + gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, + gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9), + src/serv.c: several fixes cleanups etc. @@ -4348,8 +4421,8 @@ gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9), src/Makefile.am (tags: gnutls_0_1_9), src/PkixTabExample.c, src/asn1c.c, src/cli.c, src/pkix.asn, src/serv.c, - src/srp/Makefile.am (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + src/srp/Makefile.am (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, @@ -4361,13 +4434,13 @@ 2001-07-20 17:58 nmav <nmav@gnutls.org> * src/: Makefile.am, cert.pem, key.pem, serv.c, tpasswd, - tpasswd.conf, srp/tpasswd (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + tpasswd.conf, srp/tpasswd (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9), - srp/tpasswd.conf (tags: gnutls_0_3_92, gnutls_0_3_91, + srp/tpasswd.conf (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, @@ -4391,24 +4464,25 @@ 2001-07-20 17:50 nmav <nmav@gnutls.org> * configure.in, doc/protocol/draft-ietf-tls-srp-00.txt, - doc/protocol/draft-ietf-tls-srp-01.txt (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, - gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, - gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9), - doc/protocol/rfc2313.txt (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, - gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, - gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9), - lib/Makefile.am, lib/auth_rsa.c, lib/cert_verify.c, - lib/gnutls_cert.c, lib/gnutls_cert.h, lib/gnutls_errors.c, - lib/gnutls_errors_int.h, lib/gnutls_hash_int.h (tags: - gnutls_0_1_9), lib/gnutls_int.h, lib/gnutls_pk.c, lib/gnutls_pk.h, - lib/gnutls_sig.h (tags: gnutls_0_1_9), lib/gnutls_sig_check.c, - src/ca.pem, src/cert.pem, src/key.pem, src/pkcs1.asn: + doc/protocol/draft-ietf-tls-srp-01.txt (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, + gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, + gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, + gnutls_0_2_0, gnutls_0_1_9), doc/protocol/rfc2313.txt (tags: + gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, + gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, + gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, + gnutls_0_2_0, gnutls_0_1_9), lib/Makefile.am, lib/auth_rsa.c, + lib/cert_verify.c, lib/gnutls_cert.c, lib/gnutls_cert.h, + lib/gnutls_errors.c, lib/gnutls_errors_int.h, lib/gnutls_hash_int.h + (tags: gnutls_0_1_9), lib/gnutls_int.h, lib/gnutls_pk.c, + lib/gnutls_pk.h, lib/gnutls_sig.h (tags: gnutls_0_1_9), + lib/gnutls_sig_check.c, src/ca.pem, src/cert.pem, src/key.pem, + src/pkcs1.asn: added some kind of certificate checking @@ -4580,8 +4654,8 @@ 2001-07-11 21:17 nmav <nmav@gnutls.org> * NEWS, lib/auth_srp.c, lib/crypt_bcrypt.c (tags: gnutls_0_1_9), - lib/crypt_bcrypt.h (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + lib/crypt_bcrypt.h (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, @@ -4658,19 +4732,19 @@ gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9), draft-ietf-tls-seedhas-00.txt, draft-ietf-tls-wireless-00.txt, - rfc2817.txt (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, - gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, - gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, - gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, - gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, - gnutls_0_2_0, gnutls_0_1_9): + rfc2817.txt (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, + gnutls_0_3_90, gnutls_with_dss_ciphersuites, + gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, + gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, + gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, + gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9): added