February 2003 Commit Log

Number of Commits:

77

Number of Active Developers:

1

nmav 2003-02-28 00:40 #77

Added support for MD2 signature verification in X.509 certificates.

36 lines of code changed in:

• NEWS (+1)
• lib: gnutls.h.in.in (+2 -2), gnutls_algorithms.c (+1), gnutls_hash_int.c (+27), gnutls_int.h (+1 -1)
• lib/x509: verify.c (+4 -2)

nmav 2003-02-26 00:05 #76

*** empty log message ***

6 lines of code changed in:

• ChangeLog (+6)

nmav 2003-02-25 22:39 #75

Added option to disable all TLS 1.0 extensions.

14 lines of code changed in:

• src: cli-gaa.c (changed), cli-gaa.h (changed), cli.c (+7 -3), cli.gaa (+4 -1), tests.c (+1 -1), tls_test.c (+2 -2)

nmav 2003-02-25 22:33 #74

*** empty log message ***

4 lines of code changed in:

• src: tests.c (+4 -1)

nmav 2003-02-23 00:05 #73

*** empty log message ***

6 lines of code changed in:

• ChangeLog (+6)

nmav 2003-02-22 23:26 #72

some fixes in makefiles.

3 lines of code changed in:

• configure.in (+2 -1)
• lib: Makefile.am (+1 -1)

nmav 2003-02-21 11:25 #71

*** empty log message ***

5 lines of code changed in:

• lib: gnutls.h.in.in (+1 -1), gnutls_cipher.c (+1 -1), gnutls_dh_primes.c (+1), gnutls_global.c (+2 -2)

nmav 2003-02-21 00:05 #70

*** empty log message ***

8 lines of code changed in:

• ChangeLog (+8)

nmav 2003-02-20 08:40 #69

*** empty log message ***

5 lines of code changed in:

• lib: auth_cert.c (+5 -2)

nmav 2003-02-20 08:38 #68

Added a small example on how to use the certificate selection callback in client side.

1 lines of code changed in:

• doc/examples: Makefile.am (+1 -1)

nmav 2003-02-19 14:02 #67

*** empty log message ***

1 lines of code changed in:

• doc: TODO (+1 -1)

nmav 2003-02-19 00:05 #66

*** empty log message ***

13 lines of code changed in:

• ChangeLog (+13)

nmav 2003-02-18 23:55 #65

some fixes in types.

20 lines of code changed in:

• lib: gnutls_auth.c (+7 -3), gnutls_mpi.c (+3 -1), gnutls_pk.c (+2 -1)
• libextra: auth_srp.c (+5 -3), gnutls_srp.c (+3 -2)

nmav 2003-02-18 07:30 #64

The client certificate selection callback is no longer called twice. It is called once if it is set.

10 lines of code changed in:

• lib: auth_cert.c (+6 -20), gnutls_cert.c (+4 -13)
• src: cli.c (-2), tests.c (-2)

nmav 2003-02-17 00:05 #63

*** empty log message ***

15 lines of code changed in:

• ChangeLog (+15)

nmav 2003-02-16 22:29 #62

*** empty log message ***

27 lines of code changed in:

• lib: gnutls_priority.c (+11 -14), gnutls_record.c (+2 -2), gnutls_session.c (+8 -4)

nmav 2003-02-16 18:59 #61

*** empty log message ***

4 lines of code changed in:

• src: common.c (+4 -2)

nmav 2003-02-16 10:52 #60

works better in buggy servers.

3 lines of code changed in:

• src: tests.c (+2 -2), tls_test.c (+1 -1)

nmav 2003-02-16 10:37 #59

*** empty log message ***

4 lines of code changed in:

• lib: gnutls_x509.c (+4)

nmav 2003-02-16 10:17 #58

The RSA and DH parameter handling has been updated.

271 lines of code changed in:

• NEWS (+4 -4)
• includes/gnutls: compat8.h (+11), x509.h (+1 -1)
• lib: Makefile.am (+2 -1), dh_compat.c (new 1), gnutls.h.in.in (+24 -12), gnutls_dh_primes.c (+118 -141), gnutls_int.h (+1 -1), gnutls_rsa_export.c (+55 -85), gnutls_rsa_export.h (+1), rsa_compat.c (new 20)
• lib/x509: mpi.c (-1)
• libextra: Makefile.am (+1 -1)
• src: prime.c (+26 -55), serv.c (+6 -43)

nmav 2003-02-16 00:05 #57

*** empty log message ***

15 lines of code changed in:

• ChangeLog (+15)

nmav 2003-02-15 22:48 #56

Added a primitive function to load a file into memory, so that no certificate files are truncated. Also fixed a bug in the client certificate callback function.

