]> git.ipfire.org Git - thirdparty/gnutls.git/log
thirdparty/gnutls.git
10 years agocerttool: introduced the --p7-show-data option
Nikos Mavrogiannopoulos [Thu, 17 Dec 2015 13:18:17 +0000 (14:18 +0100)] 
certtool: introduced the --p7-show-data option

This option allows printing the embedded data in a PKCS#7 signed
structure.

10 years agognutls_pkcs7_get_embedded_data: added function
Nikos Mavrogiannopoulos [Thu, 17 Dec 2015 13:17:23 +0000 (14:17 +0100)] 
gnutls_pkcs7_get_embedded_data: added function

This function allows extracting the embedded data from a PKCS#7 signed
structure.

10 years agotests: updated pkcs7-gen to account for content-type attribute
Nikos Mavrogiannopoulos [Wed, 16 Dec 2015 15:13:41 +0000 (16:13 +0100)] 
tests: updated pkcs7-gen to account for content-type attribute

10 years agotests: check whether the content-type attribute is set if we sign using time
Nikos Mavrogiannopoulos [Wed, 16 Dec 2015 13:52:39 +0000 (14:52 +0100)] 
tests: check whether the content-type attribute is set if we sign using time

10 years agopkcs7: set by default the content type attribute
Nikos Mavrogiannopoulos [Wed, 16 Dec 2015 13:28:23 +0000 (14:28 +0100)] 
pkcs7: set by default the content type attribute

That is a requirement of rfc5652. Relates #59

10 years agopkcs7: use the PK_PKIX1_RSA_OID when writing RSA signature OIDs for PKCS#7 structures
Nikos Mavrogiannopoulos [Wed, 16 Dec 2015 13:02:56 +0000 (14:02 +0100)] 
pkcs7: use the PK_PKIX1_RSA_OID when writing RSA signature OIDs for PKCS#7 structures

That is because there are implementations which cannot cope with the
normal RSA signature OIDs. Relates #59

10 years agopkcs7: Disable the optional fields prior to generating the PKCS#7 structure
Nikos Mavrogiannopoulos [Wed, 16 Dec 2015 09:10:20 +0000 (10:10 +0100)] 
pkcs7: Disable the optional fields prior to generating the PKCS#7 structure

This resolves issue with our PKCS#7 structures not being parsed by
MacOSX' tools. Relates #59

10 years agocerttool: corrected invalid free
Nikos Mavrogiannopoulos [Tue, 15 Dec 2015 21:28:55 +0000 (22:28 +0100)] 
certtool: corrected invalid free

10 years agocerttool: warn if an ECDSA key is marked for encryption
Nikos Mavrogiannopoulos [Tue, 15 Dec 2015 21:27:50 +0000 (22:27 +0100)] 
certtool: warn if an ECDSA key is marked for encryption

10 years agobuild: fix make distclean by including src/gl only once
Nikos Mavrogiannopoulos [Tue, 15 Dec 2015 19:36:29 +0000 (20:36 +0100)] 
build: fix make distclean by including src/gl only once

10 years agomake sure gnutls_assert is present at the cases where GNUTLS_E_INTERNAL_ERROR is...
Nikos Mavrogiannopoulos [Tue, 15 Dec 2015 12:52:20 +0000 (13:52 +0100)] 
make sure gnutls_assert is present at the cases where GNUTLS_E_INTERNAL_ERROR is returned

10 years agoconfigure: really make --disable-crywrap work
Gustavo Zacarias [Mon, 14 Dec 2015 18:20:25 +0000 (15:20 -0300)] 
configure: really make --disable-crywrap work

The crywrap variable is set regardless of the state of enable_crywrap,
hence --disable-crywrap never works.
Just put the tests for crywrap deps inside the enable_crywrap
conditional.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
10 years agocerttool: the --p7-time option was made an enable/disable option
Nikos Mavrogiannopoulos [Tue, 15 Dec 2015 10:29:09 +0000 (11:29 +0100)] 
certtool: the --p7-time option was made an enable/disable option

It remains disabled by default.

