draft-mavrogiannopoulos-chacha-tls-05 and draft-irtf-cfrg-chacha20-poly1305-10.
That is currently provided as technology preview and is not enabled by
default, since there are no assigned ciphersuite points by IETF and there
-is no guarrantee of compatibility between draft versions. The ciphersuite
+is no guarantee of compatibility between draft versions. The ciphersuite
priority string to enable it is "+CHACHA20-POLY1305".
** libgnutls: Added support for encrypt-then-authenticate in CBC
# and store them in the real certificate.
#honor_crq_extensions
-# Path length contraint. Sets the maximum number of
+# Path length constraint. Sets the maximum number of
# certificates that can be used to certify this certificate.
# (i.e. the certificate chain length)
#path_len = -1
# TLS feature extensions (RFC 7633)
-# If the status_request TLS exension is set, OCSP stapling becomes mandatory
+# If the status_request TLS extension is set, OCSP stapling becomes mandatory
#tls_feature = 5
@item GNUTLS_KP_OCSP_SIGNING @tab
1.3.6.1.5.5.7.3.9 @tab
The certificate is to be used for signing OCSP responses. When in a CA certificate, it
-indicates that the CA is allowed to sign certificates which sign OCSP reponses.
+indicates that the CA is allowed to sign certificates which sign OCSP responses.
@item GNUTLS_KP_ANY @tab
2.5.29.37.0 @tab
If any of the smart card operations require PIN, that should be provided
either by setting the global PIN function
-(@funcref{gnutls_pkcs11_set_pin_function}), or better with the targetted to
+(@funcref{gnutls_pkcs11_set_pin_function}), or better with the targeted to
structures functions such as @funcref{gnutls_privkey_set_pin_function}.
As well as any calls needed for memory allocation to work. Note however, that GnuTLS
depends on libc for the system calls, and there is no guarantee that libc will
call the expected system call. For that it is recommended to test your
-program in all the targetted platforms when filters like seccomp are in place.
+program in all the targeted platforms when filters like seccomp are in place.
An example with a seccomp filter from GnuTLS' test suite is at:
@url{http://gitlab.com/gnutls/gnutls/blob/master/tests/seccomp.c}.
Although @funcref{gnutls_record_send} is sufficient to transmit data
to the peer, when many small chunks of data are to be transmitted
it is inefficient and wastes bandwidth due to the TLS record
-overhead. In that case it is preferrable to combine the small chunks
+overhead. In that case it is preferable to combine the small chunks
before transmission. The following functions provide that functionality.
@showfuncdesc{gnutls_record_cork}
into the resulting settings, however with new revisions of the TLS protocol
new priority items are routinely added, and such strings are not
forward compatible with new protocols. As such, we
-advice against using that option for applications targetting multiple versions
+advice against using that option for applications targeting multiple versions
of the GnuTLS library, and recommend using the defaults (see above) or
adjusting the defaults via @funcref{gnutls_set_default_priority_append}.
levels. For the rest of this section we refer to the first as the nonce
generator and the second as the key generator.
-The nonce generator will reseed after outputing a fixed amount of bytes
+The nonce generator will reseed after outputting a fixed amount of bytes
(typically few megabytes), or after few hours of operation without reaching
the limit has passed. It is being re-seed using
the key generator to obtain a new key for the CHACHA cipher, which is mixed
used.
@example
-#inlude <gnutls/abstract.h>
+#include <gnutls/abstract.h>
void sign_cert( gnutls_x509_crt_t to_be_signed)
@{
@showfuncdesc{gnutls_pkcs11_add_provider}
-In that case, the application will only have access to the modules explictly
+In that case, the application will only have access to the modules explicitly
loaded. If the @code{GNUTLS_PKCS11_FLAG_MANUAL} flag is specified and no calls
to @funcref{gnutls_pkcs11_add_provider} are made, then the PKCS #11 functionality
is effectively disabled.
# e.g. content_files=running.xml building.xml changes-2.0.xml
content_files=
-# Files where gtk-doc abbrevations (#GtkWidget) are expanded
+# Files where gtk-doc abbreviations (#GtkWidget) are expanded
# e.g. expand_content_files=running.xml
expand_content_files=
# * my_function
# **/
#
-# If the Description: header tag is ommitted, then there must be a blank line
+# If the Description: header tag is omitted, then there must be a blank line
# after the last parameter specification.
# e.g.
# /**
# parameterlist => @list of parameters
# parameters => %parameter descriptions
# sectionlist => @list of sections
-# sections => %descriont descriptions
+# sections => %section descriptions
#
sub just_highlight {
$contents .= $1."\n";
}
} else {
- # i dont know - bad line? ignore.
+ # i don't know - bad line? ignore.
#print STDERR "warning: $lineno: Bad line: $_";
}
} elsif ($state == 3) { # scanning for function { (end of prototype)
projects / thirdparty / gnutls.git / commitdiff
