summaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* updated gnulibNikos Mavrogiannopoulos2014-03-0192-160/+2035
|
* documented the defaultsNikos Mavrogiannopoulos2014-02-282-2/+2
|
* Add required prioritiesNikos Mavrogiannopoulos2014-02-281-4/+4
|
* New option --stricttofu for gnutls-cliJens Lechtenboerger2014-02-232-5/+20
| | | | | | | | | | | | | | With option --tofu, gnutls-cli waits with a yes-no-question upon certificate changes. I added the option --stricttofu that omits the question and fails instead. The contribution is in accordance to the "Developer's Certificate of Origin" as found in the file doc/DCO.txt. Best wishes Jens Signed-off-by: Jens Lechtenbörger <jens.lechtenboerger@fsfe.org>
* corrected email in texiNikos Mavrogiannopoulos2014-02-201-1/+1
|
* better error printingNikos Mavrogiannopoulos2014-02-191-140/+140
|
* removed debuggingNikos Mavrogiannopoulos2014-02-191-5/+0
|
* certtool allows setting name constraints.Nikos Mavrogiannopoulos2014-02-194-7/+118
|
* When verifying a response and a signer isn't provided assume that the signer ↵Nikos Mavrogiannopoulos2014-02-181-75/+92
| | | | is the issuer.
* When sending a nonce in OCSP check if it is available on the reply.Nikos Mavrogiannopoulos2014-02-185-36/+100
|
* removed deprecated flagNikos Mavrogiannopoulos2014-02-141-3/+1
|
* fixed socket existance checkingMarcus Meissner2014-02-121-2/+4
| | | | | | | | If getaddrinfo returns: ipv4 address, ipv6 address ... and socket() for the ipv6 address fails, this loop would fail and abort the socket listen code. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Use longer timestamps for serial numbers.Nikos Mavrogiannopoulos2014-02-113-29/+75
|
* Added --ask-pass certtool option to allow asking for passwords even when in ↵Nikos Mavrogiannopoulos2014-02-056-4/+18
| | | | batch mode.
* use newlines in error printingNikos Mavrogiannopoulos2014-02-051-36/+36
|
* corrected push/pull function settingNikos Mavrogiannopoulos2014-01-241-4/+6
|
* more updates for the security param renameNikos Mavrogiannopoulos2014-01-142-4/+4
|
* gnutls-cli-debug should accept TLS 1.2-only serversDaniel Kahn Gillmor2014-01-091-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Without this patch, a TLS 1.2-only server will not be properly investigated by gnutls-cli-debug. e.g. a server like: gnutls-serv --x509keyfile=server/secret.key --x509certfile=server/x509.pem --priority 'NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2' gets this failed analysis: 0 dkg@alice:~$ gnutls-cli-debug --port 5556 localhostrt 5556 localhost Resolving 'localhost'... Connecting to '::1:5556'... Checking for SSL 3.0 support... no Checking whether %COMPAT is required... yes Checking for TLS 1.0 support... no Checking for TLS 1.1 support... no Checking fallback from TLS 1.1 to... failed Checking for TLS 1.2 support... yes Checking whether we need to disable TLS 1.2... N/A Checking whether we need to disable TLS 1.1... no Server does not support any of SSL 3.0, TLS 1.0 and TLS 1.1 0 dkg@alice:~$ Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Added documentation for force autogen to generate correct texinfo code.Nikos Mavrogiannopoulos2014-01-011-3/+3
|
* Add LIB_CLOCK_GETTIME to crywrapGustavo Zacarias2013-12-271-0/+1
| | | | | | | It's used indirectly thus causing build breakage on versions of glibc where it's defined in librt rather than libc directly. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
* Added so-login flag to force security office login to the cardNikos Mavrogiannopoulos2013-12-233-26/+36
|
* updated txtNikos Mavrogiannopoulos2013-12-231-1/+1
|
* print warning when no token name is providedNikos Mavrogiannopoulos2013-12-231-14/+14
|
* corrected key ID size checkNikos Mavrogiannopoulos2013-12-231-1/+1
|
* Added aliases list-privkeys and list-keysNikos Mavrogiannopoulos2013-12-221-0/+10
|
* explicitly set the gnulib functions for recv and send.Nikos Mavrogiannopoulos2013-12-214-0/+41
|
* doc updateNikos Mavrogiannopoulos2013-12-181-1/+1
|
* doc updateNikos Mavrogiannopoulos2013-12-171-0/+1
|
* removed UMAC ciphersuites from benchmarkNikos Mavrogiannopoulos2013-12-141-3/+0
|
* removed the estream ciphersuites from benchmarksNikos Mavrogiannopoulos2013-12-141-6/+0
|
* use a single BUILT_SOURCESNikos Mavrogiannopoulos2013-12-141-3/+0
|
* minor phrasing improvements in docsPatrick Pelletier2013-12-141-2/+2
|
* Added auto-generated files in BUILT_SOURCESNikos Mavrogiannopoulos2013-12-141-0/+7
|
* Avoid conditional generation of MakefileNikos Mavrogiannopoulos2013-12-131-1/+2
|
* added newlines in error reportingNikos Mavrogiannopoulos2013-11-301-2/+2
|
* Merged the FIPS140-2 support code.Nikos Mavrogiannopoulos2013-11-301-0/+4
|\ | | | | | | | | | | Conflicts: lib/gnutls_global.c tests/mini-overhead.c
| * In FIPS mode the default cipher is AES.Nikos Mavrogiannopoulos2013-11-271-0/+4
| |
* | removed usage of %zu.Nikos Mavrogiannopoulos2013-11-301-1/+1
| |
* | gnutls-cli-debug tests for camellia-gcm.Nikos Mavrogiannopoulos2013-11-303-3/+21
|/
* handle centrally more variablesNikos Mavrogiannopoulos2013-11-241-4/+4
|
* certtool's --verify option if not supplied with a CA list, will use the ↵Nikos Mavrogiannopoulos2013-11-242-80/+111
| | | | system's CA list.
* link all programs with libgnu_gpl to avoid conflicts from header files.Nikos Mavrogiannopoulos2013-11-211-11/+11
|
* Added progname module which is used by error().Nikos Mavrogiannopoulos2013-11-215-2/+168
|
* safer usage of strerrorNikos Mavrogiannopoulos2013-11-211-1/+2
|
* use the AUTOGEN variableNikos Mavrogiannopoulos2013-11-211-10/+10
|
* use libtool to generate liboptsNikos Mavrogiannopoulos2013-11-212-7/+7
|
* corrected libopts patchNikos Mavrogiannopoulos2013-11-211-1/+1
|
* removed unneed lineNikos Mavrogiannopoulos2013-11-211-1/+1
|
* doc updateNikos Mavrogiannopoulos2013-11-161-2/+4
|
* Added activation_date and expiration_date options to certtool template file.Nikos Mavrogiannopoulos2013-11-165-46/+117
|
View Lorry Controller Status