Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jul 25 20:38:14 2019 +0200

    bumped version for 3.6.9
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 22 12:43:50 2019 +0200

    gnutls.h: mark AEAD ciphers as such in gnutls_cipher_algorithm_t description
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 22 10:00:51 2019 +0200

    abi-check: correctly bail-out on errors
    
    Added suppressions for _MAX enumerator values.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Karsten Ohme <k_o_@users.sourceforge.net>
Date:   Sat Jun 22 00:39:56 2019 +0200

    Support for Generalname registeredID from RFC 5280 in subject alt name
    
    Added test certificates (cert10.der) with registered ID
    
    Updated Makefile for inclusion of test certificates
    
    Updated SAN unknown test certificates (cert5.der)
    
    Signed-off-by: Karsten Ohme <k_o_@users.sourceforge.net>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 21 10:18:35 2019 +0200

    libgnutls.abignore: added comment linking to syntax
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 21 10:06:22 2019 +0200

    NEWS: updated for upcoming release [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Jul 16 14:41:50 2019 +0200

    Fix documented params for gnutls_certificate_retrieve_function3()
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 14 22:27:50 2019 +0200

    Fixed alerts returned on TLS1.3 corner cases
    
    This enables the tls-fuzzer tests 'test-tls13-certificate-verify.py'.
    
    Resolves: #682
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sun Jul 14 12:17:18 2019 +0300

    nettle/backport: fix xts-backport guarding check
    
    Check for nettle_xts_encrypt_message() function rather than just
    xts_encrypt_message(). All functions in nettle are renamed to contain
    `nettle_` prefix.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Jul 11 21:37:08 2019 +0300

    nettle/gost: support building with GOST-enabled Nettle
    
    Nettle library starts to gain support for GOST algorithms. Support
    building GnuTLS with GOST-enabled nettle library.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Sun Jun 30 08:23:41 2019 +0200

    tests: remove unused destructive/p11-kit-load.sh
    
    This file is replaced with tests/p11-kit-load.sh and
    tests/pkcs11/list-tokens.c.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jun 19 17:21:16 2019 +0200

    pkcs11: ignore login error when traversing tokens
    
    If a token is a general access device, it is expected that login
    attempt to that token returns error:
    https://github.com/p11-glue/p11-kit/blob/master/trust/module.c#L852
    
    On the other hand, _pkcs11_traverse_tokens treats the error as fatal
    and stops iteration.  This behavior prevents object search without
    token specifier if such tokens are registered in the system.
    
    Reported by Stanislav Zidek in
    https://bugzilla.redhat.com/show_bug.cgi?id=1705478
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Jul 8 16:54:56 2019 +0200

    ext/session_ticket: avoid calling memcpy on overlapping memory areas
    
    In _gnutls_encrypt_session_ticket, ticket.encrypted_state is allocated
    from ticket_data->data, thus those memory areas may overlap.  Using
    memcpy here leads to undefined behavior.
    
    Spotted by valgrind run on ppc64le.
    
    ==95231== Source and destination overlap in memcpy(0x47ce3a2, 0x47ce3a2, 160)
    ==95231==    at 0x408A840: memcpy (vg_replace_strmem.c:1023)
    ==95231==    by 0x424EE9F: pack_ticket (session_ticket.c:139)
    ==95231==    by 0x424FA4F: _gnutls_encrypt_session_ticket (session_ticket.c:335)
    ==95231==    by 0x4199E3B: generate_session_ticket (session_ticket.c:249)
    ==95231==    by 0x419A333: _gnutls13_send_session_ticket (session_ticket.c:307)
    ==95231==    by 0x40F8817: _gnutls13_handshake_server (handshake-tls13.c:511)
    ==95231==    by 0x4110DEB: handshake_server (handshake.c:3331)
    ==95231==    by 0x410C70B: gnutls_handshake (handshake.c:2727)
    ==95231==    by 0x10009EBF: retry_handshake (serv.c:1306)
    ==95231==    by 0x1000AB67: tcp_server (serv.c:1500)
    ==95231==    by 0x10009E5B: main (serv.c:1297)
    ==95231==
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 9 10:06:47 2019 +0200

    lib: mark infinite loops explicitly
    
    There were few infinite loop constructions which were checking
    for an always true condition. Make sure that this construction
    is marked explicitly as while(1) to assist static analysers, or
    reviewers.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 9 09:56:24 2019 +0200

    tests: improve coverage of CRQ related functions
    
    That adds sanity check of crq-related functions that were not included
    in the testsuite at all.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 8 19:33:50 2019 +0200

    encode_ber_digest_info: added sanity check
    
    Issue found using oss-fuzz:
     https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15665
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jul 3 21:04:23 2019 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 13 09:13:22 2019 +0200

    testcompat-openssl: added interop test with DTLS 1.2
    
    This tests AES-CBC ciphersuites in isolation, as they are
    prioritized lower than AES-GCM. We want to test them explicitly
    because they have different behavior under EtM.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jun 7 23:22:52 2019 +0200

    tests: added sanity check for rfc7633 behavior
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 7 16:51:30 2019 +0200

    tests: status-request-missing: renamed to rfc7633-missing
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 7 16:39:53 2019 +0200

    status-request-ext: run under all TLS versions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 7 16:35:11 2019 +0200

    tests: status-request: cleanup
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 7 16:34:21 2019 +0200

    tests: status-request-missing: run for all TLS versions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 29 21:02:11 2019 +0200

    gnutls-cli-debug: test whether RSA key exchange is supported
    
    Resolves: #449
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jun 28 21:08:32 2019 +0200

    gnutls_session_get_desc: avoid printing a NULL value
    
    When gnutls_session_set_premaster() is used (under openconnect),
    it is possible that gnutls_session_get_desc will print a string like
    this: "(DTLS1.2)-(ECDHE-(null))-(AES-256-GCM)"
    
    With this change we ensure that we do not print null values.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jun 21 15:49:26 2019 +0200

    nettle/rnd-fips: add FIPS 140-2 continuous RNG test
    
    This adds a continuous random number generator test as defined in FIPS
    140-2 4.9.2, by iteratively fetching fixed sized block from the system
    and comparing consecutive blocks.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Jun 28 16:54:30 2019 +0300

    lib: document gnutls_hmac_fast vs nonce relationship
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Jun 28 00:27:01 2019 +0300

    tests/gnutls_hmac_fast: run test for AES-UMAC-96/-128
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Jun 25 00:12:29 2019 +0300

    nettle: return true for gnutls_mac_exists(AES-CMAC*)
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Jun 28 16:28:58 2019 +0300

    NEWS: add an entry for AES-GMAC algorithms
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Jun 28 00:27:01 2019 +0300

    tests/gnutls_hmac_fast: run test for AES-GMAC-128/-192/-256
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Jun 28 16:19:15 2019 +0300

    nettle/mac: fail mac calculation if nonce is required but not provided
    
    Fail _wrap_nettle_mac_set_nonce() and _wrap_nettle_mac_fast() if MAC
    requires nonce, but it was not supplied.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Jun 28 00:27:04 2019 +0300

    nettle/mac: in mac_fast call set_nonce after set_key
    
    Calling set_nonce before set_key is plain incorrect. For GMAC key is not
    initialized. For UMAC set_key will reset nonce to empty.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Jun 24 20:29:31 2019 +0300

    lib: add support for AES-GMAC
    
    Add support for computing AES-GMAC using MAC API, as requested by Samba
    for SMB3 support.
    
    Resolves: #781
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 28 14:59:19 2019 +0200

    tests: gnutls_x509_crt_list_import: verify that return code is as documented
    
    That checks whether the return code of gnutls_x509_crt_list_import()
    contains the number of loaded certificates.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 28 08:20:31 2019 +0200

    gnutls_x509_crt_list_import2: updated doc to reflect the actual return value options
    
    Resolves: #794
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 29 15:28:28 2019 +0200

    Align _gnutls_x86_cpuid_s as OPENSSL_ia32cap_P would be
    
    We were not setting the third array member correctly, though
    this didn't have any impact to previous implementations as they
    did not rely on it. This also moves away from the custom implementation
    of cpuid (which was limited), and we now rely on the compiler's
    version.
    
    This effectively enables support for SHA_NI.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 26 14:43:19 2019 +0200

    Updated asm files to latest version under cryptogams license
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Jun 26 14:24:42 2019 +0300

    NEWS: document gnutls_hash/hmac_copy addition
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 26 11:27:27 2019 +0200

    gnutls_hash/hmac_copy: check its usability in all cases
    
    During the test suite run we require that all supported
    MAC and hash algorithms implement the copy function.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 26 11:20:25 2019 +0200

    accelerated ciphers: implement hmac and hash copy
    
    This implements the new API to all internal implementations.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Jun 26 11:00:39 2019 +0300

    lib: add support for gnutls_hash_copy()
    
    Add gnutls_hash_copy() function for copying message digest context.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Jun 24 17:42:10 2019 +0300

    crypto-selftests: add test for gnutls_hmac_copy()
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Jun 24 17:38:56 2019 +0300

    api: add gnutls_hmac_copy() function
    
    Add gnutls_hmac_copy() API to duplicate MAC handler state, which is
    necessary for SMB3 support.
    
    Resolves: #787
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 30 01:34:14 2016 +0300

    Add MAC copying support to nettle backend
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 30 01:32:30 2016 +0300

    Add MAC api to support copying of instances
    
    GOST ciphersuites requires continuously computing MAC of all the
    previously sent or received data. The easies way to support that is to
    add support for copy function, that creates MAC instance with the same
    internal state.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 29 10:36:24 2019 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 4 16:25:37 2019 +0200

    config: added ability to override and mark algorithms as disabled
    
    This allows the system administrator or the distributor to use
    the gnutls configuration file to mark hashes, signature algorithms,
    TLS versions, curves, groups, ciphers KX, and MAC algorithms as
    insecure (the last four only in the context of a TLS session).
    It also allows to set a minimum profile which the applications
    cannot fall below.
    
    The options intentionally do not allow marking algorithms as
    secure so that the configuration file cannot be used as an attack
    vector. This change also makes sure that unsupported and disabled protocols
    during compile time (e.g., SSL3.0), do not get listed by gnutls-cli.
    
    The configuration file feature can be disabled at compile time
    with an empty --with-system-priority-file.
    
    This patch it introduces the function gnutls_get_system_config_file()
    allowing applications to check whether a configuration file
    was used.
    
    Resolves: #587
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 3 11:59:37 2019 +0200

    Use inih to parse configuration file
    
    This introduces the inih copylib, and makes our configuration
    file parsing more flexible.
    
    Relates: #587
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jun 19 21:38:32 2019 +0200

    Marked the crypto backend registration APIs as deprecated
    
    This is to warn for a future conversion of these APIs to a no-op.
    
    Resolves: #789
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 19 14:20:26 2019 +0000

    gnutls-cli-debug.sh: sanity check of %ALLOW_SMALL_RECORDS test
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jun 7 11:39:53 2019 +0200

    tlsfuzzer: test both with and without %ALLOW_SMALL_RECORDS
    
    The option changes the behavior of the server, it would make sense to
    check both with and without %ALLOW_SMALL_RECORDS.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jun 7 15:10:36 2019 +0200

    tlsfuzzer: use fixed HTTP response for record_size_limit tests
    
    Previously those tests assumed varying sizes of connection information
    gnutls-serv sends.  This is too brittle and if the default algorithm
    has changed the tests need to be updated.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jun 7 14:54:58 2019 +0200

    gnutls-serv: add --httpdata option to respond with fixed sized data
    
    By default, the gnutls-server --http responds with the connection
    information.  While this is useful for manual testing, fixed content
    would be more desirable for automated testing.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jun 7 11:37:37 2019 +0200

    gnutls-cli-debug: check if %ALLOW_SMALL_RECORDS is required
    
    This adds a new test against the server to check if
    %ALLOW_SMALL_RECORDS is required to continue communicating with the
    server.  The test is in two parts: one to check if the server accepts
    records with the default size (512 bytes) and the other is to check if
    %ALLOW_SMALL_RECORDS helps if the previuos test fails.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jun 19 14:36:31 2019 +0200

    gnutls-serv: add --recordsize option
    
    This adds a means to set maximum record size to receive.  If the size
    is less than our default (< 512), --priority with %ALLOW_SMALL_RECORDS
    also needs to be specified.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Karsten Ohme <k_o_@users.sourceforge.net>
Date:   Wed Jun 19 07:51:16 2019 +0200

    Corrected call for updating ABI files
    
    Signed-off-by: Karsten Ohme <k_o_@users.sourceforge.net>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 16 14:08:54 2019 +0200

    doc: updated p11-kit links [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Jun 15 11:38:46 2019 +0200

    CONTRIBUTING.md: Fix syntax error  [ci skip]
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Wed Jun 12 11:37:39 2019 +0200

    guile: Add support for post-handshake reauthentication.
    
    * guile/modules/gnutls/build/enums.scm (%connection-flag-enum): New
    variable.
    (%gnutls-enums): Add it.
    * guile/modules/gnutls.in: Export 'reauthenticate',
    'connection-flag->string', and all the 'connection-flag/' bindings.
    * guile/src/core.c (scm_gnutls_make_session): Add rest arguments FLAGS
    and honor it.
    (scm_gnutls_reauthenticate): New function.
    * guile/tests/reauth.scm: New file.
    * guile/Makefile.am (TESTS): Add it.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Wed Jun 12 11:32:19 2019 +0200

    guile: Loop or poll upon GNUTLS_E_AGAIN and GNUTLS_E_INTERRUPTED.
    
    * guile/src/core.c (do_fill_port) [USING_GUILE_BEFORE_2_2]: Loop while
    'gnutls_record_recv' returns GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED.
    (read_from_session_record_port) [!USING_GUILE_BEFORE_2_2]: Likewise, and
    return -1 if SCM_GNUTLS_SESSION_TRANSPORT_IS_FD and we got GNUTLS_E_AGAIN.
    (session_record_port_fd) [!USING_GUILE_BEFORE_2_2]: New function.
    (scm_init_gnutls_session_record_port_type) [!USING_GUILE_BEFORE_2_2]:
    Call 'scm_set_port_read_wait_fd'.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Fri Jun 7 11:06:18 2019 +0200

    guile: Add bindings for 'gnutls_error_is_fatal'.
    
    * guile/src/errors.c (scm_gnutls_fatal_error_p): New function.
    * guile/modules/gnutls.in: Export 'fatal-error?'.
    * guile/tests/errors.scm: test 'fatal-error?'.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Fri Jun 7 10:34:42 2019 +0200

    guile: Update list of error values.
    
    * guile/modules/gnutls/build/enums.scm (%error-enum): Update list of
    error constants.
    * guile/modules/gnutls.in (gnutls): Adjust exports accordingly.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jun 12 14:02:05 2019 +0200

    fips: run selftests over overridden AES-CBC algorithm
    
    Previously, we only tested nettle's AES-CBC in
    _gnutls_fips_perform_self_checks1(), which is called before the
    implementation is overridden.  This adds an AES-CBC self-test in
    _gnutls_fips_perform_self_checks2() so it can test the actual
    implementation.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Jun 6 18:30:28 2019 +0200

    guile: Deprecate OpenPGP bindings.
    
    * guile/modules/gnutls.in (define-deprecated): New macro.
    Use it for all the *openpgp* bindings.
    * guile/src/core.c: Rename *openpgp* bindings with a '%' prefix.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 10 22:12:09 2019 +0200

    gnutls_privkey_sign_hash2: accept the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA flag
    
    Previously this flag was ignored, although documented not to.
    This patch also enables the tests sign-verify-newapi and sign-verify-data-newapi
    which were supposed to test this interface, but were never enabled.
    
    This was caught by Andreas Metzler.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 30 13:49:22 2019 +0200

    tests: removed debugging output from GETPORT
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 8 19:19:03 2019 +0200

    .gitlab-ci.yml: include top log files in all build failures [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Fri Jun 7 10:16:02 2019 +0200

    guile: Remove unbounded uses of 'alloca'.
    
    * guile/src/core.c (ALLOCA_MAX_SIZE, FAST_ALLOC): New macros.
    (set_certificate_file):
    (scm_gnutls_set_certificate_credentials_x509_key_files_x)
    (scm_gnutls_set_srp_server_credentials_files_x)
    (scm_gnutls_set_srp_client_credentials_x)
    (scm_gnutls_srp_base64_encode, scm_gnutls_srp_base64_decode)
    (scm_gnutls_set_psk_server_credentials_file_x)
    (scm_gnutls_pkcs8_import_x509_private_key)
    (scm_gnutls_x509_certificate_matches_hostname_p)
    (scm_gnutls_import_openpgp_private_key): Use 'FAST_ALLOC' instead of
    'alloca'.
    * guile/src/utils.c: Remove unneeded <alloca.h> include.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Fri Jun 7 10:11:12 2019 +0200

    guile: Always provide 'scm_gc_malloc_pointerless'.
    
    * guile/src/core.c (scm_gc_malloc_pointerless)
    [!HAVE_SCM_GC_MALLOC_POINTERLESS]: New macro.
    (make_session_record_port): Remove #ifdef HAVE_SCM_GC_MALLOC_POINTERLESS.
    
    Signed-off-by: Ludovic Courtès <ludo@gnu.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jun 5 16:48:39 2019 +0200

    tls13/key_update: ignore multiple key updates instead of error
    
    This fixes the multiple KeyUpdate messages handling in commit
    65e2aa80d114d4bef095d129c2eda475e473244a, where illegal_parameter is
    sent even if the limit doesn't exceed.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Jun 3 21:53:05 2019 +0200

    Prefix gcc attributes with 'attr_'
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 3 13:26:18 2019 +0200

    gnutls_prf_early: corrected Since version [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Jun 2 12:42:16 2019 +0200

    Fix warn_unused_result for clang < 4
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 1 16:18:50 2019 +0200

    .gitlab-ci.yml: switched fedora to latest version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 30 14:42:52 2019 +0200

    Makefile.am: do not create files when it shouldn't
    
    If a pdf or html file is not distributed, previously `make dist`
    would create a file called '*.pdf' which did not make sense. This
    addresses this problem.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 25 21:17:27 2019 +0200

    Do not regenerate autogen files if --enable-local-libopts is given
    
    This addresses issue on installed systems which have autogen but
    use --enable-local-libopts. In these systems if the installed autogen
    would not match the local libopts library version compilation would
    fail because the auto-generated files depend on the corresponding to
    autogen version libopts internals.
    
    Resolves: #772
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 27 15:16:52 2019 +0200

    Remove malloc from gnutls_srp_set_server_fake_salt_seed()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon May 20 12:49:51 2019 +0200

    gnutls_session_set_data(): Check for allocation error
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon May 20 12:46:54 2019 +0200

    _gnutls_set_[str]datum: Cleanup, add function attributes
    
    _gnutls_set_datum(): Do not change output 'dat' on error
    _gnutls_set_strdatum: Likewise, cleanup code
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue May 21 11:17:39 2019 +0200

    Add nonnull, nonnull_all and warn_unusd_result attributes in lib/gnutls_int.h
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 28 07:05:46 2019 +0200

    doc: do not distribute pdf files
    
    It compicates the 'make dist' phase and does not add much
    value as the files are available from the web site.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 28 06:45:56 2019 +0200

    released 3.6.8
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 27 22:34:42 2019 +0200

    minor updates in the latex version of the manual [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 27 21:29:44 2019 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 26 21:35:19 2019 +0200

    RELEASES.md: document the releases policy [ci skip]
    
    This adds a file to document the policy on releases based on
    the discussions taken place in the last face to face meeting.
    
    https://gitlab.com/gnutls/gnutls/wikis/face2face-meeting-fosdem2019
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 24 12:59:13 2019 +0200

    .gitlab-ci.yml: ensure that the LIBS variable is empty after a configure run
    
    We do not use this variable as it is global and applies to all of
    tests, applications and library, and when it is set it is usually due to
    bugs in configure.ac.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu May 23 21:20:49 2019 +0200

    Do not add libraries in the global LIBS in configure
    
    This ensures that libraries are linked with the programs
    requiring them.
    
    Resolves: #735
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 23 11:41:45 2019 +0200

    bumped version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 24 05:46:18 2019 +0200

    tests: prf-early fixes the global version
    
    This allows having fixed data in the hello message involved.
    That required exposing the variable holding the global gnutls
    version number for testing.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu May 23 21:32:58 2019 +0200

    certtool: corrected typo in manual [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu May 23 21:11:58 2019 +0200

    Revert "bumped version"
    
    In order to make the CI functional again. The version number update
    seems to conflict with tests/tls13/prf-early.sh
    
    This reverts commit d34d93b8713cf10235ce7016fd69b6932b0752c0.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 23 15:29:23 2019 +0200

    tests: prf-early.sh: use the static flag of datefudge
    
    This eliminates unexpected failures of the test in slower systems.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 23 15:41:19 2019 +0200

    tlsfuzzer: reverted accidental move to incorrect version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 23 11:44:12 2019 +0200

    NEWS: doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 23 11:41:45 2019 +0200

    bumped version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Wed May 22 15:08:45 2019 -0400

    Pass down Q for FFDHE in al pre TLS1.3 as well
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Tue May 21 09:40:01 2019 -0400

    Check Q for FFDHE primes in prime-check
    
    These are mersenne primes so q = (p - 1) / 2
    We check that p = (q * 2) + 1
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Mon May 20 17:13:12 2019 -0400

    Always pass in and check Q in TLS 1.3
    
    In FIPS mode do an extra check that we did have Q, but it is always
    passed into the tls13 derive function from the callers.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri May 17 14:05:37 2019 -0400

    Add plumbing to handle Q parameter in DH exchanges
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Tue May 14 18:38:33 2019 -0400

    Add test to ensure ECDH exchange behaves correctly
    
    This test ensures that public keys are properly tested for validity
    before a ECDH exchange is computed.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri May 10 14:49:05 2019 -0400

    Add test to ensure DH exchange behaves correctly
    
    This test ensures that public keys are properly tested for validity
    before a DH exchange is computed.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri May 3 12:32:56 2019 -0400

    Add Full Public Key Check for DH
    
    This is for NIST SP800-56A requirements and FIPS CAVS testing.
    GnuTLS never passes in a non-empty Q for normal operations, but tests will
    and if Q is passed in it needs to be checked.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Wed May 1 10:57:51 2019 -0400

    Fix Copy&Paste error
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed May 22 10:39:27 2019 +0200

    tls13/key_update: increase handling limit from 1 to 8
    
    The limit was too small when testing the capability of handling
    multiple KeyUpdate messages with tlsfuzzer.
    
    This requires a change in the rate limit logic, as previously it
    doesn't count the KeyUpdate messages despite the name of
    KEY_UPDATES_PER_SEC.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed May 22 11:51:57 2019 +0200

    tlsfuzzer: use %ALLOW_SMALL_RECORDS for testing
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed May 22 11:16:03 2019 +0200

    priority: add new option to allow small records (>= 64)
    
    There is a mismatch in the lower limit of record sizes in RFC
    8449 (64) and our default (512).  If the server advertises a smaller
    limit than our default, the client has no way to keep communicating
    with the server.
    
    This patch adds a new priority string option %ALLOW_SMALL_RECORDS to
    set the limit to 64.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue May 21 08:32:21 2019 +0200

    record_add_to_buffers: check if there is an incomplete handshake header
    
    The function checks if a Handshake message is interleaved with an
    Application Data, but the check was insuffient because it assumed that
    a complete header is received in the buffer.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri May 17 11:51:00 2019 +0200

    algorithms: eliminate the FFDHE alert desc requirement
    
    This implements the errata for RFC 7919 eliminating the requirement to
    reply with an insufficient_security alert when we have negotiated an
    FFDHE group, but cannot find common ciphersuite:
    https://www.rfc-editor.org/errata/eid4908
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Aleksei Nikiforov <darktemplar@basealt.ru>
Date:   Fri May 17 14:44:06 2019 +0300

    Mark second argument of function gnutls_x509_crt_equals2 as const
    
    This will allow using this function with certificates
    returned by function gnutls_certificate_get_peers
    without casts dropping const qualifier or
    making temporary copies out of retrieved data.
    
    Signed-off-by: Aleksei Nikiforov <darktemplar@basealt.ru>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 21 08:22:08 2019 +0200

    tests: verify functionality of GNUTLS_VERIFY_DISABLE_CA_SIGN flag
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Kenneth J. Miller <ken@miller.ec>
Date:   Mon Apr 15 17:56:13 2019 +0200

    pubkey: remove deprecated TLS1_RSA flag check
    
    The gnutls_certificate_verify_flags comparisons against
    OLD_PUBKEY_VERIFY_FLAG_TLS1_RSA conflicts with
    GNUTLS_VERIFY_DISABLE_CA_SIGN and no longer seems to be used in calls to
    both gnutls_pubkey_verify_data2 and gnutls_pubkey_verify_hash2 as it
    seems to have been fully replaced by GNUTLS_VERIFY_USE_TLS1_RSA.
    
    Resolves: #754
    
    Signed-off-by: Kenneth J. Miller <ken@miller.ec>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 21 05:54:35 2019 +0200

    x509.h: corrected typo in newly introduced definition
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 20 21:34:30 2019 +0200

    x509.h: removed stray '%'
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 20 16:13:12 2019 +0200

    certtool: CA certificates will contain the digital signature key usage flag
    
    This change ensures that all certificates will contain the digital
    signature key usage flag if that's specified in the template.
    
    Resolves: #767
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 20 14:40:31 2019 +0200

    Added profile to correspond to the future security parameter
    
    It seems that the FUTURE security level parameter was added
    without a corresponding verification profile. This patch address
    the issue by introducing it.
    
    Resolves: #770
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 20 15:47:41 2019 +0200

    tests: added unit tests of utc and generalTime convertor
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Apr 29 19:03:55 2019 +0200

    server auth: disable TLS 1.3 if no signature algorithm is usable
    
    This is a server side counterpart of
    005a4d04145707daad9588acedfdb5f6cd97c80c.
    
    Instead of signalling an error when no algorithm is usable in TLS 1.3,
    it downgrades the session to TLS 1.2 with a warning.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 18 21:13:10 2019 +0200

    algorithms/secparams.c: fixed indentation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 20 14:34:56 2019 +0200

    gnutls-serv: GERR macro will output in stderr
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon May 20 11:10:11 2019 +0200

    Apply STD3 ASCII rules in gnutls_idna_map()
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri May 10 11:42:46 2019 +0200

    Fix _Thread_local for C99 installed in C11 environments
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri May 10 11:27:32 2019 +0200

    Remove redundant typedef of Tspi_Context_GetTpmObject_func()
    
    Gcc 4.4 errors out on this.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed May 15 09:47:24 2019 +0200

    Update gnulib for gcc-9 manywarnings
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 14 21:39:46 2019 +0200

    Check all memory allocation in examples and certtool
    
    Resolves: #739
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 25 17:08:43 2019 +0200

    ext/record_size_limit: distinguish sending and receiving limits
    
    The previous behavior was that both sending and receiving limits are
    negotiated to be the same value.  It was problematic when:
    
    - client sends a record_size_limit with a large value in CH
    - server sends a record_size_limit with a smaller value in EE
    - client updates the limit for both sending and receiving, upon
      receiving EE
    - server sends a Certificate message larger than the limit
    
    With this patch, each peer maintains the sending / receiving limits
    separately so not to confuse with the contradicting settings.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue May 7 14:49:05 2019 +0300

    lib/nettle: fix carry flag in Streebog code
    
    Fix carry flag being calculated incorrectly in Streebog code.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri May 10 13:31:23 2019 +0200

    Fix endless looping GETPORT in tests/scripts/common.sh
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 10 06:30:12 2019 +0200

    _gnutls_srp_entry_free: follow consistent behavior in freeing data
    
    _gnutls_srp_entry_free would previously not free any parameters that
    were known to gnutls to account for documented behavior of
    gnutls_srp_set_server_credentials_function(). This was not updated
    when the newly added 8192 parameter was added to the library.
    
    This introduces a safety check for generator parameters, even though
    in practice they are the same pointer.
    
    Resolves: #761
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed May 8 22:08:18 2019 +0200

    dane.h: added multiple inclusion header guard
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed May 8 21:52:54 2019 +0200

    tools: suppress ctime() error from static analysers
    
    This function is not thread safe and can be easily misused
    even in single threaded scenarios (one such minor bug fixed).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed May 8 22:05:10 2019 +0200

    accelerated: added header guards
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed May 1 20:33:28 2019 +0200

    Add or clean header guards in lib/nettle
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:22:59 2019 +0200

    Add or clean header guards in tests/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:19:01 2019 +0200

    Add or clean header guards in src/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:11:13 2019 +0200

    Add or clean header guards in lib/x509/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:08:27 2019 +0200

    Add or clean header guards in lib/tls13/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:05:32 2019 +0200

    Add or clean header guards in lib/extras/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:03:07 2019 +0200

    Add or clean header guards in lib/ext/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 11:55:37 2019 +0200

    Add or clean header guards in lib/auth/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Mar 14 21:21:50 2019 +0100

    Add or clean header guards in lib/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Apr 24 21:21:12 2019 +0200

    Add 'Header guards' section in CONTRIBUTING.md
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Daniel Schaefer <git@danielschaefer.me>
Date:   Sun May 5 14:35:02 2019 +0200

    guile: Properly format guile configure options
    
    Without the square brackets autoconf turns hyphens into underscores,
    which is not what we want or what the help says.
    
    Signed-off-by: Daniel Schaefer <git@danielschaefer.me>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 3 19:10:03 2019 +0200

    gnutls_sign_list: document the non-thread-safeness
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Apr 30 14:42:51 2019 +0200

    crypto: add private API to retrieve internal IV
    
    For FIPS validation purposes, this adds a new function
    _gnutls_cipher_get_iv() that exposes internal IV after encryption and
    decryption.  The function is not generally useful because the IV value
    can be easily calculated from the initial IV and the subsequent
    ciphertext but for FIPS validation purposes.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Apr 29 13:15:33 2019 +0200

    abi-check: supply --hd2 to abi-check-latest target
    
    To suppress changes in internal structures.
    Suggested by Nikos Mavrogiannopoulos.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 20 18:46:23 2019 +0200

    certtool: refuse to accept an incompatible key type
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 15 14:32:55 2019 +0200

    certtool: generate RSA-PSS certificates from RSA keys
    
    When generating certificates it was not possible to generate
    an RSA-PSS certificate from an RSA key (common scenario). This
    fixes the certificate generation to include such a method.
    
    Ironically there was a test for this scenario but the test
    was limited to checking that the combination of certtool parameters
    succeeded; modified the test to check the textual expression of
    the certificate for the RSA-PSS indicators.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Apr 19 22:04:24 2019 +0200

    tls13/session_ticket: use the same ticket_age_add regardless of endianness
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Apr 19 16:59:31 2019 +0200

    tls13/session_ticket: avoid UB regarding 64-bit time encoding
    
    On 32-bit platform, struct timespec.tv_sec can be signed 32-bit and
    thus right shifting 32 could be an undefined behavior.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Apr 19 08:12:56 2019 +0200

    tests: make datefudge check robuster
    
    When checking datefudge availability under cross-compiling environment
    with a binfmt wrapper, it is not sufficient to check against the host
    executable.  This instead uses a test executable compiled for the
    target architecture.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 14:35:32 2019 +0200

    serv, cli: add --keymatexport option
    
    This adds --keymatexport and --keymatexportsize options to both
    gnutls-serv and gnutls-cli.  Those would be useful for testing
    interoperability with other implementations.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 12:11:00 2019 +0200

    prf: add function to retrieve early keying material
    
    This adds a new function gnutls_prf_early, which shall be called in a
    handshake hook waiting for GNUTLS_HANDSHAKE_CLIENT_HELLO.  The test
    needs to be run in a datefudge wrapper as the early secrets depend on
    the current time (through PSK).
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 12:07:00 2019 +0200

    handshake: generate early exporter secret
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 12:00:46 2019 +0200

    handshake: move early secrets calculation to pre_shared_key
    
    TLS 1.3 Early Secret and the derived keys are calculated upon a PSK
    being selected, thus the code fits better in ext/pre_shared_key.c.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 12:10:00 2019 +0200

    tests/tls13/prf: check if the exported material matches on server
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 11:23:26 2019 +0200

    prf: centrally define "exporter" label in handshake.h
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Thu Apr 18 18:43:30 2019 +0200

    doc: Add documentation for GNUTLS_CERT_IGNORE
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Apr 16 14:27:10 2019 +0200

    p11tool: copy vendor query attributes when listing privkeys
    
    When listing private keys on a specified token, "pin-value" is
    ignored and the tool looks for GNUTLS_PIN, because it internally
    strips out vendor query attributes from the original URL.
    
    This also replaces the global uses of GNUTLS_PIN envvar in
    testpkcs11.sh to check the case where the envvar is not in effect.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 7 13:22:21 2019 +0200

    abi-check: simplify ABI comparison using libabigail tools
    
    These have output ABI format compatibility and that means we can
    take snapshots to test ABI against. We also hard-code explicitly
    the SONAME version to ensure no accidental SONAME bumps happen.
    
    This patch also moves symbols.last in the devel/ subdirectory
    and no internal files are shipped.
    
    Relates: #292
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 7 18:29:02 2019 +0200

    .gitignore: ignore tests/libpkcs11mock2.la
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 7 14:30:30 2019 +0200

    gnutls.h: re-define GNUTLS_CRT_RAWPK
    
    This was available before 3.6.4, and was incorrectly removed.
    It was found using libabigail tools.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Bernhard M. Wiedemann <bwiedemann@suse.de>
Date:   Sun Apr 14 16:53:52 2019 +0200

    Extend test cert to 2049-05-27
    
    instead of expiring in 2024-02-29
    This update did not trigger y2038 bugs on 32-bit systems.
    
    Without this patch, one test fails after 2024:
     doit:124: rsa pss key: gnutls_x509_crt_verify_data2                    |
     FAIL x509sign-verify (exit status: 1)
    
    Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>

Author: Andreas Metzler <gitlab@bebt.de>
Date:   Sun Apr 14 15:25:31 2019 +0000

    Fix link error with gcc-9
    
    Use LDADD instead of LDFLAGS to link test cipher-openssl-compat against
    libcrypto. This fixes a build error with gcc9 which passes the linker
    option --as-needed by default.
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 14 16:15:23 2019 +0200

    doc: mark TLS1.2 functions as such [ci skip]
    
    gnutls_cipher_suite_get_name and gnutls_session_get_master_secret
    are marked as TLS1.2 or earlier-only as they cannot be used with
    TLS 1.3.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 13 08:37:50 2019 +0200

    gnutlsxx.h: removed fixme comments [ci skip]
    
    They served no purpose.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 13 08:33:57 2019 +0200

    gnutls-cli: renamed global variable name
    
    That is because the same variable name is used by local
    variables as well.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Apr 11 09:46:21 2019 +0200

    Fix WIN32 custom push/pull functions
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
    Reported-by: J. Ali Harlow (@j_ali on Gitlab.com)

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Apr 9 18:20:15 2019 +0200

    tests: fix race condition in tls13/post-handshake-with-cert-pkcs11
    
    The test had a strange setup of server/client processes: the server
    runs in a child process and the client runs in a parent process.  The
    intention behind this was to detect softhsm availability in the parent
    process and exit with 77 if missing.  However, there was a potential
    race when the server exits and proceeds to the next call of start().
    
    This fixes the process setup and moves the softhsm detection at the
    program startup.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Tue Apr 9 19:01:46 2019 +0300

    build: rename guile variables to match upstream names
    
    Reduce confusion between the upstream terms and the gnutls terms.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Wed Apr 3 18:42:26 2019 +0300

    build: allow override guile system location
    
    guile has three settings acquired from system:
    * GUILE_SITE
    * GUILE_SITE_CCACHE
    * GUILE_EXTENSION
    
    The <guile-2.2 m4 macro exposed only GUILE_SITE while build tried to guess the
    other variables based on the $libdir of the gnutls which may be different.
    
    The >=guile-2.2 m4 macro provides all settings for build to use as default,
    while allowing to override each.
    
    Resolves: #748
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Marius Bakke <mbakke@fastmail.com>
Date:   Tue Apr 9 14:17:09 2019 +0200

    Makefile.am: Don't assume autoopts-config returns a single dash.
    
    On distributions such as Nix or Guix, `autoopts-config libsrc` may
    return something along the lines of
    "/gnu/store/...-autogen-5.18.16/share/autogen/libopts-42.1.17.tar.gz".
    
    * Makefile.am (libopts-check): Print only the last field from
    autoopts-config output.
    
    Signed-off-by: Marius Bakke <mbakke@fastmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Apr 9 12:19:00 2019 +0200

    Pass CI commit check if branches are 'even'
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Mon Apr 8 20:34:24 2019 +0300

    tests: cert-tests: crl: cleanup files
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Tue Apr 9 07:59:53 2019 +0300

    ci: refresh the cache due to failures in debian
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 7 13:03:20 2019 +0200

    CONTRIBUTING.md: document unit testing method of internal functions [ci skip]
    
    Resolves: #749
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 4 16:51:28 2019 +0200

    tests: add post-handshake auth test using PKCS#11 token
    
    This adds a test that exercise the client's auth rejection logic,
    using the RSA-PSS disabled PKCS #11 token.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 4 16:40:11 2019 +0200

    tests: add mock PKCS#11 module disabling RSA-PSS
    
    This adds libpkcs11mock2.so, which wraps SoftHSM but filters out the
    use of the CKM_RSA_PKCS_PSS mechanism.  That way we can simulate the
    situation where the certificate is RSA while the private key cannot be
    used for RSA-PSS.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 6 08:34:43 2019 +0200

    nettle: include config.h before checking for definitions
    
    This makes sure that we don't include the internal backport
    if compiled with a version of nettle that includes that code.
    We also exclude nettle/backport from the static analyzer's list
    as it contains files outside our control (from nettle project).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Date:   Thu Mar 28 23:04:13 2019 +0100

    gnutls_memset(): calling explicit_bzero() is enough to zero-fill a buffer
    
    If we use explicit_bzero() to zero-fill a buffer in gnutls_memset() we
    don't need to zero it again via a volatile trick later in this function.
    
    Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>

Author: Elta Koepp <elta_koepp@gmail.com>
Date:   Fri Apr 5 10:04:12 2019 -0400

    [OSCP] Fix : null pointer resp
    
    Signed-off-by: Elta Koepp <elta_koepp@gmail.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 4 17:01:24 2019 +0200

    cert auth: reject auth if no signature algorithm is usable in TLS 1.3
    
    Previously, when there is no overlap between usable signature
    algorithms and the "signature_algorithms" extension in Certificate
    Request, the client failed in sending Certificate Verify, followed by
    a connection close.  In TLS 1.3, it is possible to keep the connection
    but reject the authentication by not sending Certificate Verify.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Apr 1 14:14:12 2019 +0200

    handshake: remove unnecessary HSK_CRT_SENT flag
    
    Previously, while the flag HSK_CRT_SENT was checked in
    _gnutls13_send_certificate_verify, the flag was never set anywhere.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 3 11:59:37 2019 +0200

    .gitlab-ci.yml: do not run commit-check on master branch
    
    That is, because there are no diffs to check.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri Mar 29 14:01:14 2019 -0400

    Fix check_if_signed
    
    Fix the target branch we check against by adding upstream as remote.
    
    Drop the use of set -e as this causes the shell to immediately exit on
    errors instead of allowing the code to check the failure and report what
    it faled about.
    
    Also print which commits are being checked and what information was found
    so that a CI failure can be better diagnosed.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 30 05:37:02 2019 +0100

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri Oct 19 15:53:27 2018 -0400

    Vendor in XTS functionality from Nettle
    
    If nettle's XTS is not available, use a vendored in version from master.
    This is necessary as long as we need to link against 3.4 for ABI
    compatibility reasons.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 29 06:08:06 2019 +0100

    fuzz: improvements in gnutls_x509_verify_fuzzer [ci skip]
    
    Added a larger set of corpus (generated with afl-fuzz), and made
    sure that the fuzzer application crashes if verification succeeds.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Mar 28 10:41:13 2019 +0100

    Let check_if_signed fail if git fails
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Elta Koepp <alexi_2019@protonmail.com>
Date:   Wed Mar 27 13:38:50 2019 +0000

    Update ocsptool-common.c

Author: Elta Koepp <alexi_2019@protonmail.com>
Date:   Wed Mar 27 12:55:55 2019 +0000

    Detect malloc failure.
    
    malloc(data.size + 1) maybe returns NULL on failure.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 27 07:21:31 2019 +0100

    released 3.6.7
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Mar 25 16:06:39 2019 +0100

    handshake: add missing initialization of local variable
    
    Resolves: #704
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 25 15:47:51 2019 +0100

    fuzz: added fuzzer for certificate verification
    
    This also adds a reproducer for CVE-2019-3829.
    
    Resolves: #694
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 26 16:11:42 2019 +0100

    bumped version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date:   Tue Mar 26 11:05:06 2019 +0100

    fips140: Perform SHA-3 self tests
    
    It is required to perform the self tests to validate SHA-3
    implementation.
    
    Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 24 08:37:05 2019 +0100

    tools: removed unused code
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Ke Zhao <kzhao@redhat.com>
Date:   Thu Mar 21 11:27:24 2019 -0400

    gnutls-cli: Fix output with option "--logfile"
    
    The X.509 connection would still print informational message to the
    stdout by default. Move that output to logfile and add x509 functionality
    test in the test suite.
    
    Signed-off-by: Ke Zhao <kzhao@redhat.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sat Mar 23 00:38:17 2019 +0200

    configure.ac: remove --with-guile-site-dir
    
    The hack of distcheck is not known and should not be the default as the
    GUILE_SITE_DIR macro is the default expected behavior.
    
    There is little value in specifying any other location of the site-dir as it
    is out of the guile configuration so best to remove.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 20 11:40:15 2019 +0100

    _x509_en/decode_provable_seed: clarified purpose of functions [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 1 11:15:47 2019 +0100

    handshake: increase the default number of tickets we send to 2
    
    This makes it easier for clients which perform multiple connections
    to the server to use the tickets sent by a default server. That's
    because 2 tickets allow for 2 new connections (if one is using each
    ticket once as recommended), which in turn lead to 4 new and so on.
    
    Resolves: #596
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 23 21:02:56 2019 +0100

    Improved estimation of wait in gnutls_session_get_data2
    
    Previously we would wait an arbitrary value of 50ms for the
    server to send session tickets. This change makes the client
    wait for the estimated single trip time + 60 ms for the server
    to calculate the session tickets. This improves the chance
    to obtain tickets from internet servers during the call of
    gnutls_session_get_data2().
    
    Resolves: #706
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 16 19:59:07 2019 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Ke Zhao <kzhao@redhat.com>
Date:   Wed Mar 6 13:23:24 2019 -0500

    gnutls-cli: Add option "--logfile" to redirect information message output
    
    First, add an option "--logfile" so user could choose a specific file to
    store all the informational messages. In some cases, informational
    messages may cause unexpected result if the output is standard output.
    
    With this option, user could redirect these messages to a specific
    file. This will be helpful in testing and tracking.
    
    Second, replace printf() function with log_msg() function
    
    This log_msg() function is used when "--logfile" is enabled.
    
    Third, add a functionality test for "--logfile" option
    
    Add a test script to test if "--logfile" option works as it should be.
    
    Signed-off-by: Ke Zhao <kzhao@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 15 17:00:17 2019 +0100

    Removed all FIXME comments in code [ci skip]
    
    We expand informational comments on limitations, but with removing
    FIXME (keyword didn't help fixing these), and remove completely unhelpful
    comments, obsolete ones, or comments about ideas.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 13 15:14:37 2019 +0100

    pkcs11: security officer login implies writable session
    
    According to the PKCS#11 v2.30, 6.7.1 there are no read-only Security Officer
    sessions.
    
    Resolves: #721
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Steve Lhomme <robux4@ycbcr.xyz>
Date:   Wed Mar 13 14:54:28 2019 +0000

    inet_ntop is available in Windows but not via arpa/inet.h
    
    It's found in ws2tcpip.h which is already included in gnutls_int.h
    
    arpa/inet.h doesn't exist on Windows, so add arpa_inet to the list of headers
    replaced by gnulib if not found.
    
    Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Mar 7 10:16:46 2019 +0100

    Update the GNU Free Documentation License (FDL)
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Feb 25 10:36:36 2019 +0100

    Fix URL of ABI compliance checker
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Feb 25 10:32:24 2019 +0100

    Fix URLs of p11-kit
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Feb 5 17:00:41 2019 +0100

    Use https:// in lib/, src/, and m4/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Feb 5 16:56:08 2019 +0100

    Use https:// for arbitrary files #1
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Feb 5 16:44:37 2019 +0100

    Use https:// for www.iana.org
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Feb 5 16:25:25 2019 +0100

    Use https:// for csrc.nist.gov
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Feb 5 16:22:43 2019 +0100

    Use https:// for www.gnu.org and www.example.com
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 13 09:03:39 2019 +0100

    .gitlab-ci.yml: updated cache key name
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 10 13:59:32 2019 +0100

    tests: verify that 'certtool -i --outder' does not output text
    
    A common regression in the past, was certtool outputting text while
    writing raw DER data. Ensure that the certificate-info option does not
    regress.
    
    Resolves: #627
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 9 21:50:46 2019 +0100

    SECURITY.md: updated to reflect the current practice [ci skip]
    
    This change updates the SECURITY guidelines to reflect the current
    practice (no special security releases), and thus refer directly
    to the upcoming or following release. Furthermore, it removes
    any mention of absolute time, as the release cadence is already
    fixed to bi-monthly.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 9 21:14:39 2019 +0100

    doc: removed cyclo subdir
    
    This directory had a makefile which was intended to calculate the cyclomatic
    complexity, however that was not functional, and not related with gnutls'
    documentation.
    
    Resolves: #727
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 8 20:17:49 2019 +0100

    NEWS: fix NEWS entries [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Mar 4 17:17:47 2019 +0100

    tls13/certificate: utilize "certificate_required" alert
    
    This could make errors more distinguishable when the client sends no
    certificates or a bad certificate.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Feb 27 18:38:09 2019 +0100

    alert: recognize "certificate_required"
    
    This may be sent if the server received an empty Certificate message.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date:   Fri Jan 18 13:17:46 2019 +0100

    .gitlab-ci.yml: Test FIPS HMAC self-test
    
    This enables the integrity self-tests in FIPS140 test build.
    
    Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date:   Fri Jan 11 11:23:21 2019 +0100

    fips140: Ignore newlines read at the end of HMAC file
    
    This makes the integrity check to ignore newlines appended after the
    HMAC value.
    
    Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Author: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Date:   Thu Jan 10 14:04:02 2019 +0100

    fips140: Fix the names of files used in integrity checks
    
    The names of the libraries haven't been updated when the soname version
    were bumped.
    
    Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Author: Bas van Schaik <gitlab.com@s.traiectum.net>
Date:   Thu Feb 28 22:15:26 2019 +0000

    Create .lgtm.yml for LGTM.com C/C++ analysis
    
    Signed-off-by: Bas van Schaik <gitlab.com@s.traiectum.net>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 25 14:41:24 2019 +0100

    .gitlab-ci.yml: added thread sanitizer run
    
    This checks for unsafe uses of variables in our included threaded
    tests.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 25 14:35:16 2019 +0100

    Protected _gnutls_epoch_get from _gnutls_epoch_gc on false start
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 25 15:11:19 2019 +0100

    gnutls_record_send2: try to ensure integrity of operations on false and early start
    
    This adds a double check in the sanity check of gnutls_record_send2()
    for the initial_negotiation_completed value, making sure that the
    check will be successful even in parallel operation of send/recv.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 24 21:13:27 2019 +0100

    mini-dtls-pthread: renamed and fixed several shortcomings
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 24 00:19:21 2019 +0100

    Make false start and early start multi-thread recv/send safe
    
    An application that is sending and receiving from different threads
    after handshake is complete cannot take advantage of false start because
    gnutls_record_send2() detects operations during the handshake process
    as invalid.
    
    Because in early start and false start the remaining handshake process needs
    only to receive data, and the sending side is already set-up, this error
    detection is bogus. With this patch we remove it.
    
    Resolves: #713
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 23 18:57:09 2019 +0100

    doc: added more information on operation under multiple threads
    
    Relates: #713
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Mar 1 20:13:38 2019 +0100

    Update ./bootstrap from latest gnulib
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 27 10:01:47 2019 +0100

    Clarifications on AEAD ciphers
    
    Relates: #716
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 27 09:29:04 2019 +0100

    Improve documentation for gnutls_cipher_get_iv_size
    
    This clarifies what is returned and what is to be expected on algorithms
    with variable IV sizes.
    
    Resolves: #717
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 26 15:42:01 2019 +0100

    pkcs11: clarify GNUTLS_PKCS11_TOKEN_MODNAME presence [ci skip]
    
    Resolves: #633
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 26 15:21:48 2019 +0100

    cppcheck: suppress warning on nettle code [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Feb 23 18:43:49 2019 +0100

    gnutls-cli: fix --benchmark-ciphers type overflow
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 23 21:19:06 2019 +0100

    _gnutls_recv_handshake: added explicit sanity checks
    
    Although, this function acts on the message provided as expected and thus
    it should never call a message parsing function on unexpected
    messages, we make a more explicit sanity check. This unifies the
    sanity checks existing within the involved functions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Feb 12 15:20:23 2019 +0100

    gnutls_x509_crt_init: Fix dereference of NULL pointer
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Feb 12 15:14:07 2019 +0100

    Remove redundant resets of variables after free()
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Feb 12 15:09:11 2019 +0100

    Automatically NULLify after gnutls_free()
    
    This method prevents direct use-after-free and
    double-free issues.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Feb 19 13:56:35 2019 +0100

    tlsfuzzer: update to the latest upstream for downgrade protection tests
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Sat Feb 9 10:26:56 2019 +0100

    ext/supported_versions: regenerate server random
    
    This adds a call to _gnutls_gen_server_random() in handling the
    "supported_versions" extension, so that the TLS 1.3 downgrade sentinel
    is set only when the earlier versions are selected.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Feb 5 11:01:20 2019 +0100

    Update ax_code_coverage.m4 to latest release of autoconf-archive
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date:   Thu Feb 21 14:49:36 2019 +0100

    lib: x509: Minor directory browsing simplification
    
    Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>

Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date:   Mon Feb 18 14:41:56 2019 +0100

    Revert "Revert "verify-high2: Fix cert dir iteration on Win32""
    
    This reverts commit 681330882da19099eea360fab141cab937c45677.
    
    Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
    
    This revert also contains the fix to the original commit (invalid
    utf8->utf16 conversion) and a minor simplification of the _treaddir loop.

Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date:   Mon Feb 18 17:12:54 2019 +0100

    iconv: Allow _gnutls_utf8_to_ucs2 to output little endian
    
    Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>

Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date:   Mon Feb 18 09:37:04 2019 +0100

    lib: Provide _Thread_local on MSVC
    
    Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Feb 18 21:38:38 2019 +0100

    Add test for starttls XMPP
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Feb 6 11:30:06 2019 +0100

    gnutls-cli: Fix --starttls-proto=xmpp
    
    Fixes two issues with gnutls-cli --starttls-proto=xmpp:
    1. Print 'Timeout' on timeout instead of random errno message
    2. Do not wait for linefeed when using XMPP (XML)
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Feb 18 15:38:56 2019 +0100

    check_if_signed: Get source branch if not set
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: R. Andrew Bailey <bailey@akamai.com>
Date:   Thu Feb 14 09:38:33 2019 -0500

    tests: wrap ADD_SYSCALL for getrandom in test for SYS_getrandom
    
    Signed-off-by: R. Andrew Bailey <bailey@akamai.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Feb 8 14:46:33 2019 +0100

    gnutls_record_set_max_size: make it work on server side
    
    The record_size_limit extension can also be specified by the server to
    indicate the maximum plaintext.  Also add test cases for asymmetric
    settings between server and client.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Jan 31 13:39:35 2019 +0100

    tlsfuzzer: update to the latest upstream for record_size_limit test
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Feb 8 13:22:13 2019 +0100

    ext/record_size_limit: account for content type octet in TLS 1.3
    
    In TLS 1.3, the protocol maximum of plaintext size is 2^14+1, while
    it is 2^14 in TLS 1.2.  To accommodate that, this introduces the
    following invariant:
    - when the maximum is set by the user with
      gnutls_record_set_max_size(), store it as is.  The value range is
      [511, 16834].
    - when the maximum is negotiated through record_size_limit extension,
      it can be [512, 16385].  In TLS 1.3, subtract by 1 to fit in [511,
      16384].
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Jan 31 16:56:55 2019 +0100

    decrypt_packet_tls13: add check for max plaintext size
    
    There is check in _gnutls_recv_in_buffers already, but for TLS 1.3 we
    need to take account of the padding.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jan 25 17:00:44 2019 +0100

    record: reject too large plaintext after decryption
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jan 30 16:45:08 2019 +0100

    constate: reset max_record_recv_size upon renegotiation
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jan 30 10:21:07 2019 +0100

    session_pack: reset max_record_recv_size when packing
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Jan 17 11:53:35 2019 +0100

    ext/record_size_limit: don't confuse with negotiated/user-supplied maximum
    
    As documented in gnutls_int.h, max_record_send_size is for tracking
    the user-supplied maximum, while max_record_recv_size for the
    protocol negotiated maximum.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Sun Jan 20 09:18:21 2019 +0100

    ext/max_record: server shouldn't send it with record_size_limit
    
    Otherwise, the connection will be disconnected by the client, as
    suggested in RFC: A client MUST treat receipt of both
    "max_fragment_length" and "record_size_limit" as a fatal error, and it
    SHOULD generate an "illegal_parameter" alert.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Feb 7 16:28:52 2019 +0100

    _gnutls_hello_ext_is_present: don't ignore max_fragment_length
    
    The extension is assigned the internal ID 0.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jan 25 17:04:40 2019 +0100

    .dir-locals.el: disable indent-tabs-mode in js-mode
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 14 13:01:34 2019 +0100

    bootstrap.conf: do not override GNULIB_SRCDIR
    
    This was not set in all of our CI platforms, and was causing
    issues in MacOSX.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 11 09:18:46 2019 +0100

    x509: corrected issue in the algorithm parameters comparison
    
    Each certificate has two fields to set the signature algorithm
    and parameters used for the digital signature. One of the fields is
    authenticated and the other is not. It is required from RFC5280 to
    enforce the equality of these fields, but currently due to an issue
    we wouldn't enforce the equality of the parameters fields. This
    fix corrects the issue.
    
    We also move an RSA-PSS certificate in chainverify that was relying
    on invalid parameters, to this set of invalid certificates.
    
    Resolves: #698
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 13 07:54:59 2019 +0000

    tests: added further checks for gnutls_pkcs11_token_get_info
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Jan 29 16:10:59 2019 +0100

    Fix uninitialized warning in pkcs11.c
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Feb 13 17:22:21 2019 +0100

    Cleanup lib/auth/cert.c as suggested by cppcheck
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Feb 11 10:41:47 2019 +0100

    Fix 32bit overflow issue in src/serv-args.def
    
    Fixing this warning seen on 32bit architectures:
    
    serv-args.c: In function 'doOptMaxearlydata':
    serv-args.c:1431:14: warning: overflow in conversion from 'long long int' to 'long int' changes value from '4294967296' to '0' [-Woverflow]
             { 1, 4294967296 } };
                  ^~~~~~~~~~
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Feb 8 13:03:30 2019 +0100

    Remove typedef'ing ssize_t in gnutls.h
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Feb 6 20:54:45 2019 +0100

    Use inet_pton() from gnulib
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 9 10:52:29 2019 +0100

    bootstrap: refuse to bootstrap if any dependencies bring gnulib's network stack
    
    If gnulib's network stack is brought (due to a dependency) in the library
    it will make the library unusable to non-gnulib using applications. This
    prevents windows applications for example to use gnutls, and so on. Even
    more it is quite hard to catch that issue because our testsuite uses
    gnulib as well. Instead we try to catch the these modules at import time.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Feb 6 20:35:11 2019 +0100

    Use inet_ntop() from gnulib
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sun Feb 3 12:18:30 2019 +0100

    _gnutls_gen_rawpk_crt: corrected the use of assert
    
    The API could return 0 or 1 matching certificates. The case of zero
    can only happen in client side.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sun Feb 3 08:47:50 2019 +0100

    raw public keys: apply the key usage bits the same way as X.509
    
    That is, we require a signing certificate when negotiating
    TLS1.3, or when sending a client certificate (on all cases).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Feb 2 09:13:40 2019 +0100

    Fallback to TLS 1.2 when incompatible with signature certs are provided
    
    This only takes into account certificates in the credentials structure.
    If certificates are provided in a callback, these must be checked by
    the provider. For that we assume that the credentials structure is
    filled when associated with a session; if not then the fallback mechanism
    will not work and the handshake will fail.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Feb 2 07:10:10 2019 +0100

    Enforce the certificate key usage restrictions on all cases
    
    That is, we require a signing certificate when negotiating
    TLS1.3, or when sending a client certificate (on all cases).
    
    Before we would not perform any checks under TLS1.3 or when client
    certificates are sent, assuming that the certificates used will always
    be signing ones. However if the user sets up incorrectly a decryption
    certificate we would use it for signing. This fix makes sure that an
    error is returned early when these scenarios are detected.
    
    Resolves: #690
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Jan 21 12:54:58 2019 +0100

    Fetch OSS-Fuzz corpora much faster [skip ci]
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 4 15:10:19 2019 +0100

    .triage-policies.yml: added [ci skip]
    
    This adds a set of policies regarding issues and merge requests
    to be enforced by the gitlab-triage bot. That is:
     - Issues without any label for more than a month are marked
       with needs attention label
     - Issues with needinfo label are closed if they are not updated
       within a month
     - Merge requests marked as WIP with no update within 5 months
       are closed.
    
    These rules are not enforced automatically; we have to schedule
    a run of the gitlab-triage bot.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Feb 2 17:47:48 2019 +0300

    build: do not generate mech-list.h if p11-kit is not available
    
    Compiling GnuTLS with no p11-kit installed will result in a serie of
    warnings during build time because mech-list.h will be generated even if
    pkcs11 tool compilation is disabled. Move mech-list.h generation to
    happen only if pkcs11 is enabled, thus removing these warnings.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Feb 2 17:32:01 2019 +0300

    build: pass NETTLE_LIBS together with HOGWEED_LIBS
    
    libhogweed might depend on exact non-system-wide nettle, so let's pass
    NETTLE_LIBS flags together when using HOGWEED_LIBS.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat Jan 26 21:44:28 2019 +0100

    Add GNUTLS_E_RECEIVED_DISALLOWED_NAME for illegal SNI names
    
    An illegal/disallowed SNI server name previously generated
    the misleading message "An illegal parameter has been received.".
    
    This commit changes it to
      "A disallowed SNI server name has been received.".
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Jan 30 21:58:34 2019 +0300

    lib/nettle: replace nettle-stdint.h with just stdint.h
    
    Nettle library is going to drop nettle-stdint.h. Replace this include
    with with just <stdint.h>.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Jan 28 15:25:30 2019 +0100

    Fix 'make glimport' and update CONTRIBUTING.md
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sun Jan 27 13:59:56 2019 +0200

    .gitignore: add test files
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sun Jan 27 13:17:35 2019 +0200

    build: detect previous supported guile
    
    A recent change in the m4 macro of guile enforces latest guile:
    ---
    AC_DEFUN([GUILE_PROGS],
     [_guile_required_version="m4_default([$1], [$GUILE_EFFECTIVE_VERSION])"
      if test -z "$_guile_required_version"; then
        _guile_required_version=2.2
      fi
    ---
    
    The result:
    ---
    checking for guile-snarf... /usr/bin/guile-snarf
    checking for guild... /usr/bin/guild
    checking for guile-2.2... no
    checking for guile2.2... no
    checking for guile-2... no
    checking for guile2... no
    checking for guile... /usr/bin/guile
    checking for Guile version >= 2.2... configure: error: Guile 2.2 required, but 2.0.14 found
    ---
    
    Probably best to specify the supported version explicitly when calling
    GUILE_PROGS, to keep existing behavior calling the GUILE_PKG detects the
    existing packages.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Jan 25 11:51:56 2019 +0100

    Fix unused var warning in guile/src/core.c
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Jan 25 12:26:46 2019 +0100

    Fix abi-check failure
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 25 08:32:17 2019 +0100

    NEWS: updated
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 25 08:24:21 2019 +0100

    src/Makefile.am: remove .bak files before autogenerating
    
    This avoids errors due to files pre-existing but not being
    writable.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 25 08:18:01 2019 +0100

    bumped versions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 25 08:13:26 2019 +0100

    Makefile.am: require guile-2.2 for release
    
    That's because guile.m4 from previous releases has issues
    with the latest version.
    
    Resolves: #631
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jan 24 20:25:59 2019 +0100

    priorities: when %NO_EXTENSIONS is specified disable TLS1.3
    
    This makes the behavior of this priority string option well-defined
    even when TLS1.3 is enabled.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Thu Jan 24 18:48:40 2019 +0100

    certtool.1: fix formatting
    
    Apostroph at start of a line is a control character in manpages, avoid
    it. Also drop wrong indent.
    See https://bugs.debian.org/920215
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jan 23 17:52:47 2019 +0100

    tlsfuzzer: update to the latest upstream for record_size_limit tests
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Jan 24 01:57:13 2019 +0300

    configure.ac: fix substitution for libatomic
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 23 20:51:11 2019 +0100

    .travis.yml: avoid installing submodules
    
    They are not necessary for building and testing the basic
    test suite.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 23 20:42:34 2019 +0100

    update on "Fix gnutls.pc for multiarch builds"
    
    This replaces LTLIBUNISTRING with LIBUNISTRING in Makefile.am.
    The former is no longer produced by configure.ac.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Jan 23 15:13:12 2019 +0100

    set_ciphersuite_list(): Use linear approach to cleanup priorities
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Jan 22 15:47:39 2019 +0100

    tests: check record_size_limit is reset after resumption
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Sat Jan 19 10:31:52 2019 +0100

    constate: don't restore max_record_recv_size from resumed data
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Jan 17 17:50:49 2019 +0100

    ext/record_size_limit: mark it as mandatory extension
    
    In a resuming session record_size_limit is always renegotiated, and
    thus the server should parse the extension always.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Jan 17 11:52:50 2019 +0100

    ext/record_size_limit: reject too large extension payload
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 5 14:12:46 2019 +0100

    gnutls-serv: improvements in UDP server
    
    This modifies the server to deinitialize the session after use
    (avoiding leaks), and to only send the hello verify request when
    a client hello is seen.
    
    This also adds a basic unit test of gnutls-serv with the --udp option.
    
    Resolves #632
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date:   Wed Jan 23 13:36:23 2019 +0100

    configure.ac: add comment for -latomic
    
    Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 23 08:42:54 2019 +0100

    tests: added tests for multiple ticket reception
    
    This introduces tests for the reception (parsing) of multiple tickets
    by a gnutls client. It uses the tlslite-ng server because unlike a gnutls
    server, tlslite-ng does send multiple tickets in a single record. That
    way we test that we can parse both ways of sending tickets.
    
    Resolves: #511
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Jan 23 11:45:39 2019 +0100

    Update gnulib
    
    Closes #653 (printf %n crashes on Android)
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jan 21 20:53:06 2019 +0100

    gnutls_alert_send_appropriate: do not send alert to peer on all errors
    
    That is, do not send alerts for success, or for errors indicating that
    an alert has been received. This changes the documented function behavior
    but does not break any existing caller expectations.
    
    Relates: #672
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jan 21 20:33:00 2019 +0100

    gnutls_pkcs11_privkey_import_url: enable RSA-PSS only when an RSA key can sign
    
    In gnutls_pkcs11_privkey_import_url() we only enabled RSA-PSS functionality to
    the key if the CKM_RSA_PKCS_PSS mechanism is available to the token. However,
    if the specific key is not marked for use with digital signatures (CKA_SIGN
    set), then we may have still ended-up using it and fail when using it. We
    now test whether CKA_SIGN is set prior to enabling such keys for PSS.
    
    Resolves: #667
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jan 21 20:56:10 2019 +0100

    alert: associate unsupported curve alerts with handshake failure
    
    Resolves: #672
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Jan 10 14:53:32 2019 +0100

    Check for Signed-off-by: in CI
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Jan 20 12:00:07 2019 +0100

    Avoid excessive CPU usage in gnutls_idna_map()
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat Jan 19 18:19:42 2019 +0100

    Fix uninitialized variable in tests/x509dn.c
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat Jan 19 18:04:31 2019 +0100

    crypto-selftests.c: Fix checking return value
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 11 07:23:40 2019 +0100

    auto-generate the AUTHORS file
    
    The original file was unmaintained since long time. This is now
    auto-generated from the git shortlog, at release time.
    
    Relates: #606
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date:   Thu Jan 17 13:24:04 2019 +0100

    configure.ac: check if libatomic is needed
    
    gnutls source code uses the C++11 <atomic> functionality since
    https://github.com/gnutls/gnutls/commit/7978a733460f92b31033affd0e487c86d66c643d,
    which internally is implemented using the __atomic_*() gcc built-ins
    
    On certain architectures, the __atomic_*() built-ins are implemented in
    the libatomic library that comes with the rest of the gcc runtime. Due
    to this, code using <atomic> might need to link against libatomic,
    otherwise one hits build issues such as:
    
    ../lib/.libs/libgnutls.so: undefined reference to `__atomic_fetch_sub_4'
    
    on an architecture like SPARC.
    
    To solve this, a configure.ac check is added to know if we need to
    link against libatomic or not. The library is also added to gnutls.pc.
    
    Fixes:
     - http://autobuild.buildroot.org/results/6c749bd592ceffeacadd2ab570d127936cce64b2
     - http://autobuild.buildroot.org/results/30aa83d3cf3482af8a59250c196c85f4a278d343
    
    Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Jan 17 10:22:45 2019 +0100

    Fix gnutls.pc for multiarch builds
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 14 10:56:27 2019 +0100

    certtool: data encipherment is disabled by default
    
    For the TLS protocol this option is not necessary, and if enabled
    by mistake (as default) and no other option is set, then the
    generated key will be unusable. Thus we disable it, to generate
    working keys by default.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jan 10 19:23:12 2019 +0100

    .travis.yml: use ./bootstrap instead of make autoreconf
    
    The latter is no longer available after the removal of
    GNUMakefile.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jan 10 07:56:17 2019 +0100

    The flag %NO_EXTENSIONS is disabling extension support while being functional
    
    That is, the %NO_EXTENSIONS option is the only documented way to disable
    extensions completely from a session. Clarify that message, mention that
    its behavior is undefined when combine with TLS1.3, and make sure that it
    is functional. The latter makes sure that safe renegotiation and extended
    master secret extensions remain disabled when this flag is given.
    
    That simplifies testing certain scenarios under TLS1.0 or TLS1.1 when
    no extensions must be used.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 8 12:26:19 2019 +0100

    When sending no extensions do not include a zero length
    
    According to RFC5246:
       The presence of extensions can be detected by determining whether
       there are bytes following the compression_method field at the end of
       the ServerHello.
    
    and as such we correct our behavior to not send the zero length bytes.
    This was our behavior in 3.5.x and 3.3.x branch, and thus this corrects
    a regression of gnutls with these branches.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
    Signed-off-by: David Woodhouse <dwmw2@infradead.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 8 19:37:49 2019 +0000

    Avoid calling sign_algorithm_get_name() when we already have pointer to the algorithm.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jan 2 13:21:49 2019 +0100

    tls-sig: check RSA-PSS signature key compatibility also in TLS 1.2
    
    This extends commit 51d21634 to cover the optional TLS 1.2 cases,
    which RFC 8446 4.2.3 suggests: "Implementations that advertise support
    for RSASSA-PSS (which is mandatory in TLS 1.3) MUST be prepared to
    accept a signature using that scheme even when TLS 1.2 is negotiated".
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Jan 8 18:09:29 2019 +0100

    tlsfuzzer: update to the latest upstream for the TLS 1.2 CV tests
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Jan 8 18:06:17 2019 +0100

    alert: map GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM to illegal_parameter
    
    This alert is more appropriate according to the tlsfuzzer test:
    https://github.com/tomato42/tlsfuzzer/commit/4b6a4aa8b00cf3f3bcb2388d1bfdad985610ed1d
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Jan 8 14:40:25 2019 +0100

    Revert "build: remove src/*.bak from distribution"
    
    This reverts commit 9ba397aa841730e4824d2bf8537aa15e711ad9b3, as it
    turned out to be not practical.  See !862 for the discussion.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 8 12:07:00 2019 +0100

    _gnutls_hello_ext_set_datum: removed unnecessary remark [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Maks Naumov <maksqwe1@ukr.net>
Date:   Tue Jan 8 00:05:23 2019 +0200

    Fix _gnutls_write_new_general_name() result checking

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Mon Jan 7 17:46:10 2019 +0200

    build: install all m4 macros
    
    having all m4 macros in m4/ directory enables easier autoreconf process for
    downstream as dependency programs that provide these macros are not required.
    
    both gtk-doc and guile requires huge dependency list, and currently are
    required per any change (patch) in autotools.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jan 2 13:44:50 2019 +0100

    ext/pre_shared_key: avoid unnecessary use of VLA for MSVC
    
    Suggested by Gisle Vanem in:
    https://github.com/gnutls/gnutls/commit/fd8c1ec8fe155861dffa28811127f101b6697b4b#r31802648
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Jan 4 09:47:24 2019 +0100

    Fix typos in lib/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Jan 3 16:36:17 2019 +0100

    Unroll MinGW CI runner commands
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 3 09:51:34 2019 +0100

    tests: treat all signals as error
    
    Previously we were only treating SIGSEGV as error though there is
    no reason to treat other signals as success and they may hide an
    actual error case (e.g., when SIGPIPE is received). With this change we
    treat any signals received by the child except SIGTERM as error, and
    we ensure that SIGPIPE is ignored in all tests.
    
    This also updates tests/slow/cipher-api-test.c to test failures with
    SIGABRT or otherwise consistently.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 4 14:48:26 2019 +0100

    Revert "verify-high2: Fix cert dir iteration on Win32"
    
    This was failing CI (x509cert-tl) but was not detected due to
    a bug.
    
    This reverts commit 362a0c30b79ccede7e5bc3a7747c3e7f1d30889a.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Marga Manterola <marga@google.com>
Date:   Thu Jan 3 17:57:29 2019 +0000

    Fix typo when checking for ed25519 support

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Jan 1 14:26:04 2019 +0100

    Fix typos in doc/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 3 09:13:56 2019 +0100

    _gnutls13_handshake_sign_data: properly fail on signing error
    
    When signing failed, gnutls would return an invalid signed message
    (with no data) instead of failing.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Jan 2 10:29:48 2019 +0100

    Fix 'make distcheck'
    
    The following error will be fixed:
    
    ERROR: files left in build directory after distclean:
    ./tests/softhsm-privkey-eddsa-test.config
    make[1]: *** [Makefile:1833: distcleancheck] Error 1
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Jan 2 10:22:26 2019 +0100

    Remove auto-generated gnulib files from repo
    
    Bootstrapping with latest gnulib updated both files,
    so they are obviously auto-generated files which do not
    belong into the repository.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Jan 2 10:02:11 2019 +0100

    Update required autoconf version to 2.63
    
    This fixes the bootstrap error with the latest gnulib:
    
    gnulib/gnulib-tool: *** minimum supported autoconf version is 2.63. Try adding AC_PREREQ([2.63]) to your configure.ac.
    gnulib/gnulib-tool: *** Stop.
    ./bootstrap: gnulib-tool failed
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Jan 2 09:56:42 2019 +0100

    Update gnulib
    
    This fixes the following 'make syntax-check' failure:
    
    maint.mk: out of date copyright in ./gnulib/lib/version-etc.c; update it
    make: *** [maint.mk:1199: sc_copyright_check] Error 1
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Jan 2 09:49:19 2019 +0100

    Update copyright year in doc/gnutls.texi
    
    This fixes the following error of 'make syntax-check':
    
    maint.mk: out of date copyright in doc/gnutls.texi; update it
    make: *** [maint.mk:1201: sc_copyright_check] Error 1
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 30 16:25:08 2018 +0100

    examples: ignore GNUTLS_E_AGAIN or INTERRUPTED errors
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 30 16:00:43 2018 +0100

    examples: use a valid DNS name
    
    This prevents a gnutls server from sending an unexpected message
    alert due to invalid DNS name encoding, if the example is not modified.
    
    Resolves: #663
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat Dec 29 19:16:57 2018 +0100

    Fix OSS-Fuzz build
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Dec 25 14:44:11 2018 +0300

    tests: cipher-openssl-compat: don't call EVP_CIPHER_CTX_init()
    
    There is no need to call EVP_CIPHER_CTX_init() after
    EVP_CIPHER_CTX_new().
    
    Fixes #658
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Dec 25 14:43:56 2018 +0300

    tests: cipher-openssl-compat: don't fail if OpenSSL doesn't provide cipher
    
    LibreSSL does not provide ChaCha20-Poly1305 through EVP_CIPHER
    interface, so let's skip the test if cipher is not available.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 20 17:49:21 2018 +0100

    gnutls_pubkey_import_ecc_raw: set the public key bits
    
    This sets the number of key bits once an ECC key is imported.
    
    Resolves #640
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 21 07:58:24 2018 +0100

    GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION: deprecated
    
    This removes the documented use of this macro. It was non-functional.
    Given the nature of the definition of the non-well defined date for
    certificates, it may be wise not to use a special macro at all. The
    reason is that the no-well defined date is a real date (~year 9999),
    and any approximation with seconds will be unstable due to irregular
    leap seconds.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 21 07:54:40 2018 +0100

    gnutls-cli-debug: removed unused variable
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date:   Mon Dec 17 11:37:12 2018 +0100

    win32: Check that CertOpenStore is behaving as CertOpenSystemStore
    
    The test isn't located in tests/windows since we need the actual
    libcrypt32 implementations.

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Dec 20 16:33:34 2018 +0100

    testrandom.sh: Fix endless loop
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 19 09:41:41 2018 +0100

    vasprintf: use from gnulib; don't bundle twice
    
    Relates #653
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date:   Thu Dec 13 17:31:29 2018 +0100

    win32: Use CertOpenStore instead of CertOpenSystemStore
    
    CertOpenSystemStore is not available when building for windows store.
    Both functions are available since windows XP, so there is no
    compatibility change.
    CertOpenSystemStore documentation states "Only current user certificates
    are accessible using this method, not the local machine store." hence we
    pass CERT_SYSTEM_STORE_CURRENT_USER.
    We also use the wide chars variants, in the event the ansi ones are
    silently rejected by windows store applications (which is not
    documented, but which I strongly suspect)
    This is equivalent to Wine's implementation of CertOpenSystemStore:
    https://github.com/wine-mirror/wine/blob/master/dlls/crypt32/store.c#L904

Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date:   Tue Dec 4 15:18:36 2018 +0100

    keys-win: Disable private key import on windows store
    
    Windows store drastically limits the available functions.
    In this case, at least CryptSetProvParam and the NCrypt* functions
    can't be used
    
    Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>

Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date:   Tue Dec 4 13:22:52 2018 +0100

    verify-high2: Fix cert dir iteration on Win32
    
    And especially when building for windows store, which only allows
    unicode version of opendir & friends functions.

Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date:   Tue Dec 4 11:53:48 2018 +0100

    lib: Don't hardcode LoadLibraryA
    
    Those functions are forbidden when building for Windows Store
    
    Signed-off-by: Hugo Beauzée-Luyssen <hugo@beauzee.fr>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Dec 18 16:27:29 2018 +0100

    .gitlab-ci.yml: Remove assert in gl/tests/test-strerror.c
    
    A bug made our CI cross builds fail.
    See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916779
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Nov 16 16:22:10 2018 +0100

    tests/cert-tests/certtool-eddsa: Increase portability (fix for busybox)
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Nov 16 16:20:17 2018 +0100

    tests/cert-tests/certtool: SKIP if --disable-bash-tests was given
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Nov 16 16:13:31 2018 +0100

    tests/cert-tests/pkcs12-utf8: Use /bin/sh instead of bash
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Nov 16 16:12:31 2018 +0100

    tests/cert-tests/pkcs12-corner-cases: Increase portability (fix for busybox)
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Nov 16 16:11:53 2018 +0100

    tests/cert-tests/certtool-ecdsa: Increase portability (fix for busybox)
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Nov 16 16:06:18 2018 +0100

    tests/cert-tests/pem-decoding: Increase portability (fix for busybox)
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Nov 16 13:28:26 2018 +0100

    tests/cert-tests/certtool-crl-decoding: Increase portability (fix for busybox)
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Nov 16 12:34:01 2018 +0100

    tests/long-crl.sh: Increase portability (fix for busybox)
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Nov 16 12:14:27 2018 +0100

    tests/gnutls-cli-debug.sh: Remove bashisms
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Nov 23 19:58:49 2018 +0100

    tests/scripts/common.sh: Add check_if_equal()
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Nov 16 12:08:06 2018 +0100

    tests/scripts/common.sh: Make random port value work on busybox
    
    On busybox 'date +%N' returns an empty value.
    On 'dash' (Debian shell) $RANDOM doesn't work.
    
    This commit works first tries $RANDOM and then falls back to 'date +%N'.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 15 22:14:18 2018 +0100

    doc: minor fixes [ci skip]
    
    Created NEWS entry for 3.6.6 and unified the listing of gnutls_init_flags_t
    items.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Peter Wu <peter@lekensteyn.nl>
Date:   Sat Dec 15 22:01:10 2018 +0100

    pkcs11: fix memleak in gnutls_pkcs11_token_get_ptr
    
    find_token_modname_cb uses p11_kit_config_option to retrieve the module
    name, but its return value (stored in tn.modname) must be freed.

Author: Tom Vrancken <email@tomvrancken.nl>
Date:   Sat Aug 26 14:22:44 2017 +0200

    Implemented support for raw public-key functionality (RFC7250).
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Hugo Beauzée-Luyssen <hugo@beauzee.fr>
Date:   Thu Dec 13 11:00:03 2018 +0100

    configure.ac: Always enable unicode support on windows

Author: Peter Wu <peter@lekensteyn.nl>
Date:   Thu Nov 29 18:21:22 2018 +0100

    pkcs11: fix memleak when querying for GNUTLS_PKCS11_TOKEN_MODNAME
    
    find_token_modname_cb uses p11_kit_config_option to retrieve the module
    name, but its return value must be free'd.
    
    Other fixes:
    - Do not silently truncate the output buffer, return an error instead.
    - If the module name is unavailable, do not write "(null)" to the
      output. Write an empty string instead.
    - The module path can be of arbitrary length, so passing output=NULL to
      learn the length seems reasonable, except that snprintf crashed on a
      NULL pointer dereference.
    
    Fixes: 241f9f0b1 ("Added GNUTLS_PKCS11_TOKEN_MODNAME for gnutls_pkcs11_token_get_info")
    Signed-off-by: Peter Wu <peter@lekensteyn.nl>

Author: Peter Wu <peter@lekensteyn.nl>
Date:   Thu Nov 29 18:43:39 2018 +0100

    pkcs11: clarify gnutls_pkcs11_*_get_info output_size
    
    It was not clear whether @output_size contains the actual string length
    or the buffer length (including null terminator).
    
    Signed-off-by: Peter Wu <peter@lekensteyn.nl>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Nov 15 10:44:20 2018 +0100

    build: remove src/*.bak from distribution
    
    Instead, include the autogen-generated *.c, *.h and the stamp files in
    the distribution.
    
    To prevent the bundled files being linked with incompatible autogen
    libopts, this adds an extra check in configure.  If the detected
    system libopts version is too old, it will use the included libopts
    implementation.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 12 09:48:01 2018 +0100

    GNUTLS_PCERT_NO_CERT: marked as unused/ignored
    
    This flag was already a no-op.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 11 09:34:22 2018 +0100

    srp/psk: update recommendations for usernames [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 12 06:15:25 2018 +0100

    doc: include PSK examples into documentation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Dec 6 14:59:30 2018 +0100

    tlsfuzzer: update to the latest upstream to eanble CCS tests
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Dec 4 17:15:02 2018 +0100

    Fix gnutls_handshake_set_timeout() for values < 1000
    
    handshake-timeout.c now tests for <1000ms timeout and for >=1000ms
    timeout. The test duration decreased from 45s to 1.2s.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Nov 22 14:59:11 2018 +0100

    record: make CCS handling stricter in TLS 1.3
    
    In TLS 1.3, the change_cipher_spec messages received under the
    following conditions should be treated as unexpected record type:
    containing value other than 0x01, or received after the handshake.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 5 14:44:23 2018 +0100

    bootstrap: only update the required submodules for building
    
    Although we have few submodules they are not all required for
    building and testing. This patch modified bootstrap.conf not
    to update all of them, but only the necessary for building and
    testing.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Dec 1 13:26:20 2018 +0100

    Fix error message on old or missing nettle.
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 1 06:04:45 2018 +0100

    released 3.4.1
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Simo Sorce <simo@redhat.com>
Date:   Wed Oct 3 13:12:38 2018 -0400

    Constant time/cache PKCS#1 RSA decryption
    
    This patch tries to make the code have the same time and memory access
    aptterns across all branches of the decryption function so that timining
    or cache side channels are minimized or neutralized.
    
    To do so it uses a new nettle rsa decryption function that is
    side-channel silent.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 28 16:00:34 2018 +0100

    Added test about rsa decryption under pkcs11
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 30 10:28:28 2018 +0100

    gnutls_x509_crt_set_expiration_time: fixed documentation [ci skip]
    
    Fixed the documentation of the function to reflect reality.
    This function did not accept the GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION
    macro.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 30 08:49:50 2018 +0100

    NEWS: updated [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 30 08:44:35 2018 +0100

    bumped version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Nov 29 06:05:22 2018 +0300

    tests: attempt to fix test errors on Mac OS X
    
    It looks like Mac OS X's grep has issues with applying basic regexps
    with alternation operator inside. Use several grep calls in pipeline to
    achieve the same result.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 28 23:39:32 2018 +0300

    travis: print logs for all failed tests
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 28 14:10:35 2018 +0300

    lib: fix pkcs11 using defines from PKCS#11 3.0 for EdDSA
    
    pkcs11 support code uses several definitions from forthcoming PKCS#11
    standard version. Older p11-kit versions do not provide these
    definitions. Detect and disable code supporting EdDSA if compiling
    GnuTLS with older p11-kit library.
    
    Closes #626
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
    Fixes: 88377775a3eff679a9ec60ab9bfc6b3c683a0407
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Nov 28 20:08:29 2018 +0100

    CONTRIBUTING.md: specify rules for static/inline functions [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Nov 22 17:36:17 2018 +0100

    CONTRIBUTING.md: proposal for new features/modifications approach [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Nov 21 21:09:33 2018 +0100

    CONTRIBUTING.md: added proposal on commenting style [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 28 16:03:59 2018 +0300

    tests: fix crl test under MinGW32/64
    
    Use --outfile instead of output redirection to stop CR from sneaking
    into temp file. Extra CR symbols make grep choke on that file.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Stephan Mueller <smueller@chronox.de>
Date:   Tue Nov 27 22:27:26 2018 +0100

    DRBG: Use ACVP validated test vector in self test
    
    Due to removing all of the FIPS 140-2 continuous self test leftovers,
    the DRBG test vector must be updated as the very first DRBG block is not
    dropped any more.
    
    The test complies with the CAVP test definition specified in "The
    NIST SP 800-90A Deterministic Random Bit Generator Validation
    System (DRBGVS)" section 6.2.
    
    The test vector is obtained during a successful trial run using the
    NIST ACVP server. The following registration was used to generate the
    test vector:
    
          {
            "algorithm":"ctrDRBG",
            "prereqVals":[
              {
                "algorithm":"AES",
                "valValue":"same"
              }
            ],
            "predResistanceEnabled":[
              false
            ],
            "reseedImplemented":true,
            "capabilities":[
              {
                "mode":"AES-256",
                "derFuncEnabled":false,
                "entropyInputLen":[
                  384
                ],
                "nonceLen":[
                  0
                ],
                "persoStringLen":[
                  0,
                  256
                ],
                "additionalInputLen":[
                  0,
                  256
                ],
                "returnedBitsLen":512
              }
            ]
          },
    
    Signed-off-by: Stephan Mueller <smueller@chronox.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 27 13:47:46 2018 +0100

    Fix session description info printing
    
    This fixes a truncation issue in session description information printing
    for certain ciphersuites, and adds a limited testing of expected description
    strings for certain ciphersuites.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 20 11:30:22 2018 +0100

    Prevent applications from combining legacy versions of TLS with TLS1.3
    
    It can happen that an application due to a misconfiguration, enables TLS1.3
    in combination with TLS1.0 or TLS1.1 only. In that case a server which is
    unaware of the TLS1.3 protocol will reply by selecting the TLS1.2 protocol
    instead and that answer will be rejected by the client. With this change
    we ensure that TLS1.3 is not enabled in these problematic scenarios.
    
    Resolves: #621
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 21 18:35:07 2018 +0300

    cert-tests: verify --no-text switch for pkcs7/pkcs12 info
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Nov 16 03:46:52 2018 +0300

    certtool: don't output textual information if --no-text was given
    
    Disable text output if --no-text option was given for --p7-info and
    --p12-info.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 21 20:05:20 2018 +0300

    certtool: don't output pkcs12 information to stderr
    
    Print all pkcs12-info output to outfile, rather than stderr.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 21 18:35:07 2018 +0300

    cert-tests: verify --no-text switch for cert/crq/pub/privkeys
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Nov 16 03:46:52 2018 +0300

    certtool: don't output textual information if --no-text was given
    
    Change privkey/certificate/CRL/CSR handling to disable text output if
    --no-text option was given.
    
    Closes #487
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date:   Mon Nov 19 11:47:45 2018 -0500

    tests: tpm: Use kill_proc to terminate a process
    
    Use kill_proc to terminate a process by first sending it SIGTERM,
    waiting max. 1 second and then use SIGKILL.
    
    Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Author: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date:   Mon Nov 19 11:19:53 2018 -0500

    tests: tpm: Redirect help screen output to stdout
    
    The dash shell doesn't seem to understand &>/dev/null, so use
    >/dev/null to quiet down the help screen check.
    
    Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Sat Nov 24 16:59:12 2018 +0100

    doc: suggest to check max_early_data_size before sending early data
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Nov 22 14:59:54 2018 +0100

    tests: resume: suppress compiler warnings
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Stephan Mueller <smueller@chronox.de>
Date:   Sun Nov 25 13:46:44 2018 +0100

    DRBG: Remove all traces of FIPS 140-2 continuous self test
    
    The removal allows the CAVS / ACVP test required for a successful FIPS
    140-2 validation to pass.
    
    Signed-off-by: Stephan Mueller <smueller@chronox.de>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Nov 22 15:04:00 2018 +0100

    .gitignore: ignore more files and sort them alphabetically
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat Nov 24 15:58:48 2018 +0100

    bootstrap.conf: add "autogen" to buildreq
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Sat Nov 24 15:57:11 2018 +0100

    build: fix srcdir detection when VPATH build
    
    Unlike the ".c.c.bak:" and ".h.h.bak:" rules, ".def.stamp:" needs this
    adjustment because the source files (*.bak) are not provided as $<.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Sat Nov 24 16:00:48 2018 +0100

    tests: remove unnecessary session creation in tls13/anti_replay
    
    This test only checks the behavior of _gnutls_anti_replay_check, thus
    session is not needed at all.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Nov 21 21:09:55 2018 +0100

    doc: corrected typos [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 19 14:16:50 2018 +0100

    tests: added test for RSA decryption under gnutls_privkey_import_ext4
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 19 14:07:39 2018 +0100

    crypto-self-tests-pk: added RSA-PSS sign/verify tests
    
    This also corrects the GOST R 34.10-2012-512-TC26-512-A self
    test.
    
    Relates: #597
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 16 21:04:49 2018 +0100

    tests: added TLS1.3 tests for PKCS#11 and external key types
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Simo Sorce <simo@redhat.com>
Date:   Thu Oct 25 10:03:01 2018 -0400

    Add support for EDDSA/Ed25519 object support via PKCS#11
    
    Tested with softHSM 2.5.0
    
    Resolves #417
    
    Signed-off-by: Simo Sorce <simo@redhat.com>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Simo Sorce <simo@redhat.com>
Date:   Thu Oct 25 10:44:14 2018 -0400

    Fix RSA-PSS tests to properly return skip value
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 18 20:22:08 2018 +0100

    gnutls_certificate_type_get*: updated documentation to list limitations
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 19 06:50:55 2018 +0100

    tests: resume: use spaces around '?' and ':' according to coding style
    
    Also set a link to the kernel coding style in CONTRIBUTIONS.md
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 14 15:20:08 2018 +0100

    gnutls_certificate_type_get*: ensure that the default type is returned
    
    That is, ensure that unless we negotiate something else than
    X509, the default certificate type is returned to applications.
    Previously we wouldn't do that for TLS1.3 resumed sessions, and
    we would return zero (invalid type) instead.
    
    That addresses issues with applications checking explicitly
    for X509 certificate type being present.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Nov 16 16:13:31 2018 +0100

    tests/tls13-early-data: check if max_early_data_size is advertised
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Nov 16 14:25:49 2018 +0100

    serv: add --maxearlydata option
    
    Also exercise this in testcompat-tls13-openssl.sh.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Sun Nov 18 05:47:08 2018 +0100

    record: gnutls_record_send_early_data: check the upper limit
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Nov 16 16:12:13 2018 +0100

    tls13/session_ticket: fix "max_early_data_size" extension handling
    
    session->security_parameters.max_early_data_size is initially set to 0.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 17 19:30:20 2018 +0100

    update documentation on GNUTLS_AUTO_REAUTH and gnutls_record_get_direction [ci skip]
    
    That clarifiesthe intention, and adds warning of using this flag when
    multiple threads are involved. Based on suggestion by Michael Catanzaro.
    
    Relates: #615
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 16 21:16:33 2018 +0100

    .gitlab-ci.yml: run coverage build over fedora
    
    This will include the TPM subsystem in the coverage report.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date:   Fri Nov 16 10:47:23 2018 -0500

    tests: tpm: Extend test case to not use --register
    
    Extend the tpmtool test case to also test without the --register
    parameter.
    
    Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Author: Stefan Berger <stefanb@linux.ibm.com>
Date:   Wed Nov 14 10:07:08 2018 -0500

    tests: tpm: Add a test case for tpmtool
    
    This test case exercises tpmtool and uses certtool to create a
    self-signed certificate with the TPM. It uses swtpm as TPM emulator and
    configures tcsd to talk to swtpm.
    
    Extend the Readme.md with the packages needed for TPM support and TPM test
    support.
    
    This test case needs to be run as root since tcsd needs to be started
    as root.
    
    Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Author: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date:   Fri Nov 16 06:48:01 2018 -0500

    .gitlab-ci.yml: copy the log files of minimal.Fedora to the gitlab server
    
    Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Author: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date:   Thu Nov 15 19:55:02 2018 -0500

    lib: tpm: Fix a memory leak
    
    Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Nov 16 03:38:38 2018 +0300

    doc: mention GOST private key unmasking and additional format support
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 13 11:25:17 2018 +0300

    cert-tests: test parsing and decoding of GOST private keys
    
    Add a test for parsing and decoding GOST private keys in different
    formats, incuding encrypted keys.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 13 11:23:37 2018 +0300

    certtool: support --pkcs-cipher none
    
    If password is specified on command line currently certtool will always
    output encrypted pkcs8 file. Add `--pkcs-cipher none' allowing one to
    force certtool to output unencrypted private keys.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 13 03:02:35 2018 +0300

    nettle/gost: gostdsa: use size_t instead of mp_limb_t
    
    Use size_t for size variables instead of mp_limb_t (data type rather
    than size type).
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 13 02:48:05 2018 +0300

    pkcs8: support GOST keys without encapsulation
    
    Add support for yet another representation of GOST private keys:
    LE-formatted number encoded into pkcs-8-PrivateKeyInfo.privateKey
    without any additional encapsulation.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 13 02:47:39 2018 +0300

    nettle: unmaks GOST private keys if necessary
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 13 02:45:18 2018 +0300

    nettle/gost: support GOST key unmasking
    
    New Russian reccomendation defines 'key masking' in the form of
    several concatenated numbers, which must be multiplied modulo Q to get
    private key.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date:   Thu Nov 15 12:43:01 2018 -0500

    tpmtool: Fix a memory leak related to TPM key list
    
    Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 15 16:03:38 2018 +0100

    updated auto-generated-files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 14 13:56:52 2018 +0100

    anti_replay: moved new add function into anti_replay structure
    
    The new function was not sharing anything with the existing
    gnutls_db_* backend, and moving it to anti_replay structure
    is more clean and allows for deviations from the old API
    conventions (e.g., now we can pass pointers for efficiency
    and pass the expiration time as part of the call).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Nov 13 22:49:26 2018 +0100

    _gnutls_x509_read_eddsa_pubkey(): sanity check the input values
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 13 09:24:06 2018 +0100

    gnutls_x509_privkey_import_ecc_raw(): fail on invalid sizes
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 11 08:25:56 2018 +0100

    tests: verify whether certificate request levels behave consistently
    
    This verifies whether the behavior of GNUTLS_CERT_IGNORE, GNUTLS_CERT_REQUEST
    and GNUTLS_CERT_REQUIRE is consistent accross protocols.
    
    Relates #615
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 11 08:52:13 2018 +0100

    doc: minor updates in elliptic curve documentation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 14 13:42:01 2018 +0100

    tests: added a test for detecting duplicate early data
    
    Resolves #610
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 14 01:43:05 2018 +0300

    tests: add testfile from RFC4134 Section 4.5
    
    Add test example demonstrating indefinite-length BER encoding of PKCS#7
    data.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Nov 12 03:34:31 2018 +0300

    pkcs7: allow BER encoding when parsing encapContentInfo.eContent
    
    CMS specification explicitly allows BER encoding in CMS files. RFC 4134
    example 4.5 uses BER indefinite encoding.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 14 01:49:08 2018 +0300

    configure.ac: drop obsolete info line
    
    Since 4b567871 there is no `ac_enable_session_tickets` variable, so
    let's drop obsolete remnants.
    
    Closes #616
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
    Noted-by: Dilyan Palauzov

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Nov 13 10:07:09 2018 +0100

    build: minor cleanup of mech-list.h generation
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Nov 13 10:02:17 2018 +0100

    README-ci.freebsd.md: require autogen
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Nov 12 13:41:19 2018 +0100

    build: remove autogen .bak files from the repository
    
    While the .bak files are necessary for not requiring autogen on
    deployment environment, they are not needed for development and may
    cause conflict when other developers use different version of
    autogen. This removes those files from the repository and require
    autogen at make dist time.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Nov 12 15:48:44 2018 +0100

    build: use suffix rules for generating .bak files
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Nov 12 15:48:14 2018 +0100

    build: use AM_MISSING_PROG for autogen
    
    That makes error message more friendly when autogen is not installed
    on developing environment.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date:   Mon Nov 12 09:20:44 2018 -0500

    tpm: Fix memory leak in encode_tpmkey_url
    
    When returning the key URL in encode_tpm_key_url we do not need to allocate
    a separate buffer for the URL since we return the allocated buffer from
    _gnutls_buffer_to_datum().
    
    Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Oct 15 13:35:43 2018 +0200

    doc: mention 0-RTT
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Sun Oct 21 07:34:07 2018 +0200

    serv: enable anti-replay when early data is used
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Oct 19 17:52:48 2018 +0200

    TLS 1.3: implement anti-replay measure using ClientHello recording
    
    This implements ClientHello recording outlined in section 8.2 of RFC
    8446.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Nov 1 15:37:42 2018 +0100

    db: introduce gnutls_db_set_add_function
    
    This adds a way to store an entry if it is not found in the database,
    so that the implementation can provide atomic test-and-set.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Nov 8 17:54:11 2018 +0100

    db: introduce gnutls_db_check_entry_expire_time
    
    This would be particularly useful when the same database is used to
    store long-lived TLS 1.2 session data and short-lived TLS 1.3
    anti-replay entries.  Note that the existing gnutls_db_check_entry
    doesn't fit in this use-case, as it takes gnutls_session_t as the
    argument.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Oct 22 15:26:07 2018 +0200

    tls13/session_ticket: record timestamp in ticket
    
    This is needed for implementing freshness checks outlined in 8.3 of
    RFC 8446.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Nov 8 15:46:42 2018 +0100

    str: suppress compiler warning when time_t is 32-bit
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Oct 22 11:12:02 2018 +0200

    testcompat-tls13-openssl: exercise early data transmission
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Oct 15 11:29:56 2018 +0200

    tests: add tests for early data
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Oct 12 13:33:13 2018 +0200

    cli: add --earlydata option
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Oct 12 13:33:00 2018 +0200

    serv: add --earlydata option
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Oct 12 13:34:21 2018 +0200

    record: introduce new API functions for early data
    
    This introduces gnutls_record_get_max_early_data_size(),
    gnutls_record_send_early_data(), and gnutls_record_recv_early_data()
    functions.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Oct 12 11:45:59 2018 +0200

    handshake: handle early data
    
    This plumbers early data handling in the handshake processes, which
    consists of:
    - traffic key updates taking into account of client_early_traffic_secret
    - early data buffering in both server and client
    - the EndOfEarlyData message handling
    - making use of max_early_data_size extension in NewSessionTicket
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Sun Oct 28 07:57:34 2018 +0100

    session_pack: record max_early_data_size in session data
    
    max_early_data_size sent as part of NST should be recorded and
    restored when the session data is set back on the session.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Sun Oct 28 07:57:57 2018 +0100

    record: fix memleak when rejecting early data
    
    The "discard" label previously used assumes that the decrypted record
    is already added to record_recv_buffer.  It is not the case when
    rejecting early data.  Release the allocated memory manually and
    return early.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Oct 12 17:10:51 2018 +0200

    constate: add epoch_rel argument to _gnutls_epoch_dup
    
    This is necessary for handling early data.  Previously,
    _gnutls_epoch_dup() copied the parameters from EPOCH_READ_CURRENT,
    while the client only sets EPOCH_WRITE_CURRENT when sending early
    data.  This allows caller to specify from which epoch the parameters
    are copied.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Oct 12 11:29:57 2018 +0200

    handshake: refactor early secret derivation
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Oct 5 10:41:23 2018 +0200

    handshake: record transcript hash for ClientHello
    
    This is necessary to compute client_early_traffic_secret and
    early_exporter_master_secret in TLS 1.3.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Oct 5 11:13:24 2018 +0200

    ext/pre_shared_key: use predefined macros for secret labels
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Nov 6 09:38:43 2018 +0100

    Unconditionally include nettle/memxor.h
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 10 10:54:32 2018 +0100

    gnutls-cli: use assert to mark impossible path
    
    This avoids static analyzers from complaining.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 10 07:46:24 2018 +0100

    pkcs12: cleanups, and two memory leak fixes
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 9 07:44:02 2018 +0100

    tls13: use system's openssl for interop testing
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 9 20:11:42 2018 +0100

    Added checks to avoid false negatives reported by static analyzers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 6 14:47:41 2018 +0300

    src: update autogenerated .bak files
    
    Update files to include proper year, version, etc.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 6 14:42:56 2018 +0300

    src: include .bak files in EXTRA_DIST
    
    Including .bak files in EXTRA_DIST allows us to stop hand-generating
    these files in distribution. Instead they are directly copied from the
    source tree.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 6 14:34:18 2018 +0300

    src: update .bak files during -args.c/.h regeneration
    
    To ease updating of .bak files, update them when regenerating
    Autogen'erated source files.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 6 12:01:49 2018 +0300

    doc: fix texi generation in out-of-tree builds
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 6 10:52:47 2018 +0300

    src: mark autogen'ed sources as nodist_
    
    Mark autogenerated sources as not distributable. We are distributing
    .bak files instead.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Nov 5 16:37:02 2018 +0300

    Makefile.am: drop manpages regeneration from dist-hook
    
    There is no need anymore to regenerate tools manpages, they will be
    generated automatically from doc/manpages/Makefile.am.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Nov 5 16:22:25 2018 +0300

    manpages: fix manpages distribution
    
    It seems that dist_man_MANS does not work properly with Automake
    conditionals. Automake will not distribute files which are conditionally
    disabled at this make run. As released tarballs include all manpages
    already, let's include them unconditionally.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Nov 5 15:02:50 2018 +0300

    manpages: fix tools manpages generation
    
    Pass additional include path to let autogen find common arguments
    template.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Nov 5 14:53:46 2018 +0300

    manpages: un-unroll the loop
    
    Replace unrolled loop over header files with for-loop to simplify
    Makefile.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Nov 5 14:30:53 2018 +0300

    configure.ac: merge autogen/libopts checks
    
    Move handling of autogen/libopts to a single place. Enforce usage of
    local libopts if autogen is not found.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Nov 5 13:12:51 2018 +0300

    doc: fix documentation generation in out-of-tree builds
    
    gtk-doc will not process gnutls.h.in file, so we need to point it to
    generated gnutls.h file, found inside builddir.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Nov 5 00:43:55 2018 +0300

    cfg.mk: fix ChangeLog generation on out-of-tree builds
    
    ChangeLog regeneration does not work for out-of-tree build, so let's fix
    that.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sun Nov 4 14:29:11 2018 +0300

    src: args-std.def: substitute variables using configure
    
    Use standard way (configure script) to substiture variables in
    args-std.def file, instead of manually replacing them in dist-hook.
    