106 lines of code changed in:

• lib: auth_cert.c (+2 -1), gnutls_x509.c (+104 -52)
• lib/x509: x509.c (-1)

nmav 2003-02-15 18:13 #55

Null, as the data value, is now an acceptable value in functions that may return the size of the data.

23 lines of code changed in:

• lib: gnutls_ui.c (+8 -6)
• lib/x509: dn.c (+5 -2), pkcs7.c (+5 -4), pkcs7.h (+1 -1), x509.c (+4 -1)

nmav 2003-02-15 00:05 #54

*** empty log message ***

25 lines of code changed in:

• ChangeLog (+25)

nmav 2003-02-14 16:55 #53

*** empty log message ***

195 lines of code changed in:

• lib: gnutls_buffers.c (+1 -1)
• src: common.c (+194 -168)

nmav 2003-02-14 16:48 #52

Corrected bugs in gnutls_x509_rdn_get(). Added a test to print the server's trusted CAs in gnutls-cli-debug, and in gnutls-cli.

171 lines of code changed in:

• lib: auth_cert.c (+3 -1), gnutls.h.in.in (+1), gnutls_cert.c (+5 -7), gnutls_ui.h (+8 -4)
• lib/x509: dn.c (+18 -7), rfc2818_hostname.c (+2 -2)
• src: cli.c (+38 -4), common.c (+35 -60), tests.c (+59), tests.h (+1), tls_test.c (+1)

nmav 2003-02-14 11:32 #51

*** empty log message ***

2 lines of code changed in:

• src: prime.c (+2 -2)

nmav 2003-02-14 11:24 #50

*** empty log message ***

1 lines of code changed in:

• configure.in (+1 -1)

nmav 2003-02-14 11:10 #49

ported to libtasn1 0.2.x. Also the included minitasn1 was replaced by the 0.2.1 version of libtasn1.

564 lines of code changed in:

• NEWS (+1), configure.in (+3 -1)
• includes/gnutls: x509.h (+9 -9)
• lib: gnutls_cert.c (+3 -4), gnutls_dh_primes.c (+11 -11), gnutls_mpi.c (-10), gnutls_mpi.h (+2 -4), gnutls_pk.c (+8 -8), gnutls_privkey.c (+17 -17), gnutls_x509.c (+7 -7)
• lib/minitasn1: coding.c (+6 -6), decoding.c (+50 -40), element.c (+132 -20), errors.c (+5 -33), gstr.h (+4), int.h (+28 -3), libtasn1.h (+34 -3), parser_aux.c (+32 -21), structure.c (+71 -17)
• lib/x509: common.c (+29 -30), compat.c (+10 -10), crl.c (+14 -14), dn.c (+11 -25), dn.h (+9 -9), extensions.c (+7 -7), mpi.c (+16 -15), pkcs7.c (+13 -13), verify.c (+8 -7), x509.c (+23 -23), xml.c (+1 -1)

nmav 2003-02-14 09:42 #48

gnutls_const_datum was removed from exported types, for the time being.

3 lines of code changed in:

• includes/gnutls: x509.h (-6)
• lib: gnutls.h.in.in (-5), gnutls_int.h (+1 -1)
• lib/x509: crl.c (-40), dn.c (+2), x509.c (-38)

nmav 2003-02-14 01:58 #47

*** empty log message ***

1 lines of code changed in:

• includes/gnutls: extra.h (+1 -1)

nmav 2003-02-14 01:33 #46

*** empty log message ***

7 lines of code changed in:

• lib/x509: common.c (+7 -3)

nmav 2003-02-14 00:05 #45

*** empty log message ***

8 lines of code changed in:

• ChangeLog (+8)

nmav 2003-02-13 10:23 #44

Added option to allow an X.509 server not to send the trusted CA list to the peer.

