Merge branch 'master' of ssh://git.sv.gnu.org/srv/git/gnutls

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2009-06-13 18:07:45 +0300
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2009-06-13 18:07:45 +0300
commit: 79a820602b97c515bf1f4fe4df5b197dce5a0b11 (patch)
tree: 0c750bad9a158e3d66a2f126a1f6dd9f44c19f7e /doc
parent: 0671e6ef3968e3c6ddc3d478455448127495e925 (diff)
parent: fad0d9b3289087dbd56176e7a1ccb498cf5ef099 (diff)
download: gnutls-79a820602b97c515bf1f4fe4df5b197dce5a0b11.tar.gz
12 files changed, 180 insertions, 111 deletions
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 817511bdb6..2dbaaf0f64 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -20,8 +20,8 @@
 # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 
 EXTRA_DIST = TODO README.gaa certtool.cfg gnutls.ps gnutls.pdf	\
-	gnutls.html extract-guile-c-doc.scm doxygen/Doxyfile.in	\
-	doxygen/Doxyfile.orig texinfo.css
+	gnutls.html doxygen/Doxyfile.in doxygen/Doxyfile.orig	\
+	texinfo.css
 
 SUBDIRS = examples cyclo scripts manpages credentials
 if ENABLE_GTK_DOC
@@ -29,11 +29,10 @@ SUBDIRS += reference
 endif
 
 info_TEXINFOS = gnutls.texi
-gnutls_TEXINFOS = gnutls.texi						\
-	fdl-1.3.texi lgpl-2.1.texi gpl-3.0.texi				\
-	gnutls-api.texi gnutls-extra-api.texi ia-api.texi		\
-	x509-api.texi pgp-api.texi					\
-	examples/ex-client1.c examples/ex-client2.c			\
+gnutls_TEXINFOS = gnutls.texi fdl-1.3.texi lgpl-2.1.texi gpl-3.0.texi
+
+# Examples.
+gnutls_TEXINFOS += examples/ex-client1.c examples/ex-client2.c		\
 	examples/ex-session-info.c examples/ex-verify.c			\
 	examples/ex-cert-select.c examples/ex-client-resume.c		\
 	examples/ex-client-srp.c examples/ex-client-tlsia.c		\
@@ -41,11 +40,7 @@ gnutls_TEXINFOS = gnutls.texi						\
 	examples/ex-serv-export.c examples/ex-serv-anon.c		\
 	examples/ex-serv-pgp.c examples/ex-serv-srp.c			\
 	examples/ex-alert.c examples/ex-x509-info.c examples/ex-crq.c	\
-	examples/ex-pkcs12.c guile.texi $(guile_texi)
-
-# Generated texinfos.
-gnutls_TEXINFOS += error_codes.texi algorithms.texi
-MAINTAINERCLEANFILES = error_codes.texi algorithms.texi
+	examples/ex-pkcs12.c
 
 # Images.  Make sure there are eps + png + pdf of each, plus the source dia.
 gnutls_TEXINFOS += gnutls-internals.dia gnutls-internals.eps		\
@@ -93,37 +88,76 @@ TEXI2DVI = texi2dvi $(AM_MAKEINFOFLAGS)
 AM_MAKEINFOHTMLFLAGS = $(AM_MAKEINFOFLAGS) \
 	--no-split --css-include=$(srcdir)/texinfo.css
 
-../lib/gnutls-api.texi:
-	cd ../lib && make gnutls-api.texi
-
-../libextra/gnutls-extra-api.texi:
-	cd ../libextra && make gnutls-extra-api.texi
+MAINTAINERCLEANFILES =
 
-../lib/x509/x509-api.texi:
-	cd ../lib/x509 && make x509-api.texi
-
-../lib/openpgp/pgp-api.texi:
-	cd ../lib/openpgp && make pgp-api.texi
-
-../libextra/ia-api.texi:
-	cd ../libextra && make ia-api.texi
-
-gnutls-api.texi: ../lib/gnutls-api.texi
-	-$(srcdir)/scripts/sort2.pl < ../lib/gnutls-api.texi > gnutls-api.texi
-
-gnutls-extra-api.texi: ../libextra/gnutls-extra-api.texi
-	-$(srcdir)/scripts/sort2.pl < ../libextra/gnutls-extra-api.texi > gnutls-extra-api.texi
+# Generated texinfos.
 