10 years agodoc update
Nikos Mavrogiannopoulos [Mon, 14 Dec 2015 14:19:59 +0000 (15:19 +0100)] 
doc update

10 years agotests: check whether server returns the correct error code if presented with invalid...
Nikos Mavrogiannopoulos [Mon, 14 Dec 2015 14:03:23 +0000 (15:03 +0100)] 
tests: check whether server returns the correct error code if presented with invalid versions

That is gnutls_handshake() will return GNUTLS_E_UNSUPPORTED_VERSION_PACKET in
server side, if the client presents a very old TLS version which is not supported.

Relates #42

10 years agohandshake: when receiving a TLS version which is too low fail
Nikos Mavrogiannopoulos [Mon, 14 Dec 2015 13:34:04 +0000 (14:34 +0100)] 
handshake: when receiving a TLS version which is too low fail

That is, don't treat all unsupported version as being to high. Treat
versions which are not known and lower than the highest as a protocol
error.

Resolves #42

10 years ago.gitlab-ci.yml: valgrind build was moved at the end as it is the slowest build
Nikos Mavrogiannopoulos [Sun, 13 Dec 2015 11:34:47 +0000 (12:34 +0100)] 
.gitlab-ci.yml: valgrind build was moved at the end as it is the slowest build

10 years agocerttool: the --p7-include-cert option is enabled by default
Nikos Mavrogiannopoulos [Sun, 13 Dec 2015 11:24:44 +0000 (12:24 +0100)] 
certtool: the --p7-include-cert option is enabled by default

This allows to generate PKCS#7 structures by default that can be
read by iOS.

10 years ago#56 Feature: certtool --p7-sign support GNUTLS_PKCS7_INCLUDE_CERT
sskaje [Sun, 13 Dec 2015 08:31:19 +0000 (16:31 +0800)] 
#56 Feature: certtool --p7-sign support GNUTLS_PKCS7_INCLUDE_CERT

10 years agognutls-cli-debug: rephrased inappropriate fallback test description to match the...
Nikos Mavrogiannopoulos [Thu, 10 Dec 2015 08:35:59 +0000 (09:35 +0100)] 
gnutls-cli-debug: rephrased inappropriate fallback test description to match the rest

10 years agodoc update
Nikos Mavrogiannopoulos [Tue, 8 Dec 2015 09:59:02 +0000 (10:59 +0100)] 
doc update

10 years agoDo not allow importing public keys from PKCS #11 private keys for DSA and ECDSA
Nikos Mavrogiannopoulos [Tue, 8 Dec 2015 09:52:43 +0000 (10:52 +0100)] 
Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA

This prevents the reading of the public key when non-RSA keys are available. This
is a much cleaner approach than 5a4e692511dc3a829eda0d7c5a87e56cbc2055f0.

10 years agoRevert "Do not allow importing public keys from PKCS #11 private keys for DSA and...
Nikos Mavrogiannopoulos [Tue, 8 Dec 2015 09:48:13 +0000 (10:48 +0100)] 
Revert "Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA"

This reverts commit 5a4e692511dc3a829eda0d7c5a87e56cbc2055f0.

10 years agotests: check whether a peer changing certificate is detected
Nikos Mavrogiannopoulos [Tue, 8 Dec 2015 09:44:30 +0000 (10:44 +0100)] 
tests: check whether a peer changing certificate is detected

10 years agotests: doc update
Nikos Mavrogiannopoulos [Tue, 8 Dec 2015 09:20:34 +0000 (10:20 +0100)] 
tests: doc update

10 years agoDo not allow certificate change during a rehandshake
Nikos Mavrogiannopoulos [Tue, 8 Dec 2015 09:17:49 +0000 (10:17 +0100)] 
Do not allow certificate change during a rehandshake

That is require that the certificate of the peer remains the same
and return GNUTLS_E_SESSION_CERTIFICATE_CHANGED otherwise. To revert
to the previous behavior the GNUTLS_ALLOW_CERT_CHANGE flag was introduced.

