diff options
author | Nikos Mavrogiannopoulos <nmav@crystal.(none)> | 2008-07-05 10:55:14 +0300 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@crystal.(none)> | 2008-07-05 10:55:14 +0300 |
commit | 290e2d8cfc072b959d4fd50a9fa707430b8658b5 (patch) | |
tree | f0eafb51d3607eaa4476992e96400e8018540780 | |
parent | 59384639d915fc8c2f8ab06bb3c3e311c17ee91a (diff) | |
parent | 964036f9466a2b34a7173cc5f16fbfca616d3535 (diff) | |
download | gnutls-290e2d8cfc072b959d4fd50a9fa707430b8658b5.tar.gz |
Merge branch 'gnutls_2_4_x' of ssh://git.sv.gnu.org/srv/git/gnutls into gnutls_2_4_x
-rw-r--r-- | ChangeLog | 90 | ||||
-rw-r--r-- | NEWS | 29 | ||||
-rw-r--r-- | THANKS | 2 | ||||
-rw-r--r-- | configure.in | 4 | ||||
-rw-r--r-- | doc/gnutls.texi | 10 | ||||
-rw-r--r-- | lib/gnutls_handshake.c | 3 |
6 files changed, 124 insertions, 14 deletions
@@ -1,3 +1,93 @@ +2008-06-30 Simon Josefsson <simon@josefsson.org> + + * NEWS: Version 2.4.1. + +2008-06-30 Simon Josefsson <simon@josefsson.org> + + * NEWS: Add. + +2008-06-30 Simon Josefsson <simon@josefsson.org> + + * THANKS: Add. + +2008-06-30 Simon Josefsson <simon@josefsson.org> + + * NEWS: Fix links. + +2008-06-30 Simon Josefsson <simon@josefsson.org> + + * NEWS: Add. + +2008-06-30 Simon Josefsson <simon@josefsson.org> + + * : commit 0fee3917077e191dea3c9787c95c072979532086 Author: Simon + Josefsson <simon@josefsson.org> Date: Mon Jun 30 22:44:47 2008 + +0200 + +2008-06-30 Nikos Mavrogiannopoulos <nmav@crystal.(none)> + + * src/crypt.c: this fixes a problem in srptool, where the passwords + never match (--verify check) on some architectures (patch by + Matthias Koenig <mkoenig@suse.de>) + +2008-06-30 Simon Josefsson <simon@josefsson.org> + + * NEWS: Add. + +2008-06-30 Simon Josefsson <simon@josefsson.org> + + * NEWS: Add. + +2008-06-29 Nikos Mavrogiannopoulos <nmav@crystal.(none)> + + * lib/gnutls_state.c: added check before reallocation of parameters + to avoid memory leaks on rehandshake. + +2008-06-23 Simon Josefsson <simon@josefsson.org> + + * Makefile.am: Upload to ftp.gnu.org, not alpha. + +2008-06-23 Simon Josefsson <simon@josefsson.org> + + * NEWS: Add. + +2008-06-23 Simon Josefsson <simon@josefsson.org> + + * lib/Makefile.am: Fix build failures related to opencdk.h. + Reported by Roman Bogorodskiy <novel@FreeBSD.org> in + + <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2930>. + +2008-06-19 Simon Josefsson <simon@josefsson.org> + + * NEWS: Add. + +2008-06-18 Simon Josefsson <simon@josefsson.org> + + * lib/gnutls_state.h: Add prototype for _gnutls_session_is_psk. + Reported by Massimo Gaspari <massimo.gaspari@alice.it> in + <http://permalink.gmane.org/gmane.network.gnutls.general/1281>. + +2008-06-18 Simon Josefsson <simon@josefsson.org> + + * src/cli.c: Fix warning. Reported by Massimo Gaspari + <massimo.gaspari@alice.it> in + <http://permalink.gmane.org/gmane.network.gnutls.general/1281>. + +2008-06-18 Simon Josefsson <simon@josefsson.org> + + * src/cli.c, src/psk.c: Fix warning regarding undeclared getpass + replacement. Reported by Massimo Gaspari <massimo.gaspari@alice.it> + in <http://permalink.gmane.org/gmane.network.gnutls.general/1281>. + +2008-06-19 Simon Josefsson <simon@josefsson.org> + + * NEWS, configure.in: Bump versions. + +2008-06-18 Simon Josefsson <simon@josefsson.org> + + * ChangeLog: Generated. + 2008-06-18 Simon Josefsson <simon@josefsson.org> * NEWS: Add v2.4.0 release notes. @@ -3,19 +3,36 @@ Copyright (C) 2004, 2005, 2006, 2007, 2008 Simon Josefsson Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavrogiannopoulos See the end for copying conditions. -* Version 2.4.1 (unreleased) +* Version 2.4.2 (unreleased) + +** API and ABI modifications: +No changes since last version. + +* Version 2.4.1 (released 2008-06-30) + +** libgnutls: Fix local crash in gnutls_handshake. [GNUTLS-SA-2008-2] +If the gnutls_handshake function is called for a normal session, which +can happen for re-handshakes, the library would crash because