summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* tests: use one-time files in crlcoverageNikos Mavrogiannopoulos2016-04-301-3/+3
|
* tests: check whether the randomly generate port is usedNikos Mavrogiannopoulos2016-04-301-1/+7
|
* .gitlab-ci.yml: enabled the code coverage checks in the valgrind and ubsan ↵Nikos Mavrogiannopoulos2016-04-301-3/+5
| | | | targets
* tests: enhanced the key-import-export testsNikos Mavrogiannopoulos2016-04-291-49/+246
| | | | This check now includes the abstract privkey import/export interfaces.
* corrected import issue in gnutls_privkey_import_ecc_rawNikos Mavrogiannopoulos2016-04-291-1/+1
|
* x509/privkey: in raw import functions set the parameter's algorithm typeNikos Mavrogiannopoulos2016-04-291-0/+3
|
* srp base64: return proper gnutls errors codes on error rather than -1Nikos Mavrogiannopoulos2016-04-291-4/+4
|
* tests: added checks for base64 functionsNikos Mavrogiannopoulos2016-04-293-1/+389
|
* .gitlab-ci.yml: added code coverage runNikos Mavrogiannopoulos2016-04-292-4/+8
| | | | | This enhances a test to print the code coverage of the test suite, which in turn is being used/reported by gitlab CI interface.
* ax_code_coverage.m4: updated to latest versionNikos Mavrogiannopoulos2016-04-291-30/+85
|
* libtasn1: updated to latest versionNikos Mavrogiannopoulos2016-04-293-6/+12
|
* doc updateNikos Mavrogiannopoulos2016-04-291-5/+9
|
* errors.h: gnutls_assert() will log the function name in addition to ↵Nikos Mavrogiannopoulos2016-04-291-1/+1
| | | | | | | filename/line This is quite necessary after the filenames were simplified and we have filenames with identical names in the directory structure.
* tests: added check for SRP ID change during rehandshakeNikos Mavrogiannopoulos2016-04-292-1/+275
| | | | | The tests make sure that username changes are allowed if the flag GNUTLS_ALLOW_ID_CHANGE is specified, and prohibited otherwise.
* tests: added check for PSK ID change during rehandshakeNikos Mavrogiannopoulos2016-04-292-1/+192
| | | | | The tests make sure that username changes are allowed if the flag GNUTLS_ALLOW_ID_CHANGE is specified, and prohibited otherwise.
* handshake: enhance same certificate checks to apply to PSK/SRP usernameNikos Mavrogiannopoulos2016-04-2913-47/+141
| | | | | | That is, unless GNUTLS_ALLOW_ID_CHANGE is specified, during a rehandshake clients will not be allowed to present another certificate than the original, or change their username for PSK or SRP ciphersuites.
* tests: added 'PFS' and 'SUITEB128' into the list of checked priority stringsNikos Mavrogiannopoulos2016-04-291-0/+2
|
* tests: fail() function will also print function and line informationNikos Mavrogiannopoulos2016-04-292-2/+5
|
* _gnutls_hex2bin: refuse to decode odd-sized hex dataNikos Mavrogiannopoulos2016-04-291-0/+3
|
* tests: added unit tests on the HEX encoding/decoding functionsNikos Mavrogiannopoulos2016-04-292-1/+226
|
* certtool: eliminated memory leaks in DH parameter printing/generation.Nikos Mavrogiannopoulos2016-04-283-1/+10
|
* certtool: combined all the seed decoding methods to a single oneNikos Mavrogiannopoulos2016-04-283-43/+44
| | | | | That not only simplifies the code, but also allows decoding hex strings which contain not hex chars (and that allows decoding hex of the form XX:XX:XX)
* Revert "tests: ensure the seed is provided in plain hex"Nikos Mavrogiannopoulos2016-04-281-5/+5
| | | | This reverts commit 0ea7206e12f52f6ed50c4a76ea0a23f5470115b2.