-x509-api.texi: ../lib/x509/x509-api.texi
-	-$(srcdir)/scripts/sort2.pl < ../lib/x509/x509-api.texi > x509-api.texi
+gnutls_TEXINFOS += gnutls-api.texi extra-api.texi ia-api.texi	\
+	x509-api.texi pgp-api.texi
+MAINTAINERCLEANFILES += gnutls-api.texi extra-api.texi ia-api.texi	\
+	x509-api.texi pgp-api.texi
+
+gnutls-api.texi: $(srcdir)/../lib/*.c
+	echo "" > $@-tmp
+	for i in $^; do \
+		echo -n "Creating documentation for file $$i... " && \
+		$(srcdir)/scripts/gdoc -texinfo $$i >> $@-tmp && \
+		echo "ok"; \
+	done
+	$(srcdir)/scripts/sort2.pl < $@-tmp > $@-tmp2
+	rm -f $@-tmp
+	mv $@-tmp2 $@
+
+x509-api.texi: $(srcdir)/../lib/x509/*.c
+	echo "" > $@-tmp
+	for i in $^; do \
+		echo -n "Creating documentation for file $$i... " && \
+		$(srcdir)/scripts/gdoc -texinfo $$i >> $@-tmp && \
+		echo "ok"; \
+	done
+	$(srcdir)/scripts/sort2.pl < $@-tmp > $@-tmp2
+	rm -f $@-tmp
+	mv $@-tmp2 $@
+
+pgp-api.texi: $(srcdir)/../lib/openpgp/*.c
+	echo "" > $@-tmp
+	for i in $^; do \
+		echo -n "Creating documentation for file $$i... " && \
+		$(srcdir)/scripts/gdoc -texinfo $$i >> $@-tmp && \
+		echo "ok"; \
+	done
+	$(srcdir)/scripts/sort2.pl < $@-tmp > $@-tmp2
+	rm -f $@-tmp
+	mv $@-tmp2 $@
+
+extra-api.texi: $(srcdir)/../libextra/gnutls_extra.c
+	echo "" > $@-tmp
+	for i in $^; do \
+		echo -n "Creating documentation for file $$i... " && \
+		$(srcdir)/scripts/gdoc -texinfo $$i >> $@-tmp && \
+		echo "ok"; \
+	done
+	$(srcdir)/scripts/sort2.pl < $@-tmp > $@-tmp2
+	rm -f $@-tmp
+	mv $@-tmp2 $@
+
+ia-api.texi: $(srcdir)/../libextra/gnutls_ia.c
+	echo "" > $@-tmp
+	for i in $^; do \
+		echo -n "Creating documentation for file $$i... " && \
+		$(srcdir)/scripts/gdoc -texinfo $$i >> $@-tmp && \
+		echo "ok"; \
+	done
+	$(srcdir)/scripts/sort2.pl < $@-tmp > $@-tmp2
+	rm -f $@-tmp
+	mv $@-tmp2 $@
 
-pgp-api.texi: ../lib/openpgp/pgp-api.texi
-	-$(srcdir)/scripts/sort2.pl < ../lib/openpgp/pgp-api.texi > pgp-api.texi
+# Generated texinfos.
 
-ia-api.texi: ../libextra/ia-api.texi
-	-$(srcdir)/scripts/sort2.pl < ../libextra/ia-api.texi > ia-api.texi
+gnutls_TEXINFOS += error_codes.texi algorithms.texi
+MAINTAINERCLEANFILES += error_codes.texi algorithms.texi
 
-# Generated texinfos.
+AM_CPPFLAGS = -I$(top_srcdir)/lib/includes -I$(top_builddir)/lib/includes
 
 noinst_PROGRAMS = errcodes printlist
 
@@ -133,25 +167,26 @@ errcodes_LDADD = ../lib/libgnutls.la ../gl/libgnu.la
 printlist_SOURCES = printlist.c
 printlist_LDADD = ../lib/libgnutls.la ../gl/libgnu.la
 
