Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | added missing filesgnutls_2_10_x | Alexander von Klinski | 2013-08-30 | 2 | -0/+536 |
| | |||||
* | [PATCH 1/1] our modifications to gnutls 2.10.2 | Alexander von Klinski | 2013-07-23 | 8 | -10/+46 |
| | | | | This adds RSA-PSK to 2.10.x. | ||||
* | Fix size of gnutls_openpgp_keyid_t by using the GNUTLS_OPENPGP_KEYID_SIZE ↵ | Nikos Mavrogiannopoulos | 2011-03-26 | 4 | -9/+11 |
| | | | | | | definition. Reported by Andreas Metzler. | ||||
* | Corrected uninitialized var deinitiation. Reported by Vitaly Kruglikov. | Nikos Mavrogiannopoulos | 2011-03-26 | 1 | -0/+2 |
| | |||||
* | fix for C++. | Nikos Mavrogiannopoulos | 2011-03-26 | 1 | -0/+9 |
| | |||||
* | Corrected access to freed memory location. Reported by Vitaly Kruglikov. | Nikos Mavrogiannopoulos | 2011-03-26 | 1 | -12/+14 |
| | |||||
* | Generated.gnutls_2_10_5 | Simon Josefsson | 2011-02-28 | 1 | -0/+64 |
| | |||||
* | Handle multi-word $GNUTLS_REQUIRES_PRIVATE's. | Simon Josefsson | 2011-02-28 | 1 | -2/+2 |
| | |||||
* | Version 2.10.5. | Simon Josefsson | 2011-02-28 | 1 | -1/+1 |
| | |||||
* | Document pkg-config changes. | Simon Josefsson | 2011-02-27 | 1 | -1/+5 |
| | |||||
* | SHA1 or better check fixed. | Nikos Mavrogiannopoulos | 2011-02-27 | 1 | -1/+1 |
| | |||||
* | documented fix. | Nikos Mavrogiannopoulos | 2011-02-27 | 1 | -0/+2 |
| | |||||
* | corrected finished packet check. | Nikos Mavrogiannopoulos | 2011-02-27 | 1 | -4/+6 |
| | |||||
* | Corrected signature generation and verification | Nikos Mavrogiannopoulos | 2011-02-12 | 2 | -5/+40 |
| | | | | | in the Certificate Verify message when in TLS 1.2. Reported by Todd A. Ouska. | ||||
* | pkg-config: If gnutls is built with zlib support list zlib in Requires.private. | Andreas Metzler | 2011-02-05 | 2 | -1/+9 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | pkg-config: drop @LIBGNUTLS_LIBS@ from Libs.private. This library only ↵ | Andreas Metzler | 2011-02-05 | 1 | -1/+1 |
| | | | | | | contains gnutls itself nowadays, which is in Libs already. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | pkg-config: Move libtasn1 from Libs.private to Requires.private since ↵ | Andreas Metzler | 2011-02-05 | 2 | -1/+6 |
| | | | | | | libtasn1 provides a .pc file. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | adapt pkg-config file for switch from AM_PATH_LIBGCRYPT to AC_LIB_HAVE_LINKFLAGS | Andreas Metzler | 2011-02-05 | 1 | -1/+1 |
| | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | Bump versions. | Simon Josefsson | 2010-12-06 | 5 | -4/+9 |
| | |||||
* | Update for 2.10.4. | Simon Josefsson | 2010-12-06 | 1 | -64/+17 |
| | |||||
* | Generated.gnutls_2_10_4 | Simon Josefsson | 2010-12-06 | 1 | -0/+103 |
| | |||||
* | Version 2.10.4. | Simon Josefsson | 2010-12-06 | 1 | -1/+1 |
| | |||||
* | minitasn1: Updated to Libtasn1 2.9. | Simon Josefsson | 2010-12-06 | 5 | -68/+33 |
| | |||||
* | Bump versions. | Simon Josefsson | 2010-12-06 | 3 | -3/+3 |
| | |||||
* | Use ASN1_NULL when writing parameters for RSA signatures. This makes us ↵ | Nikos Mavrogiannopoulos | 2010-12-05 | 6 | -4/+14 |
| | | | | comply with RFC3279. Reported by Michael Rommel. | ||||
* | Corrected buffer overflow in gnutls-serv by Tomas Mraz. | Nikos Mavrogiannopoulos | 2010-12-05 | 2 | -26/+22 |
| | | | | | | | | | | | | | The gnutls-serv uses fixed allocated buffer for the response which can be pretty long if a client certificate is presented to it and the http header is large. This causes buffer overflow and heap corruption which then leads to random segfaults or aborts. It was reported originally here: https://bugzilla.redhat.com/show_bug.cgi?id=659259 The attached patch changes sprintf calls in peer_print_info() to snprintf so the buffer is never overflowed. | ||||
* | Reverted default behavior for verification and introduced ↵ | Nikos Mavrogiannopoulos | 2010-11-26 | 7 | -23/+25 |
| | | | | | | GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT. Thus by default V1 trusted CAs are allowed, unless the new flag is specified. | ||||
* | Fix dependencies, fixes parallel builds. | Simon Josefsson | 2010-11-23 | 1 | -1/+1 |
| | | | | Tiny patch from Graham Gower <graham.gower@gmail.com>. | ||||
