summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* Treat othername as printable (i.e., null terminate it), as the XMPP printing ↵Nikos Mavrogiannopoulos2014-04-191-1/+2
| | | | code assumes that.
* cleanups in outputNikos Mavrogiannopoulos2014-04-191-7/+9
|
* gnutls_secure_malloc() is no longer part of the API (though it remains in ↵Nikos Mavrogiannopoulos2014-04-191-1/+0
| | | | the ABI).
* revived gnutls_secure_malloc() to avoid breaking ABI.Nikos Mavrogiannopoulos2014-04-192-1/+1
| | | | | gnutls_secure_calloc() is no longer exported as it was never in any public header.
* removed file from Makefile that doesn't existNikos Mavrogiannopoulos2014-04-191-1/+1
|
* Corrected decoding of XMPP SAN othername.Nikos Mavrogiannopoulos2014-04-194-19/+44
| | | | | This also corrects the semantics of the get_*_othername_oid() functions, such as gnutls_x509_crt_get_subject_alt_othername_oid().
* always initialize size valuesNikos Mavrogiannopoulos2014-04-181-0/+8
|
* copy_string() and copy_data() are more resilient on null inputNikos Mavrogiannopoulos2014-04-181-2/+4
|
* fix issue in gnutls_subject_alt_names_get().Nikos Mavrogiannopoulos2014-04-181-1/+1
| | | | | | That caused a null pointer dereference when extracting names from a certificate that contained an OtherName. Reported and investigated by Kirill A. Shutemov.
* Removed the already unused secure alloc functions.Nikos Mavrogiannopoulos2014-04-183-18/+1
|
* Use a harder to optimize out memset().Nikos Mavrogiannopoulos2014-04-184-15/+58
|
* corrected get_auth_info() for SRP-RSA.Nikos Mavrogiannopoulos2014-04-181-1/+1
|
* Avoid dual generation of key.Nikos Mavrogiannopoulos2014-04-182-12/+6
|
* use custom proc_server_kx for RSA-PSKNikos Mavrogiannopoulos2014-04-181-1/+18
|
* eliminated the leak of hint when deallocating the credentials.Nikos Mavrogiannopoulos2014-04-181-0/+1
|
* _gnutls_auth_info_set() will decide the replacing of auth info based on the ↵Nikos Mavrogiannopoulos2014-04-181-6/+5
| | | | | | provided credentials type. This avoids issues with discrepances in server and client mode.
* Made _gnutls_get_auth_info() safer to use.Nikos Mavrogiannopoulos2014-04-1816-77/+104
|
* When checking for data to be received use the 'transport_recv_ptr'Nikos Mavrogiannopoulos2014-04-181-1/+1
| | | | | This affects cases where there is different send and recv pointers. Reported and investigated by JMRecio.
* corrected uninitialized valueNikos Mavrogiannopoulos2014-04-171-1/+1
|
* Added self check functions to self-test.h.Nikos Mavrogiannopoulos2014-04-173-7/+39
|
* doc updateNikos Mavrogiannopoulos2014-04-161-6/+12
|
* several bug fixes due to coverity.Nikos Mavrogiannopoulos2014-04-1517-43/+50
|
* several bug fixes due to coverity.Nikos Mavrogiannopoulos2014-04-156-7/+15
|
* Corrected bugs reported from coverity in opencdk.Nikos Mavrogiannopoulos2014-04-158-50/+47
|
* correctly check for message upper limit.Nikos Mavrogiannopoulos2014-04-151-1/+1
|
* Allow a null ca file; i.e., allow setting only CRLs in ↵Nikos Mavrogiannopoulos2014-04-141-10/+12
| | | | gnutls_x509_trust_list_add_trust_file().
* Allow decoding PKCS #8 files with ECC parameters from openssl.Nikos Mavrogiannopoulos2014-04-115-28/+50
| | | | | These files do not contain the curve information with the private key (ECPrivateKey), but they rather contain it in the privateKeyAlgorithm.
* More strict checking of heartbeat padding size boundaries.Nikos Mavrogiannopoulos2014-04-111-8/+8
| | | | This will let us enforce RFC6520 minimum size for padding. Suggest by Peter Williams; initially investigated by Frank Li.
* unconditionally zeroize temporal keys.Nikos Mavrogiannopoulos2014-04-101-7/+2
|
* Do not include the FIPS140-specific functions into the main documentation.Nikos Mavrogiannopoulos2014-04-102-8/+8
|
* updated exported symbols table.Nikos Mavrogiannopoulos2014-04-101-5/+0
|
* mark functions that are only available under FIPS140 modeNikos Mavrogiannopoulos2014-04-103-19/+22
|
* doc updateNikos Mavrogiannopoulos2014-04-101-3/+4
|
* Enhanced _gnutls_check_key_cert_match()Nikos Mavrogiannopoulos2014-04-101-2/+30
| | | | | This function now performs a sign/verify test to check whether the public and private keys match.
* doc updateNikos Mavrogiannopoulos2014-04-101-1/+3
|
* removed double entryNikos Mavrogiannopoulos2014-04-091-2/+1
|
* Prevent gnulib from replacing strdup as we don't include this gnulib module.Nikos Mavrogiannopoulos2014-04-091-0/+6
|
* updated documentationNikos Mavrogiannopoulos2014-04-092-1/+7
|
* Replaced gnutls_certificate_verify_peers3() with the extendable ↵Nikos Mavrogiannopoulos2014-04-093-19/+61
| | | | | | | gnutls_certificate_verify_peers(). That will allow adding new functionality to verification without the need to add new functions.
* Added gnutls_certificate_verify_peers4 which will verify in addition to ↵Nikos Mavrogiannopoulos2014-04-085-2/+80
| | | | hostname, the purpose of the end-certificate.
* simulate gnutls_certificate_verify_peers2() using ↵Nikos Mavrogiannopoulos2014-04-081-24/+1
| | | | gnutls_certificate_verify_peers3().
* doc updateNikos Mavrogiannopoulos2014-04-081-10/+5
|
* doc updateNikos Mavrogiannopoulos2014-04-081-1/+4
|
* modify to conform to the documentated level.Nikos Mavrogiannopoulos2014-04-081-4/+4
|
* avoid checking or linking with libpthread in windowsNikos Mavrogiannopoulos2014-04-081-1/+5
|
* Allow multiple spaces into priorities file.Nikos Mavrogiannopoulos2014-04-071-3/+12
|
* The "SYSTEM" initial keyword was replaced with the more generic "@KEYWORD"Nikos Mavrogiannopoulos2014-04-071-50/+82
| | | | | | | The @KEYWORD string will open the pre-configured system priority file and will expand the KEYWORD, to the priority string set in the file. The file should have the following format: KEYWORD=PRIORITY_STRING
* Use the IANA assigned padding extension number.Nikos Mavrogiannopoulos2014-04-071-1/+3
|
* set the same flags in the second searchNikos Mavrogiannopoulos2014-04-051-0/+1
|
* corrected check for sorted server certificate chain.Nikos Mavrogiannopoulos2014-04-041-12/+7
|
View Lorry Controller Status