-AM_CPPFLAGS = -I$(top_srcdir)/lib/includes -I$(top_builddir)/lib/includes
-
 error_codes.texi: $(top_srcdir)/lib/gnutls_errors.c $(srcdir)/errcodes.c
-	-$(builddir)/errcodes > error_codes.texi
+	make $(builddir)/errcodes
+	$(builddir)/errcodes > $@-tmp
+	mv $@-tmp $@
 
 algorithms.texi: $(srcdir)/printlist.c
-	-$(builddir)/printlist > algorithms.texi
+	make $(builddir)/printlist
+	$(builddir)/printlist > $@-tmp
+	mv $@-tmp $@
+
+# Guile texinfos.
 
 guile_texi           = core.c.texi extra.c.texi
+gnutls_TEXINFOS      += guile.texi $(guile_texi)
 BUILT_SOURCES        = $(guile_texi)
 MAINTAINERCLEANFILES += $(guile_texi)
-EXTRA_DIST           += $(guile_texi)
+EXTRA_DIST           += $(guile_texi) extract-guile-c-doc.scm
 
 if HAVE_GUILE
 
-#
-# Guile documentation extraction from C code.
-#
-
 GUILE_FOR_BUILD = $(GUILE) -L $(top_srcdir)/guile/modules
 
 SNARF_CPPFLAGS = -I$(top_srcdir) -I$(top_builddir)			\
diff --git a/doc/announcement-template.txt b/doc/announcement-template.txt
index be1f340b97..3b9c7c8be9 100644
--- a/doc/announcement-template.txt
+++ b/doc/announcement-template.txt
@@ -10,8 +10,8 @@ General Public License version 2.1 (or later).  The "extra" GnuTLS
 library (which contains TLS/IA support, LZO compression and Libgcrypt
 FIPS-mode handler), the OpenSSL compatibility library, the self tests
 and the command line tools are all distributed under the GNU General
-Public License version 3.0 (or later).  The manual is distributed under
-the GNU Free Documentation License version 1.3 (or later).
+Public License version 3.0 (or later).  The manual is distributed
+under the GNU Free Documentation License version 1.3 (or later).
 
 The project page of the library is available at:
   http://www.gnu.org/software/gnutls/
@@ -19,8 +19,8 @@ The project page of the library is available at:
 What's New
 ==========
 
-Version 2.8.0 is the first stable release on the 2.8.x branch and is the
-result of 7 months of work on the experimental 2.7.x branch.
+Version 2.8.0 is the first stable release on the 2.8.x branch and is
+the result of 7 months of work on the experimental 2.7.x branch.
 
 ** lib: Linker version scripts reduces number of exported symbols.
 The linker version script now lists all exported ABIs explicitly, to
@@ -48,6 +48,11 @@ GNUTLS_VERSION_MAJOR, GNUTLS_VERSION_MINOR, GNUTLS_VERSION_PATCH, and
 GNUTLS_VERSION_NUMBER respectively.  The old symbols will continue to
 work but are deprecated.
 
+** libgnutls: Fix namespace issue with version symbol for libgnutls-extra.
+The symbol LIBGNUTLS_EXTRA_VERSION were renamed to
+GNUTLS_EXTRA_VERSION.  The old symbol will continue to work but is
+deprecated.
+
 ** libgnutls: Add functions to verify a hash against a certificate.
 gnutls_x509_crt_verify_hash: ADDED
 gnutls_x509_crt_get_verify_algorithm: ADDED
@@ -170,13 +175,34 @@ licenses, including the (L)GPL.
 API/ABI changes in GnuTLS 2.8
 =============================
 
-No functions have been removed or modified.  The library should be fully
-backwards compatible on both the source and binary level.
-
-Although the same patch has also been applied to the 2.6.x branch, we'd
-like to remind you functions have been changed so that X.509 chain
-verification now also checks activation/expiration times on
-certificates.  The affected functions are:
+No offically supported interfaces have been modified or removed.  The
+library should be completely backwards compatible on both the source
+and binary level.
+
+The shared library no longer exports some symbols that have never been
+officially supported, i.e., not mentioned in any of the header files.
+The symbols are:
+
+  _gnutls*
+  gnutls_asn1_tab
+  
+Normally when symbols are removed, the shared library version has to
+be incremented.  This leads to a significant cost for everyone using
+the library.  Because none of the above symbols have ever been
+intended for use by well-behaved applications, we decided that the it
+would be better for those applications to pay the price rather than
+incurring problems on the majority of applications.
+
+If it turns out that applications have been using unofficial
+interfaces, we will need to release a follow-on release on the v2.8
+branch to exports additional interfaces.  However, initial testing
+suggests that few if any applications have been using any of the
+internal symbols.
+
+Although not a new change compared to 2.6.x, we'd like to remind you
+interfaces have been modified so that X.509 chain verification now
+also checks activation/expiration times on certificates.  The affected
+functions are:
 