36 lines of code changed in:

• README (+1 -1)
• doc: TODO (-1)
• lib: auth_cert.c (+9 -7), gnutls_int.h (+6 -1), gnutls_state.c (+18), gnutls_x509.c (+2 -1)

nmav 2003-02-13 00:05 #43

*** empty log message ***

36 lines of code changed in:

• ChangeLog (+36)

nmav 2003-02-12 19:30 #42

*** empty log message ***

3 lines of code changed in:

• doc: TODO (+1)
• src: cli.c (+1 -1), serv.c (+1 -1)

nmav 2003-02-12 14:50 #41

*** empty log message ***

4 lines of code changed in:

• src: tests.c (+4 -2)

nmav 2003-02-12 14:30 #40

Added test which prints the Diffie Hellman prime bits used.

41 lines of code changed in:

• lib: Makefile.am (+1 -1)
• src: tests.c (+37 -18), tests.h (+1), tls_test.c (+2)

nmav 2003-02-12 13:49 #39

*** empty log message ***

0 lines of code changed in:

• doc: TODO (-2)

nmav 2003-02-12 13:48 #38

Added some private key handling functions. They are primitive enough for now.

266 lines of code changed in:

• NEWS (+2 -2)
• includes/gnutls: compat8.h (+3 -1), x509.h (+15 -3)
• lib: gnutls.h.in.in (+8 -8), gnutls_dh_primes.c (+2 -2), gnutls_int.h (+2 -2), gnutls_privkey.c (-33), gnutls_ui.h (+2 -2), gnutls_x509.c (+11 -11)
• lib/x509: Makefile.am (+1 -1), compat.c (+35), crl.c (+1 -1), pkcs7.c (+1 -1), pkcs7.h (+1 -1), privkey.c (new 168), x509.c (+1 -1), x509.h (+13 -2)

nmav 2003-02-12 13:01 #37

some fixes to compile.

3 lines of code changed in:

• libextra: gnutls_openpgp.c (+2 -1), gnutls_openpgp.h (+1)

nmav 2003-02-12 12:48 #36

added new extensions draft.

0 lines of code changed in:

• doc/protocol: draft-ietf-tls-extensions-05.txt (del), draft-ietf-tls-extensions-06.txt (new)

nmav 2003-02-12 12:46 #35

gnutls_x509_certificate_* were renamed gnutls_x509_crt_*.

352 lines of code changed in:

• NEWS (+1 -1)
• includes/gnutls: compat8.h (+1), x509.h (+36 -36)
• lib: auth_cert.c (+3 -3), auth_cert.h (+1 -1), gnutls.h.in.in (+8 -8), gnutls_cert.c (+12 -12), gnutls_dh_primes.c (+2 -2), gnutls_int.h (+2 -2), gnutls_ui.h (+2 -2), gnutls_x509.c (+29 -29)
• lib/x509: compat.c (+84 -84), crl.c (+1 -1), extensions.c (+1 -1), extensions.h (+1 -1), mpi.c (+2 -2), mpi.h (+1 -1), pkcs7.c (+1 -1), pkcs7.h (+1 -1), rfc2818_hostname.c (+5 -5), verify.c (+40 -40), verify.h (+7 -7), x509.c (+78 -78), x509.h (+19 -19), xml.c (+3 -3)
• tests: x509_test.c (+11 -11)

nmav 2003-02-12 12:26 #34

added gnutls_x509_certificate_get_fingerprint(). Untested yet.

62 lines of code changed in:

• includes/gnutls: x509.h (+3)
• lib: gnutls.h.in.in (+3 -1), gnutls_int.h (+4), gnutls_ui.c (+9 -3)
• lib/x509: x509.c (+43)

nmav 2003-02-11 00:05 #33

*** empty log message ***

7 lines of code changed in:

• ChangeLog (+7)

nmav 2003-02-10 17:51 #32

renamed gnutls_x509_fingerprint to gnutls_fingerprint.

53 lines of code changed in:

• includes/gnutls: compat8.h (+32)
• lib: debug.c (-14), debug.h (-1), gnutls.h.in.in (+1 -3), gnutls_errors.c (-1), gnutls_global.c (+4 -2), gnutls_ui.c (+6 -5), gnutls_ui.h (-26)
• lib/x509: compat.h (+2), rfc2818_hostname.c (+5 -4), x509.c (+3 -2)

nmav 2003-02-10 00:05 #31

*** empty log message ***

21 lines of code changed in:

• ChangeLog (+21)

nmav 2003-02-09 10:53 #30

fixes in pkcs3 DH parameter generation.