more up to date documentation 2001-06-24 18:20 nmav <nmav@gnutls.org> - * doc/protocol/x509guide.txt (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + * doc/protocol/x509guide.txt (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, @@ -4708,15 +4782,16 @@ gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9), lib/gnutls_compress_int.c, - lib/gnutls_constate.c, lib/gnutls_constate.h (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, - gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, - gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9), - lib/gnutls_datum.c (tags: gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, - gnutls_0_2_0, gnutls_0_1_9), lib/gnutls_db.c, lib/gnutls_dh.c - (tags: gnutls_0_2_0, gnutls_0_1_9), lib/gnutls_errors.c, + lib/gnutls_constate.c, lib/gnutls_constate.h (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, + gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, + gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, + gnutls_0_2_0, gnutls_0_1_9), lib/gnutls_datum.c (tags: + gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, + gnutls_0_1_9), lib/gnutls_db.c, lib/gnutls_dh.c (tags: + gnutls_0_2_0, gnutls_0_1_9), lib/gnutls_errors.c, lib/gnutls_extensions.c, lib/gnutls_gcry.c (tags: gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9), lib/gnutls_global.c, @@ -4880,8 +4955,8 @@ lib/gnutls_algorithms.c, lib/gnutls_buffers.c, lib/gnutls_cipher.c, lib/gnutls_cipher.h (tags: gnutls_0_1_4), lib/gnutls_cipher_int.c (tags: gnutls_0_1_4), lib/gnutls_compress.c (tags: gnutls_0_1_4), - lib/gnutls_compress.h (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + lib/gnutls_compress.h (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, @@ -4946,7 +5021,7 @@ gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, gnutls_0_1_4), gnutls_pk.c, gnutls_pk.h (tags: gnutls_0_1_4), gnutls_random.c (tags: gnutls_0_1_4), gnutls_random.h (tags: - gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, @@ -5039,16 +5114,16 @@ 2001-06-13 09:21 nmav <nmav@gnutls.org> - * .cvsignore (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, - gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, - gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, - gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, - gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, - gnutls_0_2_0, gnutls_0_1_9, gnutls_0_1_4), .cvsusers (tags: - gnutls_0_1_4), AUTHORS (tags: gnutls_0_2_11, gnutls_0_2_10, - gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, - gnutls_0_2_0, gnutls_0_1_9, gnutls_0_1_4), Makefile.am, - changelog-update.sh: + * .cvsignore (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, + gnutls_0_3_90, gnutls_with_dss_ciphersuites, + gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, + gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, + gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, + gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, + gnutls_0_1_4), .cvsusers (tags: gnutls_0_1_4), AUTHORS (tags: + gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, + gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, + gnutls_0_1_4), Makefile.am, changelog-update.sh: added Fabio in AUTHORS, fixed the way ChangeLog is created. @@ -5060,8 +5135,8 @@ 2001-06-13 08:51 nmav <nmav@gnutls.org> - * doc/protocol/rfc2631.txt (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + * doc/protocol/rfc2631.txt (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, @@ -5432,26 +5507,27 @@ * lib/Makefile.am (tags: gnutls-0_1_2), lib/auth_srp.c, lib/auth_srp_passwd.c, lib/auth_srp_passwd.h (tags: gnutls-0_1_2), - lib/crypt.c (tags: gnutls-0_1_2), lib/crypt.h (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, - gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, - gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, - gnutls_0_1_4, gnutls-0_1_2), lib/crypt_bcrypt.c (tags: - gnutls-0_1_2), lib/crypt_bcrypt.h (tags: gnutls-0_1_2), - lib/crypt_srpsha1.c (tags: gnutls-0_1_2), lib/crypt_srpsha1.h - (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + lib/crypt.c (tags: gnutls-0_1_2), lib/crypt.h (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, gnutls_0_1_4, gnutls-0_1_2), - lib/gnutls.h, lib/gnutls_srp.c (tags: gnutls-0_1_2), - lib/gnutls_srp.h (tags: gnutls-0_1_2), src/Makefile.am (tags: - gnutls-0_1_2), src/README.crypt (tags: gnutls-0_1_2), src/cli.c, - src/crypt.c, src/crypt.gaa (tags: gnutls-0_1_2), src/gaa.h (tags: - gnutls-0_1_2), src/gaaout.c (tags: gnutls-0_1_2), src/serv.c: + lib/crypt_bcrypt.c (tags: gnutls-0_1_2), lib/crypt_bcrypt.h (tags: + gnutls-0_1_2), lib/crypt_srpsha1.c (tags: gnutls-0_1_2), + lib/crypt_srpsha1.h (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, + gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, + gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, + gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, + gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, + gnutls_0_1_4, gnutls-0_1_2), lib/gnutls.h, lib/gnutls_srp.c (tags: + gnutls-0_1_2), lib/gnutls_srp.h (tags: gnutls-0_1_2), + src/Makefile.am (tags: gnutls-0_1_2), src/README.crypt (tags: + gnutls-0_1_2), src/cli.c, src/crypt.c, src/crypt.gaa (tags: + gnutls-0_1_2), src/gaa.h (tags: gnutls-0_1_2), src/gaaout.c (tags: + gnutls-0_1_2), src/serv.c: Added compatibility with Tom Wu's libsrp's password files. @@ -5522,8 +5598,8 @@ * NEWS (tags: gnutls-0-1-0-srp), doc/TODO, lib/Makefile.am (tags: gnutls-0-1-0-srp), lib/gnutls.c (tags: gnutls-0-1-0-srp), lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_v2_compat.c, - lib/gnutls_v2_compat.h (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + lib/gnutls_v2_compat.h (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, @@ -5759,8 +5835,8 @@ 2001-03-11 22:29 nmav <nmav@gnutls.org> - * doc/protocol/rfc2945.txt (tags: gnutls_0_3_92, gnutls_0_3_91, - gnutls_0_3_90, gnutls_with_dss_ciphersuites, + * doc/protocol/rfc2945.txt (tags: gnutls_0_4_0, gnutls_0_3_92, + gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, @@ -5890,50 +5966,52 @@ gnutls-0_1_2, gnutls-0-1-0-srp), protocol/draft-ietf-tn3270e-telnet-tls-05.txt (tags: gnutls_0_1_4, gnutls-0_1_2, gnutls-0-1-0-srp), protocol/rfc1422.txt (tags: + gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, + gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, + gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, + gnutls_0_2_0, gnutls_0_1_9, gnutls_0_1_4, gnutls-0_1_2, + gnutls-0-1-0-srp), protocol/rfc1423.txt (tags: gnutls_0_4_0, gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, gnutls_0_1_4, gnutls-0_1_2, - gnutls-0-1-0-srp), protocol/rfc1423.txt (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, - gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, - gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, - gnutls_0_1_4, gnutls-0_1_2, gnutls-0-1-0-srp), protocol/rfc2246.txt - (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls-0-1-0-srp), protocol/rfc2246.txt (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, gnutls_0_1_4, gnutls-0_1_2, - gnutls-0-1-0-srp), protocol/rfc2279.txt (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, - gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, - gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, - gnutls_0_1_4, gnutls-0_1_2, gnutls-0-1-0-srp), protocol/rfc2459.txt - (tags: gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls-0-1-0-srp), protocol/rfc2279.txt (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, gnutls_0_1_4, gnutls-0_1_2, - gnutls-0-1-0-srp), protocol/rfc2818.txt (tags: gnutls_0_3_92, - gnutls_0_3_91, gnutls_0_3_90, gnutls_with_dss_ciphersuites, - gnutls_with_dss_cert_support, gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, - gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, - gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, - gnutls_0_1_4, gnutls-0_1_2, gnutls-0-1-0-srp), - protocol/ssl-draft302.txt (tags: gnutls_0_3_5, gnutls_0_3_2, - gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, gnutls_0_2_90, - gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, gnutls_0_2_3, - gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, gnutls_0_1_9, - gnutls_0_1_4, gnutls-0_1_2, gnutls-0-1-0-srp): + gnutls-0-1-0-srp), protocol/rfc2459.txt (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, + gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, + gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, + gnutls_0_2_0, gnutls_0_1_9, gnutls_0_1_4, gnutls-0_1_2, + gnutls-0-1-0-srp), protocol/rfc2818.txt (tags: gnutls_0_4_0, + gnutls_0_3_92, gnutls_0_3_91, gnutls_0_3_90, + gnutls_with_dss_ciphersuites, gnutls_with_dss_cert_support, + gnutls_0_3_5, gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, + gnutls_0_2_91, gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, + gnutls_0_2_9, gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, + gnutls_0_2_0, gnutls_0_1_9, gnutls_0_1_4, gnutls-0_1_2, + gnutls-0-1-0-srp), protocol/ssl-draft302.txt (tags: gnutls_0_3_5, + gnutls_0_3_2, gnutls_0_3_1, gnutls_0_3_0, gnutls_0_2_91, + gnutls_0_2_90, gnutls_0_2_11, gnutls_0_2_10, gnutls_0_2_9, + gnutls_0_2_3, gnutls_0_2_2, gnutls_0_2_1, gnutls_0_2_0, + gnutls_0_1_9, gnutls_0_1_4, gnutls-0_1_2, gnutls-0-1-0-srp): drafts and rfcs were moved to protocol/ directory diff --git a/configure.in b/configure.in index 2e1b9ffb1b..58264612c0 100644 --- a/configure.in +++ b/configure.in @@ -135,6 +135,7 @@ AC_MSG_RESULT([*** ]) AC_HEADER_STDC +AC_HEADER_TIME AC_CHECK_HEADERS(unistd.h pwd.h locale.h strings.h stdarg.h) AC_CHECK_HEADERS(sys/stat.h sys/types.h sys/socket.h) AC_CHECK_HEADERS(errno.h sys/time.h time.h) diff --git a/lib/defines.h b/lib/defines.h index 2287fc11ea..dd1d74b71a 100644 --- a/lib/defines.h +++ b/lib/defines.h @@ -58,10 +58,6 @@ typedef int ssize_t; # include <strings.h> #endif -#ifdef HAVE_TIME_H -# include <time.h> -#endif - #ifdef HAVE_SYS_TYPES_H # include <sys/types.h> #endif @@ -78,6 +74,17 @@ typedef int ssize_t; # include <unistd.h> #endif +#if TIME_WITH_SYS_TIME +# include <sys/time.h> +# include <time.h> +#else +# if HAVE_SYS_TIME_H +# include <sys/time.h> +# else +# include <time.h> +# endif +#endif + #ifdef HAVE_SYS_SOCKET_H # include <sys/socket.h> #endif diff --git a/lib/x509_verify.c b/lib/x509_verify.c index 346b43405e..6d6915e617 100644 --- a/lib/x509_verify.c +++ b/lib/x509_verify.c @@ -30,57 +30,110 @@ /* TIME functions */ + +/* The mktime_utc function is due to Russ Allbery (rra@stanford.edu), + * who placed it under public domain: + */ + +/* The number of days in each month. + */ +static const int MONTHDAYS[] = { + 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 +}; + + /* Whether a given year is a leap year. */ +#define ISLEAP(year) \ + (((year) % 4) == 0 && (((year) % 100) != 0 || ((year) % 400) == 0)) + +/* + ** Given a struct tm representing a calendar time in UTC, convert it to + ** seconds since epoch. Returns (time_t) -1 if the time is not + ** convertable. Note that this function does not canonicalize the provided + ** struct tm, nor does it allow out of