 gnutls_x509_crt_list_verify: CHANGED, checks activation/expiration times.
 gnutls_certificate_verify_peers: Likewise.
@@ -185,49 +211,57 @@ GNUTLS_CERT_NOT_ACTIVATED: ADDED.
 GNUTLS_CERT_EXPIRED: ADDED.
 GNUTLS_VERIFY_DISABLE_TIME_CHECKS: ADDED.
 
-The following functions or symbols have been added to the library or
-header files:
+This change in behaviour was made during the GnuTLS 2.6.x cycle, and
+we gave our rationale for it in earlier release notes.
+
+The following symbols have been added to the library:
 
 gnutls_certificate_set_x509_simple_pkcs12_mem: ADDED
-gnutls_x509_crt_verify_hash: ADDED
-gnutls_x509_crt_get_verify_algorithm: ADDED
 gnutls_x509_crl_get_authority_key_id: ADDED
-gnutls_x509_crl_get_number: ADDED
-gnutls_x509_crl_get_extension_oid: ADDED
-gnutls_x509_crl_get_extension_info: ADDED
 gnutls_x509_crl_get_extension_data: ADDED
+gnutls_x509_crl_get_extension_info: ADDED
+gnutls_x509_crl_get_extension_oid: ADDED
+gnutls_x509_crl_get_number: ADDED
 gnutls_x509_crl_set_authority_key_id: ADDED
 gnutls_x509_crl_set_number: ADDED
-gnutls_x509_crq_get_key_rsa_raw: ADDED
-gnutls_x509_crq_get_attribute_info: ADDED
 gnutls_x509_crq_get_attribute_data: ADDED
-gnutls_x509_crq_get_extension_info: ADDED
+gnutls_x509_crq_get_attribute_info: ADDED
+gnutls_x509_crq_get_basic_constraints: ADDED
+gnutls_x509_crq_get_extension_by_oid: ADDED
 gnutls_x509_crq_get_extension_data: ADDED
+gnutls_x509_crq_get_extension_info: ADDED
+gnutls_x509_crq_get_key_id: ADDED.
+gnutls_x509_crq_get_key_purpose_oid: ADDED
+gnutls_x509_crq_get_key_rsa_raw: ADDED
 gnutls_x509_crq_get_key_usage: ADDED
-gnutls_x509_crq_get_basic_constraints: ADDED
 gnutls_x509_crq_get_subject_alt_name: ADDED
 gnutls_x509_crq_get_subject_alt_othername_oid: ADDED
-gnutls_x509_crq_get_extension_by_oid: ADDED
-gnutls_x509_crq_set_subject_alt_name: ADDED
+gnutls_x509_crq_print: ADDED
 gnutls_x509_crq_set_basic_constraints: ADDED
-gnutls_x509_crq_set_key_usage: ADDED
-gnutls_x509_crq_get_key_purpose_oid: ADDED
 gnutls_x509_crq_set_key_purpose_oid: ADDED
-gnutls_x509_crq_print: ADDED
+gnutls_x509_crq_set_key_usage: ADDED
+gnutls_x509_crq_set_subject_alt_name: ADDED
+gnutls_x509_crt_get_verify_algorithm: ADDED
 gnutls_x509_crt_set_crq_extensions: ADDED
+gnutls_x509_crt_verify_hash: ADDED
+
+The following interfaces have been added to the header files:
+
 GNUTLS_VERSION: ADDED, replaces LIBGNUTLS_VERSION.
 GNUTLS_VERSION_MAJOR: ADDED, replaces LIBGNUTLS_VERSION_MAJOR.
 GNUTLS_VERSION_MINOR: ADDED, replaces LIBGNUTLS_VERSION_MINOR.
 GNUTLS_VERSION_PATCH: ADDED, replaces LIBGNUTLS_VERSION_PATCH.
 GNUTLS_VERSION_NUMBER: ADDED, replaces LIBGNUTLS_VERSION_NUMBER.
+GNUTLS_EXTRA_VERSION: ADDED, replaces LIBGNUTLS_EXTRA_VERSION.
 
