summaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* certtool: increased buffer for reading from userNikos Mavrogiannopoulos2017-02-281-5/+6
| | | | | | | | | This allows reading longer than 128-byte fields interactively. The new limit is 512-bytes. Relates #179 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* certtool: store critical extensions even if no other extension are presentNikos Mavrogiannopoulos2017-02-271-1/+2
| | | | | | | That is, fix a bug which prevented critical extensions to be stored if no other free-form extensions were specified. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* gnutls-cli-debug: fixed protocol to port discoveryNikos Mavrogiannopoulos2017-02-231-1/+2
| | | | | | | That is, if --starttls-proto is provided the default port selected will be converted to host byte order as expected. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* certtool: don't warn when 'uri' is specified on templateNikos Mavrogiannopoulos2017-02-231-0/+1
| | | | | | | Reported at: https://bugzilla.redhat.com/show_bug.cgi?id=1425884 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Add LMTP, POP3, NNTP, Sieve and PostgreSQL support to gnutls-cliRobert Scheck2017-02-204-3/+41
| | | | | | Add LMTP (RFC 2033), POP3 (RFC 2595), NNTP (RFC 4642), Sieve (RFC 5804) and PostgreSQL support to gnutls-cli ("--starttls-proto"). Signed-off-by: Robert Scheck <robert@fedoraproject.org>
* tools: depend on gnutls_idna_map() instead of using directly libidn/libidn2Nikos Mavrogiannopoulos2017-01-261-30/+10
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Add support for libidn2 (IDNA 2008 + TR46)Tim Rühsen2017-01-261-2/+23
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* p11tool: re-use ID from corresponding objects when writing certificatesNikos Mavrogiannopoulos2017-01-251-3/+284
| | | | | | | | | | | That is when writing a certificate which has a corresponding public key, or private key in the token, ensure that we use the same ID for the objects. That eases the work of someone writing objects to certificates, and does not require him to manually detect the object IDs. Resolves #160 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* certtool: pkcs8_info_int: fix memory leakNikos Mavrogiannopoulos2017-01-021-5/+7
|
* certtool: don't print PKCS#8 information when outputting DER dataNikos Mavrogiannopoulos2017-01-021-2/+8
|
* certtool: improved error reporting on file errorNikos Mavrogiannopoulos2016-12-311-2/+2
|
* certtool: properly report unencrypted PKCS#8 keys in --p8-infoNikos Mavrogiannopoulos2016-12-301-0/+4
|
* Do not add cli-args.h to cli-args.stamp Makefile targettmp-src-fix-3.5.xAlexander Kanavin2016-12-151-1/+1
| | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
* doc: updated to documentation of certtool [ci skip]Nikos Mavrogiannopoulos2016-12-091-5/+5
| | | | This corrects options which incorrectly mentioned they support URLs.
* Added autogen pre-generated files into repositoryNikos Mavrogiannopoulos2016-12-0822-0/+23394
| | | | | This allows building gnutls from git in systems without using autogen.
* Don't trash DER CRQ output with text dataDmitry Eremin-Solenikov2016-12-071-2/+2
| | | | Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* src: clean all stamp files on 'make clean'Nikos Mavrogiannopoulos2016-12-051-0/+3
|
* src gl: updatedtmp-remove-iconvNikos Mavrogiannopoulos2016-12-04233-1656/+5456
|
* certtool: prevent-null termination of buffers allocated with fread_file()Nikos Mavrogiannopoulos2016-12-011-5/+0
| | | | | We do not know whether their allocated size allows for that additional null, and we do not need the null termination.
* tools: use stamp files to allow parallel build of autogen filesNikos Mavrogiannopoulos2016-11-291-22/+53
| | | | | | | Autogen seems to output on the creates files gradually, something that makes 'make' believe that the command is complete prior to the output file being fully populated. The current approach uses stamp files to ensure that no incomplete files are used for compilation.
* certtool: One if check is enoughAndreas Schneider2016-11-241-6/+4
| | | | Signed-off-by: Andreas Schneider <asn@samba.org>
* Print a key's or certificate's key ID with SHA256 in addition to SHA1Nikos Mavrogiannopoulos2016-11-221-4/+14
|
* certtool: address compiler warningsNikos Mavrogiannopoulos2016-11-221-1/+1
|
* certtool: use the new APIs for DN extractionNikos Mavrogiannopoulos2016-11-141-35/+31
|
* tools: added explicit socket flag to skip TLS initializationtmp-tools-updateNikos Mavrogiannopoulos2016-11-133-7/+10
| | | | | This allows proper error recovery when SOCKET_FLAG_RAW is specified and initialize_session() fails.
