Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | doc updatefalse-start | Nikos Mavrogiannopoulos | 2016-04-14 | 1 | -2/+3 |
| | |||||
* | tests: enhanced the false start checks | Nikos Mavrogiannopoulos | 2016-04-14 | 1 | -80/+141 |
| | | | | | | These now check whether sending and receiving is performed as expected after handshake, as well as test explicit handshake called by the application. | ||||
* | Updated false start support to be transparent to applications. | Nikos Mavrogiannopoulos | 2016-04-14 | 7 | -82/+87 |
| | | | | | | | That is, an additional flag GNUTLS_ENABLE_FALSE_START is introduced for gnutls_init(), and that enables support for false start. At this point false start will be performed by the handshake if possible, and gnutls_record_recv() will handle handshake completion. | ||||
* | doc update | Nikos Mavrogiannopoulos | 2016-04-14 | 1 | -2/+2 |
| | |||||
* | doc: updated docs related to private key generation | Nikos Mavrogiannopoulos | 2016-04-14 | 3 | -13/+18 |
| | |||||
* | certtool: do not allow combining --provable with --ecc in key generation | Nikos Mavrogiannopoulos | 2016-04-14 | 1 | -0/+6 |
| | | | | There is no such support in the library. | ||||
* | updated auto-generated files for new APIs | Nikos Mavrogiannopoulos | 2016-04-14 | 3 | -17/+143 |
| | |||||
* | doc: added tlsproxy example reference into documentation | Nikos Mavrogiannopoulos | 2016-04-14 | 5 | -9/+19 |
| | |||||
* | tests: pem-decoding: fixed issue preventing out-of-tree checks | Nikos Mavrogiannopoulos | 2016-04-13 | 1 | -1/+1 |
| | |||||
* | tests: pem-decoding: use unique temp files | Nikos Mavrogiannopoulos | 2016-04-13 | 1 | -17/+21 |
| | |||||
* | tests: enhanced mini-x509-kx with ECDHE-ECDSA ciphersuite testing | Nikos Mavrogiannopoulos | 2016-04-13 | 2 | -5/+23 |
| | | | | Also renamed it to cert-key-exchange for easier tracking. | ||||
* | handshake: do not overwrite the server's signature algorithm | Nikos Mavrogiannopoulos | 2016-04-13 | 1 | -1/+2 |
| | | | | | | That is, correct a bug under which a client sending a certificate would overwrite the server's idea about the used signature algorithm. Reported by Hubert Kario. | ||||
* | tests: enhanced mini-x509-kx with client auth scenarios | Nikos Mavrogiannopoulos | 2016-04-13 | 1 | -113/+40 |
| | |||||
* | tests: verify that the output of gnutls_sign_algorithm_get() is the expected one | Nikos Mavrogiannopoulos | 2016-04-13 | 1 | -6/+33 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2016-04-13 | 1 | -0/+5 |
| | |||||
* | ocsp: increased the preallocated space in check_ocsp_purpose to account for ↵ | Nikos Mavrogiannopoulos | 2016-04-13 | 1 | -1/+2 |
| | | | | | | | null terminator This relates to gnutls_x509_crt_get_key_purpose_oid() change to return null-terminated OIDs. | ||||
* | tests: enhanced and simplified SHA3 tests | Nikos Mavrogiannopoulos | 2016-04-13 | 6 | -101/+65 |
| | | | | Included checks about SHA3-224 and SHA3-384. | ||||
* | tests: added check of GOST cert decoding/printing | Nikos Mavrogiannopoulos | 2016-04-13 | 3 | -1/+65 |
| | | | | | This verifies whether our printing functions print the OID on unknown/unsupported algorithms. | ||||
* | x509 output: print the OID of certificates/CRLs/CRQs with unknown algorithms | Nikos Mavrogiannopoulos | 2016-04-13 | 1 | -65/+211 |
| | | | | | That is, if any unknown signature or subject public key algorithm is encountered the OID will be printed instead. | ||||
* | tests: added basic tests for CSR parsing | Nikos Mavrogiannopoulos | 2016-04-13 | 2 | -1/+227 |
| | | | | | This mainly includes tests on the new gnutls_x509_crq_get_signature_oid() and gnutls_x509_crt_get_algorithm_oid(). | ||||
* | tests: added basic tests on CRL parsing | Nikos Mavrogiannopoulos | 2016-04-13 | 2 | -1/+248 |
| | | | | That includes testing on the new gnutls_x509_crl_get_signature_oid() | ||||
* | tests: added basic functionality tests for gnutls_x509_crt_get_*_oid | Nikos Mavrogiannopoulos | 2016-04-13 | 1 | -5/+46 |
| | |||||
* | Added gnutls_x509_crl_get_signature_oid | Nikos Mavrogiannopoulos | 2016-04-13 | 3 | -0/+43 |
| | |||||
* | Added gnutls_x509_crq_get_signature_oid and gnutls_x509_crq_get_pk_oid | Nikos Mavrogiannopoulos | 2016-04-13 | 3 | -1/+87 |
| | |||||
