summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Combined checks for printable characterstmp-idna-writeNikos Mavrogiannopoulos2016-11-252-20/+6
|
* doc updateNikos Mavrogiannopoulos2016-11-251-0/+4
|
* tests: updated crt_apis to include setting UTF-8 SANNikos Mavrogiannopoulos2016-11-251-1/+54
|
* tests: updated crq_apis to include setting UTF-8 SANNikos Mavrogiannopoulos2016-11-251-17/+62
|
* gnutls_idna_map: check for printable data prior to mappingNikos Mavrogiannopoulos2016-11-251-0/+4
|
* gnutls_x509_aia_set: IDNA encode when neededNikos Mavrogiannopoulos2016-11-253-31/+47
|
* When writing alternative names to certificates ensure we write in ACE formatNikos Mavrogiannopoulos2016-11-2511-16/+129
|
* doc updateNikos Mavrogiannopoulos2016-11-251-0/+4
|
* tests: added pkcs7 verification with struct generated from openssl (with keyid)Nikos Mavrogiannopoulos2016-11-254-3/+107
|
* tests: added pkcs7 verification with struct generated from opensslNikos Mavrogiannopoulos2016-11-254-3/+101
|
* doc: added certificate for ECC with any purposeNikos Mavrogiannopoulos2016-11-252-1/+18
|
* pkcs7: return GNUTLS_E_PK_SIG_VERIFY_FAILED on hash mismatchNikos Mavrogiannopoulos2016-11-253-1/+8
| | | | In addition introduce a new error code to warn about no embedded data.
* pkcs7: only print signer's issuer DN when DN has contentsNikos Mavrogiannopoulos2016-11-251-1/+2
|
* pkcs7: added recursive discovery of structure's signerNikos Mavrogiannopoulos2016-11-251-94/+282
| | | | | This uses the PKCS#7 certificate list as a pool of certificates to generate a certificate chain that leads to our root CAs.
* pkcs7: on data verification failure log the signerNikos Mavrogiannopoulos2016-11-251-0/+1
|
* tests: added complex verification example using PKCS#7Nikos Mavrogiannopoulos2016-11-254-2/+193
| | | | That uses multiple intermediate certificates from the PKCS#7 structure.
* doc: updated gnutls_x509_trust_list_verify_crt2()Nikos Mavrogiannopoulos2016-11-251-10/+13
|
* pkcs7: pass the verification flags down to ↵Nikos Mavrogiannopoulos2016-11-251-2/+3
| | | | | | | gnutls_x509_trust_list_verify_crt2, in find_signer() This allows for flags like GNUTLS_VERIFY_DISABLE_TIME_CHECKS to apply when verifying PKCS#7 structures.
* pkcs7: corrected iteration over stored certificatesNikos Mavrogiannopoulos2016-11-251-1/+1
| | | | | This allows to use all possibly stored certificates on chain discovery, not only the first.
* pkcs7: added debug logging on verification discoveryNikos Mavrogiannopoulos2016-11-251-0/+3
|
* errors.h: added _gnutls_reason_logNikos Mavrogiannopoulos2016-11-251-0/+12
|
* errors.h: added _gnutls_cert_logNikos Mavrogiannopoulos2016-11-251-0/+13
| | | | This log function allows to easily log the name of a certificate.
* certtool: One if check is enoughAndreas Schneider2016-11-241-6/+4
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* corrected log message [ci skip]Nikos Mavrogiannopoulos2016-11-241-2/+2
|
* gnutls_idna_map was prefixed with underscore to avoid clashes with exported ↵tmp-mini-idna2003-updateNikos Mavrogiannopoulos2016-11-234-10/+11
| | | | symbols
* more files to ignoreNikos Mavrogiannopoulos2016-11-231-0/+16
|
* avoid the use of c_isascii() and use c_isprint()Nikos Mavrogiannopoulos2016-11-233-3/+3
| | | | | That latter detects correctly the printable characters we are interested in.
* tests: added unit tests for gnutls_idna_map()Nikos Mavrogiannopoulos2016-11-232-1/+97
|
* IDNA code re-organizationNikos Mavrogiannopoulos2016-11-2311-159/+168
| | | | | | That introduces the internal function gnutls_idna_map(), which utilizes libidn and libunistring to convert hostnames to IDNA ACE form.
* tests: updated outputs to reflect new fingerprint/keyid formatstmp-add-sha256Nikos Mavrogiannopoulos2016-11-2214-58/+58
|
* tests: made tmp files uniqueNikos Mavrogiannopoulos2016-11-222-10/+11
|
* doc updateNikos Mavrogiannopoulos2016-11-221-0/+6
|
* Align the printing of a certificate's fingerprint with the key ID printingNikos Mavrogiannopoulos2016-11-221-12/+21
|
* Print a key's or certificate's key ID with SHA256 in addition to SHA1Nikos Mavrogiannopoulos2016-11-222-57/+60
|
* certtool: address compiler warningsNikos Mavrogiannopoulos2016-11-221-1/+1
|
* doc: document the RFC7613 normalization of passwords [ci skip]Nikos Mavrogiannopoulos2016-11-223-1/+17
|
* unistring: include only the required categoriestmp-uninorm-remove-unused-categoriesNikos Mavrogiannopoulos2016-11-21136-17261/+537
| | | | In addition fix the license text of the included library.
* server_name: log server name sentNikos Mavrogiannopoulos2016-11-211-0/+2
|
* x509/output: improve log message on embedded nullNikos Mavrogiannopoulos2016-11-211-1/+1
|
* build-aux: added unused-parameter.htmp-uninormNikos Mavrogiannopoulos2016-11-211-0/+36
|
* .gitlab-ci.yml: explicitly specify --with-included-unistring when neededNikos Mavrogiannopoulos2016-11-211-6/+6
|
* hooks.m4: corrected typoNikos Mavrogiannopoulos2016-11-211-1/+1
|
* .gitlab-ci.yml: ignore syntax-check issues caused by included unistringNikos Mavrogiannopoulos2016-11-211-1/+2
|
* more files to ignoreNikos Mavrogiannopoulos2016-11-211-0/+9
|
* unconditionally include unistring codeNikos Mavrogiannopoulos2016-11-216-385/+23
| | | | | | That simplifies internationalization support, at the cost of including a version of libunistring, which is used on systems which do not ship it.
* lib: added unistring sub-libraryNikos Mavrogiannopoulos2016-11-21159-2/+34296
|
* updated auto-generated files for gnutls_utf8_password_normalize()Nikos Mavrogiannopoulos2016-11-213-0/+4
|
* tests: enhanced str-unicode with GNUTLS_UTF8_IGNORE_ERRS flagNikos Mavrogiannopoulos2016-11-211-1/+23
| | | | That is, enhanced to check the tolerable variant of gnutls_utf8_password_normalize()
* .gitlab-ci.yml: added build without libunistringNikos Mavrogiannopoulos2016-11-211-3/+21
|
* doc: mention the RFC7613 normalization and the libunistring dependencyNikos Mavrogiannopoulos2016-11-212-2/+12
|
View Lorry Controller Status