26 lines of code changed in:

• lib: gnutls_dh_primes.c (+3 -2)
• src: prime.c (+23 -1)

nmav 2003-02-09 10:39 #29

*** empty log message ***

0 lines of code changed in:

• libextra: auth_srp_rsa.c (-1)

nmav 2003-02-09 10:37 #28

Several internal changes to use the new certificate API. CRL support is complete.

1068 lines of code changed in:

• includes: Makefile.am (+1 -1)
• includes/gnutls: Makefile.am (+1 -1), compat8.h (new)
• lib: Makefile.am (+5 -5), auth_cert.c (+130 -168), auth_cert.h (+8 -4), auth_dhe.c (+3 -4), auth_rsa.c (+4 -5), auth_rsa_export.c (+7 -8), gnutls.h.in.in (+7), gnutls_cert.c (+132 -28), gnutls_cert.h (+17 -17), gnutls_dh_primes.c (+1 -1), gnutls_handshake.c (+1 -1), gnutls_rsa_export.c (+1 -1), gnutls_ui.h (+2 -22), gnutls_x509.c (+494 -548), gnutls_x509.h (+3 -9), x509_extensions.c (del), x509_extensions.h (del), x509_sig_check.c (del), x509_verify.c (del), x509_verify.h (del)
• lib/x509: compat.c (+186), extensions.c (-2), pkcs7.h (+8), x509.h (+14)
• libextra: auth_srp_rsa.c (+3 -3), gnutls_extra.h (+1 -1), gnutls_openpgp.c (+3 -60), gnutls_openpgp.h (+1 -1)
• src: cli-gaa.c (changed), cli-gaa.h (changed), cli.c (+12 -46), cli.gaa (+4 -1), serv-gaa.c (changed), serv-gaa.h (changed), serv.c (+15 -61), serv.gaa (+4 -1)

nmav 2003-02-09 00:05 #27

*** empty log message ***

12 lines of code changed in:

• ChangeLog (+12)

nmav 2003-02-08 21:25 #26

Certificate revocation support is almost complete.

732 lines of code changed in:

• includes/gnutls: x509.h (+10 -4)
• lib/x509: Makefile.am (+1 -1), common.c (+2 -2), crl.c (+109 -75), crl.h (del), dn.c (+23), dn.h (+5), pkcs7.c (+8 -5), verify.c (+27 -36), x509.c (+102 -3), x509.h (+23)
• tests: test20.pem (new 192), test21.pem (new 163), x509_test.c (+67 -10)

nmav 2003-02-08 15:46 #25

added a crl verification function (untested yet).

432 lines of code changed in:

• includes/gnutls: x509.h (+23 -5)
• lib: gnutls.h.in.in (+5), gnutls_int.h (+5)
• lib/x509: crl.c (+56 -2), crl.h (+9), verify.c (+229 -83), verify.h (+18 -1), x509.c (+81 -2), x509.h (+6)

nmav 2003-02-08 12:29 #24

*** empty log message ***

4 lines of code changed in:

• libextra: gnutls_openpgp.c (-5)
• src: common.c (+4)

nmav 2003-02-08 12:21 #23

Added some new certificate verification functions.

1028 lines of code changed in:

• includes/gnutls: x509.h (+15 -6)
• lib: Makefile.am (+2 -1), gnutls_x509.c (+3 -286), x509_b64.c (+7 -7)
• lib/x509: Makefile.am (+4 -3), compat.c (+21 -21), compat.h (+3), crl.c (+4 -3), dn.c (+31 -20), dn.h (+1 -1), extensions.c (+9 -6), extensions.h (+1 -1), mpi.c (new 275), mpi.h (new 7), rfc2818_hostname.c (+1 -1), verify.c (new 541), verify.h (new 3), x509.c (+23 -18), x509.h (+10 -4)
• tests: test2.pem (+2 -1), x509_test.c (+65 -85)

nmav 2003-02-08 08:29 #22

*** empty log message ***

63 lines of code changed in:

• NEWS (+1)
• includes/gnutls: x509.h (+7)
• lib: gnutls_cert.c (+1 -1)
• lib/x509: dn.c (+54 -2)

nmav 2003-02-08 00:05 #21

*** empty log message ***

54 lines of code changed in:

• ChangeLog (+54)

nmav 2003-02-07 23:20 #20

removed the raw part in the gnutls_privkey internal structure..