    Fixes #567
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 9 20:07:24 2018 +0100

    Initialize output var to avoid false negative from static analyzers
    
    This was identified by clang analyzer's on _gnutls_x509_dn_to_string
    and _gnutls_x509_decode_string.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 5 20:51:33 2018 +0100

    .gitlab-ci.yml: move to fedora29 for CI
    
    This also moves the x86 CI builds to the debian cross infrastructure
    as we have a more reliable way of generating a 32-bit image.
    
    Resolves #607
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date:   Fri Nov 2 18:33:32 2018 -0400

    tpmtool: Support --srk-well-known for SRK with 20 zero bytes password
    
    Implement --srk-well-known for SRK with 20 zero bytes password.
    
    Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 7 09:56:56 2018 +0100

    testcompat-openssl: do not test DSS or small curves with 1.1.1
    
    DSA uses 1024-bit parameters, and these together with curves of
    less than 256 bits are not accepted by debian's openssl.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 7 10:20:32 2018 +0100

    doc/credentials: increased key size in RSA client cert
    
    This is used by the test suite and recent openssl in debian requires
    a larger certificates.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 7 10:16:10 2018 +0100

    certtool: allow --update-certificate to replace public key
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 7 08:37:23 2018 +0100

    README.md: updated instructions to apply to fedora29
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Ander Juaristi <a@juaristi.eus>
Date:   Thu Oct 4 14:57:47 2018 +0200

    Update docs for session ticket key rotation [ci skip]
    
    Fix #581.
    
    Signed-off-by: Ander Juaristi <a@juaristi.eus>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Nov 1 13:43:17 2018 +0100

    ext/record_size_limit: handle the extension in TLS 1.2 ServerHello
    
    Previously it had assumed that TLS 1.2 servers don't send the
    extension, while actually it can be present in ServerHello.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Oct 30 19:56:47 2018 +0100

    gnutls_priority_init: ignore CTYPE-OPENPGP options
    
    In GnuTLS 3.6.0 we dropped support for openpgp keys, however
    the CTYPE-OPENPGP is often seen in applications, sometimes
    as -CTYPE-OPENPGP to ensure it is not enabled. We simply
    ignore this priority string when seen, to avoid preventing
    these applications from running.
    
    Resolves #593
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Oct 30 19:46:09 2018 +0100

    gnutls_priority_init: fixed indentation according to project rules
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 19 12:04:29 2018 +0200

    gnutls_priority_set: re-organized
    
    The sanity tests we moved prior to setting these priorities
    and the %GNUTLS_E_NO_PRIORITIES_WERE_SET error code is returned
    consistently to indicate that the existing priorities were not
    overwritten.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 17 14:53:47 2018 +0200

    gnutls_priority_set: do not override the version after handshake is complete
    
    When an application would re-set priorities prior to a rehandshake
    we would override the negotiated version with the highest supported,
    something which may lead to issues. This disables that unnecessary
    version override. See:
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1634736
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 30 10:28:20 2018 +0100

    gnutls-serv: use default priorities when none are given
    
    This makes it in par with gnutls-cli.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Oct 29 01:42:28 2018 +0300

    self-tests: add GOST public key tests
    
    Test vectors provided in standard are not that usefull (they use
    unsupported curves with a != -3), so these test vectors were generated
    by hand.
    
    Fixes #492
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Oct 29 07:24:01 2018 +0100

    NEWS: added CMAC entries [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Simo Sorce <simo@redhat.com>
Date:   Sun Oct 28 12:19:46 2018 -0400

    Add NEWS entry about AES-CMAC
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri Oct 26 16:55:27 2018 -0400

    Add selftests for CMAC
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri Oct 26 13:38:13 2018 -0400

    Vendor in CMAC functionality from Nettle
    
    If nettle's CMAC is not available, use a vendored in version from master.
    This is necessary as long as we need to link against 3.4 for ABI
    compatibility reasons.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri Oct 26 13:22:23 2018 -0400

    Add CMAC Support
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sun Oct 28 15:44:15 2018 +0300

    NEWS: Add entry mentioning fix of S-BOXes for CryptoPro-B,-C,-D variants
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sun Oct 28 10:13:00 2018 +0300

    self-tests: add GOST symmetric algorithms tests
    
    Add tests for:
     - GOST 28147-89 CFB cipher
     - GOST R 34.11-94 hash function
     - Streebog-256/-512 hash functions
     - HMAC using GOST R 34.11-94/Streebog functions
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sun Oct 28 10:11:21 2018 +0300

    nettle: fix s-boxes selection for rare GOST 28147-89 variants
    
    gost28147-89 code contained c&p error, which resulted in using S-BOX
    CryptoPro-A instead of -B, -C, -D. Fix that.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Oct 26 22:50:52 2018 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Oct 24 13:08:45 2018 +0200

    ext/pre_shared_key: don't assume ob_ticket_age < ticket_age_add
    
    Previously, the server treated the condition as error, while it is
    possible that ob_ticket_age may have wrapped round by 2^32.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Oct 25 12:32:52 2018 +0200

    tls13/session_ticket: calculate ticket_age in milliseconds
    
    Previously we calculated ticket age from the current wall clock in
    seconds, multiplying by 1000.  This is conceptually wrong, because
    ticket age is designed to be in milliseconds.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Oct 26 08:18:01 2018 +0200

    str: add macros to encode/decode struct timespec value
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Oct 25 13:47:13 2018 +0200

    system: provide a means to replace gettime implementation
    
    While gettime() is extensively used in the code, the library
    previously hadn't provided a way to replace it for testing.  This adds
    a new internal function _gnutls_global_set_gettime_function and makes
    use of it through virt-time.h.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Wed Oct 24 15:45:23 2018 -0400

    Add selftest for CFB8

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Oct 25 12:09:05 2018 +0200

    _gnutls_timespec_cmp: new inline function
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Oct 25 12:02:53 2018 +0200

    tls13/session_ticket: rename tls13_ticket_t type to tls13_ticket_st
    
    This is consistent with the coding guideline.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 25 08:29:27 2018 +0200

    gnutls-cli: reduce printed session information
    
    When connecting to a server we were printing a lot of duplicate
    information that was already part of the "Description" string.
    No longer print that information unless --verbose is given.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 24 13:05:58 2018 +0200

    gnutls-cli: do not print errors twice
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Wed Oct 24 13:04:22 2018 -0400

    Vendor in CFB8 functionality from Nettle
    
    If nettle's CFB8 is not available, use a vendored in version from master.
    This is necessary as long as we need to link against 3.4 for ABI
    compatibility reasons.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Wed Oct 24 12:14:51 2018 -0400

    Add AES-CFB8 Support
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 15 15:59:48 2018 +0200

    p11tool: fix initialization of security officer's PIN
    
    Previously we would call gnutls_pkcs11_token_set_pin() without an
    old PIN provided, which will result to the use of C_InitPIN() on the
    underlying module. The C_InitPIN() in contrast with C_SetPIN() will
    only work for the user and not for the administrator. As such, we
    always provide the oldpin for when we change the admin's PIN.
    
    Resolves #561
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 23 15:20:45 2018 +0200

    fips140: aligned code with documentation
    
    That is, we introduce the documented but unimplemented macros
    GNUTLS_FIPS140_SET_LAX_MODE() and GNUTLS_FIPS140_SET_STRICT_MODE().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Mon Oct 22 10:52:08 2018 +0200

    Simplified check for NULL pointer to reduce code changes.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Mon Oct 22 10:51:19 2018 +0200

    Unified abbreviation for certificate type priorities in code.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Thu Oct 11 21:25:11 2018 +0200

    Renamed CHECK_AUTH macro to CHECK_AUTH_TYPE to be more clear what it checks.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Thu Oct 11 21:13:45 2018 +0200

    Renamed _gnutls_server_select_cert() to _gnutls_select_server_cert() for consistency reasons with its client couterpart.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Thu Oct 11 21:05:33 2018 +0200

    Renamed certificate_credential_append_crt_list() to certificate_credential_append_keypair().
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Thu Oct 11 21:01:25 2018 +0200

    Renamed _gnutls_auth_info_set() to _gnutls_auth_info_init().
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Wed May 23 10:16:00 2018 +0200

    Renamed fields in priority_st to improve code readability. Fixes #453.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Tue May 22 12:35:31 2018 +0200

    Added NULL pointer check in gnutls_certificate_free_credentials for safety.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Mon May 21 10:11:28 2018 +0200

    Renamed _gnutls_proc_x509_server_crt to _gnutls_proc_x509_crt.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Sat May 19 16:01:01 2018 +0200

    Small fixes for comments and log strings.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Oct 18 11:09:09 2018 +0200

    SKIP tests/global-init-override if weak symbols don't work
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 16 15:06:04 2018 +0200

    tests: eagain-auto-auth: only compiled in systems with cmocka available
    
    This fixes build issue at MacOSX CI.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 12 16:36:12 2018 +0200

    tlsfuzzer: updated to latest upstream and enabled new tests
    
    Resolves: #591
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 12 17:08:15 2018 +0200

    handshake: send missing extension alert
    
    When a key share extension is not seen under TLS1.3, send
    the missing extension alert.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 4 08:27:10 2018 +0200

    _gnutls_server_select_cert: return error when no server cert is selected
    
    When a certificate callback is used and no certificate is provided
    by it, return an error rather than trying to use it (and crashing)
    later. Note that this affects only an "illegal" code path when
    a server would have provided no certificate, something which must
    not happen on a real-world server.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 1 11:58:15 2018 +0200

    gnutls_init: added flag for automatic re-authentication
    
    This introduces the GNUTLS_AUTO_REAUTH gnutls_init() flag and makes
    re-authentication under TLS simpler to enable and use.
    
    Resolves #571
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 29 14:21:59 2018 +0200

    pkcs11 uris: the URI scheme is case insensitive
    
    Makes the comparisons of the URI scheme to use c_strcasecmp
    from gnulib. It also replaces various straw strcasecmp with
    the gnulib variant. This ensures that comparison will be
    reliable irrespective of the locale.
    
    Resolves #590
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Oct 11 21:49:11 2018 +0200

    .gitlab-ci.yml: cross CI requires privileged systems
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Oct 9 12:46:12 2018 +0200

    Fix check for GNU C compiler in eina_cpu.c
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Oct 9 12:34:26 2018 +0200

    Fix gen-mech-list.sh on Solaris / Bourne Shell
    
    `cmd` is more compatible than $(cmd).
    
    The shell is "sh (Schily Bourne Shell) version 2013/01/14 a+ (i386-pc-solaris2.9)"
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Oct 5 19:41:15 2018 +0200

    Let bootstrap check for gperf and autopoint
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Oct 8 11:25:23 2018 +0200

    Skip tests/tls13/prf.c if visibility 'protected' doesn't work
    
    Overriding gnutls_rnd() with visibility 'protected' doesn't always work.
    E.g. LDFLAGS="-Wl,-Bsymbolic-functions" seems to have priority on
    Debian derived systems.
    
    Fixes #584
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 6 16:43:33 2018 +0200

    tests: added unit test for gnutls_session_set_id
    
    This adds a unit and a negative test which ensures that
    a client will not be tricked in performing resumption when
    this function is used.
    
    Resolves #585
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 4 08:29:41 2018 +0200

    doc: fix use of gnutls_ext_raw_parse callback [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 30 22:05:59 2018 +0200

    gnutls_priority_set: do not override version on handshake
    
    When handshake is in progress, do not override the default TLS
    version in the session. This allows gnutls_priority_set to be called
    in the post_client_hello function without breaking the handshake.
    
    Resolves #580
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 2 11:57:31 2018 +0200

    encrypt_packet_tls13: added explicit check on iv_size bounds
    
    Although there are no ciphers defined for TLS1.3 which would overflow
    the assumed bound, an explicit check is necessary to avoid that code
    be a liability in future updates.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 1 09:18:46 2018 +0200

    privkey_pkcs8: added reference for validation parameters OID [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 1 08:31:16 2018 +0200

    NEWS: corrected typo [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Sep 27 21:11:21 2018 +0200

    Use ASCII version of strcasecmp() in library code
    
    strcasecmp() has side effects in some locales.
    What we really need is c_strcasecmp() from Gnulib for comparing
    ASCII strings.
    
    Fixes #570
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Sep 27 11:02:33 2018 +0300

    .gitlab-ci.yml: reenable SSLv2 hello support for SSL-3.0.Fedora.x86_64
    
    Reenable SSLv2 hello support to let several SSL-3.0 tls-fuzzer tests
    pass.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Sep 27 01:05:09 2018 +0300

    tlsfuzzer: disable SSL3.0 in export-ciphers-rejected test
    
    These tests will fail with SSL3.0-enabled gnutls-serv unless --ssl3
    option was passed. We will run these tests anyway from
    gnutls-nocert-ssl3.json, so disable them here.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Sep 27 00:42:21 2018 +0300

    tlsfuzzer: support running from separate build dir
    
    Adapt tls-fuzzer-common.sh script to be able to run tests in case
    srcdir != builddir.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Sep 25 17:00:14 2018 +0300

    .gitlab-ci.yml: reenable full test suite in SSL-3.0/SHA-1 case
    
    Reenable full test suite run in SSL-3.0/SHA-1 CI test case to let us
    catch issues in legacy code.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Sep 24 16:07:19 2018 +0300

    tlsfuzzer: add missing script
    
    Makefile.am refers tls-fuzzer-nocert-ssl3.sh script, which is missing
    in the source tree. Add it back.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Sep 27 00:35:20 2018 +0300

    tlsfuzzer: move common code to separate file
    
    Move common code to tls-fuzzer-common.sh to ease further adjustments.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Sep 26 23:34:16 2018 +0300

    tlsfuzzer: use random port for tls-fuzzer-nocert test
    
    Like the rest of tls-fuzzer tests, pass "-p PORT" to subtests, allowing
    usage of random port for server.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Sep 26 23:34:16 2018 +0300

    tlsfuzzer: use random port for tls-fuzzer-cert test
    
    Like the rest of tls-fuzzer tests, pass "-p PORT" to subtests, allowing
    usage of random port for server.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Sep 26 12:54:37 2018 +0200

    Make tlsproxy/buffer.c compilable by gcc 4.4.7
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 26 09:38:04 2018 +0200

    _gnutls_check_key_purpose: eliminated dead code
    
    Resolves #573
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 25 13:52:25 2018 +0200

    manpages: do not generate any manpages for openpgp.h
    
    This API is no longer functional and is only available as stubs
    for backwards binary compatibility.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 25 13:06:57 2018 +0200

    manpage generation: cleanup
    
    Recognize parameters of the form unsigned char name[8], and
    do not print obscure warnings. Furthermore gdoc will fail
    when a function parameter is not described or when no
    function is found. This addresses the generation of undetected
    errors in generated manpages.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 25 12:07:10 2018 +0200

    doc: fixed missing function and enumeration parameters
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 25 14:12:26 2018 +0200

    tests: removed unused file
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 25 18:10:12 2018 +0200

    mech-list.h: generate unique entries
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 24 17:33:03 2018 +0200

    released 3.6.4
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 21 16:31:58 2018 +0200

    tests: pkcs12-utf8 depend on bash
    
    The NetBSD default shell cannot handle the UTF-8 strings we use
    in that script.
    
    Resolves #544
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 21 16:20:36 2018 +0200

    bumped versions and updated NEWS file
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 21 16:18:23 2018 +0200

    Enable the TLS1.3 protocol by default
    
    As the protocol has been finalized, and the implementation is
    stable and interoperable, there is no need to enable it conditionally.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 18 08:36:18 2018 +0200

    gnutls-cli: enable CRL validation on startup
    
    This also makes the failure in adding CRLs or CAs, a fatal error.
    
    Resolves #564
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 20 16:44:51 2018 +0200

    Provide a more flexible PKCS#11 search of trust store certificates
    
    This addresses the problem where the CA certificate doesn't
    have a subject key identifier whereas the end certificates
    have an authority key identifier.
    
    Resolves #569
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 18 08:35:32 2018 +0200

    trust list: added flag to force failure on CRL validation error
    
    This allows an application to be notified of the addition of invalid
    CRLs in the trust list.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Sep 18 11:50:43 2018 +0200

    Remove auto-generated src/mech-list.h from repo
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Sep 18 15:35:20 2018 +0200

    Fix issue introduced in 20886264fe
    
    This makes _gnutls_resolve_priorities() return a string that is always
    allocated with the gnutls memory functions.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 19 14:15:20 2018 +0200

    session tickets: check timestamp for validity
    
    We were previously only relying on the client's view of the
    ticket lifetime for TLS1.3 tickets. This makes sure that we
    only resume tickets that the server considers valid and consolidates
    the expiration time checks to _gnutls_check_resumed_params().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 20 10:11:42 2018 +0200

    ECC export/import: updated documentation on EdDSA curves
    
    This clarifies the format that parameters in the EdDSA curves
    will be returned, and also ensures that the import/export
    functions fail on unsupported curves.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 19 15:03:32 2018 +0200

    tests: use virt-time.h in resumption tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Ander Juaristi <a@juaristi.eus>
Date:   Tue Sep 18 09:40:20 2018 +0200

    Added session ticket key rotation with TOTP
    
    This introduces session ticket key rotation on server side. The
    key set with gnutls_session_ticket_enable_server() is used as a
    master key to generate time-based keys for tickets. The rotation
    relates to the gnutls_db_set_cache_expiration() period.
    
    Resolves #184
    
    Signed-off-by: Ander Juaristi <a@juaristi.eus>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Sep 18 03:05:51 2018 +0300

    certtool: print GOST public key with MSB first
    
    OpenSSL and other libraries print MSB first, when printing GOST public
    keys. Let's return to this convention.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Sep 18 03:05:51 2018 +0300

    x509: print_pubkey: print GOST public key with MSB first
    
    OpenSSL and other libraries print MSB first, when printing GOST public
    keys. Let's return to this convention.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Sep 18 00:53:17 2018 +0300

    lib: use little endian when importing/exporting GOST keys
    
    GOST R 34.10 native format is little endian. It is better for the
    application code to use native format data to interface library, rather
    than convert buffers on their own.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Sep 18 00:51:05 2018 +0300

    mpi: add function to dprint mpi in little endianness
    
    Add little endian counterpart to _gnutls_mpi_dprint and
    _gnutls_mpi_dprint_le.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Sep 17 12:26:31 2018 +0300

    gnutls.h: correct GOST R number references [ci skip]
    
    Fix numeric GOST R ids used in documentation, too many numbers:
     - GOST R 34.11 is digest function
     - GOST R 34.10-2001 is a digital signature over GOST R 34.11-94 digest
     - GOST R 34.10-2012 is a digital signature over GOST R 34.11-2012 digest
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Sep 17 10:12:38 2018 +0200

    Update git submodules via ./bootstrap
    
    Setting $SUBMODULE_NOFETCH to a non-empty value adds
    --no-fetch to the git command (for CI speedup).
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 17 15:14:12 2018 +0200

    tests: pkcs1-pad: run with SHA-1 enabled or disabled
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 17 12:58:38 2018 +0200

    .gitlab-ci.yml: enable run with SHA-1 enabled
    
    This adds a CI run with SHA-1 enabled, and corrects issues in the
    testsuite when that's the case.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 17 09:28:08 2018 +0200

    gnutls_x509_trust_list_add_trust_mem: fix behavior with unaccounted certs
    
    If gnutls_x509_trust_list_add_cas returns less than clist_size, the additional
    unaccounted certificates will never be freed.
    
    Relates #552
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 17 09:12:29 2018 +0200

    gnutls_x509_trust_list_add_cas: corrected return value
    
    When the flag GNUTLS_TL_USE_IN_TLS is used and add_new_ca_to_rdn_seq
    the return value did not include the last certificate added to the
    list. This corrects its return value.
    
    Relates #552
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 17 09:10:24 2018 +0200

    fixed documentation in trust list functions
    
    That clarifies and addresses issues in the documentation of
    gnutls_x509_trust_list_add_crls() and gnutls_x509_trust_list_add_cas()
    
    Relates #552
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 16 15:54:41 2018 +0200

    tests: added CRL verification tests
    
    This tests CRL verification with certtool --verify-crl on correct
    and incorrect cases.
    
    Relates #564
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 16 15:35:19 2018 +0200

    certtool: updates in documentation in messages for CRL generation
    
    This fixes the messages printed for the generation of a CRL, and
    makes the return code of the CRL verification depending on the
    verification result.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 14 16:32:05 2018 +0200

    Fix variable used in reallocation
    
    This corrects the variable name used in the sizeof argument
    for realloc. This does not alter the actual allocation size,
    but rather it fixes a logic error.
    
    Relates: #554
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 22 15:25:06 2018 +0200

    .gitignore: updated
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 22 10:08:41 2018 +0200

    dtls: recover when a NewSessionTicket message is lost
    
    When the server's NewSessionTicket gets lost while the ChangeCipherSpec
    goes through, the client did not request retransmission by retransmitting
    his last flight, and the handshake was blocked. This commit addresses
    the issue and adds a reproducer.
    
    Resolves #543
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Aug 27 17:44:35 2018 +0200

    tlsfuzzer: remove duplicate tests and sort them alphabetically
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Andreas Schwab <schwab@suse.de>
Date:   Mon Sep 10 17:35:08 2018 +0200

    doc: fix reference to invocation nodes
    
    Signed-off-by: Andreas Schwab <schwab@suse.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 20 15:17:04 2018 +0200

    priority: be backwards compatible with priority strings starting with NONE
    
    That is, we allow priority strings which do not enable any groups to
    work, by disabling TLS1.3. For example
    'NONE:+VERS-TLS-ALL:+MAC-ALL:+RSA:+AES-128-GCM:+SIGN-ALL:+COMP-NULL'
    is still operational, but no TLS1.3 is enabled when specified.
    
    Resolves: #549
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Aug 24 16:34:14 2018 +0200

    Use gnutls_strdup() instead of strdup() in library code
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Aug 24 16:27:36 2018 +0200

    Remove gnulib work-around '#undef strdup'
    
    The 'issue' should be fixed already. Even if not, it has to
    addressed in gnulib.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Aug 21 15:02:56 2018 +0200

    ext/pre_shared_key: use consistent name for regitration entry
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Aug 21 14:54:41 2018 +0200

    ext/pre_shared_key: make ticket age calculation consistent
    
    Previously we used a pattern like this:
    
      uint32_t obfuscated_ticket_age, ticket_age_add;
      time_t ticket_age;
    
      ticket_age = obfuscated_ticket_age - ticket_age_add;
      if (ticket_age < 0) {
            ...
      }
    
    This always evaluates to false, because subtraction between unsigned
    integers yields an unsigned integer.  Let's do the comparison before
    subtraction and also use correct types for representing time: uint32_t
    for protocol time and time_t for system time.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Aug 17 15:45:20 2018 +0200

    tls13/psk_ext_parser: simplify the iterator interface
    
    Previously it was unclear whether psk_ext_parser_st is stateful or
    not.  This change introduces the simpler API to iterate over the
    immutable data (psk_ext_parser_st), following the iterator pattern.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 21 16:18:11 2018 +0200

    gnutls-cli-debug: mention RFC8446 for TLS1.3 and RFC8422 for X25519
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Aug 21 13:10:48 2018 +0200

    Remove --no-git from ./bootstrap [ci skip]
    
    This removes the --no-git option as bootstrap itself does not use
    the remote repository for cloning. At least as long $GNULIB_SRCDIR
    points to a recent enough local gnulib git repo.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 17 14:02:34 2018 +0200

    handshake: do not negotiate TLS1.3 using the legacy version field
    
    Previously we could end-up with a TLS1.3 connection if the TLS1.3
    ID was seen on the wire. We now explicitly fallback to TLS1.2
    when we see a protocol with TLS1.3 semantics in an SSL2.0 or
    in the legacy version of the client hello.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 17 12:57:25 2018 +0200

    handshake: simplified protocol version checking functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 17 10:50:15 2018 +0200

    tlsfuzzer: modify to use the final code points
    
    Relates #542
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 13 20:55:50 2018 +0200

    fuzz: updated traces for final TLS1.3 version
    
    Resolves #359
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 13 20:46:21 2018 +0200

    protocols: bumped TLS1.3 version number to RFC8446 value
    
    This adds support of the final RFC numbers.
    
    Resolves #542
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Wed Aug 15 18:29:32 2018 +0200

    Implemented RFC7250 certificate type negotiation extensions.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Aug 10 14:06:16 2018 +0200

    ext/record_size_limit: new extension
    
    This implements the record_size_limit extension as defined in RFC 8449.
    
    Although it obsoletes the max_record_size extension, for compatibility
    reasons GnuTLS still sends it on certain occasions.  For example, when
    the new size is representable as the codepoint defined for
    max_record_size.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Aug 14 16:46:12 2018 +0200

    ext/max_record: remove use of extension private data
    
    As the extension data is always stored in
    session->security_parameters.max_record_send_size, it shouldn't be
    necessary to track it with the private data.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 17 14:43:30 2018 +0200

    gnutls_session_resumption_requested: fixed behavior under TLS1.3
    
    This makes gnutls_session_resumption_requested() functional under
    TLS1.3 and introduces a unit test of the function.
    
    Resolves #546
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 19 18:59:02 2018 +0200

    .gitlab-ci.yml: use --no-git to bootstrap
    
    That is, to reduce CI time, and avoid failures due to
    non-availability of the gnulib git repo.
    
    Resolves #547
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 17 14:48:56 2018 +0200

    hello_ext: removed bogus comment
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 17 16:08:37 2018 +0200

    .gitmodules: gnulib submodule is now synced from libidn's mirror
    
    This mirror is updated hourly and is hosted on gitlab, meaning
    less dependency on external sites downtime.
    
    Resolves: #547
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Wed Aug 15 14:20:43 2018 +0200

    Fix two typos (overriden/guarranteed)
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 13 21:47:53 2018 +0200

    doc: document the non-portability of NONE priority string
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 13 20:22:48 2018 +0200

    tools: check output of called functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 13 20:19:55 2018 +0200

    write_oid_and_params: moved nullity check of params earlier
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 9 16:13:50 2018 +0200

    gnutls_session_set_premaster: corrected error checks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 9 16:12:36 2018 +0200

    pubkey_verify_hashed_data: apply algorithm checks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 9 16:09:21 2018 +0200

    privkey_sign_raw_data: use assert to mark code which always succeeds
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 9 16:05:47 2018 +0200

    _gnutls_send_change_cipher_spec: removed unnecessary test
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 13 21:04:56 2018 +0200

    .travis.yml: do not run brew upgrade
    
    This addresses issue with travis compilation on MacOSX.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 7 16:27:19 2018 +0200

    gnutls_memset: use explicit_bzero
    
    That is, use the glibc function when available and the second
    parameter is zero.
    
    Resolves #230
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Aug 7 09:52:55 2018 +0200

    use a consistent method to mark fall-through in switch cases
    
    Also document that method in contribution guide.
    
    Resolves #306
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Aug 7 14:45:07 2018 +0200

    ext/pre_shared_key: prevent crash if no server credentials are set
    
    Previously, if server is configured without PSK credentials and the
    client authenticated with PSK, the server crashed with:
    
    Program received signal SIGSEGV, Segmentation fault.
    0x00007ffff7b190ba in server_recv_params (session=0x636fc0, data=0x634e6e "",
        len=46, pskcred=0x0) at pre_shared_key.c:523
    523                             prf = pskcred->binder_algo;
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Aug 7 13:21:16 2018 +0200

    tlsfuzzer: update to the latest version
    
    Also enable test-tls13-ffdhe-sanity.py,
    test-tls13-session-resumption.py, and
    test-tls13-unrecognised-groups.py.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Aug 7 12:32:56 2018 +0200

    alert: map GNUTLS_E_NO_COMMON_KEY_SHARE to handshake_failure
    
    Previously, when server received a ClientHello that does include only
    groups from unassigned ranges in supported_groups, it aborted the
    connection with an illegal_parameter.
    
    Resolves #537
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Aug 7 11:43:32 2018 +0200

    algorithms: add support for FFDHE6144
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Aug 3 22:26:47 2018 +0200

    Corrected the importing of ECDSA public keys
    
    This seems to be a regression since EdDSA support. The call to
    _gnutls_x509_get_pk_algorithm() in public key import was unnecessary
    and in fact it was overriding the available curve with a curve associated
    with the OID. As the ECDSA OID doesn't include the curve, that had the
    result of deleting the already read curve.
    
    Resolves #538
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 3 14:13:14 2018 +0200

    Ensure we are sending the right protocol version on second client hello
    
    That is, when we respond to a Hello Retry Request as client, we put
    the TLS1.2 version on the second client hello to send a hello that is
    as close as possible to the original hello. That effectively separates
    the handling of TLS1.2 rehandshake and TLS1.3 hello retry request
    when sending a client hello.
    
    Resolves #535
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Aug 7 07:30:55 2018 +0200

    doc: improved text on certifications
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Aug 7 07:13:35 2018 +0200

    doc: few improvements over certificate validation text
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 30 21:50:35 2018 +0200

    gnutls-serv: re-introduce the session identifier message
    
    The message "If your browser supports session resuming, then you should
    see the same session ID, when you press the reload button", is now printed
    again even under TLS1.3.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 30 16:48:26 2018 +0200

    resume: keep persistent session identifiers
    
    With the introduction of session ticket support (TLS1.2) and
    TLS1.3, session identifiers have no persistency on server or
    client side. Improve the situation by introducing persistent
    session identifiers on server side in a backwards compatible
    way.
    
    Resolves #484
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Jul 19 15:57:59 2018 +0200

    .gitlab-ci.yml: include fuzz/*.log in artifacts
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jul 18 15:56:17 2018 +0200

    tests: tls-fuzzer: enable tests relying on header fragmentation
    
    Those tests were previously disabled because splitting of handshake
    messages in a very short (< 4 bytes) fragments is not implemented.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Aug 2 15:44:15 2018 +0200

    record: send unexpected_message upon empty unencrypted records
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jul 27 06:30:41 2018 +0200

    buffers: handle very short fragmentation of handshake messages
    
    If the received record doesn't even complete the handshake
    header (i.e., the record size < 4), keep it in a temporary buffer and
    let the caller receive more records.  Once enough amount of data is
    received, move the already received records back to record_buffer and
    proceed to the normal processing.
    
    Fixes: #272
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jul 27 06:23:12 2018 +0200

    mbuffers: introduce _mbuffer_head_push_first
    
    This is similar to _mbuffer_enqueue, but adds an element to the
    beginning of the buffer.
    
    This is to make the incomplete header handling case easier.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jul 27 06:10:37 2018 +0200

    _gnutls_parse_record_buffered_msgs: eliminate local variable usage
    
    If `remain > 0` is true, `recv_buf[0].length > 0` always holds.
    Combine those conditions and remove the `remain` utilizing MIN().
    
    This is to make the incomplete header handling case easier.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jul 27 05:35:02 2018 +0200

    buffers: avoid confusion in fragment length calculation
    
    Previously, to calculate the fragment length, it added/subtracted one
    to the ending offset back and forth; that was not easier to read and
    couldn't handle empty payload messages in TLS.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Aug 2 16:59:27 2018 +0200

    tlsfuzzer: update to the latest version
    
    Also enable test-tls13-0rtt-garbage.py.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Jul 16 11:30:05 2018 +0200

    TLS 1.3: ignore "early_data" extension
    
    As 0-RTT is still not implemented in GnuTLS, the server responds with
    1-RTT, by skipping decryption failure up to max_early_data_size, as
    suggested in 4.2.10 Early Data Detection.
    
    Resolves #512
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Aug 3 21:45:14 2018 +0200

    p11tool: print expiration time on certificates
    
    This is particularly useful when displaying information about a
    certificate trust store.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 19 15:52:26 2018 +0200

    tls1.3: server returns early on handshake when no cert is provided by client
    
    Under TLS1.3 the server knows the negotiated keys early, if no client
    certificate is sent. In that case, the server is not only able to
    transmit the session ticket immediately after its finished message,
    but is also able to transmit data, similarly to false start.
    
    Resolves #481
    Resolves #457
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 23 15:01:49 2018 +0200

    gnutls-serv: don't close connection properly when handshake is not yet complete
    
    In the case handshake is not yet complete and we need
    to terminate, it is because of an issue. As such prefer an
    unclear termination at this stage. This addresses error detection
    issues with tlsfuzzer.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 2 16:16:27 2018 +0200

    gnutls-cli: corrected input buffer null-termination
    
    This was a regression in the previous cleanup at
    f138ff85df69976badce44a5c46157cce091020f included in
    3.6.3.
    
    Resolves #534
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 31 11:37:50 2018 +0200

    certtool: added example of converting to DER in manpage
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Jul 27 23:46:50 2018 +0200

    Fix gcc-8 -Wabi warnings
    
    Fixes #531
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 27 11:58:38 2018 +0200

    ext/key_share: check the validity of server key shares
    
    That is, when generating the public key based on the server's
    key share, ensure that the algorithms match completely with
    the key shares the client initially sent. This was detected
    by the updated traces for TLS1.3 fuzzying.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 26 15:37:58 2018 +0200

    gnutls-serv: improve output under TLS1.3
    
    That is, silence fields no longer applicable under TLS1.3
    and make sure that newer functions like gnutls_session_get_desc()
    get used when describing the session.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 26 15:06:34 2018 +0200

    fuzz: updated traces for latest TLS1.3 draft
    
    Relates #359
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 26 12:40:54 2018 +0200

    tests: run tls-fuzzer PSK testsuite
    
    Resolves #508
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 26 11:27:23 2018 +0200

    tests: added unit test of handshake with large certificate
    
    This checks whether handshake message fragmentation and de-fragmentation
    is functional on server and client.
    
    Resolves #513
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 26 11:02:37 2018 +0200

    certtool: eliminated limits in certificate export size
    
    That allows printing an exporting certificates of size only bounded
    by avail memory.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 26 10:56:25 2018 +0200

    certtool: eliminate maximum limit in fields read with READ_MULTI_LINE_TOKENIZED()
    
    This allows to generate a certificate with an extension of arbitrary size.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 25 16:41:38 2018 +0200

    gnutls.h: corrected typo
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 25 14:48:47 2018 +0200

    send_client_hello: don't override version after HRR is received
    
    When a Hello Retry Request is received, do not set our (transient)
    version to TLS1.2 on the second client hello. That's because both
    peers have already negotiated TLS1.3.
    
    This addresses issue with peers which may send a changecipherspec
    message at this stage, which is now allowed when our version is
    set to be TLS1.2. Introduced test suite using openssl and resumption
    using HRR which reproduces the issue.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 25 13:08:35 2018 +0200

    hello_ext_parse: apply the test for pre-shared key ext being last on client hello
    
    We were incorrectly insisting on pre-shared key extension being last in
    both client and server hello. That was incorrect, as only in client hello
    it is required by TLS1.3 to be last.
    
    Quoting:
       The "pre_shared_key" extension MUST be the last extension in the
       ClientHello (this facilitates implementation as described below).
       Servers MUST check that it is the last extension and otherwise fail
       the handshake with an "illegal_parameter" alert.
    
    Resolves #525
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 24 20:58:10 2018 +0200

    .gitlab-ci.yml: automatically retry failed jobs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 24 16:48:32 2018 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 24 16:38:08 2018 +0200

    allow no certificates to be reported by the gnutls_certificate_retrieve_function callbacks
    
    In 9829ef9a we introduced a wrapper over the older callback functions
    which didn't handle this case.
    
    Resolves #528
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Jul 20 20:49:28 2018 +0300

    cert-cred: fix possible segfault when resetting cert retrieval function
    
    Reset get_cert_callback3 callback to NULL if provided callback is NULL.
    Otherwise after the certificate request call_legacy_cert_cb1 /
    call_legacy_cert_cb2 will try to unconditionally call legacy_cert_cb1 /
    legacy_cert_cb2 callback (set to NULL) leading to segfault.
    
    Fixes: 9829ef9a3ca06d60472599df7c74ebb9a53f1fe2
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sun Jul 22 20:31:36 2018 +0300

    kx: for uniformity print master secret size
    
    During keys setup phase debug log will contain sizes of all keys and
    secrets, except master secret. Dump MS length (48) to log for
    uniformity.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sun Jul 22 20:31:09 2018 +0300

    constate: dump full key block to log
    
    Include full key block to the debug log.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sun Jul 22 20:30:04 2018 +0300

    constate: dump MAC keys to debug log
    
    _gnutls_set_keys() can dump client/server write keys/ivs to debug log,
    but it skips MAC keys. Add MAC keys to log.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sun Jul 22 20:25:35 2018 +0300

    constate: drop unused variable in _gnutls_set_keys
    
    _gnutls_set_keys() creates rrnd as client random + server random, but
    does not use it (it was used before for export key generation, but was
    not removed when dropping support for export cipher suites).
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
    Fixes: 8bdb8d53aa5b4c5d04255b6c9b5f2dac8b23d51b

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Jul 21 13:23:42 2018 +0300

    cert auth: simplify certificate selection code
    
    Merge pubkey_is_compat_with_cs() and select_sign_algorithm() functions
    to ease extension of certificate selection code.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Jul 19 12:50:13 2018 +0200

    Remove trailing dot from hostname input
    
    Fixes #532
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 17 09:03:38 2018 +0200

    gnutls_x509_privkey_import_ecc_raw: encode parameters on import
    
    That makes the structure fully usable after import. In _encode_privkey()
    use the lower-level _gnutls_x509_export_int2() for key encoding as the
    call to higher gnutls_x509_privkey_export2() could result to an infinite
    recursion when keys are incomplete.
    
    Introduced additional tests for PKCS#8 key import and export.
    
    Resolves: #516
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Jul 19 14:19:07 2018 +0300

    certtool: use gnutls_gost_paramset_get_name
    
    gost_param_name() predates gnutls_gost_paramset_get_name() and
    gnutls_gost_paramset_t. Use current API functions instead of hand-coding
    new functions.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 19 11:24:04 2018 +0200

    gnutls-cli: do not fail if CKA_ID is too long
    
    Increased the buffer needed to read reasonable-sized CKA_IDs
    and avoid failure when the CKA_ID is too long.
    
    Resolves #520
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jul 19 07:47:40 2018 +0200

    .gitlab-ci.yml: combined abi-check and TLS1.3 check runs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jul 19 06:06:34 2018 +0200

    tests: handshake-timeout: reverted virt-time.h usage
    
    The tests nature (waiting on a socket) didn't fit well with the virt-time
    implementation. Reverted to original real-time wait and improved error
    detection in child process.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 16 14:04:01 2018 +0200

    gnutls_priority_init: fix err_pos on invalid strings
    
    When the provided string would be resolved (e.g., due to a @ priority
    being used), to a different string, then do not attempt to
    detect the right location of the error. It will not be useful to the caller.
    
    This addresses the issue of test suite failure when --with-system-priority-file
    and --with-default-priority-string are provided. It also enhances the test suite
    with these options being active.
    
    Resolves #517
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 17 21:55:33 2018 +0200

    examples: tlsproxy: use snprintf instead of strncpy
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 17 08:17:13 2018 +0200

    doc: simplified documentation on threads
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 17 13:53:02 2018 +0200

    examples: tlsproxy: eliminated warnings
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 16 09:10:21 2018 +0200

    .gitlab-ci.yml: updated win32 targets
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 16 08:27:54 2018 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 15 18:38:40 2018 +0200

    gnutls-cli: mark legacy options as deprecated
    
    This removes the --ranges and --disable-extensions options from
    the default listing of options. They are disfunctional and may
    be removed in the future.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 14 17:39:03 2018 +0200

    .travis.yml: update brew and use nettle 3.4
    
    Resolves #480
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 14 08:39:52 2018 +0200

    .gitlab-ci.yml: Werror build runs with -std=c99
    
    This ensures that the errors reported will be relevant
    for the required version of the standard.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 14 17:30:49 2018 +0200

    bumped versions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 14 08:27:26 2018 +0200

    _gnutls_resolve_priorities: avoid gnu extension for ?: construct
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 13 16:11:16 2018 +0200

    NEWS: doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 13 14:23:28 2018 +0200

    nettle/rnd-fips: updated documentation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 13 14:01:44 2018 +0200

    gnutls-cli: improve error reporting with -l --priority option
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 13 11:18:21 2018 +0200

    cipher-listings: use the sed found by configure script and make it portable
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 13 09:04:42 2018 +0200

    tests: tls-fuzzer: separated SSL3.0 from TLS1.x tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 12 16:17:02 2018 +0200

    gnutls-cli-debug: do not attempt SSL3.0 negotiation when not enabled
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 12 15:41:21 2018 +0200

    priorities: ensure that SSL3.0 enablement fails early when disabled
    
    That is, that a priority string with only SSL3.0 present is discarded as
    invalid.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 12 15:14:39 2018 +0200

    The SSL 3.0 protocol is disabled on compile time by default
    
    It can be re-enabled by specifying --enable-ssl3-support on configure script.
    This is the first step before removing support for the protocol completely.
    
    Relates #103
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 13 08:45:49 2018 +0200

    tests: gnutls-cli-debug.sh: corrected run under FIPS mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 13 07:10:11 2018 +0200

    doc: minor text updates
    
    Updated text for gnutls_session_ext_master_secret_status and for
    GNUTLS_NO_EXTENSIONS flag which is defunc.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 13 07:08:42 2018 +0200

    gnutls-cli-debug: fix EtM and extended master secret discovery
    
    In particular do not set the GNUTLS_NO_EXTENSIONS flag by default,
    and only enable block ciphers for the EtM check.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 13 06:40:08 2018 +0200

    tests: improved unit test of gnutls-cli-debug
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 12 09:20:57 2018 +0200

    gnutls-cli-debug: generalized cipher tests
    
    That is, tests now check for either the 128-bit or the 256-bit
    of the cipher consistently.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 12 09:19:13 2018 +0200

    gnutls-cli-debug: removed legacy tests no longer applicable
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 12 09:17:11 2018 +0200

    gnutls-cli-debug: detect TLS1.3 support
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jul 11 21:26:05 2018 +0200

    gnutls-cli-debug: when testing servers enable all ciphers
    
    Resolves #515
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Jul 3 11:33:21 2018 +0200

    doc: update for TLS 1.3
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 09:56:35 2018 +0200

    _gnutls13_recv_async_handshake: process multiple and split handshake messages
    
    It is permitted to concatenate multiple async handshake messages in a single
    record message as well as split large messages (NST) into multiple records.
    Modified _gnutls13_recv_async_handshake() to process them correctly, instead
    of assuming that they are formatted as one message per record.
    
    Resolves #510
    Resolves #504
    
    Relates #511
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 10:18:23 2018 +0200

    tests: check whether multiple tickets can be sent/received
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 10:11:41 2018 +0200

    gnutls_session_ticket_send: allow sending multiple tickets in one go
    
    This allows combining the tickets in a single record message when
    possible.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jul 4 07:42:44 2018 +0200

    tests: handshake-timeout: use virt_sec_sleep() to avoid long delays in test
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 16:28:28 2018 +0200

    generate_session_ticket: tickets cannot extend the original session time
    
    That is, on a resumed session the server would not issue new tickets
    that would have extended the lifetime of the originally issued ticket.
    
    Resolves #476
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 3 18:42:01 2018 +0200

    pre_shared_key: do not send extension when no identities are present
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 2 20:25:40 2018 +0200

    tests: corrected priority strings in session-tickets-ok and other cleanups
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 3 10:22:04 2018 +0200

    doc: mention session ticket behavior under TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 16:29:04 2018 +0200

    generate_session_ticket: use a 4-byte nonce by default
    
    It is not necessary to use large nonces.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 16:22:04 2018 +0200

    pre_shared_key: use time_t type for ticket_age variable
    
    This is guarranteed to allow negative values, and also be 32-bits.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 16:19:35 2018 +0200

    generate_session_ticket: fixed comment
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Jul 9 18:21:20 2018 +0300

    lib: document digest and paramset in gost key import functions
    
    Document behaviour of gnutls_pubkey_import_gost_raw,
    gnutls_privkey_import_gost_raw and gnutls_x509_privkey_import_gost_raw.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Jul 9 14:22:34 2018 +0300

    lib/x509: use new function to deduce default GOST paramset
    
    Use new _gnutls_gost_paramset_default() function to deduce default GOST
    paramset, instead of hardcoding if/else in several places.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Jul 9 14:02:14 2018 +0300

    lib: remove undefined behaviour when handling GOST paramset
    
    Initial version of GOST patchset used param < 0 to represent unknown
    value. Later special enum entry GNUTLS_GOST_PARAMSET_UNKNOWN was
    introduced. Fix several leftovers comparing params to 0 directly.
    
    Closes #505.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 9 12:40:59 2018 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 25 10:36:18 2018 +0200

    gnutls_priority_init2,gnutls_set_default_priority_append: introduced
    
    This allows enhancing the default priority with additional
    options, allowing an application to introduce stricter (or weaker)
    settings without requiring it to override all settings.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 7 19:52:04 2018 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 7 19:48:14 2018 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Jul 7 14:20:01 2018 +0200

    configure: Fix progress message for --enable-tls13-support
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 7 10:21:51 2018 +0200

    tests: tls-fuzzer-alpn: operate on random port
    
    This allows parallel run of the test with other tlsfuzzer tests.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 3 08:49:06 2018 +0200

    configure: added option --enable-tls13-support
    
    The new option enables TLS1.3 draft-28 support unconditionally.
    Updated the test suite to run when TLS1.3 is enabled by default,
    and added a CI run with TLS1.3 enabled.
    
    Resolves #424
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 3 11:45:31 2018 +0200

    _gnutls_figure_common_ciphersuite: apply rfc7919 requirements only under TLS1.2
    
    Under TLS1.3 there is no requirement to return insufficient security depending
    on the FFDHE group negotiation.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 3 09:06:27 2018 +0200

    supported_versions: do not parse in server side when TLS1.3 is disabled
    
    This allows a server to negotiate older versions using the previous TLS
    negotiation scheme.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 3 08:31:13 2018 +0200

    protocols: bumped TLS1.3 protocol to draft-28
    
    Resolves #506
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 4 10:08:06 2018 +0200

    tests: mini-record-timing: avoid warning for too large stack usage
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 11:47:34 2018 +0200

    tlsfuzzer: updated to include RSA and RSA-PSS related tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 08:32:52 2018 +0200

    sign_supports_cert_pk_algorithm: corrected check for RSAE-PSS
    
    If the signature algorithm sets the `cert_pk` field, ignore the
    `pk` field completely. Not doing that would make the RSAE signature
    algorithms with RSA-PSS certificates which is against the intended
    use of `cert_pk`.
    
    Resolves #500
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 14:12:48 2018 +0200

    tlsproxy: included but not as submodule
    
    This allows updating the example when necessary within the repository
    and reduces the amount of external dependencies for CI.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 14:12:15 2018 +0200

    tlsproxy: removed submodule
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 1 21:03:28 2018 +0200

    tests: introduced tests about crypto API failures on illegal use
    
    This ensures that any mistakes in using the crypto API are propagated
    to the higher level calls, or result to an abort().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 1 12:49:55 2018 +0200

    gnutls_aead_cipher_encryptv: eliminate signed/unsigned warnings under x86
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 1 22:00:09 2018 +0200

    accelerated: error on the cases where the nettle API would have errored
    
    This ensures that illegal uses of the API would be propagated to
    the higher levels.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 1 22:08:16 2018 +0200

    gnutls_cipher_add_auth: propagate error codes
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 1 11:27:48 2018 +0200

    certtool: properly print an int64_t value
    
    Also included the gnulib inttype module for portability.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 1 11:24:16 2018 +0200

    certtool: print information on time_t restrictions on failure
    
    This informs the user of the tool why dates after 2038 cannot
    be expressed on systems with a 32-bit time_t.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 30 16:49:53 2018 +0200

    tests: verify that certtool operates as expected with dates after 2038
    
    That is, whether it works with a time_t of 64-bit size, and fails
    with a time_t of 32-bit size.
    
    Resolves #370
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 1 12:39:28 2018 +0200

    tests: check explicitly the size of time_t
    
    Previously we were disabling the 2038 tests on 32-bit systems,
    but there can be 32-bit systems with a 64-bit time_t. Ensure
    that we run the right tests.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 30 16:48:54 2018 +0200

    tests: better guarding of variable SKIP_DATEFUDGE_CHECK
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jun 27 21:31:43 2018 +0200

    tests: ignore PIPE signal on TLS1.3-related tests
    
    This was inadvertently omitted and that could cause unexpected
    issues when one of the peers would close the connection earlier
    than expected.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 27 15:00:13 2018 +0200

    tests: check for GNUTLS_E_GOT_APPLICATION_DATA on post-handshake auth
    
    That is, check whether GNUTLS_E_GOT_APPLICATION_DATA is received as
    documented, and whether post-handshake auth can complete while this
    is being sent.
    
    Resolves #490
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 27 14:38:40 2018 +0200

    post-handshake: return GNUTLS_E_GOT_APPLICATION_DATA as documented to
    
    Relates #490
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 27 13:57:11 2018 +0200

    tests: introduced test for post-handshake auth + PSK
    
    Relates #489
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 27 14:19:02 2018 +0200

    tls13 handshake: allow certificate messages after handshake
    
    This allows post-handshake authentication even when PSK
    is negotiated.
    
    Resolves #489
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 27 13:41:13 2018 +0200

    gnutls_session_get_flags: introduced GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH
    
    This allows a server application to detect whether the client
    would support post handshake authentication or not without initiating
    via gnutls_reauth().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 2 08:10:45 2018 +0200

    gnutls-serv: make --disable-client-cert and --require-client-cert options incompatible
    
    That is refuse to run when both options are specified.
    
    Resolves #502
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jun 29 22:40:27 2018 +0200

    tests: verify whether GNUTLS_TLS_VERSION_MAX is negotiated on default mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Jun 29 10:33:18 2018 +0200

    Fixes + cleanups for .gitlab-ci.yml

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jun 27 21:46:24 2018 +0200

    p11tool: remove duplicate branch
    
    The GNUTLS_PKCS11_OBJ_ATTR_MATCH and GNUTLS_PKCS11_OBJ_ATTR_ALL
    attributes are the same, so there is no need to handle them
    separately.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Jun 26 12:50:30 2018 +0200

    Add strdup-posix gnulib module
    
    Some files in gl/tests won't build in environments without
    strdup(), e.g. MinGW on Debian. The gnulib docs advise to
    explicitly add the module.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 21 11:29:19 2018 +0200

    testcompat-tls13-openssl: fix openssl interactions
    
     * Do not require certificate validation on tests where no certificate is sent
     * Rekey test performs data transfer after re-key
    
    This introduces a dependency on the expect package for testing, and
    updates openssl to address an issue in post-handshake auth interop
    testing.
    
    Resolves #488
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 22 14:14:07 2018 +0200

    gnutls-serv: when post-handshake auth is asked; require a certificate
    
    This allows testing post-handshake authentication using gnutls-serv.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 21 15:05:40 2018 +0200

    key update: corrected generation of keys
    
    Resolves #485
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 21 08:46:04 2018 +0200

    gnutls-cli: wait for all server data prior to closing connection
    
    This cleans-up the existing code which was disfunctional and
    allows detecting errors which happen after we transmit data
    to the server.
    
    Relates #485
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 27 13:34:16 2018 +0200

    .gitignore: added new test executables
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 27 13:27:39 2018 +0200

    tests: eliminated compiler warnings
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Jun 26 16:02:45 2018 +0300

    Update .gitignore files according to bootstrap
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Jun 26 15:22:49 2018 +0300

    src: fix regenerating autogen files if builddir = srcdir
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Rolf Eike Beer <eike@sf-mail.de>
Date:   Tue Jun 26 15:18:36 2018 +0200

    convert from milliseconds to timespec without loop
    
    Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>

Author: Rolf Eike Beer <eike@sf-mail.de>
Date:   Tue Jun 26 15:02:51 2018 +0200

    use timespec_sub_ms() instead of open coding it
    
    Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>

Author: Rolf Eike Beer <eike@sf-mail.de>
Date:   Tue Jun 26 14:59:54 2018 +0200

    avoid overflow when substracting timespecs if rdtsc is not available
    
    This may still overflow on platforms where unsigned long is 32 bit (e.g. 32 bit
    Un*x, any Windows) when the delta is more than 4 seconds.
    
    Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Jun 26 11:38:58 2018 +0300

    lib/nettle/gost: support building with mini-nettle/mini-gmp
    
    Do not depend directly on gmp.h.
    
    Closes: #497
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Rolf Eike Beer <eike@sf-mail.de>
Date:   Tue Jun 26 09:39:19 2018 +0200

    avoid rounding errors and overflows when substracting timespecs
    
    The current Unix time will cause overflows if multiplied with 1000, which could
    lead to rounding errors afterwards. Do the substractions first so all numbers
    stay small enough to fit into unsigned ints.
    
    Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 25 12:30:55 2018 +0200

    wrap_nettle_pk_generate_keys: retry on provable key generation
    
    This resolves issue with occasional failures under RSA key generation
    in FIPS140-2 mode.
    
    Resolves #283
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat Jun 23 15:11:17 2018 +0200

    Let ./bootstrap sync from translationproject.org
    
    This makes manual updating of the translations obsolete.
    From now on, builds and tarballs will always have the latest translations
    included.
    
    We should not forget to inform translationproject.org to update the
    translations before a release. How to do that is described at
    https://translationproject.org/html/maintainers.html (6. Announcing).

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 26 02:38:51 2018 +0200

    gnutls_session_get_desc: fixed desc printing of custom groups
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 25 10:06:25 2018 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 24 21:46:15 2018 +0200

    aarch64: use getauxval() if available to discover cpu caps
    
    This improves CPU detection by avoiding the parsing of
    of a human-readable file and allows operation under debian
    multilib qemu setup.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 24 21:50:15 2018 +0200

    .gitlab-ci.yml: no need for submodule update on cross-builds
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 18 13:14:03 2018 +0200

    .gitlab-ci.yml: use qemu for aarch64 testing
    
    This eliminates the need (and costs) to maintain a separate baremetal
    system.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 24 08:27:00 2018 +0200

    .gitlab-ci.yml: corrected typo
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 24 08:06:55 2018 +0200

    .gitlab-ci.yml: skip submodule initialization when not necessary
    
    This prevents unnecessary download of submodules on CI.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 24 06:51:14 2018 +0200

    .gitlab-ci.yml: updated x86 CI builds with better datefudge detection
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 24 06:58:37 2018 +0200

    .gitlab-ci.yml: debian stretch build replaced by buster
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 23 19:38:26 2018 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 23 19:35:13 2018 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Jun 15 13:38:44 2018 +0300

    tests: add PKCS#12 test script for GOST 28147-89-encrypted files
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Jun 15 13:06:41 2018 +0300

    certtool: honour --hash option when generating PKCS#12 files
    
    Use algorithm specified with --hash option when generating MAC for
    PKCS#12 file, allowing user to select algorithms other than SHA-1.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sun Sep 24 10:31:39 2017 +0300

    tests: expand pkcs7 test to also check GOST files
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Sep 23 22:51:19 2017 +0300

    test: test GOST keys import/export
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Sep 23 21:40:34 2017 +0300

    certtool: ask if certificate will be used for data encryption
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Sep 23 21:37:18 2017 +0300

    tests: add common gost certificates for tests
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Dec 6 03:57:24 2016 +0300

    Support key matching with GOST keys
    
    GOST keys do not support signing non-GOST hashes, so use correct digest
    algorithm when verifying that GOST public and private keys match.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Nov 26 04:51:41 2016 +0300

    Add generated GOST credentials for tests
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Nov 21 20:58:00 2016 +0300

    Use GOST R 34.11-94 when generating key for PKCS data to be encrypted with GOST 28147-89
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Nov 21 20:52:43 2016 +0300

    certtool: support generating GOST-encrypted PKCS#8/12 files
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Nov 18 00:23:54 2016 +0300

    Add gost certificates to chainverify tests
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Nov 17 10:47:16 2016 +0300

    Expand x509 sign/verify test with GOST algorithms
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Nov 17 10:22:11 2016 +0300

    oids: expand to include GOST digests/signatures
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Aug 29 17:44:10 2017 +0300

    tests: privkey-keygen: adapt to support GOST algorithms
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Oct 24 20:56:46 2016 +0300

    Support GOST private keys generation
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 18:01:20 2016 +0300

    certtool: support dumping GOST private key information
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 17:38:57 2016 +0300

    Add several DN entry definitions used by qualified GOST signatures
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Aug 28 14:34:33 2017 +0300

    certool: export GOST privkeys only in PKCS#8 format
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 9 14:19:58 2016 +0300

    Add support for PKCS12 files using GOST MAC
    
    Local PKCS12-based standard derives from RFC 7292 (PKCS #12) in using
    PBKDF2 to generate MAC key rather than using PKCS12 scheme.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 9 14:02:56 2016 +0300

    Add support for PBES2/PBKDF2 using GOST algorithms
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Jan 28 06:01:01 2017 +0300

    Support PKCS#12 key derivation with GOST digests
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 17:56:04 2016 +0300

    Add support for importing/exporting GOST private keys
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Sep 18 12:54:12 2017 +0300

    Support importing/exporting X.509 GOST public keys
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 04:43:35 2016 +0300

    Add ASN.1 definitions for GOST keys
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 04:07:36 2016 +0300

    nettle: add support for GOST 34.10 public keys
    
    There is no support for GOST public keys derivation, as it is used only
    for TLS or PKCS#7 with encrypted content.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 17:05:38 2016 +0300

    Add few functions to support basic operations with GOST public keys
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 04:02:30 2016 +0300

    Add declarations for GOST R 34.10 signatures
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 03:55:10 2016 +0300

    Define GOST R 34.10 curves
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 04:00:21 2016 +0300

    Add declarations to support GOST public keys
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 29 05:28:17 2016 +0300

    Add support for I/O of little-endian MPI
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Nov 29 05:30:10 2016 +0300

    nettle: add support for unsigned LE MPIs
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 04:05:41 2016 +0300

    nettle: add support for GOST 34.11 hash functions
    
    Add support for GOST R 34.11-94 and Streebog (256/512) functions.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 04:05:07 2016 +0300

    nettle: support GOST28147-89 in CFB mode
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Oct 27 03:18:32 2016 +0300

    Add declarations for GOST 28147-89 cipher in CFB mode
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 03:57:17 2016 +0300

    Add declarations for GOST R 34.11 (-94 and -2012) digest algorithms
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Aug 29 15:12:53 2017 +0300

    Import GOST-supporting part from Nettle pending patches
    
    Nettle upstream takes significant time to accept GOST-related patches.
    As per Nikos' suggestion, push relevant parts to GnuTLS, so that they
    can be tested in wild at the same time supporting GOST ciphersuite code.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sun Sep 17 20:57:52 2017 +0300

    .gitlab-ci.yml: disable gost in minimal build
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Oct 26 22:34:17 2016 +0300

    Add configure argument to disable GOST support
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 12 10:16:10 2018 +0200

    _gnutls_parse_hello_extensions: enforce that pre-shared-key extension is last
    
    This is a requirement in draft-ietf-tls-tls13-28 4.2.11 section:
       The "pre_shared_key" extension MUST be the last extension in the
       ClientHello (this facilitates implementation as described below).
       Servers MUST check that it is the last extension and otherwise fail
       the handshake with an "illegal_parameter" alert.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 12 10:01:22 2018 +0200

    tests: check whether we send the pre-shared key extension after dumbfw
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 12 09:35:16 2018 +0200

    tests: corrected typo in comment
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 8 10:48:32 2018 +0200

    extensions: corrected order of pre-shared-key and dumbfw
    
    The pre-shared-key MUST always be last under TLS1.3 while the
    dumbfw extension should be last in order to do proper evaluation
    of extension size (gnutls requirement). As such the protocol
    requirement takes precedence.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Jun 19 13:21:44 2018 +0200

    Fix test code for -Werror

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 19 14:59:33 2018 +0200

    tests: updated supplemental tests for TLS1.3
    
    This includes tests that verify that TLS1.3 is not negotiated
    when supplemental data are set in client and/or server side.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 19 16:03:52 2018 +0200

    gnutls_supplemental_register: disable TLS 1.3 globally
    
    This allows using the registered supplemental data handlers, since
    these are not used under TLS 1.3.
    
    Resolves #479
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 19 14:42:13 2018 +0200

    gnutls_session_supplemental_register: disable TLS1.3 when set
    
    This allows using the registered supplemental data handlers, since
    these are not used under TLS 1.3.
    
    Resolves #479
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Jun 19 12:02:13 2018 +0200

    Remove oss-fuzz copora from tarball
    
    The size of the corpora is huge and not needed for normal builds.
    
    This patch also fixes test run issues on Windows.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 20 13:20:27 2018 +0200

    gnutls-cli: introduce the rekey1 inline command
    
    That allows performing a rekey locally and with the
    peer.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 18 11:33:34 2018 +0200

    document new behavior on safe padding removal
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 18 11:22:36 2018 +0200

    record: fail with invalid request when attempting to send no pad and no data
    
    Previously we were returning an internal error which seems to be incorrect
    in that case.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 18 11:15:56 2018 +0200

    tests: enhance padding check
    
    This introduces tests for zero-data transfers with padding as well
    as padding and de-padding with safe padding flag set.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 18 11:03:40 2018 +0200

    gnutls-cli: added CCM run under TLS1.2 in benchmark mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 18 11:00:39 2018 +0200

    cipher: made TLS1.3 safe padding check optional
    
    This patch introduces the gnutls_init() flag GNUTLS_SAFE_PADDING_CHECK
    which makes the TLS1.3 safe padding check optional. That way applications
    which do not utilize the TLS1.3 padding do not get penalized by the performance
    drop in TLS1.3 packet processing. This addresses a regression in TLS1.3
    packet processing performance.
    
    Resolves: #466
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 19 13:16:13 2018 +0200

    gnutls_session_get_id: document restrictions
    
    This documents the fact that a TLS session ID cannot be relied
    to be unique or to even have a meaningful value.
    
    Resolves #484
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 19 13:08:27 2018 +0200

    tests: verify that resumed session ID matches original
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Jun 19 18:23:14 2018 +0300

    Makefile.am: move autogen files update to src/Makefile.am
    
    Move autogen'ed files update to src/Makefile.am to simplify code and
    support out-of-tree builds.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Jun 19 18:20:18 2018 +0300

    Makefile.am: files-update: support out-of-tree builds
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Jun 19 11:26:09 2018 +0300

    symbol-check: fix typo to make it work for out-of-tree builds
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 16 15:46:25 2018 +0200

    aarch64: update elf files to correspond to the macosx version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 10 14:08:54 2018 +0200

    macosx: include aarch64 asm files
    
    Relates #475
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 16 15:27:02 2018 +0200

    Makefile.am: abi-check: fetch fresh tags
    
    This addresses the issue of failed abi-check CI runs on
    forked repositories.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 18 15:10:32 2018 +0200

    drbg-aes: removed the continuous DRBG checks
    
    These are no longer necessary for FIPS140-2 compliance.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Jun 15 19:39:22 2018 +0200

    Fix usage of 'autoreconf'
    
    'autoreconf' created a different configure script than ./bootstrap.
    The result was a broken wchar.h that failed to compile.
    
    The work-around was 'autoreconf -I gl/m4' which is not what a developer
    expects. This patch moves gl/m4/* to m4/ which is the default include dir
    for autoreconf.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Martin Storsjo <martin@martin.st>
Date:   Thu Jun 14 12:53:42 2018 +0300

    configure: Check for clock_gettime and fmemopen using a proper test
    
    Don't use AC_CHECK_FUNCS for these functions, but actually test by
    including the real header that defines the functions. This allows
    the macOS version selection work as intended, making the references
    to these functions weak if targeting a version of macOS where these
    functions aren't available. Thanks to -no_weak_imports, these weak
    references end up in failed linker tests, marking the functions as
    unavailable.
    
    This fixes issue #142.
    
    Signed-off-by: Martin Storsjo <martin@martin.st>

Author: Martin Storsjo <martin@martin.st>
Date:   Thu Jun 14 12:52:03 2018 +0300

    configure: Include sys/random.h before checking for getentropy on macOS
    
    This function is available since macOS 10.12, but it's in
    sys/random.h on macOS, contrary to the other platforms supporting
    it where it is present in unistd.h.
    
    If we don't include the right header that declares the function
    and its availability, the configure check would succeed even if
    targeting older versions of macOS that lacks the function.
    
    Also include the same header in the source file that actually
    uses getentropy.
    
    Signed-off-by: Martin Storsjo <martin@martin.st>

Author: Martin Storsjo <martin@martin.st>
Date:   Thu Jun 14 12:36:10 2018 +0300

    configure: Pass -no_weak_imports to the linker, if supported
    
    This avoids linking to functions that aren't available in the
    lowest targeted macOS version.
    
    If the proper header declaring a function is included, and
    gnutls is built with -mmacosx-version-min or the
    MACOSX_DEPLOYMENT_TARGET environment variable is set, each
    reference to a function that doesn't exist in the minimum
    targeted version will be made a weak reference, so that loading
    the binary still works, but the function pointer will resolve
    to NULL if running on a version of the platform that lacks it.
    
    Since this project doesn't do such runtime checks for functions
    it expects to have available, we should instead add this linker
    option to fail on the weak references. This allows autoconf to
    work as intended, detecting that these functions aren't usable.
    
    This flag appeared in Xcode 8, so check for its availability
    before using it. (Xcode 8 and the 10.12 SDK is coincidentally
    the release where most relevant new functions appeared, so with
    older Xcode versions, the modern platform functions we might want
    to avoid don't exist.)
    
    See issue #142.
    
    Signed-off-by: Martin Storsjo <martin@martin.st>

Author: Martin Storsjo <martin@martin.st>
Date:   Thu Jun 14 13:47:41 2018 +0300

    configure: Remove a duplicate check for fmemopen
    
    The duplicate was added in 5bb8a18b without any specific reasoning
    as to why.
    
    Signed-off-by: Martin Storsjo <martin@martin.st>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jun 13 17:50:20 2018 +0200

    tlsfuzzer: update to the latest version
    
    Also enable test-tls13-hrr.py.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jun 13 17:47:50 2018 +0200

    _gnutls13_handshake_server: send CCS immediately after HRR
    
    In the TLS 1.3 middlebox compatibility mode, CCS follows the first
    handshake message sent from the server, that is either SH or HRR.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 14 13:43:30 2018 +0200

    _gnutls13_handshake_server: corrected transition when post_handshake callback is set
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jun 13 17:43:32 2018 +0200

    _gnutls_send_change_cipher_spec: don't cache under TLS 1.3
    
    Under TLS 1.3, when the server sent HRR, CCS may be followed by
    receiving ClientHello.  In that case, the messsage shouldn't be
    cached.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 10 11:42:10 2018 +0200

    abi-check skip session::set_transport_vec_push_function
    
    This prevents an abi-compliance checker error when run under
    gcc8 (though this error is not there under any other gcc).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 27 15:13:47 2018 +0200

    corrected check for iovec types in libc
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 2 22:23:29 2018 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 2 22:15:58 2018 +0200

    gnutls-cli: benchmark for TLS1.3 and TLS1.2
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 2 21:37:00 2018 +0200

    cipher: use gnutls_aead_cipher_encryptv
    
    This eliminates the need of a memory allocation during each
    packet encryption when no padding is done.
    
    Relates #458
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 2 21:25:10 2018 +0200

    gnutls_aead_cipher_encryptv: introduced
    
    This API allows encryption using a scatter input, by also
    taking advantage of ciphers which are optimized for such input.
    That is particularly useful under TLS1.3 since its encryption is
    based on encryption of scattered data (data+pad).
    
    Resolves #458
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 2 21:23:41 2018 +0200

    MAX_CIPHER_BLOCK_SIZE: increased to 64-bytes for CHACHA20
    
    This was not necessary since that value was only used by block
    (in TLS sense) ciphers, but that definition could also be used
    for the CHACHA20.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 14 14:51:23 2018 +0200

    configure: reduce warnings about implicit-fallthrough [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 14 13:22:03 2018 +0200

    gnutls_alert_send_appropriate: fix type
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 14 13:18:54 2018 +0200

    README-ci.freebsd.md: updated for new build method with gnulib [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Jun 6 09:45:32 2018 +0200

    Use $(MAKE) instead of make
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Jun 5 17:06:05 2018 +0200

    distclean temp. test files for 'make distcheck'
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Jun 5 10:58:10 2018 +0200

    Add DISTCLEANFILES to src/Makefile.am to fix 'make distcheck'
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Jun 4 16:15:07 2018 +0200

    Fix creation of ChangeLog for 'make distcheck'
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Jun 4 11:56:57 2018 +0200

    Fix 'compare-makefile' make target for 'make distcheck'
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Jun 4 11:33:18 2018 +0200

    Fix 'compare-exported' make target for 'make distcheck'
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu May 31 13:20:51 2018 +0200

    Fix distcheck issues
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon May 21 16:25:20 2018 +0200

    Fix gcc 8 warnings
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat May 19 13:24:58 2018 +0200

    Fix CI testing -Werror
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat May 19 10:19:32 2018 +0200

    Skip sc_prohibit_always_true_header_tests
    
    We can't simply remove the checks for HAVE_SYS_SOCKET_H.
    If we do, we have to make checks on real WIN32, which
    is currently not an option.
    So we skip sc_prohibit_always_true_header_tests.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat May 19 09:37:24 2018 +0200

    Fix sc_prohibit_always-defined_macros
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri May 18 23:23:26 2018 +0200

    Avoid certain gnulib tests
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri May 18 23:10:16 2018 +0200

    Update GTK-DOC check in configure.ac
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Jun 6 09:19:45 2018 +0200

    Use ./bootstrap in .gitlab-ci.yml
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri May 18 20:31:31 2018 +0200

    Add bootstrap + bootstrap.conf
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri May 18 20:06:16 2018 +0200

    Add gnulib submodule
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Jun 13 12:12:18 2018 +0300

    nettle: require Nettle library >= 3.4
    
    Nettle version 3.4 was released more than a half year ago, require it to
    compile GnuTLS library. It allows us to remove bundled code that was
    merged into that release.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Jun 12 13:01:17 2018 +0200

    .gitlab-ci.yml: fix artifact paths for TLS1.3/interop
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 12 09:12:07 2018 +0200

    tlsfuzzer-tls13: use a random port for testing
    
    That eliminates the need for locking and allows parallel runs.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jun 8 13:13:27 2018 +0200

    tlsfuzzer: update to the latest version
    
    Also enable the TLS 1.3 tests.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Jun 11 12:08:18 2018 +0200

    buffers: remove redundant assignment
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Jun 11 10:51:16 2018 +0200

    record: use correct alert type upon receiving empty Alert
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jun 8 15:55:06 2018 +0200

    record: improve empty message handling in TLS 1.3
    
    Previously, _gnutls_recv_in_buffers() silently discarded empty
    messages because such messages are used as a countermeasure to
    vulnerabilities in the CBC mode.  In TLS 1.3, however, there are only
    AEAD ciphers and such logic is meaningless.  Moreover, in the protocol
    it is suggested to send "unexpected_message" alert when receiving
    empty messages in certain occasions.  This change moves the empty
    message handling to record_add_to_buffers().
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jun 8 12:51:40 2018 +0200

    record: fix padding removal when the payload is zero-length
    
    Previoysly if TLSInnerPlaintext.content is zero-length, the loop
    couldn't detect ContentType following the content.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 5 10:37:58 2018 +0200

    priorities: introduced %FORCE_ETM
    
    This introduces a priority string option to force encrypt-then-mac
    during negotiation, to prevent negotiating the legacy CBC ciphersuites.
    
    Resolves #472
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jun 6 09:25:20 2018 +0200

    priorities: hmac-sha256 ciphersuites were removed from defaults
    
    These ciphersuites are deprecated since the introduction of AEAD
    ciphersuites, and are only necessary for compatibility with older
    servers. Since older servers already support hmac-sha1 there is
    no reason to keep these ciphersuites enabled by default, as they
    increase our attack surface.
    
    Relates #456
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 7 09:56:49 2018 +0200

    cbc_mac_verify: require minimum padding under SSL3.0
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 7 09:54:50 2018 +0200

    cipher: separated CBC w/o EtM handling
    
    This would allow to further modify for more invasive work-arounds.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 4 17:57:52 2018 +0200

    dummy_wait: always hash the same amount of blocks that would have been on minimum pad
    
    This improves protection against lucky13-type of attacks when
    encrypt-then-mac is not in use.
    
    Resolves #456
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 21 09:04:55 2018 +0200

    cbc-record-check.sh: introduced
    
    That enhances the existing CBC check and adds sha384, uses PSK
    to reduce handshake time, and other updates.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 18 15:43:36 2018 +0200

    dummy_wait: correctly account the length field in SHA384 HMAC
    
    The existing lucky13 attack count-measures did not work correctly for
    SHA384 HMAC.
    
    The overall impact of that should not be significant as SHA384 is prioritized
    lower than SHA256 or SHA1 and thus it is not typically negotiated, unless a
    client prioritizes a SHA384 MAC, or a server only supports SHA384, and in both
    cases the vulnerability is only present if Encrypt-then-MAC (RFC7366) is unsupported
    by the peer.
    
    Resolves #455
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Jun 7 12:11:30 2018 +0200

    Fix warnings seen on OpenCSW Solaris 10
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 8 08:56:23 2018 +0200

    gnutls_session_get_data2: harmonize documentation with practice
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Jun 6 12:45:13 2018 +0200

    Fix variable overflow in TLS1.3 session ticket code

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jun 1 15:04:49 2018 +0200

    tls13/session_ticket: don't send ticket when no common KE modes
    
    When the server had received psk_key_exchange_modes extension which
    doesn't have any overlap with the server configuration, omit to send
    NewSessionTicket.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Jun 5 14:08:26 2018 +0200

    ext/psk_ke_modes: always send extension unless disabled in config
    
    With the psk_key_exchange_modes extension, clients can restrict the
    key exchange modes for use with resumption and in that case the server
    shouldn't send NewSessionTicket.  This patch makes use of it to avoid
    receiving useless tickets, by sending the psk_key_exchange_modes
    extension unless PSK is completely disabled.
    
    A couple of tests need to be adjusted: tls13/prf to take into account
    of the psk_key_exchange_modes extension sent, and tls13/no-psk-exts to
    not treat the presence of the extension as error.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed May 23 22:26:20 2018 +0200

    Add --enable-doc to DISTCHECK_CONFIGURE_FLAGS
    
    Make sure that 'make distcheck' works even if
    './configure --disable-doc' has been used in the project dir.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed May 23 22:24:05 2018 +0200

    Fix tests 'ocsp-must-staple-connection' and 'ocsp-tls-connection'
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed May 23 22:22:27 2018 +0200

    Fix tests/cert-tests/template-test for 'make distcheck'
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jun 1 09:54:41 2018 +0200

    ext/pre_shared_key: make PSK identity parsing robuster
    
    Previously, to determine whether a PSK identity is a ticket or a PSK
    username, it relied on PskIdentity.obfuscated_ticket_age, which
    "SHOULD" be 0 if the identity is a PSK username.
    
    This patch instead checks the key name of the ticket first and then
    check the constraints of the PSK username.  That way, it can
    distinguish tickets and PSK usernames in a more realible manner.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Jun 1 10:01:08 2018 +0200

    _gnutls_decrypt_session_ticket: fail early on key name mismatch
    
    If the key name of the ticket doesn't match, we don't need to parse
    the entire ticket.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Tue May 29 15:53:45 2018 +0200

    Renamed extension supported ECC to supported groups. Fixes #451.
    Split combined ECC extensions into different files.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu May 24 12:45:32 2018 +0200

    Fix more warnings in tests/
    
    To not introduce larger code changes, these bugs are mostly
    fixed by #pragma understood by gcc and clang.
    A check for the minimal gcc/clang version prevents warnings about
    unknown pragmas with other or older compilers.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu May 24 09:49:34 2018 +0200

    Fix warnings in test suite
    
    Fixes:
    tls-ext-register.c:238:11: warning: unused variable 'i' [-Wunused-variable]
    record-retvals.c:118:14: warning: unused variable 'vers' [-Wunused-variable]
    record-retvals.c:347:1: warning: label 'next' defined but not used [-Wunused-label]
    alerts.c:71:14: warning: unused variable 'vers' [-Wunused-variable]
    alerts.c:71:11: warning: unused variable 'i' [-Wunused-variable]
    alerts.c:160:11: warning: unused variable 'i' [-Wunused-variable]
    send-client-cert.c:176:6: warning: no previous prototype for 'start' [-Wmissing-prototypes]
    tls-session-supplemental.c:186:6: warning: unused variable 'optval' [-Wunused-variable]
    tls-session-supplemental.c:184:7: warning: unused variable 'topbuf' [-Wunused-variable]
    tls-session-supplemental.c:183:6: warning: unused variable 'err' [-Wunused-variable]
    x509self.c:211:6: warning: unused variable 'optval' [-Wunused-variable]
    x509self.c:208:7: warning: unused variable 'topbuf' [-Wunused-variable]
    x509self.c:207:6: warning: unused variable 'err' [-Wunused-variable]
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 22 09:14:45 2018 +0200

    tests: resume: check whether PSK username matches on resumption
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 22 09:04:32 2018 +0200

    resumption: reduce session parameters stored under TLS1.3
    
    That is, do not store extensions or security parameters which
    depend on extension negotiation.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 15 16:35:32 2018 +0200

    session_ticket: use random nonces
    
    Avoid using any time values in plain as this could allow association
    of clients.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 15 16:03:23 2018 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 15 14:14:55 2018 +0200

    doc: mention changes under TLS 1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 15 11:22:24 2018 +0200

    tests: added main use-case test for gnutls_session_ticket_send()
    
    It verifies whether a server can use gnutls_session_ticket_send()
    to send a ticket after re-authentication, and whether a client
    can receive that ticket and re-authenticate with it, while
    its certificate is made available to server.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 15 11:21:55 2018 +0200

    handshake: do not include async messages into transcript
    
    This prevents the session tickets to affect re-authentication
    or other operations that require the transcript.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 15 10:27:00 2018 +0200

    gnutls_session_ticket_send: new function
    
    Introduced in order for a server to be able to send an arbitrary
    amount of tickets, at any time.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 15 10:10:20 2018 +0200

    handshake: store session parameters in TLS1.3 ticket
    
    This allows a TLS1.3 server to obtain certificate or other
    information from the client on a resumed session.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 14 16:05:27 2018 +0200

    handshake: TLS1.3 async messages trigger the handshake hook
    
    That is, the callback set with gnutls_handshake_set_hook_function() is
    now called even on the async handshake messages received under TLS1.3,
    such as key update, etc.
    
    Resolves #441
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 14 14:33:15 2018 +0200

    tests: check various parameters on resumption
    
    That is, check gnutls_session_is_resumed() is functional on server
    side, whether PRF is respected on resumption, whether gnutls_certificate_get_peers()
    and gnutls_certificate_get_ours() operate as expected, and whether session
    resumption fails with tickets after expiration time has passed.
    
    In addition improve function documentation by documenting the current
    semantics for the functions above.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Apr 17 13:32:18 2018 +0200

    tests: exercise TLS 1.3 session resumption
    
    This requires a few changes to the resume.c test: because
    NewSessionTicket is a post-handshake message,
    gnutls_session_get_data2() needs to be called after sending the first
    application data.  Also, when GNUTLS_E_AGAIN, gnutls_record_recv()
    needs to retry.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Apr 30 14:27:52 2018 +0200

    gnutls-cli: ignore E_AGAIN to accommodate async handshake message
    
    When an async handshake message has arrived while no application data
    is available, gnutls_record_recv() returns GNUTLS_E_AGAIN and the loop
    in socket_recv() blocks.  Since socket_recv() is guarded by select(),
    it should be safe to ignore GNUTLS_E_AGAIN.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 14 09:01:59 2018 +0200

    gnutls_auth_get_type: simplified
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Ander Juaristi <a@juaristi.eus>
Date:   Mon Apr 16 17:13:47 2018 +0200

    TLS 1.3: Introduced TLS 1.3 session resumption
    
    This introduces session resumption under TLS 1.3. For that,
    it enables the psk_ke_modes extension when we enable session
    tickets. It enables sending session tickets in addition to
    PSK usernames. The detection of resumption vs pure PSK is done by
    comparing the indexes sent with the index received by the server.
    
    TLS 1.3 session tickets are always sent to the peer unless the
    GNUTLS_NO_TICKETS is specified.
    
    Resolves #290
    
    Signed-off-by: Ander Juaristi <a@juaristi.eus>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 10 14:25:12 2018 +0200

    psk_ke_modes: introduce psk_ke_modes_is_required() and update doc
    
    This adds a helper function to be extended when session resumption
    is added, and clarifies why we send a prioritized list on ke modes.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
    Signed-off-by: Ander Juaristi <a@juaristi.eus>

Author: Ander Juaristi <a@juaristi.eus>
Date:   Thu Apr 12 17:58:47 2018 +0200

    session tickets: expose {encrypt,decrypt}_ticket as internal API
    
    To reuse the same ticket construction in any TLS versions, expose the
    private functions in ext/session_ticket.c.
    
    Signed-off-by: Ander Juaristi <a@juaristi.eus>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu May 3 09:39:15 2018 +0200

    ext/pre_shared_key: fix binder calculation when HRR is sent
    
    In that case, ClientHello1 and HelloRetryRequest are included in the
    PSK binder computation, not only the truncated ClientHello2.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Apr 16 17:22:19 2018 +0200

    handshake: record transcript offset of client Finished
    
    This is for deriving resumption_master_secret, whose value is
    calculated over ClientHello...client Finished.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu May 24 15:24:17 2018 +0200

    Fix testdane by removing www.kumari.net
    
    danetool --check www.kumari.net:
      Verification: Verification failed. The certificate differs.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Tue May 22 11:22:42 2018 +0200

    Fixed some spelling issues. [ci skip]
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Mon May 21 21:58:55 2018 +0200

    Added extra extension flag to docs.
    Added description of default pack and unpack functions.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Mon May 21 09:44:16 2018 +0200

    Removed section about Heartbleed.
    Referenced new functions _gnutls_hello_ext_set_datum / _gnutls_hello_ext_get_datum for manipulation extension data.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Sun May 20 10:23:36 2018 +0200

    Fixed typo and incorrect function references.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Tom Vrancken <dev@tomvrancken.nl>
Date:   Sat May 19 22:22:29 2018 +0200

    Updated documentation on Hello extensions.
    
    Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 19 11:30:35 2018 +0200

    pkcs11: consistent/clear naming of find obj callbacks and structs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 18 11:04:34 2018 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 18 09:19:16 2018 +0200

    gnutls_pkcs11_token_get_ptr, gnutls_pkcs11_obj_get_ptr: introduced
    
    This allows an application to open a PKCS#11 token using a URI,
    and use it directly, bypassing gnutls. That is useful to take
    advantage of PKCS#11 functionality not wrapped by gnutls but
    still use PKCS#11 URIs to identify the token.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 19 12:47:16 2018 +0200

    CONTRIBUTING.md: document why gnulib is kept separate [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Martin Sucha <anty.sk+git@gmail.com>
Date:   Fri May 18 18:52:41 2018 +0200

    certtool: split long prompt for serial
    
    Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>

Author: Martin Sucha <anty.sk+git@gmail.com>
Date:   Fri May 18 13:00:43 2018 +0200

    doc: add note about CRL numbers to man page
    
    Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>

Author: Martin Sucha <anty.sk+git@gmail.com>
Date:   Fri May 18 12:35:39 2018 +0200

    certtool: ask again until serial/crl number is valid
    
    Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>

Author: Martin Sucha <anty.sk+git@gmail.com>
Date:   Fri May 18 11:39:53 2018 +0200

    tests: remove check for broken datefudge
    
    This check is not necessary with Fedora 28 build image
    currently used for CI as it contains datefudge 1.22
    as well.
    
    Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>

Author: Martin Sucha <anty.sk+git@gmail.com>
Date:   Fri May 18 10:43:26 2018 +0200

    certtool: remove extra function
    
    I did not notice strip_nl previously.
    
    Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>

Author: Martin Sucha <anty.sk+git@gmail.com>
Date:   Fri May 18 10:31:30 2018 +0200

    tests: add negative tests for certtool crl numbers
    
    Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>

Author: Martin Sucha <anty.sk+git@gmail.com>
Date:   Sun May 13 23:28:33 2018 +0200

    doc: add NEWS about serial and CRL numbers
    
    Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>

Author: Martin Sucha <anty.sk+git@gmail.com>
Date:   Sun May 13 23:04:29 2018 +0200

    doc: add hex format to example template
    
    Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>

Author: Martin Sucha <anty.sk+git@gmail.com>
Date:   Thu May 17 12:31:01 2018 +0200

    certtool: use larger serial and CRL numbers
    
    Serial/CRL numbers can be up to 20 octets in length
    as per RFC 5280, so it should be possible to use
    such numbers as input to certtool. certtool
    only allowed to specify 63-bit numbers in
    template file or interactively (even though
    it generated larger numbers in batch mode
    by default).
    
    This patch allows large numbers to be specified
    as a hexadecimal string. Parsing of decimal numbers
    larger than native integers would require adding
    dependency on libgmp directly to certtool or
    extending the API exposed by GnuTLS library with parsing
    functions. Since most tools (including GnuTLS) display
    serial numbers in hexadecimal, it is not worth the
    trouble to support large decimal numbers.
    
    Default values are unified between batch mode and
    interactive input and their size is extended.
    
    CA/Browser forum recommends CAs to include at least
    64 bits of random data in the certificate serial
    numbers in Baseline Requirements[1] section 7.1, but
    gnutls adds only 32 bits. Some other
    implementations generate default serial numbers
    with more entropy as well, here is the current state
    as of May 2018:
    
    +----------------+-------------------------------+
    | Implementation | Random bits in default serial |
    +----------------+-------------------------------+
    | OpenSSL [2]    | 159                           |
    | CFSSL [3]      | 159                           |
    | wolfSSL [4]    | 128                           |
    | GnuTLS         | 32                            |
    | Mbed TLS [5]   | 0 (defaults to 1)             |
    +----------------+-------------------------------+
    
    The 20 octet field size can fit numbers up to 159 bits
    since the most significant bit must be zero as numbers
    in DER encoding are in two's complement and the serial
    and CRL numbers must be positive.
    
    Default serial numbers are extended to full 159 bits
    allowed by the field size and are completely random,
    which matches other implementations.
    
    CRL numbers have the same size requirements, but also
    need to be monotonic (RFC 5280, section 5.2.3). That's
    why timestamp is used in them. The timestamp portion
    is extended from 31 bits to 39 bits as 31 bits will
    overflow in year 2038. The rest of the available space
    up to 159 bits allowed in the 20 octet limit is filled
    with random bits.
    
    Since the new CRL numbers are larger, the requirement for them
    to be monotonically increasing is preserved when upgrading to a
    newer version. This does not hold the other way around though,
    so after using a newer version of certtool to generate a CRL
    with default number and publishing it, it's not possible
    to use older version anymore to generate subsequent CRLs.
    Unfortunately, there is no easy workaround for users of older
    certtool, since it is not possible to specify CRL numbers
    greater than 63 bits manually prior to this change.
    Users intending to downgrade to older version later are advised
    to specify the CRL numbers in new version of certtool
    manually with values they are smaller than what would get
    generated by default in the old version.
    
    grep does not recognize CRLF line endings generated
    in tests using MinGW, so we need to convert those to
    LF endings for $ in the regex to match test output
    correctly.
    
    datefudge 1.21 that is present in Fedora 26
    image trims the timestamp to 32 bits. That bug was
    fixed in datefudge 1.22 available in the Debian image,
    so we check if datefudge behaves correctly
    and skip the test that uses more than 32 bits if
    datefudge is broken.
    
    [1] https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.4.2.pdf
    [2] https://github.com/openssl/openssl/blob/6ebb49f3f9c9333611192561979bb799fa1eb76d/apps/apps.c#L1513
    [3] https://github.com/cloudflare/cfssl/blob/5d63dbd981b5c408effbb58c442d54761ff94fbd/signer/local/local.go#L295
    [4] https://github.com/wolfSSL/wolfssl/blob/d60b16c5b8c19cc61db4a5c3f5e085a7a158cd28/wolfcrypt/src/asn.c#L9791
    [5] https://github.com/ARMmbed/mbedtls/blob/84a1107818aaddfd2abe4c5a3478cf84ab2e26b4/programs/x509/cert_write.c#L81
    
    Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 7 09:52:32 2018 +0200

    handshake: do not send TLS extensions under DTLS and vice versa
    
    That is, introduce the notion of TLS-only and DTLS-only extensions,
    providing a framework to prevent sending extensions which are registered
    for example for TLS 1.3, under DTLS and vice versa.
    
    Resolves #440
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 7 11:51:41 2018 +0200

    gnutls_ext_raw_parse: introduced GNUTLS_EXT_RAW_FLAG_DTLS_CLIENT_HELLO
    
    This allows parsing extensions from a DTLS client hello.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 16 15:32:35 2018 +0200

    tests: fix serv location in testcompat-main-openssl
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun May 13 14:39:14 2018 +0200

    tests/suite: add missing file to dist
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun May 13 14:33:17 2018 +0200

    Allow running of test against installed gnutls-serv
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 4 14:55:21 2018 +0200

    gnutls_certificate_set_retrieve_function3: updated documentation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 2 14:30:24 2018 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 29 15:16:35 2018 +0200

    pcert: added functionality to retrieve lists
    
    That introduces gnutls_pcert_list_import_x509_file() and
    gnutls_x509_crt_list_import_url().
    
    Resolves #373
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 12 10:10:28 2018 +0200

    tests: sanity-cpp: fixes for win32
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 12 09:51:59 2018 +0200

    .gitlab-ci.yml: bumped version of cache due to addition of CXXFLAGS
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 12 09:04:28 2018 +0200

    tests: fix failures in cxx example
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 12 08:47:15 2018 +0200

    cxx: bring few modern functions, and allow to get the raw session
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Philippe Widmer <pw@earthwave.ch>
Date:   Thu May 10 16:44:58 2018 +0200

    New constructors for classes client_session() and server_session() provide passing flags. Closes #438.
    
    Signed-off-by: Philippe Widmer <pw@earthwave.ch>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 10 13:38:32 2018 +0200

    tests: mini-record-timing: updated to work under newer gnutls [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu May 10 05:49:07 2018 +0200

    tests: key_update: improved error checking and increased timeout
    
    That is to avoid reaching the maximum number of key updates per second.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 5 22:31:39 2018 +0200

    .gitlab-ci.yml: moved fedora CI builds to F28
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 5 23:21:16 2018 +0200

    tests: testcompat-openssl: disable DSS ciphersuites under SSL3.0
    
    Previously if openssl wouldn't support DSS, we would only disable
    DSS under TLS1.0 or later, not under SSL 3.0. This fixes interoperability
    with Fedora28 openssl.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 7 08:12:12 2018 +0200

    Makefile.am: optimized the abi-check configure step
    
    Also ensured that the same build flags are applied in both builds
    for ABI checking.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 5 23:15:06 2018 +0200

    several updates to address issues found by clang static analyzer
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 5 22:51:26 2018 +0200

    nettle: fix casts which result to warnings in newer gcc
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 7 21:58:30 2018 +0200

    tests: updated for GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER from handshake
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 7 21:49:16 2018 +0200

    handshake: use GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER consistently
    
    Also treat GNUTLS_E_ILLEGAL_PARAMETER as a synonym if returned during
    a connection.
    
    Relates #442
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 7 21:42:44 2018 +0200

    CONTRIBUTING.md: documented status of C++ library [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 7 10:50:30 2018 +0200

    tests: cookie: fixed exit condition [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 7 15:39:30 2018 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 7 08:17:09 2018 +0200

    .gitlab-ci.yml: fixes in win32 builds
    
    Relates #439
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 4 08:39:30 2018 +0200

    certtool: honor --ask-pass when loading a private key
    
    This also improves the password prompt when the password requested
    is not for a smart card.
    
    Resolves: #436
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Michael Weiser <michael.weiser@gmx.de>
Date:   Fri Apr 27 15:35:30 2018 +0200

    .gitlab-ci.yml: Disable full test suite for cross builds
    
    Disable the full test suite for cross CI builds to speed them up.
    
    Signed-off-by: Michael Weiser <michael.weiser@gmx.de>

Author: Michael Weiser <michael.weiser@gmx.de>
Date:   Wed Apr 25 16:54:27 2018 +0200

    .gitlab-ci.yml: Expire all build log artifacts
    
    Signed-off-by: Michael Weiser <michael.weiser@gmx.de>

Author: Michael Weiser <michael.weiser@gmx.de>
Date:   Wed Mar 28 22:47:01 2018 +0200

    Use configured CC for pkg-config test
    
    Using the configured compiler aids in running the test suite under qemu
    or in a multlib scenario.
    
    Signed-off-by: Michael Weiser <michael.weiser@gmx.de>

Author: Michael Weiser <michael.weiser@gmx.de>
Date:   Mon Mar 19 19:02:12 2018 +0100

    Add Debian-based qemu cross CI targets
    
    Signed-off-by: Michael Weiser <michael.weiser@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 5 22:38:56 2018 +0200

    updated-auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 5 22:17:15 2018 +0200

    fuzzer: added fresh TLS1.3 server trace
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 5 21:59:13 2018 +0200

    gnutls-serv: all skipping DTLS cookie request
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 5 21:45:56 2018 +0200

    gnutls-cli: corrected data written by server trace
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 3 11:53:51 2018 +0200

    tests: post handshake auth: test more combinations
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 3 11:48:46 2018 +0200

    post_handshake_auth: send extension irrespective of certificates being present
    
    The feature does not necessarily require certificates to be present
    and an empty cert can be presented. Furthermore, the certificates
    can be set later on the credentials structure.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 3 13:48:52 2018 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 8 18:38:47 2018 +0200

    tests: added interop tests with openssl under TLS1.3
    
    This adds interoperability tests for:
     * PSK with elliptic curve DHE
     * RSA,RSA-PSS,secp256r1,ed25519 server certificate
     * RSA,RSA-PSS,secp256r1,ed25519 client certificate
     * X25519,SECP256R1 key share exchange
     * key share with HRR
    
    Relates #328
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 23 10:07:32 2018 +0200

    doc: clarified re-handshake details under TLS1.2 server
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 23 09:09:41 2018 +0200

    tls13/certificate_request: corrected check of duplicate signature algorithms
    
    Made the check local when parsing a certificate request, as we may
    receive multiple requests when post-handshake authentication is
    in place. Furthermore check whether this extension has been received
    as this is a mandatory one. In addition handle a memory leak when
    multiple peer certificates are set.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 23 08:41:22 2018 +0200

    gnutls_reauth: doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 20 21:35:52 2018 +0200

    gnutls-cli: enhanced tool for TLS1.3 options
    
    This patch allows a client to enable post-handshake
    authentication, perform re-key and restrict the sent key shares.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 20 14:51:15 2018 +0200

    tls13/certificate: send empty certificate instead of skipping
    
    According to TLS1.3 spec:
       The server's certificate_list MUST always be non-empty.  A client
       will send an empty certificate_list if it does not have an
       appropriate certificate to send in response to the server's
       authentication request.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 20 13:47:57 2018 +0200

    _gnutls_figure_common_ciphersuite: ignore certificate check if PSK is negotiated
    
    That is, if we are performing PSK under TLS1.3, don't bother
    checking whether the certificate is compatible with the ciphersuite;
    there isn't any.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 20 10:53:51 2018 +0200

    tls13/certificate_verify: corrected context in signatures in client side
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 20 10:47:59 2018 +0200

    _gnutls13_handshake_sign_data: avoid unnecessary copy
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 20 09:01:28 2018 +0200

    handshake: cleanup in TLS1.3 initial secret calculation
    
    That eliminates duplicate code in server hello parsing.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 20 08:06:14 2018 +0200

    psk: compute binder which is compatible with draft-ietf-tls-tls13
    
    Previously the computed binder values was not compatible with any
    TLS1.3 draft, and was not interoperating with openssl or tlslite.
    