* tests: check certtool dh-parameter generation with --provable optionNikos Mavrogiannopoulos2016-04-282-1/+86
|
* tests: ensure the seed is provided in plain hexNikos Mavrogiannopoulos2016-04-281-5/+5
|
* certtool: allow specifying seed size when generating provable DH parametersNikos Mavrogiannopoulos2016-04-283-12/+49
|
* doc updateNikos Mavrogiannopoulos2016-04-281-0/+3
|
* tests: simplified custom-urls checkNikos Mavrogiannopoulos2016-04-281-56/+1
|
* tests: added check on whether builtin URLs cannot be overridenNikos Mavrogiannopoulos2016-04-282-1/+289
|
* keys: custom URLs take precedence over pre-defined URLsNikos Mavrogiannopoulos2016-04-284-32/+36
| | | | | | | This allows applications to define the own 'system:' or 'pkcs11:' URLs. Resolves #89
* x25519: ensure that a valid private key is present on key derivationNikos Mavrogiannopoulos2016-04-281-1/+1
|
* doc updateNikos Mavrogiannopoulos2016-04-281-0/+1
|
* tests: added check for GNUTLS_FORCE_CLIENT_CERT init flagNikos Mavrogiannopoulos2016-04-281-12/+20
|
* instead of assigning a variable per flag use the init flags directlyNikos Mavrogiannopoulos2016-04-288-41/+17
| | | | | That is store the flags provided in gnutls_init() in the session structure and use these flags directly when required.
* added flag in session to force sending a client certificateNikos Mavrogiannopoulos2016-04-284-8/+16
| | | | | | | | | This handles the use case of a client connecting to a server which incorrectly lists the CA certificates it supports. Without that change the only option was to avoid using the "automatic" client certificate functions, but rather utilize callbacks. With that approach this use case is handled by the "automatic" certificate selection functions.
* .gitlab-ci.yml: do not load submodules on CI since they are not usedNikos Mavrogiannopoulos2016-04-281-10/+10
| | | | This reduces the CI running time.
* tests: check client behavior of sending CA certificatesNikos Mavrogiannopoulos2016-04-283-1/+434
|
* doc: removed news about feature already backported in 3.4.6Nikos Mavrogiannopoulos2016-04-271-4/+0
|
* examples: introduced basic error checking in more examplesNikos Mavrogiannopoulos2016-04-276-141/+103
|
* examples: simplified the basic client exampleNikos Mavrogiannopoulos2016-04-271-11/+10
|
* examples: introduced basic error checking in main client examplesNikos Mavrogiannopoulos2016-04-272-47/+36
|
* examples: corrected the required version of exampleNikos Mavrogiannopoulos2016-04-271-2/+2
|
* tests: enhanced dane testing with offline verification checksNikos Mavrogiannopoulos2016-04-261-34/+573
|
* dane: verification will not fail if a CA entry is encountered but cannot be ↵Nikos Mavrogiannopoulos2016-04-261-3/+5
| | | | | | | | | verified That addresses the issue of verifying a single certificate against a list of TLSA entries that contain an entry with CA usage (cert usage 0). With the previous behavior verification would have failed, while now this entry will be skipped.
* doc: improved documentation on certificate and DANE verification functionsNikos Mavrogiannopoulos2016-04-262-10/+17
|
* dane: updated documentation of dane_verify_crt_rawNikos Mavrogiannopoulos2016-04-261-19/+4
|
* doc: added clarifications on documentation for dane_state_tNikos Mavrogiannopoulos2016-04-262-3/+7
|
* manpages: include the dane functions into the distributed pagesNikos Mavrogiannopoulos2016-04-261-2/+20
|
* ecdhe: eliminated unneeded checks for zero of public parametersNikos Mavrogiannopoulos2016-04-241-6/+0
| | | | | There were not required by either draft-ietf-tls-rfc4492bis-07 or rfc7748.
* doc: added example client application utilizing the 3.1.x APIsNikos Mavrogiannopoulos2016-04-243-5/+214
|
View Lorry Controller Status