10 years agotests: check whether gnutls_pubkey_import_privkey() operates well for PKCS#11 RSA...
Nikos Mavrogiannopoulos [Sun, 6 Dec 2015 11:00:46 +0000 (12:00 +0100)] 
tests: check whether gnutls_pubkey_import_privkey() operates well for PKCS#11 RSA keys

10 years agoDo not allow importing public keys from PKCS #11 private keys for DSA and ECDSA
Nikos Mavrogiannopoulos [Sun, 6 Dec 2015 10:35:57 +0000 (11:35 +0100)] 
Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA

That is, because they do not contain all the required parameters for a direct
import. Reported by Jan Vcelak.

10 years agopkcs11: avoid setting a variable which isn't used
Nikos Mavrogiannopoulos [Sun, 6 Dec 2015 09:58:45 +0000 (10:58 +0100)] 
pkcs11: avoid setting a variable which isn't used

10 years agoMAX_PK_PARAM_SIZE was moved to gnutls_int.h
Nikos Mavrogiannopoulos [Sun, 6 Dec 2015 09:57:48 +0000 (10:57 +0100)] 
MAX_PK_PARAM_SIZE was moved to gnutls_int.h

10 years agopkcs11: deinitialize gnutls_pkcs11_obj_t's pubkey on deinit
Nikos Mavrogiannopoulos [Sun, 6 Dec 2015 09:54:37 +0000 (10:54 +0100)] 
pkcs11: deinitialize gnutls_pkcs11_obj_t's pubkey on deinit

10 years agopkcs11: fix passing of incorrect variable in privkey_get_pubkey
Jan Vcelak [Sat, 5 Dec 2015 23:46:39 +0000 (00:46 +0100)] 
pkcs11: fix passing of incorrect variable in privkey_get_pubkey

The code worked for RSA because the content of the variables matched.
But it doesn't match for ECC.

CKM_RSA_PKCS_KEY_PAIR_GEN (0x0) == CKK_RSA (0x0)
CKM_ECDSA_KEY_PAIR_GEN (0x1040) != CKK_ECDSA (0x3)

Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>
10 years agognutls-cli: don't use RSA ciphersuites to test chacha20 as they are not defined
Nikos Mavrogiannopoulos [Wed, 2 Dec 2015 17:40:28 +0000 (18:40 +0100)] 
gnutls-cli: don't use RSA ciphersuites to test chacha20 as they are not defined

10 years agodocumented bug in gnutls_x509_crt_get_*_unique_id()
Nikos Mavrogiannopoulos [Wed, 2 Dec 2015 15:15:03 +0000 (16:15 +0100)] 
documented bug in gnutls_x509_crt_get_*_unique_id()

10 years agotools: don't compile tpmtool if PKCS11 is disabled
Nikos Mavrogiannopoulos [Tue, 1 Dec 2015 09:40:23 +0000 (10:40 +0100)] 
tools: don't compile tpmtool if PKCS11 is disabled

That is because GnuTLS' TPM code makes use of the PKCS11 PIN callbacks.

10 years agoAmend "When decoding extensions do not ignore decoding errors"
Nikos Mavrogiannopoulos [Mon, 30 Nov 2015 09:34:03 +0000 (10:34 +0100)] 
Amend "When decoding extensions do not ignore decoding errors"

Do not treat an error the fact that no extensions field is present.

