summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix autoconf warnings in libopts.m4Dmitry Eremin-Solenikov2016-10-271-12/+12
| | | | | | | | | | | | | | | | | | | | Without this patch Autoconf will spam console with the following kind of messages: configure.ac:650: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ../../lib/autoconf/lang.m4:193: AC_LANG_CONFTEST is expanded from... ../../lib/autoconf/general.m4:2740: _AC_RUN_IFELSE is expanded from... ../../lib/m4sugar/m4sh.m4:639: AS_IF is expanded from... ../../lib/autoconf/general.m4:2759: AC_RUN_IFELSE is expanded from... ../../lib/m4sugar/m4sh.m4:639: AS_IF is expanded from... ../../lib/autoconf/general.m4:2042: AC_CACHE_VAL is expanded from... src/libopts/m4/libopts.m4:386: LIBOPTS_RUN_FOPEN_TEXT is expanded from... src/libopts/m4/libopts.m4:425: INVOKE_LIBOPTS_MACROS is expanded from... src/libopts/m4/libopts.m4:560: AM_COND_IF is expanded from... src/libopts/m4/libopts.m4:581: LIBOPTS_CHECK is expanded from... configure.ac:650: the top level Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* cfg.mk: fix m4 files removalDmitry Eremin-Solenikov2016-10-271-3/+3
| | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* tests: better check for gnutls_ecc_curve_get resultNikos Mavrogiannopoulos2016-10-261-1/+3
|
* Terminate handshake if only unknown or disabled signatures are advertized by ↵Nikos Mavrogiannopoulos2016-10-262-8/+8
| | | | | | the peer That is, do not attempt to proceed assuming that the peer supports SHA-1.
* Fix compilation of tests if nettle is not installed in standard pathDmitry Eremin-Solenikov2016-10-254-14/+15
| | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* gnutls-cli-debug: corrected TLS1.2 detectionNikos Mavrogiannopoulos2016-10-251-1/+1
|
* doc updateNikos Mavrogiannopoulos2016-10-241-0/+7
|
* modified the gnutls_certificate_set_key* changeNikos Mavrogiannopoulos2016-10-2413-27/+285
| | | | | | | | | While the change was fully backwards compatible for applications that were adding a single certificate, and applications that were checking for negative errors codes, many applications do not. As this may cause incompatibility issues with software properly utilizing the previously documented API, the change is reverted, and applications need to explicitly enable a flag (GNUTLS_CERTIFICATE_API_V2) in the credentials structure for the set_key functions to return an index.
* tests: removed nohats.ca from testdaneNikos Mavrogiannopoulos2016-10-221-1/+1
| | | | The host seems to be unreliable.
* .travis.yml: use as many jobs as CPUs in OSXNikos Mavrogiannopoulos2016-10-211-2/+2
|
* .travis.yml: do not run the public submodule checks of maint.mkNikos Mavrogiannopoulos2016-10-211-1/+1
| | | | | These seem to be problematic to detect modification and are preventing the CI from operating.
* .travis.yml: simplified the submodule checkoutNikos Mavrogiannopoulos2016-10-211-1/+6
| | | | The default submodule initialization in travis caused the MacOSX builds to fail.
* Added casts to prevent compiler warningsNikos Mavrogiannopoulos2016-10-212-3/+5
|
* corrected typoNikos Mavrogiannopoulos2016-10-211-2/+1
|
* README.md: corrected link to travius buildNikos Mavrogiannopoulos2016-10-211-1/+1
|
* .travis.yml: added support for compiling in macosxNikos Mavrogiannopoulos2016-10-217-5/+1029
|
* doc updateNikos Mavrogiannopoulos2016-10-211-0/+1
|
* tests: added checks for the new GNUTLS_NO_TICKETS flagNikos Mavrogiannopoulos2016-10-213-1/+577
|
* gnutls_init: added GNUTLS_NO_TICKETS flagsNikos Mavrogiannopoulos2016-10-212-2/+8
| | | | | | These flags allow the callers to disable the automatically enabled session tickets. This could be done only with GNUTLS_NO_EXTENSIONS which also disabled other useful extensions.
* tests: added pkcs11-privkey-exporttmp-pkcs11-tests-updateNikos Mavrogiannopoulos2016-10-202-1/+162
| | | | | This checks whether the public parts of RSA private and public keys can be properly extracted from a PKCS#11 module.
