summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* fix memory leak in ECDSA key parameters verificationgnutls_3_3_15Jan Vcelak2015-05-031-0/+5
| | | | Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>
* updated NEWSNikos Mavrogiannopoulos2015-05-031-1/+1
|
* released 3.3.15Nikos Mavrogiannopoulos2015-05-033-3/+3
|
* doc: updated gnutls_dtls_set_timeoutsNikos Mavrogiannopoulos2015-05-031-3/+0
|
* gnutls_handshake_set_timeout will properly work with DTLSNikos Mavrogiannopoulos2015-05-031-0/+5
|
* doc: fixed example with DTLS timeoutsNikos Mavrogiannopoulos2015-05-031-2/+1
|
* updated minitasn1Nikos Mavrogiannopoulos2015-04-282-2/+3
|
* doc updateNikos Mavrogiannopoulos2015-04-251-1/+4
|
* tests: added reproducer for the MD5 acceptance issueNikos Mavrogiannopoulos2015-04-252-1/+366
| | | | | | | | Reported by Karthikeyan Bhargavan. http://lists.gnutls.org/pipermail/gnutls-devel/2015-April/007572.html Conflicts: tests/Makefile.am
* before falling back to SHA1 as signature algorithm in TLS 1.2 check if it is ↵Nikos Mavrogiannopoulos2015-04-251-1/+5
| | | | enabled
* _gnutls_session_sign_algo_enabled: do not consider any values from the ↵Nikos Mavrogiannopoulos2015-04-251-17/+1
| | | | extension data to decide acceptable algorithms
* set the value used by gnutls_certificate_client_get_request_status prior to ↵Nikos Mavrogiannopoulos2015-04-251-5/+5
| | | | | | | selecting certificate That allows gnutls_certificate_client_get_request_status() to be properly operating from the callback. Reported by Anton Lavrentiev.
* fixed doc: reported by Anton LavrentievNikos Mavrogiannopoulos2015-04-221-3/+3
|
* doc updateNikos Mavrogiannopoulos2015-04-211-0/+13
|
* gnutls_certificate_get_ours: will return the certificate even if a callback ↵Nikos Mavrogiannopoulos2015-04-211-1/+1
| | | | | | | was used This corrects a bug where this function would not work, when gnutls_certificate_set_retrieve_function2() was used.
* ensure that the X.509 version number is one byte onlyNikos Mavrogiannopoulos2015-04-211-1/+1
|
* Check for invalid length in the X.509 version fieldNikos Mavrogiannopoulos2015-04-201-1/+10
| | | | | If such an invalid length is detected, reject the certificate. Reported by Hanno Böck.
* tests: mini-loss-time: ignore sigpipeNikos Mavrogiannopoulos2015-03-301-0/+1
|
* released 3.3.14gnutls_3_3_14Nikos Mavrogiannopoulos2015-03-301-1/+1
|
* tests: change the default port in testcompat to avoid clash with testsrnNikos Mavrogiannopoulos2015-03-301-1/+1
|
* doc: increase border spacing in HTML tablesNikos Mavrogiannopoulos2015-03-301-0/+1
|
* bumped versionNikos Mavrogiannopoulos2015-03-292-2/+2
|
* doc updateNikos Mavrogiannopoulos2015-03-291-0/+10
|
* do not penalize CBC ciphers with the maximum send data sizeNikos Mavrogiannopoulos2015-03-291-6/+0
| | | | | | That reduced the maximum send size for CBC ciphers from 16384 to 16384-(block size), which was unnecessary and was causing issues: https://bugs.winehq.org/show_bug.cgi?id=37500
* made ciphersuites.c more self-contained to be handled by test-ciphersuites.shNikos Mavrogiannopoulos2015-03-292-1/+2
|
* Better fix for the double free in dist point parsingNikos Mavrogiannopoulos2015-03-281-4/+6
|
* updated libtasn1Nikos Mavrogiannopoulos2015-03-282-4/+5
|
* gnutls_subject_alt_names_set and gnutls_x509_aki_set_cert_issuer will set ↵Nikos Mavrogiannopoulos2015-03-284-2/+67
| | | | null-terminated strings
* eliminated double-free in the parsing of dist pointsNikos Mavrogiannopoulos2015-03-271-1/+0
| | | | Reported by Robert Święcki.
* doc updateNikos Mavrogiannopoulos2015-03-271-0/+7
|
* gnutls_pkcs11_privkey_generate2: increased the size of ck_attributesNikos Mavrogiannopoulos2015-03-271-1/+1
|
* pkcs11: check gnutls_rnd() for error conditionNikos Mavrogiannopoulos2015-03-271-1/+6
|
* gnutls_pkcs11_privkey_generate2: set a CKA_ID on key generationNikos Mavrogiannopoulos2015-03-271-1/+13
|
* pkcs11: set the CKA_SIGN and CKA_DECRYPT flags when writing a private keyNikos Mavrogiannopoulos2015-03-261-1/+14
|
* When an application calls gnutls_server_name_set() with a name of zero size ↵Nikos Mavrogiannopoulos2015-03-261-0/+5
| | | | | | disable the extension Resolves #2
* doc updateNikos Mavrogiannopoulos2015-03-251-0/+7
|
* name constraints: when no name of the type is found, accept the certificateNikos Mavrogiannopoulos2015-03-251-4/+12
| | | | This follows RFC5280 advice closely. Reported by Fotis Loukos.
* avoid overflow when receiving DTLS 0.9 CCSNikos Mavrogiannopoulos2015-03-201-2/+2
|
* Fixed handling of supplemental data with types > 255.Nikos Mavrogiannopoulos2015-03-131-2/+2
| | | | Patch by Thierry Quemerais.
* doc updateNikos Mavrogiannopoulos2015-03-131-1/+1
|
* gnutls_priority_init: document that priorities can be NULLNikos Mavrogiannopoulos2015-03-131-12/+7
|
* corrected self test for 3DESNikos Mavrogiannopoulos2015-03-131-1/+2
|
* pkcs11: only set ID and label when both size and data are setNikos Mavrogiannopoulos2015-03-111-3/+3
|
* configure: check for /usr/share/dns/root.key as well for dns root keyNikos Mavrogiannopoulos2015-03-111-1/+5
|
* corrected macro which checks libtasn1 for asn1_decode_simple_berNikos Mavrogiannopoulos2015-03-091-7/+9
|
* minitasn1: updated to libtasn1 4.3Nikos Mavrogiannopoulos2015-03-093-6/+197
|
* rearranged internal documentationNikos Mavrogiannopoulos2015-03-091-26/+27
|
* tools: added ftp as a starttls protocolNikos Mavrogiannopoulos2015-03-094-4/+12
|
* gnutls-cli: starttls and starttls-proto can't mixNikos Mavrogiannopoulos2015-03-091-0/+1
|
* expand on SECURE256 being an alias to SECURE192Nikos Mavrogiannopoulos2015-03-071-1/+3
|
View Lorry Controller Status