10 years agoallow specifying NULL buffer in gnutls_x509_crt_get_*_unique_id()
Nikos Mavrogiannopoulos [Mon, 30 Nov 2015 08:49:08 +0000 (09:49 +0100)] 
allow specifying NULL buffer in gnutls_x509_crt_get_*_unique_id()

10 years agoNEWS: removed functions that were part of 3.4.x releases
Nikos Mavrogiannopoulos [Thu, 26 Nov 2015 11:46:02 +0000 (12:46 +0100)] 
NEWS: removed functions that were part of 3.4.x releases

10 years agodoc update
Nikos Mavrogiannopoulos [Sun, 29 Nov 2015 09:37:53 +0000 (10:37 +0100)] 
doc update

10 years agotests: added check for TLS extension decoding error propagation
Nikos Mavrogiannopoulos [Sun, 29 Nov 2015 09:30:01 +0000 (10:30 +0100)] 
tests: added check for TLS extension decoding error propagation

Relates #40

10 years agoWhen decoding extensions do not ignore decoding errors
Nikos Mavrogiannopoulos [Sun, 29 Nov 2015 08:24:12 +0000 (09:24 +0100)] 
When decoding extensions do not ignore decoding errors

That is, move from a parsing error tolerance to a more strict
decoding approach.
Relates #40

10 years ago.gitignore: more files to ignore
Nikos Mavrogiannopoulos [Sat, 28 Nov 2015 09:43:31 +0000 (10:43 +0100)] 
.gitignore: more files to ignore

10 years agoocsp_output: when next update is not present don't print error message
Nikos Mavrogiannopoulos [Sat, 28 Nov 2015 09:11:52 +0000 (10:11 +0100)] 
ocsp_output: when next update is not present don't print error message

That is because this field is optional.
Resolves #53

10 years agotests: override-ciphers will not run mac tests on windows
Nikos Mavrogiannopoulos [Thu, 26 Nov 2015 10:23:15 +0000 (11:23 +0100)] 
tests: override-ciphers will not run mac tests on windows

There is some issue with symbols for self tests not being exported.

10 years ago.gitlab-ci.yml: removed separate builddir build from x86-64 targets to reduce builds
Nikos Mavrogiannopoulos [Thu, 26 Nov 2015 08:37:02 +0000 (09:37 +0100)] 
.gitlab-ci.yml: removed separate builddir build from x86-64 targets to reduce builds

10 years agotests: updates for certtool test to run under windows
Nikos Mavrogiannopoulos [Thu, 26 Nov 2015 08:32:25 +0000 (09:32 +0100)] 
tests: updates for certtool test to run under windows

10 years ago.gitlab-ci.yml: minimal library no longer requires x86-64 for compilation
Nikos Mavrogiannopoulos [Thu, 26 Nov 2015 08:25:48 +0000 (09:25 +0100)] 
.gitlab-ci.yml: minimal library no longer requires x86-64 for compilation

10 years ago.gitlab-ci.yml: in windows build skip the gnulib tests
Nikos Mavrogiannopoulos [Wed, 25 Nov 2015 18:24:15 +0000 (19:24 +0100)] 
.gitlab-ci.yml: in windows build skip the gnulib tests

10 years ago.gitlab-ci.yml: added windows build
Nikos Mavrogiannopoulos [Wed, 25 Nov 2015 10:57:31 +0000 (11:57 +0100)] 
.gitlab-ci.yml: added windows build

10 years agotests: changes for running tests under windows
Nikos Mavrogiannopoulos [Wed, 25 Nov 2015 10:56:49 +0000 (11:56 +0100)] 
tests: changes for running tests under windows

10 years agotests: cipher-test will forward the prog exit code as the script exit code
Nikos Mavrogiannopoulos [Wed, 25 Nov 2015 10:56:06 +0000 (11:56 +0100)] 
tests: cipher-test will forward the prog exit code as the script exit code

10 years agoREADME: added information for windows build
Nikos Mavrogiannopoulos [Wed, 25 Nov 2015 10:25:07 +0000 (11:25 +0100)] 
README: added information for windows build

10 years agolibopts: use the O_BINARY flag in windows for files
Nikos Mavrogiannopoulos [Wed, 25 Nov 2015 09:53:51 +0000 (10:53 +0100)] 
libopts: use the O_BINARY flag in windows for files