* | corrected news | Nikos Mavrogiannopoulos | 2010-11-21 | 1 | -1/+1 |
| | |||||
* | bumped version | Nikos Mavrogiannopoulos | 2010-11-19 | 2 | -2/+2 |
| | |||||
* | added infognutls_2_10_3 | Nikos Mavrogiannopoulos | 2010-11-16 | 1 | -0/+3 |
| | |||||
* | Correctly write DSA public key in ASN.1 (add leading zero). Reported by ↵ | Nikos Mavrogiannopoulos | 2010-11-16 | 1 | -1/+1 |
| | | | | Jeffrey Walton. | ||||
* | Removed redundant error check. Reported by Nicolas Kaiser. | Nikos Mavrogiannopoulos | 2010-11-11 | 1 | -8/+0 |
| | |||||
* | Corrected leak in extension data calculation. Reported by Mike Blumenkrantz. | Nikos Mavrogiannopoulos | 2010-11-03 | 2 | -0/+4 |
| | |||||
* | Avoid bashism. | Simon Josefsson | 2010-09-30 | 1 | -1/+1 |
| | | | | | Reported by m.drochner@fz-juelich.de in <http://savannah.gnu.org/support/?107449>. | ||||
* | Don't return from void functions. | Simon Josefsson | 2010-09-30 | 1 | -2/+2 |
| | | | | | Reported by Dagobert Michelsen <dam@opencsw.org> in <http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4566>. | ||||
* | Add. | Simon Josefsson | 2010-09-30 | 1 | -0/+2 |
| | |||||
* | Bump versions. | Simon Josefsson | 2010-09-30 | 5 | -4/+9 |
| | |||||
* | Remove spurious comma. | Simon Josefsson | 2010-09-30 | 1 | -2/+2 |
| | |||||
* | Remove spurious comma. | Simon Josefsson | 2010-09-30 | 1 | -2/+2 |
| | |||||
* | Generated.gnutls_2_10_2 | Simon Josefsson | 2010-09-30 | 1 | -0/+93 |
| | |||||
* | Version 2.10.2. | Simon Josefsson | 2010-09-30 | 1 | -1/+1 |
| | |||||
* | Make pkcs8-decode test work on Windows. | Simon Josefsson | 2010-09-30 | 2 | -1/+3 |
| | |||||
* | Avoid double free. | Nikos Mavrogiannopoulos | 2010-09-29 | 1 | -1/+0 |
| | |||||
* | Add new extended key usage ipsecIKE | Micah Anderson | 2010-09-29 | 7 | -1/+48 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to RFC 4945 § 5.1.3.12 section title "ExtendedKeyUsage"[0] the following extended key usage has been added: ... this document defines an ExtendedKeyUsage keyPurposeID that MAY be used to limit a certificate's use: id-kp-ipsecIKE OBJECT IDENTIFIER ::= { id-kp 17 } where id-kp is defined in RFC 3280 [5]. If a certificate is intended to be used with both IKE and other applications, and one of the other applications requires use of an EKU value, then such certificates MUST contain either the keyPurposeID id-kp-ipsecIKE or anyExtendedKeyUsage [5], as well as the keyPurposeID values associated with the other applications. Similarly, if a CA issues multiple otherwise-similar certificates for multiple applications including IKE, and it is intended that the IKE certificate NOT be used with another application, the IKE certificate MAY contain an EKU extension listing a keyPurposeID of id-kp-ipsecIKE to discourage its use with the other application. Recall, however, that EKU extensions in certificates meant for use in IKE are NOT RECOMMENDED. Conforming IKE implementations are not required to support EKU. If a critical EKU extension appears in a certificate and EKU is not supported by the implementation, then RFC 3280 requires that the certificate be rejected. Implementations that do support EKU MUST support the following logic for certificate validation: o If no EKU extension, continue. o If EKU present AND contains either id-kp-ipsecIKE or anyExtendedKeyUsage, continue. o Otherwise, reject cert. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
* | removed invalid e-mail address | Nikos Mavrogiannopoulos | 2010-09-27 | 1 | -1/+1 |
| | |||||
* | Add. | Simon Josefsson | 2010-09-26 | 1 | -0/+2 |
| | |||||
* | Add. | Simon Josefsson | 2010-09-26 | 1 | -5/+15 |
| | |||||
* | No longer use is_fatal() during handshake. Explicitely treat | Nikos Mavrogiannopoulos | 2010-09-23 | 1 | -1/+6 |
| | | | | | | EAGAIN and INTERRUPTED as non-fatal during handshake. If the check_fatal flag is set then GNUTLS_E_WARNING_ALERT_RECEIVED could interrupt a handshake as well. | ||||
* | fflush stdout and stderr before the call to setbuf. This fixes issue in ↵ | Nikos Mavrogiannopoulos | 2010-09-23 | 1 | -0/+3 |
| | | | | solaris where lines dissappeared from output. Reported and suggested fix by Knut Anders Hatlen. |