* | Added gnutls_x509_crt_get_signature_oid and gnutls_x509_crt_get_pk_oid | Nikos Mavrogiannopoulos | 2016-04-13 | 3 | -0/+88 |
| | | | | | These functions can directly provide the textual object identifier of their corresponding fields. | ||||
* | gnutls_x509_crt_get_key_purpose_oid: copy the OID as a null-terminated string | Nikos Mavrogiannopoulos | 2016-04-13 | 1 | -1/+1 |
| | |||||
* | sign: corrected digest in SHA3-224 OID mapping | Nikos Mavrogiannopoulos | 2016-04-13 | 2 | -8/+9 |
| | |||||
* | configure: corrected regression which prevented the build of tests/suite | Nikos Mavrogiannopoulos | 2016-04-12 | 1 | -1/+1 |
| | | | | This regression was introduced at 8b97662c40c67a6d4087ce6e1f0c6fb6ea4a8b2c | ||||
* | gnutls_x509_ext_import_policies: initialize value to avoid compiler warnings | Nikos Mavrogiannopoulos | 2016-04-12 | 1 | -1/+1 |
| | |||||
* | README: removed inexistent package | Nikos Mavrogiannopoulos | 2016-04-12 | 1 | -2/+2 |
| | |||||
* | common.mk: corrected typo on LDFLAGS for coverage | Nikos Mavrogiannopoulos | 2016-04-12 | 3 | -3/+3 |
| | |||||
* | danetool: corrected typo in manual [ci skip] | Nikos Mavrogiannopoulos | 2016-04-12 | 1 | -1/+1 |
| | |||||
* | gnutls_packet_get: avoid null pointer dereference on NULL input | Nikos Mavrogiannopoulos | 2016-04-12 | 1 | -0/+1 |
| | | | | | That is, still allow the function to handle a NULL packet input but reset the data contents. | ||||
* | gnutls_x509_privkey_verify_seed: corrected typo that made the function ↵ | Nikos Mavrogiannopoulos | 2016-04-12 | 1 | -2/+0 |
| | | | | always return true | ||||
* | _gnutls_asn2err: declared as constant function | Nikos Mavrogiannopoulos | 2016-04-12 | 1 | -1/+2 |
| | |||||
* | load_dir_certs: use readdir() in all platforms | Nikos Mavrogiannopoulos | 2016-04-12 | 1 | -9/+1 |
| | | | | | | According to glibc documentation readdir_r() is deprecated and the use of readdir() is recommended. As such we switch to it on all platforms. | ||||
* | tests: combined the resume checks for Anonymous and PSK ciphersuites | Nikos Mavrogiannopoulos | 2016-04-12 | 3 | -612/+92 |
| | | | | | In addition enhanced it to check the resumption on the certificate ciphersuites as well. | ||||
* | configure: Add a code coverage option | Nikos Mavrogiannopoulos | 2016-04-12 | 7 | -6/+239 |
| | | | | | | | Configure with: ./configure --enable-code-coverage Show coverage output with: make && make check && make code-coverage-capture | ||||
* | Makefile.am: moved common rules (AM_CFLAGS) to common.mk | Nikos Mavrogiannopoulos | 2016-04-12 | 13 | -17/+27 |
| | |||||
* | gnutls_ocsp_resp_get_single: fail if thisUpdate is not available or unparsable | Nikos Mavrogiannopoulos | 2016-04-12 | 1 | -2/+3 |
| | | | | | That is because this field is not optional, and a failure on its parsing is always fatal. Reported by Yuan Jochen Kang. | ||||
* | gnutls_x509_privkey_import2: document an intentional fall through | Nikos Mavrogiannopoulos | 2016-04-12 | 1 | -0/+1 |
| | |||||
* | README: add abi-compliance-checker into install instructions | Nikos Mavrogiannopoulos | 2016-04-11 | 1 | -4/+4 |
| | |||||
* | gnutls_x509_crt_get_key_usage: ensure that its returned value is properly ↵ | Nikos Mavrogiannopoulos | 2016-04-11 | 2 | -5/+14 |
| | | | | | | handled Reported by Yuan Jochen Kang. | ||||
* | tests: do not enable valgrind in non-git builds | Nikos Mavrogiannopoulos | 2016-04-11 | 1 | -2/+16 |
| | |||||
* | hash: corrected the textual description of hashes | Nikos Mavrogiannopoulos | 2016-04-09 | 1 | -4/+4 |
| | |||||
* | corrected SHA3-224 OID | Nikos Mavrogiannopoulos | 2016-04-09 | 2 | -8/+8 |
| | |||||
* | x509 output: don't warn about insecure algorithm when unknown | Nikos Mavrogiannopoulos | 2016-04-09 | 2 | -3/+3 |
| | |||||
* | tests: remove any system specific code of ecore | Nikos Mavrogiannopoulos | 2016-04-09 | 2 | -55/+5 |
| | | | | | This was causing issues with certain builds and was not used for the purpose of testing. | ||||
* | tests: disable unsupported curves from compatibility checks | Nikos Mavrogiannopoulos | 2016-04-09 | 2 | -1/+5 |
| | | | | This allows running make check even when compiling with disable-suiteb-curves. | ||||
* | tests: removed unused scripts | Nikos Mavrogiannopoulos | 2016-04-09 | 2 | -118/+0 |
| |