10 years agolibopts: updated to 5.18.6
Nikos Mavrogiannopoulos [Wed, 25 Nov 2015 09:49:30 +0000 (10:49 +0100)] 
libopts: updated to 5.18.6

10 years agouse consistent terms in system.c and system-keys-win.c
Nikos Mavrogiannopoulos [Wed, 25 Nov 2015 09:25:08 +0000 (10:25 +0100)] 
use consistent terms in system.c and system-keys-win.c

10 years agotests: added basic functionality testing for system-keys in windows
Nikos Mavrogiannopoulos [Wed, 25 Nov 2015 09:21:46 +0000 (10:21 +0100)] 
tests: added basic functionality testing for system-keys in windows

10 years agodoc update
Nikos Mavrogiannopoulos [Wed, 25 Nov 2015 08:49:03 +0000 (09:49 +0100)] 
doc update

10 years agoAdded gnutls_encode_ber_digest_info and gnutls_decode_ber_digest_info
Nikos Mavrogiannopoulos [Wed, 25 Nov 2015 08:46:26 +0000 (09:46 +0100)] 
Added gnutls_encode_ber_digest_info and gnutls_decode_ber_digest_info

10 years agocross.mk: allow building with mingw64
Nikos Mavrogiannopoulos [Tue, 24 Nov 2015 12:27:13 +0000 (13:27 +0100)] 
cross.mk: allow building with mingw64

10 years agotests: use gnulib where needed
Nikos Mavrogiannopoulos [Tue, 24 Nov 2015 12:09:40 +0000 (13:09 +0100)] 
tests: use gnulib where needed

10 years agocross.mk: updated windows cross compile makefile
Nikos Mavrogiannopoulos [Tue, 24 Nov 2015 12:04:28 +0000 (13:04 +0100)] 
cross.mk: updated windows cross compile makefile

10 years agotests: disable global-init-override test in windows
Nikos Mavrogiannopoulos [Tue, 24 Nov 2015 12:03:15 +0000 (13:03 +0100)] 
tests: disable global-init-override test in windows

Gcc does not support weak symbols on this platform.

10 years agotools: don't call endservent in windows
Nikos Mavrogiannopoulos [Tue, 24 Nov 2015 11:54:32 +0000 (12:54 +0100)] 
tools: don't call endservent in windows

10 years agoadded cast to silence gcc warning
Nikos Mavrogiannopoulos [Sun, 22 Nov 2015 12:27:14 +0000 (13:27 +0100)] 
added cast to silence gcc warning

10 years agotests: added check for multiple extension registering
Nikos Mavrogiannopoulos [Sat, 21 Nov 2015 12:33:42 +0000 (13:33 +0100)] 
tests: added check for multiple extension registering

10 years agostatically initialize extensions instead of using the lib constructor
Nikos Mavrogiannopoulos [Sat, 21 Nov 2015 12:25:20 +0000 (13:25 +0100)] 
statically initialize extensions instead of using the lib constructor

10 years agomarked all extensions structures as constant
Nikos Mavrogiannopoulos [Sat, 21 Nov 2015 12:09:19 +0000 (13:09 +0100)] 
marked all extensions structures as constant

10 years agosystem-keys-win: allow reinitialization of the library after a deinitialization
Nikos Mavrogiannopoulos [Sat, 21 Nov 2015 10:33:45 +0000 (11:33 +0100)] 
system-keys-win: allow reinitialization of the library after a deinitialization

10 years agogetfuncs.pl: don't consider functions with _gnutls prefix
Nikos Mavrogiannopoulos [Sat, 21 Nov 2015 00:05:37 +0000 (01:05 +0100)] 
getfuncs.pl: don't consider functions with _gnutls prefix

10 years agognutls_global_init_skip: prefixed with an underscore
Nikos Mavrogiannopoulos [Fri, 20 Nov 2015 23:52:51 +0000 (00:52 +0100)] 
gnutls_global_init_skip: prefixed with an underscore