    Resolves #427
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 4 08:06:35 2018 +0200

    CONTRIBUTING.md: added text on CI [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 3 14:19:34 2018 +0200

    tests: fallback scsv: check proper fallback under TLS 1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 3 15:13:13 2018 +0200

    encrypt_packet_tls13: made size check safer
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 28 11:14:34 2018 +0200

    pkcs11: mark private key objects as sensitive by default
    
    That is, to prevent accidentally creating objects which can
    be exported.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 23 15:02:53 2018 +0200

    tests: check the behavior of TLS1.2 key exchange methods under TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 23 15:11:28 2018 +0200

    psk: mark psk_ke_modes as invalid when ignored
    
    TLS1.3 handles the receiving of pre-shared keys extension as
    invalid when the psk_ke_modes extension is not received as well.
    As such, when we ignore the psk_ke_modes for some reason (e.g.,
    no credentials) we need to indicate that it was received. We
    use the invalid mode flag for that reason, allowing the handshake
    to fail later for the right reason (e.g., no credentials error rather
    than illegal extension).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 23 15:01:48 2018 +0200

    priority: handle RSA-PSK ciphersuites similar to SRP
    
    That is, when specified disable TLS1.3.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Apr 28 14:14:30 2018 +0200

    Add another sni related test
    
    As --sni-hostname does not imply --verify-hostname a hostname mismatch
    still triggers an error.
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 23 14:00:15 2018 +0200

    tests: sni-hostname was updated to support TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 29 13:44:04 2018 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Apr 28 14:11:27 2018 +0200

    doc: Add crossreference/warning
    
    Add pointer to --verify-hostname to --sni-hostname description.
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 23 13:58:22 2018 +0200

    gnutls-cli: added option to specify the verification hostname
    
    This enables testing various scenarios, by allowing to specify the
    hostname to be used for certificate validation when connecting to
    a remote host (e.g., localhost but with a certificate for example.com).
    
    Resolves #344
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 26 09:06:00 2018 +0200

    doc: fixes for better latex pdf generation [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 24 08:36:06 2018 +0200

    retrieve_pin: refuse to retrieve PIN from URI more than one time
    
    That is, prevent re-using a static PIN if it has already been
    known to be wrong. Introduced tests of that behavior.
    
    Resolves #425
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 24 16:42:10 2018 +0200

    doc: updated OCSP documentation [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 22 16:02:08 2018 +0200

    gnutls.h.in: corrected typo [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 20 08:42:27 2018 +0200

    fuzz: corrected TLS1.3 enablement [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 17 10:59:25 2018 +0200

    _gnutls_epoch_new: allow re-allocation epoch next epoch
    
    On certain cases when re-handshake is interrupted by application
    data, _gnutls_epoch_new() will be called twice. Make sure that
    this does not lead to an error. We also rename the function to
    clarify its purpose _gnutls_epoch_setup_next().
    
    Resolves #426
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 17 09:52:01 2018 +0200

    tests: added reproducers for receiving app data when rehandshake is expected
    
    Relates: #426
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 17 09:31:12 2018 +0200

    tests: eliminated exit_code variable used in few tests
    
    It was a legacy variable for error printing that was never
    used uniformly.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 17 09:24:29 2018 +0200

    tests: eagain: moved to cmocka and enhanced for TLS1.3
    
    That also makes macros from eagain-common.h functioning under cmocka.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 16 09:51:11 2018 +0200

    tests: tls12-rehandshake-cert*: run multiple rehandshake tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 17 07:45:54 2018 +0200

    tls13/finished: addressed memory leak in receiving finished packet
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7518
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 16 15:35:33 2018 +0200

    priority: document the reasons for the order of supported groups [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 16 15:14:01 2018 +0200

    handshake: described the epoch reference counting [ci skip]
    
    It is used only in DTLS where multiple handshake states may be
    active.
    
    Resolves #421
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 16 09:51:11 2018 +0200

    tests: tls12-rehandshake-cert-3: run multiple rehandshake tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 11 14:35:26 2018 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 11 08:34:15 2018 +0200

    ANON,SRP,NULL ciphersuites: when set do not negotiate TLS1.3 or later
    
    The reason is that these ciphersuites cannot be negotiated using TLS1.3.
    There is a different strategy followed for these.
    
     * NULL ciphersuites: they are not something normally enabled and used
       for debugging purposes mostly. When set both in client and server side
       only TLS1.2 can be used.
    
     * SRP ciphersuites: they are used on client side when the client is actually
       performing a username-password authentication with SRP. On server side we
       can have indeed a server support SRP and non-SRP. In that case we limit
       both on TLS1.2. That an unfortunate restriction, but is not a regression
       and IMHO these servers would most likely be phased out as very few would
       want to stick to TLS1.2 connections for SRP; or we may have an SRP update
       for TLS1.3 which could lift that limitation in the future.
    
     * ANON ciphersuites: they are used in certain client/server setups where very
       basic level of security is required, and in opportunistic encryption scenarios.
       There is a difference in the handling of these cases. In the case of Anon-only
       server/clients they provide the session with anonymous credentials structure; in
       the case of opportunistic encryption they provide both certificate and anonymous
       credentials. Thus we allow the protocol (TLS1.3) be in the priorities, but if we
       see no certificate or PSK credentials we disable TLS1.3 negotiation.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 7 21:42:57 2018 +0200

    ext/pre_shared_key: cleanups in error handling
    
    This addresses a memory leak found via oss-fuzz. It also
    sets the right index on the selected PSK, and returns the
    right server error code on incorrect key file.
    
    Addresses:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7465
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 7 21:27:27 2018 +0200

    ext/psk_ke_modes: corrected data access
    
    That also improves the if-checks.
    
    Issue and reproducer discovered via oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7470
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 7 21:06:53 2018 +0200

    fuzz: added client and server traces for TLS 1.3 draft-26 [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 7 06:20:05 2018 +0200

    doc: corrected space-tab issues in examples
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 6 20:51:39 2018 +0200

    constate: fixed key generation for TLS1.3
    
    This amends 62ea232f180b980a0d4b6462c468706db6cc4700, and
    removes invalid NULL checks, as well as corrects the key
    set for server side.
    
    This is verified against openssl master, but does not include
    automated test suite; it will be tested as part of #328
    
    Resolves #419
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 4 14:51:08 2018 +0200

    doc: re-organized and modernized examples
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 4 13:47:36 2018 +0200

    doc: updated for TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 6 13:36:11 2018 +0200

    fuzz: added PSK traces with TLS1.3
    
    Relates: #359
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 4 15:28:37 2018 +0200

    psk: save the username on auth info struct under TLS1.3
    
    Add the necessary tests to verify that gnutls_psk_server_get_username()
    reports the right username under TLS1.2 and TLS1.3.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 22 10:02:36 2018 +0100

    tests: enhanced test suite for TLS1.3 and PSK
    
    That includes tests with unknown usernames and connections with wrong key
    and updates to fastopen.sh to use certificate auth, making it applicable
    under TLS1.3.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 29 09:51:32 2018 +0200

    priority: added GROUP-DH-ALL and GROUP-EC-ALL
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 3 13:10:30 2018 +0200

    dumbfw: account for extension data padding
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 5 09:04:47 2018 +0200

    Simplified the _gnutls13_psk_ext_parser interface and added unit tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Ander Juaristi <a@juaristi.eus>
Date:   Thu Mar 22 08:59:56 2018 +0100

    Added support for out-of-band Pre-shared keys under TLS1.3
    
    That adds support for pre-shared keys with and without Diffie-Hellman
    key exchange. That's a modified version of initial Ander's patch.
    
    Resolves #414
    Resolves #125
    
    Signed-off-by: Ander Juaristi <a@juaristi.eus>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 6 10:36:18 2018 +0200

    certtool: key-type desc was moved along the privkey functionality [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 4 13:47:25 2018 +0200

    gnutls_record_can_use_length_hiding: corrected return type
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 4 16:54:15 2018 +0200

    encrypt_packet_tls13: reverted to original API
    
    That allows more uniformity across encrypt/decrypt, and
    across different protocol handling.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 25 20:08:26 2018 +0200

    nettle: corrected typo in version check for compatibility mode with 3.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 13 11:11:52 2018 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 13 09:45:44 2018 +0100

    protocols: bumped TLS1.3 protocol to draft -26
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 13 09:23:05 2018 +0100

    record: added AAD data when encrypting or decrypting
    
    This is a requirement of draft-ietf-tls-tls13-25
    
    Resolves #409
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 12 17:10:42 2018 +0100

    priorities: disable any key exchange methods if there is no TLS1.2 or earlier
    
    That is, because TLS1.2 has specific requirements in the ordering of
    curves/groups if certain ciphersuites (ECDHE/DHE) are present, and
    by being able to eliminate them early we simplify the negotiation
    for TLS1.3-only clients/servers.
    
    Relates #378
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 9 12:12:56 2018 +0100

    _gnutls_supported_ecc_recv_params: take into account precedence
    
    That is, when %SERVER_PRECEDENCE is given in the priority string make
    sure that the negotiated curve of DH group respects the server's priorities.
    That's very relevant under TLS1.3 as ciphersuite negotiation itself, where
    %SERVER_PRECEDENCE applied, does contain only the cipher algorithm and MAC
    unlike TLS1.2 which included key exchange as well.
    
    Resolves #378
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 12 10:37:00 2018 +0100

    supported_versions: cannot be used to negotiate pre-TLS1.3
    
    This is a requirement of draft-ietf-tls-tls13-26
    
    Resolves #410
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 23 20:45:40 2018 +0100

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 23 07:04:37 2018 +0100

    doc: mention gnutls_privkey_import_ext4 in upgrade from 3.5.x
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 23 07:02:23 2018 +0100

    doc: added since field in gnutls_record_send2() description
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 23 06:47:55 2018 +0100

    Makefile.am: reduce automake warnings and corrected version
    
    That is, avoid using the := syntax, set the right version variable
    and use a hidden file for abi-check cache stamp.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 18 15:46:36 2018 +0100

    The abi-check target was updated to check against the last tag
    
    As abi-dumper and abi-compliance-checker tools are not reliable when
    run across different systems, we now compare the previous tag ABI with the
    current compiled library. That is in contrast with the previous behavior
    of storing the output files of abi-dumper, which can become obsolete on
    a CI update.
    
    That also moves the ABI check only on the CI, and not in the 'make dist' rule
    as it takes significant time to run.
    
    This relates to an issue reported against libidn2's use of abi-compliance-checker
    but it affects gnutls as they share similar code:
    https://gitlab.com/libidn/libidn2/issues/42
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 20 07:15:13 2018 +0100

    nettle/pk: include nettle/version.h
    
    That enables the nettle version macros to operate.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 19 14:42:38 2018 +0100

    tests: avoid duplicate runs of tests when not necessary
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 19 18:31:40 2018 +0100

    tests: moved invalid-cert reproducer into fuzz/ reproducers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 19 18:29:23 2018 +0100

    tests: testpkcs11.sh was moved to the main tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 19 18:24:10 2018 +0100

    tests: long-crl.sh was moved to main suite
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 19 15:22:14 2018 +0100

    tests: suite: dropped ocsp-coverage and cert-coverage
    
    These tests are duplicates of fuzz/gnutls_ocsp_resp/req_parser_fuzzer
    and gnutls_x509_parser_fuzzer.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 19 15:11:38 2018 +0100

    tests: testsrn.sh was removed as duplicate of safe-renegotation/ tests
    
    Also safe-renegotiation tests were made TLS1.2-only as they do not
    apply to TLS1.3.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 19 15:07:14 2018 +0100

    tests: pkcs7-cat: moved to main suite
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 13 15:46:16 2018 +0100

    tests: updated for TLS1.3 inclusion
    
    This moves the test to use a specific version or test multiple
    TLS versions if applicable.
    
    Resolves #413
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 19 09:00:23 2018 +0100

    tests: mini-record-retvals was split into return vals checking and alerts checking
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 13 13:47:46 2018 +0100

    tests: client-fast-open: updated for TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 13 13:43:47 2018 +0100

    tests: removed unused test
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 13 13:41:19 2018 +0100

    tests: auto-verify: update for TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 10 19:08:08 2018 +0100

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 8 16:21:20 2018 +0100

    tlsfuzzer: updated to the latest version
    
    Also enabled the RSA-PSS tests.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 8 16:00:34 2018 +0100

    alert: send the appropriate alert on GNUTLS_E_ERROR_IN_FINISHED_PACKET
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 8 14:54:55 2018 +0100

    Bumped TLS1.3 draft version to -23
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 8 13:57:05 2018 +0100

    Hello retry request matches server hello
    
    That also distinguishes between them by using the special random value,
    and implements the version check as in draft-ietf-tls-tls13-24.
    
    Resolves #391 #390 #392
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 7 12:52:46 2018 +0100

    tests: added negative tests for RSA-PSS key exchange
    
    Relates #400
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 6 15:09:50 2018 +0100

    signatures: distinguish RSA-PSS signatures with RSA PKCS#1 1.5 certificates from "pure"
    
    This change enhances signature algorithms to have a private key algorithm
    parameter. That is, to allow signature algorithms operating with a private
    key of type X while the public key is of type Y. That is useful for the
    RSA-PSS signatures which are of two types; one which is seen from servers
    having PKCS#1 1.5 certificates, the other with RSA-PSS certificates, while
    both utilize RSA-PSS private keys.
    
    This is a draft-ietf-tls-tls13-23 change.
    
    Resolves #400
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 28 12:41:40 2018 +0100

    Server hello format follows TLS1.2 format
    
    Also version negotiation was moved to supported_versions extension,
    and session ID is set by client following appendix D.4.
    
    This is a draft-ietf-tls-tls13-22 change.
    
    Resolves #393, #389, #397
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 28 11:38:53 2018 +0100

    Renumbered the key share extension to 51
    
    This is a draft-ietf-tls-tls13-23 change.
    
    Resolves #398
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 22 16:12:55 2018 +0100

    record: ignore any ChangeCipherSpec messages under TLS1.3 handshake
    
    Also send ChangeCipherSpec messages under TLS1.3 handshake.
    
    This is a draft-ietf-tls-tls13-22 change.
    
    Resolves #395
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 22 14:42:43 2018 +0100

    record: send 0x0303 under TLS1.3
    
    This is a draft-ietf-tls-tls13-22 change.
    
    Resolves #396
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 8 12:03:39 2018 +0100

    cryptodev: fix prototype of cryptodev_mac_fast [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 7 16:14:51 2018 +0100

    cryptodev: added missing macro [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 5 15:42:14 2018 +0100

    tests: added unit tests of gnutls_x509_crt_export
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 2 23:21:34 2018 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 2 23:09:11 2018 +0100

    gnutls_x509_crt_export2: avoid re-encoding
    
    That prevents possible re-encoding issues in libtasn1 or ambiguously
    formatted DER data, from affecting verbatim usage of certificates.
    
    Relates #403
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 2 17:48:01 2018 +0100

    tests: added reproducer with DER re-encoding error on client side
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 4 19:07:29 2018 +0100

    cfg.mk: update-po rule uses commit -s
    
    This makes it produce a commit message which can be sent to
    the repo (Signed-off-by is mandatory).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 4 19:01:41 2018 +0100

    Sync with TP.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 4 19:01:23 2018 +0100

    CONTRIBUTING.md: added more info about gnulib
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat Mar 3 18:42:20 2018 +0100

    Improve fuzzer coverage report creation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 2 23:40:43 2018 +0100

    pkcs11: set the modulus bits on RSA keys
    
    That value is necessary when using RSA-PSS keys.
    
    Relates #402
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 2 14:51:31 2018 +0100

    gnutls_privkey_import_ext4: enhanced with GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS flag
    
    That flag is utilized by the information function to obtain the
    value of the parameters (e.g., modulus). That information is necessary
    to safely handle RSA-PSS keys.
    
    For RSA-PSS keys this is a regression since 3.6.0 where this API was
    introduced, but as this change is necessary and 3.6.x is not yet marked
    as stable, it should be acceptable.
    
    Relates #402
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 2 11:18:12 2018 +0100

    _gnutls_find_rsa_pss_salt_size: add a validity check for salt size
    
    That is, in order to reject invalid parameters.
    
    Resolves #402
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 2 09:38:55 2018 +0100

    tests: eliminated destructive tests
    
    That adds a dependency to p11-kit 0.23.10 for the test suite.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 1 16:38:29 2018 +0100

    configure: simplified nettle version check
    
    Relates #401
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Łukasz Stelmach <stlman@poczta.fm>
Date:   Tue Feb 27 15:44:55 2018 +0100

    gnutls-cli: do not ask any questions with --strict-tofu
    
    Signed-off-by: Łukasz Stelmach <stlman@poczta.fm>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Feb 27 22:04:10 2018 +0100

    Update oss-fuzz corpora
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 22 11:43:53 2018 +0100

    drbg-aes: use the new nettle APIs for AES
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 22 11:29:08 2018 +0100

    accelerated: padlock: use the new nettle APIs
    
    Also remove any ifdefs for nettle (it is not conditionally compiled in),
    and do not register accelerators for AES-192-CBC. That cipher is widely
    ignored to bother.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 26 11:46:09 2018 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 26 11:44:56 2018 +0100

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 23 09:55:50 2018 +0100

    gnutls_ext_raw_parse: introduced function
    
    That function can be combined with callbacks like
    gnutls_handshake_set_hook_function() for applications to
    be able to process messages when necessary.
    
    Resolves #382
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 21 11:46:08 2018 +0100

    fuzz: added TLS1.3 client and server traces [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 21 11:21:36 2018 +0100

    fuzz: enable fuzzer target in afl examples and add missing script [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 21 11:20:31 2018 +0100

    fuzz: fixes in README file [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Feb 19 20:11:57 2018 +0100

    updated Since version in new function entries as well as map file versions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 19 17:17:45 2018 +0100

    fuzz: enable TLS1.3 in server and client fuzzers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 19 15:10:00 2018 +0100

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 19 15:02:36 2018 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Jan 23 16:39:36 2018 +0100

    record: new gnutls_record_send2 function
    
    This adds a new function gnutls_record_send2() which takes an extra
    argument to specify the padding size of the record.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Feb 8 13:24:46 2018 +0100

    _gnutls_record_overhead: count content type octet in plaintext
    
    In TLS 1.3, TLSInnerPlaintext has the 'type' field followed by the
    padding.  Exclude it from the overhead calculation.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jan 3 14:14:56 2018 +0100

    tests: check extended record padding work with TLS 1.3
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Dec 21 17:02:22 2017 +0100

    range: make length hiding always usable under TLS 1.3
    
    This patch reintroduce the extended record padding mode removed in
    commit 7df219f0.  Under TLS 1.3, the padding mode can be implemented
    in the record protocol.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Jan 3 14:10:22 2018 +0100

    tests: re-enable mini-record-range test
    
    This test was previously disabled as part of NEW_PADDING extension
    removal (commit 7df219f0).  Even though the extension is not usable,
    gnutls_record_send_range() should work with the standard TLS block
    cipher padding.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Dec 21 15:53:30 2017 +0100

    doc: fix mention of gnutls_record_send_range()
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 27 16:38:14 2018 +0100

    po: lib/x509/ocsp.c added to translatable files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 4 17:32:58 2018 +0100

    tests: corrected various typos
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 4 17:26:54 2018 +0100

    doc: use 3.6.xx to be consistent with other version references
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 2 12:44:15 2018 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 13 10:11:57 2017 +0100

    doc: getfuncs.pl: distinguish between different typedef types
    
    That allows to properly distinguish a struct from a one liner
    typedef.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 13 08:00:38 2017 +0100

    check_ocsp_response: print OCSP response actual error on debug log
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 12 14:55:29 2017 +0100

    x509/cert: reorganized
    
    Split functionality related to certificate credentials and
    session certificate handling in cert-cred.c and cert-session.c
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 29 16:19:56 2017 +0100

    tests: added unit test for gnutls_ocsp_resp_list_import2
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 18 10:35:53 2017 +0200

    doc: updated
    
    * document the new behavior of gnutls_certificate_set_ocsp_status_request_file
    * updated text on OCSP stapled responses
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 21 16:31:02 2017 +0100

    tests: added ocsptool sanity check program
    
    This checks its functionality in loading and exporting PEM
    and DER structures.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 16 16:05:15 2017 +0200

    tests: enhanced OCSP tests
    
    * Run tests under TLS1.2 and TLS1.3
    * Verify whether multiple OCSP responses are received in client
      side, under TLS1.3.
    * Verify that OCSP status responses can be sent by
      client under TLS1.3
    * Verify operation of gnutls_certificate_retrieve_function3
    * Verify operation when multiple OCSP responses by file are set
    
    Resolves #307
    Resolves #291
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 12 08:47:00 2017 +0100

    cert auth: use a single callback to call for OCSP
    
    That is, when selecting the certificate to use, point to
    the callback to use as well (whether it being the global or
    a specific) one, for OCSP.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 22 10:32:04 2017 +0100

    ocsp: introduced gnutls_certificate_get_ocsp_expiration()
    
    This is a function to allow obtaining the validity of the OCSP responses
    already set in the credential structures.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 8 13:45:24 2017 +0100

    ocsp: enhanced the OCSP response loading APIs
    
    Introduced gnutls_certificate_set_ocsp_status_request_file2() and
    gnutls_certificate_set_ocsp_status_request_mem(). These functions
    behave as the equivalent certificate loading functions and pre-load
    the OCSP response provided as a file, either in DER or in PEM form.
    
    In addition, ensure that if the server is provided a problematic OCSP
    response, or the OCSP response is not renewed before it is invalid, we
    will not provide it to the clients.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 18 11:26:55 2017 +0200

    gnutls-serv: allow loading multiple OCSP responses
    
    That is, allow specifying multiple 'ocsp-response' options on
    command line. In addition introduce the option 'ignore-ocsp-response-errors'
    which will set the GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK flag
    prior to importing the response.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 18 10:32:20 2017 +0200

    cert: introduced flag GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK
    
    This allows reverting the new semantics of checking the loaded
    OCSP response against the certificates present and return
    to the 3.5.x semantics.
    
    That option is also useful for debugging as it allows setting
    an arbitrary response and checking gnutls' client behavior with that.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 7 16:16:55 2017 +0100

    gnutls_certificate_set_ocsp_status_request_file: match input response to certificates
    
    That is, iterate through the certificate chain to figure to which
    certificate the response corresponds to, and assign it to it.
    That allows for applications to re-use this function to set
    multiple responses when available.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 6 13:51:52 2017 +0100

    ocsp: moved non-extension related functions to ocsp-api.c
    
    That keeps ext/status_response.c clear of items that are
    not related with the extension handling.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 17 09:59:53 2017 +0200

    gnutls_ocsp_status_request_get2: allow operation under TLS1.3 for server side
    
    Under TLS1.3 it is possible for both client and server to send the
    status request extension in certificate message.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 17 08:32:09 2017 +0200

    select_sign_algorithm: check KX type only on pre-TLS1.3
    
    That, when selecting a certificate under TLS1.3, considers
    the negotiated signature algorithms for compatibility with the
    certificate to be selected.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 6 13:45:21 2017 +0100

    rename _gnutls_selected_certs_set -> selected_certs_set
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 6 13:32:28 2017 +0100

    ocsp: send all the OCSP responses under TLS1.3
    
    That is, any responses set by the caller application (directly
    or via a callback), will be sent to the peer.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 6 13:18:16 2017 +0100

    introduced gnutls_certificate_retrieve_function3
    
    That allows a certificate callback to provide OCSP responses in addition
    to certificates. That also introduces a flags option which currently
    accepts GNUTLS_CERT_RETR_DEINIT_ALL which allows the callback to
    specify whether the provided data should be deinitialized.
    
    To simplify the certificate callback code, all previous (now legacy)
    callbacks are implemented as wrappers over the new callback function.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 29 14:27:44 2017 +0100

    gnutls_ocsp_resp_list_import2: introduced
    
    That is, introduced function to to import multiple OCSP PEM
    responses into a list.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 21 16:20:48 2017 +0100

    ocsptool: import and export OCSP responses in PEM format
    
    That also modifies the 'request-info' and 'response-info' commands
    to check the 'outfile' parameter and if set, to store the corresponding
    structure into that file. Currently for OCSP requests there is no
    printing of PEM data.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 21 14:59:31 2017 +0100

    ocsp: introduced gnutls_ocsp_resp_import2 and gnutls_ocsp_resp_export2
    
    These allow importing and exporting an OCSP response to PEM format,
    in addition to DER.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 13 09:36:38 2017 +0200

    _gnutls_x509_cert_verify_peers: verify all received OCSP responses
    
    That is, when verifying the server's certificate, take into account
    all present OCSP responses.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 13 09:31:58 2017 +0200

    gnutls_ocsp_status_request_get2: added function
    
    The function extends gnutls_ocsp_status_request_get() to
    retrieve more than a single responses.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 10 10:21:19 2017 +0200

    tls13/certificate: parse OCSP status response and save responses in auth info struct
    
    That provides support of OCSP status response under TLS 1.3.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 10 11:14:19 2017 +0200

    ext/status_request: allow more than a single OCSP response to be received
    
    That change allows for arbitrary number of OCSP responses
    which is required in TLS1.3. The received list is now stored
    in auth structure, and thus packed with it on resumption data.
    The status response extension data, are now only used on server
    side, when temporarily storing the OCSP response to send.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 10 09:59:17 2017 +0200

    _gnutls_copy_certificate_auth_info: simplified and avoid multiple allocations
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 19 16:16:29 2017 +0100

    tests: updated to account for HMAC-SHA384 and CAMELLIA removal
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 19 16:00:45 2017 +0100

    priorities: provide a more consistent "story" for default cipher settings
    
    Current settings in NORMAL priorities which were affected:
     * Enabled ciphers:
      - AES-GCM
      - CHACHA20-POLY1305
      - AES-CCM
      - AES-CBC
    
     * Enabled signature algorithms:
      - RSA-SHA256
      - RSA-PSS-SHA256
      - ECDSA-SHA256 / ECDSA-SECP256R1-SHA256
      - EDDSA-ED25519
      - RSA-SHA384
      - RSA-PSS-SHA384
      - ECDSA-SHA384 / ECDSA-SECP384R1-SHA384
      - RSA-SHA512
      - RSA-PSS-SHA512
      - ECDSA-SHA512 / ECDSA-SECP521R1-SHA512
      - RSA-SHA1
      - ECDSA-SHA1
    
    Removed:
     * Ciphersuites utilizing HMAC-SHA384. That MAC is only used on "legacy"
       type of ciphersuites, and doesn't provide any advantage over HMAC-SHA256.
     * Ciphersuites utilizing CAMELLIA were removed. TLS1.3 doesn't define any
       CAMELLIA ciphersuites, and thus provide consistent defaults across
       protocols.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 17 09:27:36 2017 +0200

    certificate request: corrected parsing of signature algorithms
    
    That fixes an issue in TLS 1.3 certificate request message parsing.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 4 18:22:54 2017 +0100

    tlsfuzzer: updated to latest master
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 9 11:23:24 2017 +0100

    doc: documented hsk_flags "lifetime" and its reset
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 8 13:13:31 2017 +0100

    session state: TLS1.2 and TLS1.3 state is stored as union
    
    That is, to reduce memory usage as these protocol cannot be used
    in parallel.
    
    Relates: #281
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 8 13:08:02 2017 +0100

    session state: organized key exchange keys into structures
    
    That is, with the view of separating the data needed for
    TLS1.2 and earlier and TLS1.3.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 7 16:52:21 2017 +0100

    record state: avoid memory allocations for stored keys
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 7 16:25:31 2017 +0100

    handshake: ffdhe flags merged with handshake flags
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 7 16:09:12 2017 +0100

    handshake: false start flag merged with hsk_flags
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 7 15:36:01 2017 +0100

    handshake: use hsk_flags in TLS1.2 and TLS1.3
    
    The flags provide a more transparent view of the received
    and expected messages.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 5 09:01:56 2017 +0100

    doc: added text on TLS1.3 rekey and reauthentication
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 4 17:45:11 2017 +0100

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 2 15:30:43 2017 +0100

    tests: re-enabled post-handshake auth tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 2 15:19:10 2017 +0100

    handshake: added support for post-handshake authentication
    
    That is:
     * introduced a gnutls_init() flag for clients to enable post-handshake
       authentication
     * introduced gnutls_reauth() function, to be called by servers to request
       authentication, and by clients to perform authentication
    
    Resolves #562
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 21 11:12:14 2017 +0100

    gnutls_record_set_state: use const for seq_number
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 20 16:56:12 2017 +0100

    tests: added test suite on key limits
    
    This checks whether key update occurs for the expected ciphersuites.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 20 16:52:58 2017 +0100

    gnutls_record_get_state: doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 20 16:01:29 2017 +0100

    Introduce key usage limits under TLS1.3
    
    That introduces a transparent key update for sending key after
    the safety limit is reached.
    
    Resolves #130
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 20 13:08:18 2017 +0100

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 30 08:59:17 2017 +0100

    tests: removed unused variables and introduced temporal vars in macros
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 30 08:51:06 2017 +0100

    tests: check gnutls_rehandshake() and gnutls_handshake() under TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 28 12:38:52 2017 +0200

    gnutls_*handshake: wrap gnutls_session_key_update under TLS 1.3
    
    The semantics of the gnutls_handshake() and gnutls_rehandshake() functions
    were tied to TLS 1.2 and earlier behavior. This patch attempts to merge
    the two different semantics as follows:
    
    TLS1.2:
     * gnutls_rehandshake: sends a hello request message (asks the peer for a re-handshake)
                           in server side; invalid to be called in client side.
    
     * gnutls_handshake: performs a re-handshake in either client or server side;
                         in server side it is expected to be called after
                         gnutls_rehandshake().
    
    TLS1.3:
     * gnutls_rehandshake: in server side sends a key update and asks the peer to re-key
                           as well; remains invalid to be called in client side.
    
     * gnutls_handshake: sends a key update and asks the peer to re-key as well;
                         in client side; is a no-op when called in server side.
    
    Relates #131
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 19 16:45:18 2017 +0200

    tests: added unit tests with TLS1.3 key update
    
    Relates #131
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 19 16:27:30 2017 +0200

    handshake: introduced gnutls_session_key_update()
    
    This function allows updating keys of the session and notifying
    the peer.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 19 14:52:03 2017 +0200

    handshake: added TLS1.3 passive key update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed Nov 29 11:18:40 2017 +0100

    keylogfile: write TLS 1.3 secrets
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Nov 28 18:28:19 2017 +0100

    _gnutls_nss_keylog_write: define new internal API
    
    This patch turns the write_nss_key_log function to an internal
    API (with a different name) so that it can be called from other places
    implementing TLS 1.3 key scheduling.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 27 11:27:12 2017 +0100

    tls-fuzzer: enabled the large hello checks
    
    These were previously not working because tls-fuzzer was not TLS1.3-ready.
    This is addressed at the current update, and as such we enable them.
    
    That commit also enables the SNI resumption tests.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 29 16:21:45 2017 +0100

    hkdf: refer to nettle's hkdf.h when available
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 29 14:04:30 2017 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 27 11:07:40 2017 +0100

    gnutls_prf_rfc5705: apply the context limits only under TLS1.2 or earlier
    
    These limits do not exist under TLS1.3.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 27 11:04:59 2017 +0100

    gnutls_prf_raw: fail under TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 27 09:10:24 2017 +0100

    tests: included behavioral test of gnutls_prf under TLS1.3
    
    Resolves #330
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 27 09:03:31 2017 +0100

    gnutls_prf: prevent usage under TLS1.3
    
    Only allow its use when it is documented to have the same output
    as gnutls_rfc5705() and in that case make it a wrapper to it.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Nov 24 11:07:20 2017 +0100

    gnutls_prf_rfc5705: calculate exporter using HKDF if TLS 1.3
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Nov 24 10:55:43 2017 +0100

    handshake-tls13: derive and store exporter_master_secret
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Nov 24 10:34:26 2017 +0100

    _tls13_derive_secret: define secret argument
    
    TLS 1.3 exporters need to derive a secret from exporter_master_secret
    or early_exporter_master_secret, not the handshake or application
    secret stored in temp_secret.  Add a new argument @secret to
    _tls13_derive_secret to specify any secret.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 8 11:45:25 2017 +0100

    session state: combined srp and dh prime bits variables
    
    They were being used for the same purpose, and SRP as well as
    DH, do not overlap to require two different variables.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 8 11:41:59 2017 +0100

    session state: mark mod_auth_st_int as constant
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 8 11:39:53 2017 +0100

    dtls: cookie is stored dynamically when needed rather than in pre-allocated size
    
    That reduces the number of bytes used in cases where DTLS is not in use or
    we are in server-side.
    
    Relates #281
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 10 09:54:13 2017 +0200

    removed legacy/unused rsa-related structures/functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Sep 23 21:43:45 2017 +0300

    lib: simplify adding groups according to prioritites
    
    There is little point, remembering if EC or DHE came first and then
    adding necessary groups checking that flag. Instead just add groups at
    the time first EC or DHE ciphersuite is met.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 4 09:21:06 2017 +0200

    tests: added unit test for RDNs in cert callback
    
    This verifies whether the RDNs received at the callbacks under
    TLS1.2 and TLS1.3 have the expected values (corresponding to the
    certificates used).
    
    Resolves #297
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 15:59:14 2017 +0200

    gnutls_auth*_get_type: use gnutls_kx_get to retrieve key exchange
    
    That allows the functions to operate under TLS 1.3 which have
    no key exchange as part of the ciphersuite.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 15:28:07 2017 +0200

    tests: check certificate callbacks under TLS 1.2 and 1.3
    
    Resolves #278
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 14:56:15 2017 +0200

    tests: added unit tests for client certificate under TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 14:21:33 2017 +0200

    handshake: handle the certificate authorities extension
    
    That is, when sending or receiving the certificate request message.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 13:59:39 2017 +0200

    handshake: added support for client certificates
    
    That is, receive and parse a certificate request, certificate
    verify, as well as certificate in server side.
    
    That way, client certificates
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 11:48:28 2017 +0200

    handshake: return GNUTLS_E_NO_CERTIFICATE_FOUND when no certificate is found in TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 11:43:45 2017 +0200

    handshake: send certificate request when requested
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 6 11:00:16 2017 +0200

    tests: added check for client hello random value after HRR
    
    That way we ensure that we follow the tls1.3 draft which requires
    the second client hello to be identical to the initial one.
    
    Resolves #299
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 6 11:16:17 2017 +0200

    handshake: treat reply to HRR as a reply to hello verify request
    
    That is, re-use the client random value on the client hello which
    is a reply to a hello retry request.
    
    Relates #299
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 6 10:18:33 2017 +0200

    tests: added key share behavioral test
    
    This verifies whether the gnutls_init() flags GNUTLS_KEY_SHARE_TOP,
    GNUTLS_KEY_SHARE_TOP2, GNUTLS_KEY_SHARE_TOP3 behave as advertized.
    
    Resolves #284
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 6 09:05:20 2017 +0200

    key share: added flags to gnutls_init() to modify its default behavior
    
    That way the application can adjust the range of keys generated
    during client hello attempting to guess the server's algorithm.
    
    Applications are intentionally not given the option to select the
    algorithm in the key share, but rather chose from the prioritized
    list of groups, to avoid a disconnect between the prioritized
    groups, and the key share sent.
    
    Relates #284
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 2 15:40:24 2017 +0100

    handshake: initialize buffer prior to use
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 4 10:55:48 2017 +0200

    tests: added tests for TLS1.2- rollback detection
    
    That is, tests which check
     * whether the server's generated values under TLS1.2- match the expected
     * whether the client would fail on negotiation if the rollback values are detected
    
    Resolves #293
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 4 10:33:11 2017 +0200

    _gnutls_set_server_random: corrected TLS1.2 and TLS1.1 rollback detection
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 11:08:04 2017 +0200

    extensions: renamed _gnutls_hello_ext_*sdata to _gnutls_hello_ext_*priv
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 09:35:52 2017 +0200

    server_name: use the new API for ext data setting
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 08:58:59 2017 +0200

    extensions: enhanced extension lib with pack and unpack functions
    
    That allows the functionality to be used for the majority of extensions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 08:41:51 2017 +0200

    tests: check the correct handling of cookie extension in client side
    
    Resolves #218
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 3 08:39:58 2017 +0200

    extensions: allow receiving and sending extensions which were not advertised by client side
    
    That is needed due to the special treatment of the cookie extension,
    which is sent by the server in HRR even if it was not advertised by
    the client.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 16:41:09 2017 +0200

    extensions: optimized gid_to_ext_entry() map on known extensions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 16:23:10 2017 +0200

    extensions: avoid double loop when parsing received extensions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 15:40:36 2017 +0200

    extensions: avoid looping to discover location of saved data
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 15:16:04 2017 +0200

    handshake: added support for reading and sending cookie extension
    
    That introduces an internal API to associate data to an extension.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 13 08:45:09 2017 +0100

    doc: document the GNUTLS_E_NO_COMMON_KEY_SHARE usage
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 11:58:25 2017 +0200

    tests: added unit test for hello retry request support
    
    Resolves #285
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 14:24:54 2017 +0200

    tests: rehandshake tests were restricted to TLS1.2
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 14:11:34 2017 +0200

    handshake: reduce assert printouts in common cases
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 10:10:48 2017 +0200

    handshake: accept hello retry request in client side
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 09:08:59 2017 +0200

    buf: _gnutls_buffer_pop_data made easier to use
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 09:01:41 2017 +0200

    handshake: simplified version parsing
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 21 16:40:43 2017 +0200

    handshake: send hello retry request when no key share matches
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 12:54:38 2017 +0200

    ext: do not advertize post handshake authentication
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 29 08:21:54 2017 +0200

    tests: check TLS1.3 record layer packet modification
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Sep 28 07:50:42 2017 +0200

    handshake: split set_client_random to gen and set
    
    This aligns with set_server_random() and gen_server_random().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Sep 28 07:47:40 2017 +0200

    handshake: only attempt to detect downgrade attacks if TLS1.3 is supported
    
    Otherwise, connections under TLS 1.2 may fail, even if client never enabled
    TLS 1.3 support.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 27 15:10:07 2017 +0200

    nettle/pk: explicitly mark intentional fallthrough in switch cases
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 22 16:59:31 2017 +0200

    key share: removed duplicate message
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 27 08:20:10 2017 +0200

    tests: fix warning in rng-sigint.c
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 27 08:58:26 2017 +0200

    tests: improved tls-session-supplemental
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 26 16:44:39 2017 +0200

    kx: moved to new buffer API
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 26 15:38:58 2017 +0200

    handshake: moved to the new mbuffer API
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 26 12:54:18 2017 +0200

    handshake: use the new buffer type in TLS 1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 26 11:57:18 2017 +0200

    handshake: new helper functions to use gnutls_buffer_st to generate mbuffers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 26 10:29:15 2017 +0200

    tlsfuzzer: disable non TLS1.3-ready tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 25 16:28:38 2017 +0200

    tests: added tests for TLS1.3 record generation / parsing
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 25 09:47:52 2017 +0200

    tests: introduced basic TLS1.3 key exchange test suite
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 25 16:26:45 2017 +0200

    record: adjusted overhead calculation for TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 25 14:49:23 2017 +0200

    priority: include groups into priority when having a TLS1.3-only session
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 25 09:46:32 2017 +0200

    priority: do include all the version's signature semantics
    
    This resolves issue, which prevented handling certain types
    of TLS1.3-only signatures, depending on the order of enabled
    protocols.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 25 09:32:25 2017 +0200

    ext/key_share: corrected release of MPI parameters
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 25 09:28:45 2017 +0200

    ext/signature: explicitly prevent RSA/DSA and SHA1 signatures on TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 22 16:55:36 2017 +0200

    hello ext: reduce verbosity
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 22 11:10:56 2017 +0200

    constate.h: removed non-existing function
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 22 10:55:43 2017 +0200

    record: any alert is fatal under TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 18 14:49:24 2017 +0200

    extensions: introduced functions to obtain currently parsed message
    
    This allows the extension handling code to operate differently
    on different messages.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 21 09:30:39 2017 +0200

    supported_versions: print the received versions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 21 12:58:51 2017 +0200

    handshake: introduced server side handshake [2/2]
    
    That is, send server certificate verify and receive
    certificate and certificate verify messages. In addition
    introduced flags to mark the expected, or sent messages.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 21 10:21:26 2017 +0200

    cs: select certificate under TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 21 09:53:47 2017 +0200

    handshake: introduced server side handshake [1/2]
    
    That is, send certificate request and certificate in server side
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 21 09:50:10 2017 +0200

    ciphersuites: introduce a maximum supported TLS/DTLS version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 21 09:41:37 2017 +0200

    handshake: properly set the default record version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 16:07:39 2017 +0200

    handshake: send encrypted extensions handshake message
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 15 13:54:25 2017 +0200

    handshake: parse new session ticket message
    
    That does not include extension handling.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 15:33:16 2017 +0200

    str: added _gnutls_buffer_pop_prefix24 and _gnutls_buffer_pop_prefix8
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 27 15:07:04 2017 +0200

    str: use assert to mark impossible cases
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 15:21:16 2017 +0200

    str: allow creating a read-only buffer
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 13:43:14 2017 +0200

    gnutls_session_get_desc: more descriptive name for TLS1.3 ciphersuites
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 15 09:11:37 2017 +0200

    handshake: generate application keys
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 15 08:30:52 2017 +0200

    constate: added _gnutls_epoch_dup
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 15 07:59:21 2017 +0200

    constate: indentation fixes
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 14 10:22:36 2017 +0200

    handshake: added basic support for TLS 1.3 handshake in client side
    
    That does not include support for client certificates as it
    requires extension handling improvements in order for extensions
    to be context sensitive (now they cannot distinguish whether the
    parsing routine is called during client hello or certificate request
    reading)
    
    This does not include proper parsing of extensions present in
    the certificate message.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 13 14:19:12 2017 +0200

    handshake: added parsing of encrypted extensions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 25 10:44:43 2017 +0200

    crypto-api: introduce internal version of AEAD API
    
    This allows to initialize the TLS 1.3 connection state without
    additional allocations as required by the external API.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 11 15:16:51 2017 +0200

    record: added TLS 1.3 record parsing and key derivation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 13:48:13 2017 +0200

    handshake: introduced TLS 1.3 handshake client state machine outline
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 11:56:28 2017 +0200

    extensions: separate the hello extensions from others
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 11:51:10 2017 +0200

    hello_ext.h: removed non-existant function definition
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 11:48:30 2017 +0200

    extensions: files renamed to hello_ext
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 11:46:55 2017 +0200

    extensions: renamed hello extension handling functions appropriately
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 11:40:54 2017 +0200

    extensions: simplified semantics of store and check functions
    
    That is, _gnutls_extension_list_check was made a boolean function,
    and both were renamed to more appropriate names such as,
    _gnutls_hello_ext_is_present, _gnutls_hello_ext_save.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 11:30:12 2017 +0200

    extension: renamed functions to reflect purpose
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 10:05:53 2017 +0200

    extensions: use the low-level extension parsing code for hello parsing
    
    That's a step towards unification of TLS-type extension handling
    for TLS 1.3.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 20 09:46:34 2017 +0200

    extv: introduced a low-level extension parsing code
    
    This will simplify the parsing and handling of extensions throughout
    the TLS 1.3 message contents.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 19 12:58:56 2017 +0200

    extensions: simplified the extension tracking
    
    Instead of keep a list of the received TLS extension IDs, use the bits
    in a variable to mark the received extensions. That reduces the
    overall memory usage due to extension tracking.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 19 12:48:14 2017 +0200

    extensions: use an internal extension ID independent of the TLS id
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 15 14:46:13 2017 +0200

    str: rename _gnutls_buffer_pop_prefix to _gnutls_buffer_pop_prefix32
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 15 14:45:20 2017 +0200

    str: rename _gnutls_buffer_pop_datum_prefix to _gnutls_buffer_pop_datum_prefix32
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 14 14:10:14 2017 +0200

    security params: store PRF when packing session
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 14 14:03:43 2017 +0200

    handshake: simplify by storing a pointer to PRF mac entry
    
    That way, we avoid multiple function calls to obtain information
    such as hash size, and other MAC properties.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 14 12:13:09 2017 +0200

    ext/signature: improved TLS 1.3 signature algorithm negotiation
    
    That is, we introduce a simpler way to handle multiple versions
    of a single signature algorithm.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 14 11:21:51 2017 +0200

    str: added helper functions to read prefixed data with 8 or 16-bit headers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 14 09:44:58 2017 +0200

    ecc: do not warn on receiving extension on client side
    
    This extension can be received used under TLS 1.3 on the client side.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 14 14:30:07 2017 +0200

    Added TLS 1.3 HKDF key derivation functionality
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 12 10:30:59 2017 +0200

    extensions: include extension number in debugging message
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 12 10:12:41 2017 +0200

    tests: check behavior on the extension hello flags
    
    That is, verify whether the various combinations of
    GNUTLS_EXT_FLAG_CLIENT_HELLO,
    GNUTLS_EXT_FLAG_TLS12_SERVER_HELLO,
    GNUTLS_EXT_FLAG_TLS13_SERVER_HELLO
    work as expected with regards to sending and receiving
    extensions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 11 10:26:44 2017 +0200

    extensions: apply extension msg type restrictions
    
    That is, on the extension parsing functions ensure that
    no extension which are not valid for the currently
    received message are parsed.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 11 10:13:07 2017 +0200

    extensions: mark the message validity of each supported extension
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 11 09:50:58 2017 +0200

    extensions: type renamed to id for clarity
    
    We were previously using the variable named 'type' to indicate the
    extension ID. With TLS 1.3, extensions are also given an applicability
    type (which message the extension applies to), and thus renamed the
    variable for clarity.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 12 08:03:59 2017 +0200

    tests: guile: don't use VERS-TLS-ALL
    
    That is, avoid enabling experimental protocols.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 12 08:00:00 2017 +0200

    .gitlab-ci.yml: abi-coverage: include guile logs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 14 09:20:25 2017 +0200

    nettle: added HKDF functions
    
    They are being included conditionally depending on the RSA-PSS feature
    (RSA-PSS and HKDF are expected to be introduced at the same version).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 11 15:54:40 2017 +0200

    gnutls-cli-debug: use explicit TLS versions rather than TLS-ALL
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 15:37:04 2017 +0200

    _gnutls_server_select_suite: don't set auth callbacks for TLS 1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 11:00:27 2017 +0200

    supported_versions: print negotiated protocol
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 15:35:21 2017 +0200

    Negotiate draft-TLS1.3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 14:14:58 2017 +0200

    handshake: added the TLS 1.3 ciphersuites
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 11 11:45:39 2017 +0200

    handshake: print negotiated version after its negotiation (for TLS1.3)
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 11 11:33:31 2017 +0200

    tests: fix TLS version to 1.2 for tests which used VERS-TLS-ALL
    
    This allows the test suite to run, even when TLS1.3 is still
    experimental.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 14 09:34:05 2017 +0200

    Added support for key share extension
    
    This enables TLS 1.3 key exchange based on the key share extension.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 09:23:53 2017 +0200

    handshake: always accept TLS 1.2 in client hello if we have later protocols enabled
    
    That is because after TLS 1.3 there is no negotiation of the version using
    the Client Hello field, but with an extension.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 08:23:01 2017 +0200

    require nettle 3.3 or later
    
    This will simplify handling of the x25519 key exchange.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 14 09:10:11 2017 +0200

    str: added function to append fixed-size MPI
    
    This is used in TLS 1.3 which introduces a new MPI over-the-wire
    format.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 13 11:57:26 2017 +0200

    tests: resumption tests were restricted to TLS 1.2
    
    TLS 1.3 implements resumption is a different way, so we should
    introduce new resumption tests once that support is in place.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 13 11:52:07 2017 +0200

    ext/post_handshake: restrict the use of this extension to TLS 1.3 or later
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 13 11:46:29 2017 +0200

    handshake: optimizations and enhancements in session version handling
    
    This introduces the following new functions:
    const version_entry_st *_gnutls_legacy_version_max(gnutls_session_t session);
    const version_entry_st *_gnutls_version_max(gnutls_session_t session);
    
    which replace their previous counterparts.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 13 11:21:24 2017 +0200

    tests: check for post-handshake extension in TLS 1.2-only sessions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 13 11:14:56 2017 +0200

    tests: added unit tests for post-handshake-auth extension
    
    These test whether this extension is seen under TLS 1.3 in client
    hello, and whether it is not present in server hello.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 13 10:33:18 2017 +0200

    handshake: send client and server hellos according to TLS 1.3
    
    That is, when TLS 1.3 is negotiated the compression algorithms and
    session ID fields are no longer sent.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 13 09:44:28 2017 +0200

    Added support for post handshake auth extension
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 13:40:19 2017 +0200

    tests: updated for new behavior of disabling protocols on missing signature algorithms
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 13:38:39 2017 +0200

    tests: verify that no signature algorithms with (D)TLS 1.2 will cause an error
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 13:33:46 2017 +0200

    priorities: when no signature algorithms eliminate (D)TLS 1.2 or later
    
    If an application intentionally disables all signature algorithms, ensure
    that we can operate by eliminating protocol options which require these
    signature algorithms to be set.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 13:16:10 2017 +0200

    tests: safer use of gnutls_bye in _test_cli_serv()
    
    In addition make sure we check gnutls_priority_set() for errors.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 09:40:46 2017 +0200

    tests: added checks for special signature algorithms
    
    This tests the behavior when signature algorithms only available
    under TLS1.3 are present in a TLS 1.2 session.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 09:38:26 2017 +0200

    tests: verify that +SIGN-ECDSA-SECP256R1-SHA256 has no effect when combined with TLS1.2
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 08:56:18 2017 +0200

    tests: added signature tests for ECDSA-SECP256R1-SHA256
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 09:19:16 2017 +0200

    priority: do not include signature algorithms that apply to different TLS version
    
    That is, when a signature algorithm that is only applicable
    to specific TLS protocol semantics (e.g., ECDSA-SECP256R1-SHA256)
    is enabled, under TLS 1.2, it will result to no code points being
    added. That prevents connection errors due to "wrong" code
    points being added that do not correspond to a usable signature
    algorithm under the protocol.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 11 14:07:43 2017 +0200

    tests: updated for the new behavior of handshake
    
    Previously at handshake we would negotiate a ciphersuite and certificate
    and later figure out a signature algorithm. Now we negotiate all at once,
    so we no longer reach situations where mid-way of handshake we figure we
    have no signature algorithm to use. Update the test cases relying on that
    behavior to account the new one.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 11 11:09:51 2017 +0200

    pubkey: enforce TLS 1.3 signature restrictions on verification
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 10 16:43:51 2017 +0200

    ext/signature: added TLS 1.3 signature algorithm negotiation
    
    That patch adds the signature algorithms:
     - GNUTLS_SIGN_ECDSA_SECP256R1_SHA256
     - GNUTLS_SIGN_ECDSA_SECP384R1_SHA384
     - GNUTLS_SIGN_ECDSA_SECP521R1_SHA512
    
    and enables them for the default TLS priority strings.
    In addition it allows negotiating signature algorithms sharing
    the same TLS IDs, but which have different semantics between TLS
    versions (e.g., 6,4 maps to GNUTLS_SIGN_ECDSA_SHA512 under TLS 1.2
    but to GNUTLS_SIGN_ECDSA_SECP521R1_SHA512 under TLS 1.3).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 19 15:20:00 2017 +0200

    tests: added unit test for TLS 1.3 version negotiation
    
    This checks whether the Client Hello and Server Hello packets
    contain the expected values.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 19 14:17:40 2017 +0200

    handshake: added support for negotiating version using extension
    
    That is, introduced the TLS 1.3 supported_versions extension. It is currently
    only being used if negotiating TLS 1.3 or later.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 19 13:30:46 2017 +0200

    handshake: legacy version negotiation is not used for TLS 1.3
    
    That is, ensure that the functions used for TLS 1.2 and earlier
    negotiation cannot be used with TLS 1.3. That is because TLS 1.3
    is negotiated using a TLS extension.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 19 11:57:22 2017 +0200

    Added TLS 1.3 Hello message random generation
    
    That is, added check for TLS 1.3 random value requirements in client side,
    and generation according to TLS 1.3 requirements for server and
    client side.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 19 14:57:55 2018 +0100

    Revert "priority: disable the enabled by default RSA-PSS signature algorithms"
    
    This reverts commit ef44477127952c13e93d7ea88f7b549bf36602f5.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 10 11:13:57 2018 +0100

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 22 11:52:19 2018 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 30 07:41:26 2018 +0100

    tests: check gnutls_fips140_set_mode operation per thread
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 21 15:49:42 2018 +0100

    tests: added unit test of gnutls_fips140_set_mode
    
    Also ensure that 512-bit keys cannot be generated
    in FIPS140-2 mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 22 11:40:42 2018 +0100

    tests: gnutls_hmac_fast: explicitly enable MD5 use under FIPS140-2 mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 21 12:38:29 2017 +0100

    tests: gc.c -> gnutls_hmac_fast.c
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 22 09:15:03 2018 +0100

    doc: documented gnutls_fips140_set_mode and gnutls_fips_mode_t
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 21 15:07:00 2018 +0100

    fips140: added function for applications to switch the FIPS140-2 mode
    
    That would allow FIPS140-2 compliant applications to use forbidden
    algorithms by switching to a lax FIPS140-2 mode.
    
    Resolves #352
    Resolves #353
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 21 14:01:17 2018 +0100

    fips140: enforcement of allowed ciphers moved to crypto-api.c and cipher_int.c
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 20 15:36:59 2017 +0100

    fips140: enforcement of hash and MACs use moved to crypto-api.c and hash_int.c
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 19 08:38:35 2018 +0100

    tests: srp: increased timeout to 40secs [ci skip]
    
    Since we increased the maximum parameters to 8k, ensure
    that slower systems have enough time to complete the handshake.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 18 20:58:07 2018 +0100

    doc: updates NEWS entry for 3.6.2 adding ABI changes [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Feb 16 08:54:26 2018 +0100

    latex: introduced functionWarning macro
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Feb 16 08:27:56 2018 +0100

    bumped version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 13 16:34:09 2018 +0100

    tests: check whether gnutls_credentials_set() can be set in an hsk hook
    
    This is useful when these are set during the handshake process
    on the handshake hook before client hello is parsed.
    
    Relates #382
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 13 16:47:16 2018 +0100

    doc: documented how to set the credentials late in certain vhost scenarios
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 13 16:21:52 2018 +0100

    doc: updated text on gnutls_handshake_set_hook_function
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 13 11:12:09 2018 +0100

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Feb 12 11:18:06 2018 +0100

    priority: disable the enabled by default RSA-PSS signature algorithms
    
    They have been modified in the latest (yet unsupported) TLS 1.3
    drafts, so prevent causes interoperability failures by keeping them
    on.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Feb 12 09:20:17 2018 +0100

    tests: cipher-openssl-compat: extend to include CCM tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Michael Catanzaro <mcatanzaro@igalia.com>
Date:   Fri Feb 9 10:22:24 2018 -0600

    Improve documentation of gnutls_x509_trust_list_iter_get_ca [ci skip]
    
    The documentation is confusing because it implies that
    gnutls_x509_trust_list_iter_deinit() should be called after using this
    function, but in fact it is generally not necessary.
    
    Also, there was a typo here ("usin").
    
    Signed-off-by: Michael Catanzaro <mcatanzaro@igalia.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 7 18:59:39 2018 +0100

    .gitlab-ci.yml: run the fuzz testsuite under various CPU capabilities
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 7 09:24:18 2018 +0100

    accelerated: make explicit key size check to all accelerated ciphers
    
    That is, do not rely on checks done on asm level, as they vary and
    may change over updates. Also handle consistently invalid key sizes
    by returning an error, and eliminate calls to abort().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Vitezslav Cizek <vcizek@suse.com>
Date:   Tue Feb 6 16:46:31 2018 +0100

    accelerated: check keysize in SSSE3 cipher setkey
    
    aes_ssse3_cipher_setkey() accepted any key size,
    which could lead to invalid memory access.
    
    Such as with the oss-fuzz corpora file
    fuzz/gnutls_pkcs8_key_parser_fuzzer.in/da59d34eacdf50a0019a457fb7c4916be48c99a5
    
    Signed-off-by: Vitezslav Cizek <vcizek@suse.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 8 14:32:42 2018 +0100

    p11tool: updated documentation [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 7 11:34:36 2018 +0100

    nettle: use the nettle_get_secp API when available
    
    Resolves #380
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 6 09:46:41 2017 +0100

    nettle base64_encode_raw: use cast to avoid warnings
    
    Nettle switched prototypes for base64_encode_raw() as follows:
    -base64_encode_raw(uint8_t *dst, size_t length, const uint8_t *src);
    +base64_encode_raw(char *dst, size_t length, const uint8_t *src);
    
    That means we need to cast fist param to void if we want to avoid
    warnings on different platforms.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 6 14:40:59 2018 +0100

    accelerated: x86-common: do not use _xgetbv() with clang
    
    Resolves #372
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 6 14:37:42 2018 +0100

    configure: treat solaris as ELF system
    
    Resolves #376
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Feb 6 04:03:45 2018 +0100

    tests: repeat cipher test with multiple keys and nonces
    
    In addition include chacha20-poly1305 into the tests.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Feb 6 03:59:17 2018 +0100

    accelerated: aarch64: fix GCM counter increment
    
    Ensure that we restrict the GCM counter to the 4 bytes assigned to it.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Feb 6 04:39:39 2018 +0100

    accelerated: fix use of SSSE3 vpaes_encrypt
    
    Previously we assumed that the nettle GCM internal functions
    will use the provided ECB function for single block encryption.
    Newer versions no longer operate that way. Ensure that we
    are compatible with them.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Feb 5 20:25:23 2018 +0100

    accelerated: fix use of aesni_ecb_encrypt()
    
    Previously we assumed that the nettle GCM internal functions
    will use the provided ECB function for single block encryption.
    Newer versions no longer operate that way. Ensure that we
    are compatible with them.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 2 15:49:48 2018 +0100

    serv: increase cache size used for resumption
    
    That allows sessions with longer parameters to be able
    to be resumed.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 2 11:09:22 2018 +0100

    CONTRIBUTING.md: check the issue closing as part of review [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 2 10:35:11 2018 +0100

    gnutls-cli: no longer print certificate types or compression methods
    
    We don't support any other compression methods than the null compression,
    nor any other certificate types.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Jay Foad <jay.foad@gmail.com>
Date:   Sat Jan 27 09:13:17 2018 +0100

    Inline version macros into its users.
    
    This fixes a problem in _gnutls_version_is_supported() where we want to
    use preprocessing directives in the loop body. Doing this within a macro
    argument is undefined behaviour according to the C standard, and not
    supported by the system compiler on AIX.
    
    Signed-off-by: Jay Foad <jay.foad@gmail.com>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 26 15:49:53 2018 +0100

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 26 15:48:52 2018 +0100

    certtool: deprecated the --certificate-pubkey option
    
    That option is duplicate since --pubkey-info can provide the same
    information.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 26 15:44:21 2018 +0100

    certtool: avoid duplicate deinitialization on --certificate-pubkey
    
    Resolves #368
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 21 12:25:10 2018 +0100

    dh: document why BER decoding rules are allows
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 21 12:19:12 2018 +0100

    pubkey: use the strict DER decoder for SubjectPublicKeyInfo
    
    Although there is no explicit RFC mentioning the SubjectPublicKeyInfo
    encoding, this structure is a subset of the X.509 certificate's structure
    and as such it is expected to be in DER form.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 21 11:36:20 2018 +0100

    pk: document need for the generic BER decoder
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 17 19:26:12 2018 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 17 19:25:36 2018 +0100

    tests: check whether deletion of a certificate object works
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 17 19:15:46 2018 +0100

    p11tool: corrected issue preventing the deletion of objects in batch mode
    
    Previously initialization of PIN callbacks would only happen during listing
    of objects, which happened only in non-batch mode.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 17 19:10:52 2018 +0100

    p11tool: corrected type affecting use of --only-urls
    
    It would enable batch mode accidentally.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 19 11:42:02 2018 +0100

    tests: pkcs11/tls-neg-pkcs11-key: updated for softhsm with PKCS#11 support
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 22 09:06:25 2018 +0100

    added sub-section on selecting the right return value [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 17 17:35:54 2018 +0100

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 17 08:38:13 2018 +0100

    examples: use gnutls_certificate_set_x509_system_trust
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 12 16:14:23 2018 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 12 13:23:03 2018 +0100

    tests: privkey-verify-broken: addressed uninitialized var use
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 10 15:41:50 2018 +0100

    tests: check whether get_mtu() functions relate to the set values
    
    That is, verify that gnutls_dtls_set_data_mtu() value would be
    reflected into gnutls_dtls_get_data_mtu(), as well as the
    gnutls_dtls_set_mtu() to gnutls_dtls_get_mtu().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 10 15:35:36 2018 +0100

    tests: added unit test for _gnutls_record_overhead()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 12 09:01:54 2018 +0100

    DTLS: improved data MTU calculation under CBC ciphersuites
    
    The data MTU calculation under CBC ciphersuites takes into
    account that the overhead of these ciphersuites is constant (IV +
    hash + 1 byte padding), though the capacity varies due to the padding
    block. That is, on 16-byte padding block, one padding byte is the
    overhead but the rest 15 bytes are accounted for data MTU.
    
    That also has the side effect that setting a data MTU using
    gnutls_dtls_set_data_mtu(), is not definite, and the actual
    MTU may be larger for these ciphersuites --i.e., the
    return value of gnutls_dtls_get_data_mtu().
    
    Resolves #360
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 10 10:58:30 2018 +0100

    fuzz: added reproducer for leak in gnutls_x509_crl_list_import
    
    That was detected by oss-fuzz in:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4930
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 10 10:56:28 2018 +0100

    gnutls_x509_crt_list_import: eliminated memory leak
    
    That leak would be triggered if GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED
    flag was used and the input data would exceed the maximum limit.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 9 11:31:45 2018 +0100

    libtasn1: updated to latest libtasn1 master branch
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 3 16:41:36 2018 +0100

    gnutls_pkcs12_key_parser_fuzzer.in: added reproducer for oss-fuzz #4890
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 7 09:55:37 2018 +0100

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 3 16:27:03 2018 +0100

    doc: updated copyright year for manual
    
    That eliminates the 'make syntax-check' error.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 30 20:12:36 2017 +0100

    tests: added reproducer for self-signed verification error
    
    Relates #347
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 30 19:57:08 2017 +0100

    x509/verify: when verifying against a self signed certificate ignore issuer
    
    That is, ignore issuer when checking the issuer's parameters strength. That
    resolves the issue of marking self-signed certificates as with insecure
    parameters during verification.
    
    Resolves #347
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 20 08:16:29 2017 +0100

    gnutls_pk_self_test: include ECDSA tests on GNUTLS_PK_EC
    
    Previously when a request for a specific self check on GNUTLS_PK_EC
    was done, only ECDH tests would be run. This change includes the ECDSA
    tests as well (GNUTLS_PK_EC and GNUTLS_PK_ECDSA are an alias to each other).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 19 16:40:59 2017 +0100

    tests: hash-large: increase parallelism to allow fast run in CI
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 8 11:14:58 2017 +0100

    doc: reference gnutls_prf_rfc5705 instead of gnutls_prf
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 3 11:34:32 2017 +0100

    tests: utils.h: forbid compilation with NDEBUG
    
    This allows to rely on the assert() macro being functional on
    the test suite.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 3 10:49:12 2017 +0100

    tests: p11-kit-load.sh: verify that all modules are loaded after a private key operation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 30 15:08:22 2017 +0100

    tests: enhanced pkcs11/list-tokens
    
    This not only creates a trust list with the system certificates, but
    also attempts to verify a certificate, increasing the number of calls
    to PKCS#11 verification API (and thus ensuring there are no calls
    which may trigger the load of other modules).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 30 14:31:07 2017 +0100

    pkcs11 verification: always use the GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE
    
    That is, make sure that all our calls to PKCS#11 subsystem for verification
    will only trigger the trust module initialization, and not the generic
    PKCS#11 initialization.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 30 14:28:46 2017 +0100

    pkcs11: simplify trusted module loading state
    
    That is always utilize the same flags (GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE)
    to determine whether to initialize trusted modules only or
    proceed with general initialization.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 30 12:52:57 2017 +0100

    _gnutls_pkcs11_check_init: improved transition between states
    
    The init_level_t for PKCS#11 modules, was incorrectly handled as a
    linear state transition, causing few cases in the transition to be
    incorrectly handled. Define precisely the state transitions and
    enforce them in _gnutls_pkcs11_check_init.
    
    That addresses a regression introduced by the previous state handling
    addition, which made impossible to switch from the trusted state to
    the all modules.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 30 11:44:14 2017 +0100

    tests: corrected destructive/p11-kit-load.sh error checking
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Dec 1 11:13:29 2017 +0100

    gnutls-serv: fix double-free on inactivity timeout
    
    Previously, gnutls-serv --echo segfaulted when closing client
    connection after inactivity timeout.  Here is the valgrind output:
    
    ==20246== Invalid free() / delete / delete[] / realloc()
    ==20246==    at 0x4C2FD18: free (vg_replace_malloc.c:530)
    ==20246==    by 0x405310: listener_free (serv.c:154)
    ==20246==    by 0x408B57: tcp_server (serv.c:1568)
    ==20246==    by 0x407DA6: main (serv.c:1231)
    ==20246==  Address 0x6ed4fe0 is 0 bytes inside a block of size 3 free'd
    ==20246==    at 0x4C2FD18: free (vg_replace_malloc.c:530)
    ==20246==    by 0x408A1D: tcp_server (serv.c:1548)
    ==20246==    by 0x407DA6: main (serv.c:1231)
    ==20246==  Block was alloc'd at
    ==20246==    at 0x4C2EB6B: malloc (vg_replace_malloc.c:299)
    ==20246==    by 0x6A64489: strdup (in /usr/lib64/libc-2.25.so)
    ==20246==    by 0x407310: get_response (serv.c:948)
    ==20246==    by 0x408840: tcp_server (serv.c:1492)
    ==20246==    by 0x407DA6: main (serv.c:1231)
    ==20246==
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Nov 28 15:45:59 2017 +0100

    .dir-locals.el: new file
    
    This forces Emacs to use the Linux kernel coding style for all C code.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Nov 28 15:45:54 2017 +0100

    build: remove m4 files pulled in by autopoint
    
    Having these files in the git repository causes unnecessary changes
    after "make bootstrap".
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 29 17:16:41 2017 +0100

    gnutls_aead_cipher_init: corrected potential memory leak
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 28 14:28:46 2017 +0100

    doc: provided basic documentation of the FIPS140-2 mode [ci skip]
    
    Resolves #332
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 27 09:42:26 2017 +0100

    tests: verify whether group remains the same after resumption
    
    Resolves #331
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 27 09:31:52 2017 +0100

    _gnutls_set_resumed_parameters: restore the group from resumed parameters
    
    That allows resumed sessions to have the original group information such as
    curve used for key exchange or FFDHE parameters.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 27 08:19:01 2017 +0200

    tests: removed unnecessary assert
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 10 14:23:20 2017 +0200

    tests: delete temporary files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 8 11:47:22 2017 +0100

    session state: use the right type for send_cert_req variable
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 24 08:17:40 2017 +0100

    tests: client-fastopen: introduce child signal handler and delay prior to starting
    
    This addresses a hang issue on freebsd builds.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 22 17:36:30 2017 +0100

    psktool: allow up to 512-byte keys
    
    This aligns the psktool --help output with the psktool operation.
    
    Suggested by Jack Lloyd.
    
    Resolves #327
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Nov 21 20:26:43 2017 +0100

    getfuncs-map.pl: added gnutls_srp_8192_group* symbols to ignore list
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Nov 21 19:24:29 2017 +0100

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Nov 21 19:17:01 2017 +0100

    srptool: --create-conf no longer includes 1024-bit parameters
    
    In addition it includes the 8192-bit parameters, and
    the default params used for a new user are the 2k ones.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 21 13:23:21 2017 +0100

    tests: updated SRP checks
    
    Test 1024, 1536, 2048, 3072, 4096 and 8192 bit parameters.
    In addition, verify that parameters not in the SRP spec are
    rejected by a gnutls client.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 21 13:05:12 2017 +0100

    .gitlab-ci.yml: move destructive tests after trust store tests
    
    That is, to ensure they are only run after the trust store
    is complete and that it doesn't affect its output.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 20 14:43:21 2017 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 20 14:34:20 2017 +0100

    tests: include the 8192-bit SRP prime into param checks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 20 14:33:33 2017 +0100

    srp: added the 8192-bit prime
    
    As we now reject any primes not in the SRP spec, we include
    that parameter to ensure we can handle clients within the
    spec but with large parameters.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 20 14:10:02 2017 +0100

    srp: reject any parameters not in the SRP draft
    
    This implements the SHOULD requirement from RFC5054, i.e., to
    only accept group parameters that come from a trusted source,
    such as those listed in Appendix A.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 20 14:07:12 2017 +0100

    fuzz: srp-client: decreased acceptable prime bits to 1024 [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 9 09:47:10 2017 +0100

    tests: combined key and cert tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 9 09:40:23 2017 +0100

    tests: windows subdir is only included on windows builds
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 8 16:32:48 2017 +0100

    tests: dtls subdir was merged into main tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 20 13:49:55 2017 +0100

    fuzz: srp-client: restrict prime bits to 1537 [ci skip]
    
    That avoids timeouts in the oss-fuzz infrastructure:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3277
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 19 16:39:16 2017 +0100

    doc: corrected typo
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 16 16:57:29 2017 +0100

    doc: better detect acronym keyword on latex output
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 16 16:53:46 2017 +0100

    doc: latex: resolve all citation issues
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 16 16:43:21 2017 +0100

    doc: citations translate into references in texinfo
    
    That makes the citations to be links in the generated html manual.
    
    Resolves: #321
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 13 11:03:35 2017 +0100

    p11tool: renamed pkcs11_set_pin() to allow static linking
    
    Resolves #322
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 15 11:47:31 2017 +0100

    cfg.mk: do not include reproducer files into syntax checks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 15 10:31:00 2017 +0100

    gnutls_x509_ext_import_proxy: corrected memory leak
    
    Also added reproducer for the memory leak found.
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3159
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 8 13:56:56 2017 +0100

    tools: do not access unused variables
    
    This avoids warnings by static analyzers.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 8 10:51:51 2017 +0100

    .gitlab-ci.yml: disabled gcc warnings on CI builds and use dash
    
    That should decrease the time spent in configure. Based on suggestions
    by Tim Ruehsen.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 5 20:46:47 2017 +0100

    .gitlab-ci.yml: use configure cache file and ccache
    
    That reduces the total time spent per build by caching configure
    checks, and compilation artifacts.
    
    Also that patch set no longer uploads coverage files as artifacts.
    These files are not generally useful, and removing that "feature"
    will reduce CI running time.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 4 17:18:23 2017 +0100

    doc: corrected typo [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 3 15:10:03 2017 +0100

    tests: list-tokens: not only list but also verify whether module is operational
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 3 15:03:35 2017 +0100

    pkcs11: refuse to load modules with duplicate information
    
    That is, when ck_info matches, we soft fail loading the module.
    That is, because in several cases the pointers got by p11-kit
    may differ for the same modules.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 3 14:33:24 2017 +0100

    tests: enhanced PKCS#11 loading test
    
    Test whether implicit initialization in trusted module (e.g.,
    via verification), would result to proper initialization of additional
    modules once a PCKS#11 function is called.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 30 13:51:33 2017 +0100

    tests: added PKCS#11 module loading test
    
    This checks:
     1. Whether all modules are loaded from p11-kit when
        no explicit gnutls_pkcs11_init() is called and
        pkcs11 calls are accessed.
     2. Whether only the trusted modules are loaded from
        p11-kit and no other PKCS#11 calls than PKCS#11
        cert validation is performed.
     3. Whether the trusted modules are loaded when
        gnutls_pkcs11_init() is called with manual
        flag.
    
    Resolves #315
    Resolves #316
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 30 11:29:38 2017 +0100

    pkcs11: allow loading trusted modules when pkcs11 was initialized in manual mode
    
    When a PKCS#11 trust module is used in the system, but gnutls_pkcs11_init()
    is explicitly called with GNUTLS_PKCS11_FLAG_MANUAL flag, then the PKCS#11
    trust store was not loaded, and thus prevent any certificate validation.
    
    This change allows initializing the trust modules only even if generic
    PKCS#11 support is disabled by the application.
    
    Relates #316
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 30 09:57:09 2017 +0100

    pkcs11: introduce multiple levels of loading
    
    That allows to load the PKCS#11 trusted modules (on systems which use them)
    without loading all the potentially present PKCS#11 modules.
    
    Relates #315
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 31 09:18:15 2017 +0100

    CONTRIBUTING.md: added a short text on reviewing code [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Roberto Newmon <robertonewmon@fake-box.com>
Date:   Sun Oct 29 08:30:02 2017 +0000

    Fix non-null warning
    
    Help the compiler understand the control flow in the MATCH_FUNC and
    INVALID_MATCH_FUNC macros.
    
    Because we are using macros, the compiler is not able to correlate the
    replaced values of the macro variables to each other yielding non-null
    warnings. Introduce a C variable to mimic the macro variable helping
    the compiler understanding the control flow.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 21 15:17:22 2017 +0200

    tests: test whether PKCS#11 generation works without login
    
    Resolves #147
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 21 15:10:03 2017 +0200

    p11tool: attempt to auto-login when the token requires it
    
    In operations like generation or writing objects, run as if --login
    was given if the token is marked to require login.
    
    Relates #147
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 21 15:01:53 2017 +0200

    p11tool: print PKCS#11 token flags in --list-tokens
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 21 14:53:37 2017 +0200

    pkcs11: forward token flags to applications
    
    That is, gnutls_pkcs11_token_get_flags() will not return the
    most common/useful PKCS#11 token flags, in addition to trusted and HW
    flags.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 21 09:44:37 2017 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 21 02:18:07 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 19 10:14:33 2017 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Thomas Klute <thomas2.klute@uni-dortmund.de>
Date:   Wed Oct 18 19:50:57 2017 +0200

    gnutls_server_name_set: Clarify meaning of the name_length parameter [ci skip]
    
    Signed-off-by: Thomas Klute <thomas2.klute@uni-dortmund.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 18 15:57:53 2017 +0200

    doc: mention SHA224 removal in upgrade guide
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 18 15:55:57 2017 +0200

    bumped version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 18 10:18:33 2017 +0200

    gnutls-serv: print the right error code on OCSP request setting
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 18 13:42:21 2017 +0200

    ocsptool: doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 16 11:41:36 2017 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 27 13:25:02 2017 +0200

    cmp_hsk_types: fixed check for SSLv2 hello
    
    Previously, if SSLv2 hello support was disabled, the check for
    the expected TLS message was incorrect.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 7 10:06:09 2017 +0200

    doc: improve documentation on provable private keys
    
    Resolves #301
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 7 09:44:54 2017 +0200

    doc: enhanced text on PKCS#7 and public keys
    
    Resolves #302
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 1 12:20:18 2017 +0200

    tests: check whether key IDs with SHA512 are corrected calculated
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 1 12:18:54 2017 +0200

    certtool: allow using SHA512 for key IDs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 1 12:17:26 2017 +0200

    _gnutls_get_key_id: introduce flag GNUTLS_KEYID_USE_SHA512
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 1 12:14:11 2017 +0200

    tests: check fingerprint generation with SHA512
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 1 12:12:25 2017 +0200

    certtool: allow using --fingerprint with sha384 or sha512
    
    Resolves #295
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Wed Sep 27 19:21:59 2017 +0200

    Modernize gtk-doc support
    
    Update gtk-doc.make, m4/gtk-doc.m4 and doc/reference/Makefile.am from
    gtk-doc git head (that is 1.26 +
    c08cc78562c59082fc83b55b58747177510b7a70).
    Disable gtkdoc-check.
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Rowan Thorpe <rowan@rowanthorpe.com>
Date:   Wed Sep 27 21:41:43 2017 +0300

    Fix autoreconf invocation to actually run autopoint
    
    Signed-off-by: Rowan Thorpe <rowan@rowanthorpe.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 25 16:57:31 2017 +0200

    CONTRIBUTING.md: added some text on introducing new APIs [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 24 10:52:08 2017 +0200

    tests: re-purposed client_dsa_key test to match new behavior of the library
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 24 10:47:05 2017 +0200

    tests: update TLS 1.2 tests to account for RSA-PSS client signatures
    
    On commit de4f55b4dcf4bbe8f788e1f8f5bd59cd596f7d36:
    "signature: on client side, refuse to negotiate non-enabled signature schemes"
    
    the behavior of allowing a client to utilize disabled for the session
    signatures, and thus the negotiated signatures now match the ones
    in the session's priority string.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 08:37:50 2017 +0200

    signature: on client side, refuse to negotiate non-enabled signature schemes
    
    That amends/reverts commit 6aa8c390b08a25b18c0799fbd42bd0eec703fae4:
    "On client side allow signing with the signature algorithm of our cert"
    
    Previously, when we initially disabled DSA, we allowed client certificates
    which can do DSA-SHA1 to be utilized to ease migration from these certificates.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 15 09:53:01 2017 +0200

    _gnutls_epoch_gc: ensure there are no stray epochs after gc
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 15 09:29:30 2017 +0200

    constate: simplified allocation of epochs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 15 08:26:22 2017 +0200

    _gnutls_epoch_get(): simplified use
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 24 17:42:01 2017 +0200

    gnutls_x509_crt/q_set_spki: always initialize the spki structure
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 11:17:21 2017 +0200

    gnutls-cli: always initialize the inline commands struct
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 11:13:31 2017 +0200

    gnutls-cli-debug: eliminated memory leaks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 11:11:27 2017 +0200

    ocsptool: eliminate memory leaks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 11:09:00 2017 +0200

    certtool: use assert to protect var access
    
    The code correctly uses the variables, but the assert ensures
    that static analyzers follow the intended paths too.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 11:06:53 2017 +0200

    srptool: removed unused variables
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 11:06:24 2017 +0200

    psktool: remove unused variables
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 11:05:18 2017 +0200

    gnutls-cli: fix memory leak
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 11:04:21 2017 +0200

    tools: eliminated dead assignments
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 10:59:58 2017 +0200

    ocsptool: check chain size on verification
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 19 11:08:19 2017 +0200

    .gitlab-ci.yml: use static analyzer and Werror build in src
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 08:29:17 2017 +0200

    tests: enhanced resumption checks with same and different SNI
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 08:19:21 2017 +0200

    server name: refuse to resume a session which server name doesn't match
    
    That is, follow the RFC6066 requirement that server:
    "MUST NOT accept the request to resume the session if the
    server_name extension contains a different name."
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 23 10:47:15 2017 +0200

    gnutls-cli: eliminate few memory leaks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Thomas Klute <thomas2.klute@uni-dortmund.de>
Date:   Thu Sep 21 11:00:33 2017 +0200

    tests: New test for SNI parsing during cache-based session resumption
    
    Signed-off-by: Thomas Klute <thomas2.klute@uni-dortmund.de>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Thomas Klute <thomas2.klute@uni-dortmund.de>
Date:   Thu Sep 21 10:45:05 2017 +0200

    Ensure the SNI extension is parsed during cache-based resumption
    
    This patch changes the parse_type of the SNI extension to
    GNUTLS_EXT_MANDATORY to ensure it is parsed during every handshake.
    
    With SNI previously classified as GNUTLS_EXT_APPLICATION, GnuTLS
    servers ignored the SNI extension when resuming a TLS session from
    cache, because "application" level extensions are skipped during
    resumption. As a result, gnutls_server_name_get() always returned
    GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when called on the resumed
    session, breaking virtual server systems.
    
    According to RFC 6066, Section 3 the SNI extension must be parsed on
    session resumption if implemented at all:
    
      "A server that implements this extension MUST NOT accept the request
      to resume the session if the server_name extension contains a
      different name."
    
    This change allows applications using GnuTLS to match SNI data on
    resumed sessions.
    
    Signed-off-by: Thomas Klute <thomas2.klute@uni-dortmund.de>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Sep 18 17:06:15 2017 +0300

    tests: explicitly check for gnutls.pc in pkgconfig.sh
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Sep 18 13:33:53 2017 +0300

    test: use proper library name in pkgconfig.sh error message
    
    If there is a -R flag in p11-kit-1.pc file, pkgconfig.sh test will still
    reference libidn2.pc, rather than proper source of the message. Also
    move the test for library flags before updating PKG_CONFIG_PATH.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Sep 18 13:32:40 2017 +0300

    tests: use libidn2 in pkgconfig.sh
    
    Since abe6a12b9766219163f99d7807a0b07fbe5f590c GnuTLS does not support
    libidn1. Switch pkgconfig.sh test to use libidn2.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Sep 19 20:36:22 2017 +0200

    parse-datetime: Fix buffer overflow

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 18 15:35:32 2017 +0200

    tlsfuzzer: document the reason of failure of few fragmentation tests
    
    It seems that gnutls does not accept records carrying handshake messages
    that contain less bytes than necessary to recover the handshake header.
    The TLS protocol allows that option, and other implementations seem to
    accept that fragmentation.
    
    Relates #272
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 16 18:21:36 2017 +0200

    parse_handshake_header: removed duplicate check
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 16 14:03:54 2017 +0200

    ecdh: return more appropriate error code on empty packet
    
    This makes tlsfuzzer's test-x25519 detect the right error
    code on empty message. Previously this issue was masked by our
    refusal to accept 1-byte sized fragments.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 15 16:34:02 2017 +0200

    parse_handshake_header: allow 1-byte sized fragments
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 15 16:21:02 2017 +0200

    tests: added reproducer for DTLS infinite loop
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Sep 18 20:55:25 2017 +0200

    pkcs11/get_key_algo_type(): Always initialize bits variable
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Sep 18 20:53:23 2017 +0200

    tests/base64-raw: Remove unused variable
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Sep 18 15:54:19 2017 +0200

    gnutls.h: Remove redundant function declarations
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 14 11:56:27 2017 +0200

    x509: removed debugging code [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 27 13:58:58 2017 +0200

    tests: modified the MD5 signature algorithm negotiation tests
    
    Since GnuTLS can no longer negotiate MD5, we utilize a byte stream
    of a connection which advertises MD5, and we make sure we detect the
    right error code for the rejection of MD5 signature.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 27 08:42:10 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 27 08:36:01 2017 +0200

    tlsfuzzer: no longer include tests involving SHA224 signatures
    
    We no longer support them.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 26 15:04:32 2017 +0200

    algorithms/sign: removed TLS identifiers for legacy algorithms
    
    That is, for the MD5-using algorithms, as well as for the DSA2
    signature algorithms that were never really used with TLS 1.2.
    
    Kept DSA-SHA1 in order to be used by TLS 1.2 and legacy applications.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 26 15:02:47 2017 +0200

    algorithms/sign: legacy signature algorithms were moved toward the end of the list
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 26 14:58:17 2017 +0200

    algorithms/sign: no longer enable SHA224 hash in signatures
    
    TLS 1.3 requires that SHA224 MUST NOT be used, and given the
    fact that SHA224 was never widespread used in TLS 1.2, there
    is no reason to keep these algorithms at all.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 8 16:19:38 2017 +0200

    tlsfuzzer: added large client hello tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 8 15:16:55 2017 +0200

    win32: removed no longer used subdir
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 8 14:01:09 2017 +0200

    .gitlab-ci.yml: added warning cppcheck checks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 16:54:24 2017 +0200

    .gitlab-ci.yml: removed initialization step
    
    That is, combine syntax-check with the static analyzers run. That
    provides more parallelism per build and reduces the overall time
    spent on a successful run.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 16:20:01 2017 +0200

    doc: added README on FreeBSD CI setup
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 16:21:44 2017 +0200

    .gitlab-ci.yml: added FreeBSD build
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 17:05:57 2017 +0200

    tests: ip-utils: added include for FreeBSD compilation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 14:12:20 2017 +0200

    .gitlab-ci.yml: enable more cppcheck tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 8 12:15:47 2017 +0200

    tests: updated tlsfuzzer to reduce rsa-pss failures
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 15:51:57 2017 +0200

    crq: doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 09:31:30 2017 +0200

    tests: added unit test for gnutls_x509_crq_sign
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 09:11:06 2017 +0200

    tests: added verification checks into crl_apis
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 09:10:20 2017 +0200

    gnutls_x509_crl_verify: check next update field for presence
    
    If not present do not attempt to utilize its value.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 08:33:24 2017 +0200

    tests: added verification check into crt_apis
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 08:30:13 2017 +0200

    tests: added unit test for gnutls_x509_crt_sign
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 08:24:41 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 09:23:28 2017 +0200

    gnutls_x509_crq_sign: undeprecate
    
    After the updates of the function semantics, it is no longer
    needed to deprecate it.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 09:13:54 2017 +0200

    gnutls_x509_crl_sign: undeprecate
    
    After the updates of the function semantics, it is no longer
    needed to deprecate it.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 09:21:16 2017 +0200

    gnutls_x509_crq_sign: no longer sign with SHA1
    
    Modify the behavior of the functions to sign with an appropriate
    to the public key hash algorithm. That although it modifies the
    semantics of the functions, it allows them to be useful even after
    SHA1 is considered insecure.
    
    In addition to that, the functions which accept a hash algorithm, will
    accept a null hash, which instructs the function to select a
    reasonable choice.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 08:21:47 2017 +0200

    gnutls_x509_*_sign: no longer sign with SHA1
    
    Modify the behavior of the functions to sign with an appropriate
    to the public key hash algorithm. That although it modifies the
    semantics of the functions, it allows them to be useful even after
    SHA1 is considered insecure.
    
    In addition to that, the functions which accept a hash algorithm, will
    accept a null hash, which instructs the function to select a
    reasonable choice.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 08:12:05 2017 +0200

    doc: document the change of gnutls_x509_crt_sign
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 8 08:31:42 2017 +0200

    tests: tolerate leaks in opensc-pkcs11 when present
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 7 08:08:12 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 6 14:51:59 2017 +0200

    tests: added reproducer for safe renegotiation failure with openssl
    
    Relates #259
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 6 15:11:00 2017 +0200

    handshake: check SCSVs prior to resuming a session
    
    This ensures that extensions which are also available as SCSVs
    are parsed prior to resuming a session. This resolves an issue
    with openssl sending SCSV instead of an extension for the safe
    renegotiation.
    
    Relates #259
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Thomas Klausner <wiz@NetBSD.org>
Date:   Wed Sep 6 19:16:30 2017 +0200

    Use $(LIBDL) instead of hardcoding -ldl.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 6 14:34:20 2017 +0200

    cmocka: require 1.0.1
    
    This prevents failures in test suite due to insufficient cmocka
    library version.
    
    Resolves #268
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 6 09:46:05 2017 +0200

    tlslite-ng: updated to latest version
    
    This addresses issues with RSA-PSS signing.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Avinash Sonawane <rootkea@gmail.com>
Date:   Thu Aug 31 18:05:04 2017 +0530

    cli-debug-args.def: Fix typo
    
    Signed-off-by: Avinash Sonawane <rootkea@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Aug 29 15:38:49 2017 +0200

    latex: handle the deprecated function mark [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Aug 29 13:56:58 2017 +0200

    .gitlab-ci.yml: give more specific name to windows job artifacts [ci skip]
    
    This allows a more descriptive name to any downloaded artifacts.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 28 15:16:58 2017 +0200

    tools: removed re-using PIN message when in non-verbose mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 28 12:57:38 2017 +0200

    p11tool: print public or private key algorithm
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 28 14:20:36 2017 +0200

    gnutls_pkcs11_privkey_generate3: doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 26 17:27:09 2017 +0200

    tests: check whether generated private keys are marked private
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 26 17:16:26 2017 +0200

    tests: added unit test of p11tool with --set-pin
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 26 17:02:28 2017 +0200

    tests: check whether generated or copied keys are marked as sensitive
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 25 15:58:14 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 25 15:56:49 2017 +0200

    p11tool: allow obtaining PIN from command line on operations
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 25 14:49:33 2017 +0200

    certtool: eliminate global use of default_dig
    
    Use instead the cinfo->hash field which is already used
    by p11tool.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 25 12:01:37 2017 +0200

    tests: krb5-test: disable valgrind mem leak checks for negative checks
    
    Resolves #192
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 25 11:47:28 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 25 11:41:47 2017 +0200

    tests: check whether p11tool signing with RSA-PSS works
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 25 10:53:51 2017 +0200

    p11tool: allow signing with RSA-PSS and specifying an explicit hash
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 25 10:41:27 2017 +0200

    sign_params_to_flags: moved to certtool-common.c
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 25 10:33:27 2017 +0200

    certtool: hash_to_id moved to certtool-common.c
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Aug 26 17:49:28 2017 +0200

    Fix some typos [ci skip]
    
    occurence -> occurrence
    sucessful -> successful
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Tom Vrancken <email@tomvrancken.nl>
Date:   Fri Aug 25 19:54:58 2017 +0200

    Fixed segmentation faults caused by accessing NULL pointers during mutex operations. This bug was triggered while setting priorities.
    
    Signed-off-by: Tom Vrancken <email@tomvrancken.nl>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 25 16:15:24 2017 +0200

    p11tool: explicitly mark generated keys as sensitive
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sat Aug 26 00:16:03 2017 +0300

    tests: windows: warning: function declaration isn't a prototype
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Fri Aug 25 23:45:44 2017 +0300

    tests: warning: implicit declaration of function
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 24 17:03:17 2017 +0200

    m4: updated ax_code_coverage.m4 [ci skip]
    
    This version fixes a bug which prevented including the branch coverage
    into output.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Aug 21 15:19:25 2017 +0200

    fuzzer: Enhance code coverage of gnutls_base64_encoder_fuzzer
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Aug 21 15:16:55 2017 +0200

    fuzzer: Add script 'view-coverage'
    
    This helper script is for viewing the code coverage of
    single (or combined) fuzzers running with all his corpora.
    
    It helps optimizing the code coverage by hand-crafting corpora
    and/or dictionaries.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Aug 21 14:22:58 2017 +0200

    fuzzer: Change CFLAGS -O0 to -O1 in fuzz/README.md
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Aug 21 14:20:54 2017 +0200

    fuzzer: Update corpora from oss-fuzz
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 24 15:29:19 2017 +0200

    tlslite: updated to latest version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 23 10:20:05 2017 +0200

    certtool: do not ask about RSA encryption in non-RSA keys
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 22 16:17:54 2017 +0200

    fuzz: work-around libtool file name
    
    fuzzers utilize argv[0] to discover the name the reproducers are stored
    in. However libtool creates a script which later runs the executable.
    Try to detect that situation and use the right paths.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 22 08:48:03 2017 +0200

    dh params: document DH param setting functions as deprecated
    
    They are no longer useful after the RFC7919 DH parameter negotiation.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 10:03:54 2017 +0200

    tests: introduced unit test of gnutls_memset()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Aug 22 07:27:03 2017 +0200

    fuzz: removed -static ldflag completely
    
    It is not necessary for building the fuzzer, and was causing
    issues in MacOSX systems.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 21 09:47:59 2017 +0200

    .gitlab-ci.yml: use the same flags in the tags and non-tags windows builds
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 21 09:46:07 2017 +0200

    tests: p11-kit-trust is not compiled in windows
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 21 08:35:07 2017 +0200

    fuzz: temporarily disable -static build of fuzz/ in MacOSX
    
    This allows running the MacOSX CI tests on travis.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 21 08:26:57 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 21 07:56:58 2017 +0200

    tests: verify the output size of gnutls_x509_privkey_export
    
    That is, make sure that gnutls_x509_privkey_export() and
    gnutls_x509_privkey_export2() agrees with the strlen()
    value on the data.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 20 20:46:31 2017 +0200

    .travis.yml: print failed log files in fuzz after failure
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 20 19:43:52 2017 +0200

    hooks.m4: reduce the gap between minor soversion of 3.5.x and 3.6.0
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 20 09:24:19 2017 +0200

    tests: make mini-record more friendly for OSes with limited buffers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 20 09:18:05 2017 +0200

    pull/push backends: ECONNRESET is translated to GNUTLS_E_PREMATURE_TERMINATION
    
    This returns a more reasonable error code on platforms where
    this errno is set.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 20 09:05:02 2017 +0200

    tests: gnutls_x509_privkey_import: address issue on error path
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 20 00:18:44 2017 +0200

    sed: use it in a portable way in makefiles
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 19 23:33:46 2017 +0200

    configure: disable hardware acceleration on aarch64/ilp32 mode
    
    Our included assembly code for aarch64 is not suitable for that
    data mode.
    
    Resolves #252
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 19 13:39:28 2017 +0200

    create_tls_random: avoid warning in fuzzying mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 19 08:58:37 2017 +0200

    configure.ac: removed conditional FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
    
    Instead rely only on the definition, to make fuzzying mode to be
    enabled even if --enable-fuzzer-target is not specified, but defined
    b the compiler.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 19 08:56:28 2017 +0200

    rnd-fuzzer: use ifdef instead of conditional compilation
    
    This allows compiling in fuzzying mode even when --enable-fuzzer-target
    is not specified on configure, but the definition is present.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Aug 18 21:39:13 2017 +0200

    fuzzer: Update base64 fuzzers + corpora
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Aug 18 21:32:28 2017 +0200

    fuzzer: Fix include path in run-clang.sh [skip ci]
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 15:43:43 2017 +0200

    gnutls_x509_privkey_export: use _gnutls_copy_string on PEM data
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 13:05:34 2017 +0200

    Corrected argument names of functions to correspond to declaration
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 12:57:07 2017 +0200

    lib: use casts and be explicit on intentional enumeration use
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 13:56:04 2017 +0200

    gnutls-cli-debug: do not run non-FIPS cipher tests when in FIPS mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 12:52:20 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 12:47:12 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 11:51:53 2017 +0200

    tests: added basic test for the operation of gnutls-cli-debug
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 11:44:55 2017 +0200

    tests: verify the presence of GNUTLS_SFLAGS_RFC7919 flag in server and client mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 11:34:46 2017 +0200

    gnutls-cli-debug: check whether RFC7919 is supported
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 11:31:52 2017 +0200

    gnutls_session_get_flags: introduced GNUTLS_SFLAGS_RFC7919
    
    This allows checking whether the DHE parameters used were negotiated
    using RFC7919.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 11:22:11 2017 +0200

    gnutls_auth_*: check cs parameter for validity prior to use
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 11:16:50 2017 +0200

    certtool: simplified certificate PEM printing
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 11:14:16 2017 +0200

    gnutls-cli: fixed bounds check on benchmark-tls
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 10:44:21 2017 +0200

    lib: removed legacy debugging code
    
    That code was code from the initial versions of gnutls. It was neither
    used nor updated for long time.
    
    Relates #248
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 10:35:03 2017 +0200

    fuzz: added missing files into dist [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 10:06:36 2017 +0200

    tests: added missing files in dist [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 18 10:05:36 2017 +0200

    tests: do not suppress stderr errors on servers startup
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 17 17:41:34 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Aug 18 08:39:50 2017 +0200

    abi-check: added check for 3.6.0 ABI compatibility
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Aug 18 08:38:48 2017 +0200

    gnutls_x509_crl_get_issuer_dn: removed unnecessary const
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 17 11:27:24 2017 +0200

    certtool: fixed documentation of sign-params
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 17 10:50:56 2017 +0200

    README.md: mention lockfile-progs dependency
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 17 10:02:47 2017 +0200

    tests: tls-neg-ext4-key: explicitly restrict to TLS 1.2, 1.1 and 1.0
    
    This allows testing all signature types used in the protocol.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 17 09:59:53 2017 +0200

    sign APIs: introduce RSA-RAW signing algorithm
    
    This ensures that there is a signing algorithm for all the operations
    we support. Previously, we required GNUTLS_SIGN_UNKNOWN to be acceptable
    by signing functions to accomodate for raw RSA operations. Now we make
    that explicit and in the process clean-up the API.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 17 10:09:13 2017 +0200

    removed devel/fuzz; functionality moved to fuzz/ [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Aug 11 21:42:02 2017 +0200

    fuzzer: Add 'make -C fuzz coverage' [ci skip]
    
    This reports how much code is covered by fuzzing.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 14 08:46:03 2017 +0200

    _gnutls_recv_server_certificate_status: use the same type in subtracted values
    
    This ensures that there are no issues with subtracting those values.
    Note that the second is read from an uint24_t and thus it is always
    positive regardless its type.
    
    Resolves #245
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 14 08:42:51 2017 +0200

    _gnutls_proc_srp_client_kx: use same type in subtracted values
    
    This ensures that there are no issues with subtracting those values.
    Note that the second is read from an uint16_t and thus it is always
    positive regardless its type.
    