range values or years before 1970. + */ +static time_t mktime_utc(const struct tm *tm) +{ + time_t result = 0; + int i; + +/* We do allow some ill-formed dates, but we don't do anything special + * with them and our callers really shouldn't pass them to us. Do + * explicitly disallow the ones that would cause invalid array accesses + * or other algorithm problems. + */ + if (tm->tm_mon < 0 || tm->tm_mon > 11 || tm->tm_year < 70) + return (time_t) - 1; + +/* Convert to a time_t. + */ + for (i = 1970; i < tm->tm_year + 1900; i++) + result += 365 + ISLEAP(i); + for (i = 0; i < tm->tm_mon; i++) + result += MONTHDAYS[i]; + if (tm->tm_mon > 1 && ISLEAP(tm->tm_year + 1900)) + result++; + result = 24 * (result + tm->tm_mday - 1) + tm->tm_hour; + result = 60 * result + tm->tm_min; + result = 60 * result + tm->tm_sec; + return result; +} + + time_t _gnutls_utcTime2gtime(char *ttime) { char xx[3]; struct tm etime; time_t ret; + if (strlen( ttime) < 10) { + gnutls_assert(); + return (time_t) -1; + } xx[2] = 0; /* get the year */ memcpy(xx, ttime, 2); /* year */ etime.tm_year = atoi(xx); - ttime+=2; + ttime += 2; if (etime.tm_year > 49) etime.tm_year += 1900; else etime.tm_year += 2000; - etime.tm_year-=1900; /* well we need to find something - * better than mktime(); - */ + etime.tm_year -= 1900; /* well we need to find something + * better than mktime(); + */ /* get the month */ memcpy(xx, ttime, 2); /* month */ etime.tm_mon = atoi(xx) - 1; - ttime+=2; - + ttime += 2; + /* get the day */ memcpy(xx, ttime, 2); /* day */ etime.tm_mday = atoi(xx); - ttime+=2; - + ttime += 2; + /* get the hour */ memcpy(xx, ttime, 2); /* hour */ etime.tm_hour = atoi(xx); - ttime+=2; - + ttime += 2; + /* get the minutes */ memcpy(xx, ttime, 2); /* minutes */ etime.tm_min = atoi(xx); - ttime+=2; - + ttime += 2; + etime.tm_isdst = -1; etime.tm_sec = 0; - - ret = mktime(&etime); + + ret = mktime_utc(&etime); return ret; } @@ -91,6 +144,11 @@ time_t _gnutls_generalTime2gtime(char *ttime) struct tm etime; time_t ret; + if (strlen( ttime) < 12) { + gnutls_assert(); + return (time_t) -1; + } + if (strchr(ttime, 'Z') == 0) { gnutls_assert(); /* sorry we don't support it yet @@ -103,9 +161,9 @@ time_t _gnutls_generalTime2gtime(char *ttime) */ memcpy(xx, ttime, 4); /* year */ etime.tm_year = atoi(xx); - ttime+=2; + ttime += 2; - etime.tm_year-=1900; + etime.tm_year -= 1900; xx[2] = 0; @@ -113,27 +171,27 @@ time_t _gnutls_generalTime2gtime(char *ttime) */ memcpy(xx, ttime, 2); /* month */ etime.tm_mon = atoi(xx) - 1; - ttime+=2; - + ttime += 2; + /* get the day */ memcpy(xx, ttime, 2); /* day */ etime.tm_mday = atoi(xx); - ttime+=2; - + ttime += 2; + /* get the hour */ memcpy(xx, ttime, 2); /* hour */ etime.tm_hour = atoi(xx); - ttime+=2; - + ttime += 2; + /* get the minutes */ memcpy(xx, ttime, 2); /* minutes */ etime.tm_min = atoi(xx); - ttime+=2; - - ret = mktime(&etime); + ttime += 2; + + ret = mktime_utc(&etime); etime.tm_isdst = -1; etime.tm_sec = 0; @@ -146,8 +204,8 @@ time_t _gnutls_generalTime2gtime(char *ttime) static int check_if_expired(gnutls_cert * cert) { CertificateStatus ret = GNUTLS_CERT_EXPIRED; - - if (cert->expiration_time == (time_t)(-1)) + + if (cert->expiration_time == (time_t) (-1)) return GNUTLS_CERT_INVALID; /* get the issuer of 'cert' @@ -161,21 +219,24 @@ static int check_if_expired(gnutls_cert * cert) /* Return 0 or INVALID, if the issuer is a CA, * or not. */ -static int check_if_ca(const gnutls_cert * cert, const gnutls_cert* issuer) +static int check_if_ca(const gnutls_cert * cert, + const gnutls_cert * issuer) { CertificateStatus ret = GNUTLS_CERT_INVALID; - + /* Check if the issuer is the same with the * certificate. This is added in order for trusted * certificates to be