2 lines of code changed in:

• lib: Makefile.am (+1 -2), gnutls_cert.c (+1), gnutls_cert.h (-1), gnutls_privkey.c (-23)

nmav 2003-02-07 22:03 #19

Criticality of an X.509 extension can now be extracted.

38 lines of code changed in:

• includes/gnutls: x509.h (+5 -4)
• lib/x509: compat.c (+2 -2), extensions.c (+15 -5), extensions.h (+1 -1), rfc2818_hostname.c (+1 -2), x509.c (+13 -8), x509.h (+1 -1)

nmav 2003-02-07 21:46 #18

Added function to extract the key usage extension from an X.509 certificate, and combined some code.

322 lines of code changed in:

• includes/gnutls: x509.h (+15)
• lib: x509_extensions.c (+4 -87)
• lib/x509: .cvsignore (new 14), extensions.c (new 235), extensions.h (new 6), x509.c (+48 -25)

nmav 2003-02-07 20:42 #17

*** empty log message ***

1 lines of code changed in:

• lib: Makefile.am (+1 -1)

nmav 2003-02-07 20:01 #16

More stuff for the new certificate API.

911 lines of code changed in:

• NEWS (+2)
• includes/gnutls: x509.h (+1)
• lib: Makefile.am (+1 -1), gnutls_dh_primes.c (+4 -4), gnutls_ui.h (+2 -2), gnutls_x509.h (-5), rfc2818_hostname.c (del), x509_xml.c (del)
• lib/x509: Makefile.am (+14 -3), compat.h (new 5), dn.h (+12), rfc2818_hostname.c (new 213), x509.h (+7), xml.c (new 650)

nmav 2003-02-07 15:48 #15

The old certificate parsing API was reimplemented over the new one. It will stay in the 1.0.0 release for compatibility reasons.

1686 lines of code changed in:

• NEWS (+4)
• includes/gnutls: x509.h (+8 -3)
• lib: Makefile.am (+1 -1), gnutls_cert.c (+1 -1), gnutls_errors.h (-1), gnutls_errors_int.h (+6), gnutls_x509.c (+1055 -2114)
• lib/x509: Makefile.am (+2 -2), compat.c (new 502), dn.c (+107 -33)

nmav 2003-02-07 14:33 #14

Added the new PKCS7 parsing functions.

432 lines of code changed in:

• includes/gnutls: x509.h (+25 -9)
• lib: Makefile.am (+1 -1), gnutls_x509.h (+2)
• lib/x509: Makefile.am (+4 -2), common.h (+4 -2), crl.c (+3 -2), pkcs7.c (new 383), pkcs7.h (new 6), x509.c (+4 -3)

nmav 2003-02-07 11:22 #13

Added the new certificate handling functions.

795 lines of code changed in:

• lib/x509: x509.c (new 785), x509.h (new 10)

nmav 2003-02-07 11:15 #12

Added the new certificate handling functions.

114 lines of code changed in:

• includes/gnutls: x509.h (+53 -16)
• lib: Makefile.am (+2 -1), gnutls_x509.c (+7 -14), gnutls_x509.h (+3 -3), x509_xml.c (+2 -1)
• lib/x509: Makefile.am (+2 -2), common.c (+8), common.h (+5), crl.c (+29 -28), crl.h (+3 -3)

nmav 2003-02-07 10:06 #11

More improvements in the CRL support, and the X.509 backend. Added a function to get some parts of the DN using an OID.

728 lines of code changed in:

• THANKS (-1)
• includes/gnutls: x509.h (+17)
• lib: Makefile.am (+1 -1), gnutls_x509.c (+3 -420), gnutls_x509.h (-17), x509_extensions.c (+1), x509_xml.c (+1)
• lib/x509: Makefile.am (+2 -2), common.c (new 459), common.h (new 18), crl.c (+37 -3), dn.c (+185 -7), dn.h (+4)

nmav 2003-02-07 00:05 #10

*** empty log message ***

13 lines of code changed in:

• ChangeLog (+13)

nmav 2003-02-06 17:49 #9

CRL parsing support is almost complete.

