Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | released 3.3.0pre0gnutls_3_3_0pre0 | Nikos Mavrogiannopoulos | 2014-03-27 | 2 | -2/+2 |
| | |||||
* | using the SYSTEM priority string will fail if there is no system file | Nikos Mavrogiannopoulos | 2014-03-27 | 1 | -15/+16 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-03-27 | 1 | -2/+4 |
| | |||||
* | reformatted NEWS entries | Nikos Mavrogiannopoulos | 2014-03-27 | 1 | -25/+25 |
| | |||||
* | The %COMPAT keyword no longer reduces security. | Nikos Mavrogiannopoulos | 2014-03-27 | 4 | -17/+35 |
| | | | | | | | Introduced the LEGACY keyword which will enable the settings used in GnuTLS 3.2.x for NORMAL keyword. That is to be used in cases where compatibility with weak or misconfigured servers is required. | ||||
* | replaced wrong manpage generation parameter | Nikos Mavrogiannopoulos | 2014-03-27 | 1 | -13/+13 |
| | |||||
* | fixed gdoc documentation | Nikos Mavrogiannopoulos | 2014-03-27 | 5 | -6/+6 |
| | |||||
* | update README to reflect gmplib licensing change | Daniel Kahn Gillmor | 2014-03-27 | 1 | -5/+7 |
| | | | | | | | | | | As of version 6.0.0, gmplib moved its licensing from LGPLv3+ to a dual-license LGPLv3+/GPLv2+ license. This licensing change affects the licenses under which versions of GnuTLS can be redistributed. Update the README to reflect this change. | ||||
* | Fix patch version calculation when it contains non-numeric chars | Nikos Mavrogiannopoulos | 2014-03-27 | 1 | -1/+1 |
| | |||||
* | print RSA-EXPORT status | Nikos Mavrogiannopoulos | 2014-03-27 | 1 | -0/+1 |
| | |||||
* | use isascii instead of isprint for internationalized name detection | Nikos Mavrogiannopoulos | 2014-03-27 | 1 | -1/+1 |
| | |||||
* | bump so version | Nikos Mavrogiannopoulos | 2014-03-26 | 1 | -2/+2 |
| | |||||
* | fixes for 'medium' level | Nikos Mavrogiannopoulos | 2014-03-26 | 2 | -2/+2 |
| | |||||
* | add a check for invalid DH parameters. | Nikos Mavrogiannopoulos | 2014-03-26 | 1 | -0/+6 |
| | |||||
* | Add checks in tests for the DHE prime and exponent size. | Nikos Mavrogiannopoulos | 2014-03-26 | 2 | -0/+40 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-03-26 | 1 | -1/+2 |
| | |||||
* | fixed test to use the correct function names. | Nikos Mavrogiannopoulos | 2014-03-21 | 1 | -9/+9 |
| | |||||
* | Severely simplified hostname matching. | Nikos Mavrogiannopoulos | 2014-03-21 | 6 | -26/+51 |
| | | | | | | | | Now only wildcards only the leftmost position of the string are allowed (followed by at least two components), and are only taken into account into ascii strings. Non-ascii strings are compared byte-by-byte. That means that wildcards in the form bar*foo.example.com are no longer accepted, as well as wildcards of the form *.*.*.example.com. | ||||
* | use commit suffix for functions that return a status code. | Nikos Mavrogiannopoulos | 2014-03-21 | 3 | -15/+13 |
| | |||||
* | Simplifications in the RNG code. | Nikos Mavrogiannopoulos | 2014-03-20 | 2 | -19/+32 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-03-20 | 1 | -0/+2 |
| | |||||
* | the longer e-mail caused crash in autogen's manpage generation | Nikos Mavrogiannopoulos | 2014-03-20 | 1 | -1/+1 |
| | |||||
* | renamed some of the newly introduced functions | Nikos Mavrogiannopoulos | 2014-03-20 | 14 | -257/+257 |
| | |||||
* | set the invalid flag when the owner is unexpected. | Nikos Mavrogiannopoulos | 2014-03-20 | 1 | -1/+1 |
| | |||||
* | Changed the behaviour in wildcard acceptance in certificates. | Nikos Mavrogiannopoulos | 2014-03-19 | 3 | -6/+66 |