    Resolves #244
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Aug 15 12:34:25 2017 +0200

    fuzzer: Move regression corpora from tests/ to fuzz/
    
    See fuzz/README.md for the corresponding paths.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Aug 14 12:34:00 2017 +0200

    fuzzer: Suppress leak in libgmp <= 6.1.2
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri Aug 11 18:31:35 2017 +0200

    fuzzer: Suppress unsigned integer overflow in rnd-fuzzer.c
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat Aug 5 20:49:19 2017 +0200

    fuzzer: Initial check in for improved fuzzing
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 08:24:59 2017 +0200

    fuzzer: added a fuzzer target
    
    This allows to compile the library with flags which will add predictable
    random generation and eliminate some crypto checks, in order for the
    library to be used for testing (fuzzying).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 16:40:41 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 16:39:36 2017 +0200

    gnutls_x509_privkey_export: made a wrapper over gnutls_x509_privkey_export2()
    
    In addition, improved function description.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 13:23:39 2017 +0200

    gnutls-http-serv: use RSA-PSS key
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 13:11:03 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 12:58:02 2017 +0200

    tests: use certtool to check RSA-PSS to RSA conversion
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 12:07:01 2017 +0200

    certtool: introduced --to-rsa option
    
    This allows converting an RSA-PSS key to raw RSA.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 11 16:37:21 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 11 12:30:17 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 15:51:34 2017 +0200

    tests: added unit tests for gnutls_privkey_import_ext4
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 15:00:46 2017 +0200

    gnutls_privkey_import_ext4: introduced to allow signing with RSA-PSS or Ed25519 keys
    
    That function allows a signing callback which passes the signature
    algorithm, providing all the information to callback for signing.
    It also introduces GNUTLS_PRIVKEY_INFO_HAVE_SIGN_ALGO flag which
    allows the library to query the private key of the supported
    signature algorithms.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 10:47:11 2017 +0200

    reduce common asserts to assist in debugging the library
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 10:29:42 2017 +0200

    doc: algorithms.texi: include list of groups but skip compression methods
    
    Compression methods are no longer relevant or supported, and groups
    replace the elliptic curves.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 15 10:27:19 2017 +0200

    doc: improved elliptic curve and group documentation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Aug 14 19:02:45 2017 +0200

    doc: mention the AES-DRBG random generator [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 11 12:40:14 2017 +0200

    tests: improved detection of 64-bit systems
    
    We now use the ${ac_cv_sizeof_unsigned_long_int} variable which
    gives the numbers used in the host system, not the build one.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 10 10:51:26 2017 +0200

    tests: updated for new x86 host
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 10 09:37:07 2017 +0200

    .gitlab-ci.yml: replaced the f23 x86 build with a f26 x86 build
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 11 11:09:39 2017 +0200

    fuzz: explicitly initialize and deinitialize the library [ci skip]
    
    This enables the fuzzers to run even when statically linked.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 13:08:31 2017 +0200

    handshake: eliminated unnecessary function wrappers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 10:35:13 2017 +0200

    gnutls_int.h: reduce memory occupied by ext_data
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 10:25:10 2017 +0200

    gnutls_int.h: reduced the maximum number of epoch states we keep
    
    There was no need to keep 16 epochs, as we typically we have only
    one or two active.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 10:14:11 2017 +0200

    gnutls_int.h: removed unused variable from state
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 14 11:30:51 2017 +0200

    extensions: simplified requirements from send callback
    
    The callback no longer needs to return the number of sent data;
    they are now calculated by the caller.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 27 11:42:25 2017 +0200

    ext/ecc: renamed Supported curves extension
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 27 11:01:08 2017 +0200

    gnutls-serv: --require-client-cert no longer implies --verify-client-cert
    
    That is, it is now possible to require a client certificate without
    verifying it.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 10 10:35:22 2017 +0200

    CONTRIBUTING.md: corrected typo [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 16:59:15 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 10:30:04 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 09:40:03 2017 +0200

    CONTRIBUTING.md: added section on symbol versioning
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 11:06:18 2017 +0200

    libgnutls.map: separated symbols introduced in 3.6.0
    
    This separation assists tools like rpm which can detect
    the right version of the library to use, by using the
    symbol version.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 10:21:06 2017 +0200

    tests: added reproducer for private key import leak
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=561
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 13:18:33 2017 +0200

    rnd: use time_t for prng_reseed_time
    
    This ensures that all time comparisons are done
    under the same type.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 10:20:36 2017 +0200

    gnutls_x509_privkey_import_pkcs8: fixed memory leak on incorrect key import
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 09:58:17 2017 +0200

    tests: added reproducer for memory leak in SRP server
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2859
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 09:57:49 2017 +0200

    gnutls_srp_verifier: corrected memory leak
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 09:52:37 2017 +0200

    tests: added reproducer for memory leak in RSA-PSK
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2863
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 09:52:21 2017 +0200

    rsa-psk: corrected memory leak on invalid decrypt
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 10:44:56 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 9 10:41:58 2017 +0200

    p11tool: --generate-xxx options were replaced by generate-privkey
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Aug 7 23:04:36 2017 +0200

    Fix memleaks in gnutls_x509_trust_list_add_crls()
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Aug 7 23:04:05 2017 +0200

    Fix memleak in gnutls_x509_crl_list_import()
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 8 15:03:53 2017 +0200

    publickey: fixed incorrect assignment
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 8 15:03:11 2017 +0200

    mac: simplified iteration functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 8 14:59:56 2017 +0200

    corrected input to gnutls_sign_supports_pk_algorithm
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 8 14:59:44 2017 +0200

    extensions: corrected flag check
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 8 15:50:44 2017 +0200

    tests: updated for new rsa-pss key in doc/credentials
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 8 12:51:58 2017 +0200

    cert selection: prioritize RSA-PSS certs over RSA
    
    RSA and RSA-PSS can both be used for RSA-PSS operations, and
    as such without prioritizing RSA-PSS certificates it is unknown
    which certificate will be used for an RSA-PSS operation. The
    reason we want to have only RSA-PSS keys used for RSA-PSS operations
    is to cover the use case where a server uses a legacy RSA certificate
    for clients that don't support RSA-PSS and an RSA-PSS certificate
    for the rest, thus separating the keys used for these client
    groups. That separation ensures that any issue on PKCS#1 1.5
    (legacy RSA), would not affect sessions which use RSA-PSS.
    
    Resolves #243
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 8 11:35:26 2017 +0200

    gnutls_certificate_credentials_t: combine privkey into cert_st structure
    
    This reduces the number of applications and allows for easier
    use of the structure information, as they are now self-contained
    for most uses.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 8 10:56:17 2017 +0200

    tests: verify whether the RSA-PSS key is preferred on RSA-PSS sigs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 8 09:27:57 2017 +0200

    certtool: eliminated unused variable
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 7 16:32:17 2017 +0200

    tests: added negative tests in provable-privkey
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 7 16:23:29 2017 +0200

    gnutls_pk_params_st: separate flags/qbits and curve
    
    Previously we were using the field flags to store the
    size of q in case of GNUTLS_PK_DH, some key generation flags
    in case of GNUTLS_PK_RSA, and the curve in case of elliptic
    curve key. Separate this into multiple fields to reduce
    confusion on the field.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 7 14:55:38 2017 +0200

    tests: check whether validation parameters are lost on key re-import
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 5 20:08:31 2017 +0200

    certtool: improved documentation on --provable option
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 5 19:52:40 2017 +0200

    certtool: create mapping between --load-x and --info options
    
    That allows using:
    certtool --certificate-info --load-certificate FILE
    and
    certtool --certificate-info --infile FILE
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 5 19:35:53 2017 +0200

    certtool: removed definitions of non-existing functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 5 17:08:16 2017 +0200

    tests: updated for the new provable private key format
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 5 10:17:46 2017 +0200

    gnutls_x509_privkey_verify_seed: improved error on missing validation parameters
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 1 16:17:45 2017 +0200

    certtool: silence warnings related to --pkcs8
    
    There is no reason to bug the user with such details by default.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 1 15:18:34 2017 +0200

    certtool: better print provable key validation parameters
    
    That is, include hash in the printable set, and keep spaces
    from next fields.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 1 15:11:12 2017 +0200

    certtool: provable private keys are always exported in PKCS#8 form
    
    That allows the provable parameters to be included.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 1 14:43:04 2017 +0200

    x509: no longer emit the previous custom format for provable parameters
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 1 14:30:06 2017 +0200

    x509: store and read provable seed in PKCS#8 form of key
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 2 10:28:07 2017 +0200

    Added information on OID registry
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 1 14:23:31 2017 +0200

    pkix.asn: removed unused DomainParameters
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 1 11:29:26 2017 +0200

    x509: separated PKIX1 attributes parsing code for cert request handling
    
    This allows other code to utilize it.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 7 09:36:20 2017 +0200

    _gnutls_fbase64_decode will always return non-zero
    
    That is, document that fact and update its callers to remove
    checks for zero.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 6 17:23:52 2017 +0200

    _gnutls_base64_decode: reject all zero-length string encodings on decoding
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 6 11:34:39 2017 +0200

    wrap_nettle_pk_fixup: added sanity check in RSA-PSS param checking
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 6 11:34:10 2017 +0200

    _decode_pkcs8_rsa_key: signal error in RSA privkey decoding
    
    Addresses oss-fuzz issue:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2865
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 6 11:28:15 2017 +0200

    tests: added reproducer for private key crash
    
    Found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2865
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 6 10:17:29 2017 +0200

    tests: added unit test of gnutls_x509_crt_list_import
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 5 09:35:14 2017 +0200

    tests: added reproducer applications for psk and srp fuzzers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Aug 4 19:47:00 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 30 02:57:03 2017 +0200

    gnutls_server_fuzzer: added ed25519 key/cert
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 31 09:22:51 2017 +0200

    removed references for "new" semantics of PEM base64 encode and decode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 31 09:19:22 2017 +0200

    base64: reverted the raw semantics from the PEM encoding/decoding functions
    
    Keeping the complex semantics with NULL headers would most likely cause
    issues in the future.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 31 09:15:20 2017 +0200

    base64: test the new base64 encoding and decoding functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 31 09:13:35 2017 +0200

    base64: uniformly use GNUTLS_E_BASE64_DECODING_ERROR for decoding errors
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 31 09:08:24 2017 +0200

    base64: introduced new functions for base64 encoding
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 30 19:05:23 2017 +0200

    tests: gnutls_x509_privkey_import: enhanced to test DER key import
    
    It seems that this function was not tested for multiple cases of
    private keys in DER mode.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 30 03:43:42 2017 +0200

    gnutls_x509_privkey_import: allow importing ed25519 PKCS#8 keys in DER form
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 14:00:27 2017 +0200

    sign/digest: separate "brokenness" of signatures and hash algorithms
    
    That is, allow digital signatures to be marked as broken irrespective
    of their used hash, and restrict hash brokenness to preimage resistance.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 13:40:21 2017 +0200

    sign: use C99 syntax for signature algorithm's table
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 13:22:51 2017 +0200

    .gitlab-ci.yml: enable multiple undefined sub-sanitizers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 16:40:29 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 31 13:51:56 2017 +0200

    p11tool: auto-generate the list of PKCS#11 mechanisms from p11-kit
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 12:11:06 2017 +0200

    tests: added unit test for gnutls_x509_privkey_import
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 11:52:28 2017 +0200

    tests: added TLS negotiation with various keys under PKCS#11
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 11:48:40 2017 +0200

    x509_privkey: handle keys which can only have PKCS#8 form transparently
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 11:00:03 2017 +0200

    tests: updated for errors returned due to early signature selection
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 10:30:25 2017 +0200

    tests: added check for the negotiation of ext keys
    
    That is, check whether we can negotiate TLS with ext abstract
    key types, and whether the algorithms which cannot be used
    with that key type, gracefully fail.
    
    Relates #234
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 10:22:29 2017 +0200

    privkey: reject signing with ext keys and GNUTLS_PK_RSA_PSS or GNUTLS_PK_EDDSA_ED25519
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 10:09:54 2017 +0200

    _gnutls_check_key_cert_match: use the new API for signing
    
    This ensures that the same signature algorithm is used for
    signing and verification.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 10:02:59 2017 +0200

    privkey: return less specific but more appropriate error on invalid pks for ext keys
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 09:27:03 2017 +0200

    prior to negotiating a signature check compatibility with private key
    
    That is, check if the private key can support the public key operation
    needed for the signature. That in particular includes, excluding the
    Ed25519 and RSA-PSS from being used with the 'EXT' keys as the
    current API cannot handle them, and RSA-PSS from being used by PKCS#11
    RSA keys which do not provide the CKM_RSA_PKCS_PSS mechanism.
    
    Relates #234
    Resolves #209
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 09:21:59 2017 +0200

    pkcs11: mark RSA PKCS#11 key which can do RSA-PSS
    
    Also refuse to sign with RSA-PSS if the mechanism is not supported.
    
    Relates #208
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 11 11:55:52 2017 +0200

    handshake: select a signature algorithm early
    
    That is, select the signature algorithm at the point the certificate and
    ciphersuites are decided. Also ensure that a compatible signature algorithm
    with the ciphersuite and the key is selected.
    
    That prevents situations where a ciphersuite and a certificate are
    negotiated, but later on the handshake we figure that there are no
    common signature algorithms.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 08:46:18 2017 +0200

    tests: added basic unit test of gnutls_pkcs11_token_check_mechanism
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 27 18:07:54 2017 +0200

    gnutls_pkcs11_token_check_mechanism: introduced function to check token for a particular mechanism
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 10:45:20 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 10:21:06 2017 +0200

    x509/output: print error on invalid public key parameters on certificate
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 10:05:29 2017 +0200

    gnutls_pk_get_oid: return early on unknown algorithm
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 09:48:42 2017 +0200

    tests: check whether the gnutls_x509_*_set_spki will reject invalid values
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 09:34:23 2017 +0200

    tests: updated for gnutls_x509_spki_get_rsa_pss_params
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 09:29:12 2017 +0200

    tests: added unit test of generation of legal and illegal rsa-pss parameters
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 09:25:31 2017 +0200

    spki: combined all exported functions to a single set and get
    
    This simplifies setting parameters for a particular key type,
    as well as getting them. The advantage is that they are set
    atomically, preventing an inadverterly half-filled structure.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 09:13:15 2017 +0200

    certtool: set RSA-PSS parameters using GNUTLS_KEYGEN_SPKI kdata type
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 4 09:06:32 2017 +0200

    introduced error code GNUTLS_E_PK_INVALID_PUBKEY_PARAMS
    
    This is being use to indicate errors in the public key parameters
    such as the RSA-PSS salt size or digest algorithm.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 3 16:46:32 2017 +0200

    gnutls_x509_privkey_generate*: allow specifying the SPKI parameters for key generation
    
    This in turn removes the need for reading the flag GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE
    on the key generation process. The flag is now only used during key signing
    which is also its documented purpose.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 3 16:29:18 2017 +0200

    gnutls_x509_privkey_set_spki: check validity of parameters set
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 3 16:21:26 2017 +0200

    gnutls_x509_cr*_set_spki: check for validity of parameters set
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 3 16:16:49 2017 +0200

    _gnutls_x509_check_pubkey_params: removed unnecessary parameter
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 3 16:06:06 2017 +0200

    tests: added check for import of RSA-PSS key with invalid salt
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 3 15:37:18 2017 +0200

    gnutls_pubkey_import_x509: propagate errors from gnutls_x509_crt_get_pk_algorithm
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 3 15:16:08 2017 +0200

    _rsa_pss_verify_digest: verify the validity of the salt_size length on verification
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 3 15:08:43 2017 +0200

    gnutls_x509_privkey_import: immediately exit on GNUTLS_E_PK_INVALID_PRIVKEY
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 3 15:00:00 2017 +0200

    wrap_nettle_pk_fixup: check RSA PSS parameters for validity on import
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 3 11:03:44 2017 +0200

    gnutls_x509_*_set_spki: removed arbitrary restrictions to setting parameters
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 28 08:20:16 2017 +0200

    tests: added unit test for the SPKI abstract functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 27 11:24:40 2017 +0200

    tests: chainverify: included negative and positive tests with RSA-PSS signed chains
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 27 15:03:00 2017 +0200

    pct_test: use local SPKI structure to override parameters if not set
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 27 08:44:05 2017 +0200

    fixup_spki_params: use GNUTLS_E_CONSTRAINT_ERROR for RSA-PSS violations
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 27 08:28:54 2017 +0200

    _gnutls_x509_read_pkalgo_params: initialize params structure
    
    That is the primary call on these parameters, thus it should
    initialize the structure with something reasonable. That is
    similar to behavior of _gnutls_x509_read_rsa_pss_params.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 27 08:14:37 2017 +0200

    RSA-PSS parameter checking was moved to lower level functions
    
    That way all PKI callers get protected by the checks.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 27 07:55:24 2017 +0200

    signature security level check were moved to lower level functions
    
    That way all callers (including PKI functions) get protected by
    the available checks.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 27 07:19:36 2017 +0200

    _wrap_nettle_pk_encrypt: return GNUTLS_E_INVALID_REQUEST on unsupported algorithms
    
    That is a more specific error code than internal error.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 27 07:10:22 2017 +0200

    certtool: print signature algorithm in cert verification output
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 17:51:00 2017 +0200

    verify_crt: translate GNUTLS_E_CONSTRAINT_ERROR to verification status flag
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 17:50:33 2017 +0200

    x509/sign: in debugging mode print the signature algorithm
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 17:34:14 2017 +0200

    _gnutls_x509_validate_sign_params: use GNUTLS_E_CONSTRAINT_ERROR for mismatch of RSA-PSS parameters
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 17:28:00 2017 +0200

    _gnutls_x509_read_rsa_pss_params: fail early on unknown hash algorithms
    
    Also utilize GNUTLS_E_CONSTRAINT_ERROR for signaling differences
    between the hash functions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 16:55:02 2017 +0200

    gnutls_pubkey_get_preferred_hash_algorithm: will take into account the RSA-PSS SPKI
    
    In addition it will offer a SHA hash depending on the key size for
    RSA public keys.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 16:45:00 2017 +0200

    certtool: sign_params_to_flags: use strtok to parse input
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 15:41:51 2017 +0200

    certtool: copy SPKI information from private key when available
    
    That also addresses a bug due to which SPKI information was not set.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 15:54:07 2017 +0200

    x509/output: Subject Public Key parameters are printed just before actual key
    
    That allows to easier figure out algorithm and basic parameters, rather
    than having them at the end of long key output.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 15:35:15 2017 +0200

    gnutls_x509_crt_set_spki: be more verbose in parameter restrictions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 15:07:42 2017 +0200

    _gnutls_privkey_update_spki_params: use GNUTLS_E_CONSTRAINT_ERROR on mismatch of hash
    
    That is a more specific error code for hash mismatch between
    public key information and signature. In addition only override
    the salt size, if it is set to zero without the proper flags.
    
    That prevents the update function from setting an invalid (lower)
    than the expected size.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 15:00:17 2017 +0200

    cert-tests: use .tmp suffix for all tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 14:43:15 2017 +0200

    certtool: allow specifying RSA-PSS parameters for key generation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 14:56:36 2017 +0200

    _gnutls_x509_write_rsa_pss_params: refuse to write RSA-PSS parameters we cannot use
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 14:30:03 2017 +0200

    certtool: group together common options
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 13:41:46 2017 +0200

    tests: modified to account new errors
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 17:58:06 2017 +0200

    gnutls_x509_*_get_signature_algorithm: simplified error handling
    
    These functions were documented to return a negative error code
    on failure, as well as GNUTLS_SIGN_UNKNOWN on unknown algorithms.
    Simplify them by only returning GNUTLS_SIGN_UNKNOWN on all error
    conditions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 13:24:52 2017 +0200

    _gnutls_x509_get_signature_algorithm: return negative error code on unknown algorithm
    
    This allows internal callers to quickly fail on errors.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 13:40:31 2017 +0200

    compare_sig_algorithm: modify to work even for certs with unsupported signature algorithm
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 09:20:22 2017 +0200

    pubkey_verify_hashed_data: simplified and made static
    
    That also removes its ability to operate with the 'unknown'
    signature algorithm, and forces the TLS 1.0 key exchange to
    supply the right algorithm or flags.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 26 09:16:03 2017 +0200

    pubkey_verify_data: accept signature entry instead of PK and hash
    
    That aligns better with current callers which know the signature
    algorithm in use.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 27 17:00:00 2017 +0200

    NEWS: documented the SPKI handling functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 13:42:12 2017 +0200

    tests: added RSA and RSA PSS key unit tests
    
    That is test:
     1. Whether RSA-PSS keys will refuse to sign with incompatible signature
     2. Whether RSA-PSS public keys cannot be used for encryption
     3. Whether RSA-PSS keys cannot be used for signing with PKCS#1 1.5
     4. Whether an RSA key can be converted to an RSA-PSS one with the public APIs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 16:52:18 2017 +0200

    certtool: do not print error on missing RSA-PSS parameters on key
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 27 16:53:57 2017 +0200

    Added convention for missing SubjectPublicKeyInfo params field
    
    That is, when that field is missing, the spki_st structure field
    pk will be set to GNUTLS_PK_UNKNOWN. In that case other fields
    are undefined.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 14:01:48 2017 +0200

    *set_spki(): return error on incompatible algorithms
    
    In addition update the public key algorithm field in the
    respective structure.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 16:33:26 2017 +0200

    gnutls_x509_privkey_generate2: do not hardcode the RSA-PSS hash to SHA256
    
    Instead use _gnutls_pk_bits_to_sha_hash() to set an appropriate hash
    for the number of bits of the key. This matches better the "intention"
    of RSA-PSS or tying the security parameter with the salt and hash.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 14:14:49 2017 +0200

    _decode_pkcs8_rsa_pss_key: ensure we set the PSS PK identifier
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 13:38:34 2017 +0200

    cleanup: removed duplicate parameter in gnutls_pubkey_st
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 13:28:44 2017 +0200

    gnutls_x509_privkey_int: eliminated duplicate pk_algorithm field
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 13:34:50 2017 +0200

    cleanup: removed unnecessary/duplicate parameters in _dsa_q_to_hash
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 13:18:05 2017 +0200

    cleanup: removed unnecessary/duplicate parameters in functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 13:12:19 2017 +0200

    cleanup: removed unnecessary/duplicate parameters in functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 12:01:52 2017 +0200

    abstract.h: added functions to read and write SPKI information
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 11:48:58 2017 +0200

    gnutls_x509_privkey_set_spki: introduced function to update SPKI on a key
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 24 16:35:50 2017 +0200

    tests: added unit test for the SPKI related functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 11:37:04 2017 +0200

    x509.h: Renamed SPKI related functions
    
    This better reflects their purpose as providers of information
    for subject public key. In addition use 'const' for fields that
    should be left intact.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 09:43:05 2017 +0200

    tests: introduced RSA-PSS key exchange with a key fixed to rsa-pss with sha256
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 10:06:10 2017 +0200

    _gnutls_pubkey_compatible_with_sig: enforce RSA-PSS requirements
    
    That is require that parameters in an RSA-PSS key which has them
    explicitly set, are respected with regards to signature algorithm
    negotiation.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 09:39:32 2017 +0200

    tests: eagain-common.h: remove superfluous information
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 08:49:30 2017 +0200

    tests: renamed tests for uniformity
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 24 16:15:15 2017 +0200

    tests: added unit test for RSA-PSS signing over PKCS#11
    
    This requires a softhsm with support for RSA_PKCS_PSS mechanism.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 24 16:05:36 2017 +0200

    gnutls_pubkey_verify*: use common function to set RSA-PSS parameters
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 24 11:21:34 2017 +0200

    pkcs11: added support for signatures with RSA-PSS
    
    Relates #209
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 25 10:16:40 2017 +0200

    gnutls_pk_params_st: renamed sign field to spki
    
    The name "sign" was ambiguous with regard to its intented
    use, as it could refer to digital signature parameters
    which was not exactly the case. That field contains parameters
    present in the subject public key info (SPKI), which could
    be used in a digital signature, but not necessarily.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 24 10:12:54 2017 +0200

    Clarified the purpose of the spki params related functions
    
    _gnutls_privkey_get_sign_params was renamed to _gnutls_privkey_get_spki_params,
    _gnutls_privkey_update_sign_params to _gnutls_privkey_update_spki_params,
    and the dig entry of gnutls_x509_spki_st was renamed to rsa_pss_dig.
    
    The reason is that there could be a confusion on the purpose of
    the 'dig' entry, as it could be assumed to be the signature's hash
    algorithm in the general case. That could not be because the SPKI
    parameters do not contain it for any other algorithm than RSA-PSS.
    As such, make a logical separation from SPKI reading functions
    with the signature reading functions and try to use the
    gnutls_sign_entry_st when signature information is required.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 21 23:56:20 2017 +0200

    Pass the signature algorithm lower in the verification stack
    
    This will allow enhancing the back-ends (PKCS#11 and ext) for
    signing with the new signature algorithms like RSA-PSS and Ed25519.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Aug 3 07:46:11 2017 +0200

    fuzz: introduced mem.h with common callbacks for mem access
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Aug 3 07:38:13 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 31 10:50:52 2017 +0200

    fuzz: added SRP server and client fuzzers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 30 03:01:08 2017 +0200

    fuzz: introduced psk.h common header
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 30 02:48:11 2017 +0200

    fuzz: added PSK server fuzzer
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 30 02:30:43 2017 +0200

    fuzz: added PSK client fuzzer
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 30 02:12:19 2017 +0200

    gnutls-cli: introduced options to save client and server traces
    
    This allows to easier obtain traces for use in fuzzers.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 30 01:45:22 2017 +0200

    fuzz: ported libidn2's main.c taking advantage of afl-clang-fast
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 30 01:55:43 2017 +0200

    gnutls_system_recv_timeout: doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Aug 2 20:52:57 2017 +0200

    tlsfuzzer: enabled EC tests for x25519
    
    That includes tests for default curve.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 21 15:18:38 2017 +0200

    tlsfuzzer: enabled test for ECDHE without the supported groups/EC extension
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 2 17:25:17 2017 +0200

    Set a default supported curve
    
    RFC4492 and draft-ietf-tls-rfc4492bis-17 mention:
    "A client that proposes ECC cipher suites may choose not to include these
    extensions.  In this case, the server is free to choose any one of
    the elliptic curves or point formats listed in Section 5."
    
    As such, we set a default curve to be used in the case the
    server encounters a handshake with no supported groups/curves
    extension.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 2 12:58:48 2017 +0200

    tlsfuzzer: removed duplicate tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 2 12:55:24 2017 +0200

    tlsfuzzer: fixed comment fields
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 11 08:02:56 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 24 08:39:00 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 08:13:00 2017 +0200

    gnutls-cli: use FFDHE3072 parameters for benchmarking
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 1 10:21:37 2017 +0200

    _gnutls_figure_dh_params: do not use have_ffdhe flag
    
    This flag is intended to indicate whether the peer has advertized
    at least one FFDHE group, and not whether we have negotiated FFDHE.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 10 12:23:55 2017 +0200

    tests: added unit test for group listings in priority structure
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 10 12:05:01 2017 +0200

    tests: updated cipher-listings.sh for the new groups listing
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 10 11:46:03 2017 +0200

    doc: documented the use of RFC7919 and groups
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 3 10:44:14 2017 +0200

    tlsfuzzer: enabled RFC7919 FFDHE tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 3 09:09:27 2017 +0200

    tests: enhanced server key exchange tests with explicit DH param setting
    
    That is, not only check the DH parameter setting using the known_dh_params()
    functions, but also with the explicit setting --set_server_dh_params().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 30 16:17:12 2017 +0200

    tests: updated for post-RFC7919 behavior of library
    
    That is, it is no longer necessary to set DH parameters on a
    credentials structure, and thus previously expected to fail
    connections may succeed even without DH parameters.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 30 15:54:27 2017 +0200

    tests: added RFC7919 FFDHE unit tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 30 15:37:00 2017 +0200

    cli,serv: do not print any information on compression
    
    Compression is always NULL.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 30 15:32:58 2017 +0200

    cli,serv: no longer print parameters when FFDHE groups are used
    
    The negotiated RFC7919 group is now printed as part of the Description string,
    and there is no reason to print more information on parameters defined by
    the protocol.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 10 11:57:51 2017 +0200

    gnutls-cli: print the supported groups instead of curves
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 10 12:02:13 2017 +0200

    gnutls_priority_ecc_curve_list: avoid including groups into elliptic curves list
    
    This provides a mostly-compatible behavior of gnutls_priority_ecc_curve_list()
    in order to avoid keeping additional information for elliptic curves in the
    priority cache. This approach will always return the supported curves, if the set
    groups are prioritized with the elliptic curve variants set first. This
    is the default in the built-in priorities, and to most common setups.
    
    Items which are non-valid curves will not be returned.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 2 08:42:37 2017 +0200

    handshake: moved group negotiation after ciphersuite selection
    
    This allows to cope with situations where the peer prioritizes a
    supported group which doesn't map to a supported ciphersuite.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 14 10:35:58 2017 +0200

    security_parameters: ease access to group information by keeping pointer to it
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 14 10:15:23 2017 +0200

    security_parameters: simplified contents by keeping pointer to cipher_suite_entry_st
    
    That, in addition to simplifying the contents, it allows faster access
    to ciphersuite's properties.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 27 15:36:04 2017 +0200

    TLS: introduced support for RFC7919 groups
    
    That replaces the EC curve extension negotiation with
    the negotiated groups extensions, introduces handling
    for groups as priority strings, as well as using and
    checking of RFC7919 DH parameters once negotiated.
    
    Resolves: #37
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 21 16:03:35 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 21 14:21:32 2017 +0200

    gnutls-cli: use gnutls_priority_set
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 21 14:20:26 2017 +0200

    tests: modified gnutls_priority_set2() tests for gnutls_priority_set()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 21 12:09:49 2017 +0200

    gnutls_priority_set: use reference counting
    
    That eliminates the need for gnutls_priority_set2() which is now
    removed.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 21 11:43:27 2017 +0200

    Introduced atomic.h to simplify handling of atomic integers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 21 11:22:31 2017 +0200

    Revert "Documented use gnutls_priority_set2()."
    
    This reverts commit b4aed16ee30f76211c13b075149bb87c012f9bf6.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 21 10:54:13 2017 +0200

    tlsfuzzer: enabled test-ecdsa-sig-flexibility.py
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 21 10:05:44 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 14:48:33 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 14:43:20 2017 +0200

    algorithms/mac: marked RIPEMD160 as insecure for certificates
    
    This is an algorithm which is not really used in Internet PKI
    and due to that has seen no public cryptanalysis. As such
    we disable it for certificate verification to prevent it from
    being used as an attack vector.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 13:26:46 2017 +0200

    tests: partially reverted SHA1 broken tests
    
    SHA1 is now considered broken only for certificates, hence
    OCSP or raw signing tests no longer need to use GNUTLS_VERIFY_ALLOW_BROKEN
    in the cases where certificate verification is not performed.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 13:18:10 2017 +0200

    x509/verify: reject SHA1 in signature algorithms for certificate verification
    
    That is, we now use gnutls_sign_is_secure2() with GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS
    flag for checking the validity of the signature algorithm, when
    verifying signatures in certificates.
    
    Resolves #229
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 13:16:07 2017 +0200

    tests: added unit tests for gnutls_sign_is_secure2()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 12:41:47 2017 +0200

    gnutls_sign_is_secure2: introduced
    
    This function exports the ability to check the validity of
    a signature algorithm for signing certificates.
    
    That also introduces the flag GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS
    which when specified will cause the function to return whether
    the algorithm is secure for signing certificates.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 12:40:34 2017 +0200

    _gnutls_digest_is_secure_for_certs: introduced
    
    This is a macro to allow checking the security of a hash algorithm
    with respect to signing certificates.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 12:17:40 2017 +0200

    mac: re-organized the hash algorithms table
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 16:28:15 2017 +0200

    tests: added reproducer with ed25519 private key
    
    Found with oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2689
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 16:43:18 2017 +0200

    Ensure that public key parameters are initialized on import
    
    Previously we depended on initialization during the _init()
    call, however, there can be cases where this re-initialization
    is needed (e.g., on multiple tries to load a key).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 16:49:11 2017 +0200

    _decode_pkcs8_eddsa_key: ensure that the key size read matches the curve size
    
    That is, in the newly introduced ed25519 keys we didn't check
    whether the input size in the PKCS#8 file matched the curve
    size.
    
    Found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2689
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 16:40:11 2017 +0200

    tlsfuzzer: enabled SNI and other tests from master
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 20 08:22:10 2017 +0200

    tests: updated to reflect the fact that invalid dns names are rejected
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 16:32:07 2017 +0200

    server_name: several simplifications of the code base
    
    The existing code was written with the intention of supporting multiple
    server names, however that was never happened, and this extension is
    currently only used for DNS server names. Remove unneeded extensibility.
    
    In addition, removed conversion of client provided server name (DNS) to
    IDNA. Clients not providing valid names are violating the spec and
    that conversion step not only wastes resources, but increases
    the attack surface of a server.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 16:11:05 2017 +0200

    server_name: be strict in decoding errors
    
    That is, return error when a malformed extension is seen.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 11:23:11 2017 +0200

    tlsfuzzer: enabled RSA-PSS checks on certificate verify
    
    Relates: #208
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 11:16:09 2017 +0200

    tlsfuzzer: enabled test-extended-master-secret-extension.py
    
    That allows testing the extended master secret behavior.
    
    Resolves: #231
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 10:59:23 2017 +0200

    ext_master_secret: return proper error code on decoding error
    
    Proper meaning that it maps to the alert 'decode error' rather
    than illegal parameter. According to tlsfuzzer the former is more
    suitable.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 18 08:07:24 2017 +0200

    gnutls-cli: re-use priorities for both client and server on benchmarks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 17 19:14:33 2017 +0200

    gnutls-cli: re-use priorities when measuring performance
    
    This avoids measuring cache misses due to priority processing time.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 17 14:06:50 2017 +0200

    tests: enhanced SSL3.0 openssl detection in testcompat-openssl
    
    That disables SSL 3.0 testing in openssl versions which cannot negotiated
    it (see https://bugzilla.redhat.com/show_bug.cgi?id=1471783 for rationale)
    and corrects a typo in the variable name and printed message.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 17 11:57:41 2017 +0200

    .gitlab-ci.yml: document that the x86 build is our openssl 1.0.x compat testing as well
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 17 11:08:07 2017 +0200

    tests: disable ARCFOUR interop tests if openssl doesn't support the cipher
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 17 08:32:08 2017 +0200

    tests: testcompat-openssl: 3DES is explicitly enabled for SSL 3.0
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 15 18:06:01 2017 +0200

    Use gcc's attribute to mark fallthrough statements
    
    gcc7 is more verbose on fallthrough warnings, and this patch set
    cleans up the current state by making use of the attribute when
    necessary.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 15 18:09:18 2017 +0200

    configure: do not utilize the -Wno-format-truncation gcc warning
    
    The warnings it produces have little value in our use of string functions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 15 17:43:09 2017 +0200

    .gitlab-ci.yml: switched to fedora 26 for CI builds
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 17 15:17:08 2017 +0200

    tests: introduced tests on public key import-export
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 17 09:31:10 2017 +0200

    tests: added sign/verification test using rfc8080 keys
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 17 10:20:41 2017 +0200

    tests: verify that a server with an ed25519 key will fail when client does not advertise it
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 17 09:11:59 2017 +0200

    tests: privkey-keygen: added unit test for Ed25519 keys
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 17 09:06:52 2017 +0200

    privkey_sign_and_hash_data: in pre-hashed schemes, allow empty hash algorithm
    
    In these schemes the hash algorithm is fixed in the signature algorithm
    and thus the empty (unknown) value will act as a wildcard.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 15 20:10:24 2017 +0200

    tests: added private key parameter verification in key-import-export checks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 15 20:03:21 2017 +0200

    nettle: wrap_nettle_pk_verify_priv_params: verify whether public key matches private
    
    This enables gnutls_privkey_verify_params() for Ed25519 keys.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 14 20:52:49 2017 +0200

    CONTRIBUTING.md: specified rules on boolean functions
    
    Based on suggestion by Hubert Kario.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 14 14:08:20 2017 +0200

    priority: enabled Ed25519 signature by default
    
    As our implementation interoperates with boringssl's implementation
    of Ed25519, we can now enable it.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 19 10:45:49 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 7 09:50:29 2017 +0200

    handshake: return better error code on unwanted algorithm
    
    That is, when a signature algorithm is available which was not
    asked by the peer, then return GNUTLS_E_UNWANTED_ALGORITHM
    instead of the UNKNOWN_ALGORITHM.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 7 10:05:50 2017 +0200

    tests: added check on Ed25519 chain verification
    
    This chain was generated using certtool, and passed verification
    with OpenSSL's implementation (commit: db0f35dda18403accabe98e7780f3dfc516f49de)
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 11:34:49 2017 +0200

    gnutls-cli: added RSA-PSS signatures in benchmark
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 11:47:48 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 11:47:09 2017 +0200

    privkey_sign_and_hash_data: added sanity check on param validity
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 10:42:58 2017 +0200

    gnutls-cli: added benchmark on X25519-Ed25519 key exchange
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 09:42:22 2017 +0200

    tests: pkcs7: added ed25519 basic signing and verification checks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 09:23:53 2017 +0200

    privkey_sign_and_hash_data: handle prehashed signatures
    
    This allows this function to handle ed25519, i.e., allows it
    to operate for PKCS#7 signatures.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 09:21:48 2017 +0200

    pkcs7: improved syntax in if-clause
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 10:14:43 2017 +0200

    tests: enhanced OID tests for Ed25519 OIDs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 2 11:27:34 2017 +0200

    tests: key-import-export: added Ed25519 key import/export checks
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 2 09:52:51 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 2 09:44:52 2017 +0200

    tests: replaced rsa-pss/eddsa certtool options with --key-type
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 2 09:41:56 2017 +0200

    certtool: introduced the --key-type option
    
    This replaces the --rsa-pss and --eddsa options.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 13:02:06 2017 +0200

    Renamed GNUTLS_PK_ECDHX to GNUTLS_PK_ECDH_X25519
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 12:53:40 2017 +0200

    tests: parse and interpret an EdDSA public key
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 16:23:10 2017 +0200

    tests: added TLS handshake test with EdDSA25519 certificates
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 16:22:27 2017 +0200

    Allowed Ed25519 signing in TLS handshakes
    
    This follows draft-ietf-tls-rfc4492bis-17
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 15:23:21 2017 +0200

    tests: added tests on EdDSA signature validation using the sign/verify_data APIs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 17:26:34 2017 +0200

    tests: Added unit test on EdDSA key parsing
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 12:52:12 2017 +0200

    tests: added Ed25519 key and certificate generation tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 15:20:38 2017 +0200

    Added support for EdDSA (Ed25519) curve keys
    
    This adds support for draft-ietf-curdle-pkix-04.
    
    Resolves #25
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 15 18:52:33 2017 +0200

    parse_pem_cert_mem: fixed issue resulting to accessing past the input data
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 15 17:54:01 2017 +0200

    supported_exts.h: make sure that the generated function is static
    
    That avoids compiler warnings due to missing prototype.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 14 15:12:11 2017 +0200

    tlsfuzzer: enabled chacha20 tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 13 14:50:55 2017 +0200

    updated tlsfuzzer
    
    That fixes issue detecting connection termination from gnutls-serv
    in chacha20 test.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 15:54:38 2017 +0200

    tests: csr-invalid.der: modify the SPKI OID to use SECP384R1
    
    That avoids false positives in error detection in 'crq' test due to
    SECP224R1 not being supported in our CI platforms.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 16:04:49 2017 +0200

    x509/output: do not attempt to print the key ID on unknown SPKI algorithms
    
    On unknown algorithms, it is not always possible to parse the SPKI
    field. Instead avoid printing errors.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 15:24:23 2017 +0200

    .gitlab-ci.yml: corrected location of artifacts in aarch64 build
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 12 13:44:24 2017 +0200

    tests: certtool-rsa-pss: use unique temp files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 11 10:28:16 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 19 15:18:20 2017 +0200

    _gnutls_buffer_append_data_prefix: cleanup
    
    This eliminates a misleading code that assumed that the called functions
    will return the appended size. Always return zero on success which is
    what the existing callers assume.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 11 10:30:56 2017 +0200

    .gitlab-ci.yml: removed unnecessary options from minimal build
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 3 09:52:21 2017 +0200

    pubkey: print the failed signature algorithm when verification fails
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 3 09:58:35 2017 +0200

    gnutls-cli: added option to allow verification with broken algorithms
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 3 10:06:22 2017 +0200

    tls sessions will not fail of insecure algorithms which are explicitly enabled
    
    That is, if DSA-SHA1 is allowed, do not propagate errors from
    gnutls_pubkey_verify_data2() due to SHA1 considered insecure, but rather
    ignore such errors.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 13 14:37:00 2017 +0200

    tests: mini-record-2: made more robust
    
    It will no longer close the session prior to peer processing
    all messages. This prevents the peer stopping processing
    prior to all messages being received.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 13 14:22:33 2017 +0200

    tests: mini-record: made more robust
    
    It will no longer use a stream socket as this can does not work
    well with damaged records (they may end up merged).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 13 13:21:29 2017 +0200

    record: reject 0-byte long ciphertext
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 11 10:18:56 2017 +0200

    record: added sanity checking in the record layer version copy
    
    Previously we assumed that an active session had always a version
    set, however there have been reports of evolution crashing in
    that particular point. Although, this could have been due to
    memory corruption, be careful and check for invalid input.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 3 11:51:20 2017 +0200

    record: more precise calculation of max recv size
    
    Previously we were using a rough calculation of the max recv size
    based on maximum values. Now we calculate the exact maximum value once
    the epoch is initialized and enforce it throughout the session.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 14 15:33:01 2017 +0200

    decryption: use the same error code on all cases
    
    This eases testing using tlsfuzzer.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 3 11:08:49 2017 +0200

    gnutls-serv: allow receiving requests up to 16kb
    
    This makes gnutls-serv useful for few tlsfuzzer test cases.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 3 11:19:44 2017 +0200

    max_record_recv_size: removed call to gnutls_compression_get()
    
    We no longer support compression.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 11 09:10:39 2017 +0200

    Print the requested CA names when in debug mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 27 11:00:20 2017 +0200

    gnutls-http-serv: do not set the obsolete PGP options
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 11 08:51:07 2017 +0200

    doc: updated documentation on client authentication [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 10 09:53:55 2017 +0200

    doc: explicitly state intended usage of priorities on server-side
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 4 09:26:57 2017 +0200

    doc: use the default priorities in server example
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 26 14:04:37 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 26 10:26:03 2017 +0200

    tests: added unit tests for gnutls_priority_set*()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 26 10:18:33 2017 +0200

    Documented use gnutls_priority_set2().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 26 10:02:22 2017 +0200

    priorities: share priority structures across sessions
    
    As the contents of the priority cache grows, it makes sense to shared
    these structures across many sessions (in server side) rather than
    copying them to a session. All overrides of the priority contents
    were moved to session->internals. On client side where gnutls_priority_set_direct()
    is more commonly used, ensure that the set priority is deinitialized.
    
    That also introduces gnutls_priority_set2() which does not copy the priority
    contents by default.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 27 11:19:37 2017 +0200

    set_client_ciphersuite: use the new internal APIs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 25 16:06:49 2017 +0200

    .gitignore: ignore new tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 25 15:32:52 2017 +0200

    tests: added unit testing for server/client cipher negotiation
    
    This verifies that the expected algorithm (cipher) is negotiated.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 25 12:03:46 2017 +0200

    tests: added unit testing for server ciphersuite/KX negotiation
    
    This verifies whether the ciphersuite negotiation will detect and
    reject incompatible data present in credentials.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 23 14:00:52 2017 +0200

    doc: corrected typo
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 23 13:32:09 2017 +0200

    Renamed fields of sign_algorithm_st
    
    The new names better reflect the reality with signature algorithms
    in TLS 1.3, and correct the initial naming error.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 23 13:24:48 2017 +0200

    handshake: simplified signature algorithm list generation
    
    Similarly to ciphersuites, that also utilizes a cache of signature algorithms
    on the priority structure which is used to quickly generate the signature
    algorithm list.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 23 11:55:23 2017 +0200

    Eliminated access to obsolete priority cache fields
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 23 10:34:11 2017 +0200

    handshake: simplified the client-side ciphersuite negotiation
    
    This takes advantage of the ciphersuite cache in priorities structure
    while keeping the same ciphersuite selection checks in place.
    
    The previous ciphersuite selection checks kept:
     * Removing SRP ciphersuites when no SRP credentials are set
     * Removing ciphersuites when no corresponding to KX credentials were set
     * SCSV addition in SSL 3.0 and fallback SCSV
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 21 11:54:39 2017 +0200

    handshake: simplified the server-side ciphersuite negotiation
    
    This eliminates all the back and forth loops in the previous code
    while keeping the same ciphersuite selection checks in place.
    
    The ciphersuite selection tests that were kept:
     * Check if key exchange supports the server public key and key usage flags
     * Check if DH or other parameters required for the ciphersuite are present
     * Find appropriate certificate for the credentials and ciphersuite
     * Check whether a curve is negotiated for the ECDH ciphersuites
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 21 10:25:32 2017 +0200

    priority: include a cache of supported ciphersuites
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 21 09:31:31 2017 +0200

    removed unused cipher-suite and KX related functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 21 09:17:57 2017 +0200

    algorithm/kx: sorted key exchange algorithms based on current trends
    
    That optimizes linear search for the common options.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 23 11:07:11 2017 +0200

    Removed unused functions
    
    These were identified using callcatcher.
      http://www.skynet.ie/~caolan/Packages/callcatcher.html
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 7 15:43:25 2017 +0200

    fuzz: added make update command [ci skip]
    
    This allows updating the fuzzer corpus from openssl using a single
    command.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 7 15:11:13 2017 +0200

    fuzz: added corpora from openssl [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 7 14:59:52 2017 +0200

    fuzz: undid changes related to boringssl server/client corpus format [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 7 14:58:34 2017 +0200

    fuzz: included verbatim corpus from boringssl
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 7 12:22:23 2017 +0200

    fuzz: gnutls-client-fuzzer: read directly from memory [ci skip]
    
    Also updated to read the prefixed boringssl corpus files.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 7 11:45:05 2017 +0200

    fuzz: gnutls-server-fuzzer: read directly from memory [ci skip]
    
    Also updated to read the prefixed boring ssl corpus files.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jul 5 20:14:54 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 1 18:00:45 2017 +0200

    priority_options.gperf: modified for gperf 3.1
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 4 16:12:26 2017 +0200

    tlsfuzzer: enabled ALPN tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jul 5 21:44:19 2017 +0200

    updated tlsfuzzer
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 4 16:15:08 2017 +0200

    ext/alpn: added stricter checks on field lengths
    
    That is, no longer tolerate empty fields, and error on invalid
    lengths.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 4 15:35:25 2017 +0200

    gnutls-serv: added the --alpn and --alpn-fatal options
    
    This allows specifying ALPN protocols supported by server, allowing
    to test the ALPN negotiation.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 4 11:42:59 2017 +0200

    fuzz: updated server with multiple keys (ECDSA, RSA) and DH parameters [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 1 10:50:57 2017 +0200

    OCSP: find_signercert: improved DER length calculation
    
    Previously we were assuming a fixed amount of length bytes which
    is not correct for all possible lengths. Use libtasn1 to decode
    the length field.
    
    Resolves: #223
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 30 10:04:01 2017 +0200

    OCSP: check the subject public key identifier field to figure issuer
    
    Normally when attempting to match the 'Responder Key ID' in an OCSP response
    against the issuer certificate we check (according to RFC6960) against the
    hash of the SPKI field. However, in few certificates (see commit:
    "added ECDSA OCSP response verification"), that may not be the case. In that
    certificate, that value matches the Subject Public Key identifier field
    but not the hash.
    
    To account for these certificates, we enhance the matching to also consider
    the Subject Public Key identifier field.
    
    Relates: #223
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 30 09:33:08 2017 +0200

    OCSP: added more verbose debug logging on verification
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 29 21:17:34 2017 +0200

    tests: added ECDSA OCSP response verification
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 30 10:43:20 2017 +0200

    .travis.yml: do not fail on brew install failures
    
    brew install seems to fail on several occasions when a newer package
    is available than the installed. Ignore those errors rather than
    failing build.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 29 14:34:20 2017 +0200

    tests: added check on saving certs and OCSP responses
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 29 14:28:29 2017 +0200

    gnutls-cli: save OCSP response at the time certificate is saved
    
    That ensures that we always save the OCSP response, even when certificate
    verification fails.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 14:26:07 2017 +0200

    moved compression-related APIs to compat.h
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 08:56:09 2017 +0200

    doc: removed any references to compression and documented change
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 16:20:25 2017 +0200

    tests: removed tests related to zlib support
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 15:58:35 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 15:36:18 2017 +0200

    Removed support for compression mechanisms
    
    They are not required for TLS 1.3, and are deprecated for TLS 1.2.
    We eliminate them in order to reduce the complexity in the record
    packet handling.
    
    Resolves #212
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 20 13:59:54 2017 +0200

    gnutls-cli: be less verbose in OCSP error messages
    
    Previously we were reporting "No issuer found" if any certificate
    in a chain could not be verified. That was confusing information
    and not strictly necessary. No longer print that.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 20 13:57:15 2017 +0200

    gnutls-cli: improved error message of OCSP failure
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 20 09:12:39 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 19 20:50:22 2017 +0200

    tests: ocsptool: added test of --verify-response with --load-chain
    
    This utilizes the provided chain to find the signer of the
    OCSP response.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 20 09:09:41 2017 +0200

    ocsp: print response's signature algorithm in compact listing
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 20 09:06:01 2017 +0200

    ocsptool: verify_response will print information on the response
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 20 08:59:45 2017 +0200

    ocsptool: doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 20 08:31:41 2017 +0200

    ocsptool: allow combining --load-trust with --verify-response
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 19 20:58:21 2017 +0200

    ocsptool: --load-chain will sort the input chain
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 19 20:50:22 2017 +0200

    ocsptool: introduced --verify-allow-broken option
    
    This allows verification to succeed even when broken algorithms are
    involved.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 19 20:47:10 2017 +0200

    ocsptool: the --verify-response can be combined with --load-chain
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 19 20:27:24 2017 +0200

    gnutls_certificate_verification_status_print: mention OCSP in error messages
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 14:36:43 2017 +0200

    ocsptool: added --load-chain option
    
    This option allows to directly verify all the members of a certificate
    chain.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 19 08:20:47 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 18 17:35:06 2017 +0200

    tests: enabled X25519 interop tests with openssl 1.1.0
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 18 14:35:57 2017 +0200

    NORMAL priority: no longer enable the smaller curves by default
    
    They are not widely enabled by web servers, and they provide no
    advantage over X25519.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 18 14:35:33 2017 +0200

    NORMAL priority: enable X25519 curve
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 17 14:22:02 2017 +0200

    pkcs11: cleanups in pkcs11_login()
    
    Use pkcs11_rv_to_err() to return the right error code map after
    PKCS#11 calls; separate checks for already log in status for SO and
    user login.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 17 14:07:50 2017 +0200

    tests: pkcs11-mock: reset state when requesting reauth
    
    That is, for the MOCK_FLAG_SAFENET_ALWAYS_AUTH flag we ensure that
    GetSessionInfo() will return the right state when authentication
    is required for the first time.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jun 16 22:04:49 2017 +0200

    pkcs11: improved handling of HSMs without CKU_CONTEXT_SPECIFIC support
    
    That is, when the HSM returns CKR_USER_NOT_LOGGED_IN, switch
    to CKU_USER, instead of relying to a fallback within pkcs11_login().
    That simplifies login logic.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 28 11:07:50 2017 +0200

    tests: added unit test for safenet protectserver HSM's PKCS#11 support
    
    That is, detect whether the absence of C_Login will fallback to CKU_USER
    after CKU_CONTEXT_SPECIFIC is tried.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 11:26:19 2017 +0200

    pkcs11: simplified pkcs11_login()
    
    By cleanups, as well as including the reauth flag in the flags option.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 11:11:24 2017 +0200

    pkcs11: the GNUTLS_PKCS11_OBJ_FLAG_LOGIN will force a login
    
    That is, even in tokens which do not have a CKF_LOGIN_REQUIRED flag
    a login will be forced. This allows operation on the safenet HSMs
    which do not set that flag.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 27 07:24:36 2017 +0200

    Handle specially safenet HSMs which cannot handle CKU_CONTEXT_SPECIFIC
    
    These HSMs do not support CKA_ALWAYS_AUTHENTICATE, nor understand CKU_CONTEXT_SPECIFIC,
    but rather return CKR_USER_NOT_LOGGED_IN on the first private key operation.
    Try to discover that state by calling C_Login when CKR_USER_NOT_LOGGED_IN
    is seen, and retrying with CKU_USER after CKU_CONTEXT_SPECIFIC login fails.
    See discussion in https://github.com/OpenSC/libp11/issues/160
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 12:06:36 2017 +0200

    Added documentation to legacy openpgp functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 10:58:23 2017 +0200

    Removed unnecessary certificate type functionality
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 10:23:19 2017 +0200

    NEWS: doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 10:21:52 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 10:21:10 2017 +0200

    doc: removed references to openpgp
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 10:14:58 2017 +0200

    po: removed openpgp/output.c
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 09:55:44 2017 +0200

    guile: removed openpgp related tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 09:30:41 2017 +0200

    fuzz: removed the openpgp certificate fuzzer
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 09:03:05 2017 +0200

    tools: removed options for openpgp support
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 08:50:32 2017 +0200

    Removed support for openpgp certificates and keys
    
    Resolves #178
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 16 08:38:42 2017 +0200

    tests: removed openpgp related tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 7 11:58:25 2017 +0200

    tests: added reproducer for assertion trigger
    
    This relates to handshakes with support for RSA-PSS.
    Found with oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2132
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Jun 8 15:42:30 2017 +0200

    nettle: ported fix for assertion failure in pss_verify_mgf1
    
    Backport the upstream fix from:
    https://git.lysator.liu.se/nettle/nettle/commit/b1252fedf6ee1dbb8468d1d3f177711a16e83e52
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 8 17:33:21 2017 +0200

    .gitlab-ci.yml: keep logs of tests in abi build
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 15 13:41:36 2017 +0200

    doc: simplified the default client example
    
    Removed optional paths.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 15 13:20:51 2017 +0200

    tests: added reproducer for OCSP response found test cases
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 15 13:14:23 2017 +0200

    fuzz: documented location for OCSP-related reproducers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 15 12:43:48 2017 +0200

    ocsp: added sanity check in returned length
    
    This addresses:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1492
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 15 10:37:53 2017 +0200

    doc: added/modernized text on AEAD ciphers [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 15 09:09:20 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 15 09:06:49 2017 +0200

    tests: improved duplicate extension test
    
    Instead of sending two duplicate extensions of which one is invalid,
    send two valid ones instead. That way, we avoid the possibility of false
    positives due to the validation code of the extension contents.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 14 14:15:08 2017 +0200

    tests: verify that duplicate extensions are rejected
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 14 13:09:44 2017 +0200

    TLS extensions: added duplicate extension check on server side
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 14 11:15:54 2017 +0200

    gnutls_init: better naming for internal function
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 13 08:08:56 2017 +0200

    tests: added unit test for overriding TLS extensions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 14 11:11:34 2017 +0200

    TLS extensions: mark each extension which cannot be overriden
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 14 11:02:49 2017 +0200

    TLS extensions: combined the extension data and resumed data structures
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 12 17:31:19 2017 +0200

    removed type extension_priv_data_t
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 13 08:02:04 2017 +0200

    gnutls_int.h: groupped extension structures together
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 12 14:19:23 2017 +0200

    TLS extensions: several simplifications
    
    This allows extensions set by the application to override some
    of the internal ones.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 14 15:53:13 2017 +0200

    .gitlab-ci.yml: FreeBSD system is no longer available; disabling for CI [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 12 10:26:13 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 9 18:53:48 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 9 16:37:48 2017 +0200

    doc: added reference to privkey export functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 9 18:29:18 2017 +0200

    tests: added basic unit tests for the export_*_raw2() functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 9 18:17:34 2017 +0200

    corrected typo in x962 functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 9 16:21:31 2017 +0200

    pkcs11: do not set leading zeros on integers
    
    PKCS#11 defines integers as unsigned having most significant byte
    first, e.g., 32768 = 0x80 0x00. This is interpreted literraly by
    some HSMs which do not accept an integer with a leading zero.
    
    Resolves: #215
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 9 16:20:05 2017 +0200

    Introduced functions to export integers with no leading zero
    
    That is introduced the flag GNUTLS_EXPORT_FLAG_NO_LZ and:
     * gnutls_pubkey_export_rsa_raw2
     * gnutls_pubkey_export_dsa_raw2
     * gnutls_pubkey_export_ecc_raw2
     * gnutls_privkey_export_rsa_raw2
     * gnutls_privkey_export_dsa_raw2
     * gnutls_privkey_export_ecc_raw2
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 8 15:03:17 2017 +0200

    nettle: use older GMP macros for mpz_mod_2exp and mpz_div_2exp
    
    These ensure that compilation will succeed even when building with gmp-mini.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 8 13:15:00 2017 +0200

    _gnutls_ucs2_to_utf8: use void* as pointer type to avoid compiler assumptions on alignment [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 8 13:06:19 2017 +0200

    ciphersuites: removed unused function
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 8 13:00:25 2017 +0200

    nettle/cipher: document that ctx_ptr is 16-byte aligned, and use void* to avoid compiler assumptions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 8 12:53:44 2017 +0200

    certtool: corrected typo in strcmp() use
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 8 11:15:02 2017 +0200

    _gnutls_x509_privkey_reinit: ensure fields will not be re-used
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 8 09:25:32 2017 +0200

    certtool: improved error message when public key cannot be figured [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 16:05:37 2017 +0200

    updated auto-generated files for new signing API
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 16:00:41 2017 +0200

    handshake: simplify handshake by using the new signing API
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 13:38:05 2017 +0200

    tests: introduced unit tests of the new signing API
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 15:39:52 2017 +0200

    abstract API: introduced new signing functions
    
    That is, the gnutls_privkey_sign_data2() and gnutls_privkey_sign_hash2().
    The new functions perform signing with input the signature algorithm instead
    of the hash algorithm; that allows to use algorithms where the hash algorithm
    is not used, or the public key algorithm may be different than the key's.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 7 11:18:07 2017 +0200

    pkix: removed unused definition
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 16:04:53 2017 +0200

    gnutls_privkey_st: removed unused element
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 10:34:33 2017 +0200

    gnutls_session_get_desc: improved ciphersuite description
    
    That is, separated the key exchange from the signature algorithm
    used by the server, and list them in different fields.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 2 11:16:45 2017 +0200

    tests: key-import-export: use cert-common.h
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 2 17:04:45 2017 +0200

    tests: simplified CPPFLAGS of tests using internal gnutls funcs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 12:54:24 2017 +0200

    tests: key-exchange: added error checking in gnutls_certificate_set_x509_key_mem
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 10:58:33 2017 +0200

    _gnutls_check_key_cert_match: account for RSA and RSA-PSS mismatches
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 6 09:49:09 2017 +0200

    certtool: fix DER export with --p7-info
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 13:21:38 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 10:01:07 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 09:59:49 2017 +0200

    psktool: minor documentation updates
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 09:52:53 2017 +0200

    tests: added basic functionality check for psktool
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 09:50:07 2017 +0200

    psktool: increased default key size to 256-bits
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 09:39:49 2017 +0200

    psktool: do not assume any default key file
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed May 31 12:58:58 2017 -0400

    clarify documentation and arguments for psktool
    
     * psktool's -p argument should really be short for --pskfile, not
       --passwd.  there is no passwd involved.
    
     * the example documentation switches names halfway through, which is
       confusing.
    
     * there is no prompt for a password.  do not mention it in the
       example.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 09:22:44 2017 +0200

    tests: added unit test to verify that certificates with non-DER strict time fields are accepted
    
    Also removed the old strict compliance DER test.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 09:15:27 2017 +0200

    Tolerate DER time encoding errors
    
    It seems that openssl generated certificates may contain invalid
    formatted times, and gnutls will no longer parse them. Ignore such
    formatting errors when DER decoding.
    
    We should reconsider this in the future (#207)
    
    Resolves #196
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 10:24:04 2017 +0200

    tests: enhanced OID tests with OIDs for SHA3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 5 10:21:54 2017 +0200

    tests: enhanced OID tests with OIDs for RSA-PSS
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 4 13:56:04 2017 +0200

    .gitlab-ci.yml: added aarch64 build based on Debian
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 31 14:55:19 2017 +0200

    _gnutls_PRF: was made inline function
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 31 14:29:10 2017 +0200

    tests: added low-level unit tests on TLS 1.0 and 1.2 PRFs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 31 13:52:03 2017 +0200

    prf: implement the TLS 1.0 and 1.2 PRFs using nettle
    
    That simplifies the existing PRF code and moves it in the
    crypto-backend component.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 31 12:00:26 2017 +0200

    doc: refer to the site for commercial support options
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 31 11:29:08 2017 +0200

    tests: mini-record-retvals: include AES-CBC tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 31 11:36:30 2017 +0200

    tests: eliminated build warnings
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 31 08:55:54 2017 +0200

    tests: combined tables of sign-verify tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 30 19:54:48 2017 +0200

    Only accept known public key algorithms in the GNUTLS_PRIVKEY_EXT private keys
    
    The reason is that this API, assumes very low level primitives which
    are not available for the newer RSA-PSS private keys.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 30 19:42:36 2017 +0200

    _gnutls_privkey_*_sign_params: added support for GNUTLS_PRIVKEY_EXT keys
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 30 19:25:11 2017 +0200

    tests: added basic test on "external" keys with gnutls_privkey_import_ext2()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 16:53:14 2017 +0200

    gnutls_x509_privkey_sign_data: wrap over gnutls_privkey_sign_data()
    
    That will allow this function to operate with the new key types.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 16:43:28 2017 +0200

    tests: added unit tests for the gnutls_x509_* sign/verify APIs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 15:23:21 2017 +0200

    tests: added tests signature validation using the sign/verify_data APIs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 16:24:05 2017 +0200

    Separated use of GNUTLS_PRIVKEY_FLAG_PROVABLE and GNUTLS_PRIVKEY_SIGN_FLAG_REPRODUCIBLE
    
    For simplicity, rename GNUTLS_PRIVKEY_SIGN_FLAG_REPRODUCIBLE to GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 16:19:25 2017 +0200

    _gnutls_privkey_find_sign_params: renamed and simplified
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 15:40:40 2017 +0200

    gnutls_privkey_sign_hash: removed duplicate code
    
    The same code was available in _gnutls_privkey_find_sign_params().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 10:47:12 2017 +0200

    GNUTLS_E_INSUFFICIENT_SECURITY: moved to fatal errors
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 16:22:27 2017 +0200

    tls-sig: re-organize and simplify the TLS signature generation and verification
    
    That makes sure that the high level APIs are used when possible, and
    separate the TLS 1.2 from other code paths. This will allow supporting
    signature schemes like EdDSA and others.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 10:59:53 2017 +0200

    tests: modify tests to allow signatures with SHA1
    
    There were several tests that were utilizing SHA1 signatures but were
    not failing due to the bug in gnutls_pubkey_verify_hash2().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 31 10:12:31 2017 +0200

    gnutls_pubkey_verify_hash2: do not allow GNUTLS_VERIFY_USE_TLS1_RSA with non-RSA keys
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 10:42:27 2017 +0200

    gnutls_pubkey_verify_hash2: check for broken signature algorithms
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 10:13:16 2017 +0200

    gnutls_pubkey_verify_data2: do not utilize GNUTLS_VERIFY_USE_RSA_PSS
    
    This flag is not required for verification since the signature algorithm
    is sufficient to detect RSA-PSS without requiring any flags.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 30 10:36:59 2017 +0200

    tests: do not utilize GNUTLS_VERIFY_USE_RSA_PSS
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 08:55:47 2017 +0200

    certtool: do not ask for password when exporting to PKCS#8 implicitly
    
    Previously --generate-privkey wouldn't ask for password unless --pkcs8
    was explicitly given. Keep that behavior, and do not ask for any password
    even if we need to export to PKCS#8 for some key types. Always require
    the --pkcs8 option to encrypt with password.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 08:43:14 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 08:37:03 2017 +0200

    doc: mention RSA-PSS-SHA* signature algorithms
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 08:33:44 2017 +0200

    certtool: replaced rsa-pss-sign with sign-params option
    
    This option could accomodate future enhancements/additions in
    certificate signining.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 29 08:26:41 2017 +0200

    certtool: better documentation on rsa-pss-sign
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 13:30:18 2017 +0200

    replaced MAX_SIGNATURE_ALGORITHMS macro with MAX_ALGOS
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 13:19:08 2017 +0200

    tests: added unit test for gnutls_sign_supports_pk_algorithm()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 10:44:41 2017 +0200

    tls-fuzzer: ignore the incomplete RSA-PSS tests
    
    These tests fail because tls-fuzzer currently does not properly implement
    RSA-PSS.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 10:06:34 2017 +0200

    tests: verify that generated RSA-PSS keys can be read with certtool -k
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 10:01:04 2017 +0200

    certtool: use PKCS#8 format for generated RSA-PSS keys
    
    An RSA-PSS key has additional parameters which cannot be stored
    in the "standard" PKCS#1 format. For that when asked to generate
    an RSA-PSS key, we export to the PKCS#8 form.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 09:52:33 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 08:57:11 2017 +0200

    tests: x509sign-verify: include ECDSA and RSA-PSS key tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 08:22:07 2017 +0200

    tlsfuzzer: the test-certificate-verify-malformed check now passes
    
    Previously it was expecting a different alert code than gnutls returned.
    Now gnutls returns the expected alert code (GNUTLS_A_DECRYPT_ERROR)
    on malformed signatures.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 16:35:18 2017 +0200

    alert: map GNUTLS_E_PK_SIG_VERIFY_FAILED to GNUTLS_A_DECRYPT_ERROR
    
    This makes server respond with GNUTLS_A_DECRYPT_ERROR on malformed signatures,
    which is the expected behavior. Hinted by Hubert Kario.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 16:18:25 2017 +0200

    Increased the maximum number of signature algorithms
    
    That allows including all the existing signatures including DSA.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 14:30:17 2017 +0200

    x509sign-verify: corrected test to perform RSA tests on RSA keys
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 14:01:53 2017 +0200

    tests: added tests for RSA-PSS key exchange under TLS 1.2
    
    That includes tests with RSA and RSA-PSS server and client certificates.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 14:53:43 2017 +0200

    publickey: map RSA ciphersuites to GNUTLS_PK_RSA_PSS
    
    That is in addition to GNUTLS_PK_RSA
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 30 06:40:39 2016 +0300

    Rework KX -> PK mappings
    
    GOST VKO and PSS keys would support several public keys, so change
    the previous 1:1 kx->pk mapping into 1:many.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 12:45:08 2017 +0200

    tests: added TLS 1.2 tests with RSA-PSS signatures on RSA certificates
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 11:50:38 2017 +0200

    gnutls_privkey_sign_hash: use the GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS flag
    
    That is, the privkey_sign_hash() function was made static (no users other
    than the same file), and gnutls_privkey_sign_hash will take into account
    the GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS, if specified.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 11:33:49 2017 +0200

    tls-sig: sign with RSA-PSS when requested by negotiated signature algorithm
    
    That is, when signing a TLS message, take into account the
    negotiated signature algorithm, in addition to the hash algorithm
    to decide which flags to pass to gnutls_privkey_sign_hash(). This
    allows signing the handshake messages with RSA-PSS even when an RSA
    key is present.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 11:19:12 2017 +0200

    priority: enabled RSA-PSS signatures by default
    
    They are prioritized low on the list to reduce compatibility
    issues in case they are wrongly implemented in gnutls or in the
    peer implementation. To be revised when more elaborate compatibility
    tests are made.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 11:13:23 2017 +0200

    ext/signature: accept compatible algorithms with PK
    
    That is instead of using a 1-1 mapping of signature algorithms
    to public key algorithms, use gnutls_sign_supports_pk_algorithm()
    to determine whether algorithms match. That way we can allow
    GNUTLS_SIGN_RSA_PSS_SHA256 under GNUTLS_PK_RSA and GNUTLS_PK_RSA_PSS
    keys.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 11:12:33 2017 +0200

    gnutls_pubkey_verify_hash2: corrected operation with RSA-PSS keys
    
    That is, do not check the flag GNUTLS_VERIFY_USE_RSA_PSS, as we
    already have enough information to determine whether an RSA-PSS
    signature is used (the sign algorithm). Also return the code
    GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY when a signature algorithm
    incompatible with the public key is encountered.
    
    In addition, fixed few misplacements of GNUTLS_PK_RSA_PSS in switch
    cases.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 10:48:30 2017 +0200

    Introduced gnutls_sign_supports_pk_algorithm()
    
    This function allows to test whether a combination of public key
    algorithm and signature algorithm are supported. This is introduced
    for RSA-PSS signatures which can be generated by a GNUTLS_PK_RSA key
    or by a GNUTLS_PK_RSA_PSS key.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Mar 16 11:38:58 2017 +0100

    x509: implement RSA-PSS signature scheme
    
    This patch enables RSA-PSS signature scheme in the X.509 functions and
    certtool.
    
    When creating RSA-PSS signature, there are 3 different scenarios:
    
    a. both a private key and a certificate are RSA-PSS
    b. the private key is RSA, while the certificate is RSA-PSS
    c. both the private key and the certificate are RSA
    
    For (a) and (b), the RSA-PSS parameters are read from the certificate.
    Any conflicts in parameters between the private key and the certificate
    are reported as an error.
    
    For (c), the sign functions, such as gnutls_x509_crt_privkey_sign() or
    gnutls_privkey_sign_data(), shall be instructed to generate an RSA-PSS
    signature.  This can be done with the new flag
    GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS.
    
    Verification is similar to signing, except for the case (c), use the
    flag GNUTLS_VERIFY_USE_RSA_PSS instead of
    GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS.
    
    From the command line, certtool has a couple of new options: --rsa-pss
    and --rsa-pss-sign.  The --rsa-pss option indicates that the generated
    private key or certificate is restricted to RSA-PSS, while the
    --rsa-pss-sign option indicates that the generated certificate is signed
    with RSA-PSS.
    
    For simplicity, there is no means of choosing arbitrary salt length.
    When it is not given by a private key or a certificate, it is
    automatically calculated from the underlying hash algorithm and the
    RSA modulus bits.
    
    [minor naming changes by nmav]
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 10:19:22 2017 +0200

    fuzz: added RSA-PSS certificate
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Mar 31 14:36:46 2017 +0200

    build: import files from Nettle for RSA-PSS
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 27 07:29:44 2017 +0200

    libtasn1: updated to 4.11
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 15:10:17 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 09:39:10 2017 +0200

    tests: added unit tests for gnutls_de/encode_rs_value
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 25 08:38:43 2017 +0200

    pk: exported gnutls_decode_rs_value() and gnutls_encode_rs_value()
    
    These functions allow encoding to and from a Dss-Sig-Value.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 12:43:21 2017 +0200

    tests: skip x86-specific tests when not in x86
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 10:56:30 2017 +0200

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 10:18:09 2017 +0200

    tests: tls-fuzzer: corrected unlocking at tls-fuzzer-cert.sh
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 10:42:28 2017 +0200

    examples: made a comment that getpass() output needs to be sanitized
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 26 10:13:05 2017 +0200

    certtool: avoid printing legacy options in --help
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 24 17:34:31 2017 +0200

    Makefile: improved code coverage extraction from lcov output
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 24 15:48:31 2017 +0200

    configure: warn when building as static library [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 24 14:01:56 2017 +0200

    gnutls_ocsp_status_request_enable_client: removed support for problematic parameters
    
    Removed support for responder_id and extensions parameters. These
    had very difficult semantics to use and the underlying implementation
    had encoding errors, meaning there was no interoperation with other
    clients. Given that issue it means there are no applications depending on
    these parameters; ignore these parameters completely and no longer send
    either responder_id or extensions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 24 11:48:24 2017 +0200

    gnutls_ocsp_status_request_enable_client: documented requirements for parameters
    
    That is, the fact that extensions and responder_id parameters must be
    allocated, and are assigned to the session.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 24 11:38:16 2017 +0200

    ext/status_request: Removed the parsing of responder IDs from client extension
    
    These values were never used by gnutls, nor were accessible to applications,
    and as such there is not reason to parse them.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 24 10:46:03 2017 +0200

    ext/status_request: ensure response IDs are properly deinitialized
    
    That is, do not attempt to loop through the array if there is no array
    allocated.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 24 10:28:28 2017 +0200

    tlsfuzzer: enabled ocsp stapling test
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 24 10:17:09 2017 +0200

    tlsfuzzer: updated to latest version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 23 09:26:10 2017 +0200

    self-tests: limit compatibility API checks to vectors with plaintext
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 22 16:43:38 2017 +0200

    tests: on cipher override do not run the compatibility checks
    
    That is, because we introduce a cipher using the new AEAD API which
    does not provide compatibility hooks.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 22 16:41:48 2017 +0200

    self-tests: introduced flag GNUTLS_SELF_TEST_FLAG_NO_COMPAT
    
    This allows skipping the compatibility APIs when running self tests.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 22 16:39:14 2017 +0200

    self-tests: all parameter was replaced by flags
    
    This allows to introduce more options than just check all
    ciphers.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 22 14:41:56 2017 +0200

    aarch64: fix AES-GCM in-place encryption and decryption
    
    Resolves #204
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 22 11:54:25 2017 +0200

    crypto: self-tests: enhance to include compatibility APIs
    
    That is, run the compatibility gnutls_cipher_* APIs on self tests
    for AEAD ciphers in addition to the AEAD API.
    
    Relates #204
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 22 14:23:14 2017 +0200

    crypto-api: refuse to run gnutls_cipher_init() in full AEAD modes
    
    That is, there are AEAD modes like CCM that can only be used through
    the AEAD API. Always refuse calls to gnutls_cipher_init() in these
    modes.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 22 09:19:53 2017 +0200

    doc: corrected error in gnutls_x509_privkey_sign_data parameters [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 20 20:41:30 2017 +0200

    sysrng-linux: improved detection of getrandom()
    
    The getrandom() call is defined in sys/random.h.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 20 20:34:40 2017 +0200

    gnutls-cli: use 16k buffers in --benchmark-tls-ciphers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 20 20:31:33 2017 +0200

    gnutls-cli: cleaned up --benchmark-ciphers output
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 20 20:20:34 2017 +0200

    gnutls-cli: no longer include arcfour in benchmarks
    
    This cipher is considered broken and no longer included in
    the default set of ciphers.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 20 08:51:55 2017 +0200

    documented the make files-update make option
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 20 08:48:26 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 20 08:26:47 2017 +0200

    tests: added TLS server test for multi-key usage
    
    That is, a server which utilizes both RSA and ECDSA keys.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 20 08:14:59 2017 +0200

    p11tool: mark provider opts as deprecated
    
    That is, to avoid listing that option in p11tool --help, as it is
    only useful for debugging very low level interfaces with PKCS#11
    parameter passing.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat May 20 02:19:17 2017 +0300

    gnutls-serv: allow user to specify multiple x509certile/x509keyfile
    
    Instead of adding more and more variants like x509dsakeyfile or
    x509ecckeyfile (counting eddsa and gost in future), allow user to
    specify x509certfile/x509keyfile multiple times. Keep the old
    options as compatibility options.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu May 18 23:55:57 2017 +0300

    Fix two memory leaks in debug output of gnutls tools
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Nov 30 07:13:09 2016 +0300

    Don't let GnuTLS headers in NETTLE_CFLAGS override local headers
    
    Change order of CFLAGS so that local headers always come before ones in
    $(NETTLE_CFLAGS).
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 12 17:58:55 2017 +0200

    find_signer: eliminate memory leak
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Karl Tarbe <karl.tarbe@cyber.ee>
Date:   Mon May 8 15:06:33 2017 +0300

    tests: add test for signing with certificate list
    
    Signing with one certificate, but includes the other certificates
    inside the PKCS#7 structure.
    
    Signed-off-by: Karl Tarbe <karl.tarbe@cyber.ee>

Author: Karl Tarbe <karl.tarbe@cyber.ee>
Date:   Thu May 4 16:46:14 2017 +0300

    certtool: allow multiple certificates in --p7-sign
    
    Signed-off-by: Karl Tarbe <karl.tarbe@cyber.ee>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun May 14 11:21:07 2017 +0200

    Fix autoconf progress message concerning heartbeat [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu May 11 22:03:08 2017 +0200

    doc: corrected typo [ci skip]
    
    Reported by Andreas Metzler.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu May 11 22:01:10 2017 +0200

    test: corrected typo preventing the run of openpgp test [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 10 17:43:32 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 10 17:23:54 2017 +0200

    pkcs11_override_cert_exts: do not use CKA_X_DISTRUSTED flag when retrieving
    
    This flag was introduced in order for reducing the number of duplicate
    stapled extensions returned by p11-kit. Unfortunately that fix was bogus
    and in fact it resulted to p11-kit not returning any stapled extensions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 10 17:08:11 2017 +0200

    tests: added unit test for p11-kit trust store
    
    This verifies whether an Example Root CA can be read together
    with its stapled extensions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 10 16:40:10 2017 +0200

    p11tool: added the --provider-opts option
    
    This option allows passing parameters to the PKCS#11 module
    loading process, i.e., passed to gnutls_pkcs11_add_provider().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 10 16:34:25 2017 +0200

    pkcs11_add_provider: allow passing parameters to p11-kit trust module
    
    When the @params argument of gnutls_pkcs11_add_provider() starts with
    'p11-kit:' the specified provider is loaded as an unmanaged module
    and the rest of parameters are being passed opaque to the module. This
    allows loading for example the p11-kit trust module with a custom path
    for the trust database.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 9 22:03:45 2017 +0200

    tests: introduced checks in alternative chain discovery
    
    These cope with alternative chain discovery in the case of insecure
    algorithm found in the chain.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 9 21:24:36 2017 +0200

    tests: modified pkcs1-pad to account for alt path search
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 8 06:43:28 2017 +0200

    gnutls_x509_trust_list_verify_crt2: treat signers with insecure algorithms as unknown
    
    The reason is that many servers utilize a legacy chain to improve compatibility
    with old clients and that chain often contains insecure algorithm. In that case
    try to construct alternative paths. To maintain compatibility with previous
    versions, we ensure that the same error code (verification status) is returned
    in these cases as before by sending the cached error if the alternative path fails
    too.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 9 20:57:40 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 9 20:57:00 2017 +0200

    Makefile: files-update directive will update the auto-generated files in src/
    
    This simplifies the update of files generated by autogen.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 8 07:02:16 2017 +0200

    tests: added check for gnutls-cli's sni-hostname option
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 8 06:13:59 2017 +0200

    gnutls-cli: introduced --sni-hostname option
    
    This allows overriding the value set on the TLS server name indication
    extension.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 10 10:39:22 2017 +0200

    Makefile: added phony targets to .PHONY [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 9 14:51:44 2017 +0200

    fuzz: doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 8 06:27:21 2017 +0200

    errors.h: _gnutls_cert_log will only print on non-null certificates
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nicolas Dufresne <nicolas.dufresne@collabora.com>
Date:   Fri Apr 28 17:17:32 2017 -0400

    rsa-psk: Use the correct username datum
    
    In rsa-psk we properly request username for the case the
    application uses a callback, but later we use the username
    cached in the credentials structure. This will lead to empty
    username issues.
    
    Signed-off-by: Nicolas Dufresne <nicolas.dufresne@collabora.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat May 6 23:06:45 2017 +0200

    tests: added check for PSK client callback in RSA-PSK
    
    This check verifies whether gnutls_psk_client_credentials_function
    is operational, and the parameters sent are taken into account
    by the server.
    
    Relates !364
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat May 6 22:47:32 2017 +0200

    tests: simplified name of mini-rsa-psk check
    
    In addition modernize the used APIs and added explicit check
    on the received by the server username value.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 5 14:31:30 2017 +0200

    tests: utilize the email_protection_key template option
    
    This ensures that generated certificates and requests will
    include that key purpose when the option is present.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 5 14:21:13 2017 +0200

    certtool: introduced the email_protection_key option
    
    This option was introduced in documentation for certtool without
    an implementation of it. It is a shortcut for option
    key_purpose_oid = 1.3.6.1.5.5.7.3.4
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Mon May 1 19:20:38 2017 +0200

    gnutls-cli: Use CRLF with --starttls-proto=smtp.
    
    Closes https://gitlab.com/gnutls/gnutls/issues/200

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 1 01:43:40 2017 +0200

    doc: remove libidn from instructions and add libidn2
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 1 00:59:12 2017 +0200

    doc: update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 1 00:26:47 2017 +0200

    added newline in debug messages [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 4 20:13:11 2017 +0200

    Removed support for libidn1
    
    Currently we support both IDNA2003 and IDNA2008. However, IDNA2003
    is already obsolete by registrars and NICs, thus there is no reason
    to continue supporting it. We switch to IDNA2008 exclusively using libidn2.
    
    Resolves #194
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 1 12:44:46 2017 +0200

    updated minitasn1
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 1 12:42:57 2017 +0200

    gnutls.h: introduced GNUTLS_E_ASN1_TIME_ERROR
    
    This corresponds to libtasn1 ASN1_TIME_ENCODING_ERROR and
    indicates an error in the DER or BER encoding of time field.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sun Apr 30 13:25:16 2017 +0200

    gnutls_pkcs12_simple_parse: set to null vars after deinitialization
    
    This avoids having the variables being deinitialized twice during
    cleanup.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sun Apr 30 12:52:51 2017 +0200

    tests: enhance with checks to verify that textual IPs are not matched
    
    That verifies that the hostname check verification function will
    not succeed if given textual IPs, and the certificate contains
    textual IPs in DNSname or in the CN fields.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Apr 29 13:30:50 2017 +0200

    gnutls_x509_crt_check_hostname2: no match dns fields against IPs
    
    Previously we were checking textual IP address matching against
    the DNS fields. This match was non-standard and was intended to
    work around few broken servers. However that also led to not
    evaluating and IP constraints for that IP. No longer follow that
    broken behavior.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sun Apr 30 12:45:19 2017 +0200

    tests: check against symbols present only in IDNA2003
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Apr 29 14:00:24 2017 +0200

    gnutls_idna_map: fallback to IDNA2008 transitional encoding on failure
    
    This aligns with the behavior of firefox, which maps to IDNA2008, and
    fallbacks to IDNA2003 if that fails (e.g., mapping doesn't exist).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 28 23:12:19 2017 +0200

    fuzz: fix leaks in PKCS#12 fuzzer
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 28 22:46:48 2017 +0200

    pkcs12: release CRL data on error path
    
    This addresses issue:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1295
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 25 12:01:25 2017 +0200

    doc: added gnutls_ext_flags_t enumeration
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 25 11:55:10 2017 +0200

    _gnutls_base64_decode: corrected leak on decoding error
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 25 11:08:47 2017 +0200

    tests: fixed expected error code in base64 check
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 25 15:15:27 2017 +0200

    certtool: ensure no leaks on pkcs12_info() error paths
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 25 11:02:01 2017 +0200

    tests: added reproducer for mem leak in PKCS#12 decoding
    
    This relates to:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1173
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 25 10:59:58 2017 +0200

    pkcs12: eliminate mem leaks in _pkcs12_decode_safe_contents
    
    This makes sure we deinitialize previously available elements.
    This addresses:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1173
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 25 10:48:46 2017 +0200

    cleanups in _pkcs12_decode_safe_contents
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 25 10:36:22 2017 +0200

    pkcs12: clean ups in PKCS#12 parsing
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 24 14:16:24 2017 +0200

    Added explicit check for the bounds of the generated 'd'.
    
    This is according to FIPS186-4 sec. B.3.1.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 24 13:06:45 2017 +0200

    fips140-2: enhanced check of generated parameters
    
    That is, replaced all assert() calls with if statements to allow
    gracefull fail.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 24 13:11:04 2017 +0200

    dsa-fips.h: include nettle/bignum.h to allow compilation under nettle-mini
    
    Relates #197
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 25 09:50:08 2017 +0200

    tests: added base64 reproducer of mem leak
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 24 13:28:39 2017 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 23 11:54:38 2017 +0200

    gnutls.h: introduced flag GNUTLS_EXT_FLAG_OVERRIDE_INTERNAL [ci skip]
    
    This flag is expected to be used by applications which handle
    custom extensions that are not currently supported in gnutls, but
    support for them may be added in the future.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 21 09:28:47 2017 +0200

    _gnutls_base64_decode: addressed memory leak in decoding
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 21 09:19:56 2017 +0200

    gnutls_pem_base64_decode: allow decoding raw base64 data
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 21 09:14:18 2017 +0200

    tests: check whether gnutls_pem_base64_decode2 decodes with null argument
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 21 09:12:51 2017 +0200

    Revert "gnutls_pem_base64_decode: allow decoding raw base64 data"
    
    This reverts commit fa86fc6892d6551340f24da6a6af4f484a62b884.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 20 16:34:56 2017 +0200

    doc: clarifications on custom thread override [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 20 14:03:39 2017 +0200

    fuzz: added PEM base64 decoder and encoder fuzzers [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 19 20:04:59 2017 +0200

    fuzz: openpgp fuzzer always succeeds when no support is present [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 14 01:18:56 2017 +0300

    lib/system/fastopen: simplified TCP fast open for OSX
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon Apr 10 12:39:46 2017 +0200

    lib/system/fastopen: Add TCP Fast Open for OSX
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 8 16:37:28 2017 +0200

    doc: removed incorrect comment
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 8 17:02:35 2017 +0200

    gnutls_dh_get_pubkey: fixed operation under PSK authentication
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 8 16:15:36 2017 +0200

    tests: test gnutls_dh_get_pubkey in PSK auth
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 8 16:33:09 2017 +0200

    tests: combined and enhanced DH params tests
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 8 16:25:49 2017 +0200

    tests: added DH parameter check in X.509 auth
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 8 16:18:26 2017 +0200

    tests: added basic test on gnutls_dh_params_cpy
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 8 16:14:06 2017 +0200

    tests: test gnutls_dh_get_pubkey in anonymous auth
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 8 16:15:46 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 8 15:50:16 2017 +0200

    tests: added basic unit test on gnutls_random_art()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 7 22:51:09 2017 +0200

    doc: fixed documentation for various function parameters
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 7 22:37:54 2017 +0200

    .gitlab-ci.yml: removed the coverage run under pkcs11 trust store
    
    It was causing inaccurate total coverage numbers.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 16:56:06 2017 +0200

    .gitlab-ci.yml: added runs under the PKCS#11 trust store in fedora
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 16:51:46 2017 +0200

    tests: use gnutls_global_init instead of global_init
    
    The reason is to force initialization of the PKCS#11 backend,
    and thus support for any PKCS#11 trust store when setup.
    This fixes running the test suite in Fedora.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 14:42:10 2017 +0200

    tests: added checks with certificates that contain invalid time field
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 14:33:29 2017 +0200

    x509/time: reject invalid dates in local mktime()
    
    Resolves #135
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 14:25:34 2017 +0200

    certtool: added newline in error message
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 14:09:31 2017 +0200

    tests: added basic check for systemkey tool
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 14:05:45 2017 +0200

    systemkey: improved error message on unsupported systems
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 14:00:41 2017 +0200

    tests: enhanced tofu trustdb checks
    
    Include checks which store and load commitments from the user's home
    directory.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 10:35:33 2017 +0200

    tests: do not run pkgconfig test in systems with invalid libidn flags
    
    This prevents our test from failing, due to invalid flags found in
    a dependency of ours.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 13:30:16 2017 +0200

    doc: fixed tpmtool and psktool documentation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 09:39:50 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 09:38:45 2017 +0200

    tests: added unit tests for the base64 raw decoding functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 09:37:10 2017 +0200

    gnutls_pem_base64_decode: allow decoding raw base64 data
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 09:26:01 2017 +0200

    x509/output: do not print usage entry when there is none
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 7 09:21:19 2017 +0200

    certtool: improved printing of the key PIN and key ID
    
    That is, on private keys use the same format when printing
    the public Key ID and public key PIN, as when printing it
    in certificates.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 6 18:34:56 2017 +0200

    .gitlab-ci.yml: fixed freebsd build project restriction
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 6 18:18:02 2017 +0200

    certtool: print the key PIN on private and public keys
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 6 18:09:14 2017 +0200

    gnutls_pem_base64_encode2: do raw base64 when msg is NULL
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 7 08:33:54 2017 +0200

    .gitlab-ci.yml: simplified CI setup
    
    This makes builds independent by reducing interactions between
    artifacts of builds.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 6 11:53:33 2017 +0200

    fuzz: do not enable the openpgp fuzzer when openpgp is disabled
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 14:50:43 2017 +0200

    serv: fixed carriage return stripping in strip()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 14:47:30 2017 +0200

    Mark with (void) the remove() function and other unchecked functions
    
    This allows static analysers to properly warn on unchecked return values.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 14:29:16 2017 +0200

    gnutls-cli: fixed minor coverity identified issues
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 14:26:52 2017 +0200

    certtool: fixed newline skip code in smime-to-p7 code
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 14:12:03 2017 +0200

    tests: added unit test for the certtool smime conversion functionality
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 13:41:36 2017 +0200

    certtool: fixed minor issues pointed out by coverity
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 13:38:06 2017 +0200

    gnutls-cli: better resource management in benchmark cmd
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 13:30:22 2017 +0200

    is_level_acceptable: ensure issuer is not dereferenced when null
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 13:25:08 2017 +0200

    certtool: guard the value of tl before gnutls_pkcs7_verify
    
    This utilizes assert() as it cannot be triggered in practice.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 13:20:44 2017 +0200

    Avoid using ASN1_MAX_NAME_SIZE directly
    
    Since ASN1_MAX_NAME_SIZE refers to a single element in the asn1
    tree, it is not suitable to hold the maximum combined name. Instead
    use a local definition of MAX_NAME_SIZE, which is a multiple of
    the ASN1_MAX_NAME_SIZE.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 13:15:38 2017 +0200

    gnutls_x509_crq_set_challenge_password: don't accept null password
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 13:13:26 2017 +0200

    Mark with (void) the functions where the returned value is not checked intentionally
    
    This allows static analysers to properly warn on unchecked return values.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 13:08:11 2017 +0200

    removed duplicate code
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 12:47:03 2017 +0200

    handshake/record: mark with comments all expected fall-through switches
    
    This reduces warnings from static analysers like coverity and makes
    explicit the intention.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 12:42:18 2017 +0200

    gnutlsxx.cpp: fixed misleading indentation issues
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 12:39:23 2017 +0200

    doc: document intended fallthrough
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 12:36:52 2017 +0200

    tests: fixed possible buffer overflow to avoid spurious complaints
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 12:34:56 2017 +0200

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 11:54:45 2017 +0200

    x509.h: added macro for inhibit any policy
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 11:50:29 2017 +0200

    NEWS: updated
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 10:24:17 2017 +0200

    doc: documented the inhibit any policy extension
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 11:08:09 2017 +0200

    tests: added PKCS#12 unit test with AES file
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 16:36:48 2017 +0200

    tests: added unit test for inhibit anypolicy generation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 15:36:47 2017 +0200

    supported_exts: inhibit anypolicy is listed as supported
    
    Since we don't support certificate verification based on policies,
    we make sure we do not reject any certificates based on the inhibit
    any policy extension being present.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 16:27:34 2017 +0200

    certtool: added template option inhibit_anypolicy_skip_certs
    
    This option writes the inhibit anyPolicy option in a certificate.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 16:25:47 2017 +0200

    x509: output the inhibit anyPolicy value
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 10:29:32 2017 +0200

    documented the GNUTLS_X509_OID_POLICY_ANY macro
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 16:03:34 2017 +0200

    x509: added function to set and retrieve inhibit anypolicy extension value
    
    That is, introduced:
     * gnutls_x509_crt_get_inhibit_anypolicy
     * gnutls_x509_crt_set_inhibit_anypolicy
    
    Resolves #180
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 15:53:05 2017 +0200

    _gnutls_x509_write_uint32: ensure we prepend leading zero when writing
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 15:46:45 2017 +0200

    Added helper functions to parse the inhibit anyPolicy X.509 extension
    
    That introduces:
     * gnutls_x509_ext_export_inhibit_anypolicy
     * gnutls_x509_ext_import_inhibit_anypolicy
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 15:22:06 2017 +0200

    tests: added unit test for PKCS#12 with file that uses PBES1 with no salt
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Apr 6 05:14:25 2017 +0200

    tests: added basic check for system trust store
    
    This checks whether the gnutls_certificate_set_x509_system_trust()
    and thus the trust list equivalent function operate as expected
    and return a positive number of certificates. The test is ignored
    in systems where these functions return GNUTLS_E_UNIMPLEMENTED_FEATURE.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: David Caldwell <david@porkrind.org>
Date:   Tue Apr 4 21:29:55 2017 -0700

    gnutls_x509_trust_list_add_system_trust: Add macOS keychain support
    
    Also don't check for a default_trust_store_file in configure when building on
    macOS (unless explicitly asked to with --with-default-trust-store-file=xxx),
    because otherwise it finds /etc/ssl/cert.pem: This file is new (since
    10.12.2?), which means libraries built on the newest OS version wouldn't work
    the same way on an older versions (and vice versa).  "/etc/ssl/cert.pem" also
    doesn't seem to reflect additions and deletions from the user's or system's
    trusted roots keychain (in my limited testing).
    
    Signed-off-by: David Caldwell <david@porkrind.org>

Author: David Caldwell <david@porkrind.org>
Date:   Wed Apr 5 11:15:45 2017 -0700

    Rename uint64 to gnutls_uint64 to avoid conflict with macOS
    
    Signed-off-by: David Caldwell <david@porkrind.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 10:11:01 2017 +0200

    mpi: openpgp integer scanning was put into conditional
    
    That is, no longer include that code when compiling without openpgp
    support.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 29 12:38:34 2017 +0200

    Moved all openpgp-related variables and definitions into ifdef blocks
    
    This allows compilation with -Werror even if openpgp is disabled.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 29 09:55:36 2017 +0200

    OpenPGP authentication is disabled by default
    
    The flag --enable-openpgp-authenticationcan be used to revert
    this change.
    
    Resolves #178
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 08:50:53 2017 +0200

    tools: remove outfile when exited on error
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 08:32:48 2017 +0200

    certtool: added examples on verifying certificates
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 5 08:12:17 2017 +0200

    certtool: improved documentation
    
    Incorporated comments made in Lenka Horakova's thesis study.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 15:22:06 2017 +0200

    tests: added unit test for PKCS#12 with file that uses PBES1 with no salt
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 11:28:27 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 12:52:14 2017 +0200

    tests: add unit test for PKCS#12 with file that uses SHA512 for MAC
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 12:11:27 2017 +0200

    pkcs12: increased the maximum salt size
    
    This accomodates for files which have salt sizes up to 256 bytes.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 12:01:15 2017 +0200

    _gnutls_pkcs12_string_to_key: allow SHA384 and SHA512
    
    The previous implementation of the function was restricted to SHA1 and
    SHA256. Extended to allow SHA384 and SHA512 as well.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 11:25:22 2017 +0200

    PKCS#12: added support for files with zero salt length in MAC
    
    Resolves #191
    Resolves #190
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 11:19:23 2017 +0200

    tests: added unit test for PKCS#12 with file with no salt in MAC
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 3 09:44:43 2017 +0200

    tests: verify that the encryption OID is printed
    
    That is, verify whether certtool --p12-info will print the
    actual encryption OID on unsupported files, rather than the
    generic PBES2 algorithm.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 3 09:35:31 2017 +0200

    gnutls_pkcs8_info: return the encryption algorithm OID on failure
    
    When failing to import a structure due to an unsupported encryption
    algorithm OID, return the unsupported OID instead of the generic
    PBES2 OID.
    
    Resolves: #193
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 4 10:26:43 2017 +0200

    gnutls_transport_set_pull_timeout_function: doc update [ci skip]
    
    Clarified when this function should be set. Based on suggestion by
    Sean Greenslade.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun Apr 2 17:56:15 2017 +0200

    Use NORMAL priority for SSLv23_*_method.
    
    Instead of enforcing TLS1.0/SSL3.0 use gnutls NORMAL priority for
    SSLv23_*_methods.
    
    http://bugs.debian.org/857436

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 2 15:14:41 2017 +0200

    .gitlab-ci.yml: renamed dist build to doc-dist
    
    This better describes the name of the build.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 2 15:12:44 2017 +0200

    .gitlab-ci.yml: combined minimal and no-tools builds
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 2 15:07:05 2017 +0200

    .gitlab-ci.yml: combined static analyser runs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 1 23:40:12 2017 +0200

    .gitlab-ci.yml: reduced builds and stages
    
    That is an improvement to run the CI faster.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 30 20:56:01 2017 +0200

    tests: added unit test for gnutls_priority_get_cipher_suite_index
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 31 20:33:49 2017 +0200

    gnutls-cli: eliminate leak on --list option
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 29 18:52:48 2017 +0200

    gnutls_priority_get_cipher_suite_index: fixed returned protocols
    
    That is no longer return indexes for ciphersuites which would not have
    been available due to TLS version mismatch in the priorities cache.
    
    Resolves #146
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Matt Turner <mattst88@gmail.com>
Date:   Fri Mar 31 13:45:04 2017 -0700

    tests: Copy template out of ${srcdir}
    
    Otherwise, out of tree builds will fail to copy the template.
    
    Signed-off-by: Matt Turner <mattst88@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 31 20:56:04 2017 +0200

    gnutls_cipher_get_tag_size: document behavior on non-AEAD ciphers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 31 20:53:19 2017 +0200

    doc: make a note that parts of the crypto API are in Core API
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 31 16:27:03 2017 +0200

    tests: added checks with problematic PKCS#12 files
    
    These check whether parsing of unsupported files (e.g., with RC2-128),
    will succeed. This serves as functionality check for gnutls_pkcs8_info.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 31 16:17:07 2017 +0200

    gnutls_pkcs8_info: do not free oid on GNUTLS_E_UNKNOWN_CIPHER_TYPE
    
    The documented behavior of the function was to return a valid
    OID in that case.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 30 19:58:22 2017 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 29 14:08:26 2017 +0200

    Makefile.am: dropped .clcopying from dist files [ci skip]
    
    It is no longer being used.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 29 10:40:31 2017 +0200

    Simplified the generation of ChangeLog [ci skip]
    
    Removed the dependency on git2cl and utilize git log directly.
    git2cl seems to provide incorrect output.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 28 09:05:38 2017 +0200

    tests: added global locks on tls-fuzzer tests
    
    They both require access to the same port and thus cannot
    be run in parallel.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 28 09:01:25 2017 +0200

    cert: ensure that there are no leftovers in certificate msg
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 28 08:58:29 2017 +0200

    testsuite: added tlsfuzzer certificate requiring tests
    
    This enhances the testsuite by running all the tlsfuzzer
    fuzzer tests which require certificates from server.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 28 08:40:32 2017 +0200

    alert: return GNUTLS_A_BAD_CERTIFICATE on GNUTLS_E_PK_SIG_VERIFY_FAILED
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 28 09:28:44 2017 +0200

    fuzz: updated pkcs12 corpus
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 27 17:40:23 2017 +0200

    fuzz: added PKCS#12 file parser fuzzer
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 27 17:28:08 2017 +0200

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 26 13:46:45 2017 +0200

    ocsp-test: disable under windows
    
    This test was failing because datefudge couldn't run under win32.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 26 13:45:37 2017 +0200

    Revert "ocsp-test: disable under windows"
    
    This reverts commit 90d5ad5a42759957866ba1d9c96f5dccfd3ea1cc.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 26 10:10:02 2017 +0200

    .travis.yml: no longer install pkg-config
    
    Travis build seem to fail for some reason since pkg-config is already
    installed.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 26 10:07:13 2017 +0200

    ocsp-test: disable under windows
    
    This test was failing because datefudge couldn't run under win32.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 25 21:48:46 2017 +0100

    .gitlab-ci.yml: increase time of artifact expiration
    
    This allows to re-run failed builds on the depending stages
    during that time.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 25 21:44:53 2017 +0100

    gnutls.pc: Removed P11_KIT_LIBS from Libs.private
    
    It was already being included in Requires.private. Reported
    by Andreas Metzler.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 23 08:03:52 2017 +0100

    gnutls.pc: don't include zlib twice in private libs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 23 11:39:34 2017 +0100

    tests: create-chain.sh: do not explicitly set serial
    
    We were previously exporting certificates with serial number being
    zero, which is not allowed by RFC5280.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 23 11:34:07 2017 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 22 09:39:12 2017 +0100

    tests: added mini-x509-ipaddr
    
    This is a unit test for GNUTLS_DT_IP_ADDRESS as used in
    gnutls_certificate_verify_peers().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 22 09:00:09 2017 +0100

    Introduced GNUTLS_DT_IP_ADDRESS
    
    This allows verifying an IP address using gnutls_certificate_verify_peers()
    or gnutls_x509_trust_list_verify_crt2().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 12:19:35 2017 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 17 15:04:50 2017 +0100

    tests: check whether we fallback to CN unconditionally
    
    This is a unit test for:
    "gnutls_x509_crt_check_hostname2: do not fallback to CN unconditionally"
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 17 15:01:12 2017 +0100

    gnutls_x509_crt_check_hostname2: do not fallback to CN unconditionally
    
    Do not fallback to checking the CN of a certificate for a hostname
    if supported names such as IP addresses were found in gnutls_x509_crt_check_hostname2().
    This behavioral change is in order to satisfy the RFC6125 requirement
    of not falling back to CN in that case. Reported by Suphannee Sivakorn.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 17 14:50:10 2017 +0100

    tests: added unit test of GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 17 14:43:36 2017 +0100

    Introduced verification flag GNUTLS_VERIFY_DO_NOT_ALLOW_IP_MATCHES
    
    This flag when provided to the gnutls_x509_crt_check_hostname2() function
    (and its callers), will prevent IP matching of the subject alternative
    name. This can be utilized by applications which directly check for
    IP addresses using gnutls_x509_crt_check_ip().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 17 14:37:21 2017 +0100

    updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 16 11:38:19 2017 +0100

    tests: added unit test for gnutls_x509_crt_check_ip
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 16 10:07:37 2017 +0100

    Added gnutls_x509_crt_check_ip()
    
    This function allows to directly verify IP addresses on a certificate.
    That is a first step towards making gnutls_x509_crt_check_hostname2()
    not verify IP addresses.
    