* gnutls-cli-debug: terminate sessions which cannot be re-usedNikos Mavrogiannopoulos2016-11-133-6/+6
|
* sockets: only use gnutls_bye on a valid socket sessionNikos Mavrogiannopoulos2016-11-131-1/+2
|
* p11tool: --initialize will no longer reset user PINNikos Mavrogiannopoulos2016-11-131-23/+1
| | | | | | | That is because it only resetted the user PIN and not the admin PIN, while at the same time it had problems to cope with the case where the URL changed between token initialization and PIN setting (which is the case if --label is provided to --initialize).
* p11tool: added options to initialize a user and admin's PINNikos Mavrogiannopoulos2016-11-134-3/+70
|
* Fix autoconf warnings in libopts.m4Dmitry Eremin-Solenikov2016-10-271-12/+12
| | | | | | | | | | | | | | | | | | | | Without this patch Autoconf will spam console with the following kind of messages: configure.ac:650: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ../../lib/autoconf/lang.m4:193: AC_LANG_CONFTEST is expanded from... ../../lib/autoconf/general.m4:2740: _AC_RUN_IFELSE is expanded from... ../../lib/m4sugar/m4sh.m4:639: AS_IF is expanded from... ../../lib/autoconf/general.m4:2759: AC_RUN_IFELSE is expanded from... ../../lib/m4sugar/m4sh.m4:639: AS_IF is expanded from... ../../lib/autoconf/general.m4:2042: AC_CACHE_VAL is expanded from... src/libopts/m4/libopts.m4:386: LIBOPTS_RUN_FOPEN_TEXT is expanded from... src/libopts/m4/libopts.m4:425: INVOKE_LIBOPTS_MACROS is expanded from... src/libopts/m4/libopts.m4:560: AM_COND_IF is expanded from... src/libopts/m4/libopts.m4:581: LIBOPTS_CHECK is expanded from... configure.ac:650: the top level Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
* gnutls-cli-debug: corrected TLS1.2 detectionNikos Mavrogiannopoulos2016-10-251-1/+1
|
* certtool: allow setting key purposes for non-CA certificatesNikos Mavrogiannopoulos2016-10-181-66/+69
| | | | | | That is, allow setting code signing, or time stamping key purpose in certificates that are not marked as CA. The previous restriction served no purpose.
* certtool: introduce key purpose checks in p7 direct verificationNikos Mavrogiannopoulos2016-10-181-2/+9
|
* gnutls-serv: use the included known DH parameters by defaulttmp-dh-params-ffdheNikos Mavrogiannopoulos2016-10-171-41/+30
|
* certtool: manpage updateNikos Mavrogiannopoulos2016-10-141-3/+7
|
* certtool: --get-dh-params will output the FFDHE primes instead of the SRP primesNikos Mavrogiannopoulos2016-10-141-2/+30
|
* certtool: --p7-info will include the PKCS#7 encoded data in PEM formatNikos Mavrogiannopoulos2016-10-141-1/+12
|
* certtool: improve text on missing options for cert generationNikos Mavrogiannopoulos2016-10-141-1/+5
|
* Revert "certtool: improve text on missing options for cert generation"Nikos Mavrogiannopoulos2016-10-141-5/+1
| | | | This reverts commit 7daed1fd0602bce7495d252f1a9b638fc41e38d3.
* certtool: improve text on missing options for cert generationNikos Mavrogiannopoulos2016-10-131-1/+5
|
* tools: removed redudant messages on PIN re-useNikos Mavrogiannopoulos2016-10-131-3/+5
|
* p11tool: avoid asking the security officer PIN twice on initializationNikos Mavrogiannopoulos2016-10-131-0/+3
|
* p11tool: improved messages on token initializationNikos Mavrogiannopoulos2016-10-131-7/+15
|
* p11tool: corrected check of PIN existance in token initializationNikos Mavrogiannopoulos2016-10-131-2/+2
|
* serv: set a timeout value in handshakeNikos Mavrogiannopoulos2016-10-131-0/+3
|
* certtool: corrected use of gnutls_pkcs7_get_embedded_data()Nikos Mavrogiannopoulos2016-10-111-28/+10
|
* certtool: print the enacapsulated content OID on verificationNikos Mavrogiannopoulos2016-10-111-1/+3
|
* certtool: --p7-info can be combined with --p7-show-data to display embedded dataNikos Mavrogiannopoulos2016-10-112-18/+37
|
* certtool: lift any limits in print_raw()Nikos Mavrogiannopoulos2016-10-071-6/+5
|
* certtool: added safety net when generating a certificate requestNikos Mavrogiannopoulos2016-10-071-1/+5
| | | | | | That is, do not allow specifying --generate-request --load-pubkey without specifying --load-privkey. Previously if --load-pubkey would have been used, it would have been ignored, causing confusion to the users.
View Lorry Controller Status