10 years ago.gitlab-ci.yml: added clang compilation target
Nikos Mavrogiannopoulos [Fri, 20 Nov 2015 12:57:09 +0000 (13:57 +0100)] 
.gitlab-ci.yml: added clang compilation target

10 years agocerttool: check fread_file() for errors in all situations
Nikos Mavrogiannopoulos [Fri, 20 Nov 2015 09:11:29 +0000 (10:11 +0100)] 
certtool: check fread_file() for errors in all situations

This caused certtool to crash on invalid input on stdin.
Reported by Christoph Biedl.

10 years agodoc update
Nikos Mavrogiannopoulos [Thu, 19 Nov 2015 10:46:39 +0000 (11:46 +0100)] 
doc update

10 years agognutls_certificate_set_flags: Added since
Nikos Mavrogiannopoulos [Wed, 18 Nov 2015 20:44:54 +0000 (21:44 +0100)] 
gnutls_certificate_set_flags: Added since

10 years agotests: check gnutls_certificate_flags
Nikos Mavrogiannopoulos [Wed, 18 Nov 2015 19:16:38 +0000 (20:16 +0100)] 
tests: check gnutls_certificate_flags

10 years agoAdded gnutls_certificate_flags() and GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH
Nikos Mavrogiannopoulos [Wed, 18 Nov 2015 19:13:07 +0000 (20:13 +0100)] 
Added gnutls_certificate_flags() and GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH

That allows a user of the credentials to disable the certificate matching
action. That is, to disable the calls to sign and verify on initialization.

10 years agolink with libdl when trousers is enabled; reported by Andreas Schneider
Nikos Mavrogiannopoulos [Wed, 18 Nov 2015 15:39:36 +0000 (16:39 +0100)] 
link with libdl when trousers is enabled; reported by Andreas Schneider

10 years agoenhanced cipher selftests with variable key sizes on arcfour
Nikos Mavrogiannopoulos [Wed, 18 Nov 2015 15:30:24 +0000 (16:30 +0100)] 
enhanced cipher selftests with variable key sizes on arcfour

10 years agoDo not enforce a maximum key size on ARCFOUR
Nikos Mavrogiannopoulos [Wed, 18 Nov 2015 14:55:19 +0000 (15:55 +0100)] 
Do not enforce a maximum key size on ARCFOUR

That makes the library consistent with the behavior of previous versions (3.3.x)

10 years agognutls-cli-debug: make TLS 1.6 fallback check more reliable
Nikos Mavrogiannopoulos [Wed, 18 Nov 2015 09:22:31 +0000 (10:22 +0100)] 
gnutls-cli-debug: make TLS 1.6 fallback check more reliable

10 years agodoc update
Nikos Mavrogiannopoulos [Wed, 18 Nov 2015 08:24:18 +0000 (09:24 +0100)] 
doc update

10 years agoREADME: added non-interactive versions of commands
Nikos Mavrogiannopoulos [Tue, 17 Nov 2015 06:09:05 +0000 (07:09 +0100)] 
README: added non-interactive versions of commands

10 years ago.gitlab-ci.yml: disable non-suiteb curves in all systems as we have multiple which...
Nikos Mavrogiannopoulos [Mon, 16 Nov 2015 17:52:48 +0000 (18:52 +0100)] 
.gitlab-ci.yml: disable non-suiteb curves in all systems as we have multiple which are fedoras

10 years agotests: corrected copyright info
Nikos Mavrogiannopoulos [Mon, 16 Nov 2015 16:28:49 +0000 (17:28 +0100)] 
tests: corrected copyright info

10 years agodocumented GNUTLS_SKIP_GLOBAL_INIT macro
Nikos Mavrogiannopoulos [Mon, 16 Nov 2015 15:32:04 +0000 (16:32 +0100)] 
documented GNUTLS_SKIP_GLOBAL_INIT macro