| | | | | | | Wildcards are only accepted when there are more than two domain components after the wildcard. This will prevent accepting certificates from CAs that issued '*.com', or 'www.*'. | ||||
* | doc update | Nikos Mavrogiannopoulos | 2014-03-19 | 1 | -0/+4 |
| | |||||
* | Added more key usage flags in the test for x509-extensions. | Nikos Mavrogiannopoulos | 2014-03-19 | 1 | -91/+111 |
| | |||||
* | x509-extensions test will fail if an unhandled extension is found. | Nikos Mavrogiannopoulos | 2014-03-19 | 1 | -1/+1 |
| | |||||
* | ship the gperf file and the generated one. | Nikos Mavrogiannopoulos | 2014-03-19 | 1 | -2/+4 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-03-19 | 8 | -29/+323 |
| | |||||
* | documented the new X.509 extension API | Nikos Mavrogiannopoulos | 2014-03-19 | 1 | -47/+102 |
| | |||||
* | Certtool can now write more than a single crl_dist_point. | Nikos Mavrogiannopoulos | 2014-03-19 | 3 | -23/+39 |
| | |||||
* | Added unit tests for new API | Nikos Mavrogiannopoulos | 2014-03-19 | 7 | -59/+918 |
| | |||||
* | Added new API to handle X.509 extensions. | Nikos Mavrogiannopoulos | 2014-03-19 | 15 | -1800/+4177 |
| | | | | | | | | | | | | This API handles the X.509 extensions in separate, allowing to parse similarly formatted extensions stored in other structures. In addition functions that simplify the extraction of extensions from known structures were added: - gnutls_x509_crq_get_extension_data2() - gnutls_x509_crl_get_extension_data2() - gnutls_x509_crt_get_extension_data2() The old functions were rewritten to use the new API. | ||||
* | doc update | Nikos Mavrogiannopoulos | 2014-03-14 | 1 | -0/+2 |
| | |||||
* | Corrected error checking in _gnutls_x509_ext_gen_proxyCertInfo | Nikos Mavrogiannopoulos | 2014-03-14 | 1 | -3/+3 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-03-13 | 1 | -1/+1 |
| | |||||
* | initialize pointer | Nikos Mavrogiannopoulos | 2014-03-12 | 1 | -1/+1 |
| | |||||
* | serv.c Fix memory leak for *crtinfo pointer. The reference is lost if an ↵ | Luis G.F | 2014-03-12 | 1 | -3/+6 |
| | | | | | | allocation error occured. Signed-off-by: Luis G.F <luisgf@luisgf.es> | ||||
* | use the number of seconds as serial in 32-bit systems | Nikos Mavrogiannopoulos | 2014-03-11 | 1 | -2/+6 |
| | |||||
* | Only check PK compatibility in client side but also when using openpgp certs. | Nikos Mavrogiannopoulos | 2014-03-11 | 1 | -0/+9 |
| | |||||
* | corrected initializer | Nikos Mavrogiannopoulos | 2014-03-11 | 1 | -2/+2 |
| | |||||
* | shortend static function names. | Nikos Mavrogiannopoulos | 2014-03-11 | 1 | -190/+121 |
| | |||||
* | verify that the algorithm of the received certificate matches the expected. | Nikos Mavrogiannopoulos | 2014-03-11 | 3 | -15/+56 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2014-03-10 | 1 | -0/+6 |
| | |||||
* | The xssl experimental library was removed. | Nikos Mavrogiannopoulos | 2014-03-10 | 16 | -1704/+7 |
| | | | | | While the idea of a high level library is nice, there are no resources to maintain an additional library. | ||||
* | Added option to enable linking with nettle-mini | Nikos Mavrogiannopoulos | 2014-03-09 | 3 | -6/+16 |
| | |||||
* | re-enabled certificate verification | Nikos Mavrogiannopoulos | 2014-03-08 | 1 | -1/+5 |
| | |||||
* | ciphersuites that utilize SHA256 or SHA384 are only available in TLS 1.0 | Nikos Mavrogiannopoulos | 2014-03-08 | 1 | -39/+39 |
| | | | | | | The SSL 3.0 protocol (rfc6101) uses a variant of HMAC that is only defined for MD5 and SHA1. Thus if such a ciphersuite is negotiated under SSL 3.0, it will during MAC initialization. | ||||
* | stricter type usage | Nikos Mavrogiannopoulos | 2014-03-08 | 22 | -55/+63 |
| |