* Expose CKA_PUBLIC_EXPONENT and CKA_MODULUS for private keys tooJakub Jelen2016-10-201-2/+4
|
* tests/pkcs11: Return also CKA_CLASSJakub Jelen2016-10-201-0/+12
|
* tests/pkcs11: Expose SUBJECT for certificates, PUBLIC_EXPONENT and MODULUS ↵Jakub Jelen2016-10-201-0/+59
| | | | for public keys to widen compatibility
* doc update [ci skip]Nikos Mavrogiannopoulos2016-10-183-0/+10
|
* updated auto-generated filespkcs7-time-checkNikos Mavrogiannopoulos2016-10-183-0/+4
|
* doc updateNikos Mavrogiannopoulos2016-10-182-1/+3
|
* certtool: allow setting key purposes for non-CA certificatesNikos Mavrogiannopoulos2016-10-181-66/+69
| | | | | | That is, allow setting code signing, or time stamping key purpose in certificates that are not marked as CA. The previous restriction served no purpose.
* certtool: introduce key purpose checks in p7 direct verificationNikos Mavrogiannopoulos2016-10-181-2/+9
|
* x509: introduced gnutls_x509_crt_check_key_purpose()Nikos Mavrogiannopoulos2016-10-183-1/+29
|
* gnutls_x509_crt_verify_data2: introduce constraints checks on the provided ↵Nikos Mavrogiannopoulos2016-10-185-13/+95
| | | | | | certificate That is check the provided certificate for validity in time and key usage.
* tests: introduced verification constraints checks for PKCS#7 structuresNikos Mavrogiannopoulos2016-10-188-5/+408
| | | | That is, key purpose checks and more elaborate time checks.
* gnutls-serv: use the included known DH parameters by defaulttmp-dh-params-ffdheNikos Mavrogiannopoulos2016-10-172-42/+31
|
* doc updateNikos Mavrogiannopoulos2016-10-171-0/+9
|
* certtool: manpage updateNikos Mavrogiannopoulos2016-10-141-3/+7
|
* getfuncs-map.pl: ignore the ffdhe exported parametersNikos Mavrogiannopoulos2016-10-141-0/+12
| | | | | That is ignore the new variables exported which are not functions, and thus cannot be detected by getfuncs-map.pl.
* updated auto-generated filesNikos Mavrogiannopoulos2016-10-143-0/+24
|
* tests: crl-test: use a unique temp fileNikos Mavrogiannopoulos2016-10-141-4/+5
|
* tests: added sanity check for included primesNikos Mavrogiannopoulos2016-10-142-2/+60
|
* doc: discuss the set_known_dh_params and use it in the examplesNikos Mavrogiannopoulos2016-10-147-114/+50
|
* tests: check gnutls_psk_set_server_known_dh_paramsNikos Mavrogiannopoulos2016-10-144-1/+178
|
* tests: check gnutls_anon_set_server_known_dh_paramsNikos Mavrogiannopoulos2016-10-144-1/+158
|
* tests: check gnutls_certificate_set_known_dh_paramsNikos Mavrogiannopoulos2016-10-142-1/+105
|
* DH: introduced gnutls_*_set_known_dh_params()Nikos Mavrogiannopoulos2016-10-1410-2/+207
| | | | | | | | | | | That is, the functions gnutls_certificate_set_known_dh_params(), gnutls_anon_set_server_known_dh_params(), gnutls_psk_set_server_known_dh_params(). These functions allow to statically set the DH parameters, based on the RFC7919 FFDHE parameters. This can simplify server configuration by allowing DH without loading parameters from file. Relates #37
* certtool: --get-dh-params will output the FFDHE primes instead of the SRP primesNikos Mavrogiannopoulos2016-10-141-2/+30
|
* DH: export the FFDHE Diffie-Hellman valuesNikos Mavrogiannopoulos2016-10-144-1/+422
|
* .gitlab-ci.yml: use fedora's mingw-cmocka packagesNikos Mavrogiannopoulos2016-10-141-4/+2
|
* more files to ignoreNikos Mavrogiannopoulos2016-10-141-0/+12
|
* tests: added check for PKCS#7 catalog file parsing and data extractingNikos Mavrogiannopoulos2016-10-142-1/+134
|
* tests: updated pkcs7 text outputs to account for certtool updateNikos Mavrogiannopoulos2016-10-144-0/+6999
|
* certtool: --p7-info will include the PKCS#7 encoded data in PEM formatNikos Mavrogiannopoulos2016-10-141-1/+12
|
View Lorry Controller Status