-The following symbols have been deprecated:
+The following interfaces have been deprecated:
 
 LIBGNUTLS_VERSION: DEPRECATED.
 LIBGNUTLS_VERSION_MAJOR: DEPRECATED.
 LIBGNUTLS_VERSION_MINOR: DEPRECATED.
 LIBGNUTLS_VERSION_PATCH: DEPRECATED.
 LIBGNUTLS_VERSION_NUMBER: DEPRECATED.
+LIBGNUTLS_EXTRA_VERSION: DEPRECATED.
 
 Getting the Software
 ====================
@@ -236,7 +270,7 @@ GnuTLS may be downloaded from one of the mirror sites or direct from
 <ftp://ftp.gnu.org/gnu/gnutls/>.  The list of mirrors can be found at
 <http://www.gnu.org/software/gnutls/download.html>.
 
-Here are the BZIP2 compressed sources (4.9MB):
+Here are the BZIP2 compressed sources (6.0MB):
 
   ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.8.0.tar.bz2
   http://ftp.gnu.org/gnu/gnutls/gnutls-2.8.0.tar.bz2
@@ -275,9 +309,9 @@ Alternatively, after successfully verifying the OpenPGP signature of
 this announcement, you could verify that the files match the following
 checksum values.  The values are for SHA-1 and SHA-224 respectively:
 
-d1693e611aa7270f14bc500bd56ef529ffcb1703  gnutls-2.6.6.tar.bz2
+d1693e611aa7270f14bc500bd56ef529ffcb1703  gnutls-2.8.0.tar.bz2
 
-5e5bc180293b0854b7e8c27a5eb55f172579b346fba61b2d4b0b0c61  gnutls-2.6.6.tar.bz2
+5e5bc180293b0854b7e8c27a5eb55f172579b346fba61b2d4b0b0c61  gnutls-2.8.0.tar.bz2
 
 Documentation
 =============
@@ -315,7 +349,7 @@ Windows installer
 GnuTLS has been ported to the Windows operating system, and a binary
 installer is available.  The installer contains DLLs for application
 development, manuals, examples, and source code.  The installer uses
-libgpg-error v1.7, libgcrypt v1.4.4, libtasn1 v2.1, and GnuTLS v2.8.0.
+libgpg-error v1.7, libgcrypt v1.4.4, libtasn1 v2.2, and GnuTLS v2.8.0.
 
 For more information about GnuTLS for Windows:
   http://josefsson.org/gnutls4win/
@@ -326,9 +360,9 @@ The Windows binary installer and PGP signature:
 
 The checksum values for SHA-1 and SHA-224 are:
 
-8a86a846cbdc16b6c21442c706854a5c02416336  gnutls-2.6.6.exe
+8a86a846cbdc16b6c21442c706854a5c02416336  gnutls-2.8.0.exe
 
-555afa0c1524d8ad05a12384e1bd1b09da720b03058f0089dc812cfc  gnutls-2.6.6.exe
+555afa0c1524d8ad05a12384e1bd1b09da720b03058f0089dc812cfc  gnutls-2.8.0.exe
 
 A ZIP archive containing the Windows binaries:
   http://josefsson.org/gnutls4win/gnutls-2.8.0.zip (5.3MB)
@@ -339,9 +373,9 @@ A Debian mingw32 package is also available:
 
 The checksum values for SHA-1 and SHA-224 are:
 
-b141f97c196d408bf12b8a58ede6bda8fb291be6  mingw32-gnutls_2.6.6-1_all.deb
+b141f97c196d408bf12b8a58ede6bda8fb291be6  mingw32-gnutls_2.8.0-1_all.deb
 
-541e2fca8248460b419e2224a138b292020de1724c86c77b9478da93  mingw32-gnutls_2.6.6-1_all.deb
+541e2fca8248460b419e2224a138b292020de1724c86c77b9478da93  mingw32-gnutls_2.8.0-1_all.deb
 
 Internationalization
 ====================
diff --git a/doc/examples/ex-serv-anon.c b/doc/examples/ex-serv-anon.c
index 155cbe480f..722d1fc07a 100644
--- a/doc/examples/ex-serv-anon.c
+++ b/doc/examples/ex-serv-anon.c
@@ -50,7 +50,7 @@ static int
 generate_dh_params (void)
 {
 