    Based on discussion and suggestion by Suphannee Sivakorn. See
    https://lists.gnupg.org/pipermail/gnutls-devel/2017-March/008368.html
    
    Relates #185
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 14:07:22 2017 +0100

    tests: added unit test of gnutls_pubkey_verify_data2 override flags
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 13:47:09 2017 +0100

    tests: keygen -> privkey-keygen
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 13:20:02 2017 +0100

    _gnutls_check_key_cert_match: allow broken sigs
    
    That ensures that when loading a certificate pair with SHA1, when
    SHA1 is disabled will not cause the server to fail to load.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 13:14:24 2017 +0100

    .gitignore: more files to ignore
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 13:12:07 2017 +0100

    Use a common function to decide acceptable signatures
    
    That is, ensure that results from all verification functions,
    including gnutls_pubkey_verify_data2(), will be consistent with
    SHA1 and other algorithms deprecation.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 13:01:51 2017 +0100

    check_ocsp_response: utilize the same flags as in certificate verification
    
    That ensures that overrides like using broken algorithms are considered
    in OCSP validation.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 14:34:37 2017 +0100

    extensions: print the name/type of any unexpected extension
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 18 18:12:55 2017 +0100

    tests: added script to check pkg-config operation
    
    That is, whether the generated gnutls.pc will function for
    compiling and linking.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 18 17:56:42 2017 +0100

    gnutls.pc: don't pass the libtool vars to Libs.private
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 10:11:54 2017 +0100

    tests: improved tls-rehandshake tests
    
    Used common definitions from cert-common.h for certificates,
    and improved error detection in tls-rehandshake-cert-2.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 09:42:59 2017 +0100

    tests: check whether a rehandshake without a cert works
    
    That is, check whether if on initial handshake the server requests
    a certificate, but on the following rehandshake he doesn't, whether
    the client behaves as expected. This tests:
    1f685db853db6e48c77c6dbde0cdf716a7303baa
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 09:36:18 2017 +0100

    handshake: reset cert request state on handshake init
    
    That addresses a bug which on client side on case of an initial
    handshake with a client certificate, we continue to send this
    certificate even if on rehandshake we were not requested with on.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 21 07:59:37 2017 +0100

    Revert "nettle/rnd: use gettime() instead of gnutls_time()"
    
    This reverts commit c4842a21f65c7fc9a27932eb1792b1fc9e65f722.
    The time() syscall is also implemented as syscall() and is in
    fact performing better than gettime().

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 20 23:00:06 2017 +0100

    README.md: corrected typo [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 20 16:31:42 2017 +0100

    nettle/rnd: use gettime() instead of gnutls_time()
    
    The gnulib gettime() maps to gettimeofday() or clock_gettime()
    which are both implemented as fast system calls - see vdso(7)-
    and as such are available without a switch to kernel mode.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 20 13:29:42 2017 +0100

    doc: updated RNG documentation to reflect the previous changes

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 20 13:23:39 2017 +0100

    nettle/rnd: re-seed both key and nonce levels based on time
    
    The time(0) is quite cheap on modern operating systems, and thus we
    can rely on it to provide improved assurance in the output randomness.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 20 13:13:11 2017 +0100

    nettle/pk: use nonce level for RSA padding
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 18 19:26:02 2017 +0100

    README.md: corrected link for coverage in master [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Martin Storsjo <martin@martin.st>
Date:   Fri Mar 17 23:33:01 2017 +0200

    Avoid deprecation warnings when including gnutls/abstract.h
    
    Since ac3de8f5, when all openpgp functionality was deprecated, a
    library user including gnutls/abstract.h gets warnings about
    deprecated declarations, like this:
    
    gnutls/openpgp.h:328:10: warning: ‘gnutls_openpgp_recv_key_func’ is deprecated [-Wdeprecated-declarations]
              gnutls_openpgp_recv_key_func func) _GNUTLS_GCC_ATTR_DEPRECATED;
    
    This warning is emitted since the gnutls_openpgp_set_recv_key_function
    prototype uses the deprecated typedef gnutls_openpgp_recv_key_func.
    
    By omitting the deprecation attribute from this individual
    typedef, we avoid the spurious warnings in calling code which just
    includes gnutls/abstract.h without actually using anything related
    to openpgp.
    
    Signed-off-by: Martin Storsjo <martin@martin.st>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 17 10:47:33 2017 +0100

    gnutls.h: added definitions to obtain the maximum element in several enumerations
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 16 14:29:10 2017 +0100

    tests: added basic unit tests for several string functions of libs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 24 09:44:55 2017 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 13 22:51:57 2017 +0100

    tests: certtool-crl-decoding: ignore lines warning about SHA1 deprecation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 17:17:32 2017 +0100

    tests: check the flag GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1
    
    In addition verify whether the GNUTLS_VERIFY_ALLOW_BROKEN flag
    works when MD5 is present.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 17:13:48 2017 +0100

    Introduced flag GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1
    
    This allows performing a verification with only SHA1 allowed
    from the broken algorithms. This can be used to fine-tune
    verification in case default verification fails, to detect
    whether the failed algorithm was SHA1.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 17:06:47 2017 +0100

    Introduced the %VERIFY_ALLOW_BROKEN priority string option
    
    This allows enabling broken signature algorithms in certificate verification.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 17:00:22 2017 +0100

    Allow reverting the SHA1 ban as a signature algorithm
    
    This allows distributors to decide not to ban SHA1. This
    option may be removed in the future.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 24 12:36:46 2017 +0100

    p11tool: test-sign operation using SHA256 instead of SHA1
    
    This avoids the errors returned from the verification functions due to
    SHA1 usage.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 24 09:42:26 2017 +0100

    tests: updated to account SHA1 move to broken set
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 24 08:35:34 2017 +0100

    algorithms: tag SHA1 as insecure algorithm
    
    Although SHA1 was considered to be risky to use the past few years,
    there has been no demonstration of breakage. As of 2017-2-23 there has
    been a demonstrated collision in SHA1, and even though the attack was
    a costly one, it provided the incentive to should move SHA1 into
    the broken hashes list together with MD5 and MD2.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 16 14:02:05 2017 +0100

    README.md: updated coverage links [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 16 08:25:52 2017 +0100

    tests: removed unneeded ifdef in tlsext-decoding.c
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 16 09:04:24 2017 +0100

    doc: updated RNG design
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 15 14:21:43 2017 +0100

    nettle/rnd: introduced time limit for key generator
    
    That is, force re-key of the KEY and RANDOM PRNG after 2 hours
    of operation, irrespective of the amount of data having been output.
    At the same time, increase limits for key and nonce generators,
    to prevent a large amount of system calls in busy servers.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 15 15:11:14 2017 +0100

    _gnutls_pk_generate_keys: separate between ephemeral and long-term keys
    
    That allows using the faster generator for ephemeral keys.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 15 14:46:54 2017 +0100

    nettle/pk: use the nonce level for digital signatures
    
    That is, we do not really require high quality secret data for the generation
    of signatures. A better approach would be to switch to predictable signatures (RFC6979).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 15 22:06:59 2017 +0100

    .gitlab-ci.yml: limit submodule update to avoid fetch
    
    This should reduce both the bandwidth and the time of the fetch.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Martin Storsjo <martin@martin.st>
Date:   Wed Mar 15 23:32:12 2017 +0200

    Fix a typo in a variable name in an m4 script
    
    Signed-off-by: Martin Storsjo <martin@martin.st>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Tue Mar 14 19:27:49 2017 +0200

    build: disable valgrind tests by default
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 15 05:17:37 2017 +0100

    .gitlab-ci.yml: ubsan build utilizes -Werror for the library
    
    That brings back the -Werror for building, after its removal from
    clang-analyzer build.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 14 16:43:34 2017 +0100

    .gitlab-ci.yml: remove -Werror compilation from scan-build
    
    When we pass '--status-bugs' to the command in combination with
    '-Werror' in CFLAGS it has the following side effects. In a failed
    due to Werror build, scan-build fails to find any issues, and
    marks the run as successfully completed. Hence, removes the -Werror
    from clang-analyzer.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Mon Mar 13 20:47:02 2017 +0200

    build: tests: resolve as-needed issue with seccomp
    
    Incorrect ordering of -lseccomp:
    <snip>
    -Wl,--as-needed ../lib/.libs/libgnutls.so -lseccomp ./.libs/libutils.a
    ./.libs/libutils.a(seccomp.o): In function seccomp_init'
    seccomp.c:(.text+0x2b): undefined reference to `seccomp_init'
    <snip>
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 13 23:27:14 2017 +0100

    fuzz: Corrected default options in fuzz scripts [ci skip]
    
    This change assumes that afl-fuzz (and not libfuzzer) will be used
    by default.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 13 20:13:49 2017 +0100

    gnutls_pkcs11_privkey_init: document limitation on created object [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 15:21:40 2017 +0100

    pkcs11: re-open privkey session handle on CKR_SESSION_HANDLE_INVALID
    
    When initializing a private key operation, attempt to re-open the key
    if CKR_SESSION_HANDLE_INVALID is received.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 15:15:31 2017 +0100

    tests: pkcs11-mock lib: check object session sanity prior to using it
    
    This avoids crashes when the object is used after a fork but prior
    to the session being re-established.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 9 11:21:50 2017 +0100

    tests: added an OCSP response parsing coverage test
    
    This inputs a large set of valid and invalid OCSP files
    in the OCSP parser with the intention to stress test its
    error checking, and prevent regressions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 9 08:14:32 2017 +0100

    tests: added a certificate parsing coverage test
    
    This inputs a large set of valid and invalid certificates in
    the certificate parser with the intention to stress test its
    error checking, and prevent regressions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 09:39:03 2017 +0100

    .gitignore: more files to ignore
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 09:33:29 2017 +0100

    tests: added unit tests for gnutls_pkcs11_token_get_mechanism
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 09:28:25 2017 +0100

    tests: included unit test for gnutls_pkcs11_obj_export
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 09:23:37 2017 +0100

    tests: added unit test for gnutls_pkcs11_reinit()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 09:17:42 2017 +0100

    tests: added unit tests for gnutls_pkcs11_obj_get_info
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 09:17:07 2017 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 13 09:14:15 2017 +0100

    gnutls_pkcs11_obj_get_info: don't include the terminator into output size
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Mon Mar 13 11:32:07 2017 +0200

    tests: cert-tests: openpgp-certs: align test redirection
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Mon Mar 13 10:45:08 2017 +0200

    tests: suppressions.valgrind: supress fillin_rpath
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Mon Mar 13 11:30:41 2017 +0200

    tests: remove unused suppressions.valgrind
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 12 14:48:19 2017 +0100

    lib: unconditionally enable the self-check functions
    
    These functions were previously made available only in FIPS140-2
    mode. Enabling them unconditionally allows applications to directly
    utilize that functionality for testing the gnutls library.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 12 14:43:00 2017 +0100

    tests: added unit test for gnutls_pkcs11_get_pin_function
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 12 14:29:14 2017 +0100

    tests: moved ocsp-tests to main directory
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 10 17:37:10 2017 +0100

    pkcs11: re-open private key session inside a locked section
    
    This prevents clashes when the same operation is carried in other
    threads.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 10 17:12:50 2017 +0100

    pkcs11: introduced locks to PKCS#11 private key structure
    
    This allows to run PKCS#11 private key operations such as signing
    and decryption in parallel.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 10 17:04:20 2017 +0100

    tests: introduced check for parallel operation (signatures) in PKCS#11 mode
    
    That is, verify that parallel signatures using a single gnutls_pkcs11_privkey_t
    context work.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sun Mar 12 15:05:41 2017 +0200

    tests: scripts: suppress which errors
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 11 12:08:21 2017 +0100

    pkcs11: during scan, leave the provider loop asap
    
    This optimizes access when multiple provider modules are available,
    by avoiding scanning irrelevant ones.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Sat Mar 11 10:28:50 2017 -0500

    Do not attempt to parse a 32-bit integer if a packet is not 4 bytes.
    
    This addresses:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=824
    
    Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 9 15:50:24 2017 +0100

    fuzz: document how to run AFL [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 9 10:57:28 2017 +0100

    fuzz: added initial corpus for the OCSP request parser
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 17:09:59 2017 +0100

    fuzz: added initial corpus for OCSP response parser
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 17:01:59 2017 +0100

    fuzz: added OCSP structure parsers
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 16:51:39 2017 +0100

    fuzz: increased minimized set of X.509 certificates
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 9 12:57:41 2017 +0100

    PKCS8/PKCS12: enforce a maximum number of iterations
    
    This prevents denial of service through very large iteration
    counts. Issue found via oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=434
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Wed Mar 8 14:52:38 2017 -0500

    Do not attempt to parse a 32-bit integer if a packet is not 4 bytes.
    
        This addresses:
          https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=737
    
    Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 9 11:25:54 2017 +0100

    Revert ".gitlab-ci.yml: include coverage statistics of FIPS140-2 code"
    
    This reverts commit 603772688c4e37dae437b4cede12e25b9dd9f678.
    The commit introduced a long wait for the coverage build without
    and significant benefit (the extend of the FIPS140 code is limited
    to have any impact on the overall coverage).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 9 10:52:59 2017 +0100

    sysrng-linux: define _rnd_get_system_entropy unconditionally
    
    This fixes compilation in systems without getrandom().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 16:00:02 2017 +0100

    tests: dtls-stress: use X.509 certificates instead of openpgp
    
    This will allow the test tool to operate even after openpgp certificates
    are deprecated.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 7 22:52:31 2017 +0100

    .gitlab-ci.yml: added build without openpgp support
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 11:32:31 2017 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 7 22:36:16 2017 +0100

    Added openpgp stub file
    
    That allows disabling openpgp authentication and at the same time
    retaining ABI compatibility with versions including openpgp.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 15:00:06 2017 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 14:58:14 2017 +0100

    tests: split PKCS#12 encoding from decoding tests
    
    Enhanced PKCS#12 encoding tests, with the encoding of a file
    which contains a cert, a key and a CRL.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 14:47:20 2017 +0100

    tests: added PKCS#12 file decoding containing a CRL
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 14:40:15 2017 +0100

    certtool: enhance to allow writing CRLs in PKCS#12 files
    
    In addition fallback to DER when --load-crl fails importing a PEM
    encoded CRL due to PEM issues.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 14:21:30 2017 +0100

    tests: added CRL decoding unit tests using certtool
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 14:04:32 2017 +0100

    tests: enhanced basic tests in CRL parsing
    
    That tests gnutls_x509_crl_get_crt_serial().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 13:50:55 2017 +0100

    Rewritten gnutls_x509_rdn_get() and gnutls_x509_rdn_get2()
    
    The new code re-uses the gnutls_x509_dn APIs instead of re-implementing.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 13:43:36 2017 +0100

    tests: added checks for the old DN decoding functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 7 22:39:20 2017 +0100

    tests: do not run tests which require openpgp when it is disabled
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 7 22:47:55 2017 +0100

    .gitlab-ci.yml: include coverage html output as artifact
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 13:22:59 2017 +0100

    tests: x509-verify: print the keys on failure
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 13:17:15 2017 +0100

    gnutls_privkey_export_x509: doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 13:07:08 2017 +0100

    tests: split sign-verify test to RSA and ECDSA parts
    
    This allows parallelist and also helps identifying easier the
    culprit on an error.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 11:52:25 2017 +0100

    tests: adjusted for the removal of HMAC-MD5
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 11:48:28 2017 +0100

    priority: do not enable HMAC-MD5 by default
    
    While HMAC-MD5 is not yet broken, it is not used by any non-broken
    or non-NULL ciphersuites (is only used with NULL and RC4), and as there
    is not plan to introduce new ciphersuites with that MAC algorithm, there
    is no point to include it in the default set of allowed algorithms.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 7 23:10:43 2017 +0100

    tests: converted FIPS140-2 mode checks in Makefiles to run-time in scripts
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 8 10:48:40 2017 +0100

    gnutls.h: introduced GNUTLS_E_TLS_PACKET_DECODING_ERROR [ci skip]
    
    This is an alias to GNUTLS_E_UNEXPECTED_PACKET_LENGTH. That
    allows distinguishing the alert from GNUTLS_E_RECORD_OVERFLOW.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 7 21:53:51 2017 +0100

    tests: crq: ignore lines for Security Level
    
    This allows running the test under FIPS140-2 mode.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 7 21:39:12 2017 +0100

    ax_code_coverage.m4: updated
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 6 23:21:33 2017 +0100

    .gitlab-ci.yml: initialize submodules where needed (for tlsfuzzer run)
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 6 15:28:01 2017 +0100

    .gitlab-ci.yml: include subdirs of suite/ in artifacts
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 6 23:11:39 2017 +0100

    ext/signature: error on invalid extension format
    
    That is, if an extension containing no signature algorithms is
    encountered, treat that as an error. This is an RFC5246 requirement,
    since the minimum "supported_signature_algorithms" length is 2.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 6 14:30:19 2017 +0100

    _gnutls_proc_x509_server_crt: return GNUTLS_E_CERTIFICATE_ERROR on parsing error
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 6 14:21:45 2017 +0100

    alert: GNUTLS_E_NO_CERTIFICATE_FOUND maps to GNUTLS_A_DECODE_ERROR
    
    This is the closest to use alert when no certificate is found; at least
    it is closer according to tlsfuzzer and rfc5246 text on insuficient_security
    alert.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 6 13:51:33 2017 +0100

    read_client_hello: use integer for extensions size
    
    As we do not read the value directly, but rather assign to it
    the remaining data, we ensure that there are no overflows if
    we have additional data past the extensions field. The integer
    can hold more than 2^24 which is the maximum handshake packet
    size.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 3 16:33:57 2017 +0100

    ext/signature: reject an extension with padded data
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 3 16:18:44 2017 +0100

    ext/signature: reject an extension size of zero
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 3 15:58:19 2017 +0100

    gnutls_record_recv: do not accept a client hello while handshake is in progress
    
    That is, do not return GNUTLS_E_REHANDSHAKE, while we are within
    a handshake process.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 3 15:16:59 2017 +0100

    read_client_hello: fail early on illegally formatted message
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 2 17:57:57 2017 +0100

    _gnutls_parse_extensions: do not fail on empty extensions field
    
    On the other hand, fail if an empty extensions field is seen, but
    the client hello contains data nevertheless, or if the extensions
    field is padded with additional unaccounted data.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 2 17:53:55 2017 +0100

    alert: GNUTLS_E_PK_INVALID_PUBKEY maps to GNUTLS_A_ILLEGAL_PARAMETER
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 2 17:48:31 2017 +0100

    alerts: separated record overflow from decode error alerts
    
    Introduced GNUTLS_E_RECORD_OVERFLOW.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 2 17:42:51 2017 +0100

    auth: failures of _gnutls_mpi_init_scan_nz map to GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER
    
    That ensures that the right alert is send when illegal
    parameters are received (e.g., zero length).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 7 11:49:45 2017 +0100

    doc: updated tlsproxy to latest version

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 18 14:17:18 2016 +0200

    testsuite: added tlsfuzzer
    
    This enhances the testsuite by running all the tlsfuzzer
    fuzzer tests which require no certificates from server.
    
    https://github.com/tomato42/tlsfuzzer

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 7 07:55:10 2017 +0100

    tests: converted compile-time checks for FIPS140 mode to run-time
    
    This allows running the complete test suite even when the library
    is compiled in FIPS140-2 mode, as long as the run-time is not at
    this mode.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 7 07:39:20 2017 +0100

    .gitlab-ci.yml: include coverage statistics of FIPS140-2 code
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 7 07:32:46 2017 +0100

    .gitlab-ci.yml: include FIPS140-2 code into static analyzer runs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 6 22:35:41 2017 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 10:22:04 2017 +0100

    nettle/rnd-fips: combined the FIPS-compliant generators to two
    
    This brings the FIPS generators in par with the non-FIPS chacha-based ones.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 10:18:14 2017 +0100

    nettle/rnd: use two random generators instead of 3
    
    That combines the levels GNUTLS_RND_RANDOM and GNUTLS_RND_KEY, while
    at the same time makes sure that backtracking is impossible on the
    GNUTLS_RND_KEY level, by reinitializing the RNG after a call requesting
    data for the GNUTLS_RND_KEY level.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 10:04:18 2017 +0100

    doc: updated the PRNG documentation to utilize two PRNG instances
    
    Also move the random generator discussion to internals section.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 27 11:37:39 2017 +0100

    doc: document the state of PRNG in GnuTLS 3.6.0
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 27 11:51:18 2017 +0100

    nettle/pk: corrected call to gnutls_rnd() for rnd_nonce_func
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 26 20:07:41 2017 +0100

    tests: decoupled the random generator operational tests from the forking ones
    
    That also corrects the fact that not all tests were run for all generators,
    and allows to run the tests in parallel.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 26 19:56:09 2017 +0100

    nettle/rnd: specify different limits for rekey in PRNGs
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 26 19:20:16 2017 +0100

    nettle/pk: use the GNUTLS_RND_RANDOM level for DH/DSA params
    
    This are not long term keys and do not require the key level.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 26 19:16:32 2017 +0100

    tests: added check to verify that including crypto.h is sufficient
    
    That is, sufficient to use its functionality, and including additional
    headers isn't necessary.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 26 19:11:51 2017 +0100

    crypto.h: include gnutls.h to obtain required types
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 23 10:44:43 2017 +0100

    rnd: reduce calls to _rnd_get_system_entropy
    
    That is, no longer obtain the initial nonces for the RNG
    via _rnd_get_system_entropy() but instead use time-based ones
    which are typically faster kernel calls. This reduces the number
    of expensive system calls done during thread and
    process initialization.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 21 11:48:08 2017 +0100

    rnd: when reseeding the generators use the next best generator
    
    That is, use the RANDOM level to obtain keys to reseed the
    NONCE level, and the KEY level to reseed the RANDOM. The KEY
    level is reseeded using the system random generator.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 21 11:11:31 2017 +0100

    tests: verify whether crypto operations fail
    
    That is verify whether a signature operation will fail if
    the library is in error state.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 21 11:05:48 2017 +0100

    Added _gnutls_lib_force_operational
    
    This allows recovering from _gnutls_lib_simulate_error() which in
    turn allows more advanced tests. Not documented, and intended to
    be an internal symbol only.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 21 10:56:44 2017 +0100

    pk: always use _gnutls_switch_lib_state
    
    This avoids relying on abort() for RNG errors in PK wrappers.
    We use instead the library state originally added for FIPS140-2
    support, and if the state indicates failure the operation will
    fail.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 21 10:43:56 2017 +0100

    rnd: switched to 3 chacha-based PRNGs for all security levels
    
    Chacha was selected because it is already present in TLS protocol
    as algorithm, meaning that re-using would improve CPU caching,
    and it is a comparable in performance algorithm to the existing
    PRNG used for nonces (salsa20). The yarrow generator was removed
    because we are primarily seeding from system devices which are
    sufficiently trustworthy to offload us from coping with the
    handling of multiple sources of input. As such it allows
    us to switch to a simpler PRNG such as a stream cipher like Chacha.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sun Feb 19 10:40:44 2017 +0100

    rnd: aligned type of data counter with input data type (size_t)
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sun Feb 19 09:57:39 2017 +0100

    random: keep global list of initialized contexts
    
    This allows to properly deinitialize all random generator
    contexts on library deinitialization.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Feb 18 21:47:33 2017 +0100

    rnd: removed call of _rnd_system_entropy_deinit on deinit
    
    This was already being done in _gnutls_rnd_deinit().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 27 13:52:23 2017 +0100

    Removed locks from internal rng
    
    Also made the rng back-end to be thread-safe.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 27 10:21:56 2017 +0100

    Use a thread local random generator.
    
    This allows accessing the per-thread random generator in
    a lock-free way, at the cost of additional memory per thread.
    The default random generator imposes around 640 bytes per thread
    on 64-bit architectures.
    
    Resolves: #141
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 6 07:38:20 2017 +0100

    Makefile.am: added missing file
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 6 06:58:29 2017 +0100

    .gitlab-ci.yml: execute initialization stage unconditionally [ci skip]
    
    This step is required both in tags and commit runs.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 5 18:22:04 2017 +0100

    datum.h: documented behavior of datum functions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 5 18:17:36 2017 +0100

    _gnutls_set_strdatum: always return an allocated string on success
    
    That prevents returning NULL to functions which require a string.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Sun Mar 5 02:21:30 2017 +0000

    Enforce the max packet length for OpenPGP subpackets as well
    
    This addresses:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=392
    
    Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 5 08:08:10 2017 +0100

    doc: corrected typo [ci skip]
    
    It was pointed out by morozov@eags.ru.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 3 09:31:37 2017 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 3 09:29:12 2017 +0100

    tests: do not generate certificates with serial being zero
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 3 08:48:41 2017 +0100

    tests: check whether a certificate with illegal version is rejected
    
    That is, whether a certificate with version zero fails to import.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 3 08:38:01 2017 +0100

    gnutls_x509_crt_set_version: do not allow writing illegal versions
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 3 08:28:47 2017 +0100

    x509: reject illegal certificate versions
    
    Resolves #182
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 3 08:44:41 2017 +0100

    gnutls_x509_crt_set_serial: refuse to write all-zero serial number
    
    This is prohibited by RFC5280.
    
    Relates #181
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 3 08:27:23 2017 +0100

    gnutls_x509_crt_set_serial: document the 20-byte limit for serial sizes
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 12:51:47 2017 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 11:59:50 2017 +0100

    tests: chainverify: incorporated the tests for unknown critical extensions
    
    These check whether unknown critical extensions are detected during verification,
    and whether the flag GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS, is honored
    during verification.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 11:47:17 2017 +0100

    x509.h: introduced flag GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS
    
    That flag signals the verification process, not to fail on unknown critical
    extensions. This can be used when the critical extension checking in a chain
    is handled externally.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 27 16:54:33 2017 +0100

    tests: verify that critical extensions can be stored
    
    That is, ensure that we don't repeat the regression of
    certtool not processing free-form critical extensions when no
    other free-form extensions are present.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 27 15:50:44 2017 +0100

    tests: added verification for unknown critical extensions
    
    This tests whether unknown critical extensions will cause a verification
    failure.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 27 14:48:37 2017 +0100

    x509/verify: refuse to verify certificates with unknown critical extensions
    
    That is, introduced flag GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS, which is
    set when the chain under verification contains unsupported extensions marked
    as critical.
    
    Resolves: #177
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 10:17:41 2017 +0100

    .gitlab-ci.yml: run tests under a FIPS140 mode simulation
    
    That is, in FIPS140-2/Fedora/x86_64 build, run tests under a normal
    run (when library is compiled with FIPS140-2 support but not enabled
    on run time), and also run tests under a run-time that simulates
    FIPS140-2 support.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 17:13:37 2017 +0100

    crypto-self-tests: modified exported functions to work under fips140-2 mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 15:52:13 2017 +0100

    tests: skip tests which cannot be run in FIPS140-2 mode
    
    This allows the test suite to be run in FIPS140-2 mode.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 15:42:25 2017 +0100

    _gnutls_pk_params_copy: copy the provable algorithm used
    
    This is affected utilization of generated RSA keys under FIPS140-2 mode
    which utilizes provable generation.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 14:31:30 2017 +0100

    gnutls_session_ticket_key_generate: fixed operation under FIPS140-2 mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 14:05:31 2017 +0100

    tests: priorities: enhanced for test to work under FIPS140-2 mode
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 13:46:43 2017 +0100

    gnutls-cli: print the ciphers, MACs and KXs when priority string is given
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 1 13:39:39 2017 +0100

    gnutls_priority_get_cipher_suite_index: do not return values for non-existent ciphers
    
    That is, do return only the enabled algorithms in states like FIPS140-2,
    rather than returning the set that would have been enabled if these
    restrictions wouldn't be in place.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 28 15:46:07 2017 +0100

    README.md: removed info that gnutls is a gnu project [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 28 15:33:45 2017 +0100

    tests: doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 1 07:58:04 2017 +0100

    tests: added test cases with invalid openpgp certs
    
    These certificates contain invalid secret key sub-packets.
    These trigger invalid memory accesses:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=360
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=354
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 1 07:54:04 2017 +0100

    opencdk: do not parse any secret keys in packet when reading a certificate
    
    This reduces the attack surface on the parsers, and prevents any bugs
    in the secret key parser to be exploitable by inserting secret key
    sub-packets into an openpgp certificate.
    
    This addresses:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=354
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=360
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 28 10:32:38 2017 +0100

    tests: crt_apis: added tests for writing/reading unique IDs
    
    That is check the functionality of:
     - gnutls_x509_crt_get_subject_unique_id
     - gnutls_x509_crt_get_issuer_unique_id
     - gnutls_x509_crt_set_issuer_unique_id
     - gnutls_x509_crt_set_subject_unique_id
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 28 10:59:28 2017 +0100

    Added _gnutls_idna_email_reverse_map
    
    This allows printing the reverse map of an IDNA-encoded email.
    Modified x509/output to include this decoding for RFC822Name.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 28 10:47:03 2017 +0100

    x509/output: Cleanup in IDNA name printing
    
    That also removes the incorrect mapping to IDNA punycode when the
    input is not printable.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 28 08:48:24 2017 +0100

    tests: added test for interactive creation of a request
    
    Relates #179
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 28 08:24:30 2017 +0100

    certtool: removed limits in interactive input
    
    That removes the limits when reading most of the interactive input.
    The read_str() function due to its dependence on static variable remains
    with a limit, but will output an error if the input string exceeds size.
    
    Resolves #179
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 28 08:00:56 2017 +0100

    certtool: increased buffer for reading from user
    
    This allows reading longer than 128-byte fields interactively.
    The new limit is 512-bytes.
    
    Relates #179
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 27 08:23:47 2017 +0100

    tests: added certificate generation with very long DNS and CN name
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 27 15:58:53 2017 +0100

    gnutls_x509_crt_get_extension_info: fixed function to comply with documented approach
    
    That is, do not include the trailing NULL byte size in the
    size of the object identifier.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 27 16:47:55 2017 +0100

    certtool: store critical extensions even if no other extension are present
    
    That is, fix a bug which prevented critical extensions to be stored
    if no other free-form extensions were specified.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 27 15:06:57 2017 +0100

    x509/name_constraints: documented return values and corrected return type
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 24 09:24:19 2017 +0100

    gnutls_ocsp_resp_verify_direct, gnutls_ocsp_resp_verify: defined flags argument
    
    That was defined to be gnutls_certificate_verify_flags, and
    it allows passing verification flags, such as flags to allow
    broken algorithms.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 24 09:09:10 2017 +0100

    is_level_acceptable: no longer checks for broken algorithms
    
    This is done at is_broken_allowed(), and in fact checking them in
    is_level_acceptable() creates a conflict when overrides like flag
    GNUTLS_VERIFY_ALLOW_BROKEN is used.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 24 08:57:27 2017 +0100

    gnutls_store_commitment: introduced flag GNUTLS_SCOMMIT_FLAG_ALLOW_BROKEN
    
    This flag allows operation of the function even with broken algorithms.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 24 08:46:01 2017 +0100

    verify: is_broken_allowed: account for "new" flag GNUTLS_VERIFY_ALLOW_BROKEN
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 24 09:53:26 2017 +0100

    devel/fuzz: added necessary casts for compilation [ci skip]
    
    Also added the IDNA targets to makefile's default target.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 24 07:56:50 2017 +0100

    devel/fuzz: include string.h for strlen() [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Feb 23 18:05:09 2017 +0100

    devel/fuzz: IDNA fuzzers: removed printf [ci skip]
    
    see request in:
      https://github.com/google/oss-fuzz/issues/417
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 23 11:08:34 2017 +0100

    tests: added test case with invalid openpgp cert
    
    This triggers an invalid memory access:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=391
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 23 11:10:04 2017 +0100

    opencdk: read_attribute: account buffer size
    
    That ensures that there is no read past the end of buffer.
    
    Resolves the oss-fuzz found bug:
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=391
    
    Relates: #159
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 23 13:35:42 2017 +0100

    gnutls-cli-debug: fixed protocol to port discovery
    
    That is, if --starttls-proto is provided the default port
    selected will be converted to host byte order as expected.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 23 13:11:45 2017 +0100

    pk.c: fixed memory leak on DSS signature decoding
    
    Detected using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=676
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 23 13:07:47 2017 +0100

    tests: added client reproducer for memory leak
    
    That reproduces a memory leak detected in the client code path.
    Detected using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=676
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 23 12:34:28 2017 +0100

    tests: update to take into account the removal of random art
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 23 10:26:04 2017 +0100

    x509/output: No longer include public key's random art
    
    That is in order to reduce bloat in the output, which already
    contains many identifiers for public key.
    
    See mailing list discussion at:
    https://lists.gnupg.org/pipermail/gnutls-devel/2017-February/008324.html
    https://lists.gnupg.org/pipermail/gnutls-devel/2017-February/008329.html
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 22 17:02:33 2017 +0100

    tests: updated to include the pin-sha256 in output
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 22 16:47:02 2017 +0100

    tests: updated to take into account the pin-sha256 oneline output
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 22 11:11:06 2017 +0100

    x509/output: print key PIN on oneline output
    
    That is, instead of the public key ID. The key PIN due to HPKP
    is now more widely used than hex-based key IDs.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 22 11:06:51 2017 +0100

    x509/output: print the public key PIN of a certificate
    
    That is, print the value used by the HPKP protocol as per
    RFC7469.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 23 09:39:28 2017 +0100

    certtool: don't warn when 'uri' is specified on template
    
    Reported at:
    https://bugzilla.redhat.com/show_bug.cgi?id=1425884
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 22 21:53:42 2017 +0100

    .gitlab-ci.yml: ubsan build: fixed artifacts path
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 22 21:45:32 2017 +0100

    tests: split starttls.sh into multiple scripts
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 22 21:29:22 2017 +0100

    tests: pkcs11-import-with-pin: removed invalid conditional macro

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 22 17:38:07 2017 +0100

    tests: added PKCS#11 test for pin input
    
    This introduces a test on PIN input to retrieve an object using
    pin-value and pin-source (file).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 22 21:01:30 2017 +0100

    SECURITY.md: updated after comments from Daniel Berrange [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 21 16:50:22 2017 +0100

    Removed unnecessary entries in pkix.asn and gnutls.asn
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 21 14:20:17 2017 +0100

    nettle/pk: corrected memcpy of Q in DSA params
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 08:02:02 2017 +0100

    crypto.h: improved documentation of randomness levels
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 08:01:09 2017 +0100

    nettle/pk: use the appropriate level of randomness for each operation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 08:00:41 2017 +0100

    srp: use nonce level for SRP password randomization
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 21 08:58:16 2017 +0100

    doc: document the use of assert()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 21 08:17:25 2017 +0100

    doc: removed protocol/ directory
    
    While it was used during the first years of development, today
    it is way more easy to access protocol documents via the IETF
    web site.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 21 08:13:56 2017 +0100

    Added SECURITY.md, a description of the security issue handling process
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Feb 20 18:57:56 2017 +0100

    .gitlab-ci.yml: require clang analyzer build to be warning free
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Feb 20 18:53:01 2017 +0100

    configure: no longer use -Wframe-larger-than
    
    We do not require a specific stack size, and there is legacy
    code which utilizes large stack sizes. As such remove the
    warnings to allow for a warning free compilation.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Feb 20 18:50:40 2017 +0100

    pkcs11: avoid calling memcpy will null options
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 16:41:46 2017 +0100

    preinitialize variables to work-around warnings with clang
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 15:05:57 2017 +0100

    eliminated dead code as indicated by clang scan-build
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 15:02:22 2017 +0100

    pkcs7: corrected error checking in write_signer_id
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 14:18:25 2017 +0100

    preinitialize variables to work-around warnings with clang's scan-build
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 14:03:40 2017 +0100

    eliminated various clang warnings with non-null arguments
    
    That is, use assert() to ensure that known to be non-null
    variables will be used as input to functions requiring non-null.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 13:49:55 2017 +0100

    make_printable_string: allow operation with null input
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 13:32:37 2017 +0100

    .gitlab-ci.yml: replaced clang's build with clang analyser's scan-build
    
    This introduces a static analyser pass in the CI.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 13:13:19 2017 +0100

    .gitlab-ci.yml: added cppcheck run
    
    This adds a basic static analysis of the source code.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 11:14:49 2017 +0100

    opencdk/read-packet.c: corrected typo in type cast
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 11:13:08 2017 +0100

    cdk_pkt_read: enforce packet limits
    
    That ensures that there are no overflows in the subsequent
    calculations.
    
    Resolves the oss-fuzz found bug:
    https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420
    
    Relates: #159
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 20 11:01:07 2017 +0100

    tests: added test case with invalid openpgp cert
    
    That triggers a heap buffer overflow:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Robert Scheck <robert@fedoraproject.org>
Date:   Sun Feb 19 22:50:30 2017 +0100

    Add LMTP, POP3, NNTP, Sieve and PostgreSQL support to gnutls-cli
    
    Add LMTP (RFC 2033), POP3 (RFC 2595), NNTP (RFC 4642), Sieve (RFC 5804) and PostgreSQL support to gnutls-cli ("--starttls-proto").
    
    Signed-off-by: Robert Scheck <robert@fedoraproject.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sun Feb 19 17:31:52 2017 +0100

    README.md: added CII best practices badge [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Rical Jasan <ricaljasan@pacific.net>
Date:   Fri Feb 17 21:22:19 2017 -0800

    tests: Improve port-checking infrastructure.
    
    The test suite unnecessarily failed on systems without netstat because
    it was assumed to be present.  Instead of simply checking for its
    presence and indicating an unsupported test, however, the ss utility
    can be used as a drop-in replacement.  When netstat/net-tools is not
    present, the ss utility from iproute2 still stands a fair chance of
    existing, and they also have similar enough semantics that they can be
    used interchangeably in the test suite.
    
    The functions in tests/scripts/common.sh that used netstat
    (wait_for_port, wait_for_free_port) now use new functions,
    check_if_port_in_use and check_if_port_listening, to abstract the call
    to netstat/ss.  The eval'd variable GETPORT also used netstat, and has
    been updated accordingly.
    
    The new port-checking functions use another new function,
    have_port_finder, which takes care of the details of selecting ss
    (preferred) or netstat, or fails otherwise.
    
    Signed-off-by: Rical Jasan <ricaljasan@pacific.net>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sun Feb 12 19:48:19 2017 +0200

    build: doc: install images also into htmldir
    
    images are required also by the html documentation.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 15:37:42 2017 +0100

    .gitlab-ci.yml: corrected coverage build
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Feb 18 07:23:18 2017 +0100

    .gitlab-ci.yml: remove submodule update from main build
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 17:40:27 2017 +0100

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 17:38:23 2017 +0100

    Makefile: improved symbols extraction
    
    That is, do not include non-function names.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 15:35:41 2017 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 15:31:02 2017 +0100

    tests: ignore sanity checks in broken cert test
    
    This allows the existing reproducers which contain certificates which
    are rejected by sanity checks, to still be used to detect regressions.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 15:26:56 2017 +0100

    Added gnutls_x509_crt_set_flags()
    
    This functions allows specifying flags to the certificate object.
    In particular it allows the single flag GNUTLS_X509_CRT_FLAG_IGNORE_SANITY
    which allows to ignore sanity checks at the import of the certificate.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 15:20:44 2017 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 15:14:38 2017 +0100

    Introduced GNUTLS_E_CERTIFICATE_TIME_ERROR error code
    
    This error code indicates an issue in the time fields of certificate.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 11:49:48 2017 +0100

    x509/output: properly indicate error in Time fields
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 11:33:56 2017 +0100

    x509/time: refuse importing certificates with invalid Time fields
    
    That will refuse to import certificates which their time field
    is not in GMT, or contain fractional seconds.
    
    Resolves: #169
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 11:26:33 2017 +0100

    _gnutls_x509_generalTime2gtime: refuse to parse fractional seconds
    
    Fractional seconds in GeneralizedTime are prohibited by RFC5280.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 11:25:15 2017 +0100

    tests: enhanced test suite to include invalid X509v3 cert
    
    That certificate contains a GeneralizedTime with fractional
    seconds.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 15:10:40 2017 +0100

    gnutls_x509_crt_list_import: fixed leak on import failure

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 10:39:21 2017 +0100

    tests: enhanced test suite to include creation of invalid certificates
    
    That is, check whether the creation of invalid V2 or V1 certificates
    will be detected, and that the correct error codes are returned.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 10:06:58 2017 +0100

    gnutls_x509_crt_sign2: refuse to sign invalid X.509 certificates
    
    That is, do not sign X.509 certificates which have fields that
    shouldn't be present on their corresponding version.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 10:04:52 2017 +0100

    gnutls_x509_crt_import: reject X.509v1 certificates with invalid fields
    
    Refuse to import X.509v1 certificates which have fields that didn't
    exist in X.509v1 specification. That is the issuerUniqueID and
    subjectUniqueID fields.
    
    Resolves: #168
    Resolves: #167
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 17 09:56:24 2017 +0100

    tests: enhanced test suite to include invalid V1 certs
    
    That is, added X.509v1 certificates with attributes that shouldn't
    have been presented (valid for X.509v2 only).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 15 18:42:22 2017 +0100

    gnutls.pc: do not include libidn2 in Requires.private
    
    The libidn2 versions available do not include libidn2.pc,
    thus the inclusion was causing problems when using pkg-config.
    Instead we include -lidn2 in Libs.private.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 12 11:01:46 2017 +0100

    .gitlab-ci.yml: Re-organized stages
    
    The less CPU intensive tasks were moved to earlier stage, and the
    CPU intensive tasks are only spawned only after basic syntax and
    ABI checks have succeeded.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 12 09:42:15 2017 +0100

    gnutls.h: corrected typo [ci skip]

Author: Marcin Cieślak <saper@saper.info>
Date:   Thu Feb 9 00:26:16 2017 +0000

    <alloca.h> only if HAVE_ALLOCA_H
    
    FreeBSD does know alloca() but has no such header
    
    Signed-off-by: Marcin Cieślak <saper@SAPER.INFO>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sun Feb 5 11:41:41 2017 +0100

    doc: document the intention of the priority string usage [ci skip]
    
    This documents the gnutls_set_default_priority() function, and
    how it is intended to be combined with an application that utilizes
    priority strings.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 24 15:51:17 2016 +0100

    doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 28 08:57:16 2016 +0100

    tests: modified tests for the disablement of 3DES
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 24 15:50:11 2016 +0100

    Removed support for the 3DES cipher by default
    
    That is a legacy cipher that is no longer needed to be
    included as backup cipher.
    
    Resolves #120
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Feb 2 22:59:43 2017 +0100

    x509: optimize subject alternative name access
    
    That reads SAN and IAN early on import, significantly reducing
    the running time of functions which iterate over the alternative
    names of a certificate, e.g., gnutls_x509_crt_check_hostname().
    
    Relates #165
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Feb 4 14:28:30 2017 +0100

    .travis.yml: list all logs on failure
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Feb 4 14:01:36 2017 +0100

    tests: enable all IDNA tests when compiled with libidn2
    
    Keep IDNA2003-only tests on the ifdef HAVE_LIBIDN.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Feb 4 07:50:03 2017 +0100

    .travis.yml: updated instructions for travis builds
    
    Removed unbound and other minor fixes.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 3 23:28:01 2017 +0100

    extras/hex.h: do not use strlen as variable name
    
    That is, do not utilize a standard C function name as variable name.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 3 23:11:27 2017 +0100

    gnutls_pkcs11_obj_list_import_url4: always return an initialized pointer
    
    When returning success, but no elements, gnutls_pkcs11_obj_list_import_url4,
    could have returned zero number of elements with a pointer that was uninitialized.
    Ensure that an initialized (i.e., null in that case), pointer is always returned.
    Reported by Jeremy Harris.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Feb 3 00:08:19 2017 +0100

    .gitlab-ci.yml: use libidn2 on windows builds
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 2 11:26:18 2017 +0100

    gnutls_heartbeat_allowed: corrected type on dummy wrapper
    
    That is, when compiling without heartbeat support, compilation
    could fail due to the dummy wrapper not returning the right
    type.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 2 08:27:14 2017 +0100

    Address test suite failure due to timezone differences.
    
    Reported by Thorsten Glaser and Andreas Metzler.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 31 17:06:16 2017 +0100

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 31 07:38:50 2017 +0100

    gnutls_heartbeat_allowed: corrected return type
    
    This reflects better the fact that this function returns
    a boolean.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 28 09:26:05 2017 +0100

    _idn2_to_unicode_8z8z: do not err on mixed IDNA domains
    
    That is allow domains of the form 'großes.xn--fa-hia.de'. The
    drawback is that we may not err early on invalid formatted
    names. We however delegate any such decisions to libidn2.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 27 10:07:28 2017 +0100

    README.md: added link to travis build for 3.5.x [ci skip]
    
    In addition to adding a link to travis build for 3.5.x branch removed
    link on 3.4.x branch. It is no longer active.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 26 14:49:33 2017 +0100

    heartbeat extension: doc update
    
    Document how to calculate the total TLS data transmitted.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 26 13:21:39 2017 +0100

    str-idna: improved error handling
    
    In addition to detecting input with invalid characters in _idn2_to_unicode_8z8z(),
    we also add support for case insensitive punycode header.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 25 15:45:57 2017 +0100

    Updated auto-generated files
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 25 03:35:54 2017 +0100

    str-idna: cleanups in IDNA handling
    
    Ensure safe operation even with broken libidn2, and make
    sure that we properly allocate memory to caller, even on complex
    library configuration.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 24 14:13:21 2017 +0100

    fuzz: added run-afl helper script
    
    This script which allows running the fuzzying tests
    locally using american fuzzy lop.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 24 13:50:59 2017 +0100

    fuzz: Added IDNA encoding/decoding fuzzying units
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 24 13:43:54 2017 +0100

    Move IDNA functionality to str-idna.c from str-unicode.c
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 24 08:57:52 2017 +0100

    tests: use the exported API for IDNA testing
    
    In addition group together the tests which require libidn2 >= 0.14.
    This allows the tests to succeed.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 24 08:55:06 2017 +0100

    tools: depend on gnutls_idna_map() instead of using directly libidn/libidn2
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 24 08:50:54 2017 +0100

    Exported gnutls_idna_map() and gnutls_idna_reverse_map()
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 24 07:56:12 2017 +0100

    .gitlab-ci.yml: added run with IDNA2003
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 24 18:59:51 2017 +0100

    tests: simplified str-idna
    
    This separates the directions that are tested (utf-8 -> punycode
    and vice versa).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 24 07:52:23 2017 +0100

    configure: added flag to force IDNA2003
    
    That allows to compile with libidn even if libidn2 is present, and
    can be used to check IDNA2003 support.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sat Jan 21 23:14:46 2017 +0100

    Add support for libidn2 (IDNA 2008 + TR46)
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 25 08:55:40 2017 +0100

    pkcs7 decryption: addressed memory leak in PBES1-DES-CBC-MD5 handling
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 25 09:46:00 2017 +0100

    minitasn1: updated to libtasn1 4.10

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 25 03:24:34 2017 +0100

    configure: do not disable valgrind tests unless explicitly specified
    
    ... or unless we are in release build.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 24 16:28:41 2017 +0100

    Makefile.am: increased the number of releases to perform ABI checks with
    
    That is added 3.4.0, 3.4.17 and 3.5.8.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 20 16:55:26 2017 +0100

    tests: verify that a written certificate will inherit its ID from privkey
    
    That is, whether p11tool will do the right thing and figure the proper
    ID to use for a certificate object, if the public key is available.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 20 16:33:03 2017 +0100

    p11tool: re-use ID from corresponding objects when writing certificates
    
    That is when writing a certificate which has a corresponding public key,
    or private key in the token, ensure that we use the same ID for the
    objects. That eases the work of someone writing objects to certificates,
    and does not require him to manually detect the object IDs.
    
    Resolves #160
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Fri Jan 20 19:18:09 2017 +0200

    .gitlab-ci.yml: add Fedora/x86_64/no-tools
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Fri Jan 20 23:12:36 2017 +0200

    valgrind: support separate builddir for suppressions.valgrind
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Fri Jan 20 21:14:22 2017 +0200

    configure: remove void statement
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Fri Jan 20 23:39:41 2017 +0200

    tests: skip tests that requires tools if tools are disabled
    
    building with --disable-tools should not cause test failure.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 22 00:59:41 2017 +0100

    doc: improved documentation on DH parameters [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 20 14:36:51 2017 +0100

    Revert "tests: suite: pkcs11: skip if no softhsm"
    
    This reverts commit 276a6ee44d80d4d3b144a78794020c177be8f0ea.
    The reason is to avoid having changes in softhsm packaging, result
    to skipping large parts of the test suite without someone noticing.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 19 09:28:08 2017 +0100

    _decode_pkcs8_dsa_key: ensure that the P value is non-zero
    
    When decoding a DSA private key, and constructing the public key
    ensure that P is non-zero, and thus can be used as modulus.
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=393
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 19 09:24:19 2017 +0100

    tests: added private key causing FPE
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=393
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 19 09:20:28 2017 +0100

    _gnutls_decrypt_pbes1_des_md5_data: ensure that encrypted data size is a multiple of blocksize
    
    That prevents incorrect data reaching nettle which has only
    assertion checks (leading to an abort).
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=389
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 19 09:14:29 2017 +0100

    tests: added PKCS#8 key which causes undefined behavior on import
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=389
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 19 09:08:49 2017 +0100

    tests: added certificate which reproduces a leak in gnutls_x509_ext_import_aia
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=385
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 19 09:08:04 2017 +0100

    x509: eliminated memory leak on gnutls_x509_ext_import_aia
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=385
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 17 15:08:29 2017 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 18 13:51:32 2017 +0100

    tests: added check which ensures a client cannot receive during handshake
    
    Relates #158
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 18 09:51:35 2017 +0100

    tests: added check which ensures a client cannot transmit during handshake
    
    Relates #158
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 17 15:28:05 2017 +0100

    tests: cleanup error reporting in handshake-false-start

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 18 13:47:02 2017 +0100

    Refuse to receive data during handshake
    
    This prevents buggy applications from receiving non-authenticated data
    that may have arrived during the handshake.
    
    Relates #158
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 17 15:05:35 2017 +0100

    Refuse to send data during handshake
    
    That prevents buggy applications from transmitting sensitive data during
    handshake.
    
    Resolves #158
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 15 10:40:02 2017 +0100

    Disable AVX support when it is not supported by the CPU
    
    This mostly affects virtual systems. Reported by Frank Chen.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 17 13:34:33 2017 +0100

    opencdk: improved error code checking in the stream reading functions
    
    This amends 49be4f7b82eba2363bb8d4090950dad976a77a3a
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 16 17:09:36 2017 +0100

    minitasn1: updated to latest git version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 16 13:01:56 2017 +0100

    doc: removed references to OpenPGP functions and enumerations
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 15 11:11:19 2017 +0100

    doc: removed documentation related to OpenPGP and guile
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 6 08:26:17 2017 +0100

    doc: removed documentation related to OpenPGP
    
    Also added section explaining why OpenPGP is being deprecated.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 6 08:14:09 2017 +0100

    openpgp.h: all openpgp functionality was marked as deprecated
    
    This is to prevent new applications using that functionality.
    As the OpenPGP certificate for HTTPS (or TLS in general) never got
    any traction, GnuTLS is the only implementation supporting it,
    and the quality of the OpenPGP supporting code is questionable,
    we deprecate that code with the intention to drop it completely
    when an opportunity is given.
    
    Relates #102
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jan 9 08:36:02 2017 +0100

    tests: added missing file

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jan 9 08:18:33 2017 +0100

    CONTRIBUTING.md: Improve instructions on git-template [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Thu Jan 5 10:35:29 2017 +0200

    tests: remove bash usage
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Thu Jan 5 14:01:30 2017 +0200

    tests: suite: chain: support separate builddir
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Thu Jan 5 10:34:07 2017 +0200

    tests: skip tests that requires tools if tools are disabled
    
    building with --disable-tools should not cause test failure.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Tue Jan 3 16:46:46 2017 +0200

    gitignore: update [ci skip]
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Tue Jan 3 16:45:19 2017 +0200

    gitignore: sort()
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 15:22:13 2017 +0100

    opencdk: added error checking in the stream reading functions
    
    This addresses an out of memory error. Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=337
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 15:03:12 2017 +0100

    tests: added test case with invalid openpgp cert
    
    This triggers an out of memory error. Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=337
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 14:56:50 2017 +0100

    opencdk: cdk_pk_get_keyid: fix stack overflow
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=340
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 14:48:38 2017 +0100

    tests: added test case with invalid openpgp cert
    
    This triggers a memory error. Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=340
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 14:47:11 2017 +0100

    tests: added test case with invalid openpgp cert
    
    This triggers a memory error. Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=346
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 14:42:03 2017 +0100

    opencdk: read_attribute: added more precise checks when reading stream
    
    That addresses heap read overflows found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=338
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=346
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 14:34:05 2017 +0100

    tests: added test case with invalid openpgp cert
    
    This triggers a memory error. Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=338
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 14:31:26 2017 +0100

    tests: openpgp-cert-parser: simplified

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 09:46:26 2017 +0100

    auth rsa: eliminated memory leak on pkcs-1 formatting attack path
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 09:42:25 2017 +0100

    tests: added reproducer for server issues
    
    This allows to reproduce issues found on server side, by adding
    a transcript in server-interesting. Currently it contains values
    found using oss-fuzz.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 09:32:17 2017 +0100

    _decode_pkcs8_dsa_key: fixed memory leak on error path
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 09:28:23 2017 +0100

    decode_private_key_info: eliminate memory leaks on error path
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 09:26:07 2017 +0100

    _gnutls_x509_read_dsa_params: update params structure parameters size on successful read
    
    That will allow proper deinitialization of the parameters even if
    the structure fill up doesn't succeed.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 09:18:03 2017 +0100

    tests: added test with private key that causes memory leak
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=371
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 09:10:54 2017 +0100

    _gnutls_pkcs12_string_to_key: avoid division by zero when salt_size = 0
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 4 09:07:10 2017 +0100

    tests: added test with PKCS#8 key that signals FPE
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sat Dec 31 05:07:47 2016 +0200

    tests: skip tests that requires tools if tools are disabled
    
    building with --disable-tools should not cause test failure.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Tue Jan 3 14:56:05 2017 +0200

    tests: cert-tests: pkcs12 drop builddir usage
    
    sync with other tests
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Tue Jan 3 14:40:36 2017 +0200

    tests: suite: pkcs11: skip if no softhsm
    
    similar to other tests
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 3 16:10:07 2017 +0100

    gnutls_x509_ext_import_policies: fixed memory leak on error path
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 3 15:53:27 2017 +0100

    tests: added test case with invalid X.509 cert
    
    This triggers a memory leak. Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=294
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 3 15:49:37 2017 +0100

    x509 output: fixed memory leak in AIA extension printing
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 3 15:46:41 2017 +0100

    tests: added test case with invalid X.509 cert
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=300
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 3 15:00:59 2017 +0100

    doc: document how to enhance the testsuite with issues found

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 3 14:37:18 2017 +0100

    status_request: eliminated leak on error path
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=269
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 3 13:49:18 2017 +0100

    proc_server_kx: eliminated leak on error path
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=272
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 3 14:49:03 2017 +0100

    tests: added reproducer for client issues
    
    This allows to reproduce issues found on client handling, by adding
    a transcript in client-interesting. Currently it contains values
    found using oss-fuzz.
    
    The client3.disabled transcript is disabled because it depends
    on a fix in nettle.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 3 13:39:43 2017 +0100

    tests: do not run key-tests under leak sanitizer
    
    The reason is that we cannot distinguish between a memory leak on
    application failure (which is followed by exit- thus should be ignored)
    and an address sanitizer issue (which should never be ignored).
    As such we disable leak detection with asan and rely on valgrind.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 3 13:20:16 2017 +0100

    tests: illegal-rsa: don't hide stderr

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 10:47:24 2017 +0100

    tests: added suite for checking PKCS#7 structure import
    
    The initial (problematic) structures have been obtained from oss-fuzz
    project.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 3 11:39:13 2017 +0100

    fuzz: added basic Makefile to assist in reproducing [ci skip]
    
    Also updated README.md

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 17:24:41 2017 +0100

    Simplified contribution policy [ci skip]
    
    Also added a template to assist in the required steps to contribute.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 17:05:29 2017 +0100

    _gnutls_x509_get_signature: fix memory leak on error path

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 17:04:29 2017 +0100

    tests: added test case with invalid X.509 certificate
    
    This certificate causes a memory leak while printing.
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=280
    
    Relates #156

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 15:07:48 2017 +0100

    valgrind: use different exit code to signify error
    
    This allows the test suite to differentiate between valgrind and expected
    errors from tools.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 15:01:26 2017 +0100

    tests: cert-tests: force asan to return an error code other than one on failure

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 15:00:24 2017 +0100

    gnutls_pkcs8_info: addressed memory leak on error path

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 14:55:14 2017 +0100

    certtool: pkcs8_info_int: fix memory leak

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 13:44:46 2017 +0100

    wrap_nettle_mpi_modm: bail on a modulus that is zero
    
    Relates #156

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 13:32:41 2017 +0100

    tests: added test for invalid private keys
    
    Also force asan to return an error code other than one (the normally
    expected for invalid keys).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 12:02:53 2017 +0100

    x509: address leak in print_altname - cert printing

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 12:03:35 2017 +0100

    tests: added certificate to reproduce memory leak
    
    Found by oss-fuzz project:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=299
    
    Relates #156

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 11:05:21 2017 +0100

    tests: added test case with invalid PKCS#8 data
    
    Issue found using oss-fuzz:
      https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=363
    
    Relates #156

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 11:20:45 2017 +0100

    nettle: added a safety net on wrap_nettle_cipher_setiv()
    
    Return error if attempting to set invalid IV size.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 11:51:10 2017 +0100

    pkcs7 decrypt: require a valid IV size on all ciphers
    
    That is, do not accept the IV size present in the structure as valid
    without checking.
    
    Relates #156

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 13:26:29 2017 +0100

    fuzz: added a PBES1 PKCS#8 private key file into corpus

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 13:23:01 2017 +0100

    pkcs8: pkcs8_key_info() will correctly detect non-encrypted files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 13:19:49 2017 +0100

    certtool: don't print PKCS#8 information when outputting DER data

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Sun Jan 1 09:15:09 2017 -0500

    Corrected a leak in OpenPGP sub-packet parsing.
    
    Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 10:13:48 2017 +0100

    doc: fixed copyright date in gnutls.texi

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 2 08:43:47 2017 +0100

    gnutls_rnd: document the available values of level [ci skip]
    
    This enables using the function by only checking the man page.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 16:45:19 2016 +0100

    pkcs11 verification: ensure that an issuer we retrieve is not blacklist
    
    It may happen in p11-kit trust module that a trusted certificate is
    both in the trusted set, and the blacklisted set. To avoid accepting
    a certificate when in both sets, we always check whether a trusted
    issuer certificate is in the blacklisted set.

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Fri Dec 30 21:17:22 2016 -0500

    Attempt to fix a leak in OpenPGP cert parsing.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 31 14:57:57 2016 +0100

    tests: enable all the ciphersuite in openssl cli for DSS checks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 31 11:48:44 2016 +0100

    certtool: improved error reporting on file error

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 31 13:27:10 2016 +0100

    tests: don't check against 3DES if disabled in openssl

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 31 13:25:23 2016 +0100

    tests: do not pass the -dhparams to openssl 1.1.0; it doesn't work

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 31 12:14:44 2016 +0100

    tests: simplified DH params format
    
    Also switch to RFC7919 DH params.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 31 12:13:20 2016 +0100

    tests: corrected type in openssl compat tests

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 31 12:12:33 2016 +0100

    tests: added common variable for DH parameters

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 28 10:36:37 2016 +0100

    tests: fixed paths in compat tests

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 28 09:04:59 2016 +0100

    tests: better termination checking in compat tests
    
    This ensures that the exit code of all spawned processes is
    checked.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 31 10:12:34 2016 +0100

    cfg.mk: exclude devel/ subdirectory from syntax checks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 30 15:50:45 2016 +0100

    certtool: properly report unencrypted PKCS#8 keys in --p8-info

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 30 15:41:53 2016 +0100

    fuzz: added decrypted PKCS#8 keys

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 30 15:23:17 2016 +0100

    fuzz: added PKCS#8 keys with low iteration count
    
    This makes sure that the fuzzer will not timeout while
    trying to decode keys.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 28 11:01:37 2016 +0100

    submodules: use the github mirror of openssl

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Mon Dec 26 13:15:25 2016 -0500

    Do not infinite loop if an EOF occurs while skipping a PGP packet
    
    Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Tue Dec 27 09:45:31 2016 -0500

    Added a fuzzer for OpenPGP cert parsing
    
    Signed-off-by: Alex Gaynor <alex.gaynor@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 28 09:59:34 2016 +0100

    fuzz: document the convention for initial values

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 28 09:58:20 2016 +0100

    fuzz: Added initial values for DN, PKCS8 and X.509 tests

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Mon Dec 26 15:59:03 2016 +0000

    Added a parser for PKCS7 importing and printing

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 19 08:38:41 2016 +0100

    fuzz: added X.509 DN parser

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 19 08:35:45 2016 +0100

    fuzz: added PKCS#8 private key parser

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 21 08:18:24 2016 +0100

    configure: introduced --with-priority-string option
    
    This allows specifying the priority string to be used with
    gnutls_set_default_priority() on configure time.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 19 21:35:53 2016 +0100

    priorities: reset the profile flags when appending new flags
    
    That is, to avoid causing issues to applications calling gnutls_*priority_set()
    multiple times with different parameters. In that case if multiple profiles are
    used the outcome could be undefined. Now, the last call will prevail.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 19 21:39:02 2016 +0100

    gnutls_session_set_verify_cert: doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 19 21:26:09 2016 +0100

    Revert "priorities: set the additional verify flags instead of appending them"
    
    This reverts commit aaf49747f981f6c17cdc9ea7495a8948a5015ae2.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 19 21:19:05 2016 +0100

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 19 19:01:31 2016 +0100

    tests: added check for certtool loading CA certificates from PKCS#11

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 15:52:49 2016 +0100

    certtool: document that --load-ca-certificate can be used with PKCS#11 URLs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 15:44:20 2016 +0100

    certtool: load_ca_cert() can load a CA from URLs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 11:36:13 2016 +0100

    certtool: unified the CA certificate loading process
    
    That is, combined how CA certificates are loaded for --verify-chain,
    --verify and --p7-verify. It is based on the trust list high level
    functions, something that allows PKCS#11 URLs to be specified in
    --load-ca-certificate.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 19 16:15:50 2016 +0100

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 16:21:30 2016 +0100

    .gitlab-ci.yml: changed buildroot to fedora25

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Dec 19 11:01:10 2016 +0100

    tests: added check for multiple calls to gnutls_priority_set_direct()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Dec 19 10:49:34 2016 +0100

    priorities: set the additional verify flags instead of appending them
    
    That is, to avoid causing issues to applications calling gnutls_*priority_set()
    multiple times with different parameters. In that case if multiple profiles are
    used the combo could be undefined.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Dec 19 10:36:01 2016 +0100

    verify: print certificate on sec param failure

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 15 15:08:31 2016 +0100

    x509: corrected leak in certificate printing
    
    The leak could be triggered if the certificate policies to be imported are
    invalid.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 15 15:02:18 2016 +0100

    gnutls_x509_ext_import_proxy: fix issue reading the policy language
    
    If the language was set but the policy wasn't, that could lead to
    a double free, as the value returned to the user was freed.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 15 14:50:36 2016 +0100

    tests: added certificate which was causing issues in gnutls_x509_crt_print()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 15 14:47:13 2016 +0100

    tests: improved certder to easily load certificates from a directory
    
    That allows to place certificates in certs-interesting/ and these
    will be loaded and checked upon the new "cert" test case.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 15 14:06:06 2016 +0100

    doc update

Author: Alexander Kanavin <alex.kanavin@gmail.com>
Date:   Wed Dec 14 17:42:45 2016 +0200

    Do not add cli-args.h to cli-args.stamp Makefile target
    
    Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Thu Dec 15 08:08:45 2016 -0500

    Describe the integration

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Thu Dec 15 07:27:47 2016 -0500

    Move to the devel dir

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Tue Dec 13 20:14:33 2016 -0500

    Added a server fuzzer

Author: Alex Gaynor <alex.gaynor@gmail.com>
Date:   Mon Dec 12 08:09:49 2016 -0500

    Migrated fuzzers from the oss-repo to here.
    
    Also added a new private_key_parser fuzzer.

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Dec 14 18:07:05 2016 +0300

    Drop _gnutls_epoch_get_compression
    
    This function is unused since long ago, let's drop it.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Dec 14 17:51:56 2016 +0300

    Rework setting next compression method
    
    Only update compression method if all internal check succeed and next
    epoch will use this it. Also while we are at at, actually check for
    _gnutls_set_compression() return value.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Dec 14 17:51:56 2016 +0300

    Rework setting next cipher suite
    
    Only update cipher_suite if all internal check succeed and next epoch
    will use this ciphe suite. Also while we are at at, actually check for
    _gnutls_set_cipher_suite() return value.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Mon Nov 28 13:16:13 2016 +0300

    Cache MAC algorithm used for PRF function
    
    Instead of spreading checks all over the GnuTLS, cache used PRF after
    setting the cipher suite and reference the value later. Like in
    _gnutls_PRF_raw the GNUTLS_MAC_MD5_SHA1 means MD5+SHA1 combo.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Dec 14 04:11:11 2016 +0300

    Use MAC_MD5_SHA1 instead of MAC_UNKNOWN to specify TLS 1.0 PRF
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Dec 14 03:52:06 2016 +0300

    Rewrite SSL/TLS signature verification to use combined MD5+SHA1 digest
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Dec 14 03:52:06 2016 +0300

    Rewrite SSL/TLS signing code to use combined MD5+SHA1 digest
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Dec 14 03:15:49 2016 +0300

    Add special MD5+SHA1 digest to simplify TLS signature code
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 14 10:52:27 2016 +0100

    _gnutls_pkcs_raw_decrypt_data: merge all errors during decryption to GNUTLS_E_DECRYPTION_FAILED
    
    This makes the function's return values simpler to handle.

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Wed Dec 14 00:46:16 2016 +0300

    configure.ac: remove autogen'erated files only if necessary
    
    Currently autogen'erated files will be removed on each call to
    configure. However this would break the build if one of previous
    make invocations have created corresponding stamp files.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 14 09:50:24 2016 +0100

    bumped versions and added news entry for 3.6.0 [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 14 09:46:18 2016 +0100

    README.md: added information on the 3.5.x builds

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 13 11:41:12 2016 +0100

    tests: added test for PKCS#8 encrypted key decoding
    
    This also verifies that the return value when attempting to
    decrypt without a password is GNUTLS_E_DECRYPTION_FAILED.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 13 11:27:38 2016 +0100

    pkcs8: ensure that the correct error code is returned on decryption failure

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 10 13:15:16 2016 +0100

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 15:44:47 2016 +0100

    doc: updated to documentation of certtool [ci skip]
    
    This corrects options which incorrectly mentioned they support URLs.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 11:54:30 2016 +0100

    x509: better documented gnutls_trust_list_flags_t

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 15:06:55 2016 +0100

    tests: disable ASAN leak checks on suite tests
    
    These detect memory leaks in the tools in src/ which are
    not critical nor there is serious reason to address.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 12:03:33 2016 +0100

    tests: disable ASAN leak checks on certificate tests
    
    These detect memory leaks in the tools in src/ which are
    not critical nor there is serious reason to address.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 09:54:14 2016 +0100

    tests: enhanced long-session-id test
    
    This ensures that no leaks exist during exit (to avoid asan failures),
    and that we test for the specific error code that gnutls_handshake()
    is expected to return.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 09:52:20 2016 +0100

    handshake: return GNUTLS_E_ILLEGAL_PARAMETER on invalid ID size
    
    This is a more sensible error code to return on invalid packet.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 9 09:15:59 2016 +0100

    tests: eliminate compilation warning in crq-basic [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 8 15:41:40 2016 +0100

    .gitlab-ci.yml: do not enable IDN support in minimal build

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 2 14:57:41 2016 +0100

    configure.ac: use AC_CONFIG_LINKS to copy autogenerated files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 2 09:22:38 2016 +0100

    Added autogen pre-generated files into repository
    
    This allows building gnutls from git in systems without using
    autogen.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 7 14:28:46 2016 +0100

    configure: added option to enable maintainer mode
    
    That makes normal builds, not regenerate Makefiles or configure,
    allowing for faster CI builds on second stage.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 15 09:03:59 2016 +0100

    .gitlab-ci.yml: split the CI run into stages
    
    In addition avoid re-generating images for operating systems
    on every build and use pre-built images, which are generated in
    the gnutls-build-images sub-project. That allows for faster and
    more reliable (independent of network) CI runs.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 1 21:40:14 2016 +0100

    .gitlab-ci.yml: use local libopts on x86
    
    This works around autogen failures on x86-64 centos7 CI hosts.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 8 16:35:24 2016 +0100

    doc: updated documentation on multithreading [ci skip]
    
    Resolves #154

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 8 16:27:36 2016 +0100

    doc: list gnutls_init_flags_t [ci skip]
    
    Suggested by Tyler Burns.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 8 15:54:07 2016 +0100

    tests: make conditional (to HAVE_LIBIDN) any IDN related checks
    
    This allows the test suite to successfully complete even when compiled
    without libidn.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 8 15:44:28 2016 +0100

    str: do not call gnutls_assert in inline function
    
    This allows the build to succeed when compiled without libidn.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 8 13:09:35 2016 +0100

    tests: disable leak checks in rsa-md5-collision.sh

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 8 14:04:07 2016 +0100

    tests: split and enhanced UTF-8 name checks from hostname-check
    
    That is, added checks to ensure that non-ASCII DNS names in certificates
    fail, and that properly encoded IDNA2003 names, succeed.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 8 13:54:53 2016 +0100

    tests: added check with failed verification on invalid UTF-8
    
    That is, check whether raw UTF-8 in the certificate will fail
    verification. Raw UTF-8 is prohibited by IETF PKIX (RFC5280) on a
    certificate.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 8 13:40:41 2016 +0100

    tests: updated cert with UTF8 names to contain proper IDNA2003 encoded names

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 8 13:28:00 2016 +0100

    gnutls_x509_crt_check_email type changed to unsigned
    
    This reflects the documented returned value type (bool), and
    allows the compiler to warn on accidental checks for negative
    value.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 8 13:20:05 2016 +0100

    x509: do not attempt to ACE encode values stored in certificates
    
    The email and hostname values are required to be in ASCII form by PKIX.
    We instead ignore these names, if their values are outside the ASCII
    printable character set.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 8 08:08:28 2016 +0100

    .gitlab-ci.yml: removed libintl references
    
    They are no longer shipped in the build systems.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 8 07:32:18 2016 +0100

    tests: added missing test in dist

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 8 07:23:18 2016 +0100

    tests: corrected typos in starttls.sh
    
    This allows to detect chat in most systems.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 8 07:17:34 2016 +0100

    bumped version

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 7 15:43:21 2016 +0100

    tests: reduced the intermediate steps in rsa-md5-collision

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 7 13:24:34 2016 +0100

    configure: break after finding the first libtspi
    
    It may happen that multiple versions are available on a system,
    and by using the first one we ensure, that we are using the
    64-bit version on 64-bit system, instead of falling back to
    the 32-bit.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 7 13:20:08 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 7 10:56:30 2016 +0100

    tests: added operational -sign/verify- tests in keygen app
    
    This will check that a generated key is immediately usable for
    operations.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 7 10:27:01 2016 +0100

    gnutls_x509_privkey_cpy: use _gnutls_pk_params_copy
    
    This ensures that all fields of parameters are copied. Inspired
    by patch of Dmitry Eremin-Solenikov.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 7 10:30:13 2016 +0100

    tests: enhanced keygen to include check of gnutls_x509_privkey_cpy

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 7 08:58:30 2016 +0100

    tests: added tests for CRL generation APIs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 7 09:05:01 2016 +0100

    x509 crl: document the nextUpdate field limitation

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue Dec 6 22:41:28 2016 +0300

    Don't trash DER CRQ output with text data
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 7 08:59:03 2016 +0100

    x509 crl: Allow generation of CRLs not to specify a nextUpdate

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 6 20:03:31 2016 +0100

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 6 13:07:57 2016 +0100

    tests: updated overhead calculation for new code

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 30 11:57:56 2016 +0100

    DTLS: more precise overhead calculation
    
    That takes into account space available due to padding, and
    allows it to be included for use in the gnutls_get_data_mtu().
    
    Resolves #140

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 30 09:54:45 2016 +0100

    tests: added check for MTU calculation on DTLS 1.2

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Dec 5 10:36:04 2016 +0100

    src: clean all stamp files on 'make clean'

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Dec 5 10:33:07 2016 +0100

    configure: search 64-bit paths for libtspi before 32-bit paths
    
    That is, because 64-bit systems may have both 64-bit and 32-bit paths
    while 32-bit systems only the latter.

Author: James Bottomley <James.Bottomley@HansenPartnership.com>
Date:   Sat Dec 3 14:36:40 2016 -0800

    tpm: fix handling of keys requiring authorization
    
    There are several problems with the key handling in the tpm code.
    
    The first, and most serious, is that we should make sure we understand
    the authorization requirements of a key *before* using it.  The reason
    for this is that the TPM has a dictionary attack defence and is
    programmed to lock up after a certain number of authorization failures
    (which can be very small).  If we try first without authorization, we
    may lock up the TPM.  The fix for this is to check whether
    authorization is required and supply it before using the key.
    
    Secondly, if the key does require authorization but no password is
    supplied we should return immediately, since we know the TPM will give
    us an authorization error anyway.
    
    Thirdly, we should unconditionally read the policy of the key rather
    than checking if a policy exists: Policies are tied to key objects, so
    if there is an old policy in s->tpm_key_policy, but we're creating a
    new key, the key it belonged to will be closed, meaning the policy
    will be invalid.  Fix this by always setting the policy each time we
    get a new key object.
    
    Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 4 09:56:13 2016 +0100

    In import_tpm_key_cb() fix the wrong password loop
    
    When calling import_tpm_key() once it initializes the key, but
    a second call fails due to the key being already initialized. Ensure
    that failure of import_tpm_key() leaves the key on a clear state.
    
    Reported by James Bottomley <James.Bottomley@HansenPartnership.com>.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 4 18:48:55 2016 +0100

    src gl: updated

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 2 15:59:17 2016 +0100

    gl: removed iconv module
    
    It is no longer used by the library.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 4 10:11:19 2016 +0100

    configure.ac: detect trousers library on debian

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Dec 3 14:29:51 2016 +0100

    Prevent unwanted linkage to -lhogweed
    
    Specify action-if-found for AC_CHECK_LIB when checking for !SuiteB
    curves to keep autoconf from adding -lhogweed to LIBS. This caused
    linkage of e.g. openssl wrapper and C++ library to -lhogweed. The issue
    only shows up if --disable-libdane is specified, since the dane autoconf
    test resets LIBS.

Author: James Bottomley <James.Bottomley@HansenPartnership.com>
Date:   Fri Dec 2 15:28:08 2016 -0800

    Fix inability to find libtspi (trousers) on openSUSE
    
    For distro reasons, the path on openSUSE is /lib[64]/libtspi.so.1
    which the current code doesn't find.  Fix this by having it search all
    viable system library locations (/lib /lib64 /usr/lib and
    /usr/lib/lib64)
    
    Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 2 16:27:58 2016 +0100

    x509: fixed output of pubkey

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 1 16:41:55 2016 +0100

    doc: document the fact that certificates and CRLs are unusable after generation
    
    They must be exported and re-imported if intended to be used for
    signing or verification.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 1 16:32:04 2016 +0100

    doc: no longer list SHA1 as a safe choice in X.509 signing

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 1 16:19:31 2016 +0100

    certtool: prevent-null termination of buffers allocated with fread_file()
    
    We do not know whether their allocated size allows for that additional
    null, and we do not need the null termination.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 1 08:40:13 2016 +0100

    gnutls_x509_crl_verify: always return zero on success
    
    Also document that in previous versions a positive number could
    be returned on success. Reported by Adrien Beraud.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 1 14:09:15 2016 +0100

    tests: corrected space-tab issue

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 1 10:04:45 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 1 09:55:51 2016 +0100

    Improved messages and violation handling in signature key usage checks
    
    This will now tolerate violations in server certificate, if
    %DEBUG_ALLOW_KEY_USAGE_VIOLATIONS is set.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 1 09:48:56 2016 +0100

    Removed redundant certificate key usage checks.
    
    There were redundant checks when a certificate was obtained, as
    well as prior to performing operations with certificates/pubkeys.
    Kept the checks prior to operations.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 1 09:45:26 2016 +0100

    _gnutls_map_pk_get_pk -> _gnutls_map_kx_get_pk

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 30 14:18:51 2016 +0100

    gnutls_kx_get: allow calling the function during handshake
    
    Previous this function would return garbage during handshake, because
    parameters were not considered established, however there are valid
    uses of this function during it. For that reason this function is
    modified to return a correct value even during handshake (after
    a hello is being exchanged).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 30 14:14:42 2016 +0100

    _gnutls_check_key_usage: check for invalid key exchange algorithm
    
    Reported by Dmitry Eremin-Solenikov.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 30 14:56:41 2016 +0100

    tests: added checks on signature key usage violations

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 1 09:10:41 2016 +0100

    .gitlab-ci.yml: added docker tag on mingw builds
    
    That ensures that these builds are done on the gitlab.com runners
    which run as privileged containers (and thus have access to mount).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 30 09:20:26 2016 +0100

    privkey: set the key parameters algorithm prior to returning success

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 30 09:15:06 2016 +0100

    When decoding a public key ensure that algorithm is written in the params struct
    
    Reported by Dmitry Eremin-Solenikov.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 30 08:54:09 2016 +0100

    cfg.mk: disable checks for public submodule updates in CI

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 30 08:44:40 2016 +0100

    .gitlab-ci.yml: do not require update to /proc/sys/fs/binfmt_misc to succeed
    
    In some CI systems, it is not possible to write to this filesystem, and
    they already have the wine executable registered. In the case we cannot
    write proceed to running the check and hope for the best.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 29 16:00:30 2016 +0100

    tests: use datefudge in rsa-md5-collision check
    
    This makes sure that any failure detected is not because of
    expired certificates, but because of MD5 being disabled.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 29 15:51:18 2016 +0100

    tools: use stamp files to allow parallel build of autogen files
    
    Autogen seems to output on the creates files gradually, something that
    makes 'make' believe that the command is complete prior to the output
    file being fully populated. The current approach uses stamp files to
    ensure that no incomplete files are used for compilation.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 29 13:44:01 2016 +0100

    guile: do not use +COMP-DEFLATE in priorities test
    
    This allows the test to work even in the cases where gnutls
    is compiled without zlib support.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 28 18:19:43 2016 +0100

    moved all syntax check exceptions in cfg.mk

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 29 07:57:26 2016 +0100

    .gitlab-ci.yml: added zlib dependency

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 28 12:48:25 2016 +0100

    .gitlab-ci.yml: fixed artifacts paths for Debian build

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 28 10:26:14 2016 +0100

    tests: str-unicode: check whether exceptions are tolerated on decryption

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 28 10:01:02 2016 +0100

    tests: added exception and join control characters in str-unicode

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 28 09:38:38 2016 +0100

    unistring: added property-join-control

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 17:49:10 2016 +0100

    unistring: added default_ignorable_code_point and not_a_character tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 17:23:51 2016 +0100

    unistring: added NFKC normalization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 15:29:43 2016 +0100

    unistring: included all possible categories for simplicity and extensibility

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 14:55:37 2016 +0100

    tests: enhanced str-unicode with more char sets

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 14:20:11 2016 +0100

    gnutls_utf8_password_normalize: perform more strict check on input characters
    
    That is, ensure that the input characters are in the valid class of characters
    for the PRECIS FreeformClass.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 13:11:44 2016 +0100

    tests: fixed str-unicode tests with control characters

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 13:02:48 2016 +0100

    gnutls_utf8_password_normalize: avoid use of strlen()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 28 11:03:28 2016 +0100

    tests: added pkcs12 file with long password

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 16:09:20 2016 +0100

    renamed system/iconv.c -> str-iconv.c
    
    We no longer use the system's functionality for converting between
    charsets (we use libunistring), hence it is no longer suitable for
    the wrappers to stay in system/.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 11:58:14 2016 +0100

    x509: when printing ACE DNSnames ensure the actual name is also printed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 11:47:53 2016 +0100

    tests: added unit tests of of _gnutls_idna_reverse_map

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 11:34:19 2016 +0100

    introduced _gnutls_idna_reverse_map()
    
    This function allows mapping ACE formatted domains to UTF-8.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 10:05:28 2016 +0100

    Combined checks for printable characters

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 09:58:58 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 23 08:44:59 2016 +0100

    tests: updated crt_apis to include setting UTF-8 SAN

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 23 08:17:13 2016 +0100

    tests: updated crq_apis to include setting UTF-8 SAN

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 09:48:56 2016 +0100

    gnutls_idna_map: check for printable data prior to mapping

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 23 10:53:23 2016 +0100

    gnutls_x509_aia_set: IDNA encode when needed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 16 14:48:59 2016 +0100

    When writing alternative names to certificates ensure we write in ACE format

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 10:39:10 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 16:30:49 2016 +0100

    tests: added pkcs7 verification with struct generated from openssl (with keyid)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 15:44:35 2016 +0100

    tests: added pkcs7 verification with struct generated from openssl

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 25 10:23:00 2016 +0100

    doc: added certificate for ECC with any purpose

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 16:40:15 2016 +0100

    pkcs7: return GNUTLS_E_PK_SIG_VERIFY_FAILED on hash mismatch
    
    In addition introduce a new error code to warn about no embedded data.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 16:33:18 2016 +0100

    pkcs7: only print signer's issuer DN when DN has contents

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 14:51:15 2016 +0100

    pkcs7: added recursive discovery of structure's signer
    
    This uses the PKCS#7 certificate list as a pool of certificates
    to generate a certificate chain that leads to our root CAs.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 15:11:31 2016 +0100

    pkcs7: on data verification failure log the signer

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 13:17:41 2016 +0100

    tests: added complex verification example using PKCS#7
    
    That uses multiple intermediate certificates from the PKCS#7 structure.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 14:32:28 2016 +0100

    doc: updated gnutls_x509_trust_list_verify_crt2()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 13:14:16 2016 +0100

    pkcs7: pass the verification flags down to gnutls_x509_trust_list_verify_crt2, in find_signer()
    
    This allows for flags like GNUTLS_VERIFY_DISABLE_TIME_CHECKS to apply when
    verifying PKCS#7 structures.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 09:54:17 2016 +0100

    pkcs7: corrected iteration over stored certificates
    
    This allows to use all possibly stored certificates on chain discovery,
    not only the first.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 09:53:58 2016 +0100

    pkcs7: added debug logging on verification discovery

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 14:54:46 2016 +0100

    errors.h: added _gnutls_reason_log

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 09:49:13 2016 +0100

    errors.h: added _gnutls_cert_log
    
    This log function allows to easily log the name of a certificate.

Author: Andreas Schneider <asn@samba.org>
Date:   Thu Nov 24 17:31:45 2016 +0100

    certtool: One if check is enough
    
    Signed-off-by: Andreas Schneider <asn@samba.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 24 08:37:47 2016 +0100

    corrected log message [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Nov 23 21:09:03 2016 +0100

    gnutls_idna_map was prefixed with underscore to avoid clashes with exported symbols

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 23 14:37:47 2016 +0100

    more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 23 14:30:48 2016 +0100

    avoid the use of c_isascii() and use c_isprint()
    
    That latter detects correctly the printable characters we are
    interested in.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 21 15:45:22 2016 +0100

    tests: added unit tests for gnutls_idna_map()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 23 13:12:08 2016 +0100

    IDNA code re-organization
    
    That introduces the internal function gnutls_idna_map(), which
    utilizes libidn and libunistring to convert hostnames to IDNA ACE
    form.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 22 16:57:01 2016 +0100

    tests: updated outputs to reflect new fingerprint/keyid formats

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 22 16:56:41 2016 +0100

    tests: made tmp files unique

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 22 16:43:25 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 22 16:42:14 2016 +0100

    Align the printing of a certificate's fingerprint with the key ID printing

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 22 16:35:58 2016 +0100

    Print a key's or certificate's key ID with SHA256 in addition to SHA1

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 22 16:18:01 2016 +0100

    certtool: address compiler warnings

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 22 09:31:19 2016 +0100

    doc: document the RFC7613 normalization of passwords [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 21 21:16:28 2016 +0100

    unistring: include only the required categories
    
    In addition fix the license text of the included library.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 16 15:50:39 2016 +0100

    server_name: log server name sent

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 16 16:47:15 2016 +0100

    x509/output: improve log message on embedded null

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 21 12:00:28 2016 +0100

    build-aux: added unused-parameter.h

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 21 11:36:43 2016 +0100

    .gitlab-ci.yml: explicitly specify --with-included-unistring when needed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 21 11:32:09 2016 +0100

    hooks.m4: corrected typo

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 21 10:52:23 2016 +0100

    .gitlab-ci.yml: ignore syntax-check issues caused by included unistring

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 21 10:11:32 2016 +0100

    more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 21 09:38:38 2016 +0100

    unconditionally include unistring code
    
    That simplifies internationalization support, at the cost of
    including a version of libunistring, which is used on systems
    which do not ship it.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 21 09:20:36 2016 +0100

    lib: added unistring sub-library

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 20 17:11:57 2016 +0100

    updated auto-generated files for gnutls_utf8_password_normalize()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 20 17:08:55 2016 +0100

    tests: enhanced str-unicode with GNUTLS_UTF8_IGNORE_ERRS flag
    
    That is, enhanced to check the tolerable variant of gnutls_utf8_password_normalize()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 9 18:26:21 2016 +0100

    .gitlab-ci.yml: added build without libunistring

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 10:42:32 2016 +0100

    doc: mention the RFC7613 normalization and the libunistring dependency

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 20 17:03:02 2016 +0100

    tolerate non-valid UTF8 passwords when decrypting

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 9 14:42:26 2016 +0100

    tests: addressed compiler warnings

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 9 14:40:19 2016 +0100

    _gnutls_utf8_to_ucs2: normalize to NFC UTF16 output

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 9 14:31:24 2016 +0100

    openssl_hash_password: normalize the password prior to use

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 9 12:55:22 2016 +0100

    TPM: normalize the password prior to use

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 9 10:53:40 2016 +0100

    _gnutls_calc_srp_sha: normalize the password prior to use

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 9 10:50:42 2016 +0100

    gnutls_x509_crq_set_challenge_password: normalize the password prior to use

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 9 10:48:04 2016 +0100

    PKCS#7/8: normalize the password according to rfc7613

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 10:53:37 2016 +0100

    gnutls.pc: use the LT version of the lib variables

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 8 15:24:26 2016 +0100

    Use libunistring when present instead of iconv()
    
    That allows us to rely to a single provider for unicode
    functionality.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 8 15:24:00 2016 +0100

    tests: added unit tests for gnutls_utf8_password_normalize()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 8 13:00:16 2016 +0100

    Added function for UTF-8 normalization based on RFC7613
    
    This introduces gnutls_utf8_password_normalize() and a dependency on libunistring.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 17:12:02 2016 +0100

    tests: added test suite with PKCS#8 files that have invalid encryption

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 16:30:46 2016 +0100

    PKCS#5,7 decryption: verify the correctness of padding
    
    That is, for block ciphers (i.e., cbc), verify that all the padding bytes
    match the expected contents according to RFC2898.
    
    Relates #148

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 15:17:26 2016 +0100

    PKCS#5,7 decryption: added sanity check on padding size
    
    Relates #148

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 15:01:18 2016 +0100

    PKCS#5,7 decryption: fail without leak on unknown MAC

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 14:54:00 2016 +0100

    PKCS#5,7 decryption: fail early on invalid block sizes

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 14:47:13 2016 +0100

    PKCS#5,7 decryption: enforce limits in the support parameter sizes
    
    This allows to detect invalid parameters early rather than later.
    Relates #148

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 14:03:58 2016 +0100

    updated auto-generated files for new functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 10:03:29 2016 +0100

    pkcs7 output: use the new functions for DN output

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 09:52:16 2016 +0100

    tests: account for the strict RFC4514 compliance reversal
    
    Test the new functions only for the strict RFC4514 compliance to
    output strings, and test the old functions for the legacy format.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 11 19:05:27 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 11 18:52:03 2016 +0100

    x509 output: use the new functions for DN output

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 11 18:31:37 2016 +0100

    cleanups in _gnutls_buffer_to_datum()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 11 18:42:59 2016 +0100

    certtool: use the new APIs for DN extraction

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 13:31:34 2016 +0100

    _gnutls_x509_get_dn: when no data ensure we return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE
    
    This aligns with the previous (prior to RFC4514 improvements) behavior of the function.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 11 16:20:01 2016 +0100

    Introduced new functions to allow multiple DN parsing modes
    
    The old DN parsing functions are changed to return the original
    non-fully compliant with RFC4514 string format, while the new
    ones return the compliant string by default. This allows applications
    which relied on the previous format to continue functioning without
    changes.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 9 17:19:48 2016 +0100

    .gitlab-ci.yml: include root dir log files in all builds

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 11:06:26 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 14 12:57:53 2016 +0100

    gl: removed invalid module name

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 13 17:08:35 2016 +0100

    tools: added explicit socket flag to skip TLS initialization
    
    This allows proper error recovery when SOCKET_FLAG_RAW is specified
    and initialize_session() fails.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 13 16:41:43 2016 +0100

    gnutls-cli-debug: terminate sessions which cannot be re-used

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 13 16:15:42 2016 +0100

    sockets: only use gnutls_bye on a valid socket session

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Nov 10 06:39:32 2016 +0100

    p11tool: --initialize will no longer reset user PIN
    
    That is because it only resetted the user PIN and not the admin PIN,
    while at the same time it had problems to cope with the case where
    the URL changed between token initialization and PIN setting (which
    is the case if --label is provided to --initialize).

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Nov 10 06:34:50 2016 +0100

    p11tool: added options to initialize a user and admin's PIN

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 11 09:01:39 2016 +0100

    gnutls_store_pubkey: document the default hosts format

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 7 09:17:22 2016 +0100

    _wrap_nettle_pk_verify: use FAIL_IF_LIB_ERROR prior to returning success
    
    This will prevent verification to succeed if the system is in
    error state.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 7 09:11:24 2016 +0100

    fips140-2: moved PCT-test in wrap_nettle_generate_keys
    
    This allows it to run in any potential scenario, i.e., any
    call of _gnutls_pk_generate_keys().

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 5 19:18:08 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 6 10:03:35 2016 +0100

    .gitlab-ci.yml: use included libtasn1 in CI systems which do not have 4.9

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 3 10:31:27 2016 +0200

    bumped the version of the minimum required libtasn1
    
    We now require the latest version that supports OIDs
    with elements that are longer than 32-bits.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 11 11:16:12 2016 +0200

    tests: added check for the decoding of certificates with long OIDs
    
    That is, OIDs which have an element which exceeds 2^32.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 4 10:42:58 2016 +0100

    symbol-check: do not compare against symbols not exported by us

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 4 09:49:41 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 4 09:34:55 2016 +0100

    tests: updated known ciphersuites test for CHACHA20-POLY1305 in the SECURE set

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 4 09:10:18 2016 +0100

    priorities: added CHACHA20-POLY1305 to SECURE set

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 4 08:15:24 2016 +0100

    released 3.5.6

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 4 07:58:48 2016 +0100

    bumped versions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 4 07:56:33 2016 +0100

    symbols.last: updated auto-generated file

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 19 10:27:26 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 31 10:18:09 2016 +0100

    tests: added test to ensure that gnutls_rnd() is not called during initialization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 24 08:30:06 2016 +0200

    doc: explicitly state that rng self_test mustn't require rng initialization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 17 14:10:08 2016 +0200

    deprecated _gnutls_rnd() in favor of exported gnutls_rnd()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 14:16:51 2016 +0200

    rng: split initialization in preinit and init
    
    This makes gnutls to initialize its random generator on the
    first call to gnutls_rnd(). That prevents blocking due to
    getrandom() on a constructor; that change allows to use gnutls-linked
    applications even in early boot in systems where getrandom() blocks
    waiting for entropy.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 31 11:40:12 2016 +0100

    _gnutls_rnd_check: call _rnd_system_entropy_check directly

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Nov 2 18:07:13 2016 +0100

    x509: removed unused IDNA file

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 2 13:24:59 2016 +0100

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 2 08:29:25 2016 +0100

    handshake: log advertized version

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 2 08:13:38 2016 +0100

    algorithms.h: removed exported prototype from internal header

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 1 18:39:38 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 31 17:23:16 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 31 16:59:20 2016 +0100

    tests: added decoding of multi-value DN

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 31 14:21:37 2016 +0100

    x509_dn: forbid non-supported escaped chars on DN encoding

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 31 14:07:13 2016 +0100

    tests: enhanced RFC4514 with arbitrary escaped strings

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 31 14:07:27 2016 +0100

    x509_dn: allow arbitrary escaped strings
    
    In addition fail encoding on unescaped '+'. We do not support it
    for DN encoding.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 14:46:49 2016 +0200

    tests: modified to account for backwards-encoded DN (according to RFC4514)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 31 13:18:17 2016 +0100

    tests: removed old README file
    
    The description in the file had no relevance to the existing tests.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 31 13:00:14 2016 +0100

    gnutls_x509_crt_set_*dn, gnutls_x509_dn_set_str: honor the reverse property of RFC4514
    
    When converting an RFC4514 string to a DN ensure that the elements
    are encoded in reverse order, as required by the RFC.
    
    Resolves #111

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 19 15:35:44 2016 +0200

    Encode string DNs backwards according to RFC4514
    
    This makes the output string from functions such as gnutls_x509_crt_get*dn()
    to comply with RFC4514 requirements in DN element order.
    
    Relates #111

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 31 14:41:10 2016 +0100

    Updated issue templates [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 31 14:35:22 2016 +0100

    Added issue templates [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 29 23:45:18 2016 +0200

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 29 23:31:00 2016 +0200

    nettle: renamed system random generator-related files for clarity

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 17 14:34:10 2016 +0200

    tests: introduced checks for gnutls_rnd() in multi-threaded scenario

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 17 14:33:53 2016 +0200

    tests: introduced sanity checks in rng-fork

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 24 08:30:29 2016 +0200

    drbg-aes-self-test: corrected free call

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Oct 27 21:04:49 2016 +0200

    tests: check for gnutls 3.3.x compatibility
    
    That is, check whether the status request extension is not sent
    by the server, if the server does not hold a status response. We
    require that behavior to be backwards compatible with gnutls 3.3.x.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 26 17:51:11 2016 +0200

    Reverted the behavior of sending a status request extension even without a response
    
    That is, we no longer reply to a client's hello with a status request, with
    a status request extension. Although that behavior which was introduced
    in 6b76e0c899b1ff08df9bd9b41588f771f050be89 is legal, it creates incompatibility
    issues with gnutls 3.3.x branch. That is because versions prior 3.3.26
    translates the presence of the extension as a guarrantee that the status
    response data will be sent. Even though, that is false assumption we
    replicate the previous behavior to allow such clients to connect to
    a gnutls 3.5.x server.
    
    Relates !66

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Thu Oct 27 18:42:38 2016 +0300

    tests: do not enable testpkcs11.sh twice
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Oct 22 14:24:16 2016 +0300

    starttls: search for chat in sbin if it is not present in PATH
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Fri Oct 21 04:17:36 2016 +0300

    Fix autoconf warnings in libopts.m4
    
    Without this patch Autoconf will spam console with the following kind of
    messages:
    
    configure.ac:650: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body
    ../../lib/autoconf/lang.m4:193: AC_LANG_CONFTEST is expanded from...
    ../../lib/autoconf/general.m4:2740: _AC_RUN_IFELSE is expanded from...
    ../../lib/m4sugar/m4sh.m4:639: AS_IF is expanded from...
    ../../lib/autoconf/general.m4:2759: AC_RUN_IFELSE is expanded from...
    ../../lib/m4sugar/m4sh.m4:639: AS_IF is expanded from...
    ../../lib/autoconf/general.m4:2042: AC_CACHE_VAL is expanded from...
    src/libopts/m4/libopts.m4:386: LIBOPTS_RUN_FOPEN_TEXT is expanded from...
    src/libopts/m4/libopts.m4:425: INVOKE_LIBOPTS_MACROS is expanded from...
    src/libopts/m4/libopts.m4:560: AM_COND_IF is expanded from...
    src/libopts/m4/libopts.m4:581: LIBOPTS_CHECK is expanded from...
    configure.ac:650: the top level
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Oct 22 02:18:40 2016 +0300

    cfg.mk: fix m4 files removal
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 17:45:03 2016 +0200

    tests: better check for gnutls_ecc_curve_get result

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 17:30:43 2016 +0200

    Terminate handshake if only unknown or disabled signatures are advertized by the peer
    
    That is, do not attempt to proceed assuming that the peer supports SHA-1.

