summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* fixed more memory leaks in crywrapNikos Mavrogiannopoulos2014-03-031-0/+10
|
* addressed memory leak in crywrap.cNikos Mavrogiannopoulos2014-03-031-2/+4
|
* check the blacklist for certificates provided in ↵Nikos Mavrogiannopoulos2014-03-021-0/+8
| | | | gnutls_x509_trust_list_verify_named_crt().
* corrected configure option.Nikos Mavrogiannopoulos2014-03-023-20/+8
|
* rsa-export is no moreNikos Mavrogiannopoulos2014-03-021-1/+0
|
* updated option for TPMNikos Mavrogiannopoulos2014-03-021-1/+1
|
* updatedNikos Mavrogiannopoulos2014-03-021-4/+4
|
* replace select() on windowsNikos Mavrogiannopoulos2014-03-021-13/+18
|
* print message before failing when the pull timeout function isn't replaced.Nikos Mavrogiannopoulos2014-03-021-1/+3
|
* Added NULL PSK ciphersuites with SHA1; suggested by Manuel Pégourié-Gonnard.Nikos Mavrogiannopoulos2014-03-021-0/+21
|
* updated gnulibNikos Mavrogiannopoulos2014-03-01495-724/+2822
|
* Allow all ciphersuites in SSL3.0 when they are available in TLS1.0Nikos Mavrogiannopoulos2014-02-281-79/+79
|
* The default priority is reset to NORMALNikos Mavrogiannopoulos2014-02-281-1/+1
|
* Revert "the default priorities are reset to be NORMAL."Nikos Mavrogiannopoulos2014-02-281-1/+1
| | | | This reverts commit 9c07f75676b6b70da10e99c409b0cb7dbc245463.
* mention SHA384 as MAC optionNikos Mavrogiannopoulos2014-02-281-1/+1
|
* documented the defaultsNikos Mavrogiannopoulos2014-02-282-2/+2
|
* the default priorities are reset to be NORMAL.Nikos Mavrogiannopoulos2014-02-281-1/+1
| | | | Reported by Manuel Pégourié-Gonnard.
* Add required prioritiesNikos Mavrogiannopoulos2014-02-281-4/+4
|
* Preinitialize values; suggested by Sebastian Krahmer and Tomas Hoger.Nikos Mavrogiannopoulos2014-02-271-2/+2
|
* added doc on is_issuer() checksNikos Mavrogiannopoulos2014-02-271-0/+4
|
* removed not trusted message; reported by Michel Briand.Nikos Mavrogiannopoulos2014-02-261-4/+0
|
* updated for verification updatesNikos Mavrogiannopoulos2014-02-261-2/+2
|
* Updated verification functionNikos Mavrogiannopoulos2014-02-251-22/+33
|
* New option --stricttofu for gnutls-cliJens Lechtenboerger2014-02-232-5/+20
| | | | | | | | | | | | | | With option --tofu, gnutls-cli waits with a yes-no-question upon certificate changes. I added the option --stricttofu that omits the question and fails instead. The contribution is in accordance to the "Developer's Certificate of Origin" as found in the file doc/DCO.txt. Best wishes Jens Signed-off-by: Jens Lechtenbörger <jens.lechtenboerger@fsfe.org>
* moved priorities check to the first call only.Nikos Mavrogiannopoulos2014-02-221-3/+3
|
* removed duplicate definition; reported by Dennis Philipps.Nikos Mavrogiannopoulos2014-02-211-2/+0
|
* updated coding styleNikos Mavrogiannopoulos2014-02-211-3/+3
|
* doc updateNikos Mavrogiannopoulos2014-02-211-1/+1
|
* added certNikos Mavrogiannopoulos2014-02-201-0/+21
|
* corrected checkNikos Mavrogiannopoulos2014-02-201-1/+1
|
* combined timeout valuesNikos Mavrogiannopoulos2014-02-202-7/+9
|
* updatedNikos Mavrogiannopoulos2014-02-201-2/+4
|
* doc updateNikos Mavrogiannopoulos2014-02-201-3/+3
|
* When appending a name, ensure that we append to the end of the list.Nikos Mavrogiannopoulos2014-02-201-1/+5
|
* use gnutls_free()Nikos Mavrogiannopoulos2014-02-201-4/+4
|
* corrected email in texiNikos Mavrogiannopoulos2014-02-201-1/+1
|
* srp: Add resistance against guessing usernamesAttila Molnar2014-02-205-21/+135
| | | | | | | | | | | | | | | | | | When a client tries to authenticate using an unknown username, instead of generating a random salt every time, generate the salt based on the username and a secret seed. The seed is settable by the application, allowing servers to re-use the same seed after a restart. A random seed is generated for each newly allocated SRP server credentials structure, meaning that applications not using the new API to set the seed continue to work and gain limited advantage (because they use a different seed after every restart). For further information see section 2.5.1.3. in RFC 5054. Signed-off-by: Attila Molnar <attilamolnar@hush.com>
* small artistic changesNikos Mavrogiannopoulos2014-02-201-25/+27
|
* check against the success valueNikos Mavrogiannopoulos2014-02-201-3/+3
|
* use bool types when needed.Nikos Mavrogiannopoulos2014-02-193-12/+14
|
* ensure failure when parsing fails.Nikos Mavrogiannopoulos2014-02-191-5/+6
|
* allow ip address as constraintNikos Mavrogiannopoulos2014-02-191-3/+4
|
* Added check for IPaddressNikos Mavrogiannopoulos2014-02-191-0/+6
|
* doc updateNikos Mavrogiannopoulos2014-02-191-2/+2
|
* Added tests for name constraints addition.Nikos Mavrogiannopoulos2014-02-191-8/+273
|
* better error printingNikos Mavrogiannopoulos2014-02-191-140/+140
|
* corrected empty name checkNikos Mavrogiannopoulos2014-02-191-2/+2
|
* Updated test for name constraints to include empty constraints names.Nikos Mavrogiannopoulos2014-02-192-0/+3
|
* pretty print empty DNSnamesNikos Mavrogiannopoulos2014-02-191-6/+7
|
* _gnutls_x509_read_value() can now read empty values.Nikos Mavrogiannopoulos2014-02-192-1/+9
|
View Lorry Controller Status