summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* auto-generated file updategnutls_3_2_17Nikos Mavrogiannopoulos2014-08-241-5/+5
|
* released 3.2.17Nikos Mavrogiannopoulos2014-08-243-3/+3
|
* record: tolerate a finished packet with errors in DTLSNikos Mavrogiannopoulos2014-08-231-0/+1
|
* doc updateNikos Mavrogiannopoulos2014-08-231-0/+3
|
* record: in DTLS discard only messages that cause unexpected packet errorsNikos Mavrogiannopoulos2014-08-231-1/+5
|
* updated minitasn1Nikos Mavrogiannopoulos2014-08-239-502/+273
|
* use the windows API in windows even if iconv is availableNikos Mavrogiannopoulos2014-08-211-53/+54
|
* configure: print error message when nettle is 3.0 or laterNikos Mavrogiannopoulos2014-08-201-2/+2
|
* doc updateNikos Mavrogiannopoulos2014-08-171-0/+3
|
* tests: check that gnutls_x509_crt_check_hostname() will correctly use the ↵Nikos Mavrogiannopoulos2014-08-171-0/+50
| | | | last CN when multiple
* when checking the hostname of a certificate with multiple CNs use the "most ↵Nikos Mavrogiannopoulos2014-08-171-8/+13
| | | | | | | | | specific" CN In our case we use the last CN present in the DN. Reported by David Woodhouse. https://bugzilla.mozilla.org/show_bug.cgi?id=307234#c2
* doc updateNikos Mavrogiannopoulos2014-08-101-0/+3
|
* tests: test the decoding of a PKCS #12 structure with SHA256 MACNikos Mavrogiannopoulos2014-08-103-1/+9
| | | | | Conflicts: tests/pkcs12-decode/pkcs12
* tests: updated string to keys tests for new internal APINikos Mavrogiannopoulos2014-08-102-2/+3
|
* pkcs12: Allow verification with structures that support other than HMAC-SHA1 ↵Nikos Mavrogiannopoulos2014-08-105-28/+61
| | | | | | | MACs. Conflicts: lib/x509/pkcs12_encr.c
* doc updateNikos Mavrogiannopoulos2014-08-061-0/+4
|
* improve compatibility in pkcs11 key generationWolfgang Meyer zu Bergsten2014-08-061-0/+7
| | | | | | * explicitly set public exponent in template Signed-off-by: Wolfgang Meyer zu Bergsten <w.bergsten@sirrix.com>
* gnutls-cli-debug: added AES and CAMELLIA to the list of default ciphersNikos Mavrogiannopoulos2014-08-062-6/+6
|
* doc updateNikos Mavrogiannopoulos2014-08-041-0/+8
|
* pkcs8: initialize parameters on decryptionNikos Mavrogiannopoulos2014-08-041-0/+1
|
* updated to libopts 5.18.3Nikos Mavrogiannopoulos2014-08-0352-240/+272
|
* updated gnulibNikos Mavrogiannopoulos2014-07-29103-249/+2214
|
* Added replacements of inet_aton and inet_pton on systems they are not presentNikos Mavrogiannopoulos2014-07-284-6/+279
| | | | | gnulib is avoided due to keep the gnulib network replacements out of the library
* released 3.2.16gnutls_3_2_16Nikos Mavrogiannopoulos2014-07-231-1/+1
|
* use const return value in ip_to_stringNikos Mavrogiannopoulos2014-07-221-3/+3
|
* bumped versionNikos Mavrogiannopoulos2014-07-222-2/+2
|
* minimum version was changed to TLS 1.0 for ciphersuites with SHA2Nikos Mavrogiannopoulos2014-07-221-10/+10
| | | | | These ciphersuites could not be used with SSL 3.0 that only defines usage of MD5 or SHA1 MACs. Reported by Manuel Pegourie-Gonnard.
* ignore CKR_CRYPTOKI_ALREADY_INITIALIZED when returned on reinitializationNikos Mavrogiannopoulos2014-07-211-1/+1
|
* doc updateNikos Mavrogiannopoulos2014-07-071-0/+2
|
* set CKA_EC_PARAMS when generating an ECDSA keyNikos Mavrogiannopoulos2014-07-076-21/+35
| | | | | Conflicts: lib/pkcs11.c
* dane: Skip DANE entries that may contain unknown infoNikos Mavrogiannopoulos2014-07-061-22/+19
| | | | | That would allow skipping any future entries without failing. Reported by Simon Arlott.
* dane: Added sanity check in dane_verify_crt_raw()Nikos Mavrogiannopoulos2014-07-061-0/+3
| | | | | That allows calling the function will an empty chain. Reported by Simon Arlott.
* doc updateNikos Mavrogiannopoulos2014-07-061-0/+4
|
* p11tool: don't outsmart user and override login typeNikos Mavrogiannopoulos2014-07-061-2/+3
| | | | | | Unfortunately tokens vary on their requirements for writing trusted and private objects, and there is no one-size fits all policy. Thus allow a proper failure and warn the user that so-login may be required.
* pkcs11: Removed length check of attribute as a sanity check for valid keys.Nikos Mavrogiannopoulos2014-07-041-2/+2
| | | | There can be keys where the id or label is empty and thus with zero length.
* doc updateNikos Mavrogiannopoulos2014-07-011-0/+2
|
* gnutls_pkcs11_privkey_generate2(): corrected public key extraction (for ↵Nikos Mavrogiannopoulos2014-07-013-6/+12
| | | | ECDSA keys)
* p11tool/certtool: use GNUTLS_SO_PIN for reading security officer's PINNikos Mavrogiannopoulos2014-07-011-3/+9
|
* mention that IPv4 and IPv6 address comparison is since 3.2.16.Nikos Mavrogiannopoulos2014-06-301-0/+2
|
* Added explicit documentation on IPv4 and IPv6 address matching.Nikos Mavrogiannopoulos2014-06-301-0/+7
|
* doc updateNikos Mavrogiannopoulos2014-06-301-0/+3
|
* tests: Added test cases for IPv4/6 matching.Nikos Mavrogiannopoulos2014-06-301-0/+136
|
* gnutls_x509_crt_check_hostname() checks text ip addresses as well.Nikos Mavrogiannopoulos2014-06-302-1/+70
| | | | That aligns the documentation with the implementation.
* doc updateNikos Mavrogiannopoulos2014-06-281-0/+2
|
* Use inet_ntop() for printing IP addresses.Nikos Mavrogiannopoulos2014-06-282-2/+12
| | | | The old dumb code is used in systems that don't have that function.
* initialize str to NULLNikos Mavrogiannopoulos2014-06-271-1/+1
|
* p11tool: Do not allow a newline as PIN.Nikos Mavrogiannopoulos2014-06-251-4/+4
|
* pkcs11: avoid callig _gnutls_bin2hex() when length is zero.Nikos Mavrogiannopoulos2014-06-251-1/+1
|
* doc: Corrections for gnutls_handshake_set_hook_function()Attila Molnar2014-06-151-3/+1
|
* doc updateNikos Mavrogiannopoulos2014-06-091-2/+2
|
View Lorry Controller Status