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Sat Oct 22 03:28:14 2016 +0300

    Fix compilation of tests if nettle is not installed in standard path
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 25 08:03:32 2016 +0200

    gnutls-cli-debug: corrected TLS1.2 detection

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 24 08:33:42 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 22 09:41:45 2016 +0200

    modified the gnutls_certificate_set_key* change
    
    While the change was fully backwards compatible for applications that were
    adding a single certificate, and applications that were checking for negative
    errors codes, many applications do not. As this may cause incompatibility issues
    with software properly utilizing the previously documented API, the change
    is reverted, and applications need to explicitly enable a flag (GNUTLS_CERTIFICATE_API_V2)
    in the credentials structure for the set_key functions to return an index.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Oct 19 23:06:59 2016 +0200

    tests: removed nohats.ca from testdane
    
    The host seems to be unreliable.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 16:43:47 2016 +0200

    .travis.yml: use as many jobs as CPUs in OSX

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 16:14:32 2016 +0200

    .travis.yml: do not run the public submodule checks of maint.mk
    
    These seem to be problematic to detect modification and are preventing
    the CI from operating.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 13:16:50 2016 +0200

    .travis.yml: simplified the submodule checkout
    
    The default submodule initialization in travis caused the MacOSX builds to fail.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 13:15:19 2016 +0200

    Added casts to prevent compiler warnings

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 13:14:57 2016 +0200

    corrected typo

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 12:10:56 2016 +0200

    README.md: corrected link to travius build

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 20 15:58:38 2016 +0200

    .travis.yml: added support for compiling in macosx

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 11:02:30 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 11:01:43 2016 +0200

    tests: added checks for the new GNUTLS_NO_TICKETS flag

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 21 10:26:13 2016 +0200

    gnutls_init: added GNUTLS_NO_TICKETS flags
    
    These flags allow the callers to disable the automatically enabled
    session tickets. This could be done only with GNUTLS_NO_EXTENSIONS
    which also disabled other useful extensions.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 20 09:26:10 2016 +0200

    tests: added pkcs11-privkey-export
    
    This checks whether the public parts of RSA private and public keys
    can be properly extracted from a PKCS#11 module.

Author: Jakub Jelen <jjelen@redhat.com>
Date:   Wed Oct 19 13:41:55 2016 +0200

    Expose CKA_PUBLIC_EXPONENT and CKA_MODULUS for private keys too

Author: Jakub Jelen <jjelen@redhat.com>
Date:   Wed Oct 19 09:17:52 2016 +0200

    tests/pkcs11: Return also CKA_CLASS

Author: Jakub Jelen <jjelen@redhat.com>
Date:   Tue Oct 18 15:28:39 2016 +0200

    tests/pkcs11: Expose SUBJECT for certificates, PUBLIC_EXPONENT and MODULUS for public keys to widen compatibility

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 18 15:42:52 2016 +0200

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 18 13:45:34 2016 +0200

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 18 09:24:02 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 18 10:13:56 2016 +0200

    certtool: allow setting key purposes for non-CA certificates
    
    That is, allow setting code signing, or time stamping key purpose
    in certificates that are not marked as CA. The previous restriction
    served no purpose.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 18 10:01:49 2016 +0200

    certtool: introduce key purpose checks in p7 direct verification

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 18 09:22:59 2016 +0200

    x509: introduced gnutls_x509_crt_check_key_purpose()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 17 15:07:03 2016 +0200

    gnutls_x509_crt_verify_data2: introduce constraints checks on the provided certificate
    
    That is check the provided certificate for validity in time and key usage.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 18 10:02:29 2016 +0200

    tests: introduced verification constraints checks for PKCS#7 structures
    
    That is, key purpose checks and more elaborate time checks.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 17 12:00:41 2016 +0200

    gnutls-serv: use the included known DH parameters by default

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 17 11:54:51 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 12:02:31 2016 +0200

    certtool: manpage update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 12 08:34:13 2016 +0200

    getfuncs-map.pl: ignore the ffdhe exported parameters
    
    That is ignore the new variables exported which are not functions, and
    thus cannot be detected by getfuncs-map.pl.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Oct 11 19:26:44 2016 +0200

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Oct 11 20:10:37 2016 +0200

    tests: crl-test: use a unique temp file

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Oct 11 20:01:27 2016 +0200

    tests: added sanity check for included primes

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Oct 11 19:36:26 2016 +0200

    doc: discuss the set_known_dh_params and use it in the examples

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Oct 11 19:25:52 2016 +0200

    tests: check gnutls_psk_set_server_known_dh_params

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Oct 11 19:22:25 2016 +0200

    tests: check gnutls_anon_set_server_known_dh_params

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Oct 11 19:12:16 2016 +0200

    tests: check gnutls_certificate_set_known_dh_params

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 11 16:42:28 2016 +0200

    DH: introduced gnutls_*_set_known_dh_params()
    
    That is, the functions gnutls_certificate_set_known_dh_params(),
    gnutls_anon_set_server_known_dh_params(),
    gnutls_psk_set_server_known_dh_params().
    These functions allow to statically set the DH parameters, based
    on the RFC7919 FFDHE parameters. This can simplify server configuration
    by allowing DH without loading parameters from file.
    
    Relates #37

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 11 16:18:22 2016 +0200

    certtool: --get-dh-params will output the FFDHE primes instead of the SRP primes

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 11 16:05:57 2016 +0200

    DH: export the FFDHE Diffie-Hellman values

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 16:13:29 2016 +0200

    .gitlab-ci.yml: use fedora's mingw-cmocka packages

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 16:12:44 2016 +0200

    more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 15:04:41 2016 +0200

    tests: added check for PKCS#7 catalog file parsing and data extracting

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 15:46:05 2016 +0200

    tests: updated pkcs7 text outputs to account for certtool update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 14:55:57 2016 +0200

    certtool: --p7-info will include the PKCS#7 encoded data in PEM format

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 14:50:25 2016 +0200

    tests: replaced large test2.cat with a smaller file

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 13:13:26 2016 +0200

    certtool: improve text on missing options for cert generation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 12:57:31 2016 +0200

    Revert "certtool: improve text on missing options for cert generation"
    
    This reverts commit 7daed1fd0602bce7495d252f1a9b638fc41e38d3.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 10:22:07 2016 +0200

    handshake: set a maximum number of warning messages that can be received per handshake
    
    That is to avoid DoS due to the assymetry of cost of sending an alert vs the cost
    of processing.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 10:08:35 2016 +0200

    record: disallow parsing of alert messages prior to session start

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 10:07:58 2016 +0200

    tests: added check to verify that the server will bail out after receiving only alerts

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 14 09:59:22 2016 +0200

    tests: added check to verify that the server will bail out after many alerts

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 13 17:01:16 2016 +0200

    certtool: improve text on missing options for cert generation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 13 16:55:00 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 13 16:51:19 2016 +0200

    tools: removed redudant messages on PIN re-use

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 13 16:48:52 2016 +0200

    p11tool: avoid asking the security officer PIN twice on initialization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 13 16:41:04 2016 +0200

    p11tool: improved messages on token initialization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 13 16:37:45 2016 +0200

    p11tool: corrected check of PIN existance in token initialization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 13 13:10:52 2016 +0200

    doc: set a default handshake timeout on example server

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 13 13:09:35 2016 +0200

    serv: set a timeout value in handshake

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 13 08:56:45 2016 +0200

    tests: added check for Encrypt-then-MAC under DTLS

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 13 08:54:52 2016 +0200

    tests: cleanups in tls-etm.c

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 12 13:36:01 2016 +0200

    gnutls_pkcs7_get_embedded_data: added GNUTLS_PKCS7_EDATA_GET_RAW flag
    
    This flag allows the export of the stored embedded data with any wrapping
    encoding included. This in particular, it allows to read the data from the
    microsoft catalog PKCS#7 structures, which store as embedded data elements
    of a SEQUENCE, but only authenticate the inner parts without the bytes
    forming the SEQUENCE header.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Oct 11 21:33:24 2016 +0200

    configure: automatically disable non-suiteb curves
    
    That is, if the installed nettle doesn't provide the
    nettle_secp_192r1 symbol.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 9 20:41:18 2016 +0200

    doc update

Author: Colin Walters <walters@verbum.org>
Date:   Tue Oct 11 11:28:39 2016 -0400

    priorities: Do read crypto policy files with mtime of zero
    
    In a default Fedora Atomic Host installation,
    `/etc/crypto-policies/backends/gnutls.config` is a symlink to the
    default in `/usr/share/`.  On an OSTree-managed system, files in
    `/usr` have an mtime of zero (to help deduplication).
    
    The simple fix here is to still try to read the first time, even if
    the file has an mtime of zero.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 11 14:11:27 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 11 13:55:56 2016 +0200

    certtool: corrected use of gnutls_pkcs7_get_embedded_data()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 11 13:06:48 2016 +0200

    pkix.asn: simplified ASN.1 description by eliminating pkcs-7-ContentType

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 11 13:03:45 2016 +0200

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 11 11:30:28 2016 +0200

    certtool: print the enacapsulated content OID on verification

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 7 15:25:31 2016 +0200

    tests: added checks for the decoding of various PKCS#7 structures

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 7 15:19:16 2016 +0200

    pkcs7: print the eContent type in output functions if it does not match the defaults

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 7 12:06:37 2016 +0200

    pkcs7: allow unknown and legacy signature data OIDs to be imported
    
    This allows to decode very old PKCS#7 structures where the content is not
    an octet string. In addition, it introduces gnutls_pkcs7_get_embedded_data_oid()
    to obtain the OID of the signature data.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Oct 7 19:07:41 2016 +0200

    certtool: --p7-info can be combined with --p7-show-data to display embedded data

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 10 09:48:05 2016 +0200

    lib: link with LTLIBDL instead of LIBDL
    
    It fixes compilation issues on some systems.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 9 20:01:06 2016 +0200

    released 3.5.5

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 9 19:27:39 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 9 19:04:30 2016 +0200

    doc: mention gnutls_session_ext_register and its supplemental data equivalent

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 9 18:56:52 2016 +0200

    bumped version

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 9 14:21:09 2016 +0200

    TLS extensions: only cache the extension IDs from exts that the server supports
    
    That avoids imposing any artificial limits on the number of extensions that
    a server can handle.
    
    Resolves #136

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Oct 9 14:05:07 2016 +0200

    tests: check the registration of multiple extensions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 8 07:24:02 2016 +0200

    doc: added gnutls_datum_t and giovec_t to indexes
    
    Resolves #137

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 7 15:24:25 2016 +0200

    pkcs7: removed any limits in hex encoding of attributes

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 7 16:10:19 2016 +0200

    certtool: lift any limits in print_raw()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 7 14:17:52 2016 +0200

    certtool: added safety net when generating a certificate request
    
    That is, do not allow specifying --generate-request --load-pubkey without
    specifying --load-privkey. Previously if --load-pubkey would have been
    used, it would have been ignored, causing confusion to the users.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 6 08:50:39 2016 +0200

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Oct 5 20:10:46 2016 +0200

    Makefile.am: improved the files-update output

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Oct 5 20:09:21 2016 +0200

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 5 13:51:05 2016 +0200

    _gnutls_utf8_to_ucs2: force NFC normalization form in windows

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 5 11:04:54 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 5 11:41:23 2016 +0200

    tests: added checks for gnutls_session_supplemental_register

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 5 11:33:55 2016 +0200

    Added session-specific supplemental data handling
    
    This allows a caller to add supplemental data handling which will
    only be made available for a specific session.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 5 10:43:29 2016 +0200

    tests: added checks for gnutls_session_ext_register

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Sep 30 18:53:09 2016 +0200

    Added session-specific TLS extensions
    
    This allows a caller to add extensions which will be made available
    for a specific session.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Wed Oct 5 14:30:33 2016 +0200

    guile: Implement session record ports using the Guile 2.2 API.
    
    This allows the Guile bindings to be built and used with
    Guile >= 2.1.4, which introduced a new port API.
    
    * guile/src/core.c (USING_GUILE_BEFORE_2_2): New macro.
    (session_record_port_type) [!USING_GUILE_BEFORE_2_2]: New definition.
    (read_from_session_record_port, write_to_session_record_port)
    (make_session_record_port) [!USING_GUILE_BEFORE_2_2]: New functions.
    Conditionalize the other same-named functions on
    USING_GUILE_BEFORE_2_2.
    (scm_init_gnutls_session_record_port_type): Use
    'read_from_session_record_port' when !USING_GUILE_BEFORE_2_2.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Wed Oct 5 14:30:32 2016 +0200

    guile: Test 'set-session-transport-fd!'.
    
    * guile/tests/session-record-port.scm: Use 'set-session-transport-fd!'
    on the server side.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Wed Oct 5 14:30:31 2016 +0200

    guile: Guile 2.x 'uniform-vector-read!' replacement returns 0 upon EOF.
    
    This problem was never hit in practice because our tests always got the
    non-EOF case.
    
    * guile/modules/gnutls/build/tests.scm (uniform-vector-read!) [guile-2]:
    Return 0 upon EOF.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 5 10:01:20 2016 +0200

    win32: install the .def files in libdir instead of bindir
    
    Suggested by Eli Zaretskii.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 5 08:48:57 2016 +0200

    certtool: include arpa/inet.h unconditionally
    
    That is because we use inet_pton() which is either provided by the
    OS, or by gnulib.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 5 08:46:08 2016 +0200

    gnutls-cli: fix compilation warning in win32

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 5 08:44:05 2016 +0200

    Fixed the version in libgnutls-openssl.def file
    
    Previously the version set in that file would have
    been (incorrectly) equal to the version of the main library.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 5 08:34:51 2016 +0200

    tests: avoid using %zd for formatted output
    
    It is not supported by windows.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 4 16:20:44 2016 +0200

    tests: skip tests which depend on libidn functionality if build without libidn

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 4 15:55:08 2016 +0200

    tests: fixed compilation of pkcs11-privkey-always-auth

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 4 15:10:22 2016 +0200

    Fix build of system/keys-win.c with older mingw
    
    Patch by Eli Zaretskii <eliz@gnu>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 3 14:48:49 2016 +0200

    tests: introduced further parallelization in provable* tests
    
    This runs independent verification steps in parallel, improving running time significantly.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 3 14:40:06 2016 +0200

    tests: provable-dh-default check is too slow and is only run when the complete suite is requested

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 3 14:25:06 2016 +0200

    tests: split provable-privkey into multiple checks
    
    This allows the tests to be run in parallel.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 3 14:17:52 2016 +0200

    tests: provable-dh was split into two programs
    
    This allows the test to be run more efficiently when run
    in parallel.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 30 16:48:54 2016 +0200

    .gitlab-ci.yml: do not run the full test suite on valgrind test
    
    This allows the CI test to run on reasonable time.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 30 14:16:01 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 26 13:00:36 2016 +0200

    more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 30 13:08:53 2016 +0200

    devel/openssl: updated to 1.1.0 release

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 29 15:41:23 2016 +0200

    aarch64: added optimized AES-CCM mode

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Sep 27 21:43:05 2016 +0200

    Imported Andy Polyakov's implementation of AES-GCM in aarch64

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 26 11:55:37 2016 +0200

    Imported Andy Polyakov's implementation of AES in aarch64

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 29 13:36:55 2016 +0200

    Added HMAC-SHA* optimizations for aarch64

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 23 14:55:37 2016 +0200

    Imported Andy Polyakov's implementations for SHA* in aarch64

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 3 12:53:43 2016 +0200

    fix zero-termination in _gnutls_server_name_set_raw() for large server names

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 3 12:56:07 2016 +0200

    _gnutls_check_id_for_change: added check for NULL username
    
    This is not required, but may prevent from issues if code-reorganizations
    which may set a NULL username, occur.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 3 12:58:17 2016 +0200

    gnutls_*_crt_print: better error checking

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 3 10:29:29 2016 +0200

    tests: added test for CKA_ALWAYS_AUTHENTICATE handling in PKCS#11
    
    This checks whether GnuTLS properly calls login prior to any sign
    operations when the object is marked as CKA_ALWAYS_AUTHENTICATE.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 3 11:11:55 2016 +0200

    pkcs11: improved debugging output in pkcs11_login

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 3 10:22:44 2016 +0200

    name constraints: removed unused variable

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 30 13:25:41 2016 +0200

    tools: clarify errors when reading files
    
    Previously certtool and ocsptool would report:
    ```
    $ certtool --generate-request --load-privkey=foo --outfile=bar
    Generating a PKCS #10 certificate request...
    reading --load-privkey: foo
    ```
    
    And that doesn't make apparent what the issue was. Modified
    to print:
    ```
    error reading --load-privkey: foo
    ```
    
    Report and initial patch by Thibault Nélis.
    
    Resolves !97

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Sep 28 07:41:13 2016 +0200

    p11tool: doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Sep 27 23:42:01 2016 +0200

    Removed C99 constructions in for-loops
    
    These constructions although valid for C99 they are
    being rejected by various compilers. Get rid of them.

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Sep 27 11:04:16 2016 +0200

    certtool: print correct size of EC keys
    
    Previously certtool complained about key size if --curve is given:
    
     $ certtool --generate-privkey --ecc --curve secp256r1 --outfile key.pem
     Generating a -2147483646 bit EC/ECDSA private key...
     Note that ECDSA keys with size less than 256 are not widely supported.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 27 09:51:56 2016 +0200

    p11tool: documented the p11-kit relevancy of distrust and stapled

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 27 09:39:09 2016 +0200

    pkcs11: forbid PKCS#11 extensions to be used in other than trust modules
    
    That is, only use the CKA_X_DISTRUSTED and the extension override in
    p11-kit trust modules, to avoid conflicts with potentially other
    PKCS#11 extensions.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 27 11:46:24 2016 +0200

    .gitlab-ci.yml: enabled valgrind tests build

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 27 11:44:16 2016 +0200

    tests: allow handshake-large-packet to run under valgrind
    
    That is, initialize the allocated buffers with a known value.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 26 14:24:31 2016 +0200

    p11tool: introduced the --mark-distrusted and --distrusted options
    
    This allows to mark objects as distrusted, as well as list all
    distrusted certificates (blacklisted) for a p11-kit trust module as:
    p11tool --list-all-certs --distrusted

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 26 14:23:24 2016 +0200

    pkcs11: introduced flag GNUTLS_PKCS11_OBJ_FLAG_MARK_DISTRUSTED
    
    This allows to mark objects as distrusted, as well as to be
    able to list distrusted objects.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 26 14:00:32 2016 +0200

    pkcs11: only staple extensions from a trust module when they are from a non-distrusted certificate
    
    That is, make sure that the API for stapling extensions is only used
    for non-distrusted (blacklisted) certificates. The reason is to avoid
    duplicate extension entries from the p11-kit trust database. These
    come from blacklisted certificates, and we have no reason to support
    stapled extensions with blacklisted certificates.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 26 13:47:19 2016 +0200

    p11tool: allow to export a certificate with its stapled extensions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 26 08:12:52 2016 +0200

    gnutls_oid_to_ecc_curve: fix null pointer dereference
    
    This addresses issue where an unknown curve would cause a
    null pointer dereference. This was introduced with the addition
    of X25519. Reported by Theofilos Petsios.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 23 16:01:07 2016 +0200

    Only send the status request extension on cert authentication
    
    That is, do not both asking for it, or replying to it, if we are
    not using any certificates.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 22 14:49:57 2016 +0200

    gdoc: improved the detection and display of escaped characters (@%)
    
    This allows to properly display strings like %COMPAT and @SYSTEM
    in the manual and the manpages.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 22 13:46:19 2016 +0200

    doc: gnutls_priority_init: fixed %COMPAT [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 22 12:08:45 2016 +0200

    .gitlab-ci.yml: corrected debian build's dependency

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 22 11:07:45 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 21 17:59:18 2016 +0200

    On client side allow signing with the signature algorithm of our cert
    
    That allows to sign for example with DSA-SHA1 as client even if we do not
    allow DSA-SHA1 as signature algorithm for server's certificate. This allows
    to use a deprecated certificate without enabling deprecated algorithms
    globally.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 22 11:01:22 2016 +0200

    _gnutls_session_get_sign_algo: always return GNUTLS_SIGN_UNKNOWN on failure

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 22 10:35:13 2016 +0200

    tests: added check for server-side ECDSA keys
    
    These tests check whether a server ECDSA key will be rejected by
    the client in case the client has no ECDSA signature algorithms
    available.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 22 09:54:12 2016 +0200

    tests: added check for client-side DSA key
    
    This checks whether a client can use and send a DSA key, even
    if DSA is not enabled (which should prohibit the server from providing
    a DSA certificate).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 22 09:21:06 2016 +0200

    certtool: do not require a certificate to generate a PKCS#12 file
    
    That is, allow generating PKCS#12 files with private keys only as well.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Sep 20 09:00:23 2016 +0200

    .gitlab-ci.yml: added debian build

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 20 14:31:12 2016 +0200

    README.md: depend on softhsm2 and net-tools on debian

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 19 15:36:21 2016 +0200

    tests: mini-server-name: skip invalid UTF-8 check if compiled without libidn
    
    This allows the test suite to run in systems without libidn. Reported
    by Thomas Klausner.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 19 14:55:24 2016 +0200

    tests: added the macros test_fail() and test_success()
    
    These macros allow test programs which run multiple checks,
    to report the name of the check failed. Modified mini-server-name
    and x509-dn-decode to use the macro.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 19 18:55:59 2016 +0200

    cfg.mk: removed invalid rule in web target

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 19 14:24:10 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 19 14:12:56 2016 +0200

    added debugging message when session fails due to handshake hash buffer

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 19 08:02:14 2016 +0200

    tests: check whether large packets are allowed on the handshake

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 19 08:01:24 2016 +0200

    Do not allow sending overflowed extensions field
    
    That is, restrict the extensions to a 2^16 total size.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 19 07:42:41 2016 +0200

    tests: minor improvements in mini-extension
    
    This will improve recovery from error conditions.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 16 13:12:50 2016 +0200

    Increased the maximum size allowed for handshake messages to 128kb
    
    This would allow the library to cope with larger packets, as well
    as TLS 1.3 hellos. Suggested by Hubert Kario.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 17 12:52:41 2016 +0200

    tests: added check for insecure key
    
    That is, a check which verified whether a connection to a server with
    a very small key will fail the certificate verification check.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 17 11:43:45 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 17 11:31:29 2016 +0200

    Introduced separate error codes for invalid private and public keys
    
    This allows functions like decryption and verification to report
    the specific issue they encountered on public key error.
    The new codes are GNUTLS_E_PK_INVALID_PUBKEY and GNUTLS_E_PK_INVALID_PRIVKEY

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 15 16:50:26 2016 +0200

    .gitlab-ci.yml: no longer require gnutls-devel
    
    This package is no longer needed to run abi-check.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 15 16:49:37 2016 +0200

    Makefile: abi-check no longer require gnutls headers to be installed
    
    This addresses the issue of requiring gnutls-devel in the CI system
    to run abi-check.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 13 15:17:29 2016 +0200

    doc: remove the conditional self_test functions
    
    Also prevent them by re-entering the documented functions list
    by restricting the header files that contribute functions to the
    known list defined by $(HEADER_FILES).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 13 10:37:54 2016 +0200

    Makefile.am: introduced 'make files-update' rule
    
    This rule updates the makefiles in doc/ and the kept symbol list.
    This allows for easier automation of the symbol change 'make dist'
    breakages.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 13 10:33:00 2016 +0200

    manpages: delete comparison temp file

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 13 10:30:09 2016 +0200

    Makefile.am: symbol changes were made more elaborate
    
    During make dist, the makefile will report the appropriate
    symbol change message with instructions and fail.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 13 10:02:48 2016 +0200

    updated doc and symbol files for gnutls_certificate_set_ocsp_status_request_function2

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 13 10:00:42 2016 +0200

    Makefile.am: print the symbols.last diff on make dist
    
    This allows to manually verify the contents before overriding
    the old file.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 12 17:23:07 2016 +0200

    doc: allow creation of gnutls.epub without running epub-fix

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 12 15:50:52 2016 +0200

    .gitlab-ci.yml: use nproc as argument to 'make -j'
    
    That way, we use as many make processes, as the number of
    CPUs in the CI system.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 12 15:31:13 2016 +0200

    .gitlab-ci.yml: added build which runs 'make dist'
    
    This tests whether the manpages, info, html, pdf and epub
    manual are properly generated, and whether any new functions
    were included into makefiles.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 12 15:30:07 2016 +0200

    doc: fixed the epub documentation generation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Sep 13 20:18:03 2016 +0200

    gnutls_certificate_set_ocsp_status_request_file: mention version it was enhanced

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Sep 13 20:11:28 2016 +0200

    doc: corrected typo

Author: Alex Monk <krenair@gmail.com>
Date:   Mon Sep 12 18:24:49 2016 +0100

    Add ECDHE-* to the priority string docs for key exchange algorithms
    
    GNUTLS_KX_ECDHE_PSK was added in 2.99.3 (released 2011-06-18)
    The other two were added in 2.99.2 (released 2011-05-26)
    
    Signed-off-by: Alex Monk <krenair@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 13 08:54:42 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 13 08:49:10 2016 +0200

    .gitlab-ci.yml: added check for position dependent code

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 13 08:46:51 2016 +0200

    Makefile.am: added check for position dependent code
    
    This check will verify that the generated library doesn't contain
    position dependent code. It depends on elf utilities.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 13 08:38:36 2016 +0200

    openssl asm: reverted to AESNI-x86 code to gnutls 3.4.x code
    
    The newer code was creating position dependent code.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 12 11:59:37 2016 +0200

    tests: added checks to verify server understanding of UTF8 hostnames
    
    This verifies whether a server can understand and serve requests
    which contain UTF-8 server names.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 12 11:51:07 2016 +0200

    tests: set_key: fixed the time override

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 12 11:23:25 2016 +0200

    tests: set_key: enabled failure_mode test
    
    Also eliminated memory leaks related to it.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 10 10:50:43 2016 +0200

    Added IDNA support in server side
    
    Any server names provided to server side by the gnutls_certificate_set_*
    functions, are converted to IDNA format for comparison with client provided
    values.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 12 10:52:18 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 12 10:48:10 2016 +0200

    .gitlab-ci.yml: restrict the freebsd builds to local branches only

Author: Alex Monk <krenair@gmail.com>
Date:   Sun Sep 11 22:10:14 2016 +0100

    Add SIGN-ECDSA-SHA* to the priority strings docs
    
    There were added in version 2.99.2, 2011-05-26
    
    Signed-off-by: Alex Monk <krenair@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 12 10:22:37 2016 +0200

    gnutls_certificate_set_*key: ensure proper cleanup on key mismatch failures
    
    That is, ensure that we keep no local references that are shared with
    the caller, and that we properly free all initialized values.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 12 10:23:48 2016 +0200

    tests: check key mismatch on gnutls_certificate_set_*key
    
    That is, check whether these functions can successfully
    recover from such condition, without leaks or double freeing.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 8 15:32:06 2016 +0200

    tests: added unit testing for gnutls_certificate_set_ocsp_status_request_function2

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 8 15:14:37 2016 +0200

    tests: added unit tests for gnutls_certificate_set_x509_key()
    
    In addition these tests verify that the expected index is returned
    and that can be used with gnutls_certificate_get_crt_raw() afterwards.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 8 15:03:00 2016 +0200

    tests: enhanced set_x509_key tests to include index verification
    
    That is, verify that correct indexes are returned, and these
    can be used with gnutls_certificate_get_crt_raw() afterwards.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 8 13:48:30 2016 +0200

    tests: enhanced set_x509_key_file tests to include index verification
    
    That is, verify that correct indexes are returned, and these
    can be used with gnutls_certificate_get_crt_raw() afterwards.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 7 17:55:38 2016 +0200

    tests: more checks for functionality of gnutls_certificate_set_ocsp_status_request_file
    
    This introduces checks for the cases where gnutls_certificate_set_ocsp_status_request_file()
    is called with multiple indexes, to set an OCSP response for different
    certificates. The tests then verify whether the expected OCSP response
    is received.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 7 14:49:35 2016 +0200

    Added gnutls_certificate_set_ocsp_status_request_function2
    
    That introduces a new function to allow setting an OCSP status
    request handling function per certificate. Furthermore it repurposes
    the flag parameters to an index option on gnutls_certificate_set_ocsp_status_request_file.
    
    The changes above allow setting a different OCSP status response
    file per certificate, and a different function. The indexes they
    rely on to associate with existing certs are the indexes returned
    by the gnutls_certificate_set_key() and friends functions.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 7 13:38:19 2016 +0200

    All the key and chain set functions return an index
    
    When setting key and certificate material to a gnutls_certificate_credentials_t
    structure, the corresponding set functions will return an index.
    That index could be used later either on the get functions, or
    when setting corresponding data (e.g., an OCSP response).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 7 13:29:54 2016 +0200

    doc: clarifications in gnutls_certificate_set_ocsp_status_request_function()

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun Sep 11 16:00:57 2016 +0200

    Typo fixes found by lintian.
    
    incosistent, ommited

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 20:24:43 2016 +0200

    .gitlab-ci.yml: added code-coverage output to clang build

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 19:40:25 2016 +0200

    .gitlab-ci.yml: the code-coverage command will always succeed
    
    This works around random failures while calculating the code coverage.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 19:37:45 2016 +0200

    .gitlab-ci.yml: moved commonly installed packages into the before_script field

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 12:57:04 2016 +0200

    .gitlab-ci.yml: added syntax check build

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 12:51:11 2016 +0200

    cfg.mk: revived 'make release'

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 12:21:59 2016 +0200

    several spacing fixes to keep syntax-check happy

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 11:51:37 2016 +0200

    avoid the usage of '-a' and '-o' bash options
    
    This keeps syntax-check happy.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 11:44:58 2016 +0200

    avoid the usage of strncpy

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 11:40:51 2016 +0200

    removed signal.h from files that wasn't used at

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 11:38:35 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 11:38:08 2016 +0200

    gnutls_x509_cidr_to_rfc5280: removed double semi-colon

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 11:37:32 2016 +0200

    removed c-ctype.h from files that wasn't used at

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 11:36:27 2016 +0200

    configure.ac: quote parameters when needed

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 11:35:51 2016 +0200

    removed assert.h from files that wasn't used at

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 11:34:53 2016 +0200

    POTFILES: added libdane files

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 11:25:15 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 11 11:23:15 2016 +0200

    tests/tools: avoid non-null check before free()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 10 23:02:13 2016 +0200

    latex manual: added backwards compatibility options

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 10 11:04:51 2016 +0200

    .gitlab-ci.yml: windows DLL builds now include all required dependencies
    
    Also improved naming conventions for builds

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 10 07:49:59 2016 +0200

    inet_ntop4: casted signed/unsigned comparison

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 10 07:48:22 2016 +0200

    system.h: undefine macros before defining them

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 10 07:44:21 2016 +0200

    _gnutls_fbase64_decode: use memsub macro instead of casts

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 9 15:04:52 2016 +0200

    gnutls-cli: use gnutls_set_default_priority if no priorities are given

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 9 15:01:05 2016 +0200

    gnutls-serv: removed '...' from documentation
    
    That caused caused problems in generated manpage.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 9 13:59:05 2016 +0200

    configure: better document the random generator variant used

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Sep 8 07:30:33 2016 +0200

    released 3.5.4

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Sep 7 22:44:08 2016 +0200

    .gitlab-ci.yml: corrected wrong operation in minimal build

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Sep 7 22:25:47 2016 +0200

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Sep 7 22:20:10 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 7 13:17:56 2016 +0200

    bumped versions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 7 13:16:41 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 7 09:30:18 2016 +0200

    tests: do not run pkcs12-utf8 under windows
    
    This test required to pass UTF8 data under command line, and that
    doesn't seem to work under windows.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Sep 7 08:45:24 2016 +0200

    _gnutls_ucs2_to_utf8: corrected use of WideCharToMultiByte in windows

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 6 18:45:17 2016 +0200

    tests: added debugging info in conv-utf8

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 6 16:45:19 2016 +0200

    tests: don't build cmocka tests with libutils - they conflict

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 6 15:58:59 2016 +0200

    .gitlab-ci.yml: keep config.log in windows builds

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 6 15:14:01 2016 +0200

    .gitlab-ci.yml: corrected typo for libidn installation in windows64

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 6 14:52:54 2016 +0200

    .gitlab-ci.yml: install our internal cmocka for windows

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 6 13:18:10 2016 +0200

    tests: added unit tests of _gnutls_utf8_to_ucs2 and _gnutls_ucs2_to_utf8

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 6 11:40:36 2016 +0200

    libgnutls.map: export _gnutls_utf8_to_ucs2 and _gnutls_ucs2_to_utf8 for testing

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 26 14:49:07 2016 +0200

    pkcs12: enhanced to allow encrypting using UCS2 passwords
    
    That is use _gnutls_utf8_to_ucs2() to convert the provided
    password to UCS2.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 26 15:56:19 2016 +0200

    _gnutls_ucs2_to_utf8: fixed null termination check in windows code

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 26 14:48:24 2016 +0200

    Added _gnutls_utf8_to_ucs2()
    
    This function allows to convert between UTF8 to UCS2 big-endian.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 26 14:23:13 2016 +0200

    tests: added tests for PKCS#12 decoding with UTF8 passwords

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 26 14:34:07 2016 +0200

    pkcs7 encryption: corrected memory leaks

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 6 14:54:30 2016 +0200

    Makefile: local-code-coverage-output always succeeds

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Fri Sep 2 10:30:54 2016 +0200

    x509: Adjust IP name constraints behavior
    
    - Modified IPv4/IPv6 interaction in name constraints -- IPv4 and IPv6 no have empty intersection (previously: were treated independently).
    - Current behavior is more conservative -- in case of IPv4 constraint cert, subcerts will not be able to have IPv6 addresses.
    - Tests updated accordingly.
    - Behavior now matches NSS.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 6 09:05:59 2016 +0200

    tests: added checks to verify behavior in writing pkcs11 objects
    
    That is, verify that private keys are marked as private by default,
    and public objects are marked as non-private by default.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 6 09:00:20 2016 +0200

    p11tool: eliminated memory leak in --list options

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 6 08:49:01 2016 +0200

    p11tool: do not mark written objects as private by default
    
    That is, when --mark-private or --no-mark-private are not specified,
    set non-private for public objects and private for private ones.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 5 18:16:57 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 5 18:15:25 2016 +0200

    minitasn1: updated to latest git version

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 5 18:08:50 2016 +0200

    _gnutls_encode_ber_rs_raw: simplified
    
    That is, use a single allocation for temporary data.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 5 13:05:17 2016 +0200

    .gitlab-ci.yml: use fedora24 with address sanitizer
    
    The fix in fbb9618b25b77c65e24a6ce224d53bc9a0b81457 addresses
    the problems with asan in fedora24.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 5 13:01:31 2016 +0200

    tests: use LSAN_OPTIONS instead of ASAN_OPTIONS
    
    New versions of address sanitizer do not parse this file
    otherwise.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 5 09:48:24 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 5 09:41:30 2016 +0200

    tests: corrected detection of 64-bit systems in softhsm.h

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 5 09:37:51 2016 +0200

    tests: added check for PKCS#11 signature validity
    
    That is, tests whether our generated DSASignatureValue with PKCS#11
    contains r, s values that are non-negative, i.e., are zero padded
    when necessary. This utilizes _gnutls_decode_ber_rs_raw().

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 5 09:29:24 2016 +0200

    Introduced helper function _gnutls_decode_ber_rs_raw()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 3 11:39:57 2016 +0200

    _gnutls_encode_ber_rs_raw: zero-pad values when necessary
    
    This addresses issue when encoding values obtained via
    PKCS#11 which may not be necessarily padded.
    
    Resolves #122

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 3 10:23:49 2016 +0200

    tests: template-test: use uniform way to detect 32-bit systems

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 1 12:35:55 2016 +0200

    .gitlab-ci.yml: use the gitlab.com shared runners
    
    This removes the need to administer custom runners (except for
    the FreeBSD runner which cannot run under Linux), makes the
    testing on other platforms such as Debian simpler, and allows
    merge requests to pass through the CI.

Author: David Woodhouse <David.Woodhouse@intel.com>
Date:   Tue Aug 30 15:26:27 2016 +0100

    Import DTLS sliding window validation from OpenConnect ESP code
    
    In this implementation, the end of the sliding window is always advanced
    to the latest received packet, and we accept up to 64 packets before
    that one. We no longer refuse to accept packets because they are
    *too* far ahead of what we've already seen.
    
    Some of the test cases are fixed up accordingly.
    
    This matches the code in OpenConnect esp-seqno.c at commit 314ac65.

Author: Jussi Kukkonen <jussi.kukkonen@intel.com>
Date:   Wed Aug 31 11:04:06 2016 +0300

    tools: Use correct include dir with minitasn
    
    This allows compiling certtool without libtasn headers.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 29 14:16:16 2016 +0200

    nettle: removed unused variable in windows rng

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 29 13:52:24 2016 +0200

    tests: don't run danetool.sh when not compiled with dane support

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 29 13:48:04 2016 +0200

    tests: mini-dtls-record: modified expected order to account for new SW behavior

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 29 13:02:54 2016 +0200

    dtls: ensure that the DTLS window doesn't get stalled
    
    That is ensure that it is forwarded at least one place if more than 16
    packets have been received since the first one.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 29 13:25:23 2016 +0200

    tests: enhance the DTLS window unit test to account for lost packets
    
    This adds tests for cases where many lost packets are encountered,
    such as 50% of the packets received, as well as 3 consequent packets
    being lost.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 26 16:52:19 2016 +0200

    README.md: added coverage report [ci skip]

Author: David Woodhouse <dwmw2@infradead.org>
Date:   Sun Aug 28 21:42:34 2016 +0100

    gnutls_pkcs12_simple_parse: set the key value to null on failure

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 28 00:55:30 2016 +0200

    tests: added basic operational check of gnutls_ocsp_resp_get_single()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 28 00:40:49 2016 +0200

    gnutls_ocsp_resp_get_single: reorganized function to eliminate memory leaks
    
    Simplified and optimized the function operation, by removing
    unecessary memory allocations, as well as eliminate memory leaks
    on certain error cases.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 27 17:00:22 2016 +0200

    ocsp: corrected the comparison of the serial size in OCSP response
    
    Previously the OCSP certificate check wouldn't verify the serial length
    and could succeed in cases it shouldn't.
    
    Reported by Stefan Buehler.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 26 11:35:50 2016 +0200

    tools: eliminated memory leaks in deinitialization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 26 11:28:51 2016 +0200

    tools: allow socket_bye() to be used for non-polite terminations

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 26 11:14:19 2016 +0200

    tests: added suppressions.valgrind in ocsp-tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 25 15:48:03 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 25 15:46:06 2016 +0200

    tests: added check for the decoding of pbes1-des-md5 key

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 25 17:27:16 2016 +0200

    pkcs8: cleaned up PKCS#8 decoding from common code with PKCS#7

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 25 15:40:28 2016 +0200

    pkcs8: added support for decryption with PBES1-DES-CBC-MD5
    
    While this is a legacy (and insecure) cipher combination it is the
    default output of openssl up until the 1.0.2 version. We introduce
    this option to allow decrypting private keys from these versions of
    openssl.

Author: raspa0 <raspa0@protonmail.com>
Date:   Thu Aug 25 10:58:22 2016 +0200

    fix memleak in pkcs11_get_random

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 25 09:57:55 2016 +0200

    ocsptool: reduce memory leaks on execution

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 24 14:09:13 2016 +0200

    tests: enable ocsp-must-staple-connection check

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 24 16:17:20 2016 +0200

    doc: be more explicit about the usage of gnutls_global_init/deinit [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 24 14:41:33 2016 +0200

    tests: don't use piped tee in pkcs8-decode
    
    It would prevent error codes from being detected in the tests.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 24 14:04:52 2016 +0200

    ocsptool: corrected bug in session establishment

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 24 13:57:00 2016 +0200

    tests: ocsp-tls-connection: no longer check for netcat; it was not needed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 24 13:39:43 2016 +0200

    tests: added decoding of key with pbes2 and SHA256 PRF

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 24 13:32:04 2016 +0200

    Added support for decrypting PKCS#8 files which use HMAC-SHA256 as PRF
    
    This improves compatibility with new openssl versions.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 24 10:49:13 2016 +0200

    Ported openssl format fix from openconnect
    
    Patch by David Woodhouse

Author: raspa0 <raspa0@protonmail.com>
Date:   Wed Aug 24 06:15:03 2016 +0000

    src/pkcs11.c: fix mech_list out-of-bounds check

Author: Philippe Proulx <eeppeliteloop@gmail.com>
Date:   Mon Aug 15 01:13:16 2016 -0400

    gnutls_record_recv(): doc: push -> pull
    
    Signed-off-by: Philippe Proulx <eeppeliteloop@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 22 16:32:34 2016 +0200

    rnd-linux: added check for SYS_getrandom being defined
    
    This allows to compile the getrandom() code in old Linux systems
    which do not have the system call defined.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 22 16:29:09 2016 +0200

    libdane: include minitasn1 headers

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 22 17:11:53 2016 +0200

    gnutls-cli: do not exit if fast open is not supported

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 22 13:21:07 2016 +0200

    gnutls-cli: added bufferring in starttls read of packets

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 22 13:34:44 2016 +0200

    tests: added basic test of STARTTLS over FTP for gnutls-cli

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 22 09:03:41 2016 +0200

    tests: added basic starttls functionality testing on gnutls-cli

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 22 09:13:50 2016 +0200

    gnutls-cli: exit with error code 2 on starttls errors

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 22 08:57:23 2016 +0200

    tests: fixed fastopen.sh to operate from cmd

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 22 08:47:57 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 22 08:46:04 2016 +0200

    gnutls-cli: fixed the behavior when --starttls or --starttls-proto is given
    
    The change of moving the handshake process as part of the socket establishment
    broke the starttls functionality in gnutls-cli. This change fixes that functionality.
    Reported by Andreas Metzler.

Author: SUMIT AGGARWAL <aggarwal.s@samsung.com>
Date:   Fri Aug 19 11:58:39 2016 +0200

    Fix HANDLE_LEAK and memory leak issues.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 22 08:18:15 2016 +0200

    gnutls-cli: print 'Handshake was completed'
    
    The change of moving the handshake process as part of the socket
    establishment, prevented the text 'Handshake was completed' from
    being printed as part of a successful handshake. That message was
    used by applications like gnus which use gnutls-cli. This patch
    reverts that change and prints that message on successful handshakes.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 10 14:43:03 2016 +0200

    tests: openpgp-certs tests were moved to cert-tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 10 14:07:03 2016 +0200

    gnutls_key_generate: fail if the state of the library is invalid
    
    Suggested by Stephan Mueller.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 10 13:35:33 2016 +0200

    tests: mini-dtls-hello-verify: ignore SIGPIPE to avoid unexpected crashes
    
    Resolves: #119

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 9 12:00:57 2016 +0200

    gnutls_safe_renegotiation_status: changed return type to unsigned

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 9 11:12:16 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 9 10:54:09 2016 +0200

    tests: removed unused variables from tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 9 10:45:00 2016 +0200

    doc update

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Thu Jun 23 12:11:18 2016 +0200

    tests: Add tests for X509 IP constraints
    
    - Add dedicated test file name-constraints-ip for IP tests.
    - Test the following:
      * Generation and saving of valid name constraints.
      * Trying to save invalid IP constraints.
      * Reading the saved constraints.
      * constraints_check() calls for both IPv4 and IPv6.
      * IP constraints intersection (simple, empty, mediocre, complicated).
      * IPv4/IPv6 constraints interaction and various corner cases.
    - IPs/CIDRs are printed in logs in case of failure.
    - Add 2 new chain tests (positive, negative).
    - Add generated test executable to ignored files.
    
    Signed-off-by: Martin Ukrop <mukrop@redhat.com>

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Wed Jun 29 11:25:59 2016 +0200

    x509: Add support for IP constraints
    
    - IP constraints are now checked against the subject alternative
      name field.
    - Implemented IP name constraints merging.
    - Added IP constraints validity checking during loading and getting
      the name constraints object from the user.
    - Add a convenience function name_constraints_node_new that allocates
      a name constraints node and sets its fields. Use this new function
      where applicable.
    - Add documentation for is_nc_empty, _gnutls_name_constraints_node_free,
      _gnutls_name_constraints_intersect.
    - Small improvements elsewhere (polishing).
    
    Signed-off-by: Martin Ukrop <mukrop@redhat.com>

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Wed Aug 3 19:40:55 2016 +0200

    tests: Add more IP conversion unit tests
    
    - Renamed ip-in-cidr test to ip-utils.
    - Added built binary to .gitignore.
    - Added new tests for gnutls_x509_cidr_to_rfc5280.
    
    Signed-off-by: Martin Ukrop <mukrop@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 2 15:28:52 2016 +0200

    tests: added unit test for ip_in_cidr function

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Wed Jun 29 11:23:40 2016 +0200

    x509: Separate out IP handling functions
    
    - Moved IP/CIDR to string conversion functions into separate
      header and export privately for the use in tests.
    - Placed ip_in_cidr() into separate header for easy testing
    - Add publicly available function to convert text CIDR to RFC5280
      format for the use in name constraints extension.
    - certtool: Use GnuTLS exported CIDR functions instead of local ones.
    - Export mask_to_prefix, mask_ip for internal GnuTLS use.
    - Introduce new error value (malformed cidr) and add to description
      functions in errors.c.
    
    Signed-off-by: Martin Ukrop <mukrop@redhat.com>

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Thu Jun 23 12:33:15 2016 +0200

    tests: Add corner case tests for name constraints, improve doc
    
    - Added corner case test suite for DNS name constraints.
    - Documentation update in chain tests.
    
    Signed-off-by: Martin Ukrop <mukrop@redhat.com>

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Fri Jul 8 11:59:47 2016 +0200

    Add more ignored files
    
    * .tmp and .swp for text editor files
    * Makefile.user created by Qt Creator
    * gl/tests/ctype.h as it is generated from ctype.h.in
    
    Signed-off-by: Martin Ukrop <mukrop@redhat.com>

Author: Stefan Sørensen <stefan.sorensen@spectralink.com>
Date:   Mon Aug 8 13:31:18 2016 +0200

    Change ca3 and related certificate to include an intermediate CA in the chain.
    
    Also update a bunch of test-cases to support chains with an intermediate CA.
    
    Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 9 10:14:08 2016 +0200

    Revert "tests: check gnutls_certificate_get_x509_crt with more than one certificates"
    
    This reverts commit f7d884720b128ef86f6b9dc9fc498be89faf1732.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 9 09:35:03 2016 +0200

    tests: do not run srp test when no SRP support is compiled in

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 8 11:49:04 2016 +0200

    tests: moved child status error checking code in utils.h

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Aug 9 07:46:42 2016 +0200

    latex: updated sources for new functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Aug 9 07:28:27 2016 +0200

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Aug 9 07:23:36 2016 +0200

    released 3.5.3

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 8 16:30:10 2016 +0200

    gnutls_transport_set_fastopen: added flags options
    
    This will allow minor modifications to the semantics of the function
    in the future, without introducing a new API.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 8 16:22:42 2016 +0200

    doc update

Author: Stefan Sørensen <stefan.sorensen@spectralink.com>
Date:   Mon Aug 8 13:31:15 2016 +0200

    Fix gnutls_pkcs12_simple_parse to always extract the complete chain
    
    gnutls_pkcs12_simple_parse was only collecting extra certificates that was
    possible elements of the certificate chain when the extra_certs argument was
    not NULL. Fix by allways collecting all the certificates, any unneeded
    certificates are released before returning if extra_certs is NULL anyway.
    
    Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 8 16:08:29 2016 +0200

    tests: check gnutls_certificate_get_x509_crt with more than one certificates
    
    This would detect the issue in the "Fix invalid pointer operation in gnutls_certificate_get_x509_crt"

Author: Stefan Sørensen <stefan.sorensen@spectralink.com>
Date:   Mon Aug 8 13:31:17 2016 +0200

    tests: Use common ca3 test certificates in x509cert, x509dn and x509self tests.
    
    Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>

Author: Stefan Sørensen <stefan.sorensen@spectralink.com>
Date:   Mon Aug 8 13:31:16 2016 +0200

    tests: Remove zero-termination of gnutls_datum encapsulated certificates
    
    This allows for memcmp comparison with certificates after processing.
    
    Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>

Author: Stefan Sørensen <stefan.sorensen@spectralink.com>
Date:   Mon Aug 8 13:31:14 2016 +0200

    Fix invalid pointer operation in gnutls_certificate_get_x509_crt
    
    The access to the allocated crt_list variable was missing a pointer
    dereference, leading to memory corruption for any certificate list with more
    than one element.
    
    Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 7 12:56:21 2016 +0200

    tests: added check for errors when importing illegal RSA keys

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 7 12:45:03 2016 +0200

    x509: call the fixup functions after loading private keys
    
    That way we can better report errors which relate to illegal
    parameters being detected.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 7 12:06:39 2016 +0200

    nettle: use rsa_*_key_prepare on key import
    
    Previously we calculated the size of the key directly, but
    by using the rsa_*_key_prepare we benefit from any checks that
    may be introduced in the future. Specifically any checks for invalid
    public keys (e.g., keys that may crash the underlying gmp functions).
    
    This patch avoids calling rsa_private_key_prepare every time we construct
    a nettle private key struct, because this function requires a bigint
    multiplication. We call that function once on private key import.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 7 11:53:19 2016 +0200

    tests: added missing backslash in key-tests Makefile

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 8 08:25:31 2016 +0200

    Revert "nettle: use rsa_*_key_prepare"
    
    This reverts commit c801a15bca9ea8f3f7abd4be48bebd36c54eeba2.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 7 11:41:47 2016 +0200

    gnutls.h: moved all compatibility defines outside the enum

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 7 11:31:36 2016 +0200

    prepared for release 3.5.3

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 5 15:55:47 2016 +0200

    tests: use gnutls_record_set_timeout instead of kill child processes
    
    That way we avoid issues like #118 which are caused by killing the child
    process, and we also avoid deadlocks by making sure that recv will terminate
    after a long delay.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 5 15:52:17 2016 +0200

    tests: mini-record modify in a way to be more fail safe
    
    That is, do not kill the child, but instead switch the roles of
    child and parent, and add a timeout on recv to avoid infinite delays.
    
    Relates: #118

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 5 15:20:48 2016 +0200

    pkcs11: is_object_pkcs11_url -> is_pkcs11_url_object
    
    Renamed function for clarity.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 5 09:46:14 2016 +0200

    tests: ignore sigpipe in mini-record

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 5 09:30:14 2016 +0200

    gnutls_fips140_mode_enabled: changed return type to unsigned

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 4 13:58:54 2016 +0200

    doc: updated contribution guide with more info on test suite [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 4 10:22:50 2016 +0200

    gnutls_pkcs11_privkey_status: return type changed to unsigned

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 4 09:57:04 2016 +0200

    doc: added section on SCTP protocol [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 2 13:46:05 2016 +0200

    tests: client-fastopen: removed seccomp conditional

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 2 13:34:18 2016 +0200

    fastopen: improved error checking at connect()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 1 10:48:46 2016 +0200

    nettle: use rsa_*_key_prepare
    
    Previously we calculated the size of the key directly, but
    by using the rsa_*_key_prepare we benefit from any checks that
    may be introduced in the future. Specifically any checks for invalid
    public keys (e.g., keys that may crash the underlying gmp functions).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 29 15:00:06 2016 +0200

    gnutls_transport_set_fastopen: doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 29 13:47:27 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 29 12:19:25 2016 +0200

    getrandom: use SYS_getrandom instead of __NR_getrandom
    
    These are identical definitions, but according to syscall()
    SYS_getrandom is the expected value.

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Wed Jul 27 15:41:08 2016 +0200

    x059: Fix asymmetry in name constraints intersection
    
    - In _gnutls_name_constraints_intersect, if *_nc had a node of some type not present in _nc2, this was preserved. However, if it was vice versa (_nc2 having a type not present in *_nc), this node was discarded.
    - This is now fixed.
    - Removed redundant return value check that was accidentally left when refactoring from set_datum to explicit NULL setting.
    
    Signed-off-by: Martin Ukrop <mukrop@redhat.com>

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Tue Jul 26 17:44:53 2016 +0200

    tests: Add and improve chain tests
    
    - Add a new chaintest testing the symmetry of merging name constraints of different types.
    - Rename old name_constraints_but_no_name test to match other name constraints tests.
    - Improve chain description of older name constraints tests.
    
    Signed-off-by: Martin Ukrop <mukrop@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 14:34:15 2016 +0200

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 13:41:11 2016 +0200

    configure: do not generate makefiles in removed dirs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 13:37:31 2016 +0200

    tests: updated paths for new location of p12 files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 13:34:34 2016 +0200

    tests: safe renegotiation tests are run from top dir

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 13:30:18 2016 +0200

    tests: srp tests moved outside subdir

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 13:24:55 2016 +0200

    tests: moved sha2 tests into cert-tests/

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 13:20:25 2016 +0200

    tests: moved ecdsa tests to key-tests/

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 13:13:39 2016 +0200

    tests: moved dsa tests into key-tests/

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 13:08:57 2016 +0200

    tests: moved pkcs8 tests to key-tests/

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 13:04:31 2016 +0200

    tests: key-tests: moved data files into data/ subdir

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 12:59:33 2016 +0200

    tests: moved pkcs12 tests into cert-certs/ subdir

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 11:23:43 2016 +0200

    more files to ignore

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Jul 28 09:55:27 2016 +0200

    Require compiler to support C99

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 13:59:26 2016 +0200

    doc update

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Sat Jul 9 13:03:55 2016 +0200

    Add test for gnutls_x509_crt_list_import2 with flag GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED.

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Sat Jul 9 12:24:33 2016 +0200

    gnutls_x509_crl_list_import2 was ignoring the passed flags if all CTLs in the list fit within the initially allocated memory.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 10:51:40 2016 +0200

    gnutls_certificate_get_peers may return an unsorted list

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Sat Jul 9 11:53:52 2016 +0200

    gnutls_x509_crt_list_import2 was ignoring the passed flags if all certificates in the list fit within the initially allocated memory.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 10:37:00 2016 +0200

    x509: parse_tlsfeatures: move limit check at the point of addition
    
    This prevents appending failures when verifying chains on certificates
    which use the maximum allowed number of features. Suggested by Tim
    Kosse.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 10:33:06 2016 +0200

    tests: removed irrelevant comment

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 10:31:25 2016 +0200

    correct the sign type of integers in debug message
    
    Suggested by Tim Kosse

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 10:29:18 2016 +0200

    verify_crt: simplified error setting
    
    based on suggestion by Tim Kosse.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 28 10:12:46 2016 +0200

    verify_crt: removed text on parameter no longer being present

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jul 27 23:36:20 2016 +0200

    x509: avoid using int declaration within a for-loop
    
    This addresses compilation problem with old compilers,
    and brings consistency as this type of declaration is not
    used in gnutls' code.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jul 27 23:32:28 2016 +0200

    gnutls_global_init/deinit: don't use any locking during constructor
    
    This ensures that there is no deadlock on unexpected errors, such
    as missing symbols (e.g., on lazy linking). Reported by Ludovic Courtès.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jul 27 23:27:07 2016 +0200

    rnd-linux: use better define check for linux systems

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 27 13:10:28 2016 +0200

    gnutls_prf: document when its output matches gnutls_prf_rfc5705

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 27 11:05:59 2016 +0200

    doc: gnutls_session_set_id: added since

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 27 10:38:47 2016 +0200

    .gitlab-ci.yml: keep the guile logs as artifacts on test suite failure

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 27 09:20:52 2016 +0200

    doc update

Author: David Walker <david.walker@vcatechnology.com>
Date:   Wed Jul 20 12:43:26 2016 +0100

    Add extra dependency flags
    
    This fixes the build when the dependencies are split up during a cross-compile
    
    Resolves: #113

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 15:14:33 2016 +0200

    moved system-keys-win.c and system-key-dummy.c under system/

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 25 15:47:19 2016 +0200

    split system.c to various files under system/

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 25 16:26:39 2016 +0200

    gnutls.h: giovec_t is a typedef to iovec where that is available

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 13:37:43 2016 +0200

    tests: added unit test for linux _rnd_get_system_entropy
    
    This tests whether the function can operate as expected while being
    interrupted by signals.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 12:03:54 2016 +0200

    getrandom: loop around getrandom to get the requested number of bytes
    
    This simplifies and enhanced the previous error handling code.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 11:45:30 2016 +0200

    README.ci-runners: document asan and ubsan tags

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 15:17:35 2016 +0200

    tests: removed pkcs1-padding from subdirs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 15:10:49 2016 +0200

    .gitignore: more tests files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 14:59:34 2016 +0200

    configure.ac: don't generate makefiles of moved tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 14:57:44 2016 +0200

    tests: pkcs1-pad: moved to cert-tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 14:55:25 2016 +0200

    tests: userid test moved to cert-tests/

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 14:51:59 2016 +0200

    tests: rsa-md5-collision: run from top-level

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 14:29:45 2016 +0200

    doc: updated documentation for gnutls_transport_set_int*

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 13:59:04 2016 +0200

    doc: added section on reducing round-trips
    
    That discusses TCP fast open with gnutls_transport_set_fastopen(), and false start.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 11:38:32 2016 +0200

    tests: added test of gnutls_transport_set_fastopen

Author: Tim Ruehsen <tim.ruehsen@gmx.de>
Date:   Mon Jul 25 13:05:30 2016 +0200

    tests: added test of TCP fast open using gnutls-cli and gnutls-serv

Author: Tim Ruehsen <tim.ruehsen@gmx.de>
Date:   Mon Jul 25 13:08:28 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 10:33:24 2016 +0200

    tools: TLS handling has been incorporated into socket_open()
    
    This is of particular usage to the server IP address loop, since
    we can detect fast open errors and retry handshake to the next IP
    address.

Author: Tim Ruehsen <tim.ruehsen@gmx.de>
Date:   Mon Jul 25 13:04:11 2016 +0200

    gnutls-cli: added example usage of TCP fastopen
    
    It is enabled with the new --fastopen option.

Author: Tim Ruehsen <tim.ruehsen@gmx.de>
Date:   Mon Jul 25 13:00:12 2016 +0200

    Support TCP Fast Open
    
    This introduces a new function gnutls_transport_set_fastopen().
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
    Signed-off-by: Tim Ruehsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 11:09:56 2016 +0200

    .gitlab-ci.yml: added asan tag for builds which require asan

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 26 11:08:12 2016 +0200

    tests: pkcs11-privkey-fork: added explicit pkcs11 deinitialization
    
    Also ignore known leaks for p11-kit.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 25 11:43:08 2016 +0200

    mention ubsan in README [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jul 21 20:14:39 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 22 14:11:25 2016 +0200

    tests: added checks for OCSP response file support
    
    That is, check the usability of the APIs for setting and using
    an ocsp response. This improves and makes more generic the
    test suite API and test_cli_serv() in particular.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 22 15:36:55 2016 +0200

    dtls: added a null pointer check in record_overhead
    
    According to my reading this check is unnecessary as in
    no case a null pointer can be encountered. However gcc6
    warns about a null pointer derefence and thus adding it,
    to be safe.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 22 14:43:49 2016 +0200

    gnutls_x509_crt_check_hostname*: use unsigned a return value
    
    This is to prevent issues to callers who may check for negative
    error values.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 22 11:17:08 2016 +0200

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 22 11:08:32 2016 +0200

    introduced: GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE
    
    This error code is returned when the session resumption parameters
    are requested during a handshake. That is, to increase the clarity
    when requesting these parameters while false start is active and
    the handshake is not complete even if gnutls_handshake() has returned.
    
    Relates #114

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 21 18:58:24 2016 +0200

    tests: added check of the return values of resumption data functions during false start
    
    Relates #114

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 22 10:57:37 2016 +0200

    doc: mention that the session data functions will fail prior to handshake completion

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Wed Jul 20 14:52:00 2016 +0200

    x509: Fix DNS name constraints checking
    
    - If the intersection of name constraints of the given type was empty, the results allowed all names instead of none.
    - Fixed by adding an universal excluded name constraint in case the intersection for the particular type is empty.
    - Moved the logic of creating a name constraint node copy from _gnutls_name_constraints_intersect to name_constraints_intersect_nodes (previously name_constraints_match), as intersecting IP addresses will require further processing (not just taking one of the compared nodes as was the implementation till now).
    - GNUTLS_SAN_MAX added in order to comfortably iterate over SAN type enum.

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Wed Jul 20 14:29:40 2016 +0200

    tests: Add DNS name constraints tests
    
    - One chaintest with empty permitted intersection.
    - Merge testset with 2 permitted constraints with empty intersection (intersected list is completely empty).
    - Merge testset with 3 permitted constraints, 2 of which have empty intersection.
    - Merge testset with 2 permitted constraints with empty intersection and one constraints of different type that remains (intersected list is not empty).
    - Enhance failing function with suite number for easier comprehension.

Author: Martin Ukrop <mukrop@redhat.com>
Date:   Wed Jul 20 14:28:20 2016 +0200

    tests: Tidy up old X509 name constraints tests
    
    - Use convenience functions for error checking and failure reporting.
    - Drop explicit (de)initialization (prevents some not reed reachable memory due to PKCS11 subsystem not being deinitialized in the destructor).
    - Use variables to count set permitted/excluded constraints instead of hard-coded numbers.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 21 16:07:56 2016 +0200

    doc: clarify return codes in verification functions [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 21 16:02:42 2016 +0200

    gnutls_certificate_verify_peers2: document that hostname comparison follows RFC6125

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 21 11:53:46 2016 +0200

    rnd-getentropy: better handling of error printing with errno

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 21 11:51:05 2016 +0200

    rnd-linux: make getrandom back-end robust against EINTR failures

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 20 13:36:38 2016 +0200

    gnutls_init: doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 20 13:31:18 2016 +0200

    tests: verify that GNUTLS_NONBLOCK is available as a definition

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 20 13:23:16 2016 +0200

    gnutls.h: define elements of gnutls_init_flags_t
    
    That is, define all the elements that were available prior
    the move from #define to enum, to allow code relying on

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 20 13:07:44 2016 +0200

    gnutls.h: documented the version various gnutls_init flags were introduced

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 20 11:27:35 2016 +0200

    Moved the gnutls_x509_dn API functions to x509_dn.c

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 19 15:12:13 2016 +0200

    tests: enhanced DN decoding tests with complex encoding

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 19 14:43:52 2016 +0200

    RFC4514 DN decoding: allow decoding of raw ('#') items
    
    In addition allow escaping prefix or suffix spaces as well as
    the hash.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 19 14:21:16 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 19 14:10:08 2016 +0200

    tests: enhanced DN decoding tests with encoding
    
    This adds unit tests for gnutls_x509_dn_set_str().

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 19 14:09:06 2016 +0200

    Added gnutls_x509_dn_set_str()
    
    This allows initializing a gnutls_x509_dn_t structure via a DN string.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 19 13:45:08 2016 +0200

    tests: utils: use vasprintf() where available
    
    This allows printing long strings.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 19 13:35:13 2016 +0200

    tests: added checks for the RFC4514 decoding via gnutls_x509_dn_get_str()

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Jul 19 12:08:23 2016 +0200

    Remove redundant if expression from tests/mini-loss-time.c

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Jul 19 11:08:10 2016 +0200

    Fix tests/slow/cipher-openssl-compat.c for OpenSSL 1.1.0

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 18 18:02:25 2016 +0200

    cfg.mk: no longer save config.rpath

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 18 16:36:27 2016 +0200

    removed auto-generated files from the repository

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 17 09:37:22 2016 +0200

    tests: removed an skipped failures due to bugs in softhsm 2.0.0
    
    These are no longer an issue as the CI has been updated to softhsm
    2.1.0, which addresses them, and they prevented catching the
    GNUTLS-SA-2016-2 regression.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 16 18:12:27 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 16 17:19:02 2016 +0200

    Dropped support for EGD random generator
    
    This removes rarely tested code for systems which no longer exist
    and simplifies code for Linux random generator.
    
    Resolves #112

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 15 21:55:04 2016 +0200

    configure: prevent a version of getentropy() in a linux libc to be used
    
    For now, we auto-detect and switch between getrandom() and /dev/urandom
    when the former is not available. With the complexity of dealing with
    libc's that have the feature but kernel not supporting it, or vice versa
    it is best keep things simple.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 15 21:38:02 2016 +0200

    rnd-linux: added sanity check in getrandom output

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 15 18:57:01 2016 +0200

    nettle: split the rnd-common to rnd-windows, rnd-getentropy, and rnd-linux
    
    That is, to the windows random generator as well as the getentropy()
    generator in BSDs, as well as the getrandom(), /dev/urandom,
    and EGD generators on Linux systems.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 15 18:51:14 2016 +0200

    rnd-common: added faster detection of getrandom based on GRND_NONBLOCK

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 15 15:31:16 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 15 14:58:07 2016 +0200

    urandom: use st_ino and st_rdev to determine device uniqueness

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 15 14:34:38 2016 +0200

    Added auto-detection of getrandom() system call in Linux systems
    
    In addition use getrandom() via the syscall interface if it doesn't
    exist in Libc. The reason for the latter is that getrandom() support
    for glibc is in limbo for several years, and for auto-detection is that
    even if it is going to be present in libc we will not be able to guarrantee
    that the system call is available just because it is present in glibc.
    For that we detect on initialization whether getrandom() can obtain
    random data, and if yes, we continue using that.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 15 13:58:16 2016 +0200

    tests: seccomp examples: use cert-common.h

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jul 14 10:00:19 2016 +0200

    tests: enhanced arbitrary extension tests with octet_string encoding

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jul 14 09:43:28 2016 +0200

    certtool: added the ability to encode arbitrary extensions
    
    That is, added the ability to encode as an octet string any
    specified extension data.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jul 14 09:21:16 2016 +0200

    .gitlab-ci.yml: added expiration time of a week for failure artifacts

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 11 16:36:39 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 11 16:31:47 2016 +0200

    tests: added basic testing of gnutls_x509_crq_set_extension_by_oid()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 11 16:13:12 2016 +0200

    tests: added checks on certificate and request generation with arbitrary extensions
    
    This tests the add_extension and add_critical_extension options of certtool.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 11 11:43:10 2016 +0200

    certtool: added options to set arbitrary extensions to certificates and requests
    
    This allows setting arbitrary extensions using the following new template options:
    add_extension = "5.6.7.8 0x0001020304050607AAABCD"
    add_critical_extension = "9.10.11.12.13.14.15.16.17.1.5 0xCAFE"
    
    The "0x" prefix can be omitted.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 11 11:41:14 2016 +0200

    added gnutls_x509_crq_set_extension_by_oid()
    
    This is a function to add an arbitrary extension into a
    certificate request.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 13 13:20:10 2016 +0200

    doc: mention the need of libtasn1-tools in Fedora based systems [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 13 12:11:57 2016 +0200

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 11 10:54:09 2016 +0200

    doc: mention libcmocka dependency

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 9 14:52:42 2016 +0200

    tests: added unit testing for DTLS sliding window implementation
    
    This was taken from the unit testing of AF_KTLS.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jun 10 23:14:03 2016 +0200

    dtls: imported Fridolin's DTLS sliding window implementation
    
    This simplifies the current code, and reduces the memory needed.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jun 10 22:42:21 2016 +0200

    dtls: moved DTLS window handling to separate file

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 12 18:37:53 2016 +0200

    ex-client-x509: removed unused call to gnutls_session_set_ptr()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 12 14:48:14 2016 +0200

    libtasn1: updated to allow large OIDs to be used even on 32-bit systems

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 11 17:44:28 2016 +0200

    doc: updated contribution guide

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 11 17:43:04 2016 +0200

    doc: updated contribution guide

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 11 17:19:16 2016 +0200

    tests: link the resume tests to gnulib due to their missing memmem()
    
    This fixes compilation of gnutls in solaris. Reported by Dagobert Michelsen.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 8 14:26:38 2016 +0200

    NEWS: corrected release date [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jul 7 22:55:48 2016 +0200

    .gitlab-ci.yml: keep the artifacts on failure

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jul 7 21:00:56 2016 +0200

    write_nss_key_log: write the premaster secret while it is still valid

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jul 7 20:55:03 2016 +0200

    updated libtasn1

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jul 6 08:43:58 2016 +0200

    released 3.5.2

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 5 18:40:32 2016 +0200

    cfg.mk: reduced the generated changelog size

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 5 18:37:15 2016 +0200

    bumped version

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 5 12:03:51 2016 +0200

    tests: ignore any memory leaks from libcrypto

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 5 11:33:54 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 1 13:51:18 2016 +0200

    asm: updated openssl and the asm sources for AES-GCM from openssl 1.0.2h
    
    This improves the performance of AES-GCM significantly by taking
    advantage of AVX and MOVBE instructions where available. This
    utilizes Andy Polyakov's code under BSD license.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 5 11:44:59 2016 +0200

    tests: when testing with openssl disallow any CPU optimizations
    
    This ensures that we test our optimized code (which is mostly
    openssl based), with code that is not identical.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 1 14:29:40 2016 +0200

    tests: added openssl compatibility tests for AES-GCM cipher

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 5 11:41:20 2016 +0200

    dane: corrected the license of libdane files
    
    The license was always LGPL version 2.1, and these
    files mentioned LGPL version 3. Reported by Thomas
    Petazzoni.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 4 17:29:30 2016 +0200

    tests: ignore leaks due to p11-kit in test suite
    
    This addresses issue in "pkcs11-privkey-fork" which failed
    when compiled under asan due to leaks in p11-kit after fork.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 4 15:28:27 2016 +0200

    tests: added check to ensure that pkcs11 objects will be reopened on fork
    
    This checks whether C_Initialize() and C_OpenSession() will be called
    again when using a PKCS#11 module.
    
    Resolves #95

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 4 15:19:32 2016 +0200

    pkcs11: on object import always check for a support public key algorithm

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 1 15:29:58 2016 +0200

    gnutls_aead_cipher_decrypt: corrected the return value of ptext_len
    
    That is, do not account the tag_size into the plaintext.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 30 15:29:44 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 30 15:22:22 2016 +0200

    configure: check for libdl irrespective of FIPS140 configuration
    
    This allows to link to libdl for the tests that require it.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 30 13:44:57 2016 +0200

    tests: account pkcs11/pkcs11-mock-ext.h in Makefile

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 30 13:41:51 2016 +0200

    tests: link pkcs11-import-url-privkey with libdl
    
    That is because it uses dlopen().

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 30 10:47:02 2016 +0200

    more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 30 09:34:33 2016 +0200

    tests: avoid compiler warning from pkcs11-pubkey-import

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 30 09:30:47 2016 +0200

    tests: added check to verify the tolerance of broken C_GetAttributes
    
    That is, test gnutls_pkcs11_obj_list_import_url4() when importing
    private keys from tokens that return CKR_OK on sensitive objects,
    and tokens that return CKR_ATTRIBUTE_SENSTIVE.
    
    Relates #108

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 30 09:11:40 2016 +0200

    pkcs11_get_attribute_avalue: correctly handle a -1 value length from C_GetAttributeValue
    
    That is, work-around modules which do not return an error on sensitive
    objects.
    
    Relates #108

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jun 29 18:52:22 2016 +0200

    pkcs11_get_attribute_avalue: do not assign values on failure
    
    When C_GetAttributeValue() returns size but does not return data
    then pkcs11_get_attribute_avalue() would set the return data pointer
    to a free'd value. This is against the convention expected by callers,
    i.e, set data to NULL. Reported by Anthony Alba in #108.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 29 17:25:06 2016 +0200

    tests: use datefudge in name-constraints test
    
    This avoids the expiration of the used certificate to affect the test.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 28 09:17:13 2016 +0200

    tests: link libpkcs11mock1 with gnulib
    
    This allows it to use gnulib for strndup where it is needed.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 28 09:15:55 2016 +0200

    p11tool: do not return from void functions
    
    This fixes a compilation issue with solaris compiler. Reported
    by Peter Eriksson.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 24 11:01:35 2016 +0200

    doc: mention the boolean functions in the gnutls API

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 24 10:55:37 2016 +0200

    tests: removed remainders of pkcs11 tests from suite/

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 24 08:37:03 2016 +0200

    gnutls_pkcs11_crt_is_known: changed to unsigned type

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 23 23:24:19 2016 +0200

    tests: pkcs11-is-known: check that no flags enforce compare

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 23 23:13:50 2016 +0200

    gnutls_pkcs11_crt_is_known: always assume GNUTLS_PKCS11_OBJ_FLAG_COMPARE unless GNUTLS_PKCS11_OBJ_FLAG_RETRIEVE_DISTRUSTED is given

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 23 23:06:29 2016 +0200

    tests: moved pkcs11-softhsm test suite into pkcs11/

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 23 22:40:26 2016 +0200

    find_cert_cb: minor cleanups in find_cert_cb

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 23 22:25:06 2016 +0200

    tests: added more unit tests for gnutls_pkcs11_crt_is_known()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 22 18:04:45 2016 +0200

    dn2: updated to account for serial number being printed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 22 18:01:15 2016 +0200

    tests: corrected create-chain.sh to remove the ocsp_signing_key from generated certs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 22 18:00:03 2016 +0200

    tests: replaced tls feature extension checks
    
    The previous checks had incorrect key purpose check on the final
    (root) certificate.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 22 17:31:30 2016 +0200

    enhanced debugging messages for cert verification

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 22 17:09:54 2016 +0200

    x509: print serial number in compact output

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 22 16:49:42 2016 +0200

    tests: include softhsm.h into dist files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 22 15:27:05 2016 +0200

    pkcs11: correctly encode the serial number when searching for certificate
    
    In gnutls_pkcs11_crt_is_known() corrected the encoding of the
    serial number to TLV DER from LV DER. This is the encoding we
    use when storing that number.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 22 15:50:51 2016 +0200

    pkcs11: correctly account check_found_cert()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 22 13:50:48 2016 +0200

    gnutls-cli-debug: replaced draft-ietf-tls-chacha20-poly1305-04 with RFC7905

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 20 12:07:03 2016 +0200

    gnutls-cli: benchmark the memcpy performance to compare with ciphers
    
    Also ensure that we use different memory areas for each operation
    to avoid measuring better performance due to caching.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 16 11:53:55 2016 +0200

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 19 15:48:21 2016 +0200

    doc: corrected typo

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 19 13:06:15 2016 +0200

    Sync with TP.

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Jun 18 18:36:13 2016 +0200

    Typo fixes (found by lintian): extention, reencode

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 16 11:51:42 2016 +0200

    tests: added check for handshake packet reconstruction
    
    This tests whether a split handshake packet is properly reconstructed
    if the parts are switched.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 16 11:37:30 2016 +0200

    dtls: corrected reconstruction of handshake packets received out of order
    
    That is, when the handshake packet is split into multiple different
    chunks and received out of order, make sure that reconstruction occurs
    properly. Reported by Guillaume Roguez.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 16 10:08:34 2016 +0200

    Corrected the writing of serial number in PKCS#11 modules
    
    That is previously the serial number was written in raw format, but
    in PKCS#11 the serial number must be set encoded as integer. Report
    and fix by Stanislav Zidek.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 15 13:50:54 2016 +0200

    ext: ecc: replaced SUPPORTED ECC POINT FORMATS with better formatted name

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 15 09:21:10 2016 +0200

    tests: disable SRP-base64 encode/decoded tests when SRP is disabled

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 19:46:55 2016 +0200

    .gitlab-ci.yml: restrict windows build checks to tests/ subdir [ci skip]
    
    That is because there is an issue with the gnulib self tests when
    run under windows.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 16:43:50 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 16:35:55 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 16:32:21 2016 +0200

    released 3.5.1

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 16:31:35 2016 +0200

    tests: added missing files

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 15:24:48 2016 +0200

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 15:23:04 2016 +0200

    tests: fixed the path of cert-tests files and added missing files in Makefile.am

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 15:17:33 2016 +0200

    more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 1 10:21:54 2016 +0200

    tests: verify the resilience of the TLSFeature handling functions on large number of features

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 1 10:02:56 2016 +0200

    tlsfeature: impose a maximum number of supported TLS features
    
    This avoids many allocations and simplifies handling of the features.
    The currently set maximum number of TLS features aligns with the
    maximum number of supported TLS extensions.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 1 09:51:01 2016 +0200

    tests: added unit test for gnutls_x509_tlsfeatures_check_crt

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 16:07:44 2016 +0200

    During PKIX chain verification check the TLSFeatures compliance
    
    This verifies whether a chain complies with RFC7366 p.4.2.2 requirements.
    That is whether the issuer's features are a superset of the certificate
    under verification.
    
    This enhances gnutls_x509_crt_get_tlsfeatures() to allow appending
    of TLSFeatures, and introduces gnutls_x509_tlsfeatures_check_crt().

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 15:10:27 2016 +0200

    verify_crt: moved all verification state into a common structure
    
    This allows for easier extension of state.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 09:28:28 2016 +0200

    tests: added chain verification with TLS features
    
    That adds checks for the RFC7633 requirements for intermediate
    and CA certificates (p. 4.2.2).

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 14:37:49 2016 +0200

    bumped version

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 14:37:12 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 14:01:56 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 13:49:28 2016 +0200

    tests: verify the operation of honor_crq_ext template option

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 13:41:24 2016 +0200

    tests: common.sh will export the required TZ for datefudge tests

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 13:24:03 2016 +0200

    tools: avoid using deprecated types

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 13:23:03 2016 +0200

    certtool: allow copying specific certificate request extensions to certificate
    
    This introduces the honor_crq_extension multi-line template option.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 13:13:32 2016 +0200

    tests: added check on gnutls_x509_crt_set_crq_extension_by_oid()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 11:19:50 2016 +0200

    Added gnutls_x509_crt_set_crq_extension_by_oid()
    
    This allows copying specific OIDs from a certificate
    request to the certificate.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 09:59:20 2016 +0200

    tests: moved check for datefudge in scripts/common.sh

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 09:55:04 2016 +0200

    tests: cert-tests: moved all data files in separate subdir

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 14 09:36:29 2016 +0200

    tests: cert-tests: moved templates into subdir

Author: Daniel P. Berrange <berrange@redhat.com>
Date:   Fri Jun 10 13:41:22 2016 +0100

    tests: test trailing comma in system priorities
    
    Add tests which verify behaviour when the list of system
    priorities has a trailing ','. Avoid crash in test suite
    if the test unexpectedly succeeds when expected_str is
    NULL.
    
    Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jun 10 13:56:23 2016 +0200

    tests: added check of DTLS rehandshake for upgrade
    
    That is check whether anon -> cert renegotiation works.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jun 10 13:43:36 2016 +0200

    tests: added check of DTLS rehandshake when using PKIX certs
    
    This complements the existing DTLS rehandshake test using anonymous
    ciphersuites.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 9 18:55:02 2016 +0200

    tests: document some details in system-prio-file [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 9 17:40:49 2016 +0200

    doc: mention the usage of the _gnutls_resolve_priorities function in testsuite

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 9 17:38:29 2016 +0200

    doc: mention the fallback keyword support in manual

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 9 17:36:12 2016 +0200

    tests: added checks for system priority file fallback mechanism

Author: Daniel P. Berrange <berrange@redhat.com>
Date:   Fri Jun 3 16:57:02 2016 +0100

    gnutls_priority_init: multiple @KEYWORD lookups with fallback
    
    The support for using "@KEYWORD" as a priority string is very
    useful to separate selection of priorities from application
    specific code or config files. It is, however, not general
    enough to fully serve all reasonable use cases.
    
    For example, consider an application sets
    
      gnutls_priority_set_direct(session, "@SYSTEM", NULL);
    
    The system administrator can modify the global priorities
    file to change what "@SYSTEM" resolves to for all apps using
    GNUTLS. As soon as one application wishes to have a slightly
    different configuration from others on the host, you have to
    go back and start modifying application specific configuration
    files once more. This is bad for the system administrator as
    it means there's no longer one single place where they can
    see the priority configuration for all apps.
    
    They may try to get around this problem by configuring the
    app to use a different keyword, instead of a full priority
    string, eg "@LIBVIRT". So the global priorities file can
    now define entries for both "SYSTEM" and "LIBVIRT". This
    has still placed a burden on the administrator change the
    config in two places - both libvirt config files and the
    global priorities file.
    
    What is more desirable is if applications were able to provide
    a list of keywords that would be tried in order, picking the
    first that existed. For example, libvirt could be written to
    request the following by default
    
      gnutls_priority_set_direct(session, "@LIBVIRT,SYSTEM", NULL);
    
    With this, gnutls would first try to find the "LIBVIRT" keyword
    in the global configuration file, and if that is not present,
    then it would fallback to trying to find the "SYSTEM" keyword.
    
    This provides nice "out of the box" behaviour for system
    administrators, whereby the app would be using "SYSTEM" initially
    and if the admin wishes to give the app a custom configuration,
    they can simply modify the global priorities file to add in the
    application specific keyword "LIBVIRT". There is never a need
    for the sysadmin to modify any application specific configuration
    files any more. It is exclusively controlled in one place via the
    global priorities file.
    
    Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 9 17:20:22 2016 +0200

    tests: enhanced system priority file testing
    
    This checks whether appending to system priority options work.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 9 17:21:57 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 9 17:01:06 2016 +0200

    doc: remove all references to openpgp auth example

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 9 16:48:14 2016 +0200

    doc update

Author: Daniel P. Berrange <berrange@redhat.com>
Date:   Fri Jun 3 14:59:11 2016 +0100

    _gnutls_resolve_priorities: always try to re-read sys priority file
    
    Previously if the system priority file was edited, that would
    take effect on the very next TLS session an application created.
    
    As of:
    
      commit 006b89d4464ae1bb6d545ea5716998654124df45
      Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
      Date:   Fri Apr 1 10:46:12 2016 +0200
    
        priorities: preload the system priorities on library loading time
    
    It is required to restart every application after changing the
    system priority file to get changes to take effect.
    
    Further, for applications running in a chroot, it will no longer
    honour a system priority file that may exist inside the chroot,
    always using the originally cached data from outside the chroot.
    
    This patch changes the caching so that we always try to reload
    the cache of system priorities. A mtime check is used to avoid
    actually re-reading the file unless its content has obviously
    changed. If the file no longer exists, the cache will not be
    invalidated. This ensures that the current priority file is
    always honoured, whether inside a chroot or not, while at the
    same time allowing apps to work in a chroot when no system
    priority file is present.
    
    Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jun 8 19:38:07 2016 +0200

    doc: remove references to GNUTLS_KEYLOGFILE

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 6 19:33:34 2016 +0200

    tests: renamed rehandshake checks for clarity

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 6 18:47:28 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 6 18:43:12 2016 +0200

    keylogfile: only consider the SSLKEYLOGFILE variable
    
    In addition do not check the environment in the constructor
    but instead use static variables to save the key file name.
    The GNUTLS_KEYLOGFILE environment variable is no longer used
    since there is no reason to have a separate one.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 6 18:39:18 2016 +0200

    lib: eliminated the use of deprecated variables

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 4 11:42:21 2016 +0200

    doc: removed OpenPGP examples
    
    Relates #102

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 4 11:36:34 2016 +0200

    pkcs12: corrected return type of gnutls_pkcs12_bag_get_type()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 3 17:07:28 2016 +0200

    tests: move pkcs11-cert-import-url4-exts with the other pkcs11 tests
    
    This prevents a build failure in windows.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 3 15:01:59 2016 +0200

    doc clarify the version since when GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT is accepted

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 3 14:53:04 2016 +0200

    tests: corrected typo in crl-test

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 3 14:24:32 2016 +0200

    tests: check gnutls_pkcs11_obj_list_import_url4() with GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 3 14:50:45 2016 +0200

    gnutls_pkcs11_obj_list_import_url4: accepts the GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 3 14:41:25 2016 +0200

    gnutls_pkcs11_obj_list_import_url3: rewritten to use gnutls_pkcs11_obj_list_import_url4

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 3 14:29:45 2016 +0200

    pkcs11: use ctx as variable name for ck_object_handle_t for clarity

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 3 13:47:44 2016 +0200

    pkcs11: doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 2 14:37:11 2016 +0200

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 2 14:28:52 2016 +0200

    _gnutls_check_key_purpose: in CA certificates treat the SGC key purpose as GNUTLS_KP_TLS_WWW_SERVER
    
    This is a hack for certain very old CA certificates lurking around which instead
    of having the GNUTLS_KP_TLS_WWW_SERVER have some old OIDs for that purpose. Consider
    these OIDs equivalent to GNUTLS_KP_TLS_WWW_SERVER in marked as CA certificates.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 2 09:22:26 2016 +0200

    gnutls-cli: --save-ocsp will work even if verification fails
    
    That is, allow saving the response even if the OCSP response caused
    a verification error. That way the response can be examined for possible
    issues.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 2 09:20:13 2016 +0200

    ocsp: attempt harder to figure an OCSP staple issuer
    
    That is, check initially against the trust list set on the credentials,
    and if verification is not possible attempt with all certificates in
    the chain as possible issuers. The reason of this enhancement is the
    few servers have an OCSP response signed not by their direct CA but
    rather by one of the higher level CAs.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 1 14:10:59 2016 +0200

    tests: added comprehensive OCSP test suite with MUST-staple PKIX extension
    
    This includes the tests:
     - Server with valid certificate - no staple
     - Server with valid certificate - valid staple
     - Server with valid certificate - invalid staple
     - Server with valid certificate - unrelated cert staple
     - Server with valid certificate - expired staple
     - Server with valid certificate - old staple

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 1 10:09:54 2016 +0200

    tests: utils: added c_print()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 1 10:33:15 2016 +0200

    ext: status_request: added more descriptive name

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 1 14:15:49 2016 +0200

    ocsp: fail certificate verification on expired or too old revocation data info

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 1 14:13:52 2016 +0200

    ocsp: Introduced GNUTLS_CERT_INVALID_OCSP_STATUS
    
    This verification status flag indicates an OCSP status response
    being stapled but it being invalid for some reason (e.g., unable
    to parse or doesn't contain the expected certificate).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 1 14:38:32 2016 +0200

    doc: improved OCSP description and mention RFC7633

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 16:52:06 2016 +0200

    tests: added basic check for gnutls_url_is_supported

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 16:47:34 2016 +0200

    gnutls_url_is_supported: type changed to unsigned
    
    In addition function documentation was updated.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 16:42:22 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 16:37:34 2016 +0200

    pubkey_to_bits: return type was changed to unsigned
    
    This function did not return signed data, so the "int" return
    type was confusing.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 16:16:38 2016 +0200

    crypto-selftests: removed unneeded cast

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 13:49:13 2016 +0200

    several sign-related API changes
    
    This replaces the usage of "int" in functions which could only
    have accepted an "unsigned" value. Also functions which return
    unsigned values are explicitly tagged as such. The ABI remains
    the same with these changes.
    
    This allows easier catching of sign/unsigned related errors from
    the calling applications.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 11:40:00 2016 +0200

    x509: simplified _gnutls_x509_get_tbs()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 10:08:14 2016 +0200

    x509: replace the bool type with the unsigned type
    
    This allows to rely on gcc warnings for improper checks and
    conversions. Unfortunately gcc does warn on invalid checks for
    the bool type (e.g., b<0).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 10:00:18 2016 +0200

    configure: enable the type-limits gcc warnings
    
    In addition remove the unsafe-loop-optimizations warning
    as they were not helpful.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 31 08:59:47 2016 +0200

    certtool: doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 30 22:28:23 2016 +0200

    DCO: added Tim Kosse [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 15:19:15 2016 +0200

    tools: modify canonicalize_host to not depend on in6_addr

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 15:17:06 2016 +0200

    tests: added unit tests for gnutls_x509_tlsfeatures_t handling funcs
    
    This includes DER import/export as well as feature appending.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 14:19:20 2016 +0200

    tests: tlsfeature-test will ignore the 'Algorithm Security Level' line in comparisons
    
    That is to allow depending on the certificate output validation without
    relying on "moving" parameters such as the Algorithm Security Level.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 13:47:14 2016 +0200

    tests: verify whether the TLSFeatures extension is copied
    
    Verify whether the TLSFeatures extension is copied from the certificate
    request to the generated certificate.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 13:34:17 2016 +0200

    doc: updated since version of tlsfeature functionality and documented new functions

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Fri Jan 15 14:45:03 2016 +0100

    tests: add testcase to check for missing status request
    
    That is verify whether the OCSP MUST-staple extension, as can be
    deduced from RFC7633, is accounted during handshake.

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Fri Jan 15 14:45:42 2016 +0100

    Reset extensions_sent_size only at start of handshake
    
    That is, do not reset it when completing it so that we can
    use the negotiated extensions even after the handshake is
    complete.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Sun Dec 20 15:09:24 2015 +0100

    Account the TLSFeature certificate extension in certificate verification
    
    That is, account for the OCSP-Must staple extension. If we have sent an OCSP
    status request and have not gotten anything, but the certificate has the
    Status Request TLSFeature extension present, fail to verify the certificate.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 12:57:55 2016 +0200

    tools: allow specifying a hostname with a port attached
    
    That is: gnutls-cli www.example.com:443 is equivalent to
    gnutls-cli www.example.com -p 443

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 12:35:45 2016 +0200

    tests: check the generation and printing of TLS feature PKIX extension

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 11:23:39 2016 +0200

    doc: document tls_feature option in the sample template

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 10:55:46 2016 +0200

    TLS extensions: use more human-friendly names
    
    This is required to provide better output to gnutls_ext_get_name()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 10:50:38 2016 +0200

    exported function to convert TLS extension numbers to strings
    
    The exported function is gnutls_ext_get_name()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 10:45:46 2016 +0200

    x509/output: print the extension name of TLSFeatures

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Thu Jan 7 11:27:13 2016 +0100

    Implement setting the TLS features extension on certificates via certtool's template file.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 30 10:20:00 2016 +0200

    libgnutls.map: exported the tlsfeatures-related functions

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Fri Jan 15 11:34:31 2016 +0100

    Add functions to get/set the tlsfeatures to certificate requests.

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Mon May 30 09:57:42 2016 +0200

    Added gnutls_x509_crt_set_tlsfeatures
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Mon May 30 09:52:15 2016 +0200

    Added functions to add features and convert tlsfeatures back to DER
    
    That adds:
      gnutls_x509_ext_export_tlsfeatures
      gnutls_x509_tlsfeatures_add
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Fri Jan 15 13:48:10 2016 +0100

    Move call to terminate() until after printing the error message.

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Fri Jan 15 12:04:00 2016 +0100

    Fix the description of two testcases.

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Mon May 30 09:45:29 2016 +0200

    Added functions to parse the TLSFeatures X.509 extension.
    
    In addition provide function to enumerate the features it lists,
    and output information with the output functions.
    This adds:
      gnutls_x509_tlsfeatures_init
      gnutls_x509_tlsfeatures_deinit
      gnutls_x509_tlsfeatures_get
      gnutls_x509_ext_import_tlsfeatures
      gnutls_x509_crt_get_tlsfeatures
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun May 29 11:53:22 2016 +0200

    Typo fix: auxilary -> auxiliary [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 28 22:26:48 2016 +0200

    tests: added DTLS 0.9 check with AES-128-GCM

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 28 19:57:09 2016 +0200

    gl: secure_getenv() will behave as getenv on windows

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 28 19:32:12 2016 +0200

    tests: corrected definition of CryptSignHash in mock crypt32

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 28 09:55:53 2016 +0200

    Rely on gnulib's secure_getenv()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 28 09:55:07 2016 +0200

    x86-common: use secure_getenv()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 27 22:48:48 2016 +0200

    configure.ac: check for secure_getenv where available and always enable system extensions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 27 22:34:53 2016 +0200

    tests: keylog-env will check for SSLKEYLOGFILE as well

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 27 22:26:02 2016 +0200

    env: use secure_getenv when reading environment variables

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 27 22:21:50 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 27 22:19:40 2016 +0200

    Append keys on keylogfile
    
    Also consider the SSLKEYLOGFILE variable, since the format is
    identical and we are always appending keys.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 26 11:05:40 2016 +0200

    tests: ssl2-hello check is made conditional
    
    It is only run if ENABLE_SSL2 is defined.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 26 11:04:27 2016 +0200

    .gitignore: more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 26 11:02:34 2016 +0200

    tests: added SSL2.0 client hello parsing check

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 26 10:58:19 2016 +0200

    tests: added small text clarifying the purpose of the cert-common.h header

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 24 13:45:32 2016 +0200

    tests: add an upper limit in the run of compat tests
    
    This allows the test suite to recover from the case of DTLS implementations
    that do not properly retransmit and block on lost packets.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 24 13:27:12 2016 +0200

    doc: advise against using the TPM-specific API
    
    It is restricted to TPM 1.2, and there are fine PKCS#11 wrappers that
    will provide identifical functionality.
    
    Relates #101

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 24 10:08:14 2016 +0200

    .gitlab-ci.yml: corrected typo preventing the no-SSL 3.0 test part to be properly run
    
    Also test the --disable-ssl2-support option.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 24 09:58:12 2016 +0200

    Amend the "Allow for conditional compilation of SSL 3.0 protocol patch"
    
    That is fix bug introduced by an incorrect #ifdef, and unconditionally
    provide access to certificate callbacks.
    
    This amends 89faab9e9e9123f39e8c0c6f8da1f67de423254a

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 24 09:17:53 2016 +0200

    doc: updated text on priority strings
    
    Refer to RFC7685 for the TLS padding extension (%DUMBFW),
    and mention the default behavior for the TLS client hello record version.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 23 11:33:53 2016 +0200

    pkcs11: added sanity check to find_obj_url_cb() for object validity
    
    Also avoid unnecessary recursion.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 21 06:24:47 2016 +0200

    tests: run compatibility checks in parallel for various modifiers
    
    That is, the various %NO_ETM, %COMPAT, ... modifiers are checked
    in parallel in the testcompat suite, reducing the overall running
    time significantly.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 21 05:39:21 2016 +0200

    tests: enhance TLS version checks with DTLS
    
    That is we check whether DTLS-1.0 and DTLS-1.2 can be negotiated
    using the NORMAL priority string. We also add a custom check for
    DTLS-0.9 as this is not fully supported for negotiation.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 20 17:44:46 2016 +0200

    tests: use /bin/bash in tests which require common.sh

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 20 15:04:22 2016 +0200

    .gitlab-ci.yml: minimal build disables SSL2 client hello

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 20 15:03:41 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 20 15:01:49 2016 +0200

    Allow for conditional compilation of SSL 2.0 client hello support
    
    This allows to completely remove SSL 2.0 support by calling configure
    with the '--disable-ssl2-support' option.
    
    Relates #97

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 20 14:54:38 2016 +0200

    Amend: Allow for conditional compilation of SSL 3.0 protocol
    
    This patch makes conditional several more SSL 3.0-only parts of codebase.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 20 14:47:27 2016 +0200

    CONTRIBUTING.md: link to milestones instead of all issues

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 20 14:42:12 2016 +0200

    tests: mini-x509-cas: use cert-common.h

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 20 14:41:08 2016 +0200

    CONTRIBUTING.md: doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 20 12:07:57 2016 +0200

    tests: do not use pkglib to generate libpkcs11mock1.so
    
    This resulted in the test library being installed. Install we use noinst
    for the library, but pass -rpath to LDFLAGS as a hack to for libtool
    to generate the shared version.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 19 12:08:13 2016 +0200

    configure.ac: increased stack size usage to reduce warnings
    
    Also remove gcc flags from the banned list that no longer pose
    and issue.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 20 07:45:46 2016 +0200

    announce.txt:  updated list email address

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 19 10:56:52 2016 +0200

    priority: CCM ciphersuites was promoted over the CBC ones
    
    Also make explicit the prioritization rules for the default set
    of ciphers.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 19 09:24:13 2016 +0200

    gnutls-cli: allow operation with stdin input
    
    That is once commands from stdin are given, they are not only sent to server,
    but we also wait for a response prior to exiting.
    
    Resolves #96

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 18 14:00:06 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed May 18 22:24:33 2016 +0200

    tests: ocsp-tls-connection: use /bin/bash since we rely on the $RANDOM variable

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed May 18 22:20:47 2016 +0200

    tests: use _putenv() for setting environment on windows

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed May 18 21:15:38 2016 +0200

    tests: added check to verify that keylog file is being written

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 18 16:38:13 2016 +0200

    doc: documented the GNUTLS_KEYLOGFILE environment variable

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 18 16:31:28 2016 +0200

    Write session keys into a file when GNUTLS_KEYLOGFILE is exported
    
    That is the file pointed from the variable is written to, and contain
    the session parameters in the following format (identical to NSS key
    log format):
    
    CLIENT_RANDOM <space> <64 bytes of hex encoded client_random> <space> <96 bytes of hex encoded master secret>
    
    and for the old RSA ciphersuites also in the format:
    RSA <space> <16 bytes of hex encoded encrypted pre master secret> <space> <96 bytes of hex encoded master secret>
    
    Resolves #64

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 18 13:39:06 2016 +0200

    systemkey: corrected help output

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 18 13:36:11 2016 +0200

    doc: document the systems supported via systemkeys API

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 17 14:13:26 2016 +0200

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 17 10:35:39 2016 +0200

    gnutls-cli: corrected check for OCSP verification success

Author: Thomas Klute <thomas2.klute@uni-dortmund.de>
Date:   Fri Apr 29 02:50:31 2016 +0200

    Test case for gnutls-cli --ocsp
    
    This new test case checks if gnutls-cli accepts OCSP responses for a
    valid and a revoked server certificate when establishing TLS
    connections. Uses the OpenSSL OCSP responder.
    
    Signed-off-by: Thomas Klute <thomas2.klute@uni-dortmund.de>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 17 09:23:22 2016 +0200

    INSTALL.md: no longer reference libgcrypt

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 17 09:16:32 2016 +0200

    doc: updated README files
    
    This makes the names a bit more reasonable, drops the very generic
    INSTALL file, and also allows the github repository to print the
    correct README file.
    