10 years agotests: added check for overriding global initialization
Nikos Mavrogiannopoulos [Mon, 16 Nov 2015 15:30:37 +0000 (16:30 +0100)] 
tests: added check for overriding global initialization

10 years agoAdded GNUTLS_SKIP_GLOBAL_INIT macro to allow programs skip implicit global initialization
Nikos Mavrogiannopoulos [Mon, 16 Nov 2015 15:25:31 +0000 (16:25 +0100)] 
Added GNUTLS_SKIP_GLOBAL_INIT macro to allow programs skip implicit global initialization

10 years agotests: utils.c: simplify windows check
Nikos Mavrogiannopoulos [Mon, 16 Nov 2015 14:02:48 +0000 (15:02 +0100)] 
tests: utils.c: simplify windows check

10 years ago.gitlab-ci.yml: added build and check in FIPS140-2 mode
Nikos Mavrogiannopoulos [Mon, 16 Nov 2015 11:40:14 +0000 (12:40 +0100)] 
.gitlab-ci.yml: added build and check in FIPS140-2 mode

10 years agotests: made seccomp tests more reliable by waiting for each side to terminate
Nikos Mavrogiannopoulos [Sun, 15 Nov 2015 19:35:18 +0000 (20:35 +0100)] 
tests: made seccomp tests more reliable by waiting for each side to terminate

10 years agodoc: document how to use gnutls with seccomp
Nikos Mavrogiannopoulos [Sun, 15 Nov 2015 16:06:18 +0000 (17:06 +0100)] 
doc: document how to use gnutls with seccomp

10 years ago.gitlab-ci.yml: reorganized and added a simple build and check on x86-64 rule
Nikos Mavrogiannopoulos [Sun, 15 Nov 2015 15:32:47 +0000 (16:32 +0100)] 
.gitlab-ci.yml: reorganized and added a simple build and check on x86-64 rule

The latter also enables the seccomp checks.

10 years agotests: check operation of TLS and DTLS under seccomp when configured with --enable...
Nikos Mavrogiannopoulos [Sun, 15 Nov 2015 14:51:14 +0000 (15:51 +0100)] 
tests: check operation of TLS and DTLS under seccomp when configured with --enable-seccomp-tests

10 years agognutls_x509_crt_set_subject/issuer_unique_id: added Since in doc
Nikos Mavrogiannopoulos [Fri, 13 Nov 2015 15:39:24 +0000 (16:39 +0100)] 
gnutls_x509_crt_set_subject/issuer_unique_id: added Since in doc

10 years agodoc update
Nikos Mavrogiannopoulos [Fri, 13 Nov 2015 13:40:20 +0000 (14:40 +0100)] 
doc update

10 years agoAdded documentation on PKCS #7 signing
Nikos Mavrogiannopoulos [Fri, 13 Nov 2015 10:00:10 +0000 (11:00 +0100)] 
Added documentation on PKCS #7 signing

10 years agoupdated chacha20 ciphers to conform to latest draft
Nikos Mavrogiannopoulos [Thu, 12 Nov 2015 15:38:02 +0000 (16:38 +0100)] 
updated chacha20 ciphers to conform to latest draft

10 years agotests: suite: more shell scripts were given the .sh suffix and simplified makefile
Nikos Mavrogiannopoulos [Thu, 12 Nov 2015 14:03:10 +0000 (15:03 +0100)] 
tests: suite: more shell scripts were given the .sh suffix and simplified makefile

10 years agotests: verify that unique IDs are generated as expected
Nikos Mavrogiannopoulos [Thu, 12 Nov 2015 11:04:04 +0000 (12:04 +0100)] 
tests: verify that unique IDs are generated as expected

10 years agocerttool: Allow writing unique IDs in generated certificates
Nikos Mavrogiannopoulos [Thu, 12 Nov 2015 11:03:14 +0000 (12:03 +0100)] 
certtool: Allow writing unique IDs in generated certificates