able to verify themselves. */ if (cert->raw.size == issuer->raw.size) { - if ( memcmp( cert->raw.data, issuer->raw.data, cert->raw.size)==0) { + if (memcmp + (cert->raw.data, issuer->raw.data, + cert->raw.size) == 0) { return 0; } } - if (issuer->CA==1) { + if (issuer->CA == 1) { ret = 0; } else gnutls_assert(); @@ -185,7 +246,7 @@ static int check_if_ca(const gnutls_cert * cert, const gnutls_cert* issuer) -void _gnutls_int2str(int k, char* data); +void _gnutls_int2str(int k, char *data); #define MAX_DN_ELEM 1024 @@ -206,11 +267,13 @@ int compare_dn(gnutls_cert * cert, gnutls_cert * issuer_cert) /* get the issuer of 'cert' */ - if ((result=asn1_create_structure(_gnutls_get_pkix(), "PKIX1.Certificate", &c2, "certificate2")) != ASN_OK) { + if ((result = + asn1_create_structure(_gnutls_get_pkix(), "PKIX1.Certificate", + &c2, "certificate2")) != ASN_OK) { gnutls_assert(); return _gnutls_asn2err(result); } - + result = asn1_get_der(c2, cert->raw.data, cert->raw.size); if (result != ASN_OK) { /* couldn't decode DER */ @@ -218,18 +281,21 @@ int compare_dn(gnutls_cert * cert, gnutls_cert * issuer_cert) asn1_delete_structure(c2); return _gnutls_asn2err(result); } - + /* get the 'subject' info of 'issuer_cert' */ - if ((result=asn1_create_structure(_gnutls_get_pkix(), "PKIX1.Certificate", &c3, "certificate2")) != ASN_OK) { + if ((result = + asn1_create_structure(_gnutls_get_pkix(), "PKIX1.Certificate", + &c3, "certificate2")) != ASN_OK) { gnutls_assert(); asn1_delete_structure(c2); return _gnutls_asn2err(result); } - - result = asn1_get_der(c3, issuer_cert->raw.data, issuer_cert->raw.size); + + result = + asn1_get_der(c3, issuer_cert->raw.data, issuer_cert->raw.size); if (result != ASN_OK) { /* couldn't decode DER */ gnutls_assert(); @@ -237,51 +303,57 @@ int compare_dn(gnutls_cert * cert, gnutls_cert * issuer_cert) return _gnutls_asn2err(result); } - - _gnutls_str_cpy( tmpstr, sizeof(tmpstr), "certificate2.tbsCertificate.issuer"); - result = asn1_get_start_end_der( c2, cert->raw.data, cert->raw.size, - tmpstr, &start1, &end1); - asn1_delete_structure( c2); - - if (result!=ASN_OK) { + + _gnutls_str_cpy(tmpstr, sizeof(tmpstr), + "certificate2.tbsCertificate.issuer"); + result = + asn1_get_start_end_der(c2, cert->raw.data, cert->raw.size, + tmpstr, &start1, &end1); + asn1_delete_structure(c2); + + if (result != ASN_OK) { gnutls_assert(); - asn1_delete_structure( c3); + asn1_delete_structure(c3); return _gnutls_asn2err(result); } - + len1 = end1 - start1 + 1; - - _gnutls_str_cpy( tmpstr, sizeof(tmpstr), "certificate2.tbsCertificate.subject"); - result = asn1_get_start_end_der( c3, issuer_cert->raw.data, issuer_cert->raw.size, - tmpstr, &start2, &end2); - asn1_delete_structure( c3); - - if (result!=ASN_OK) { + + _gnutls_str_cpy(tmpstr, sizeof(tmpstr), + "certificate2.tbsCertificate.subject"); + result = + asn1_get_start_end_der(c3, issuer_cert->raw.data, + issuer_cert->raw.size, tmpstr, &start2, + &end2); + asn1_delete_structure(c3); + + if (result != ASN_OK) { gnutls_assert(); return _gnutls_asn2err(result); } - + len2 = end2 - start2 + 1; /* The error code returned does not really matter * here. - */ - if (len1!=len2) { + */ + if (len1 != len2) { gnutls_assert(); return GNUTLS_E_UNKNOWN_ERROR; } - if (memcmp( &issuer_cert->raw.data[start2], - &cert->raw.data[start1], len1) != 0) { + if (memcmp(&issuer_cert->raw.data[start2], + &cert->raw.data[start1], len1) != 0) { gnutls_assert(); return GNUTLS_E_UNKNOWN_ERROR; } - + /* they match */ return 0; } -static gnutls_cert *find_issuer(gnutls_cert * cert, gnutls_cert * trusted_cas, int tcas_size) +static gnutls_cert *find_issuer(gnutls_cert * cert, + gnutls_cert * trusted_cas, int tcas_size) { int i; @@ -300,8 +372,10 @@ static