it tried +to hash some data using a libgcrypt handle that had been deallocated. +Report and tiny patch from Tomas Mraz <tmraz@redhat.com>. Any updates +with more details about this vulnerability will be added to +<http://www.gnu.org/software/gnutls/security.html> + +** libgnutls: Fix memory leaks when doing a re-handshake. +Reported by Sam Varshavchik <mrsam@courier-mta.com> in +<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2928>. ** Fix compiler warnings. Reported by Massimo Gaspari <massimo.gaspari@alice.it> in -<http://permalink.gmane.org/gmane.network.gnutls.general/1281>. +<http://thread.gmane.org/gmane.network.gnutls.general/1281>. ** Fix ordering of -I's to avoid opencdk.h conflict with system headers. Reported by Roman Bogorodskiy <novel@FreeBSD.org> in -<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2930>. +<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2930>. -** Fix memory leaks when doing a re-handshake. -Reported by Sam Varshavchik <mrsam@courier-mta.com> in -<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2928>. +** srptool: Fix a problem where --verify check does not succeed. +Report and tiny patch by Matthias Koenig <mkoenig@suse.de> in +<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2944>. ** API and ABI modifications: No changes since last version. @@ -83,6 +83,8 @@ Marc F. Clemente <marc@mclemente.net> Daniel Dehennin <nebuchadnezzar@asgardr.info> martin f krafft <madduck@debian.org> Sam Varshavchik <mrsam@courier-mta.com> +Tomas Mraz <tmraz@redhat.com> +Matthias Koenig <mkoenig@suse.de> ---------------------------------------------------------------------- Copying and distribution of this file, with or without modification, diff --git a/configure.in b/configure.in index 5c165b30da..af1e863364 100644 --- a/configure.in +++ b/configure.in @@ -22,7 +22,7 @@ dnl Process this file with autoconf to produce a configure script. # USA AC_PREREQ(2.61) -AC_INIT([GnuTLS], [2.4.1], [bug-gnutls@gnu.org]) +AC_INIT([GnuTLS], [2.4.2], [bug-gnutls@gnu.org]) AC_CONFIG_AUX_DIR([build-aux]) AM_INIT_AUTOMAKE([1.10 dist-bzip2]) @@ -33,7 +33,7 @@ AM_CONFIG_HEADER(config.h) # Interfaces added: AGE++ # Interfaces removed: AGE=0 AC_SUBST(LT_CURRENT, 30) -AC_SUBST(LT_REVISION, 5) +AC_SUBST(LT_REVISION, 6) AC_SUBST(LT_AGE, 4) # Used when creating the Windows libgnutls-XX.def files. diff --git a/doc/gnutls.texi b/doc/gnutls.texi index 5cec27d6e6..0aab6dd889 100644 --- a/doc/gnutls.texi +++ b/doc/gnutls.texi @@ -2260,7 +2260,7 @@ implemented by another example. * Client with Resume capability example:: * Simple client example with SRP authentication:: * Simple client example with TLS/IA support:: -* Simple client example in @acronym{C++}:: +* Simple client example in C++:: * Helper function for TCP connections:: @end menu @@ -2356,11 +2356,11 @@ The following client is a simple client which uses the @verbatiminclude examples/ex-client-tlsia.c -@node Simple client example in @acronym{C++} -@subsection Simple Client Example using the @acronym{C++} API +@node Simple client example in C++ +@subsection Simple Client Example using the C++ API -The following client is a simple example of a client -client utilizing the GnuTLS @acronym{C++} API. +The following client is a simple example of a client client utilizing +the GnuTLS C++ API. @verbatiminclude examples/ex-cxx.cpp diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index d7981802a0..0192c9f61e 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -69,11 +69,12 @@ int _gnutls_server_select_comp_method (gnutls_session_t session, /* Clears the handshake hash buffers and handles. */ -inline static void +static void _gnutls_handshake_hash_buffers_clear (gnutls_session_t session) { _gnutls_hash_deinit (&session->internals.handshake_mac_handle_md5, NULL); _gnutls_hash_deinit (&session->internals.handshake_mac_handle_sha, NULL); + session->internals.handshake_mac_handle_init = 0; _gnutls_handshake_buffer_clear (session); } |