271 lines of code changed in:

• includes/gnutls: x509.h (+10)
• lib: gnutls.h.in.in (+2 -1), gnutls_x509.c (+43 -37), gnutls_x509.h (+3)
• lib/x509: crl.c (+211), crl.h (+2)

nmav 2003-02-06 11:05 #8

Several fixes and improvements in CRL support.

181 lines of code changed in:

• includes/gnutls: x509.h (+6 -3)
• lib: debug.c (-19), debug.h (-1), gnutls_dh_primes.c (+10 -10), gnutls_rsa_export.c (+6 -2), gnutls_str.c (+21), gnutls_str.h (+3), gnutls_x509.c (+30 -15), gnutls_x509.h (+2)
• lib/x509: crl.c (+64 -14), dn.c (+38 -50), dn.h (+1 -1)

nmav 2003-02-06 00:05 #7

*** empty log message ***

15 lines of code changed in:

• ChangeLog (+15)

nmav 2003-02-05 21:20 #6

Added preliminary CRL support. This will be under the new X.509 API. Other x509 functions will be updated later.

507 lines of code changed in:

• NEWS (+4 -4), configure.in (+1 -1)
• includes: Makefile.am (+1 -1)
• includes/gnutls: Makefile.am (+1 -1), x509.h (new 50)
• lib: Makefile.am (+2 -2), gnutls_int.h (+2 -2), gnutls_x509.c (+2 -2)
• lib/x509: Makefile.am (new 8), crl.c (new 149), crl.h (new 1), dn.c (new 283), dn.h (new 3)

nmav 2003-02-05 08:56 #5

some fixes. There wasn't any limitation in libtasn1 code... just my lazyness.

3 lines of code changed in:

• lib: gnutls_dh_primes.c (+2 -5), gnutls_pk.c (+1)

nmav 2003-02-04 00:05 #4

*** empty log message ***

42 lines of code changed in:

• ChangeLog (+42)

nmav 2003-02-03 18:41 #3

use options to print DH parameters.

26 lines of code changed in:

• src: prime-gaa.c (changed), prime-gaa.h (changed), prime.c (+21 -17), prime.gaa (+5 -2)

nmav 2003-02-03 18:34 #2

* Added gnutls_pkcs3_extract_dh_params() and gnutls_pkcs3_export_dh_params()
which extracts and export parameters from and to PKCS#3 encoded structures.
These were added to read parameters generated using the openssl dhparam tool.
* The prime program was modified to also print the generated prime and generator
using the PKCS#3 format.

162 lines of code changed in:

• NEWS (+3 -3)
• lib: gnutls_dh_primes.c (+119 -1), gnutls_int.h (+2 -2), gnutls_ui.h (+5 -1)
• lib/minitasn1: coding.c (+3 -1)
• src: prime.c (+30 -9)

nmav 2003-02-03 17:11 #1

* gnutls_dh_params_generate() and gnutls_rsa_params_generate() now use
gnutls_malloc() to allocate the output parameters.

* Added gnutls_pkcs3_extract_dh_params() which extracts parameters from
PKCS#3 encoded structures. This was in order to read parameters generated
using the openssl dhparam tool.

* Several changes in the temporary (DH/RSA) parameter codebase. No DH
parameters are now included in the library. Also a credentials structure
can now hold only one temporary parameter.

307 lines of code changed in:

• NEWS (+8)
• doc: TODO (-1)
• lib: Makefile.am (+2 -2), auth_anon.c (+4 -6), auth_dhe.c (+5 -6), gnutls.asn (+8), gnutls.h.in.in (-4), gnutls_alert.c (+3), gnutls_anon_cred.c (-1), gnutls_asn1_tab.c (changed), gnutls_cert.c (-2), gnutls_dh.h (+1 -5), gnutls_dh_primes.c (+165 -438), gnutls_errors.c (+1), gnutls_errors_int.h (+1), gnutls_global.c (-9), gnutls_int.h (+2 -10), gnutls_mpi.c (+3 -1), gnutls_rsa_export.c (+21 -21), gnutls_state.c (+2 -2), gnutls_ui.h (+4)
• src: serv-gaa.c (changed), serv-gaa.h (changed), serv.c (+71 -13), serv.gaa (+6 -1)

January 2003 »