Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | auto-generated file updategnutls_3_2_17 | Nikos Mavrogiannopoulos | 2014-08-24 | 1 | -5/+5 |
| | |||||
* | released 3.2.17 | Nikos Mavrogiannopoulos | 2014-08-24 | 3 | -3/+3 |
| | |||||
* | record: tolerate a finished packet with errors in DTLS | Nikos Mavrogiannopoulos | 2014-08-23 | 1 | -0/+1 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-08-23 | 1 | -0/+3 |
| | |||||
* | record: in DTLS discard only messages that cause unexpected packet errors | Nikos Mavrogiannopoulos | 2014-08-23 | 1 | -1/+5 |
| | |||||
* | updated minitasn1 | Nikos Mavrogiannopoulos | 2014-08-23 | 9 | -502/+273 |
| | |||||
* | use the windows API in windows even if iconv is available | Nikos Mavrogiannopoulos | 2014-08-21 | 1 | -53/+54 |
| | |||||
* | configure: print error message when nettle is 3.0 or later | Nikos Mavrogiannopoulos | 2014-08-20 | 1 | -2/+2 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-08-17 | 1 | -0/+3 |
| | |||||
* | tests: check that gnutls_x509_crt_check_hostname() will correctly use the ↵ | Nikos Mavrogiannopoulos | 2014-08-17 | 1 | -0/+50 |
| | | | | last CN when multiple | ||||
* | when checking the hostname of a certificate with multiple CNs use the "most ↵ | Nikos Mavrogiannopoulos | 2014-08-17 | 1 | -8/+13 |
| | | | | | | | | | specific" CN In our case we use the last CN present in the DN. Reported by David Woodhouse. https://bugzilla.mozilla.org/show_bug.cgi?id=307234#c2 | ||||
* | doc update | Nikos Mavrogiannopoulos | 2014-08-10 | 1 | -0/+3 |
| | |||||
* | tests: test the decoding of a PKCS #12 structure with SHA256 MAC | Nikos Mavrogiannopoulos | 2014-08-10 | 3 | -1/+9 |
| | | | | | Conflicts: tests/pkcs12-decode/pkcs12 | ||||
* | tests: updated string to keys tests for new internal API | Nikos Mavrogiannopoulos | 2014-08-10 | 2 | -2/+3 |
| | |||||
* | pkcs12: Allow verification with structures that support other than HMAC-SHA1 ↵ | Nikos Mavrogiannopoulos | 2014-08-10 | 5 | -28/+61 |
| | | | | | | | MACs. Conflicts: lib/x509/pkcs12_encr.c | ||||
* | doc update | Nikos Mavrogiannopoulos | 2014-08-06 | 1 | -0/+4 |
| | |||||
* | improve compatibility in pkcs11 key generation | Wolfgang Meyer zu Bergsten | 2014-08-06 | 1 | -0/+7 |
| | | | | | | * explicitly set public exponent in template Signed-off-by: Wolfgang Meyer zu Bergsten <w.bergsten@sirrix.com> | ||||
* | gnutls-cli-debug: added AES and CAMELLIA to the list of default ciphers | Nikos Mavrogiannopoulos | 2014-08-06 | 2 | -6/+6 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-08-04 | 1 | -0/+8 |
| | |||||
* | pkcs8: initialize parameters on decryption | Nikos Mavrogiannopoulos | 2014-08-04 | 1 | -0/+1 |
| | |||||
* | updated to libopts 5.18.3 | Nikos Mavrogiannopoulos | 2014-08-03 | 52 | -240/+272 |
| | |||||
* | updated gnulib | Nikos Mavrogiannopoulos | 2014-07-29 | 103 | -249/+2214 |
| | |||||
* | Added replacements of inet_aton and inet_pton on systems they are not present | Nikos Mavrogiannopoulos | 2014-07-28 | 4 | -6/+279 |
| | | | | | gnulib is avoided due to keep the gnulib network replacements out of the library | ||||
* | released 3.2.16gnutls_3_2_16 | Nikos Mavrogiannopoulos | 2014-07-23 | 1 | -1/+1 |
| | |||||
* | use const return value in ip_to_string | Nikos Mavrogiannopoulos | 2014-07-22 | 1 | -3/+3 |
| | |||||
* | bumped version | Nikos Mavrogiannopoulos | 2014-07-22 | 2 | -2/+2 |
| | |||||