-  /* Generate Diffie Hellman parameters - for use with DHE
+  /* Generate Diffie-Hellman parameters - for use with DHE
    * kx algorithms. These should be discarded and regenerated
    * once a day, once a week or once a month. Depending on the
    * security requirements.
diff --git a/doc/examples/ex-serv-export.c b/doc/examples/ex-serv-export.c
index 236ab0da66..d3d33a6e1d 100644
--- a/doc/examples/ex-serv-export.c
+++ b/doc/examples/ex-serv-export.c
@@ -91,7 +91,7 @@ static int
 generate_dh_params (void)
 {
   gnutls_datum_t dparams = { srp_dh_group2048, sizeof (srp_dh_group2048) };
-  /* Here instead of generating Diffie Hellman parameters (for use with DHE
+  /* Here instead of generating Diffie-Hellman parameters (for use with DHE
    * kx algorithms) we import them.
    */
   gnutls_dh_params_init (&dh_params);
diff --git a/doc/examples/ex-serv-pgp.c b/doc/examples/ex-serv-pgp.c
index 1e0124f0be..e9070565f9 100644
--- a/doc/examples/ex-serv-pgp.c
+++ b/doc/examples/ex-serv-pgp.c
@@ -38,7 +38,7 @@ static int
 generate_dh_params (void)
 {
 
-  /* Generate Diffie Hellman parameters - for use with DHE
+  /* Generate Diffie-Hellman parameters - for use with DHE
    * kx algorithms. These should be discarded and regenerated
    * once a day, once a week or once a month. Depending on the
    * security requirements.
diff --git a/doc/examples/ex-serv-psk.c b/doc/examples/ex-serv-psk.c
index 0082414512..6e5d77a837 100644
--- a/doc/examples/ex-serv-psk.c
+++ b/doc/examples/ex-serv-psk.c
@@ -62,7 +62,7 @@ static int
 generate_dh_params (void)
 {
 
-  /* Generate Diffie Hellman parameters - for use with DHE
+  /* Generate Diffie-Hellman parameters - for use with DHE
    * kx algorithms. When short bit length is used, it might
    * be wise to regenerate parameters.
    *
diff --git a/doc/examples/ex-serv1.c b/doc/examples/ex-serv1.c
index 06a76fbaed..0a47cc140a 100644
--- a/doc/examples/ex-serv1.c
+++ b/doc/examples/ex-serv1.c
@@ -64,7 +64,7 @@ static int
 generate_dh_params (void)
 {
 
-  /* Generate Diffie Hellman parameters - for use with DHE
+  /* Generate Diffie-Hellman parameters - for use with DHE
    * kx algorithms. When short bit length is used, it might
    * be wise to regenerate parameters.
    *
diff --git a/doc/examples/ex-session-info.c b/doc/examples/ex-session-info.c
index 146d81a092..f247629503 100644
--- a/doc/examples/ex-session-info.c
+++ b/doc/examples/ex-session-info.c
@@ -66,7 +66,7 @@ print_info (gnutls_session_t session)
 
     case GNUTLS_CRD_CERTIFICATE:	/* certificate authentication */
 
-      /* Check if we have been using ephemeral Diffie Hellman.
+      /* Check if we have been using ephemeral Diffie-Hellman.
        */
       if (kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS)
 	{
diff --git a/doc/gnutls.texi b/doc/gnutls.texi
index 383265d318..13998f3372 100644
--- a/doc/gnutls.texi
+++ b/doc/gnutls.texi
@@ -435,7 +435,7 @@ finished using @acronym{GnuTLS}.
 The credentials structure is used by some authentication methods, such
 as certificate authentication (@pxref{Certificate Authentication}).  A
 credentials structure may contain certificates, private keys,
-temporary parameters for diffie hellman or RSA key exchange, and other
+temporary parameters for Diffie-Hellman or RSA key exchange, and other
 stuff that may be shared between several TLS sessions.
 