gnutls_cert *find_issuer(gnutls_cert * cert, gnutls_cert * trusted_cas, i /* ret_trust is the value to return when the certificate chain is ok * ret_else is the value to return otherwise. */ -int gnutls_verify_certificate2(gnutls_cert * cert, gnutls_cert * trusted_cas, int tcas_size, - void *CRLs, int crls_size, int ret_trust, int ret_else) +int gnutls_verify_certificate2(gnutls_cert * cert, + gnutls_cert * trusted_cas, int tcas_size, + void *CRLs, int crls_size, int ret_trust, + int ret_else) { /* CRL is ignored for now */ @@ -323,22 +397,22 @@ int gnutls_verify_certificate2(gnutls_cert * cert, gnutls_cert * trusted_cas, in return ret_else; } - ret = check_if_ca( cert, issuer); + ret = check_if_ca(cert, issuer); if (ret != 0) { gnutls_assert(); - return ret_else|GNUTLS_CERT_INVALID; + return ret_else | GNUTLS_CERT_INVALID; } - ret = check_if_expired( issuer); + ret = check_if_expired(issuer); if (ret != 0) { gnutls_assert(); return ret_else | ret; } - - ret = gnutls_x509_verify_signature(cert, issuer); - if (ret != 0) { - gnutls_assert(); - return ret_else|GNUTLS_CERT_INVALID; + + ret = gnutls_x509_verify_signature(cert, issuer); + if (ret != 0) { + gnutls_assert(); + return ret_else | GNUTLS_CERT_INVALID; } /* FIXME: Check CRL --not done yet. @@ -361,18 +435,20 @@ int gnutls_verify_certificate2(gnutls_cert * cert, gnutls_cert * trusted_cas, in /* This function verifies a X.509 certificate list. The certificate list should * lead to a trusted CA in order to be trusted. */ -int _gnutls_x509_verify_certificate( gnutls_cert * certificate_list, - int clist_size, gnutls_cert * trusted_cas, int tcas_size, void *CRLs, - int crls_size) +int _gnutls_x509_verify_certificate(gnutls_cert * certificate_list, + int clist_size, + gnutls_cert * trusted_cas, + int tcas_size, void *CRLs, + int crls_size) { int i = 0, ret; - CertificateStatus status=0; + CertificateStatus status = 0; - if ( clist_size == 0) { + if (clist_size == 0) { return GNUTLS_E_NO_CERTIFICATE_FOUND; } - ret = check_if_expired( &certificate_list[0]); + ret = check_if_expired(&certificate_list[0]); if (ret != 0) { gnutls_assert(); status |= ret; @@ -383,13 +459,17 @@ int _gnutls_x509_verify_certificate( gnutls_cert * certificate_list, if (i + 1 >= clist_size) break; - if ((ret = gnutls_verify_certificate2(&certificate_list[i], &certificate_list[i + 1], - 1, NULL, 0, 0, GNUTLS_CERT_INVALID)) != 0) { - /* - * We only accept the first certificate to be - * expired, revoked etc. If any of the certificates in the - * certificate chain is expired then the certificate - * is not valid. + if ((ret = + gnutls_verify_certificate2(&certificate_list[i], + &certificate_list[i + 1], + 1, NULL, 0, 0, + GNUTLS_CERT_INVALID)) != + 0) { + /* + * We only accept the first certificate to be + * expired, revoked etc. If any of the certificates in the + * certificate chain is expired then the certificate + * is not valid. */ if (ret > 0) { gnutls_assert(); @@ -404,12 +484,14 @@ int _gnutls_x509_verify_certificate( gnutls_cert * certificate_list, /* Now verify the last certificate in the certificate path * against the trusted CA certificate list. - * + * * If no CAs are present returns NOT_TRUSTED. Thus works * in self signed etc certificates. */ - ret = gnutls_verify_certificate2(&certificate_list[i], trusted_cas, tcas_size, - CRLs, crls_size, 0, GNUTLS_CERT_NOT_TRUSTED); + ret = + gnutls_verify_certificate2(&certificate_list[i], trusted_cas, + tcas_size, CRLs, crls_size, 0, + GNUTLS_CERT_NOT_TRUSTED); if (ret > 0) { /* if the last certificate in the certificate @@ -424,7 +506,7 @@ int _gnutls_x509_verify_certificate( gnutls_cert * certificate_list, gnutls_assert(); return ret; } - + /* if we got here, then it's trusted. */ return status; |