    README -> INSTALL.md
    README-alpha.md -> README.md

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 17 08:56:59 2016 +0200

    tests: renamed cert-callback checks for simplicity

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 17 08:55:50 2016 +0200

    tests: added check with the legacy cert verification callback

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 17 08:54:43 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 17 08:43:58 2016 +0200

    tests: cert-callbacks check now checks the server-side callback operation as well

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 16 18:08:27 2016 +0200

    tests: dtls-stress: fix debug argument accounting
    
    It was not being considered when it was not the last argument.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 16 18:05:34 2016 +0200

    tests: re-disabled dtls-nb check; it had random failures
    
    This was disabled for quite long time already, and needs to
    be investigated.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 16 13:47:23 2016 +0200

    tests: added DTLS test suite when in session resumption
    
    While there is already a test suite for DTLS lost packets/rearranges
    it does not cover the session resumption flights. This patch
    enhances the test suite with these checks.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 15 10:44:42 2016 +0200

    dtls-stress: added session resumption option
    
    This allows to perform tests on DTLS resumed sessions for
    retransmitions due to lost packets.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 15 11:34:32 2016 +0200

    tests: dtls: removed excessive debugging output from test

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 15 11:08:57 2016 +0200

    tests: dtls-stress: corrected parsing of -d option

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 15 10:49:42 2016 +0200

    record.c: removed superfluous debugging

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 15 10:40:38 2016 +0200

    gnutls_assert_val: corrected regression from 78ee98e06c7862df38131b12083adc1a0c5eea4a

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 15 09:30:02 2016 +0200

    gnutls_assert_val: was modified to be in line with gnutls_assert()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 13:03:27 2016 +0200

    .gitlab-ci.yml: added new build target without SSL 3.0
    
    Also disable SSL3.0 in the minimal library compilation.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 11:58:27 2016 +0200

    .gitignore: more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 11:57:47 2016 +0200

    tests: added key exchange checks for all DTLS protocols

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 11:48:45 2016 +0200

    doc: prefer the usage of VERS-ALL in documentation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 11:47:18 2016 +0200

    ext master secret: don't enable when SSL 3.0 is the only protocol
    
    That is on server side only. On client side this logic was already
    present.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 11:18:44 2016 +0200

    tests: separated the key exchange checks
    
    That is introduce separate checks for each key exchange on every TLS version.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 11:12:56 2016 +0200

    doc: mention the TLS 1.2 restriction of sign algo functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 10:28:49 2016 +0200

    Allow for conditional compilation of SSL 3.0 protocol
    
    This allows to completely remove SSL 3.0 support by calling configure
    with the '--disable-ssl3' option.
    
    Resolves #93

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 08:03:48 2016 +0200

    Makefile.am: include renamed files into distribution

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 00:39:23 2016 +0200

    README-alpha.md: refer to CONTRIBUTING.md [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 00:38:59 2016 +0200

    LICENSE: mention that documentation is under GNU FDL

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 00:35:45 2016 +0200

    Leave only LICENSE in the root directory and move licenses to doc/

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 00:13:44 2016 +0200

    Added a LICENSE file [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 14 00:31:43 2016 +0200

    Moved coding style and contribution guide to CONTRIBUTION.md
    
    This aligns with gitlab's web interface.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 13 20:39:11 2016 +0200

    tests: include unistd.h in tests which call _exit()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 13 13:41:53 2016 +0200

    tests: simplified server launching process
    
    Also attempt to use a new port on every started server and
    added a waiting period for the port to become re-usable.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 13 11:28:51 2016 +0200

    tests: avoid calling exit() from signal handlers

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 13 11:16:58 2016 +0200

    memmem.m4: don't call exit() from signal handler

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 12 11:24:03 2016 +0200

    tests: enhance SNI checking with invalid UTF8 and embedded NULL case

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 12 11:22:51 2016 +0200

    Introduce _gnutls_server_name_set_raw
    
    This is an internal function intended for testing, which performs
    the same as gnutls_server_name_set() but without any UTF8 conversions
    or other checks in the input. It is intended to be used with raw data.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 12 11:21:16 2016 +0200

    errors: include GNUTLS_E_IDNA_ERROR to the list

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 12 10:58:58 2016 +0200

    server_name: only save the supported server names in the session
    
    Invalid server names with embedded nulls and unsupported types
    are not saved.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 12 10:37:56 2016 +0200

    gnutls_server_name_get: mention GNUTLS_E_IDNA_ERROR being returned

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 12 09:24:23 2016 +0200

    doc: clarify that 'hmac' in the name of functions is only for legacy reasons

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 11 13:23:33 2016 +0200

    tests: introduce delay between server restarts in testsrn.sh
    
    This is to reduce test suite random failures on CI.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 11 09:31:28 2016 +0200

    tests: CRL test will separate stderr output from stdout
    
    This addresses CI failures due to "Merge mismatch for function" messages
    from gcov being inserted into stdout output and messing the base64 encoding.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 11 09:28:55 2016 +0200

    Revert "tests: CRL test will not push stderr into output files"
    
    This reverts commit bf1ee75f78cd81ea8309bdfb50f63ed0ab61a23a.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 11 09:27:32 2016 +0200

    gnutls_pkcs7_print: avoid warning for signed/unsigned comparison by making everything signed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 11 08:17:37 2016 +0200

    tests: CRL test will not push stderr into output files
    
    This addresses CI failures due to "Merge mismatch for function" messages
    from gcov being inserted into output and messing the base64 encoding.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 10 22:46:34 2016 +0200

    pack_srp_auth_info: corrected check for uninitialized username

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 10 22:48:56 2016 +0200

    call_get_cert_callback: removed dead code

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 10 22:11:52 2016 +0200

    pkcs11: added error check in _gnutls_buffer_append_data()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 10 22:08:23 2016 +0200

    gnutls_pubkey_verify_data2: simplified return logic

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 10 22:02:54 2016 +0200

    gnutls_pkcs7_print: corrected type of unsigned count variable

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 10 21:55:07 2016 +0200

    _gnutls_krb5_der_to_principal: fixed invalid deinitialization on cleanup

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 10 20:57:08 2016 +0200

    tests: don't run hash-large on freebsd

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 10 20:06:03 2016 +0200

    tests: fix mmap usage of hash-large to correctly detect failures

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 15:23:11 2016 +0200

    doc: updated documentation for gnutls_x509_crt_get_*_dn

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 15:20:09 2016 +0200

    certtool: handle empty CNs on verification
    
    That is, handle GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if returned
    from gnutls_x509_crt_get_dn() on the end certificate.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 15:17:18 2016 +0200

    Revert "x509: allow empty DNs on parsing for subject DNs"
    
    This reverts commit 1641ea943079765d601cf418dc2c89c1c93f0ecf.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 11:40:43 2016 +0200

    cert cred: add the CN to the list of known hostnames only if no dns_names
    
    That is, follow rfc6125 and support CN as a fallback only.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 11:23:02 2016 +0200

    tests: enhanced set_x509*_key to verify that connections succeed with creds
    
    That is the tests no only verify that credentials are set as expected
    but also whether sessions are established with the credentials provided.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 11:15:53 2016 +0200

    gnutls_certificate_set_key: import the DNS names of the certificates
    
    That is, only when no (NULL) names are provided.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 11:12:33 2016 +0200

    reset the global time func on init/deinit

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 11:05:03 2016 +0200

    auth/cert: log the server name requested by client

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 11:00:02 2016 +0200

    improved output of gnutls_assert()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 10:44:57 2016 +0200

    x509: allow empty DNs on parsing for subject DNs

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Mon May 9 20:57:36 2016 +0300

    build: tests/windows/cng-windows.c: fix implicit decleration of exit
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 09:15:29 2016 +0200

    .gitlab-ci.yml: enable openssl compat library in minimal build

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 10 09:12:51 2016 +0200

    openssl_compat: removed unneeded headers
    
    These headers have been renamed, but they were not necessary for
    this module's compilation. Report/Patch by Andreas Metzler.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 9 21:47:14 2016 +0200

    .gitlab-ci.yml: added build for windows DLLs
    
    This creates the windows DLLs on every tagged release.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 9 08:03:24 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 9 07:52:14 2016 +0200

    bumped soversion

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 9 07:51:05 2016 +0200

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 7 13:34:34 2016 +0200

    x509: use the modified flag in gnutls_x509_crt_t
    
    That will avoid re-encoding or decoding in common operations.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 7 13:18:20 2016 +0200

    x509: added flag to indicate modification in gnutls_x509_crt_t

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 6 16:55:48 2016 +0200

    gnutls_x509_crt_equals*: modified to allow operation with certificates that are not imported
    
    This allows it operating with certificates that are generated from scratch.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 6 16:04:31 2016 +0200

    tests: added checks for certificate generation APIs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 6 15:40:14 2016 +0200

    doc: fixed documentation of gnutls_x509_crt_set_subject_alternative_name
    
    The previous version could not be parsed by gdoc.

Author: Hubert Kario <hkario@redhat.com>
Date:   Fri May 6 11:12:29 2016 +0200

    gnutls-serv: sending alerts on mismatched SNI names
    
    Extend serv utility to be able to send alerts when the name advertised
    by client does not match the name expected by server.

Author: Hubert Kario <hkario@redhat.com>
Date:   Fri May 6 11:05:10 2016 +0200

    Add support for sending unrecognized name alerts
    
    To better test support for server_name extension in TLS, it's
    necessary to be able to differentiate between name being rejected
    because it is unknown to the server and it being malformed.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 6 11:41:12 2016 +0200

    doc: TODO list references to gitlab

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 5 11:10:38 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 5 11:01:29 2016 +0200

    priorities: when without AES acceleration prefer stream ciphers (i.e., CHACHA20)

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu May 5 22:49:50 2016 +0200

    doc: updated documentation on rehandshake and GNUTLS_ALLOW_ID_CHANGE [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 4 09:13:50 2016 +0200

    tests: use the 'b' modifier for writing binary data in set_x509_key_file_der
    
    This allows the test to operate properly on windows systems.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed May 4 08:07:37 2016 +0200

    tests: avoid the usage of tmpnam()
    
    Use a simpler version which is confined within the testsuite
    build directories.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed May 4 07:48:37 2016 +0200

    tests: disable checks with tmpnam() on windows

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 3 20:14:37 2016 +0200

    tests: fixed 64-bit check for time_t in mini-x509

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 15:26:52 2016 +0200

    tests: added check for gnutls_certificate_set_x509_simple_pkcs12_file

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 15:12:47 2016 +0200

    .gitignore: more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 15:12:00 2016 +0200

    tests: added check of gnutls_certificate_set_x509_key_file2 with DER input

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 14:54:31 2016 +0200

    tests: enhanced set_x509_key_file check
    
    That now verifies that the input is the same as the data stored
    in the credentials as well checks for valid operation.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 14:29:35 2016 +0200

    tests: mini-x509: include the legacy verification functions into the check

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 14:28:44 2016 +0200

    tests: added check for gnutls_certificate_set_key()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 14:24:08 2016 +0200

    gnutls_certificate_set_key: duplicate the provided memory
    
    That is, do not assume that a heap allocated value is provided.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 11:54:04 2016 +0200

    .gitlab-ci.yml: enabled coverage run in the x86 build

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 11:49:09 2016 +0200

    tests: do not block server errors in testdsa from being printed out
    
    Also added a delay prior to launching next server instance.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 11:43:48 2016 +0200

    .gitignore: more test files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 11:26:04 2016 +0200

    pkcs11: find_ext_cb: eliminated memory leak

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 10:56:44 2016 +0200

    pkcs11: find_cert_cb: do not use C_FindObjectsInit() when another is already running
    
    While some modules implicitly terminated the previous run, this is not
    something that PKCS#11 modules are expected to typically do.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 3 09:28:36 2016 +0200

    pkcs11: the flag GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT will be respected by imported certificates
    
    That is, certificates imported with gnutls_pkcs11_obj_import_url() or
    gnutls_x509_crt_import_url() will be able to be extracted with their
    extensions overriden. Previously that was available only on gnutls_pkcs11_get_raw_issuer()
    and friends.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 2 15:36:56 2016 +0200

    tests: added a basic PKCS#11 mock module
    
    This is used to test gnutls_pkcs11_obj_get_exts(), gnutls_x509_crt_import_url(),
    and gnutls_pkcs11_get_raw_issuer() with the GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT
    flag.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 2 13:13:10 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 2 13:12:00 2016 +0200

    _gnutls_x509_crt_cpy: optimized and simplified

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 2 12:53:54 2016 +0200

    exported gnutls_x509_crt_equals() and gnutls_x509_crt_equals2()
    
    These functions provide a way to compare parsed certificates. They
    were used internally and they are quite useful to be made available.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 2 15:36:37 2016 +0200

    gnutls_pkcs11_obj_get_exts: updated documentation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 2 12:09:03 2016 +0200

    gnutls_x509_crt_import_url: updated documentation for new function name

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 2 12:05:48 2016 +0200

    gnutls_pkcs11_add_provider: clarified params description

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 2 08:38:32 2016 +0200

    tests: added checks on PKCS#1 digest info encoding/decoding

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 2 08:37:45 2016 +0200

    gnutls_decode_ber_digest_info: return more precise error code on unknown hash
    
    That is instead of returning GNUTLS_E_UNKNOWN_ALGORITHM on unknown hash,
    return GNUTLS_E_UNKNOWN_HASH_ALGORITHM.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 2 08:35:58 2016 +0200

    errors.h: removed terminating colon on gnutls_assert() output

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 1 12:13:26 2016 +0200

    doc: updated PKCS #11 documentation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 30 18:09:18 2016 +0200

    gnutls_certificate_get_crt_raw: doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 30 18:06:51 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 30 17:50:45 2016 +0200

    doc: mention the version after which gnutls_pem_base64_en/decode2() are available

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 30 08:26:37 2016 +0200

    tests: use one-time files in crl

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 30 07:14:13 2016 +0200

    tests: check whether the randomly generate port is used

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 30 07:05:46 2016 +0200

    .gitlab-ci.yml: enabled the code coverage checks in the valgrind and ubsan targets

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 29 19:38:44 2016 +0200

    tests: enhanced the key-import-export tests
    
    This check now includes the abstract privkey import/export interfaces.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 29 19:38:01 2016 +0200

    corrected import issue in gnutls_privkey_import_ecc_raw

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 29 19:31:48 2016 +0200

    x509/privkey: in raw import functions set the parameter's algorithm type

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 29 19:03:11 2016 +0200

    srp base64: return proper gnutls errors codes on error rather than -1

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 29 19:02:45 2016 +0200

    tests: added checks for base64 functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 18:04:50 2016 +0200

    .gitlab-ci.yml: added code coverage run
    
    This enhances a test to print the code coverage of the test suite,
    which in turn is being used/reported by gitlab CI interface.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 14:53:40 2016 +0200

    ax_code_coverage.m4: updated to latest version

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 13:12:36 2016 +0200

    libtasn1: updated to latest version

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 12:57:23 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 12:56:24 2016 +0200

    errors.h: gnutls_assert() will log the function name in addition to filename/line
    
    This is quite necessary after the filenames were simplified and we have
    filenames with identical names in the directory structure.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 12:34:43 2016 +0200

    tests: added check for SRP ID change during rehandshake
    
    The tests make sure that username changes are allowed if the
    flag GNUTLS_ALLOW_ID_CHANGE is specified, and prohibited otherwise.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 11:47:58 2016 +0200

    tests: added check for PSK ID change during rehandshake
    
    The tests make sure that username changes are allowed if the
    flag GNUTLS_ALLOW_ID_CHANGE is specified, and prohibited otherwise.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 10:23:45 2016 +0200

    handshake: enhance same certificate checks to apply to PSK/SRP username
    
    That is, unless GNUTLS_ALLOW_ID_CHANGE is specified, during a rehandshake
    clients will not be allowed to present another certificate than the original,
    or change their username for PSK or SRP ciphersuites.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 09:39:13 2016 +0200

    tests: added 'PFS' and 'SUITEB128' into the list of checked priority strings

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 09:29:45 2016 +0200

    tests: fail() function will also print function and line information

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 09:36:02 2016 +0200

    _gnutls_hex2bin: refuse to decode odd-sized hex data

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 29 09:32:52 2016 +0200

    tests: added unit tests on the HEX encoding/decoding functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 18:08:56 2016 +0200

    certtool: eliminated memory leaks in DH parameter printing/generation.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 17:42:49 2016 +0200

    certtool: combined all the seed decoding methods to a single one
    
    That not only simplifies the code, but also allows decoding hex strings
    which contain not hex chars (and that allows decoding hex of the form XX:XX:XX)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 17:31:24 2016 +0200

    Revert "tests: ensure the seed is provided in plain hex"
    
    This reverts commit 0ea7206e12f52f6ed50c4a76ea0a23f5470115b2.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 16:41:26 2016 +0200

    tests: check certtool dh-parameter generation with --provable option

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 16:38:16 2016 +0200

    tests: ensure the seed is provided in plain hex

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 16:34:29 2016 +0200

    certtool: allow specifying seed size when generating provable DH parameters

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 14:34:17 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 14:26:19 2016 +0200

    tests: simplified custom-urls check

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 14:22:44 2016 +0200

    tests: added check on whether builtin URLs cannot be overriden

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 14:09:44 2016 +0200

    keys: custom URLs take precedence over pre-defined URLs
    
    This allows applications to define the own 'system:' or 'pkcs11:'
    URLs.
    
    Resolves #89

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 16:45:44 2016 +0200

    x25519: ensure that a valid private key is present on key derivation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 10:33:47 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 10:32:51 2016 +0200

    tests: added check for GNUTLS_FORCE_CLIENT_CERT init flag

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 10:31:50 2016 +0200

    instead of assigning a variable per flag use the init flags directly
    
    That is store the flags provided in gnutls_init() in the session structure
    and use these flags directly when required.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 09:28:54 2016 +0200

    added flag in session to force sending a client certificate
    
    This handles the use case of a client connecting to a server
    which incorrectly lists the CA certificates it supports. Without
    that change the only option was to avoid using the "automatic"
    client certificate functions, but rather utilize callbacks.
    With that approach this use case is handled by the "automatic"
    certificate selection functions.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 13:28:50 2016 +0200

    .gitlab-ci.yml: do not load submodules on CI since they are not used
    
    This reduces the CI running time.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 28 09:27:24 2016 +0200

    tests: check client behavior of sending CA certificates

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 27 08:18:45 2016 +0200

    doc: removed news about feature already backported in 3.4.6

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 27 08:17:45 2016 +0200

    examples: introduced basic error checking in more examples

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 27 07:55:50 2016 +0200

    examples: simplified the basic client example

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 27 07:50:20 2016 +0200

    examples: introduced basic error checking in main client examples

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 27 07:38:47 2016 +0200

    examples: corrected the required version of example

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 26 15:03:08 2016 +0200

    tests: enhanced dane testing with offline verification checks

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 26 14:34:26 2016 +0200

    dane: verification will not fail if a CA entry is encountered but cannot be verified
    
    That addresses the issue of verifying a single certificate against a list
    of TLSA entries that contain an entry with CA usage (cert usage 0). With
    the previous behavior verification would have failed, while now this
    entry will be skipped.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 26 13:54:17 2016 +0200

    doc: improved documentation on certificate and DANE verification functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 26 13:35:35 2016 +0200

    dane: updated documentation of dane_verify_crt_raw

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 26 13:00:46 2016 +0200

    doc: added clarifications on documentation for dane_state_t

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 26 12:56:35 2016 +0200

    manpages: include the dane functions into the distributed pages

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 15:35:20 2016 +0200

    ecdhe: eliminated unneeded checks for zero of public parameters
    
    There were not required by either draft-ietf-tls-rfc4492bis-07
    or rfc7748.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 15:22:55 2016 +0200

    doc: added example client application utilizing the 3.1.x APIs

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 15:13:42 2016 +0200

    examples: added explicit 3.5.0 dependency in ex-client-x509

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 15:11:00 2016 +0200

    examples: added error checks and updated verify_certificate_chain()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 14:30:07 2016 +0200

    .gitlab-ci.yml: made the linux tag explicit for our runners

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 14:15:04 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 14:13:11 2016 +0200

    doc: document curve X25519

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 14:12:46 2016 +0200

    doc: clarify what catch all means in all scenarios

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 11:07:46 2016 +0200

    gnutls-cli-debug: added tests for supported curves

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 23 15:20:21 2016 +0200

    tests: include self tests with CURVE-X25519

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 22 13:17:38 2016 +0200

    gnutls-cli: enhanced KX benchmark with X25519

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 22 12:25:59 2016 +0200

    handshake: added support for ECDH with curve X25519
    
    This follows draft-ietf-tls-rfc4492bis-07 and rfc7748

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 12:11:48 2016 +0200

    tests: updated the openssl compat check to make explicit the used curves

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 11:12:29 2016 +0200

    ecdhe: print the received curve from the server on debug mode

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 24 10:54:54 2016 +0200

    gnutls-cli-debug: added CHACHA20-POLY1305 detection

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 23 22:25:35 2016 +0200

    tests: on out of memory conditions do not fail the hash-large test
    
    This test may require a large amount of memory which some CI systems
    cannot provide. When an out-of-memory-error is detected skip the test
    instead of failing.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 23 15:15:50 2016 +0200

    session: removed unused parameters from RSA-EXPORT era

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 23 14:52:03 2016 +0200

    README-alpha.md: updated badges with the new gitlab URLs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 22 09:26:55 2016 +0200

    doc: document the TPM 1.2 limitation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 21 16:50:46 2016 +0200

    doc: tpm: include short instructions on initializing the TPM chip

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 20 16:19:32 2016 +0200

    tests: hash-large: use private mmap()
    
    This reduces the memory usage of the test significantly on Linux.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 20 12:04:09 2016 +0200

    tests: use mmap() for large memory allocations in systems that support it
    
    That allows the hash-large test to run on systems which its calloc()
    is attempting to allocate an impossible amount of memory.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 20 11:28:21 2016 +0200

    tests: use /bin/bash for tests that use bashisms

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 20 11:02:10 2016 +0200

    tests: don't run danetool.sh if danetool is not present
    
    That prevents test suite failure in systems without libunbound.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 20 10:08:23 2016 +0200

    gnutls_int.h: allow compiling with system (gnutls) headers

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 20 13:44:59 2016 +0200

    .gitlab-ci.yml: added build rule on freebsd

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 19 23:11:13 2016 +0200

    certtool: document sha3 functions in manpage [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 19 23:06:24 2016 +0200

    doc: added missing @end example in danetool documentation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 19 22:50:52 2016 +0200

    doc: updated documentation on false start

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 19 22:37:22 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 19 19:25:08 2016 +0200

    gnutls-cli-debug: enable socket verbosity when --verbose is given

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 19 19:23:23 2016 +0200

    tools: explicitly initialize socket struct to zero
    
    That resolves issue where verbose was enabled by default.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 19 19:18:05 2016 +0200

    tools: avoid extracting the value of the app-proto alias
    
    Instead always extract the starttls-proto value, as it seems
    that libopts doesn't report any value for the former. This
    corrects the starttls capability of danetool and gnutls-cli-debug.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 19 19:12:51 2016 +0200

    tools: document the starttls capability

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 19 09:20:04 2016 +0200

    tests: do not run danetool.sh on windows
    
    The test fails due to CRLF.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 18 16:24:34 2016 +0200

    tools: avoid relying on static buffers for service name

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 18 16:16:59 2016 +0200

    tests: added basic check on danetool --tlsa-rr option

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 18 16:03:37 2016 +0200

    danetool: Allow specifying a service name into port option
    
    This makes the tool similar to gnutls-cli.

Author: Kevin Cernekee <cernekee@gmail.com>
Date:   Mon Apr 18 15:15:32 2016 +0200

    Fix library build on Chrome Native Client (NaCl)
    
    Some supported toolchains define DT_UNKNOWN but do not
    define _DIRENT_HAVE_D_TYPE (and do not have the d_type field).
    On other platforms GnuTLS may need to second-guess what the
    library is reporting, but on NaCl this is unsafe.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 18 12:03:05 2016 +0200

    gnutls-serv: don't send closure messages in failed handshakes

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 18 11:46:39 2016 +0200

    client key exchange: fail if the client KX message is padded with additional bytes

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 18 11:18:04 2016 +0200

    _wrap_nettle_pk_derive: reject values of public key that are over the prime
    
    That is do not canonicalise the value we get from the network, but
    rather check it for validity. This saves a modular reduction on handshake
    and performs a sanity check on the peer's (client) parameters.
    Reported by Hubert Kario.
    
    Resolves #84

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 15 10:17:32 2016 +0200

    tests: suite: disable any openssl cpu optimizations
    
    This prevents from valgrind failures on softhsm usage due to
    any new instruction optimizations which are not supported by
    valgrind.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 15 10:14:22 2016 +0200

    doc: further updated documentation on false start [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 14 19:32:22 2016 +0200

    doc: updated documentation on false start

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 14 19:23:13 2016 +0200

    tests: enhanced the false start checks
    
    These now check whether sending and receiving is performed
    as expected after handshake, DTLS, as well as test explicit handshake
    called by the application.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 14 19:20:36 2016 +0200

    Updated false start support to be transparent to applications.
    
    That is, an additional flag GNUTLS_ENABLE_FALSE_START is introduced
    for gnutls_init(), and that enables support for false start. At
    this point false start will be performed by the handshake if possible,
    and gnutls_record_recv() will handle handshake completion.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 14 11:11:01 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 14 11:02:59 2016 +0200

    doc: updated docs related to private key generation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 14 10:54:49 2016 +0200

    certtool: do not allow combining --provable with --ecc in key generation
    
    There is no such support in the library.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 14 10:33:55 2016 +0200

    updated auto-generated files for new APIs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 14 10:28:36 2016 +0200

    doc: added tlsproxy example reference into documentation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 15:55:56 2016 +0200

    tests: pem-decoding: fixed issue preventing out-of-tree checks

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 15:48:58 2016 +0200

    tests: pem-decoding: use unique temp files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 14:06:02 2016 +0200

    tests: enhanced mini-x509-kx with ECDHE-ECDSA ciphersuite testing
    
    Also renamed it to cert-key-exchange for easier tracking.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 13:59:02 2016 +0200

    handshake: do not overwrite the server's signature algorithm
    
    That is, correct a bug under which a client sending a certificate
    would overwrite the server's idea about the used signature algorithm.
    Reported by Hubert Kario.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 13:50:59 2016 +0200

    tests: enhanced mini-x509-kx with client auth scenarios

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 13:39:38 2016 +0200

    tests: verify that the output of gnutls_sign_algorithm_get() is the expected one

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 13:06:23 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 11:43:56 2016 +0200

    ocsp: increased the preallocated space in check_ocsp_purpose to account for null terminator
    
    This relates to gnutls_x509_crt_get_key_purpose_oid() change to
    return null-terminated OIDs.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 11:28:13 2016 +0200

    tests: enhanced and simplified SHA3 tests
    
    Included checks about SHA3-224 and SHA3-384.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 11:05:19 2016 +0200

    tests: added check of GOST cert decoding/printing
    
    This verifies whether our printing functions print the
    OID on unknown/unsupported algorithms.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 11:04:12 2016 +0200

    x509 output: print the OID of certificates/CRLs/CRQs with unknown algorithms
    
    That is, if any unknown signature or subject public key algorithm is
    encountered the OID will be printed instead.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 10:27:14 2016 +0200

    tests: added basic tests for CSR parsing
    
    This mainly includes tests on the new gnutls_x509_crq_get_signature_oid()
    and gnutls_x509_crt_get_algorithm_oid().

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 10:16:29 2016 +0200

    tests: added basic tests on CRL parsing
    
    That includes testing on the new gnutls_x509_crl_get_signature_oid()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 09:51:46 2016 +0200

    tests: added basic functionality tests for gnutls_x509_crt_get_*_oid

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 09:43:31 2016 +0200

    Added gnutls_x509_crl_get_signature_oid

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 09:39:21 2016 +0200

    Added gnutls_x509_crq_get_signature_oid and gnutls_x509_crq_get_pk_oid

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 09:17:08 2016 +0200

    Added gnutls_x509_crt_get_signature_oid and gnutls_x509_crt_get_pk_oid
    
    These functions can directly provide the textual object identifier
    of their corresponding fields.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 09:03:56 2016 +0200

    gnutls_x509_crt_get_key_purpose_oid: copy the OID as a null-terminated string

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 13 08:53:23 2016 +0200

    sign: corrected digest in SHA3-224 OID mapping

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 12 22:53:57 2016 +0200

    configure: corrected regression which prevented the build of tests/suite
    
    This regression was introduced at 8b97662c40c67a6d4087ce6e1f0c6fb6ea4a8b2c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 12 22:25:06 2016 +0200

    gnutls_x509_ext_import_policies: initialize value to avoid compiler warnings

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 12 22:21:02 2016 +0200

    README: removed inexistent package

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 12 22:16:22 2016 +0200

    common.mk: corrected typo on LDFLAGS for coverage

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 12 19:25:18 2016 +0200

    danetool: corrected typo in manual [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 12 16:07:41 2016 +0200

    gnutls_packet_get: avoid null pointer dereference on NULL input
    
    That is, still allow the function to handle a NULL packet
    input but reset the data contents.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 12 16:04:24 2016 +0200

    gnutls_x509_privkey_verify_seed: corrected typo that made the function always return true

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 12 16:02:20 2016 +0200

    _gnutls_asn2err: declared as constant function

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 12 15:37:38 2016 +0200

    load_dir_certs: use readdir() in all platforms
    
    According to glibc documentation readdir_r() is deprecated
    and the use of readdir() is recommended. As such we switch to
    it on all platforms.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 12 15:26:42 2016 +0200

    tests: combined the resume checks for Anonymous and PSK ciphersuites
    
    In addition enhanced it to check the resumption on the certificate
    ciphersuites as well.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 12 14:21:04 2016 +0200

    configure: Add a code coverage option
    
    Configure with:
      ./configure --enable-code-coverage
    Show coverage output with:
      make && make check && make code-coverage-capture

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 12 14:17:26 2016 +0200

    Makefile.am: moved common rules (AM_CFLAGS) to common.mk

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 12 12:12:40 2016 +0200

    gnutls_ocsp_resp_get_single: fail if thisUpdate is not available or unparsable
    
    That is because this field is not optional, and a failure on its
    parsing is always fatal. Reported by Yuan Jochen Kang.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 12 12:08:35 2016 +0200

    gnutls_x509_privkey_import2: document an intentional fall through

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 11 16:48:46 2016 +0200

    README: add abi-compliance-checker into install instructions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Apr 11 08:49:11 2016 +0200

    gnutls_x509_crt_get_key_usage: ensure that its returned value is properly handled
    
    Reported by Yuan Jochen Kang.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 10 10:54:29 2016 +0200

    tests: do not enable valgrind in non-git builds

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 9 13:38:47 2016 +0200

    hash: corrected the textual description of hashes

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 9 13:34:39 2016 +0200

    corrected SHA3-224 OID

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 9 13:31:54 2016 +0200

    x509 output: don't warn about insecure algorithm when unknown

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 9 12:43:22 2016 +0200

    tests: remove any system specific code of ecore
    
    This was causing issues with certain builds and
    was not used for the purpose of testing.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 9 11:51:34 2016 +0200

    tests: disable unsupported curves from compatibility checks
    
    This allows running make check even when compiling with disable-suiteb-curves.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 9 11:49:07 2016 +0200

    tests: removed unused scripts

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 9 11:46:27 2016 +0200

    .gitlab-ci.yml: combined C99 and undefined sanitizer builds

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 9 09:46:06 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 9 09:43:49 2016 +0200

    crywrap: was removed from gnutls tools
    
    Its inclusion did not increase the attention paid to this
    tool, not provided any significant advantage to gnutls' users
    thus it was unbundled from the main library. The tool can be found at
    https://github.com/nmav/crywrap

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 9 08:17:53 2016 +0200

    minitasn1: updated to latest git version

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 8 19:46:36 2016 +0200

    doc: Replace references to select with poll and other fixes

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 8 19:40:28 2016 +0200

    doc: replace inaccurate sentence with reference to gnutls_record_discard_queued [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 8 15:40:06 2016 +0200

    gnutls_record_get_direction: doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 8 14:13:26 2016 +0200

    tests: reduce the number of loops in x509sign-verify2
    
    This enables running the test in reasonable time under valgrind.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 8 13:36:44 2016 +0200

    pkix.asn: corrected byKey definition
    
    OCSP is defined in an EXPLICIT tags module, and as such
    we must tag explicitly all of its tags.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 5 13:22:29 2016 +0200

    tests: check the generation of IP name constraints with certtool

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 5 13:21:53 2016 +0200

    certtool: allow generating IP name constraints
    
    Relates #83

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 5 13:16:07 2016 +0200

    _gnutls_parse_general_name2: allow parsing empty names
    
    This allows parsing empty general names such as an empty DNSname
    used in name constraints.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 5 11:54:50 2016 +0200

    name constraints: enforce the rules for IP constraints when adding
    
    This will prevent gnutls from generating badly formed certificates.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 5 10:36:05 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 5 10:33:18 2016 +0200

    .gitignore: more files to ignore

Author: Daiki Ueno <ueno@gnu.org>
Date:   Wed Mar 16 14:21:41 2016 +0900

    name constraints: compute permitted set strictly
    
    RFC 5280 6.1.4. states that the permitted_subtrees variable is
    constructed as an intersection of its previous value.
    
    Co-authored-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 5 09:08:14 2016 +0200

    .gitlab-ci.yml: added C99 target for the library
    
    This compiles the library using gcc options for the C99
    standard.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 5 08:44:34 2016 +0200

    README: updated libtasn1 URL [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 3 09:46:24 2016 +0200

    x86-common: increase the size of _gnutls_x86_cpuid_s to match the size of assembly files
    
    This resolves issue on certain platforms (e.g., windows) where ld would simply fail,
    instead of allocate the largest size of the variable.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 2 12:56:45 2016 +0200

    ocsptool: use HTTP/1.0 for requests
    
    This avoids issue with servers serving chunk encoding which
    ocsptool doesn't support. Reported by Thomas Klute.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 2 12:02:08 2016 +0200

    gnutls_init(): refer to gnutls_init_flags_t for the documentation of available flags

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 2 11:16:19 2016 +0200

    README.CODING_STYLE: set C99 as the C dialect of choice

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 1 11:10:56 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 1 11:08:38 2016 +0200

    tests: added check for system priority file loading and parsing
    
    This checks whether the file is properly loaded and its contents
    are parsed as expected.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 1 10:46:12 2016 +0200

    priorities: preload the system priorities on library loading time
    
    This allows to rely on the system priorities even in the case of
    applications that chroot(). This also introduces the environment
    variable GNUTLS_SYSTEM_PRIORITY_FILE which can be used to override
    the global priority file.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 31 17:25:45 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 31 17:24:37 2016 +0200

    tests: added check of verification using MD5 with and without --verify-allow-broken
    
    This tests certtool and whether it fails verification of MD5 chains
    with no --verify-allow-broken, or whether it succeeds if given.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 31 17:15:34 2016 +0200

    tests: added PKCS #7 signing/verification test with broken sigs (MD5)
    
    This tests whether we can sign structures using broken algorithms (MD5),
    and verify structures signed with broken algoritms if --verify-allow-broken
    is given to certtool.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 31 16:58:37 2016 +0200

    certtool: added flag to allow verification using broken algorithms

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 31 09:46:44 2016 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 31 10:29:59 2016 +0200

    tests: check whether resumption data from resumed session work

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 31 09:40:09 2016 +0200

    session resumption: lift the limitation of calling gnutls_session_get_data*() on non-resumed sessions
    
    This allows of obtaining the session data required for proper session resumption
    from any available session. This brings the API in par with expectations of its
    users.
    
    Resolves #79

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 31 09:45:43 2016 +0200

    dtls: added missing dtls.h to state.c

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 30 12:24:09 2016 +0200

    tests: added check for gnutls_record_set_state() under DTLS

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 30 11:37:49 2016 +0200

    dtls: reset the record number sliding window on gnutls_record_set_state()
    
    This addresses issue where gnutls_record_set_state() was called with a
    new state but the sliding window information was not updated, thus
    blocking any incoming packets.
    
    Resolves #82

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 30 10:13:18 2016 +0200

    x509/output: simplified cidr_to_string()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 29 16:14:15 2016 +0200

    .gitignore: more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 29 16:11:36 2016 +0200

    tests: check gnutls_record_get_state() with DTLS
    
    Since in DTLS we relied on a sliding window to keep track of the
    sequence numbers we didn't provide a sensible value to application
    via gnutls_record_get_state(). This test makes sure that we report
    the "correct" value when asked. Correct being the next number after
    the last received packet.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 29 15:52:59 2016 +0200

    DTLS: save last valid record sequence number
    
    This will allow to report a valid number to gnutls_record_get_state() callers
    in case of DTLS. Reported by Fridolin Pokorny.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 29 15:34:37 2016 +0200

    tests: delete outfile in certtool-long-cn

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 29 15:33:27 2016 +0200

    tests: verify the output of name constraints IP decoding

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 29 15:04:11 2016 +0200

    x509/output: print RFC5280 CIDRs in name constraints

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 29 14:11:56 2016 +0200

    tests: check the sequence numbers produced by gnutls_record_get_state()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 29 14:08:58 2016 +0200

    gnutls_record_get_state: Allow for NULL parameters

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 24 07:13:59 2016 +0100

    ocsptool: eliminated memory leaks in verify-response option

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 24 07:12:34 2016 +0100

    ocsptool: don't exit with error code on verification failures when --ignore-errors is given

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 23 23:15:24 2016 +0100

    tests: added OCSP related checks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 23 23:14:01 2016 +0100

    ocsptool: exit with error on verification failures

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 23 23:00:53 2016 +0100

    ocsp: gnutls_ocsp_resp_verify_direct will skip additional checks for certificates matching issuer
    
    That eliminates issue with ocsptool rejecting OCSP responses signed
    by the same CA that signed the certificate. Reported by Thomas Klute.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 23 22:46:16 2016 +0100

    ocsptool: Allow saving responses even if verification fails
    
    In addition do not enter a spurious newline to responses.

Author: Maya Rashish <coypu@sdf.org>
Date:   Wed Mar 23 18:04:07 2016 +0200

    Avoid using strerror in dtls stress test
    
    Using it results in build failure on NetBSD:
    undefined reference to `rpl_strerror'

Author: Maya Rashish <coypu@sdf.org>
Date:   Wed Mar 23 16:08:02 2016 +0200

    Add missing header to testsuite
    
    This causes a problem for NetBSD+clang tests, because SIGTERM and
    kill are undefined.
    
    Resolves #80
    
    Signed-off-by: Maya Rashish <coypu@sdf.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 23 10:39:59 2016 +0100

    session tickets: avoid GCM for session tickets and rely on CBC and HMAC
    
    The latter is more resilient against non-key renewal.

Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date:   Mon Feb 15 12:14:52 2016 +0200

    Broke apart _gnutls_recv_int() to the packet and non-packet cases.
    
    Only gnutls_record_recv_packet() called _gnutls_recv_int() with
    (packet != NULL). I refactored this logic directly downstream into
    gnutls_record_recv_packet(). The _gnutls_recv_int() function now only
    handles non-packet specific logic. The check_session_status() function
    was created to deduplicate common code which would otherwise have
    ended up in both functions.
    
    The rationale behind this change is to optimize what were previously
    calls of _gnutls_recv_int(). First of all _gnutls_recv_int() now has
    only 6 parameters, which according to the x86_64 System V Application
    Binary Interface should now fit into CPU registers and no longer use
    the stack. Secondly this change avoids a number of branching checks
    for both packet and non-packet cases.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 21 11:29:08 2016 +0100

    gnutls-cli: corrected usage of gnutls_session_get_data()
    
    This is no longer called on resumed sessions, allowing more than
    one resumption in servers which use tickets and don't resend the ticket
    on subsequent connections.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 18 13:10:40 2016 +0100

    testcompat-openssl: enable TLS 1.2 tests with openssl 1.0.1+

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 18 11:21:35 2016 +0100

    tests: verify that the post-client-hello callback has access to ALPN data

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 18 10:35:46 2016 +0100

    .gitlab-ci.yml: don't use git submodule update, not needed for our testsuite

Author: Yuriy M. Kaminskiy <yumkam@gmail.com>
Date:   Tue Mar 15 18:21:32 2016 +0300

    alpn: ALPN state is per-connection, it should not be saved with session data
    
    In addition the extension was moved to the mandatory to parse to ensure it
    is always parsed when sessions are resumed.
    
    rfc7301:
        Unlike many other TLS extensions, this extension does not establish
        properties of the session, only of the connection.  When session
        resumption or session tickets [RFC5077] are used, the previous
        contents of this extension are irrelevant, and only the values in the
        new handshake messages are considered.
    
    Signed-off-by: Yuriy M. Kaminskiy <yumkam@gmail.com>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 18 09:44:40 2016 +0100

    tests: added checks for session resumption and ALPN
    
    This checks whether the ALPN extension is re-read on
    resumption and is negotiated.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 16 10:00:17 2016 +0100

    x86-common: CPUID override will only work if CPU has already the capability present
    
    This resolves test suite failure on CPUs with limited capabilities.
    Reported by Andreas Metzler.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 17:35:12 2016 +0100

    Introduced GNUTLS_E_ASN1_EMBEDDED_NULL_IN_STRING
    
    This error code is returned when an embedded NULL is detected in
    a string.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 16 21:03:54 2016 +0100

    gnutls_server_name_set: accept non-null terminated hostnames
    
    The introduction of IDNA support introduced a regression and this
    function does not operate correctly when given non-null terminated
    strings. Reported by Tim Ruehsen.
    
    Relates #78

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 16 20:57:31 2016 +0100

    tests: added check for non-null terminated server name
    
    This checks whether a non-null terminated server name, but with
    correct length is correctly accepted by gnutls_server_name_set().
    
    Relates #78

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 15 12:00:39 2016 +0100

    tests: template-test was updated for OCSP key purpose reordering

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Mon Mar 14 10:44:08 2016 +0100

    guile: doc: Mention bytevectors.
    
    * doc/gnutls-guile.texi (Representation of Binary Data): Mention bytevectors.
    (Input and Output): Likewise.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Mon Mar 14 10:44:07 2016 +0100

    guile: doc: Explain "Application Data" packets and 'session-record-port'.
    
    * doc/gnutls-guile.texi (Input and Output): Mention "Application Data"
    packets and buffering.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 15 11:20:16 2016 +0100

    certtool: do not require a CA for OCSP signing
    
    This follows the recommendations in RFC6960 in 4.2.2.2
    which allow a CA to delegate OCSP signing to another certificate
    without requiring it to be a CA.
    
    Reported by Thomas Klute.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 14 14:06:01 2016 +0100

    doc: updated text for gnutls_ocsp_status_request_is_checked()
    
    Relates #75

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 14 13:56:17 2016 +0100

    doc: clarified expectations on gnutls_datum_t
    
    Relates #77

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 13 20:55:02 2016 +0100

    doc update: gnutls_handshake_set_false_start_function() [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 13 11:39:22 2016 +0100

    abi-check: corrected type of gnutls_x509_crl_get_issuer_dn
    
    That will avoid any accidental ABI breakage on that symbol.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 11 14:45:02 2016 +0100

    .gitlab-ci.yml: added abi-checker rule
    
    This allows to test ABI incompatibilities as soon as possible.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 11 14:36:39 2016 +0100

    Makefile: made abi-checks self-contained
    
    That is, they no longer assume a given directory structure to exist
    outside git. It now includes a static dump of the symbols in 3.4.0
    for x86_64 and we compare with it.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 11 11:52:17 2016 +0100

    certtool: better error handling in file_size()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 11 11:47:12 2016 +0100

    gnutls-cli: fix invalid initialization in cert_verify_ocsp()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 11 11:45:23 2016 +0100

    gnutls-serv: human_addr always returns a non-null argument
    
    This addresses issue with libc's which don't support printf() with
    a NULL argument.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 8 15:10:07 2016 +0100

    tests: testpkcs11: the test will always fail in code path failures

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 8 10:12:22 2016 +0100

    README: list the main branches build status [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 7 11:50:34 2016 +0100

    gnutls_system_recv_timeout: restore poll on EINTR

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 7 10:47:43 2016 +0100

    doc: corrected typo [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 7 10:42:14 2016 +0100

    gnutls_ocsp_status_request_is_checked: document the version the flag was introduced at
    
    Relates: #75

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 7 10:25:57 2016 +0100

    doc: generate manpages for all functions
    
    That addresses issue where certain manpages were created empty.
    See https://bugzilla.redhat.com/show_bug.cgi?id=1306800

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 7 10:11:37 2016 +0100

    doc: mention gnutls_certificate_set_x509_trust_dir()
    
    It was not mentioned in the "Client or server certificate verification"
    section.
    
    Resolves #76

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 7 09:30:44 2016 +0100

    tests: mini-loss-time: improved timeout detection

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 4 10:16:51 2016 +0100

    corrected typo in comment [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 1 16:23:55 2016 +0100

    configure: silence clang's warnings

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 3 14:24:13 2016 +0100

    tests: added check for version negotiation default prio string
    
    That verifies whether the support versions are negotiated.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 3 09:05:32 2016 +0100

    tests: include test-hash-large into dist

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 3 08:50:48 2016 +0100

    Sync with TP [ci skip]

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Wed Mar 2 09:59:19 2016 +0100

    Update NEWS.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 1 14:50:42 2016 +0100

    Disable weak symbols for _gnutls_global_init_skip() under windows
    
    That is to avoid an issue with running gnutls under windows;
    that renders GNUTLS_SKIP_GLOBAL_INIT a no-op under windows.
    
    Relates #74

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 1 13:19:29 2016 +0100

    .gitlab-ci.yml: asan, clang and valgrind builds were made arch-independent

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Feb 29 20:49:09 2016 +0100

    tests: pkcs12: allow multiple in-place builds

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Feb 29 19:41:33 2016 +0100

    tests: pkcs1-pad,rsa-md5-collision: allow multiple in-place builds

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Feb 29 17:12:49 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Feb 29 17:06:12 2016 +0100

    gnutls-cli: fail if gnutls is not compiled with DANE support and --dane is provided
    
    Suggested by Bjorn Jacke.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 29 13:23:25 2016 +0100

    tests: always used the slow (portable) version of get16bits
    
    This prevents issues with misaligned addresses and undefined sanitizer.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 29 12:46:47 2016 +0100

    timespec_sub_ms: fixed operation in 32-bit systems

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 29 10:23:20 2016 +0100

    .gitlab-ci.yml: don't use the internal libtasn1 when compiling with libubsan
    
    This prevents build failures due to issues in libtasn1

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 29 10:22:13 2016 +0100

    tests: Fixes to prevent undefined behavior (found with libubsan)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 29 10:18:58 2016 +0100

    pkcs11: Fixes to prevent undefined behavior (found with libubsan)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 29 09:58:40 2016 +0100

    cipher.c: Fixes to prevent undefined behavior (found with libubsan)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 29 09:57:40 2016 +0100

    ecc: optimized extension parsing

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 29 09:48:12 2016 +0100

    opencdk: Fixes to prevent undefined behavior (found with libubsan)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 29 09:48:02 2016 +0100

    gnutls.h: Fixes to prevent undefined behavior (found with libubsan)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 29 09:43:32 2016 +0100

    x509: Fixes to prevent undefined behavior (found with libubsan)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 29 09:27:23 2016 +0100

    x509: cleanup in privkey.c

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun Feb 28 15:35:01 2016 +0100

    Let p11tool --provider option accept filenames.
    
    Drop 'file-exists = yes;' to allow specifying either an absolute pathname
    or a file in P11_MODULE_PATH.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 28 13:01:11 2016 +0100

    .gitlab-ci.yml: abort on ubsan errors

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 28 12:12:09 2016 +0100

    p11tool: addressed memory leaks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 28 10:45:02 2016 +0100

    tests: use 'datefudge -s' to avoid loops
    
    This avoids repeated loops of the same test as well as
    random failures in the test suite.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 27 22:37:21 2016 +0100

    tests: krb5-test: increased the number of loops
    
    This should prevent random failures in the test suite.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 27 22:23:34 2016 +0100

    .gitlab-ci.yml: asan and ubsan include the suite/

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 23 10:35:14 2016 +0100

    .gitignore: more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 23 10:33:18 2016 +0100

    doc: documented false start functionality

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 23 10:23:57 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 23 10:14:53 2016 +0100

    tests: Added checks for false start operation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 23 09:40:26 2016 +0100

    Added gnutls_handshake_set_false_start_function()
    
    This function allows to use TLS False-start, by using the provided
    function to send data just after finished message.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 27 21:54:51 2016 +0100

    tests: enable softhsmv2 test suite by default
    
    Also do not fatally fail with known softhsmv2 bugs.

Author: Jan Vcelak <jan.vcelak@nic.cz>
Date:   Fri Feb 26 16:17:48 2016 +0100

    pkcs11: tests for RSA, ECC, DSA private key import
    
    Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>

Author: Jan Vcelak <jan.vcelak@nic.cz>
Date:   Fri Feb 26 16:17:47 2016 +0100

    pkcs11: tests for DSA key generating
    
    Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 27 17:56:36 2016 +0100

    added getpid() to the list of system calls used

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 26 14:41:12 2016 +0100

    .gitlab-ci.yml: added compilation rule with libubsan

Author: Jan Vcelak <jan.vcelak@nic.cz>
Date:   Thu Feb 25 16:43:36 2016 +0100

    gnutls_x509_privkey_import: add missing algorithm setting for DSA keys
    
    The algorithm number was set only in the private key structure, not in
    the nested structure with parameters. This made certain operations to
    fail (e.g., copying the key into a PKCS #11 token).
    
    Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>

Author: Jan Vcelak <jan.vcelak@nic.cz>
Date:   Thu Feb 25 15:21:30 2016 +0100

    pkcs11: implement correct DSA key pair generating
    
    Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>

Author: Jan Vcelak <jan.vcelak@nic.cz>
Date:   Thu Feb 25 15:21:29 2016 +0100

    pkcs11: add interface for C_GenerateKey
    
    Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 26 12:00:55 2016 +0100

    better match with unknown_tls_aid

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 26 11:54:05 2016 +0100

    x509: moved time-specific functions to time.c

Author: Sebastian Dröge <sebastian@centricular.com>
Date:   Wed Feb 24 12:42:26 2016 +0200

    configure: Android is ELF too
    
    Without this, compiling Android for x86 or x86-64 fails because the assembly
    optimizations are not compiled in.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 25 15:45:04 2016 +0100

    mentioned the public git URL for cloning [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 24 15:12:23 2016 +0100

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 24 14:55:19 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 24 14:53:59 2016 +0100

    tests: check functions which export session parameters
    
    That is gnutls_session_get_random() and gnutls_session_get_master_secret().

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 24 14:43:17 2016 +0100

    Added gnutls_session_get_master_secret
    
    This provides the ability to export all session parameters in various
    formats.
    
    Resolves #64

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 22 15:51:11 2016 +0100

    tests: gnutls_session_get_flags() is checked for extended master secret

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 22 15:49:25 2016 +0100

    tests: check gnutls_session_get_flags() for EtM

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 22 15:46:33 2016 +0100

    tests: check gnutls_session_get_flags() for safe renegotiation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 22 15:26:46 2016 +0100

    Added gnutls_session_get_flags()
    
    This function would allow to simplify handling of future
    flags which we may want to indicate, and would not require
    API additions for new flags.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 22 11:57:30 2016 +0100

    Revert ".gitlab-ci.yml: disable guile tests"
    
    This reverts commit 50ce516eebaf011f041002ecbfdb61b113159282.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Sun Feb 21 18:58:35 2016 +0100

    guile: Fix out-of-tree builds.
    
    This fixes a regression introduced in 3045a96.
    
    * guile/Makefile.am (.in.scm): Make the parent directory of $@.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 18 17:04:24 2016 +0100

    Improved documentation in _gnutls_sort_clist

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 18 16:43:51 2016 +0100

    gnutls_x509_crt_list_import: corrected memory leak
    
    This was triggered if GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED was specified
    and a failure occurred.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 18 15:59:31 2016 +0100

    _gnutls_sort_clist: fixed issues when used with func option
    
    This function would incorrectly call func() on elements that were
    included in the list, and would not call func() if the size of the
    final chain was one.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 18 15:10:54 2016 +0100

    tests: added tests for gnutls_pcert_list_import_x509_raw()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 18 14:29:20 2016 +0100

    ext master secret: ensure we disable ext master secret if requested
    
    That is, on rehandshakes, as on the standard handshakes it is disabled
    by default.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 18 14:18:04 2016 +0100

    tests: verify that we do not allow rehandshakes without ext master
    
    That is, if we have an initial session which uses the extended master
    secret do not allow subsequent rehandshakes to skip it.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 18 11:53:20 2016 +0100

    tests: sha3-test: use different dates for generation and validation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 18 10:55:32 2016 +0100

    certtool: eliminated memory leaks

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 18 10:28:33 2016 +0100

    bumped the version of max algorithm num to account for new signing algorithms

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 18 09:17:17 2016 +0100

    src: added systemkey-args to BUILT_SOURCES

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 17 15:19:08 2016 +0100

    tests: simplified sha3-test

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 17 05:43:24 2016 +0100

    cross.mk: updated for gnutls 3.4.9, nettle 3.2, gmp 6.1.0 and p11-kit 0.23.2 [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 16 16:46:54 2016 +0100

    .gitlab-ci.yml: disable guile tests
    
    This prevents the test suite from failing.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 16 16:40:09 2016 +0100

    doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 16:18:00 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 16:13:12 2016 +0100

    tests: resume: check whether the server does not resume in ext master secret mismatch
    
    Relates #69

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 16:10:31 2016 +0100

    Ensure that session resumption does not occur when ext master secret status changes
    
    That is we make sure the server doesn't resume when:
    1. Original session had extended master secret but not advertised in resumed
    2. Original session did not have extended master secret but is advertised in resumed
    
    Relates #69

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 14:45:40 2016 +0100

    tests: resume: simplified structure assignment using C99 syntax

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 15 10:52:55 2016 +0100

    tests: added certification generation tests with SHA-3 tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 15 10:37:57 2016 +0100

    Added NIST's OIDs for SHA3 signature algorithms
    
    This allows to generate certificates signed with SHA3.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Feb 11 23:04:38 2016 +0100

    guile: Work around lack of 'eval-when' on 1.8.
    
    * guile/modules/gnutls.in (eval-when) [!guile-2]: New macro.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Feb 11 23:04:37 2016 +0100

    guile: Install modules in versioned directory by default.
    
    * configure.ac: Change default 'GUILE_SITE' value to include
    $guile_effective_version.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Feb 11 23:04:36 2016 +0100

    guile: build: Make silent rules actually quiet.
    
    * guile/Makefile.am (.in.scm): Use $(AM_V_GEN) and $(AM_V_at).
    * guile/src/Makefile.am (enums.h, enum-map.i.c)
    (smobs.h, smob-types.i.c, %.x): Likewise.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Feb 11 23:04:35 2016 +0100

    guile: Build and install .go files on Guile 2.x.
    
    * configure.ac: Check for 'guild' and substitute 'GUILD'.  Define
    'HAVE_GUILD'.  Substitute 'guileobjectdir'.  Don't output
    guile/modules/Makefile and guile/tests/Makefile.
    * guile/modules/Makefile.am, guile/tests/Makefile.am: Remove.  Move
    contents to...
    * guile/Makefile.am: ... here.
    (SUBDIRS): Remove 'modules' and 'tests'.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Feb 11 23:04:34 2016 +0100

    guile: doc: Change prompt in examples.
    
    * doc/gnutls-guile.texi (Guile Preparations): Use the prompt found in
    2.0.  Change "libguile-gnutls-v-0" to "guile-gnutls-v-2".

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Feb 11 23:04:33 2016 +0100

    guile: tests: Add Guile 2.2 compatibility layer.
    
    This allows tests to run with Guile 2.1/2.2.
    
    * guile/modules/gnutls/build/tests.scm (define-replacement) [guile-2]:
    New macro.
    (uniform-vector-read!, uniform-vector-write) [guile-2]: New procedures.
    * doc/gnutls-guile.texi (Guile Preparations): Mention 2.2.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Feb 11 23:04:32 2016 +0100

    guile: tests: Make sure no processes are left behind.
    
    Before that, child processes would be left behind and become zombies.
    
    * guile/tests/anonymous-auth.scm, guile/tests/openpgp-auth.scm,
    guile/tests/session-record-port.scm, guile/tests/x509-auth.scm:
    Add (waitpid pid) call on the server side.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Feb 11 23:04:31 2016 +0100

    guile: tests: Add 'with-child-process'.
    
    This makes sure that child processes always exit no matter what.
    
    * guile/modules/gnutls/build/tests.scm (define-syntax-rule) [!guile-2]:
    New macro.
    (call-with-child-process): New procedure.
    (with-child-process): New macro.
    * guile/tests/anonymous-auth.scm, guile/tests/openpgp-auth.scm,
    guile/tests/session-record-port.scm, guile/tests/x509-auth.scm: Use it
    instead of an explicit 'primitive-fork' call.
    * guile/.dir-locals.el: New file.
    * guile/Makefile.am (EXTRA_DIST): New variable.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 15 09:52:10 2016 +0100

    tests: mini-loss-time: ensure client timeouts after the server is
    
    This addresses issue with the server detecting the client disconnection
    prior to its timeout. Reported by Steven Chamberlain, Andreas Metzler.

Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date:   Fri Feb 12 16:59:31 2016 +0200

    Removed the invariant htype parameter of _gnutls_recv_int()
    
    All uses of _gnutls_recv_int() passed -1 as the htype argument of type
    gnutls_handshake_description_t, which had been used for SSLv2 client
    hellos. Introduced in 2001 with dc1122e7b6.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 14 18:41:01 2016 +0100

    provable RSA key generation: adjust the seed size based on N size

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 14 18:18:38 2016 +0100

    provable RSA key generation: allow non-2048 and non-3072 keys
    
    That is enforce the 2048 and 3072-bit limit to FIPS when in FIPS140-2
    mode.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 13 18:21:08 2016 +0100

    DH/DSA: allow the generation of larger than 15360 bit parameters

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 13 14:50:19 2016 +0100

    tests: eliminated mem leak in hash-large

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Feb 12 15:16:55 2016 +0100

    tests: check whether large buffer hashes and MAC work as expected

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Feb 12 10:48:12 2016 +0100

    nettle: use the correct type for hash and MAC functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 6 22:44:37 2016 +0100

    provable prime generation: arbitrary seed lengths are accepted in non-FIPS mode

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 12:10:57 2016 +0100

    gnutls-cli: improved indentation in benchmark output

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 11:43:27 2016 +0100

    certtool: removed unused variable

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 11:00:15 2016 +0100

    certtool: the --generate-dh-params option can be combined with --provable
    
    This however, will generate provable DSA parameters and import them
    as DH parameters.
    
    Resolves #72

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 10:42:34 2016 +0100

    certtool: the --dh-info option will retrieve DH parameters from DSA keys

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 10:34:52 2016 +0100

    tests: added check for gnutls_dh_params_import_dsa

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 10:05:58 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 11 10:05:13 2016 +0100

    Added gnutls_dh_params_import_dsa() which allows to import DSA parameters into DH ones
    
    This simplifies importing DSA private keys into DH parameters.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 10 14:29:47 2016 +0100

    tests: set_pkcs12_cred: existing tests are disabled when in FIPS140-2 mode
    
    The tests require access to the RC4 cipher which is not available.

Author: Attila Molnar <attilamolnar@hush.com>
Date:   Wed Feb 10 10:55:15 2016 +0100

    Fix memory leak in gnutls_certificate_set_ocsp_status_request_file()
    
    Signed-off-by: Attila Molnar <attilamolnar@hush.com>

Author: Attila Molnar <attilamolnar@hush.com>
Date:   Sat Feb 6 18:16:59 2016 +0100

    doc: Update description of credential alloc/dealloc functions
    
    Get rid of "This structure is complex enough to manipulate directly..."
    text which suggests that these functions are optional, "helper" functions
    when in fact their usage is required for encapsulation reasons.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Feb 10 10:11:00 2016 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 8 11:23:33 2016 +0100

    ALPN: added the GNUTLS_ALPN_SERVER_PRECEDENCE flag
    
    This allows the server to set precedence on the protocols
    it supports, rather than following the client's order.
    
    Resolves #71

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Tue Feb 9 13:37:49 2016 +0100

    improve doc on special keywords in priority string
    
    Special keywords in priority strings like %COMPAT may not be prefixed
    with +, - or !, "NORMAL:+%COMPAT is invalid.

Author: Attila Molnar <attilamolnar@hush.com>
Date:   Sat Feb 6 18:01:33 2016 +0100

    doc: Fix some typos

Author: Attila Molnar <attilamolnar@hush.com>
Date:   Sat Feb 6 17:50:05 2016 +0100

    Remove remaining RSA-EXPORT support leftovers from doc and messages

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 3 09:20:05 2016 +0100

    tests: pkcs11-pubkey-import-ecdsa will only work under softhsmv2

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun Jan 31 17:59:37 2016 +0100

    Fix some more typos.
    
    certifcate, funtion, withing, missmatch

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Jan 30 12:18:55 2016 +0100

    tests: updated check to account for revert in 7d3caedb8df9d04eee9513cb5b3b417ae29927f5

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Jan 30 12:15:07 2016 +0100

    Revert "tests: updated to account for cert generation after 2adb9b2bfb31afebbdd9f990e2b74c9a3d4e5c57 fix"
    
    This reverts commit 735dbde324be6c8785a3dea5f09c82b6a8ad298b.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sat Jan 30 11:15:13 2016 +0100

    Revert "Fix out-of-bounds read in gnutls_x509_ext_export_key_usage"
    
    This was not really an out-of-bounds check. Added documentation
    to make that clear.
    
    This reverts commit ffbc9aaea7dcf29c03784d128b83f0682357858d.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 28 13:14:14 2016 +0100

    certtool: corrected email escaping in texinfo

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 28 10:45:17 2016 +0100

    Replaced select() system call with poll() on POSIX systems
    
    This allows to use the default gnutls functions with file descriptors
    over the maximum supported by select.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 25 11:08:21 2016 +0100

    tests: windows: fixed check-output call

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 22 16:34:29 2016 +0100

    tests: added dummy functions used by CAPI32 implementation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 22 16:33:48 2016 +0100

    tests: better checking for failure in windows cng check

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 22 12:59:47 2016 +0100

    system-key-win: call CertFreeCertificateContext()

Author: Bjørn Christensen <bhc@insight.dk>
Date:   Fri Jan 22 11:52:21 2016 +0100

    system-key-win: added interface to  CAPI, old style crypto api on windows

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 21 14:45:56 2016 +0100

    certtool: corrected texinfo output for krb5_principal

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 21 12:58:56 2016 +0100

    tests: priorities: account for the addition of CHACHA20-POLY1305

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 21 12:00:33 2016 +0100

    CHACHA20_POLY1305 was added to the default priority strings
    
    That is the NORMAL and PERFORMANCE priority strings now will
    enable CHACHA20-POLY1305 by default.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jan 18 18:38:36 2016 +0100

    gnutls_global_init: log gnutls' version on initialization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 18 15:56:02 2016 +0100

    doc: corrected typo [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 16 20:54:20 2016 +0100

    README: added trousers to list of dependencies [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 16 20:43:42 2016 +0100

    tests: added check for KRB5Principal output
    
    Resolves #67

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jan 14 17:16:00 2016 +0100

    README.md -> README-alpha.md

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jan 14 17:09:23 2016 +0100

    updated copyright info

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jan 14 17:04:54 2016 +0100

    README: auto-generated from README-install.md

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 14 14:50:34 2016 +0100

    gnutls_int.h: increased MAX_SERVER_NAME_SIZE to 256 bytes

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 13 13:14:55 2016 +0100

    gnutls_pubkey_import_x509_raw: fixed memory leak

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 8 16:26:21 2016 +0100

    tests: added check for the krb5_principal template option

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 11 15:11:41 2016 +0100

    certtool: introduced the krb5_principal template option

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 11 15:09:23 2016 +0100

    x509: introduced GNUTLS_SAN_OTHERNAME_KRB5PRINCIPAL
    
    That allows to print and write KRB5PrincipalName othernames
    in subject alternative name.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 11 15:19:24 2016 +0100

    x509: place newline when printing unsupported othernames

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 10 16:05:41 2016 +0100

    x509: moved virtual subject alternative name othername support to virt-san.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 10 14:46:16 2016 +0100

    gnutls_x509_crt_set_subject_alt_name: documented the version after which GNUTLS_SAN_OTHERNAME_XMPP is available

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 10 14:45:03 2016 +0100

    tests: added check for XMPP othername generation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 10 14:39:14 2016 +0100

    certtool: allow writing xmpp_name

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 10 14:30:56 2016 +0100

    Allow assigning 'virtual' SAN types via *_set_subject_alt_name()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 10 13:47:38 2016 +0100

    NEWS: document newly added functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 10 08:17:51 2016 +0100

    alpn: when parsing the list of protocols return at the first mutually common
    
    That resolves an issue where the server wouldn't select the first mutually supported.
    
    Resolves #63

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 10 08:17:07 2016 +0100

    tests: mini-alpn: corrected protocol selection order

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 10 08:04:29 2016 +0100

    tests: alpn: enhance the testing of ALPN negotiation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 9 21:42:11 2016 +0100

    alpn: document how the selected protocol is selected [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 9 21:20:00 2016 +0100

    tests: verify that the selected ALPN protocol is the first advertised

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 8 16:52:44 2016 +0100

    gnutls_aead_cipher_decrypt: removed misleading text
    
    Reported by Fridolin Pokorny.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 8 12:16:29 2016 +0100

    tests: added check for certtool's othername writing functionality

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 8 11:16:58 2016 +0100

    certtool: added ability to generate othernames via template files
    
    Relates #62

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 8 12:05:18 2016 +0100

    x509: added flags to enable the encoding of othername data

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 8 11:05:36 2016 +0100

    x509: introduced functions to set an othername alternative name
    
    That is, added, gnutls_x509_crt_set_subject_alt_othername,
    gnutls_x509_crt_set_issuer_alt_othername, gnutls_x509_crq_set_subject_alt_othername
    
    Relates #62

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 7 14:35:59 2016 +0100

    trust_list_get_issuer_by_dn: fixed check for DN or SPKI

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 7 14:02:24 2016 +0100

    configure: no longer distribute lzip tarballs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 7 14:14:21 2016 +0100

    symbols.last: don't include internal symbols into exported list

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 5 11:21:43 2016 +0100

    tests: updated to account for cert generation after 2adb9b2bfb31afebbdd9f990e2b74c9a3d4e5c57 fix

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Mon Jan 4 16:40:26 2016 +0100

    Fix out-of-bounds read in gnutls_x509_ext_export_key_usage

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 20:16:37 2015 +0200

    .gitlab-ci.yml: optimized build process
    
    That is, in slow asan and valgrind builds don't check the full test suite.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 14:35:45 2015 +0200

    gnutls_pkcs11_copy_x509_privkey2: corrected the writing of ECC private key

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 13:38:34 2015 +0200

    tests: pkcs11-pubkey-import will check both RSA and ECDSA keys

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 13:35:30 2015 +0200

    gnutls_pkcs11_copy_x509_privkey2: corrected the type of the written object
    
    Previously only RSA objects were correctly written.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 13:10:37 2015 +0200

    tests: added ECDSA key in cert-common.h

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 12:20:41 2015 +0200

    pkcs11: moved default RSA public exponent out of stack

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 12:17:21 2015 +0200

    pkcs11: import public keys from any available object
    
    That is, load public keys from the public key object, or
    the certificate object if they are present. That affects
    non-RSA public keys which do not contain all required fields
    on the private key object.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 01:02:30 2015 +0200

    session DB: made the magic number depending on gnutls' version
    
    That will make sure that sessions not stored by this version of
    gnutls will not be resumed by another (which may be incompatible).

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 00:46:12 2015 +0200

    ui.c -> fingerprint.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 00:45:43 2015 +0200

    split OCSP functionality from ui.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 00:39:19 2015 +0200

    split anon credentials functionality from ui.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 00:38:31 2015 +0200

    split psk functionality from ui.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 00:37:22 2015 +0200

    split session info functions from ui.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 00:34:25 2015 +0200

    split certificate credentials functions from ui.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 00:32:20 2015 +0200

    split dh API functions from ui.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 31 00:28:46 2015 +0200

    split randomart functionality from ui.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 30 23:18:32 2015 +0200

    helper.c -> file.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 30 11:26:30 2015 +0200

    certtool: doc update [skip ci]

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Dec 26 18:24:56 2015 +0100

    Fix some typos [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 24 11:54:21 2015 +0200

    NEWS: doc update [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 24 11:44:00 2015 +0200

    respect the max-record extension under DTLS
    
    This resolves issue with max-record being negotiated but
    ignored. Resolves #61

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 24 11:42:58 2015 +0200

    tests: added check for max-record extension in TLS

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 24 11:18:57 2015 +0200

    tests: check whether the max-record extension is usable with DTLS

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 24 11:13:28 2015 +0200

    dtls: print the MTU in debugging messages

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 22 17:14:02 2015 +0200

    updated documentation on supported algorithms [ci skip]

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 22 11:30:52 2015 +0200

    Added SHA384 to the list of TLS support MAC algorithms

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 21 12:46:09 2015 +0200

    documented the gitlab ci runner tags

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 20 11:11:38 2015 +0200

    tests: added timeout in long-running checks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 20 11:01:48 2015 +0200

    certtool: eliminated various memory leaks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 20 10:48:27 2015 +0200

    certtool: prevented memory leak in pkcs8-info cmd

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 19 16:58:03 2015 +0200

    certtool: do not use signal() under win32

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Fri Dec 18 17:34:01 2015 +0200

    build: configure.ac: manpages cleanups
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Fri Dec 18 12:14:08 2015 +0200

    build: allow installing man(1) even with --disable-doc
    
    Currently these man pages are installed only if --enable-doc
    is provided, while these are not actually docs, do not require any
    special dependency, nor consume large space.
    
    This adds --enable-manpages to enable/disable manpages installation, and
    install the man(1) regardless of --disable-doc.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 18 14:32:25 2015 +0100

    certtool: ignore sigpipe
    
    This signal was observed under certain cirquimstances

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 18 14:29:05 2015 +0100

    certtool: don't close stdout on exit

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 18 14:24:23 2015 +0100

    pkcs7: eliminated leak in gnutls_pkcs7_print

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 18 13:56:31 2015 +0100

    gnutls_pubkey_import_privkey: document that this operation is not possible in certain keys

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 18 11:40:59 2015 +0100

    doc: replace writev with sendmsg in the list of system calls

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 18 10:23:22 2015 +0100

    tests: don't run the no-signal test in systems which MSG_NOSIGNAL is not available

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 18 10:15:10 2015 +0100

    Reduce the number of used syscalls by using sendmsg() instead of writev()
    
    We relied on sendmsg() anyway for the MSG_NO_SIGNAL version of the calls,
    thus it is a good idea to avoid calling writev() and use sendmsg(). That
    way we reduce the number of calls required for seccomp.

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Thu Dec 17 19:57:53 2015 +0200

    doc: manpages: remove generated tpmtool.1 page
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Thu Dec 17 19:57:52 2015 +0200

    .gitignore: add m4/extern-inline.m4

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 17 14:19:04 2015 +0100

    tests: added check to verify that the PKCS#7 embedded data are recovered as expected

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 17 14:18:17 2015 +0100

    certtool: introduced the --p7-show-data option
    
    This option allows printing the embedded data in a PKCS#7 signed
    structure.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 17 14:17:23 2015 +0100

    gnutls_pkcs7_get_embedded_data: added function
    
    This function allows extracting the embedded data from a PKCS#7 signed
    structure.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 16 16:13:41 2015 +0100

    tests: updated pkcs7-gen to account for content-type attribute

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 16 14:52:39 2015 +0100

    tests: check whether the content-type attribute is set if we sign using time

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 16 14:28:23 2015 +0100

    pkcs7: set by default the content type attribute
    
    That is a requirement of rfc5652. Relates #59

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 16 14:02:56 2015 +0100

    pkcs7: use the PK_PKIX1_RSA_OID when writing RSA signature OIDs for PKCS#7 structures
    
    That is because there are implementations which cannot cope with the
    normal RSA signature OIDs. Relates #59

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 16 10:10:20 2015 +0100

    pkcs7: Disable the optional fields prior to generating the PKCS#7 structure
    
    This resolves issue with our PKCS#7 structures not being parsed by
    MacOSX' tools. Relates #59

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 15 22:28:55 2015 +0100

    certtool: corrected invalid free

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 15 22:27:50 2015 +0100

    certtool: warn if an ECDSA key is marked for encryption

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 15 20:36:29 2015 +0100

    build: fix make distclean by including src/gl only once

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 15 13:52:20 2015 +0100

    make sure gnutls_assert is present at the cases where GNUTLS_E_INTERNAL_ERROR is returned

Author: Gustavo Zacarias <gustavo@zacarias.com.ar>
Date:   Mon Dec 14 15:20:25 2015 -0300

    configure: really make --disable-crywrap work
    
    The crywrap variable is set regardless of the state of enable_crywrap,
    hence --disable-crywrap never works.
    Just put the tests for crywrap deps inside the enable_crywrap
    conditional.
    
    Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 15 11:29:09 2015 +0100

    certtool: the --p7-time option was made an enable/disable option
    
    It remains disabled by default.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Dec 14 15:19:59 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Dec 14 15:03:23 2015 +0100

    tests: check whether server returns the correct error code if presented with invalid versions
    
    That is gnutls_handshake() will return GNUTLS_E_UNSUPPORTED_VERSION_PACKET in
    server side, if the client presents a very old TLS version which is not supported.
    
    Relates #42

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Dec 14 14:34:04 2015 +0100

    handshake: when receiving a TLS version which is too low fail
    
    That is, don't treat all unsupported version as being to high. Treat
    versions which are not known and lower than the highest as a protocol
    error.
    
    Resolves #42

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 13 12:34:47 2015 +0100

    .gitlab-ci.yml: valgrind build was moved at the end as it is the slowest build

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 13 12:24:44 2015 +0100

    certtool: the --p7-include-cert option is enabled by default
    
    This allows to generate PKCS#7 structures by default that can be
    read by iOS.

Author: sskaje <sskaje@gmail.com>
Date:   Sun Dec 13 16:31:19 2015 +0800

    #56 Feature: certtool --p7-sign support GNUTLS_PKCS7_INCLUDE_CERT

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 10 09:35:59 2015 +0100

    gnutls-cli-debug: rephrased inappropriate fallback test description to match the rest

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 8 10:59:02 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 8 10:52:43 2015 +0100

    Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA
    
    This prevents the reading of the public key when non-RSA keys are available. This
    is a much cleaner approach than 5a4e692511dc3a829eda0d7c5a87e56cbc2055f0.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 8 10:48:13 2015 +0100

    Revert "Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA"
    
    This reverts commit 5a4e692511dc3a829eda0d7c5a87e56cbc2055f0.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 8 10:44:30 2015 +0100

    tests: check whether a peer changing certificate is detected

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 8 10:20:34 2015 +0100

    tests: doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 8 10:17:49 2015 +0100

    Do not allow certificate change during a rehandshake
    
    That is require that the certificate of the peer remains the same
    and return GNUTLS_E_SESSION_CERTIFICATE_CHANGED otherwise. To revert
    to the previous behavior the GNUTLS_ALLOW_CERT_CHANGE flag was introduced.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 6 12:00:46 2015 +0100

    tests: check whether gnutls_pubkey_import_privkey() operates well for PKCS#11 RSA keys

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 6 11:35:57 2015 +0100

    Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA
    
    That is, because they do not contain all the required parameters for a direct
    import. Reported by Jan Vcelak.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 6 10:58:45 2015 +0100

    pkcs11: avoid setting a variable which isn't used

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 6 10:57:48 2015 +0100

    MAX_PK_PARAM_SIZE was moved to gnutls_int.h

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 6 10:54:37 2015 +0100

    pkcs11: deinitialize gnutls_pkcs11_obj_t's pubkey on deinit

Author: Jan Vcelak <jan.vcelak@nic.cz>
Date:   Sun Dec 6 00:46:39 2015 +0100

    pkcs11: fix passing of incorrect variable in privkey_get_pubkey
    
    The code worked for RSA because the content of the variables matched.
    But it doesn't match for ECC.
    
    CKM_RSA_PKCS_KEY_PAIR_GEN (0x0) == CKK_RSA (0x0)
    CKM_ECDSA_KEY_PAIR_GEN (0x1040) != CKK_ECDSA (0x3)
    
    Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 2 18:40:28 2015 +0100

    gnutls-cli: don't use RSA ciphersuites to test chacha20 as they are not defined

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 2 16:15:03 2015 +0100

    documented bug in gnutls_x509_crt_get_*_unique_id()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 1 10:40:23 2015 +0100

    tools: don't compile tpmtool if PKCS11 is disabled
    
    That is because GnuTLS' TPM code makes use of the PKCS11 PIN callbacks.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 30 10:34:03 2015 +0100

    Amend "When decoding extensions do not ignore decoding errors"
    
    Do not treat an error the fact that no extensions field is present.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 30 09:49:08 2015 +0100

    allow specifying NULL buffer in gnutls_x509_crt_get_*_unique_id()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 26 12:46:02 2015 +0100

    NEWS: removed functions that were part of 3.4.x releases

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 29 10:37:53 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 29 10:30:01 2015 +0100

    tests: added check for TLS extension decoding error propagation
    
    Relates #40

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 29 09:24:12 2015 +0100

    When decoding extensions do not ignore decoding errors
    
    That is, move from a parsing error tolerance to a more strict
    decoding approach.
    Relates #40

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 28 10:43:31 2015 +0100

    .gitignore: more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 28 10:11:52 2015 +0100

    ocsp_output: when next update is not present don't print error message
    
    That is because this field is optional.
    Resolves #53

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 26 11:23:15 2015 +0100

    tests: override-ciphers will not run mac tests on windows
    
    There is some issue with symbols for self tests not being exported.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 26 09:37:02 2015 +0100

    .gitlab-ci.yml: removed separate builddir build from x86-64 targets to reduce builds

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 26 09:32:25 2015 +0100

    tests: updates for certtool test to run under windows

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 26 09:25:48 2015 +0100

    .gitlab-ci.yml: minimal library no longer requires x86-64 for compilation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Nov 25 19:24:15 2015 +0100

    .gitlab-ci.yml: in windows build skip the gnulib tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 25 11:57:31 2015 +0100

    .gitlab-ci.yml: added windows build

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 25 11:56:49 2015 +0100

    tests: changes for running tests under windows

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 25 11:56:06 2015 +0100

    tests: cipher-test will forward the prog exit code as the script exit code

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 25 11:25:07 2015 +0100

    README: added information for windows build

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 25 10:53:51 2015 +0100

    libopts: use the O_BINARY flag in windows for files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 25 10:49:30 2015 +0100

    libopts: updated to 5.18.6

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 25 10:25:08 2015 +0100

    use consistent terms in system.c and system-keys-win.c

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 25 10:21:46 2015 +0100

    tests: added basic functionality testing for system-keys in windows

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 25 09:49:03 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 25 09:46:26 2015 +0100

    Added gnutls_encode_ber_digest_info and gnutls_decode_ber_digest_info

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 24 13:27:13 2015 +0100

    cross.mk: allow building with mingw64

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 24 13:09:40 2015 +0100

    tests: use gnulib where needed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 24 13:04:28 2015 +0100

    cross.mk: updated windows cross compile makefile

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 24 13:03:15 2015 +0100

    tests: disable global-init-override test in windows
    
    Gcc does not support weak symbols on this platform.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 24 12:54:32 2015 +0100

    tools: don't call endservent in windows

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 22 13:27:14 2015 +0100

    added cast to silence gcc warning

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 21 13:33:42 2015 +0100

    tests: added check for multiple extension registering

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 21 13:25:20 2015 +0100

    statically initialize extensions instead of using the lib constructor

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 21 13:09:19 2015 +0100

    marked all extensions structures as constant

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 21 11:33:45 2015 +0100

    system-keys-win: allow reinitialization of the library after a deinitialization

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 21 01:05:37 2015 +0100

    getfuncs.pl: don't consider functions with _gnutls prefix

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 21 00:52:51 2015 +0100

    gnutls_global_init_skip: prefixed with an underscore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 20 13:57:09 2015 +0100

    .gitlab-ci.yml: added clang compilation target

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 20 10:11:29 2015 +0100

    certtool: check fread_file() for errors in all situations
    
    This caused certtool to crash on invalid input on stdin.
    Reported by Christoph Biedl.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 19 11:46:39 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Nov 18 21:44:54 2015 +0100

    gnutls_certificate_set_flags: Added since

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Nov 18 20:16:38 2015 +0100

    tests: check gnutls_certificate_flags

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Nov 18 20:13:07 2015 +0100

    Added gnutls_certificate_flags() and GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH
    
    That allows a user of the credentials to disable the certificate matching
    action. That is, to disable the calls to sign and verify on initialization.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 18 16:39:36 2015 +0100

    link with libdl when trousers is enabled; reported by Andreas Schneider

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 18 16:30:24 2015 +0100

    enhanced cipher selftests with variable key sizes on arcfour

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 18 15:55:19 2015 +0100

    Do not enforce a maximum key size on ARCFOUR
    
    That makes the library consistent with the behavior of previous versions (3.3.x)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 18 10:22:31 2015 +0100

    gnutls-cli-debug: make TLS 1.6 fallback check more reliable

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 18 09:24:18 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Nov 17 07:09:05 2015 +0100

    README: added non-interactive versions of commands

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 16 18:52:48 2015 +0100

    .gitlab-ci.yml: disable non-suiteb curves in all systems as we have multiple which are fedoras

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 16 17:28:49 2015 +0100

    tests: corrected copyright info

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 16 16:32:04 2015 +0100

    documented GNUTLS_SKIP_GLOBAL_INIT macro

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 16 16:30:37 2015 +0100

    tests: added check for overriding global initialization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 16 16:25:31 2015 +0100

    Added GNUTLS_SKIP_GLOBAL_INIT macro to allow programs skip implicit global initialization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 16 15:02:48 2015 +0100

    tests: utils.c: simplify windows check

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 16 12:40:14 2015 +0100

    .gitlab-ci.yml: added build and check in FIPS140-2 mode

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 15 20:35:18 2015 +0100

    tests: made seccomp tests more reliable by waiting for each side to terminate

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 15 17:06:18 2015 +0100

    doc: document how to use gnutls with seccomp

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 15 16:32:47 2015 +0100

    .gitlab-ci.yml: reorganized and added a simple build and check on x86-64 rule
    
    The latter also enables the seccomp checks.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 15 15:51:14 2015 +0100

    tests: check operation of TLS and DTLS under seccomp when configured with --enable-seccomp-tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 13 16:39:24 2015 +0100

    gnutls_x509_crt_set_subject/issuer_unique_id: added Since in doc

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 13 14:40:20 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 13 11:00:10 2015 +0100

    Added documentation on PKCS #7 signing

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 12 16:38:02 2015 +0100

    updated chacha20 ciphers to conform to latest draft

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 12 15:03:10 2015 +0100

    tests: suite: more shell scripts were given the .sh suffix and simplified makefile

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 12 12:04:04 2015 +0100

    tests: verify that unique IDs are generated as expected

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 12 12:03:14 2015 +0100

    certtool: Allow writing unique IDs in generated certificates

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 12 11:43:52 2015 +0100

    Added gnutls_x509_crt_set_issuer_unique_id() and gnutls_x509_crt_set_subject_unique_id()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 12 11:10:08 2015 +0100

    properly indent unique IDs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 12 09:48:27 2015 +0100

    tests: added check with the various X.509 key exchanges

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 12 09:29:43 2015 +0100

    tests: check rehandshake from anon to DHE

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 11 11:37:30 2015 +0100

    documented the GNUTLS_NO_EXPLICIT_INIT environment variable

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 11 11:29:21 2015 +0100

    crypto-api: doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 11 11:15:51 2015 +0100

    Allow switching a ciphersuite to DHE and ECDHE on a rehandshake

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 11 10:49:31 2015 +0100

    tests: added check for ciphersuite switch from anonymous to certificate

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 10 13:31:16 2015 +0100

    .gitlab-ci.yml: disable guile in asan builds

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 10 10:34:56 2015 +0100

    tests: suite: don't run shell scripts with valgrind

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 10 10:24:44 2015 +0100

    tests: testsrn: output errors on stderr

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 10 10:13:35 2015 +0100

    deinitialize all handshake keys when handshake is over

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 9 23:53:25 2015 +0100

    testdane: improved error detection in sites

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 9 23:34:03 2015 +0100

    tests: suite: eliminate many leaks in the tests and run them under valgrind

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 9 23:27:47 2015 +0100

    certtool: eliminate leaks in _verify_x509_mem()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 9 23:04:48 2015 +0100

    tests: openpgp-certs: use valgrind

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 9 23:04:03 2015 +0100

    openpgp: eliminate leaks in gnutls_openpgp_keyring_import()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 9 22:48:47 2015 +0100

    tests: eliminate leaks in mini-eagain2.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 9 22:48:25 2015 +0100

    certtool: eliminate memory leaks in certificate generation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 9 22:45:44 2015 +0100

    tests: key-tests: use valgrind

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 9 22:45:13 2015 +0100

    gnutls_x509_crt_set_pubkey: clarify usage

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 9 21:54:54 2015 +0100

    pkcs12: correctly set salt size in gnutls_pkcs12_mac_info
    
    Also eliminate leaks in PKCS #12 parsing.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 9 21:54:09 2015 +0100

    tests: run the PKCS #12 tests under valgrind

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 9 18:43:03 2015 +0100

    certtool: make sure that pkcs12 structures are deinitialized

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 9 16:01:55 2015 +0100

    tests: provable-privkey: fixed DSA test on FIPS140 enabled systems

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 9 15:51:17 2015 +0100

    nettle: be more specific in seed size mismatches

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 9 15:43:20 2015 +0100

    crypto-backend: ensure there are no leaks on deinitialization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 9 14:29:48 2015 +0100

    Require TLS 1.2 for all the ciphersuites which are defined for it only
    
    This solves an interoperability issue with openssl. Reported by Viktor Dukhovni.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 8 09:30:39 2015 +0100

    p11tool: introduced --only-urls option
    
    This option allows printing a compact listing containing only of URLs.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 7 21:51:56 2015 +0100

    Modified the CHACHA20 cipher to conform to draft-ietf-tls-chacha20-poly1305-02

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 6 15:02:51 2015 +0100

    .gitlab-ci.yml: use static libasan
    
    This prevents issues with tests which use LD_PRELOAD.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 6 10:40:39 2015 +0100

    .gitlab-ci.yml: disable non-suiteb curves on build on Fedora system

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 5 11:11:29 2015 +0100

    tools: better ftp auth tls negotiation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 4 09:49:47 2015 +0100

    tests: added check for gnutls_priority_set_default

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 3 10:46:17 2015 +0100

    tools: only check for status code in FTP starttls negotiation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 3 10:45:44 2015 +0100

    tools: print more info in starttls negotiation when --verbose is given

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 3 09:40:39 2015 +0100

    gnutls.pc: don't use the libtool version of the link options
    
    Reported by Dan Kegel.
    Resolves #49

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 1 01:53:43 2015 +0100

    tests: simplified mini-dtls-hello-verify-48

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 30 13:38:36 2015 +0100

    tests: added check for blocking on invalid DTLS cookie
    
    Relates to #48

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 29 09:28:59 2015 +0100

    removed inacurate text

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 23 15:46:33 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 23 15:44:27 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 23 14:17:23 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 22 13:04:32 2015 +0200

    doc: document the sign function requirements in gnutls_privkey_import_ext

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Oct 21 19:57:39 2015 +0200

    Mention key protection through isolation in crypto backend section

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Oct 21 19:48:22 2015 +0200

    doc: updated supplemental data documentation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Oct 21 09:13:56 2015 +0200

    tests: testdane will not check hosts which are unreachable

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Tue Oct 20 19:02:25 2015 +0200

    Documentation update
    
    The new simple verification functions were backported to 3.4.6, correct
    "Since:" to reflect this.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 20 09:40:56 2015 +0200

    doc: documented future level

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 20 09:24:36 2015 +0200

    pkcs11.h: relocated gnutls_pkcs11_copy_pubkey to allow discovery by buggy doc scripts

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 20 09:16:20 2015 +0200

    bumped version to distinguish from 3.4 branch

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 20 09:03:25 2015 +0200

    ext master secret: extension is marked as mandatory
    
    This forces the extension to be sent even where resuming sessions.
    Resolves #45

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Oct 20 08:44:04 2015 +0200

    tests: Check whether a resumed session contains the ext master secret extension
    
    Relates #45

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 17 09:22:28 2015 +0200

    alpn: avoid warning on signed/unsigned

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 17 09:20:52 2015 +0200

    README: updated CI link

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 17 09:12:09 2015 +0200

    doc: set a path which includes new binaries when running autogen
    
    That makes sure that autogen will discover the binaries to obtain the
    --help output.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Oct 17 08:57:02 2015 +0200

    gnutls-cli-debug: updated doc

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Oct 16 22:58:54 2015 +0200

    tools: when the starttls-proto is specified automatically detect the port if not given

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 16 15:05:09 2015 +0200

    tests: verify that public keys are properly written
    
    Also disable parts of the suite that softhsm2 cannot properly work with,
    to allow running parts of the suite even with broken softhsm.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 16 15:39:05 2015 +0200

    cleanup in gnutls_pubkey_import_rsa_raw

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 16 15:33:21 2015 +0200

    pkcs11_read_pubkey: make input type more clear

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 16 14:13:47 2015 +0200

    p11tool: Allow writing a PKCS #11 pubkey object

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 16 13:16:36 2015 +0200

    tools: allow importing a pubkey from a certificate

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 16 13:03:57 2015 +0200

    pkcs11: introduced gnutls_pkcs11_copy_pubkey
    
    That allows copying a public key to a PKCS #11 module.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Oct 15 21:23:44 2015 +0200

    .gitlab-ci.yml: combined the slow build with the separate build dir

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Oct 15 21:16:52 2015 +0200

    Disable the NULL cipher on runtime when FIPS140 mode is enabled instead of statically
    
    That way the NULL cipher can be used when not in FIPS140 mode.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Oct 15 21:09:06 2015 +0200

    re-enable NULL ciphersuites
    
    They were accidentally disabled by b237b37d4d17ee4f98629aae9d72aec87f434cb8

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 15 18:35:44 2015 +0200

    tests: check whether the RSA-EXPORT and ARCFOUR-40 legacy strings are accepted

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 15 18:20:38 2015 +0200

    Tolerate priority strings with names of legacy ciphers and key exchanges
    
    That enables better backwards compatibility with old applications
    which disable or enable algorithms which no longer are supported.
    Relates #44

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Oct 15 16:21:43 2015 +0200

    pkcs11: write CKA_ISSUER and CKA_SERIAL_NUMBER when writing on a certificate
    
    That allows NSS to read and use the written certificate.
    Relates #43

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Oct 13 04:01:04 2015 +0200

    tests: enhanced sec-params check to account for future sec-param

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Oct 12 22:11:16 2015 +0200

    certtool: recognize the future sec-param

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Oct 12 22:10:25 2015 +0200

    Introduced the security parameter future (256) and switched ultra to 192 bits
    
    For ultra, this was its documented strength, and now follows RFC3766 recommendations
    for sizes.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Oct 12 21:54:09 2015 +0200

    certtool: be more specific on the help message for --sec-param when --bits are given

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 12 14:54:04 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 12 14:15:28 2015 +0200

    tests: added test case for record timeout values

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 12 13:52:03 2015 +0200

    Introduced GNUTLS_INDEFINITE_TIMEOUT
    
    This allows to specify an indefinite timeout to gnutls_record_set_timeout().
    In addition this flag is accepted by gnutls_handshake_set_timeout() and
    cancels out a previously set timeout.
    Resolves #41

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Oct 7 10:38:25 2015 +0200

    tests: better detection of softhsm library

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 5 14:31:53 2015 +0200

    added text on _gnutls_dh_compute_key

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Oct 5 17:11:37 2015 +0200

    gnutls_record_recv: simplified text on GNUTLS_E_REHANDSHAKE

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 22 14:31:00 2015 +0200

    certtool: print 16-bytes of hex values per line
    
    Also avoid a colon on the end of the line.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Sep 22 08:31:04 2015 +0200

    fips140: set the key via a configure argument

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 19 12:37:51 2015 +0200

    tests: disable cipher-test on windows platform; they don't seem to work

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 21 14:47:41 2015 +0200

    README.md: added build instructions for Fedora/RHEL

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Sep 21 14:25:12 2015 +0200

    priorities: sort algorithms by security strength unless performance is requested
    
    That is prioritize 256-bit ciphers over 128-bit ciphers. This would protect
    secrecy of current data even after a PQ future.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 19 12:12:18 2015 +0200

    .gitlab-ci.yml: reduce the number of CPUs used in slow on make check

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 19 11:36:48 2015 +0200

    use time_t for internal type to avoid warnings on signed/unsigned comparison

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 19 11:30:39 2015 +0200

    DSA FIPS186-4 key generation: print the required seed length on mismatch

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 19 11:22:04 2015 +0200

    certtool: added more friendly error on seed_size mismatch
    
    That prints more useful information when generating provable private keys.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 19 11:14:29 2015 +0200

    tests: use the corrected seed for default provable private key

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 19 06:52:13 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 19 06:50:45 2015 +0200

    certtool: switched the default level to HIGH for key generation
    
    That requires 3072 bits for RSA and DSA keys.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Sep 18 23:49:46 2015 +0200

    tools: added xmpp into the starttls-proto options

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 18 15:57:14 2015 +0200

    tools: added ldap into the starttls-proto options

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 17 14:52:27 2015 +0200

    system.c: simplify gnutls_system_recv_timeout

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 17 13:15:54 2015 +0200

    gnutls-cli-debug: use RFC7627 instead of draft-ietf-tls-session-hash

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 17 10:45:30 2015 +0200

    updated documentation on gnutls_vdata_types_t based on DKG's suggestions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Sep 17 10:10:47 2015 +0200

    doc update

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Sep 16 19:59:12 2015 -0400

    improve docs for gnutls_certificate_verify_peers*()
    
    The gnutls_certificate_verify_peers{,2,3}() functions all return
    GNUTLS_E_SUCCESS (0) even in situations when the peer's certificate
    was not verified.  This is explained in the first paragraphs
    ("i.e. failure to trust a certificate does not imply a negative return
    value"), but the Returns: line isn't comparably clear.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 14 21:36:24 2015 +0200

    certtool: increased seed size to allow for DSA seeds

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Sep 14 21:32:05 2015 +0200

    _gnutls_hex2bin: avoid overrun in the provided buffer

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 19:29:41 2015 +0200

    certtool: don't output PKCS #8 on key-info option

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 13:57:26 2015 +0200

    better error checking in seed decoding

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 13:52:30 2015 +0200

    gnutls_x509_privkey_verify_seed: fail on keys without seed information

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 13:39:13 2015 +0200

    certtool: on provable keys always print the legacy format

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 13:27:12 2015 +0200

    Use separate PEM headers for provable private keys
    
    Also introduce GNUTLS_PRIVKEY_FLAG_EXPORT_COMPAT to allow exporting
    provable private keys in the old compatibility format.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 11:06:39 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 11:06:00 2015 +0200

    certtool: provable key generation was moved to a separate flag that can be combined with --generate-privkey
    
    Also enhanced the test suite with DSA provable key generation/verification.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 10:57:39 2015 +0200

    Allow verifying and generating provable DSA keys

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 09:51:25 2015 +0200

    tests: added checks for provable key generation and verification

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 09:36:46 2015 +0200

    certtool: added provable key verification

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 09:32:32 2015 +0200

    Made the new key generation API flexible to allow extensions in the future

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 09:06:12 2015 +0200

    Added API to verify private keys generated with seed

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Sep 13 09:01:41 2015 +0200

    gnutls_asn1_tab: updated auto-generated file

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 12 16:20:13 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 12 16:18:10 2015 +0200

    certtool: allow the generation of "provable" private keys
    
    Relates to #34

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 12 15:47:38 2015 +0200

    Added API to generate private keys from a given seed
    
    Currently it is restricted to RSA and FIPS 186-4 key generation with SHA384.
    Relates to #34

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 12 14:47:02 2015 +0200

    properly generate asn1_tab.c

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 11 15:44:06 2015 +0200

    Don't use formatted output for fixed strings
    
    Resolves #35

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Sep 9 22:24:27 2015 +0200

    README.md: updated information

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Sep 5 06:20:58 2015 +0200

    renamed the auto-verification functions
    
    The names are more consistent with the rest of the library.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Sep 4 14:05:02 2015 +0200

    pkcs11: when storing public keys, make sure they are marked as not private

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 31 14:22:02 2015 +0200

    README.md: mention the testsuite

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 30 23:41:11 2015 +0200

    README.md: print build status

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 30 23:31:06 2015 +0200

    README.md: refer to files using markdown

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 30 23:26:27 2015 +0200

    Updated coding style

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 28 16:54:47 2015 +0200

    gnutls-cli-debug: corrected typo in inappropriate fallback check

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 28 16:51:35 2015 +0200

    .gitlab-ci.yml: use the same number of CPUs in all the checks

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 28 12:05:02 2015 +0200

    gnutls-cli-debug: added check for inappropriate fallback support

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Aug 27 22:12:55 2015 +0200

    Introduced GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR to be returned by the auto-verification functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Aug 26 19:39:22 2015 +0200

    nettle: simplified SHA3 checks for nettle
    
    nettle 3.1 doesn't have the functions nettle for
    runtime version checking.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Aug 26 19:34:59 2015 +0200

    export _gnutls_digest_exists for self tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 26 11:51:09 2015 +0200

    x509: tolerate missing subject or issuer fields

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 26 11:42:01 2015 +0200

    certtool: added support for sha3

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 26 11:37:13 2015 +0200

    gnutls_oid_to_digest(): don't return supported but disabled algorithms

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 26 11:02:39 2015 +0200

    Added support for the SHA3 digest algorithm

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Aug 26 09:13:52 2015 +0200

    corrected typo in ex-server-anon

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 24 14:13:24 2015 +0200

    Define more precisely the auto verification function semantics.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 24 13:59:21 2015 +0200

    Allow overriding the verification flags from the auto-verification functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 24 13:43:09 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 24 13:39:33 2015 +0200

    Document the new verification functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 24 13:19:51 2015 +0200

    examples: simplify the X.509 client example by using the new verification API

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 24 13:13:57 2015 +0200

    tests: check the auto-verification functionality

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 24 12:00:10 2015 +0200

    Added simpler verification functions for clients
    
    The major use-case for the TLS protocol is verification of PKIX
    certificates. However, certificate verification support while is
    similar for almost all projects it requires around 100 lines of code
    (a callback) to be duplicated to all applications. That patch
    set gets rid of the callback and simplifies certificate verification
    support, by introducing a very simple API; one that would accept
    the session and the hostname only.
    
