summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* corrected dategnutls_3_4_4Nikos Mavrogiannopoulos2015-08-101-1/+1
|
* include all cert-tests into distNikos Mavrogiannopoulos2015-08-091-8/+7
|
* updated auto-generated files for new functionsNikos Mavrogiannopoulos2015-08-093-0/+12
|
* doc updateNikos Mavrogiannopoulos2015-08-091-2/+3
|
* p11tool: test-sign will not fail if a pubkey is not foundNikos Mavrogiannopoulos2015-08-061-0/+2
|
* key decoding: set key to null for consistencyNikos Mavrogiannopoulos2015-08-041-1/+3
|
* key decoding: simplify decoding logic by removing the fallbackNikos Mavrogiannopoulos2015-08-041-25/+24
|
* doc updateNikos Mavrogiannopoulos2015-08-041-0/+3
|
* key decoding: corrected regression with PKCS #8 key decodingNikos Mavrogiannopoulos2015-08-041-0/+14
| | | | Reported by Daniel Berrange.
* tests: added check for decoding of a PKCS #8 key as fallbackNikos Mavrogiannopoulos2015-08-042-1/+75
|
* doc updateNikos Mavrogiannopoulos2015-08-031-0/+4
|
* pkcs11: set the CKA_TOKEN attribute on generated public keysNikos Mavrogiannopoulos2015-08-032-2/+10
| | | | | That also introduces the GNUTLS_PKCS11_OBJ_FLAG_NO_STORE_PUBKEY flag, to simulate the previous behavior.
* cfg.mk: fix order of arguments in gnulib-toolNikos Mavrogiannopoulos2015-08-011-1/+1
|
* tests: added check for the fallback SCSVNikos Mavrogiannopoulos2015-08-012-1/+359
|
* handshake: check inappropriate fallback against the configured max versionNikos Mavrogiannopoulos2015-08-011-3/+3
| | | | | That allows to operate on a server which is explicitly configured to utilize earlier than TLS 1.2 versions.
* corrected GNUTLS_E_INAPPROPRIATE_FALLBACK error codeNikos Mavrogiannopoulos2015-08-011-1/+1
|
* doc updateNikos Mavrogiannopoulos2015-08-011-0/+3
|
* copy_ciphersuites: use definition for reserved ciphersuitesNikos Mavrogiannopoulos2015-08-011-3/+3
|
* handshake: add FALLBACK_SCSV priority optionAlessandro Ghedini2015-08-015-1/+23
| | | | | This allows clients to enable the TLS_FALLBACK_SCSV mechanism during the handshake, as defined in RFC7507.
* handshake: check for TLS_FALLBACK_SCSVAlessandro Ghedini2015-08-015-20/+39
| | | | | | | | If TLS_FALLBACK_SCSV was sent by the client during the handshake, and the advertised protocol version is lower than GNUTLS_TLS_VERSION_MAX, send the "Inappropriate fallback" fatal alert and abort the handshake. This mechanism was defined in RFC7507.
* use the gettext-h gnulib moduleNikos Mavrogiannopoulos2015-08-0155-2267/+252
|
* tests: added missing certtool-long-cnNikos Mavrogiannopoulos2015-08-011-0/+53
|
* safe renegotiation: simulate receiving the extension on receival of SCSVNikos Mavrogiannopoulos2015-07-311-0/+1
|
* made data2hex() safer, and eliminated mem leakNikos Mavrogiannopoulos2015-07-311-8/+12
|
* tests: added check for proper handling of very long CNsNikos Mavrogiannopoulos2015-07-312-5/+354
|
* tests: added check for server sending (or not) status request messagesNikos Mavrogiannopoulos2015-07-313-1/+698
|
* doc updateNikos Mavrogiannopoulos2015-07-311-0/+3
|
* updated the required gettext version to match the macros from gnulibNikos Mavrogiannopoulos2015-07-311-1/+1
|
* safe renegotiation: handle case where client didn't send any extensionNikos Mavrogiannopoulos2015-07-311-0/+4
| | | | That was affected by the "don't try to send extensions we didn't receive".
* tpm: avoid warningNikos Mavrogiannopoulos2015-07-311-1/+1
|
* As server don't try to send extensions we didn't receive.Nikos Mavrogiannopoulos2015-07-313-29/+36
|
* doc updateNikos Mavrogiannopoulos2015-07-211-0/+2
|
* tpm: use gnutls_hex_decode for uuid decodingNikos Mavrogiannopoulos2015-07-211-2/+5
|
* psk: use gnutls_hex_decode2 for key decodingNikos Mavrogiannopoulos2015-07-211-11/+4
|
* system-keys-win: use gnutls_hex_decode for ID decodingNikos Mavrogiannopoulos2015-07-211-1/+4
|
* openpgp: use gnutls_hex_decode for keyid decodingNikos Mavrogiannopoulos2015-07-211-2/+8
|
* DN decoding: use gnutls_hex_encodeNikos Mavrogiannopoulos2015-07-211-8/+14
|
* Introduced gnutls_hex_encode2() and gnutls_hex_decode2()Nikos Mavrogiannopoulos2015-07-217-13/+277
| | | | | These also use safer hex decoding functions which don't skip invalid input.
* doc updateNikos Mavrogiannopoulos2015-07-201-2/+4
|
* x509: simplified data to hex conversion in unknown DN namesNikos Mavrogiannopoulos2015-07-201-47/+13
|
* gnutls_prf_rfc5705: Allow for non-null context and zero context lengthNikos Mavrogiannopoulos2015-07-202-1/+5
|
* bumped versionNikos Mavrogiannopoulos2015-07-203-4/+7
|
* tests: added cross-check between gnutls_prf_rfc5705() and gnutls_prf()Nikos Mavrogiannopoulos2015-07-201-0/+25
|
* removed legacy libgcrypt flagsNikos Mavrogiannopoulos2015-07-203-3/+1
|
* gnutls_prf_rfc5705: optimize in the common use case, by avoiding mallocNikos Mavrogiannopoulos2015-07-202-12/+15
| | | | Also don't handle specially the case of non-NULL context and context_size of zero.
* ignore more filesNikos Mavrogiannopoulos2015-07-201-0/+10
|
* p11tool: fix documentation for --generate-ecc and generate-dsaNikos Mavrogiannopoulos2015-07-201-4/+4
|
* gnutls_prf_rfc5705: mention the version it was introduced atNikos Mavrogiannopoulos2015-07-201-0/+2
|
* doc updateNikos Mavrogiannopoulos2015-07-201-0/+10
|
* tests: added check for gnutls_prf() and gnutls_prf_rfc5705Nikos Mavrogiannopoulos2015-07-202-1/+435
|
View Lorry Controller Status