 This structure should be initialized using the appropriate
@@ -1013,7 +1013,7 @@ In TLS, since a lot of algorithms are involved, it is not easy to set a consiste
 For this reason this section will present some correspondance between key sizes of symmetric algorithms
 and public key algorithms based on the most conservative values of @xcite{SELKEY}. 
 Those can be used to generate certificates with appropriate key sizes as well
-as parameters for Diffie Hellman and SRP authentication.
+as parameters for Diffie-Hellman and SRP authentication.
 
 @multitable @columnfractions .15 .20 .20 .20
 
@@ -1365,15 +1365,15 @@ In the EXPORT algorithm, the server signs temporary RSA parameters of
 512 bits --- which are considered weak --- and sends them to the client.
 
 @item DHE_RSA:
-The RSA algorithm is used to sign Ephemeral Diffie Hellman parameters
+The RSA algorithm is used to sign Ephemeral Diffie-Hellman parameters
 which are sent to the peer. The key in the certificate must allow the
 key to be used for signing. Note that key exchange algorithms which
-use Ephemeral Diffie Hellman parameters, offer perfect forward
+use Ephemeral Diffie-Hellman parameters, offer perfect forward
 secrecy. That means that even if the private key used for signing is
 compromised, it cannot be used to reveal past session data.
 
 @item DHE_DSS:
-The DSS algorithm is used to sign Ephemeral Diffie Hellman parameters
+The DSS algorithm is used to sign Ephemeral Diffie-Hellman parameters
 which are sent to the peer. The certificate must contain DSA
 parameters to use this key exchange algorithm. DSS stands for Digital
 Signature Standard.
@@ -1393,7 +1393,7 @@ do not use anonymous authentication.  Available key exchange methods
 are shown below.
 
 Note that the key exchange methods for anonymous authentication
-require Diffie Hellman parameters to be generated by the server and associated with
+require Diffie-Hellman parameters to be generated by the server and associated with
 an anonymous credentials structure.
 
 Supported anonymous key exchange algorithms:
@@ -1401,7 +1401,7 @@ Supported anonymous key exchange algorithms:
 @table @code
 
 @item ANON_DH:
-This algorithm exchanges Diffie Hellman parameters.
+This algorithm exchanges Diffie-Hellman parameters.
 
 @end table
 
@@ -1509,7 +1509,7 @@ The implementation in @acronym{GnuTLS} is based on paper
 Authentication using the @acronym{PSK} protocol.
 
 @item DHE-PSK:
-Authentication using the @acronym{PSK} protocol and Diffie Hellman key exchange.
+Authentication using the @acronym{PSK} protocol and Diffie-Hellman key exchange.
 This method offers perfect forward secrecy.
 
 @end table
@@ -2747,7 +2747,7 @@ Usage: certtool [options]
                               The last certificate in the chain must
                               be a self signed one.
      --verify-crl             Verify a CRL.
-     --generate-dh-params     Generate PKCS #3 encoded Diffie Hellman
+     --generate-dh-params     Generate PKCS #3 encoded Diffie-Hellman
                               parameters.
      --get-dh-params          Get the included PKCS #3 encoded Diffie
                               Hellman parameters.
@@ -2800,7 +2800,7 @@ How to use certtool interactively:
 
 @itemize
 @item
-To generate parameters for Diffie Hellman key exchange, use the command:
+To generate parameters for Diffie-Hellman key exchange, use the command:
 @example
 $ certtool --generate-dh-params --outfile dh.pem
 @end example
@@ -3189,9 +3189,9 @@ Checking whether the server supports session resumption... yes
 Checking for export-grade ciphersuite support... no
 Checking RSA-export ciphersuite info... N/A
 Checking for anonymous authentication support... no
-Checking anonymous Diffie Hellman group info... N/A
-Checking for ephemeral Diffie Hellman support... no
-Checking ephemeral Diffie Hellman group info... N/A
+Checking anonymous Diffie-Hellman group info... N/A
+Checking for ephemeral Diffie-Hellman support... no
+Checking ephemeral Diffie-Hellman group info... N/A
 Checking for AES cipher support (TLS extension)... yes
 Checking for 3DES cipher support... yes
 Checking for ARCFOUR 128 cipher support... yes
@@ -3216,7 +3216,7 @@ GNU TLS test server
 Usage: gnutls-serv [options]
 
      -d, --debug integer      Enable debugging
-     -g, --generate           Generate Diffie Hellman Parameters.
+     -g, --generate           Generate Diffie-Hellman Parameters.
      -p, --port integer       The port to connect to.
      -q, --quiet              Suppress some messages.
      --nodb                   Does not use the resume database.
@@ -3467,7 +3467,7 @@ disable DHE-PSK.
 