* | minimum version was changed to TLS 1.0 for ciphersuites with SHA2 | Nikos Mavrogiannopoulos | 2014-07-22 | 1 | -10/+10 |
| | | | | | These ciphersuites could not be used with SSL 3.0 that only defines usage of MD5 or SHA1 MACs. Reported by Manuel Pegourie-Gonnard. | ||||
* | ignore CKR_CRYPTOKI_ALREADY_INITIALIZED when returned on reinitialization | Nikos Mavrogiannopoulos | 2014-07-21 | 1 | -1/+1 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-07-07 | 1 | -0/+2 |
| | |||||
* | set CKA_EC_PARAMS when generating an ECDSA key | Nikos Mavrogiannopoulos | 2014-07-07 | 6 | -21/+35 |
| | | | | | Conflicts: lib/pkcs11.c | ||||
* | dane: Skip DANE entries that may contain unknown info | Nikos Mavrogiannopoulos | 2014-07-06 | 1 | -22/+19 |
| | | | | | That would allow skipping any future entries without failing. Reported by Simon Arlott. | ||||
* | dane: Added sanity check in dane_verify_crt_raw() | Nikos Mavrogiannopoulos | 2014-07-06 | 1 | -0/+3 |
| | | | | | That allows calling the function will an empty chain. Reported by Simon Arlott. | ||||
* | doc update | Nikos Mavrogiannopoulos | 2014-07-06 | 1 | -0/+4 |
| | |||||
* | p11tool: don't outsmart user and override login type | Nikos Mavrogiannopoulos | 2014-07-06 | 1 | -2/+3 |
| | | | | | | Unfortunately tokens vary on their requirements for writing trusted and private objects, and there is no one-size fits all policy. Thus allow a proper failure and warn the user that so-login may be required. | ||||
* | pkcs11: Removed length check of attribute as a sanity check for valid keys. | Nikos Mavrogiannopoulos | 2014-07-04 | 1 | -2/+2 |
| | | | | There can be keys where the id or label is empty and thus with zero length. | ||||
* | doc update | Nikos Mavrogiannopoulos | 2014-07-01 | 1 | -0/+2 |
| | |||||
* | gnutls_pkcs11_privkey_generate2(): corrected public key extraction (for ↵ | Nikos Mavrogiannopoulos | 2014-07-01 | 3 | -6/+12 |
| | | | | ECDSA keys) | ||||
* | p11tool/certtool: use GNUTLS_SO_PIN for reading security officer's PIN | Nikos Mavrogiannopoulos | 2014-07-01 | 1 | -3/+9 |
| | |||||
* | mention that IPv4 and IPv6 address comparison is since 3.2.16. | Nikos Mavrogiannopoulos | 2014-06-30 | 1 | -0/+2 |
| | |||||
* | Added explicit documentation on IPv4 and IPv6 address matching. | Nikos Mavrogiannopoulos | 2014-06-30 | 1 | -0/+7 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-06-30 | 1 | -0/+3 |
| | |||||
* | tests: Added test cases for IPv4/6 matching. | Nikos Mavrogiannopoulos | 2014-06-30 | 1 | -0/+136 |
| | |||||
* | gnutls_x509_crt_check_hostname() checks text ip addresses as well. | Nikos Mavrogiannopoulos | 2014-06-30 | 2 | -1/+70 |
| | | | | That aligns the documentation with the implementation. | ||||
* | doc update | Nikos Mavrogiannopoulos | 2014-06-28 | 1 | -0/+2 |
| | |||||
* | Use inet_ntop() for printing IP addresses. | Nikos Mavrogiannopoulos | 2014-06-28 | 2 | -2/+12 |
| | | | | The old dumb code is used in systems that don't have that function. | ||||
* | initialize str to NULL | Nikos Mavrogiannopoulos | 2014-06-27 | 1 | -1/+1 |
| | |||||
* | p11tool: Do not allow a newline as PIN. | Nikos Mavrogiannopoulos | 2014-06-25 | 1 | -4/+4 |
| | |||||
* | pkcs11: avoid callig _gnutls_bin2hex() when length is zero. | Nikos Mavrogiannopoulos | 2014-06-25 | 1 | -1/+1 |
| | |||||
* | doc: Corrections for gnutls_handshake_set_hook_function() | Attila Molnar | 2014-06-15 | 1 | -3/+1 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-06-09 | 1 | -2/+2 |
| |