 @smallexample
 $ ./gnutls-serv --pskpasswd psks.txt  --pskhint psk_identity_hint --priority NORMAL:-DHE-PSK
-Set static Diffie Hellman parameters, consider --dhparams.
+Set static Diffie-Hellman parameters, consider --dhparams.
 Echo Server ready. Listening to port '5556'.
 @end smallexample
 
@@ -3588,7 +3588,7 @@ These functions are only available in the GPLv3+ version of the
 library called @code{gnutls-extra}. The prototypes for this library
 lie in @file{gnutls/extra.h}.
 
-@include gnutls-extra-api.texi
+@include extra-api.texi
 
 @node OpenPGP functions
 @section @acronym{OpenPGP} Functions
diff --git a/doc/manpages/certtool.1 b/doc/manpages/certtool.1
index 0ccc2a35b1..f581a274ee 100644
--- a/doc/manpages/certtool.1
+++ b/doc/manpages/certtool.1
@@ -38,7 +38,7 @@ Generate a signed certificate.
 .IP "\-e, \-\-verify\-chain"
 Verify a PEM encoded certificate chain.  The last certificate in the chain must be a self signed one.
 .IP "\-\-generate\-dh\-params"
-Generate PKCS #3 encoded Diffie Hellman parameters.
+Generate PKCS #3 encoded Diffie-Hellman parameters.
 .IP "\-\-load\-ca\-certificate FILE"
 Certificate authority's certificate file to use.
 .IP "\-\-load\-ca\-privkey FILE"
diff --git a/doc/manpages/gnutls-serv.1 b/doc/manpages/gnutls-serv.1
index 02502e5620..9b8c4252ea 100644
--- a/doc/manpages/gnutls-serv.1
+++ b/doc/manpages/gnutls-serv.1
@@ -69,11 +69,11 @@ compression methods.
 .IP 
 Special keywords:
 .IP
-'!' or '-' appended with an algorithm will remove this algorithm.
+"!" or "-" appended with an algorithm will remove this algorithm.
 .IP
-'+' appended with an algorithm will add this algorithm.
+"+" appended with an algorithm will add this algorithm.
 .IP
-'%COMPAT' will enable compatibility features for a server.
+"%COMPAT" will enable compatibility features for a server.
 .IP
 To avoid collisions in order to specify a compression algorithm in
 this string you have to prefix it with "COMP-", protocol versions
@@ -91,7 +91,7 @@ algorithms don't need a prefix.
 "NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL"
 
 .IP "\-g, \-\-generate"
-Generate Diffie Hellman Parameters.
+Generate Diffie-Hellman Parameters.
 .IP "\-\-kx \fIkx1 kx2...\fR"
 Key exchange methods to enable (use \fBgnutls\-cli \-\-list\fR to show
 the supported key exchange methods).
diff --git a/doc/manpages/srptool.1 b/doc/manpages/srptool.1
index 2af76f6351..1ae0b2555b 100644
--- a/doc/manpages/srptool.1
+++ b/doc/manpages/srptool.1
@@ -25,7 +25,7 @@ Prints a short reminder of the command line options.
 Specify the index of the parameters in tpasswd.conf to use.
 .IP "\-p, \-\-passwd \fIFILE\fR"
 Specify a password file.
-.IP "\-\-passwd\-conf \fIFILE\fR"
+.IP "\-c, \-\-passwd\-conf \fIFILE\fR"
 Specify a password configuration file.
 .IP "\-s, \-\-salt \fISALT\fR"
 Specify salt size for crypt algorithm.
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2009-06-13 18:07:45 +0300
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2009-06-13 18:07:45 +0300
commit	79a820602b97c515bf1f4fe4df5b197dce5a0b11 (patch)
tree	0c750bad9a158e3d66a2f126a1f6dd9f44c19f7e /doc
parent	0671e6ef3968e3c6ddc3d478455448127495e925 (diff)
parent	fad0d9b3289087dbd56176e7a1ccb498cf5ef099 (diff)
download	gnutls-79a820602b97c515bf1f4fe4df5b197dce5a0b11.tar.gz