    Resolves #27

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 24 11:10:26 2015 +0200

    tests: added test for gnutls_session_set_verify_function

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 24 11:03:09 2015 +0200

    Added gnutls_session_set_verify_function
    
    That allows to set a verification callback per session rather
    than only globally on the credentials structure.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 23 22:54:22 2015 +0200

    getfuncs.pl: ignore defines in headers

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 23 22:33:59 2015 +0200

    Makefiles: updated for new filenames

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 23 19:28:09 2015 +0200

    Moved pk_* functions to pk.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 23 19:19:45 2015 +0200

    Removed the 'gnutls_' prefix from files to simplify file naming

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 23 18:44:26 2015 +0200

    Moved the PRF functions to prf.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 23 14:19:17 2015 +0200

    hex decoding: more reasonable error codes
    
    That is, return GNUTLS_E_PARSING_ERROR instead of base64 decoding
    error, and document that fact.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 21 15:10:46 2015 +0200

    tests: Added resumption tests for PSK ciphersuites

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 21 14:35:09 2015 +0200

    Set the extended master secret status based on resumption data only
    
    That is, don't require a new negotiation with extensions.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 21 14:23:38 2015 +0200

    tests: corrected resumption tests to disable tickets when needed
    
    That is, perform the tests that require no tickets, with tickets disabled.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 21 14:06:51 2015 +0200

    session packing: corrected issue in PSK session unpack

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 21 13:54:41 2015 +0200

    PSK: save the username in client side in the auth structure

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 21 13:26:08 2015 +0200

    _gnutls_hash() returns error code if any.
    
    Ideally we would like to eliminate any return codes from that
    function. However, since that's on exported API we cannot easily
    do without breaking the ABI. Reported by Benedikt Klotz.
    
    Resolves #28

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 21 13:15:11 2015 +0200

    x509: when appending CRLs to a trust list ensure that we don't have duplicates
    
    That is, overwrite CRLs if they have been obsoleted.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 21 11:34:39 2015 +0200

    certtool: allow exporting very long CRLs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 14 12:15:16 2015 +0200

    tests: verify that a key usage violation is detected
    
    That is that the certificate key usage flags are respected
    by either the client side or the server side.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 14 12:14:55 2015 +0200

    Enable key usage checks in the client side of RSA ciphersuites

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 14 12:14:08 2015 +0200

    priorities: Added internal option to allow key usage violations in server side

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 14 11:55:04 2015 +0200

    fix typo in comment

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 14 11:27:50 2015 +0200

    Re-enable the certificate key usage checks for compliance with ciphersuite
    
    There is a new attack on the TLS protocol which relies on using certificates
    for ECDSA as certificates for ECDH ciphersuites. That attack while it doesn't
    affect gnutls, which doesn't support static ECDH, assumes that implementations
    ignore the key usage bits in the certificate. We have done it since 3.1.0 for
    compatibility reasons (see http://www.gnutls.org/faq.html#key-usage-violation),
    but that clearly opens the door for real attacks in the future.
    
    For this reason the key usage bits will no longer be ignored.
    
    Resolves #24

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 13 12:10:59 2015 +0200

    tests: verify whether CRL date setting works as expected

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 13 12:05:35 2015 +0200

    certtool: Allow specifying CRL dates as fixed dates

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 13 11:48:15 2015 +0200

    tests: verify CRL appending effectiveness

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 13 11:45:50 2015 +0200

    gnutls_x509_crl_set_authority_key_id, gnutls_x509_crl_set_number allow overwritting
    
    That allows them to overwrite values which were previously set (e.g.,
    on an imported CRL).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 13 11:36:17 2015 +0200

    certtool: allow appending certificates to a CRL

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Aug 12 23:03:20 2015 +0200

    certtool: removed limit on maximum imported certificates in the -i option

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Aug 12 22:49:15 2015 +0200

    tests: check whether the CRL generation code works as expected

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Aug 12 22:48:45 2015 +0200

    certtool: eliminated memory leaks due to new cert loading code

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Aug 12 22:22:55 2015 +0200

    certtool: lifted limits on file size to load

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 10 16:43:28 2015 +0200

    before dist ensure that included libopts matches autogen

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 10 16:12:05 2015 +0200

    configure: use ':' instead of /bin/true for programs not found

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 9 21:20:33 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Aug 9 20:58:40 2015 +0200

    tests: include all cert-tests into dist

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 7 16:59:18 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 7 16:13:12 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 7 16:04:12 2015 +0200

    tests: check gnutls_check_version_numeric()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 7 15:45:21 2015 +0200

    gnutls.h: added macro gnutls_check_version_numeric
    
    This simplifies version checking, and allows the compiler to optimize
    out. It can only accept numerals.
    
    Patch by David Woodhouse.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 7 15:19:33 2015 +0200

    use pure and const gcc attributes in headers

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Aug 7 14:14:44 2015 +0200

    mention version macro

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Aug 6 10:37:15 2015 +0200

    p11tool: test-sign will not fail if a pubkey is not found

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Aug 4 20:32:25 2015 +0200

    key decoding: set key to null for consistency

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 4 14:08:37 2015 +0200

    key decoding: simplify decoding logic by removing the fallback

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 4 13:56:41 2015 +0200

    key decoding: corrected regression with PKCS #8 key decoding
    
    Reported by Daniel Berrange.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Aug 4 13:55:56 2015 +0200

    tests: added check for decoding of a PKCS #8 key as fallback

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Aug 3 14:17:16 2015 +0200

    pkcs11: set the CKA_TOKEN attribute on generated public keys
    
    That also introduces the GNUTLS_PKCS11_OBJ_FLAG_NO_STORE_PUBKEY flag,
    to simulate the previous behavior.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 1 17:03:33 2015 +0200

    tests: added check for the fallback SCSV

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 1 17:02:00 2015 +0200

    handshake: check inappropriate fallback against the configured max version
    
    That allows to operate on a server which is explicitly configured to
    utilize earlier than TLS 1.2 versions.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 1 17:01:36 2015 +0200

    corrected GNUTLS_E_INAPPROPRIATE_FALLBACK error code

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 1 16:44:13 2015 +0200

    DCO: added Alessandro Ghedini

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 1 14:21:59 2015 +0200

    copy_ciphersuites: use definition for reserved ciphersuites

Author: Alessandro Ghedini <alessandro@ghedini.me>
Date:   Sat Aug 1 00:38:10 2015 +0200

    handshake: add FALLBACK_SCSV priority option
    
    This allows clients to enable the TLS_FALLBACK_SCSV mechanism during
    the handshake, as defined in RFC7507.

Author: Alessandro Ghedini <alessandro@ghedini.me>
Date:   Sat Aug 1 00:04:16 2015 +0200

    handshake: check for TLS_FALLBACK_SCSV
    
    If TLS_FALLBACK_SCSV was sent by the client during the handshake, and
    the advertised protocol version is lower than GNUTLS_TLS_VERSION_MAX,
    send the "Inappropriate fallback" fatal alert and abort the handshake.
    
    This mechanism was defined in RFC7507.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 1 09:10:53 2015 +0200

    cfg.mk: fix order of arguments in gnulib-tool

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 1 08:38:50 2015 +0200

    use gettext-h gnulib module

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Aug 1 00:12:25 2015 +0200

    tests: added missing certtool-long-cn

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 31 22:42:42 2015 +0200

    safe renegotiation: simulate receiving the extension on receival of SCSV

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 31 22:00:53 2015 +0200

    made data2hex() safer, and eliminated mem leak

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 20 22:17:17 2015 +0200

    tests: added check for proper handling of very long CNs

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 31 21:26:25 2015 +0200

    updated the required gettext version to match the macros from gnulib

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 31 16:03:25 2015 +0200

    safe renegotiation: handle case where client didn't send any extension
    
    That was affected by the "don't try to send extensions we didn't receive".

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 31 15:02:01 2015 +0200

    tpm: avoid warning

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 31 14:57:33 2015 +0200

    As server don't try to send extensions we didn't receive.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 31 14:33:00 2015 +0200

    tests: added check for server sending (or not) status request messages

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 31 14:30:00 2015 +0200

    fips140: corrected hex decoding

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 11:48:51 2015 +0200

    bumped version

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 11:45:51 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 10:30:20 2015 +0200

    verify-tofu: use nettle's base64 functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 10:24:39 2015 +0200

    gnulib: removed base64 implementation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 10:20:40 2015 +0200

    openpgp: use nettle's base64 functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 10:11:48 2015 +0200

    x509_b64: switch to nettle's base64 functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 08:57:52 2015 +0200

    tests: added check for PSK file parsing

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 08:37:34 2015 +0200

    fips: use gnutls_hex_decode for MAC decoding

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 08:36:32 2015 +0200

    tpm: use gnutls_hex_decode for uuid decoding

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 08:36:14 2015 +0200

    psk: use gnutls_hex_decode2 for key decoding

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 08:35:47 2015 +0200

    system-keys-win: use gnutls_hex_decode for ID decoding

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 08:35:11 2015 +0200

    openpgp: use gnutls_hex_decode for keyid decoding

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 08:34:52 2015 +0200

    DN decoding: use gnutls_hex_encode

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jul 21 08:19:17 2015 +0200

    Introduced gnutls_hex_encode2() and gnutls_hex_decode2()
    
    These also use safer hex decoding functions which don't skip
    invalid input.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 20 22:37:40 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 20 22:09:28 2015 +0200

    x509: simplified data to hex conversion in unknown DN names

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 20 21:26:36 2015 +0200

    gnutls_prf_rfc5705: Allow for non-null context and zero context length

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 13 20:19:28 2015 +0200

    bumped version

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 20 15:42:21 2015 +0200

    tests: added cross-check between gnutls_prf_rfc5705() and gnutls_prf()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 20 15:07:05 2015 +0200

    removed legacy libgcrypt flags

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 20 14:59:37 2015 +0200

    gnutls_prf_rfc5705: optimize in the common use case, by avoiding malloc
    
    Also don't handle specially the case of non-NULL context and context_size of zero.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 20 14:03:34 2015 +0200

    ignore more files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 20 14:03:22 2015 +0200

    p11tool: fix documentation for --generate-ecc and generate-dsa

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 20 10:49:48 2015 +0200

    gnutls_prf_rfc5705: mention the version it was introduced at

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 20 10:39:37 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 20 10:35:08 2015 +0200

    tests: added check for gnutls_prf() and gnutls_prf_rfc5705

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 20 10:03:37 2015 +0200

    gnutls_prf_rfc5705: added
    
    That includes support for RFC5705 when the context field is used.
    Initial patch by Rick van Rein.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 17 11:38:17 2015 +0200

    doc update: explain more about PKCS #11 and fork

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 14 09:55:50 2015 +0200

    configure: print the trousers lib only when set

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jul 14 09:44:30 2015 +0200

    tpmtool: Added --test-sign parameter

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jul 13 20:04:41 2015 +0200

    Deinitialize the TPM subsystem only when trousers support is enabled

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jul 13 16:25:16 2015 +0200

    TPM: don't link to trousers, use dlopen()
    
    That introduces --with-trousers-lib which can be used to specify the
    library to dlopen().
    
    Resolves #18

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 12 15:21:13 2015 +0200

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jul 12 15:15:00 2015 +0200

    bumped version

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jul 11 12:05:56 2015 +0200

    pkcs11: mention the version GNUTLS_PKCS11_TOKEN_MODNAME is available from

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 10 21:20:23 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 10 21:17:48 2015 +0200

    PSK: set the hint in DHE-PSK and ECDHE-PSK ciphersuites

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jul 10 19:17:23 2015 +0200

    tests: updated pskself to check the hint in all PSK ciphersuites

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 10 16:57:19 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 10 16:55:48 2015 +0200

    p11tool: be more compact in token URL printing

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 10 16:52:57 2015 +0200

    p11tool: group the provided options for readability

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 10 16:31:02 2015 +0200

    p11tool: keep backwards compatibility by introducing --list-token-urls
    
    That is, the output of --list-tokens remains the same.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 10 16:25:48 2015 +0200

    p11tool: print the module name of a token in verbose mode

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 10 16:24:11 2015 +0200

    Added GNUTLS_PKCS11_TOKEN_MODNAME for gnutls_pkcs11_token_get_info
    
    That allows to obtain the shared module name of a token URL.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 10 13:36:51 2015 +0200

    pkcs11.h: doc  update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jul 10 13:12:00 2015 +0200

    p11tool: less verbose output in --list-tokens unless --verbose is specified

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 9 14:10:23 2015 +0200

    tests: added suppression for bash mem leak

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jul 9 22:50:11 2015 +0200

    tests: don't run certtool-utf8 when libidn is 1.30 or less
    
    This avoids test suite failures due to libidn.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 9 13:45:58 2015 +0200

    gnutls-cli: doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jul 9 13:26:14 2015 +0200

    dumbfw: don't append a size prefix in the pad
    
    Reported by Hannes Mehnert.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 8 09:47:52 2015 +0200

    gl: use /bin/true to run valgrind during configure
    
    Bash has memory leaks, which prevents the valgrind check to
    operate using the SHELL variable.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 8 09:38:37 2015 +0200

    tests: added check for invalid UTF8 encoded string

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 8 09:19:00 2015 +0200

    Revert "libidn support is disabled by default"
    
    This reverts commit 5fdffb2c177cb990480fb8b93c9257ccc5dfcaad.

Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Jul 2 14:28:32 2015 -0400

    certtool --outder should not emit signature verification status
    
    When emitting binary-formatted output, send signature verification
    status to stderr, since it is not binary-formatted output.
    
    A simpler version of this patch would be to always send signature
    verification to stderr, but that would change the text-formatted
    output.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jul 1 21:13:23 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 1 15:25:30 2015 +0200

    DSA: the numeric number of bits returned from public key should depend on P not Y
    
    That allows to do the proper evaluation to check certificate strength.
    Reported by Hubert Kario.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 1 15:36:20 2015 +0200

    tests: check whether we print the prime size in DSA keys

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 1 11:15:38 2015 +0200

    name constraints: simplified gnutls_x509_name_constraints_check_crt()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 1 11:08:11 2015 +0200

    tests: verify that unsupported name constraints are properly handled

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jul 1 11:01:20 2015 +0200

    name constraints: don't reject certificates if a CA has the URI or IPADDRESS constraints
    
    Don't reject certificates if a CA has the URI or IPADDRESS constraints, and
    the end certificate doesn't have an IPaddress name or a URI set.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 29 19:52:15 2015 +0200

    Sync with TP.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jun 28 13:09:42 2015 +0200

    libidn support is disabled by default
    
    That is until the issues with libidn get resolves.
    
    Relates #10

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 27 08:05:10 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 27 07:57:21 2015 +0200

    tests: added a test for the fork detection interface

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 27 07:51:05 2015 +0200

    tests: resume-dtls: increased timeouts

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 26 16:31:21 2015 +0200

    Don't use pthread_atfork(), it is not safe to use with dlopen()
    
    http://austingroupbugs.net/view.php?id=851

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 26 14:47:39 2015 +0200

    atfork: added underscore to gnutls_forkid

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 26 09:08:20 2015 +0200

    simplified fork detection

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 26 08:07:01 2015 +0200

    enhanced header matching code for private keys to skip unrelated data

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 26 08:00:24 2015 +0200

    tests: added private key import checks

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 25 15:08:54 2015 +0200

    gnutls_x509_privkey_import: optimized private key loading

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 25 15:01:17 2015 +0200

    gnutls_x509_privkey_import2: better behavior when provided with an unencrypted file
    
    That is, it will attempt to decode it first as plain file prior to
    trying all encrypted options.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 25 14:47:52 2015 +0200

    tests: added check to verify that gnutls_x509_privkey_import2 works for plain keys
    
    That is, when a password is provided and the key is non encrypted.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 25 11:08:19 2015 +0200

    _gnutls_get_asn_mpis() will release any data on failure
    
    Resolves #15

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sun Jun 21 20:42:12 2015 +0300

    tests: tab indent + minor style changes
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 23 11:53:23 2015 +0200

    tests: modified test-ciphersuite-names to work with cpp 5.1.1

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 22 23:49:32 2015 +0200

    tests: test-ciphersuite-names: create any needed dirs

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 22 21:24:55 2015 +0200

    tests: moved test-ciphersuites.sh one level up
    
    That simplifies running the script outside make check.

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sun Jun 21 20:43:34 2015 +0300

    tests: suite: ciphersuite: fixups
    
    fix separate builddir issue, without modifying locations, quite ugly.
    
    re-indent using tab.
    
    fix shebang.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sun Jun 21 03:00:05 2015 +0300

    tests: enforce UTC timezone in datefudge tests
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sun Jun 21 03:00:04 2015 +0300

    tests: misc: shell cleanup
    
    leftovers minor sync.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sun Jun 21 03:00:03 2015 +0300

    tests: suite: cleanup shell usage
    
    Add quotes for most usages of variables.
    
    Added ${} for variables.
    
    Cleanup indentation to be consistent with other tests.
    
    Fix separate builddir issues.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Sun Jun 21 03:00:02 2015 +0300

    tests: misc: cleanup shell usage
    
    Add quotes for most usages of variables.
    
    Added ${} for variables.
    
    Cleanup indentation to be consistent with other tests.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 20 18:38:24 2015 +0200

    tests: fixed includes

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 20 12:27:54 2015 +0200

    move all gettext definitions in gnutls_str.h

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 20 12:23:40 2015 +0200

    cross.mk: updated for 3.4.2

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 20 12:18:26 2015 +0200

    gnutls_str: include gettext.h when dgettext is available

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 20 12:09:14 2015 +0200

    tests: don't depend on gnulib
    
    That dependency unfortunately causes many portability problems
    on platforms where it should have worked out of the box.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 20 10:43:12 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jun 20 10:31:27 2015 +0200

    use the same shebang for perl

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jun 19 22:55:04 2015 +0200

    tests: added a verify-chain test case

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jun 19 21:53:27 2015 +0200

    tests: don't quote provider in common.sh
    
    That caused testpkcs11 to fail.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Jun 18 22:50:18 2015 +0200

    tests: don't enforce alignment rules for caller buffers

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Wed Jun 17 14:05:54 2015 +0300

    tests: cert-tests: cleanup shell usage
    
    Add quotes for most usages of variables.
    
    Added ${} for variables.
    
    Cleanup trailing spaces.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 16:20:50 2015 +0200

    Added gitlab-ci.yml

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 15:52:39 2015 +0200

    reduced the exported functions to the minimum needed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 15:49:39 2015 +0200

    _gnutls_ext_register was made static

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 15:49:06 2015 +0200

    libgnutls.map: use a 3.4 related name for private functions
    
    This eliminates any collisions with functions from 3.3.x

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Thu Jun 18 09:41:54 2015 +0300

    tests: nist-pkits: cleanup shell/perl usage
    
    Add quotes for most usages of variables.
    
    Added ${} for variables.
    
    Consistent indent.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 14:15:18 2015 +0200

    tests: force link with nettle of mini-alignment

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 14:11:08 2015 +0200

    tests: Check the OID functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 14:01:42 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 13:59:57 2015 +0200

    Exported functions to convert from and to OIDs

Author: Saurav Babu <saurav.babu@samsung.com>
Date:   Thu Jun 18 12:50:32 2015 +0530

    gnutls-cli: Fixed Possible Memory Leak
    
    This patch fixes possible memory leak in psk_callback() function, rawkey
    is allocated memory by gnutls_malloc() and is not freed when
    gnutls_hex_decode() returns with error
    
    Signed-off-by: Saurav Babu <saurav.babu@samsung.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 11:19:37 2015 +0200

    pkcs7: corrected write_signer_id() when GNUTLS_PKCS7_WRITE_SPKI was used

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Thu Jun 18 09:41:55 2015 +0300

    tests: openpgp-certs: cleanup shell usage
    
    Add quotes for most usages of variables.
    
    Added ${} for variables.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Thu Jun 18 09:41:53 2015 +0300

    tests: key-tests: cleanup shell usage
    
    Add quotes for most usages of variables.
    
    Added ${} for variables.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Thu Jun 18 09:41:52 2015 +0300

    tests: ecdsa: cleanup shell usage
    
    Add quotes for most usages of variables.
    
    Added ${} for variables.
    
    Cleanup trailing spaces.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Thu Jun 18 00:57:04 2015 +0300

    tests: dsa: cleanup shell usage
    
    Add quotes for most usages of variables.
    
    Added ${} for variables.
    
    Cleanup trailing spaces.
    
    Removal of unneeded ';'.
    
    Minor fix in tests/scripts/common.sh at trap to pass message and avoid
    killing.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 10:51:09 2015 +0200

    indentation fix

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 10:46:13 2015 +0200

    Always align in 16-byte boundary our input to crypto
    
    That allows faster operations in almost all instruction sets.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 18 10:44:45 2015 +0200

    tests: added check for memory alignment

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jun 17 22:26:51 2015 +0200

    tests: only run test with long dates in 64-bit systems

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 17 17:17:10 2015 +0200

    tests: regenerate the results in template-test using UTC times

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 17 16:48:36 2015 +0200

    ensure that gnutls_pubkey_verify_data2 returns 0 on success

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 17 16:40:15 2015 +0200

    Added gnutls_pkcs7_get_signature_count

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Wed Jun 17 11:59:55 2015 +0300

    tests: suite: run testpkcs11 if PKCS#11 is enabled
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Wed Jun 17 11:59:56 2015 +0300

    tests: remove bash usage
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 17 11:34:46 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 17 11:19:10 2015 +0200

    tests: verify that we generate dates with UTCTime prior to 2050
    
    Also that we generate dates with GeneralizedTime format after 2050.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 17 11:12:03 2015 +0200

    When writing the Time ASN.1 structure follow the RFC5280 recommendations

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 17 11:03:29 2015 +0200

    Set time in PKCS #7 structures properly (in UTCTime format).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 17 10:42:54 2015 +0200

    doc update

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Tue Jun 16 23:48:58 2015 +0300

    tests: cert-tests: pkcs7: support separate builddir
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 16 22:00:41 2015 +0200

    account new symbols

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 16 22:00:01 2015 +0200

    updated makefiles for the new functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 16 21:53:29 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 16 21:47:37 2015 +0200

    use common base for pkcs7 files

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 16 21:41:42 2015 +0200

    added missing symbol

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 16 21:34:30 2015 +0200

    released 3.4.2

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 16 17:18:51 2015 +0200

    certtool: made explicit the inclusion of time in PKCS #7 signatures

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 16 17:15:04 2015 +0200

    pkcs7: write the DER encoded time

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 16 16:56:30 2015 +0200

    certtool: include the signature time in PKCS #7 signatures

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 16 16:55:40 2015 +0200

    pkcs7: corrected usage of GNUTLS_PKCS7_INCLUDE_TIME flag

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 16 13:31:54 2015 +0200

    tests: minor updates in pkcs7 output checks to match new certtool

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 16 13:31:30 2015 +0200

    certtool: rely on gnutls_pkcs7_print() even more

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 16 13:27:43 2015 +0200

    pkcs7: print certificates and CRLs in FULL mode

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 16 12:29:53 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 16 12:29:38 2015 +0200

    certtool: use gnutls_pkcs7_print() - partially

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jun 16 12:18:55 2015 +0200

    Added gnutls_pkcs7_print()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 15 11:36:58 2015 +0200

    bumped version

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 11 10:34:55 2015 +0200

    tests: added signature/verification stress test

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jun 11 10:11:35 2015 +0200

    tests: check also individual ciphers for interoperability

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 8 11:38:54 2015 +0200

    fips140: better debug messages when verifying MAC

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jun 5 11:19:13 2015 +0200

    tpmtool: added newline in error messages

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 16:10:30 2015 +0200

    fips140: added check for reseed detection

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 15:48:23 2015 +0200

    tests: check random generator for long outputs as well

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 15:42:42 2015 +0200

    fips140: when GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS is setup do not perform integrity tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 15:38:09 2015 +0200

    fips140: reset the reseed counter only on reseed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 15:37:39 2015 +0200

    fips140: when reseeding only reseed the required context not all

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 14:37:11 2015 +0200

    fips140: added more checks on the reseed and generate function

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 14:36:35 2015 +0200

    fips140: enforce the max_number_of_bits_per_request

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 16:36:32 2015 +0200

    tests: do not include times in the PKCS #7 checks as they depend on local timezone

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 13:28:59 2015 +0200

    pkcs7: addressed memory leaks

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 11:42:30 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 11:38:55 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 11:35:04 2015 +0200

    tests: Added PKCS #7 attribute generation check

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 10:44:25 2015 +0200

    tests: updated for new certtool output

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 10:40:54 2015 +0200

    certtool: print signed and unsigned PKCS #7 attributes

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jun 3 10:24:05 2015 +0200

    Added code to parse and set PKCS #7 attributes

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 16:34:45 2015 +0200

    tests: added PKCS #7 verification check with MD5

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 16:31:49 2015 +0200

    use the same flags in all verification functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 16:05:46 2015 +0200

    _decode_pkcs7_signed_data: fixed mem leaks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 15:58:14 2015 +0200

    Initialization of gnutls_x509_dn_t was modified to allow deinitialization after failure
    
    Part2: made gnutls_x509_crt_get_subject() and gnutls_x509_crt_get_issuer()
    return a constant value and avoid leaks.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 14:40:56 2015 +0200

    doc: Separated the PKCS #7 in manual

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 14:35:26 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 14:26:20 2015 +0200

    tests: check PKCS #7 structure signature generation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 14:16:58 2015 +0200

    tests: check PKCS #7 bundle generation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 14:08:13 2015 +0200

    certtool: added --p7-generate, --p7-sign and --p7-detached-sign

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 12:58:34 2015 +0200

    Added gnutls_pkcs7_sign()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 11:13:41 2015 +0200

    Added gnutls_pkcs7_get_crl_raw2

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 11:00:39 2015 +0200

    certtool: print the signing time when available

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 11:00:26 2015 +0200

    pkcs7 verification: parse the signing time

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 09:54:38 2015 +0200

    on PKCS #7 verification check the the content type matches the signed data

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 09:22:36 2015 +0200

    certtool: print more info about the PKCS #7 struct

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 09:15:53 2015 +0200

    certtool: allow verification against a direct PKCS #7 signer

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 09:05:27 2015 +0200

    tests: added checks with PKCS #7 detached data

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 09:03:34 2015 +0200

    pkcs7 verification: return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when no encapsulated data exist

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jun 2 08:57:34 2015 +0200

    certtool: allow verifying PKCS #7 with detached data

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 1 21:37:44 2015 +0200

    certtool: improved PKCS #7 verification output

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 1 21:33:02 2015 +0200

    tests: check the key purpose in PKCS #7 verification

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 1 20:07:57 2015 +0200

    tests: added PKCS #7 test with more than 1 certs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 1 18:56:51 2015 +0200

    certtool: allow verification of PKCS #7 structures

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 1 18:55:37 2015 +0200

    Initialization of gnutls_x509_dn_t was modified to allow deinitialization after failure

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 1 15:19:03 2015 +0200

    Added PKCS #7 signature(s) verification

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 1 15:13:10 2015 +0200

    Added gnutls_pkcs11_get_raw_issuer_by_subject_key_id and gnutls_x509_trust_list_get_issuer_by_subject_key_id

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 1 14:34:57 2015 +0200

    tests: added check for gnutls_x509_dn_get_str

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 1 14:26:19 2015 +0200

    added gnutls_x509_dn_get_str

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 1 11:52:58 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 1 11:51:32 2015 +0200

    Added gnutls_x509_crt_verify_data2() and kept gnutls_privkey_sign_data()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jun 1 10:43:46 2015 +0200

    verify PKCS #7 signed data

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 29 14:41:13 2015 +0200

    updated PKCS #7 code to cache signed_data

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jun 1 21:48:48 2015 +0200

    When manual PKCS #11 configuration is requested don't initialize other providers

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 31 08:51:26 2015 +0200

    certtool: deinitialize PKCS #7 resources

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 31 08:50:09 2015 +0200

    tests: Added tests for PKCS7 cert extraction

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 29 16:37:36 2015 +0200

    Revert "updated gnulib"
    
    This reverts commit c040ce6dd05b48b971d8dcc8fc8f23957ed15f9c.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 29 14:39:58 2015 +0200

    silence format-signness warnings in gcc5

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 29 14:34:53 2015 +0200

    updated gnulib

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 26 22:12:19 2015 +0200

    Check the OID size for match when comparing for the OCSP nonce extension
    
    Reported by Hanno Böck.

Author: Armin Burgmeier <armin@arbur.net>
Date:   Sat May 23 23:30:18 2015 -0400

    gnutls_dh_get_prime_bits: return 0 if DH is not used
    
    Before, the number of bits of a zero-length number was attempted to be
    extracted, resulting in an error. The changed behaviour is consistent with
    the documentation which explicitly states that 0 should be returned if no DH
    key exchange was performed.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 22 09:08:00 2015 +0200

    gnutls_dh_get_group: mention that the values may include a leading zero

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 21 11:55:06 2015 +0200

    gnutls_dh_set_prime_bits: warn when overriding the DH max prime size with 1007 bits or less

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 21 10:52:37 2015 +0200

    cleanup unused variable

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 21 10:51:17 2015 +0200

    corrected allocation check

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 21 10:46:26 2015 +0200

    removed useless check

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 21 10:43:06 2015 +0200

    document intentional fallthrough in switch

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 21 10:41:11 2015 +0200

    ecc ext: check return code of _gnutls_buffer_append_data

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 17 21:11:14 2015 +0200

    tests: enhance the no-signal check to include proper data sending

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 17 20:59:14 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 17 20:57:48 2015 +0200

    tests: check the operation of GNUTLS_NO_SIGNAL

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 17 20:33:48 2015 +0200

    Allow the usage of MSG_NOSIGNAL in send functions
    
    That introduces the GNUTLS_NO_SIGNAL flag for gnutls_init(),
    which is available in systems that support the MSG_NOSIGNAL
    flag to send(). That eases the usage of the library within
    other libraries.
    Resolves #11

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 15 12:03:23 2015 +0200

    include nettle/memxor when needed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 15 12:02:56 2015 +0200

    gnutls-serv: send alert when wrong data have been received from client

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 14 15:32:09 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 14 14:00:11 2015 +0200

    camellia256-gcm: corrected regression
    
    Reported by Manuel Pegourie-Gonnard.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 11 18:41:09 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 6 15:22:05 2015 +0200

    doc: added section about subject alternative names

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 6 11:17:09 2015 +0200

    handshake_start_time was moved out of the DTLS-specific variables

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 6 11:13:05 2015 +0200

    apply default timeout for DTLS in gnutls_handshake_set_timeout

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 6 10:03:16 2015 +0200

    tests: do not perform internationalized name checks without libidn

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed May 6 09:52:39 2015 +0200

    tests: updated sign-md5-rep to reduce false failures

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 5 16:40:37 2015 +0200

    tests: eliminate mem leaks in mini-loss-time

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 5 15:55:19 2015 +0200

    tests: testdane: remove dane.nox.su from the list of known to be good hosts

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 5 14:43:42 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 5 14:41:55 2015 +0200

    tests: mini-loss-time enhanced to check proper timeouts in both client and server

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 5 14:35:45 2015 +0200

    dtls: combined the total timeouts of DTLS and TLS handshake
    
    That also makes the waits for packets more robust against blocking.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 5 09:36:17 2015 +0200

    define GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 5 07:57:16 2015 +0200

    doc: updated text to account for pkcs11-url standardization

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 3 19:43:40 2015 +0200

    tests: mini-dtls-mtu: compile in windows

Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date:   Mon May 4 10:53:10 2015 +0300

    doc: Fixed typo in heartbeat documentation.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 3 19:39:52 2015 +0200

    cross.mk: updated for 3.4.1

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 3 19:36:02 2015 +0200

    updated abi base for 3.4

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 3 19:24:23 2015 +0200

    NEWS: updated

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun May 3 19:09:19 2015 +0200

    released 3.4.1

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Apr 30 18:48:57 2015 +0200

    doc: updated gnutls_dtls_set_timeouts

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 30 16:40:24 2015 +0200

    doc: fixed example with DTLS timeouts

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 30 16:32:40 2015 +0200

    use macro for DTLS default timeout

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 30 16:28:24 2015 +0200

    gnutls_handshake_set_timeout will properly work with DTLS

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 30 14:09:22 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 30 14:53:17 2015 +0200

    document the need for gnutls_transport_set_pull_timeout_function

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 30 14:06:09 2015 +0200

    doc: updated async operation text

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 30 13:53:19 2015 +0200

    disable default handshake timeout
    
    It caused issues with non-blocking TLS clients and servers
    which may not want to block while the pull timeout function
    waits.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 30 13:38:26 2015 +0200

    tests: added check to verify that pull timeout is not called on non-blocking sessions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 30 13:22:34 2015 +0200

    GNUTLS_NONBLOCK can be used for non-DTLS sessions as well

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 29 14:44:30 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 29 14:44:30 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 28 16:12:13 2015 +0200

    tests: key generation test was moved to main checks
    
    This will allow to catch memory leaks with valgrind.

Author: Jan Vcelak <jan.vcelak@nic.cz>
Date:   Tue Apr 28 13:50:40 2015 +0200

    fix memory leak in ECDSA key parameters verification
    
    Signed-off-by: Jan Vcelak <jan.vcelak@nic.cz>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 28 14:30:35 2015 +0200

    updated minitasn1

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 28 14:29:41 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 28 14:26:57 2015 +0200

    Handle DNS name constraints with leading dot
    
    Patch by Fotis Loukos.
    Resolves 3
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 28 09:02:12 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 27 09:16:42 2015 +0200

    updated text for gnutls_pkcs11_init

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 27 09:08:10 2015 +0200

    updated pkcs11 loading documentation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 26 08:31:12 2015 +0200

    tests: mini-etm: use TLS as the transport layer

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 26 08:29:19 2015 +0200

    tests: added comment for sign-md5-rep

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 26 08:11:17 2015 +0200

    more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 26 00:04:13 2015 +0200

    Sync with TP.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 25 21:23:38 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 25 20:00:04 2015 +0200

    tests: added reproducer for the MD5 acceptance issue
    
    Reported by Karthikeyan Bhargavan.
    http://lists.gnutls.org/pipermail/gnutls-devel/2015-April/007572.html

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 25 19:34:34 2015 +0200

    before falling back to SHA1 as signature algorithm in TLS 1.2 check if it is enabled

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 25 19:14:07 2015 +0200

    _gnutls_session_sign_algo_enabled: do not consider any values from the extension data to decide acceptable algorithms

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 25 09:28:57 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 25 09:13:04 2015 +0200

    tests: added unit tests for gnutls_certificate_client_get_request_status

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 25 09:12:04 2015 +0200

    set the value used by gnutls_certificate_client_get_request_status prior to selecting certificate
    
    That allows gnutls_certificate_client_get_request_status() to be properly operating
    from the callback. Reported by Anton Lavrentiev.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 25 09:10:15 2015 +0200

    updated doc for retrieve function

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Apr 24 16:04:44 2015 +0200

    updated PKCS #11 URL references to rfc7512

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 22 14:00:45 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 22 13:54:18 2015 +0200

    tests: added check for gnutls_credentials_get

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 22 13:49:10 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 22 13:41:17 2015 +0200

    fixed doc: reported by Anton Lavrentiev

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 22 11:33:34 2015 +0200

    doc: corrected typo

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 21 22:08:56 2015 +0200

    tests: resume-dtls: remove global variables

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Tue Apr 21 19:18:00 2015 +0200

    List all certificate type priority strings.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 19 21:23:21 2015 +0200

    tls-rsa: keep a common code path when doing RSA decryption
    
    Suggested by Nimrod Aviram.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 21 15:20:38 2015 +0200

    tests: initialize status where needed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 21 15:18:11 2015 +0200

    tests: cleanup openpgp-auth2

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 21 15:17:38 2015 +0200

    tests: cleanup mini-dtls-rehandshake

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 21 13:46:36 2015 +0200

    tests: resume: check for signals

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 21 10:42:50 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 21 10:40:41 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 21 10:36:07 2015 +0200

    tests: reduced compiler warnings

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 21 10:07:30 2015 +0200

    tests: verify the return value of gnutls_certificate_get_ours when no cert is sent

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 21 10:07:11 2015 +0200

    tests: close unused file descriptors in resume checks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Apr 20 23:39:08 2015 +0200

    libopts: fixed the reading of the --enable-local-libopts flag

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 20 17:51:20 2015 +0200

    gnutls-cli: when no certificate is sent, notify the user

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 20 17:45:33 2015 +0200

    tests: added check with X.509 certificates and callbacks
    
    That corresponds to functionality checked in openpgp-callback.c

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 20 17:38:10 2015 +0200

    tests: added check for gnutls_certificate_get_ours() when used in combination with callbacks

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 20 16:46:34 2015 +0200

    tests: improved x509dn check

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 20 16:43:51 2015 +0200

    gnutls_certificate_get_ours: will return the certificate even if a callback was used
    
    This corrects a bug where this function would not work, when
    gnutls_certificate_set_retrieve_function2() was used.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 20 16:31:55 2015 +0200

    gnutls-cli: when a certificate is specified require the corresponding private key

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 20 16:25:21 2015 +0200

    ensure that the X.509 version number is one byte only

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 20 14:04:37 2015 +0200

    Check for invalid length in the X.509 version field
    
    If such an invalid length is detected, reject the certificate.
    Reported by Hanno Böck.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 20 13:57:31 2015 +0200

    ocsp: initialize certs to NULL

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 20 12:45:56 2015 +0200

    gnutls-serv: print when the peer's certificate is not verified

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 19 09:42:05 2015 +0200

    Sync with TP.

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Sat Apr 18 11:38:57 2015 +0200

    ncrypt.h lacks some defines with some versions of MinGW.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 19 09:19:22 2015 +0200

    updated auto-generated files

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Sat Apr 18 11:38:56 2015 +0200

    Fix a preprocessor warning about mismatched quotes.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Sat Apr 18 11:38:55 2015 +0200

    Set _WIN32_WINNT to 0x600, at least with some MinGW versions ncrypt.h checks this define to be at least 0x600.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Kosse <tim.kosse@filezilla-project.org>
Date:   Sat Apr 18 11:38:54 2015 +0200

    Fix include order, include gnutls_int.h before gnutls.h, otherwise undefined external references to gnutls_free and gnutls_strdup are the result when statically linking against GnuTLS built by MinGW.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Apr 16 19:36:32 2015 +0300

    gnutls-cli: removed CCM from the ciphers tested with the old API
    
    That prevents a crash of the benchmark. Reported by James Cloos.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Apr 16 19:24:46 2015 +0300

    refuse to use the old cipher API with AEAD-only ciphers

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Apr 16 00:16:22 2015 +0300

    tests: ignore sigpipe in resume and termination tests

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 15 20:05:59 2015 +0300

    doc: added error check in example

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 15 20:03:06 2015 +0300

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 15 16:00:53 2015 +0300

    doc: removed stray @end

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 15 11:53:39 2015 +0300

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 15 11:49:26 2015 +0300

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 15 11:48:21 2015 +0300

    x509: when printing the keyid of a certificate use the curve name for randomart

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 15 11:47:39 2015 +0300

    gnutls_x509_crt_get_pk_* are based on gnutls_pubkey_export_*

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 15 11:45:08 2015 +0300

    gnutls_pubkey_export_* are tolerable in null input

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 15 11:41:54 2015 +0300

    Added gnutls_x509_crt_get_pk_ecc_raw()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 15 11:24:01 2015 +0300

    randomart: corrected usage of snprintf

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 14 22:11:14 2015 +0300

    certtool: when generating an ECDSA key use the curve name in random art

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 14 22:08:18 2015 +0300

    randomart: only print key size if it is non-zero

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 14 22:01:29 2015 +0300

    cross.mk: updated for 3.4.0

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 14 21:33:19 2015 +0300

    Remove SOCK_CLOEXEC from socket() call.
    
    That allows compilation in systems where this
    flag doesn't exist.
    Resolves #7

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 14 16:06:39 2015 +0300

    document the recommended re-handshake process

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Apr 9 16:00:43 2015 +0200

    remove duplicate entries from manpages Makefile

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 8 17:08:07 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 8 17:07:11 2015 +0200

    tests: enhanced cert tests with SHA256 key IDs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 8 16:56:44 2015 +0200

    certtool: modified to allow different key ID algorithms

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 8 16:48:46 2015 +0200

    Added flags which modify the algorithm used for key ID calculation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 8 16:33:47 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 8 16:18:37 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 8 16:16:42 2015 +0200

    gnutls_record_discard_queued() is both for TLS and DTLS

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 8 08:59:54 2015 +0200

    document the new crypto register functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 8 08:53:39 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 8 08:49:45 2015 +0200

    doc: avoid spaces in showfunc

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 8 08:15:24 2015 +0200

    tests: added files into dist

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 8 08:08:14 2015 +0200

    configure: ask for nettle 3.1

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Apr 8 08:06:52 2015 +0200

    released 3.4.0

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 7 23:28:06 2015 +0200

    gnutls-cli: document the method to override the detected ciphers

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 7 23:21:23 2015 +0200

    fixed AESNI CCM encryption

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 7 23:14:48 2015 +0200

    cleanups in CCM-aesni

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 7 22:28:29 2015 +0200

    tests: test CCM-8 against polarssl

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 7 22:21:45 2015 +0200

    gnutls-cli-debug: test for AES-CCM

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 7 22:10:43 2015 +0200

    doc: added 'git submodule update' to clone steps

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 7 22:00:17 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 7 21:38:11 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Apr 7 20:24:10 2015 +0200

    removed unused functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 7 16:03:16 2015 +0200

    extend the fallback to setkey in addition to init

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 7 15:50:23 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 7 15:48:41 2015 +0200

    tests: verify the behavior of GNUTLS_E_NEED_FALLBACK

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 7 15:39:18 2015 +0200

    introduced GNUTLS_E_NEED_FALLBACK to allow falling back from registered ciphers
    
    That allows a registered cipher to indicate that it cannot operate
    (e.g., due to memory constraints, or internal limits), and gnutls should
    proceed with the default algorithms.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 7 10:53:54 2015 +0200

    ciphersuites: moved CCM ciphersuites in the appropriate ifdefs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 7 10:51:25 2015 +0200

    tests: ciphersuite test will ignore the invalid names of TLS_DHE_PSK_WITH_AES_128_CCM_8
    
    That is because the names in rfc6655 are for some reason different
    than the expected.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 7 10:47:00 2015 +0200

    document CCM and CCM-8

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 7 10:44:02 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 7 10:42:36 2015 +0200

    tests: added CCM and CCM_8 into ciphersuite tests

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Apr 7 10:31:23 2015 +0200

    Added CCM-8 ciphersuites

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Apr 6 19:14:31 2015 +0200

    updated announce text

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Apr 6 10:49:15 2015 +0200

    symbols: added the new supplemental functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Apr 6 10:08:16 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 5 20:43:18 2015 +0200

    tests: delay tests that depend on timing when they fail
    
    That often prevents failures on busy systems.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 18:31:28 2015 +0200

    don't enforce iv_size > block_size; it is no longer true for all ciphers

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 15:10:26 2015 +0200

    simplified calc_enc_length_stream

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 14:49:03 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 14:29:58 2015 +0200

    tests: updated supplemental API

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 12:42:21 2015 +0200

    gnutls_ext_register will fail on double registration

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 12:37:38 2015 +0200

    gnutls_supplemental_register will fail on double registration

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 12:05:40 2015 +0200

    symbols: added new exported functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 12:04:34 2015 +0200

    doc: updated makefiles to include new functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 12:03:37 2015 +0200

    libgnutls.map: remove gnutls_record_set_max_empty_records

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 11:54:03 2015 +0200

    account for the renamed gnutls_supplemental_recv/send

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 11:50:54 2015 +0200

    document the export supplemental data API

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 11:45:28 2015 +0200

    gnutls_do_recv/send_supplemental -> gnutls_supplemental_recv/send
    
    Also added the gnutls_ prefix to new types.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 11:34:55 2015 +0200

    Added documentation for gnutls_do_send/recv_supplemental

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 10:30:56 2015 +0200

    doc updates

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 09:43:16 2015 +0200

    the base64 xxx_alloc functions were renamed to xxx2
    
    That brings them in par with the rest of the allocation
    functions.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 09:36:34 2015 +0200

    p11tool: use the key usage flags to set PKCS #11 properties

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 09:31:00 2015 +0200

    pkcs11: use key_usage to set the appropriate flags

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 08:53:33 2015 +0200

    cleanups in supplemental data support

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 4 07:36:47 2015 +0200

    DH: do not warn on zero q_bits

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 3 22:52:17 2015 +0200

    NEWS: rearrange entries

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Apr 3 22:35:24 2015 +0200

    certtool: certtool --generate-dh-params will account for --outder
    
    Resolves #5

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 2 15:30:20 2015 +0200

    chacha20-poly1305: ciphersuite numbers correspond to the latest draft

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 2 15:27:51 2015 +0200

    p11tool: improved output message

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Apr 2 12:54:45 2015 +0200

    removed unecessary warning

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 1 19:08:33 2015 +0200

    doc update: account for new functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 1 18:42:13 2015 +0200

    p11tool: better output text

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 1 18:40:47 2015 +0200

    pkcs11: added GNUTLS_PKCS11_OBJ_FLAG_EXPECT_PUBKEY
    
    Also enforce the expected flags despite any given flags
    in the URL.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 1 18:29:08 2015 +0200

    p11tool: added the --test-sign parameter
    
    That allows to check an existing key for signing/verification.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 1 16:52:48 2015 +0200

    gnutls_priv/pubkey_import_url replace: gnutls_privkey_import_pkcs11_url and gnutls_pubkey_import_pkcs11_url

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 1 16:02:02 2015 +0200

    certtool: corrected import of pubkey in DER format

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 1 10:50:08 2015 +0200

    tests: added check for EtM negotiation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 1 10:42:28 2015 +0200

    only send EtM extension if we have CBC ciphersuites

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 1 10:04:54 2015 +0200

    mention gnutls_privkey_sign_raw_data in upgrade section

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 1 09:55:09 2015 +0200

    gnutls_privkey_sign_raw_data: converted to macro over gnutls_privkey_sign_hash

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 1 10:00:31 2015 +0200

    tests: added check for the legacy gnutls_privkey_sign_raw_data

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 31 11:16:45 2015 +0200

    avoid compilation warnings in self checks (take 2)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 31 11:15:04 2015 +0200

    Revert "selftests: avoid compilatio warnings"
    
    This reverts commit 196477d68f32b30d0de8e203a5c1c405af429603.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 31 08:50:45 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 31 08:48:37 2015 +0200

    tests: check whether PKCS #11 ID set on copy/generation is correct

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 31 08:29:33 2015 +0200

    p11tool: allow setting the CKA_ID on object initialization/generation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 31 08:22:58 2015 +0200

    exported new functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 31 08:19:18 2015 +0200

    pkcs11: enhanced key generation functions to allow specifying a CKA_ID

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 31 08:14:27 2015 +0200

    selftests: avoid compilatio warnings

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 30 16:12:27 2015 +0200

    enhanced copy functions to allow specifying a CKA_ID

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 30 09:57:41 2015 +0200

    tests: mini-server-name: ignore sigpipe

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 30 07:48:15 2015 +0200

    tests: added more libidn-related valgrind suppressions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 30 07:05:27 2015 +0200

    doc: increase border spacing in HTML tables

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 30 06:59:19 2015 +0200

    doc: list chacha20-poly1305 to the list of ciphers

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 30 06:47:51 2015 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 30 06:37:52 2015 +0200

    manpages: automatically adjust the copyright year on generated pages

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 30 06:34:37 2015 +0200

    tests: added check for gnutls_server_name_get and gnutls_server_name_set

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 29 10:54:11 2015 +0200

    test-ciphers.js: improved ciphersuite checks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 29 10:49:23 2015 +0200

    corrected GNUTLS_ECDHE_ECDSA_CHACHA20_POLY1305

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Mar 29 10:27:57 2015 +0200

    updated test-ciphersuite.sh for new types

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 23:18:06 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 22:41:03 2015 +0100

    Better fix for the double free in dist point parsing

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 22:31:09 2015 +0100

    updated minitasn1

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 19:34:29 2015 +0100

    gnutls_pkcs11_copy_x509_privkey: increase size for attributes

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 19:21:48 2015 +0100

    moved chacha20-poly1305 ciphersuites to the 0xCD space

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 13:45:23 2015 +0100

    doc update: replace cryptographic algorithm by encryption algorithm

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 12:43:58 2015 +0100

    gnutls_subject_alt_names_set and gnutls_x509_aki_set_cert_issuer will set null-terminated strings

Author: Jiří Klimeš <jklimes@redhat.com>
Date:   Fri Mar 27 19:55:40 2015 +0100

    doc: be consistent in the function descriptions
    
    Signed-off-by: Jiří Klimeš <jklimes@redhat.com>

Author: Jiří Klimeš <jklimes@redhat.com>
Date:   Fri Mar 27 20:00:45 2015 +0100

    doc: correct the description of crypto API functions
    
    Signed-off-by: Jiří Klimeš <jklimes@redhat.com>

Author: Jiří Klimeš <jklimes@redhat.com>
Date:   Fri Mar 27 12:58:34 2015 +0100

    Fix a few compiler warnings about unused variables
    
    [-Wunused-variable]
    
    Signed-off-by: Jiří Klimeš <jklimes@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 12:00:36 2015 +0100

    fixed CHACHA20-POLY1305 in DTLS

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 11:08:28 2015 +0100

    gnutls-cli: added chacha-poly1305 into benchmarks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 10:57:54 2015 +0100

    when calculating record overhead account for chacha20 which doesn't send the nonce on the wire

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 10:54:02 2015 +0100

    tests: include chacha20 into transfer tests

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 10:40:47 2015 +0100

    Added the CHACHA20-POLY1305 ciphersuites (with random IDs)

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 09:59:38 2015 +0100

    added chacha20-poly1305 as cipher

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 09:09:02 2015 +0100

    tests: check retvals in block ciphers

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 09:06:16 2015 +0100

    do not penalize CBC ciphers with the maximum send data size
    
    That reduced the maximum send size for CBC ciphers from 16384
    to 16384-(block size), which was unnecessary and was causing issues:
    https://bugs.winehq.org/show_bug.cgi?id=37500

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 08:18:32 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 28 08:18:17 2015 +0100

    gnutls_record_set_max_empty_records: removed

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 23 22:55:29 2015 +0100

    eliminated double-free in the parsing of dist points
    
    Reported by Robert Święcki.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 23 22:29:23 2015 +0100

    Added a tight loop around the legacy push function
    
    That reduces the need for more expensive outer loops.
    Originally suggested by Anton Lavrentiev.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 23 19:19:49 2015 +0100

    updated gnulib

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 27 14:01:20 2015 +0100

    p11tool: more precise documentation of --set-id parameter

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 27 11:05:08 2015 +0100

    depend on nettle 3.1 or later

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 27 10:42:48 2015 +0100

    tests: updated email check for renamed --verify-email option

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 27 10:32:29 2015 +0100

    gnutls_pkcs11_privkey_generate2: increased the size of ck_attributes

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 27 10:31:03 2015 +0100

    pkcs11: check gnutls_rnd() for error condition

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 27 10:27:10 2015 +0100

    gnutls_pkcs11_privkey_generate2: set a CKA_ID on key generation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 27 10:25:59 2015 +0100

    p11tool: reduced debugging output

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 27 09:47:40 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 27 09:47:12 2015 +0100

    certtool: --purpose, --hostname were renamed to --verify-purpose, --verify-hostname

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 26 16:46:43 2015 +0100

    p11tool: added --mark-no-sign and --mark-no-decrypt options

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 26 16:34:46 2015 +0100

    pkcs11: added flags to mark keys as not-being signable or decryptable
    
    That adds GNUTLS_PKCS11_OBJ_FLAG_MARK_NO_DECRYPT and GNUTLS_PKCS11_OBJ_FLAG_MARK_NO_SIGN
    which can be set during generation or write of keys.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 26 16:21:28 2015 +0100

    pkcs11: set the CKA_SIGN and CKA_DECRYPT flags when writing a private key

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 26 13:16:52 2015 +0100

    tests: cleanups in resume-dtls

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 26 11:26:14 2015 +0100

    ext: server_name: move name length check prior to IDN convertion

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 26 11:04:37 2015 +0100

    When an application calls gnutls_server_name_set() with a name of zero size disable the extension
    
    Resolves #2

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 26 09:25:10 2015 +0100

    gnutls_x509_crt_check_hostname2: check CN for match only if certificate would have been acceptable for GNUTLS_KP_TLS_WWW_SERVER

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 26 09:20:34 2015 +0100

    Apply DNS name constraints on CN field only on certificates acceptable for TLS WWW SERVER purpose
    
    Suggested by Fotis Loukos.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 25 17:10:06 2015 +0100

    tests: mini-loss-time is less prone to timeouts

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 25 15:56:32 2015 +0100

    tests: added valgrind suppressions in cert-tests for libidn

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 25 15:52:15 2015 +0100

    certtool: eliminated memory leaks on verification

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 25 10:39:35 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 25 10:21:31 2015 +0100

    tests: Added email verification tests with certtool

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 25 10:05:33 2015 +0100

    certtool: added the --email option, to use in verification

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 25 10:04:56 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 25 09:42:16 2015 +0100

    Added gnutls_x509_crt_check_email(), gnutls_openpgp_crt_check_email() and GNUTLS_DT_RFC822NAME

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 25 09:02:53 2015 +0100

    tests: verify that we accept a certificate with no name even if its CA has nameconstraints

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 25 08:38:47 2015 +0100

    name constraints: when no name of the type is found, accept the certificate
    
    This follows RFC5280 advice closely. Reported by Fotis Loukos.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 24 10:49:32 2015 +0100

    tests: increase the timeout in resume-dtls

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 24 10:09:43 2015 +0100

    gnutls_pkcs11_obj_export3: allow operation when raw.data is NULL and we have a public key

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 24 09:58:17 2015 +0100

    pkcs11: simplified export of objects
    
    That also allows to export public keys, even when a CKA_VALUE
    with the public key is not present. For that we use the key
    parameters, which we encode into a key. Issue reported by
    Frank Leavis.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 24 08:37:35 2015 +0100

    gnulib: removed u64 module

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 24 08:36:33 2015 +0100

    drop support for gnulib's u64

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 23 13:09:08 2015 +0100

    tests: check legacy RC4 in testcompat
    
    That would prevent losing compatibility without detecting it.
    That is currently the case since it is no longer enabled by default.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 23 10:28:28 2015 +0100

    tests: added check to verify the correctness of the record function return values

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 21 11:14:15 2015 +0100

    tools: enable compilation with all options disabled

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 21 11:13:58 2015 +0100

    enable compilation with several options disabled

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 21 10:38:28 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 20 14:04:26 2015 +0100

    doc: avoid mentioning pointers when not needed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 20 13:46:24 2015 +0100

    increase the maximum stack frame the compiler will warn for

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 20 13:22:43 2015 +0100

    doc: avoid using structure for opaque types

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 20 09:42:28 2015 +0100

    tests: include gnutls_ext_s/get_data into tests of mini-extension

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 20 09:41:59 2015 +0100

    updated documentation on non-return value of gnutls_ext_set_data

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 20 09:35:51 2015 +0100

    tests: fixed buffers in mini-dtls0-9

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 20 09:32:19 2015 +0100

    avoid overflow when receiving DTLS 0.9 CCS

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 20 08:35:48 2015 +0100

    added gnutls_ext_set_data() and gnutls_ext_get_data()
    
    As a side effect the type which holds private data was reduced
    from union to void * pointer. That simplifies the exported API
    without reducing the options in the internal API.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 22:04:48 2015 +0100

    more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 22:03:22 2015 +0100

    set GNUTLS_DTLS_VERSION_MIN to be DTLS0.9
    
    That allows standard DTLS ciphersuites to be used with DTLS0.9

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 21:59:06 2015 +0100

    tests: added test for DTLS 0.9

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 21:30:42 2015 +0100

    tests: updated mini-extension

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 21:29:34 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 21:27:35 2015 +0100

    mention the new functionality briefly in documentation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 21:23:29 2015 +0100

    mention that the registration functions are not thread safe

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 21:22:29 2015 +0100

    store a copy of the extensions name

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 21:21:00 2015 +0100

    deinitialize supplemental data on deinit

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 21:15:24 2015 +0100

    removed unused epoch change callback

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 21:12:27 2015 +0100

    deinitialize supplemental data on deinit

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 21:06:14 2015 +0100

    reduce warnings

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 21:00:26 2015 +0100

    added documentation for the new functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 20:47:51 2015 +0100

    tests: remove warnings in mini-supplementaldata.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 20:46:57 2015 +0100

    updated types

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 20:41:03 2015 +0100

    more files to ignore

Author: Thierry Quemerais <tquemerais@awox.com>
Date:   Thu Mar 19 20:40:25 2015 +0100

    Added a way to add custom supplemental data from public API.
    
    Signed-off-by: Thierry Quemerais <tquemerais@awox.com>

Author: Thierry Quemerais <tquemerais@awox.com>
Date:   Thu Mar 19 16:24:15 2015 +0100

    Fixed extension test.
    
    Signed-off-by: Thierry Quemerais <tquemerais@awox.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 20:35:22 2015 +0100

    renamed gnutls_buffer_st -> gnutls_buffer_t

Author: Thierry Quemerais <tquemerais@awox.com>
Date:   Thu Mar 19 20:15:11 2015 +0100

    Added a way to add custom extensions from public API.
    
    Signed-off-by: Thierry Quemerais <tquemerais@awox.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 19 20:11:18 2015 +0100

    more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 19 11:43:52 2015 +0100

    gnutls_x509_crt_import_pkcs11_url moved to pkcs11.h as it was always defined there

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 19 11:06:28 2015 +0100

    inet_ntop replacement: include sys/socket.h

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 19 11:03:24 2015 +0100

    inet_ntop replacement: do not depend on socklen_t

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 18 22:48:06 2015 +0100

    tests: link cipher tests directly with nettle when needed

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 18 22:39:19 2015 +0100

    tests: mini-dtls-record: increase timeouts to avoid failure of test due to slow system

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 18 19:46:00 2015 +0100

    tests: mini-dtls-record: removed the need for 64-bit number

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 18 19:34:14 2015 +0100

    tests: increase verbosity of mini-dtls-record

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 18 14:05:51 2015 +0100

    document the cipher override API

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 18 13:47:03 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 18 13:42:55 2015 +0100

    added test suite for overriden digests and MACs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 18 13:04:43 2015 +0100

    Added API to register MAC and digest algorithms.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 18 11:46:06 2015 +0100

    added test suite for overriden ciphers

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 18 11:44:26 2015 +0100

    Added API to register AEAD and legacy ciphers.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 18 11:30:44 2015 +0100

    cryptodev: provide the new AEAD API

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 18 10:34:47 2015 +0100

    Added environment variable which can override automatic global initialization

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 18 10:09:34 2015 +0100

    removed unused functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 18 10:07:09 2015 +0100

    configure: fail compilation if the minimum required libtasn1 is not present

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 18 09:53:06 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 16 13:52:05 2015 +0100

    tests: long-session-id uses the test framework

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 17 09:29:52 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 17 09:23:51 2015 +0100

    depend on p11-kit 0.23.1 to conform to draft-pechanec-pkcs11uri-21

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 16 13:23:20 2015 +0100

    tests: fixed shadowed variable in mini-dtls-record

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 16 11:38:56 2015 +0100

    tests: use nanosleep for sleeping

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 14 08:41:33 2015 +0100

    README-alpha: move valgrind to testing tools

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 14 08:40:29 2015 +0100

    updated README-alpha

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 13 16:30:55 2015 +0100

    Fixed handling of supplemental data with types > 255.
    
    Patch by Thierry Quemerais.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 13 16:20:54 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 13 16:12:17 2015 +0100

    gnutls_priority_init: document that priorities can be NULL

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 13 13:30:12 2015 +0100

    testpkcs11: disallow softhsm 2.0.0b1 from being used to test PKCS #11

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 13 13:24:18 2015 +0100

    tests: mini-eagain2: call gnutls_handshake_set_timeout() at the proper time

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 13 10:10:23 2015 +0100

    added libasan as dependency

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 13 09:52:15 2015 +0100

    corrected self test for 3DES

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 12 06:58:02 2015 +0100

    pkcs11: correctly set the size of type

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 11 22:51:25 2015 +0100

    pkcs11: combined the fill for object attributes set

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 11 22:35:53 2015 +0100

    pkcs11: only set ID and label when both size and data are set

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 11 16:14:32 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 11 16:10:46 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 11 16:10:36 2015 +0100

    p11tool: exit with non-zero reason if no objects are found

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 11 16:02:44 2015 +0100

    tests: added checks for p11tool --set-id and --set-label

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 11 16:02:21 2015 +0100

    p11tool: added --set-id and --set-label options

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 11 14:49:04 2015 +0100

    added gnutls_pkcs11_obj_set_info()
    
    This function allows setting information such as the CKA_ID
    and the CKA_LABEL of an object.
    
    Resolves #1

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 11 09:30:37 2015 +0100

    Added check for GNUTLS-SA-2015-1

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 9 22:31:38 2015 +0100

    tests: removed test with invalid DER encoding in chainverify
    
    These certificates are now rejected earlier.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 9 22:31:03 2015 +0100

    tests: added a check for certificates with invalid DER encodings

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 9 22:19:33 2015 +0100

    x509: use libtasn1's strict DER decoding rules in network obtained structures

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 9 21:57:25 2015 +0100

    depend on libtasn1 4.3

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 9 21:54:13 2015 +0100

    minitasn1: updated to libtasn1 4.3

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Mar 9 19:09:34 2015 +0100

    rearranged internal documentation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 9 12:38:52 2015 +0100

    tools: added ftp as a starttls protocol

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 9 12:38:01 2015 +0100

    gnutls-cli: starttls and starttls-proto can't mix

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 7 19:58:00 2015 +0100

    expand on SECURE256 being an alias to SECURE192

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 7 13:10:53 2015 +0100

    tests: do not run polarssl interop test on VIA

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 7 13:08:47 2015 +0100

    use common license in all testcompat scripts

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 7 11:47:19 2015 +0100

    removed unused function

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 7 09:56:10 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 6 18:02:28 2015 +0100

    README-alpha is README.md on repository
    
    It contains information for developers.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Mar 6 18:00:41 2015 +0100

    Revert "auto-generate README from README.md"
    
    This reverts commit aff4b2151b42c6a59e490c3714d3e1e64d2921dd.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 17:36:15 2015 +0100

    cleaned up licensing

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 17:32:10 2015 +0100

    auto-generate README from README.md

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 17:17:53 2015 +0100

    Revert "added README.md as link to README"
    
    This reverts commit 041d4f947eb6937d4af62eb35055668825c36833.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 17:17:26 2015 +0100

    added README.md as link to README

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 17:15:41 2015 +0100

    Revert "renamed README files"
    
    This reverts commit 05b4fa46667d3f5972f6de6ac61ff959382c67a5.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 17:14:50 2015 +0100

    renamed README files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 17:12:09 2015 +0100

    README: converted to mark-down

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 15:58:37 2015 +0100

    gnutls-cli-debug: corrected check of certificate chain order

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 15:52:01 2015 +0100

    tests: added small test to verify that GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED succeeds with a single cert

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 15:42:40 2015 +0100

    gnutls-cli-debug: disable unsupported TLS protocols as soon

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 15:30:42 2015 +0100

    cli sockets: check for a digit prior using atoi

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 15:14:14 2015 +0100

    gnutls-cli-debug: a cert list of size 1 is always sorted

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 15:11:35 2015 +0100

    gnutls-cli-debug: do not warn multiple times about unknown protocols

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Mar 6 10:52:32 2015 +0100

    updated documentation on FIPS140-2

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 5 22:30:31 2015 +0100

    tests: speed up testcompat check by remove less important options

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 5 22:27:51 2015 +0100

    tests: updated paths for softhsm detection

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 5 22:16:34 2015 +0100

    README: mention nodejs

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 5 21:04:58 2015 +0100

    configure: check for /usr/share/dns/root.key as well for dns root key

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 5 21:03:20 2015 +0100

    README: mention dependency on dns-root-data

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 5 19:03:34 2015 +0100

    tests: don't perform the overflow check in 32-bit systems

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 5 18:46:44 2015 +0100

    tests: date parsing test was modified to work in 32-bit systems

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 5 18:59:25 2015 +0100

    certtool: in 32-bit systems use PRIu64 to print 64-bit values

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 5 18:56:34 2015 +0100

    certtool: exit when there is an overflow in parsing days

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 5 11:40:17 2015 +0100

    README: mention that openssl and polarssl will be used for interop testing

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 5 10:40:20 2015 +0100

    Revert "tests: increased the retries with datefudge cert generation"
    
    This reverts commit a381fd148d2e181e19aad9ab9a9c5993080ce869.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 5 10:40:10 2015 +0100

    Revert "tests: template-test: added a baseline check to detect slow systems"
    
    This reverts commit b7ef1265810ec55d0912db2e3fa4204d8c412377.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Mar 5 09:25:58 2015 +0100

    tests: template-test: added a baseline check to detect slow systems

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Mar 5 08:09:54 2015 +0100

    tests: increased the retries with datefudge cert generation
    
    There are slow systems that are not always capable of generating the
    certificate within a single second.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 4 23:25:56 2015 +0100

    add bison as a dependency

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 4 22:45:09 2015 +0100

    build documentation last
    
    That allows the examples to depend on libgnu_gpl.la

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 4 20:50:37 2015 +0100

    list unbound dependency for DANE

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 4 20:44:29 2015 +0100

    tests: removed dane hosts which don't behave well

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 4 20:37:32 2015 +0100

    updated instructions for installed packages

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 4 17:24:20 2015 +0100

    latex doc: updated copyright dates

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Mar 4 17:23:32 2015 +0100

    updated copyright date

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 4 14:59:58 2015 +0100

    use asn1_decode_simple_ber if available

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 4 11:25:30 2015 +0100

    corrected typo

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 4 10:47:30 2015 +0100

    mention libidn

Author: Ilya V. Matveychikov <i.matveychikov@securitycode.ru>
Date:   Wed Mar 4 03:25:42 2015 +0300

    asn1random.pl: generate simple tags only
    
    Do not emit tags with numbers greater than or equal 31 as they must be
    encoded an octet sequence (ref X.690-0207 # 8.1.2.4)
    
    Signed-off-by: Ilya V. Matveychikov <i.matveychikov@securitycode.ru>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 4 10:07:01 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Feb 20 22:24:23 2015 +0100

    tests: added checks for invalid X.509 certificate signatures

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 4 08:20:35 2015 +0100

    added the change of priority string NORMAL in documentation

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Mar 4 08:15:16 2015 +0100

    document the usage of a PKCS #11 trust module for verification

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 3 19:44:38 2015 +0100

    tests: updated the suite to account for the removal of DSA by default

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 3 18:52:22 2015 +0100

    tests: updated the suite to account for the removal of DSA by default

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Mar 3 18:51:22 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 3 17:44:00 2015 +0100

    cross-implementation test suite was relicensed to 3-clause BSD
    
    That way the suite can be used by projects with other licenses.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 3 09:34:26 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Mar 3 09:31:16 2015 +0100

    DSA signatures and DHE-DSS are disabled by default
    
    DSA was an algorithm that was never deployed on the Internet
    and had, until very recently, several limitations such as
    restriction of its keys to 1024 bits, SHA1-only etc. Given
    that there are literally 0 internet (HTTPS) certificates using
    DSA, there is no point to enable it by default and increase
    our attack surface.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Mar 2 08:12:28 2015 +0100

    gnutls-cli: include AES_128_CCM in benchmark-ciphers

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 28 12:55:09 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 28 12:22:10 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 28 09:43:16 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 28 09:33:12 2015 +0100

    bundle inet_ntop in systems that don't have it

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 27 16:31:50 2015 +0100

    updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 27 16:26:34 2015 +0100

    removed gnutls_pubkey_get_verify_algorithm from abstract.h

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Feb 26 13:03:35 2015 +0100

    corrected typo in gnutls_handshake(), spotted by Andris Mednis

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 24 10:28:26 2015 +0100

    doc update: document that session_get_data() must be used in non-resumed sessions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Feb 23 13:50:00 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 22 11:47:25 2015 +0100

    added comments

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Feb 22 11:39:49 2015 +0100

    Use p11_kit_uri_get_pin_value() if available in p11-kit

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 12:00:13 2015 +0100

    fixed handling of GNUTLS_E_INT_CHECK_AGAIN

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 11:50:40 2015 +0100

    removed unnecessary check and optimized function

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 11:46:13 2015 +0100

    corrected check which prevented client to sent an unacceptable for the version ciphersuite

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 11:40:50 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 11:38:49 2015 +0100

    tests: mini-key-material: avoid memory leak

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 11:35:04 2015 +0100

    tests: require DTLS 1.2 when using GCM

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 11:32:36 2015 +0100

    handle GNUTLS_E_INT_CHECK_AGAIN

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 11:28:57 2015 +0100

    check the negotiated TLS/DTLS version prior to offering a ciphersuite a server

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 10:57:14 2015 +0100

    remove unnecessary assert

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 10:53:25 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 10:51:49 2015 +0100

    tests: modified tests with obsolete APIs with their replacement API

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 07:35:21 2015 +0100

    doc: added deprecated functions into upgrade plan

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 07:35:01 2015 +0100

    tests: added checks for gnutls_x509_crt_get_signature_algorithm and gnutls_x509_crt_get_preferred_hash_algorithm

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 07:25:24 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 07:24:13 2015 +0100

    removed gnutls_pubkey_get_verify_algorithm() and unnecessary internal APIs

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 07:13:37 2015 +0100

    removed gnutls_x509_crt_get_verify_algorithm()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 21 07:07:54 2015 +0100

    removed gnutls_pubkey_verify_hash() and gnutls_pubkey_verify_data()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Feb 20 23:47:25 2015 +0100

    certtool: use unsigned for bits

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Feb 20 23:46:35 2015 +0100

    certtool/p11tool: avoid cast to function call

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Feb 20 23:42:47 2015 +0100

    certtool: allow specifying a purpose and a hostname for chain verification

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Feb 20 22:17:15 2015 +0100

    tests: added check for invalid X.509 certificate

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 20 17:09:57 2015 +0100

    tests: added check for gnutls_record_get_state()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 20 17:09:34 2015 +0100

    removed unused constants

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 20 16:58:41 2015 +0100

    memcpy fix in gnutls_record_get_state

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 20 16:23:33 2015 +0100

    removed ltmain.sh from root

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 20 11:18:45 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 20 11:16:44 2015 +0100

    Added gnutls_record_get_state() and gnutls_record_set_state()
    
    These functions allow to export the key material and sequence numbers.
    That allows offloading the sending and receiving of individual records.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 20 11:13:55 2015 +0100

    fixed sequence number copy

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 20 10:56:54 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Feb 20 10:56:35 2015 +0100

    gnutls_handshake_set_hook_function: will provide the raw handshake data

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 18 23:04:24 2015 +0100

    use explicit casts to unsigned int in the CURVE_TO_BITS et al

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 18 22:55:38 2015 +0100

    use cast in _gnutls_hash_fast

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Feb 17 14:20:10 2015 +0100

    when importing a certificate ensure that the signature parameters match

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Feb 14 18:02:01 2015 +0100

    Allow AESNI GCM accelaration in x86

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Feb 6 20:22:42 2015 +0100

    gnutls-cli: added --save-cert option

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Feb 5 05:39:13 2015 +0100

    added missing prototypes

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Feb 4 10:14:55 2015 +0100

    handle differently OCSP responses that are revoked and of unknown status

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Sun Feb 1 13:35:40 2015 +0100

    compilation fix with return on void function; reported by David Marx

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 29 14:31:08 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 29 14:21:18 2015 +0100

    set the appropriate direction when _gnutls_io_write_flush() is called

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 28 10:32:16 2015 +0100

    tests: added check for operation under different threads and DTLS

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 28 10:22:37 2015 +0100

    tests: added check for operation under different processes and DTLS

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 28 09:57:13 2015 +0100

    Revert "doc update"
    
    This reverts commit eabf1f27d255577bad60d302abf46a969848fcd7.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 28 09:56:56 2015 +0100

    Revert "Added gnutls_record_is_async()"
    
    This reverts commit 2232822aabe473d124f924d64ff52981d685fd41.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 28 09:56:21 2015 +0100

    documented using a session with fork or multiple threads

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 27 13:07:19 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 27 13:06:10 2015 +0100

    Added gnutls_record_is_async()
    
    That function indicates whether gnutls_record_recv() and
    gnutls_record_send() can be used independently and in
    parallel.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 25 10:17:06 2015 +0100

    print errno in a more uniform way

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 25 08:28:13 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 25 08:27:08 2015 +0100

    exported gnutls_system_recv_timeout()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 25 08:15:01 2015 +0100

    simplified _gnutls_writev() by requiring the total length

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 20 09:39:44 2015 +0100

    opencdk: small fixed to reduce warnings

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 19 15:36:22 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 19 15:32:09 2015 +0100

    don't be so verbose about the OCSP nonce; it is universally unsupported

Author: Tim Ruehsen <tim.ruehsen@gmx.de>
Date:   Sat Jan 17 14:32:35 2015 +0100

    OCSP check the whole cert chain
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 19 09:29:31 2015 +0100

    on certificate import check whether the two signature algorithms match

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 17 09:49:17 2015 +0100

    cross.mk: use 3.3.12

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 17 09:01:37 2015 +0100

    doc update

Author: Luke Dashjr <luke-jr+git@utopios.org>
Date:   Mon Jan 12 19:32:38 2015 +0000

    Added configure option --disable-tools

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 16 15:54:53 2015 +0100

    corrected typos
    
    Reported by Guido Kroon.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 16 14:16:58 2015 +0100

    Added the notion of obsolete versions
    
    That prevents using these versions as record version numbers, unless
    they are the only protocol supported. This avoids the issues with
    servers that have banned SSL 3.0 record versions.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 16 10:16:47 2015 +0100

    ocsptool: follow the documented process for gnutls_x509_crt_get_authority_info_access

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 16 10:15:08 2015 +0100

    gnutls_x509_crt_get_authority_info_access: doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 15 15:49:53 2015 +0100

    ocsptool-common: iterate through all AIA items prior to decidig the OCSP server

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Jan 14 08:11:17 2015 +0100

    use a FIPS key that agree's with fedora's fipshmac

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Jan 14 22:51:55 2015 +0100

    DCO: Added Luke Dashjr

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 13 22:47:59 2015 +0100

    simplified text for inline-commands-prefix

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Jan 12 23:14:35 2015 +0100

    gnutls-cli: added --starttls-proto option

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 12 17:28:50 2015 +0100

    pkcs11: cleanup the name of types

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 12 17:19:48 2015 +0100

    tests: updates in softhsm detection

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 12 17:12:56 2015 +0100

    pkcs11: when importing a public key, import it's data as well (version 2 fix)

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 12 17:02:03 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 12 11:50:53 2015 +0100

    testpkcs11: do not ignore the failure to write a trusted CA

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 12 11:17:24 2015 +0100

    removed gnutls_pubkey_get_pk_* from the exported function list

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 12 10:33:21 2015 +0100

    tests: key-import-export: enhanced to test gnutls_pubkey_*_ecc_x962

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 12 10:32:13 2015 +0100

    gnutls_pubkey_t: allow the import of another parameter set without a leak

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 12 10:19:47 2015 +0100

    removed ABI-compatibility functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Jan 9 13:59:34 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 11 22:41:01 2015 +0100

    testpkcs11: modified to support both softhsmv1 and v2

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 11 22:15:10 2015 +0100

    pkcs11: when importing a public key, import it's data as well

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 11 18:00:38 2015 +0100

    tests: enhanced key-import-export to check output of pubkeys

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 11 16:25:01 2015 +0100

    tests: eliminated leaks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 11 16:16:49 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 11 16:06:26 2015 +0100

    tests: added checks for private key import/export functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 10 21:56:21 2015 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 10 12:13:29 2015 +0100

    tests: Added test case for openpgp keys loaded by callback

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 10 12:12:25 2015 +0100

    When setting up TLS with cert-type OpenPGP from a client,
    the server verifies if it supports the extension’s contents
    in _gnutls_session_cert_type_supported().  This function
    checks for cred->get_cert_callback but not cred->get_cert_callback2.
    As a result, servers setup for OpenPGP certificate credential
    callback with gnutls_certificate_set_retrieve_function2() are
    unable to use the OpenPGP certificate type.
    
    The solution is to consider cred->get_cert_callback2 alongside
    cred->get_cert_callback in _gnutls_session_cert_type_supported().
    
    Patch by Rick van Rein.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Jan 10 11:56:48 2015 +0100

    gnutls_privkey_import_openpgp_raw: do not release the cached value

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Jan 8 10:18:07 2015 +0100

    guile: Call 'load-extension' both during expansion and at run time.
    
    Fixes <https://bugzilla.redhat.com/show_bug.cgi?id=1177847>.
    
    * guile/modules/gnutls.in: Wrap '%libdir' definition and
      'load-extension' call in 'eval-when'.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 8 09:35:59 2015 +0100

    When receiving a TLS record with multiple handshake packets, parse them in one go
    
    That resolves:
    https://savannah.gnu.org/support/?108712

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Jan 8 09:25:15 2015 +0100

    tests: updated mini-dtls-record-asym

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 6 21:36:33 2015 +0100

    tests: better documentation of mini-dtls-record-asym purpose

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 6 21:27:14 2015 +0100

    tests: moved udp_socketpair to utils

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Jan 6 21:22:02 2015 +0100

    tests: corrected asymmetric MTU test for DTLS and added caching

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 6 17:32:44 2015 +0100

    Added test case for DTLS handshake packet reconstruction when it exceeds MTU
    
    https://savannah.gnu.org/support/?108712

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 6 17:18:57 2015 +0100

    simplified _gnutls_dgram_read()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 6 13:39:19 2015 +0100

    danetool: only compile when dane is enabled

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 6 10:17:14 2015 +0100

    in DTLS don't combine multiple packets which exceed MTU
    
    Resolves: https://savannah.gnu.org/support/?108715

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 6 10:01:47 2015 +0100

    Added more precise check of push functions availability

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 6 09:59:33 2015 +0100

    Revert "in DTLS don't use writev() when multiple packets which exceed MTU are queued"
    
    This reverts commit 43082a67c7514d65301d157fb567a133138a85ab.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Jan 6 09:59:25 2015 +0100

    Revert "Give precedence to vector push function"
    
    This reverts commit cb4ea413569803cbbf291abb27d30d14bfa971c5.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 5 15:08:28 2015 +0100

    Give precedence to vector push function

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 5 15:08:28 2015 +0100

    in DTLS don't use writev() when multiple packets which exceed MTU are queued
    
    That change requires the system_write() to be registered unconditionally,
    even when writev() is available.
    Resolves: https://savannah.gnu.org/support/?108715

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 5 16:28:58 2015 +0100

    tests: added check to ensure that DTLS handshake packets will not exceed MTU

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 5 16:21:57 2015 +0100

    certtool: warn when setting a certificate's expiration longer than the CA's expiration

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 5 15:01:22 2015 +0100

    testpkcs11: detect softhsm2

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Jan 5 14:40:51 2015 +0100

    tests: account for disabling of ARCFOUR where needed

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 4 23:19:33 2015 +0100

    certtool: modified check for READ_NUMERIC

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 4 22:46:16 2015 +0100

    certtool: use 64-bit type for CRL serial number

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 4 22:43:00 2015 +0100

    certtool: check for overflows when reading serial numbers

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 4 20:44:21 2015 +0100

    certtool: use int64_t as type for integers read

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 4 20:30:39 2015 +0100

    gnutls-cli-debug: more precise handling of SMTP protocol
    
    Patch by Andreas Metzler.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Jan 4 11:11:51 2015 +0100

    updated gnulib

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Jan 2 12:49:55 2015 +0200

    gnutls-cli-debug: corrected the skip of ignored checks

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 22:50:17 2014 +0200

    use explicit casts in the dummy ip conversion functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 22:41:24 2014 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 22:40:55 2014 +0200

    ARCFOUR-128 is disabled by default

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 22:38:51 2014 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 16:53:57 2014 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 12:48:06 2014 +0200

    system-keys-win: use LoadLibraryA to load ncrypt.dll

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 12:23:04 2014 +0200

    Updated abi-compliance-checker for 3.4 API

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 12:17:51 2014 +0200

    updated export symbols list (due to ABI breakage)

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 12:15:16 2014 +0200

    doc: updated auto-generated files

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 12:09:41 2014 +0200

    generate manpages for urls.h and system-keys.h

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 12:07:37 2014 +0200

    tests: added check for gnutls_x509_trust_list_get_issuer_by_dn()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 12:00:11 2014 +0200

    updated libgnutls.map for new functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 11:49:40 2014 +0200

    doc: updated auto-generated files and added urls.h

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 11:17:55 2014 +0200

    tests: added checks for the new --key-id and --fingerprint certtool options

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 11:11:40 2014 +0200

    certtool: Added --fingerprint and --key-id options

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 10:00:11 2014 +0200

    certtool: --pubkey-info will load a public key from stdin

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 09:40:03 2014 +0200

    include netinet/in.h if present to access ipv6 related structures
    
    Based on patch by Rumko.
    https://savannah.gnu.org/support/?108713

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 09:34:24 2014 +0200

    VERS-ALL adds all protocols if used with '+'

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 09:14:15 2014 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 09:04:27 2014 +0200

    priority strings VERS-TLS-ALL and VERS-DTLS-ALL are restricted to the corresponding protocols
    
    That introduces VERS-ALL which behaves as VERS-TLS-ALL previously.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 31 08:49:13 2014 +0200

    gnutls.h: made DTLS protocol version numbering distinct

Author: Matthias-Christian Ott <ott@mirix.org>
Date:   Tue Dec 30 11:58:43 2014 +0200

    Don't call _gnutls_cipher_encrypt2 with textlen = 0 in _gnutls_auth_cipher_encrypt2_tag
    
    If the plaintext is shorter than the block size of the used cipher,
    _gnutls_auth_cipher_encrypt2_tag calls _gnutls_cipher_encrypt2 with
    textlen = 0. By definition _gnutls_cipher_encrypt2 does nothing in this
    case and thus does not need to be called.

Author: Matthias-Christian Ott <ott@mirix.org>
Date:   Tue Dec 30 11:57:36 2014 +0200

    Handle zero length plaintext for VIA PadLock functions
    
    If the plaintext is shorter than the block size of the used cipher,
    _gnutls_auth_cipher_encrypt2_tag calls _gnutls_cipher_encrypt2 with
    textlen = 0. padlock_ecb_encrypt and padlock_cbc_encrypt assume that the
    plaintext length (last parameter) is greater than zero and segfault
    otherwise. The assembler code for both functions is automatically
    generated and imported from OpenSSL, so to ease maintenance the length
    should be validated in the functions that call padlock_ecb_encrypt or
    padlock_cbc_encrypt.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 28 13:29:57 2014 +0200

    use backslashes in windows path

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 28 11:14:47 2014 +0200

    tests: enhanced openpgp-keyring test

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 28 11:13:10 2014 +0200

    openpgp: properly print names in oneline output as well

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 28 11:11:18 2014 +0200

    updates in openpgp DSA key printing

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 28 10:59:23 2014 +0200

    properly print openpgp names

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 28 10:47:37 2014 +0200

    opencdk: print all warnings on compilation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 28 10:47:20 2014 +0200

    opencdk: eliminated warning from armor.c

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 28 10:45:30 2014 +0200

    removed cache support for opencdk's keydb
    
    It's implementation looked buggy.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 27 22:41:53 2014 +0200

    updated guile comments

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 25 00:16:17 2014 +0200

    tools: use OCSP functions only when OCSP is enabled

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 24 19:08:54 2014 +0200

    Corrected encoding and decoding of ANSI X9.62
    
    That affects gnutls_pubkey_export_ecc_x962() and
    gnutls_pubkey_import_ecc_x962().

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 24 18:34:04 2014 +0200

    tools: document the available curves

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 24 08:54:19 2014 +0200

    PKCS #11 tests: ported to softhsmv2
    
    The C programs still rely on softhsmv1 since there
    are issues with softhsmv2 and CKA_TRUSTED.
    https://bugzilla.redhat.com/show_bug.cgi?id=1177086

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 23 18:33:22 2014 +0200

    updated documentation of gnutls_memcmp()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 23 13:41:35 2014 +0200

    use everywhere the new name of gnutls_x509_crt_import_pkcs11_url

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 23 13:29:13 2014 +0200

    better cleanup in gnutls_pkcs11_privkey_import_url and allow reuse

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 23 12:54:23 2014 +0200

    completely separated the two gnulibs to avoid conflicts

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 23 12:40:17 2014 +0200

    updated gnulib

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 23 12:28:03 2014 +0200

    dropped the sanitize URL approach

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 23 12:24:35 2014 +0200

    Instead of sanitizing URLs, use hints to support incomplete PKCS#11 URIs

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 23 12:04:45 2014 +0200

    gnutls_x509_crt_import_url replaces gnutls_x509_crt_import_pkcs11_url

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 23 08:52:24 2014 +0200

    use p11_kit_uri_get_pin_source instead of p11_kit_uri_get_pinfile

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 22 12:16:05 2014 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 22 11:59:41 2014 +0200

    ex-pkcs11-list.c: updated for new API

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 22 11:43:49 2014 +0200

    combined gnutls_pkcs11_obj_attr_t with gnutls_pkcs11_obj_flags
    
    That was done in an API-backwards compatible way. That
    introduces gnutls_pkcs11_obj_list_import_url3() and
    gnutls_pkcs11_obj_list_import_url4().

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 21 20:33:22 2014 +0200

    first attempt to unify obj_attrs with obj_flags

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 21 19:33:53 2014 +0200

    tests: pkcs11-is-known checks whether the import of PKCS #11 objects as trusted certs works

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 21 13:16:17 2014 +0200

    Added softhsm.h to share code in softhsm detection

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Dec 21 13:00:53 2014 +0200

    Directly import PKCS #11 object URLs as trusted certificates
    
    That is, don't treat them as trusted modules, because they aren't
    a token URL, but rather a direct reference to specific objects.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 20 20:37:35 2014 +0200

    PSK: added sanity check on PSK key size set

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 19 12:56:11 2014 +0200

    gnutls-cli-debug: removed ARCFOUR-40 from the ciphers to use
    
    It is no longer supported.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 19 12:07:17 2014 +0200

    _gnutls_buffer_append_data returns zero on success

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 19 10:40:58 2014 +0200

    corrected documentation for the cork/uncork functions
    
    Reported by Jaak Ristioja.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 19 10:35:10 2014 +0200

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 19 10:25:40 2014 +0200

    Added more precise version check in _gnutls_version_lowest

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 19 08:56:44 2014 +0200

    corrected documentation of gnutls_cork()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 17 14:50:52 2014 +0200

    Added 32-bit overflow protection in _gnutls_buffer_append_data()

Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date:   Wed Dec 17 13:55:10 2014 +0200

    Remove redundant condition in align_allocd_with_data().
    
    At all call-sites of align_allocd_with_data() dest->data is non-NULL.
    
    Signed-off-by: Jaak Ristioja <jaak.ristioja@cyber.ee>

Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date:   Wed Dec 17 13:55:09 2014 +0200

    Deduplicated some code in _gnutls_buffer_append_data().
    
    Signed-off-by: Jaak Ristioja <jaak.ristioja@cyber.ee>

Author: Jaak Ristioja <jaak.ristioja@cyber.ee>
Date:   Wed Dec 17 13:55:07 2014 +0200

    Explicitly marked some variables const in _gnutls_buffer_append_data().
    
    Signed-off-by: Jaak Ristioja <jaak.ristioja@cyber.ee>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Dec 17 14:37:31 2014 +0200

    DCO: added Jaak Ristioja

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 16 22:36:17 2014 +0200

    test-ciphers: do not fail on processor which don't have the AES-NI instructions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 16 15:39:24 2014 +0100

    _gnutls_buffer_*: moved common operations to function

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Dec 16 15:35:10 2014 +0100

    _gnutls_buffer_append_data: moved common code outside the if-clause

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 12 18:42:04 2014 +0100

    tests: disable SSL 3.0 checks with polarssl
    
    It seems that SSL 3.0 is disabled in Debian's polarssl.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 12 18:41:50 2014 +0100

    testdane: removed www.vulcano.cl from good hosts

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 4 14:26:05 2014 +0100

    tests: enhanced x509cert-tl
    
    Verify gnutls_x509_trust_list_verify_crt2() in combination with
    gnutls_x509_trust_list_add_named_crt().

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 4 14:21:46 2014 +0100

    use gnutls_x509_trust_list_verify_named_crt in gnutls_x509_trust_list_verify_crt2

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Fri Dec 12 14:24:14 2014 +0100

    Update 'NEWS'.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 12 09:35:29 2014 +0100

    gnutls_rnd: doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 12 08:48:24 2014 +0100

    gnutls_pkcs12_simple_parse: doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 12 08:26:53 2014 +0100

    improved documentation on dane

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Dec 11 19:06:18 2014 +0100

    guile: Open binary file in binary mode, for the sake of MinGW.
    
    Reported by Eli Zaretskii <eliz@gnu.org>.
    
    * guile/tests/openpgp-keyring.scm: Use 'open-file' with "rb" instead of
      'open-input-file'.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Dec 11 19:04:17 2014 +0100

    guile: Link with '-no-undefined'.
    
    Fixes builds on MinGW.
    Reported by Eli Zaretskii <eliz@gnu.org>.
    
    * guile/src/Makefile.am (guile_gnutls_v_2_la_LDFLAGS): Add
      -no-undefined.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 11 19:03:28 2014 +0100

    p11tool: use Sleep() in windows

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 11 19:01:16 2014 +0100

    certtool: ensure that default_serial_int is 64-bits or more

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 11 18:59:27 2014 +0100

    use select() instead of alarm for better portability
    
    Based on patch by Eli Zaretskii.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 11 18:53:21 2014 +0100

    cross.mk: updated for 3.3.11

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 11 10:15:54 2014 +0100

    Allow a random generator with the same priority to re-register
    
    That corrects an issue where the library is deinitialized, and
    reinitialization wouldn't register the same rnd module.
    Reported by Stanislav Zidek.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 11 09:27:58 2014 +0100

    tests: x509cert: verify that length returned from gnutls_x509_crt_get_dn matches strlen

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Dec 11 06:08:33 2014 +0100

    testcompat: corrected usage of null cipher

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 10 15:40:49 2014 +0100

    added the .check function in FIPS140-2 code

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Dec 8 23:30:07 2014 +0100

    corrected typo

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 6 10:48:52 2014 +0100

    configure: added option --without-idn

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 6 10:46:24 2014 +0100

    accelerated: added required casts

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 6 10:40:48 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 6 10:40:09 2014 +0100

    the priority string EXPORT is no more

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 6 10:27:00 2014 +0100

    aesni-ccm: removed unused struct entries

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 6 09:41:08 2014 +0100

    added AESNI accelerated CCM

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Dec 6 09:33:20 2014 +0100

    more nettle3 related changes

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 5 19:58:42 2014 +0100

    dane: use the new _gnutls_buffer_to_datum

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 5 10:36:34 2014 +0100

    tests: corrected the expected lengths in ocsp

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 5 10:31:41 2014 +0100

    _gnutls_buffer_to_datum: includes code for exporting strings

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 5 10:04:50 2014 +0100

    when the trusted list contains a non-CA certificate warn via the audit log

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 5 09:52:40 2014 +0100

    modified the CCM ciphersuite's name to match the one in the IANA registry

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 5 09:52:14 2014 +0100

    ciphersuite test: enhanced check for correct ciphersuites

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Dec 5 09:35:46 2014 +0100

    ciphersuites tests: add missing includes

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Dec 5 09:00:04 2014 +0100

    ciphersuite tests: define HAVE_CONFIG_H

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Dec 4 22:15:57 2014 +0100

    guile: Build with warnings.
    
    * guile/src/Makefile.am (AM_CFLAGS) [HAVE_GCC]: Add -Wall -Wextra
      -Wno-unused-parameter.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Dec 4 22:14:57 2014 +0100

    guile: Remove the deprecated priority API.
    
    * guile/modules/gnutls/build/priorities.scm: Remove.
    * guile/src/make-session-priorities.scm: Remove.
    * guile/modules/Makefile.am (EXTRA_DIST): Adjust accordingly.
    * guile/src/Makefile.am (EXTRA_DIST): Likewise.
      (GENERATED_BINDINGS): Remove 'priorities.i.c'.
      (priorities.i.c): Remove target.
    * guile/src/core.c: Don't include it.
      (scm_gnutls_set_default_priority_x): Remove.
    * guile/modules/gnutls.in (gnutls): Adjust export list.
    * guile/tests/session-record-port.scm: Use 'set-session-priorities!'.
    * guile/tests/x509-auth.scm: Likewise.

Author: Ludovic Courtès <ludo@gnu.org>
Date:   Thu Dec 4 22:15:16 2014 +0100

    guile: Remove RSA parameters and related procedures.
    
    * guile/modules/gnutls/build/smobs.scm (%rsa-parameters-smob): Remove.
      (%gnutls-smobs): Remove it.
    * guile/src/core.c (scm_gnutls_make_rsa_parameters,
      scm_gnutls_pkcs1_import_rsa_parameters,
      scm_gnutls_pkcs1_export_rsa_parameters,
      scm_gnutls_set_certificate_credentials_rsa_export_params_x): Remove.
    * guile/modules/gnutls.in: Adjust export list.
    * guile/tests/openpgp-auth.scm (import-rsa-params): Remove.
      Remove references to it and to
      'set-certificate-credentials-rsa-export-parameters!'.
    * guile/tests/x509-auth.scm: Likewise.
    * doc/gnutls-guile.texi (Representation of Binary Data): Remove
      references to RSA parameters.  Adjust example accordingly.
      (OpenPGP Authentication Guile Example): Likewise.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 4 16:05:58 2014 +0100

    updated TODO list

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Dec 4 14:39:03 2014 +0100

    removed several of the unneeded exported internal symbols

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 10:53:25 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 10:39:51 2014 +0100

    doc: corrected typo

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 28 20:21:52 2014 +0100

    use unsigned long in gcm_cast_st

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 26 15:43:55 2014 +0100

    corrected issue in AES-256-GCM

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 26 15:20:07 2014 +0100

    tests: enhanced cipher check to include all ciphers.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 26 14:56:27 2014 +0100

    simplified abstractions over nettle based on Niels' comments.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 26 11:21:29 2014 +0100

    API doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 26 11:20:26 2014 +0100

    Added test vectors for CCM mode

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 26 10:27:23 2014 +0100

    CCM: corrected AEAD decryption

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Nov 25 20:27:05 2014 +0100

    CCM mode moved to the lowest priority

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Nov 25 19:42:10 2014 +0100

    aes-gcm-aead.h: generalized

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 25 17:57:15 2014 +0100

    gnutls-cli: added benchmark for CCM

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 25 17:46:55 2014 +0100

    tests: updated for AES-128-CCM ciphersuites

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 25 17:27:03 2014 +0100

    use the new AEAD API in gnutls_cipher.c

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 25 17:04:25 2014 +0100

    Added definitions for CCM ciphersuites

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 24 16:02:25 2014 +0100

    Modified crypto backend to accomodate for the CCM ciphersuites

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 24 10:54:55 2014 +0100

    More nettle2 updates (in FIPS140-2 mode)

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 22:58:41 2014 +0100

    ported to nettle 3.0

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 10:10:05 2014 +0100

    reduced current soversion

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 10:06:32 2014 +0100

    documented the removal of deprecated functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 09:53:52 2014 +0100

    corrected comparison

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 09:49:24 2014 +0100

    removed the old gnutls_retr_st compatibility functions

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 09:45:19 2014 +0100

    Removed binary compatibility with RSA-EXPORT using applications

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 09:41:33 2014 +0100

    removed the old priority functions
    
    That is:
    gnutls_cipher_set_priority
    gnutls_mac_set_priority
    gnutls_compression_set_priority
    gnutls_kx_set_priority
    gnutls_protocol_set_priority
    gnutls_certificate_type_set_priority

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 09:37:55 2014 +0100

    removed gnutls_x509_crt_verify_hash() and gnutls_x509_crt_verify_data()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 09:35:26 2014 +0100

    gnutls_sign_callback_set() and gnutls_sign_callback_get() were removed

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 09:32:21 2014 +0100

    renumbered fields in gnutls.h

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Dec 3 09:28:10 2014 +0100

    increased gnutls' soversion

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Dec 2 10:50:45 2014 +0100

    if the rnd structure doesn't provide check, _gnutls_rnd_check() will succeed

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 30 22:17:31 2014 +0100

    tests: Added check for verification using CRLs

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 30 21:44:10 2014 +0100

    Reorganized, and eliminated memory leak in _gnutls_x509_crt_check_revocation()
    
    Reported by Tim Rühsen.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 29 15:27:34 2014 +0100

    systemkey: updated for new gnutls_system_key_iter_get_info

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 28 16:16:19 2014 +0100

    gnutls_system_key_iter_get_info() allows restricting results to a specific certificate type

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 28 16:12:31 2014 +0100

    removed unneeded variable

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 28 14:39:58 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 28 13:18:49 2014 +0100

    doc: added recommendation to use the higher level functions to load keys

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 28 10:40:34 2014 +0100

    certtool: avoid gcc warnings

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 25 11:47:56 2014 +0100

    gnutls-cli-debug: Added check for whether %NO_EXTENSIONS is required

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 28 10:32:22 2014 +0100

    gnutls_session_get_desc: allow proper printing of the NULL KX

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 28 09:30:04 2014 +0100

    gnutls_session_get_desc will return NULL if initial negotiation is not complete

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Nov 27 23:17:29 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Nov 27 23:16:04 2014 +0100

    tests: small fix in mini-chain-unsorted

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Nov 27 22:39:08 2014 +0100

    GNUTLS_E_CERTIFICATE_LIST_UNSORTED can be returned from gnutls_pcert_import_x509_list
    
    That is when it cannot sort the list and GNUTLS_X509_CRT_LIST_SORT is specified.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 27 16:28:10 2014 +0100

    gnutls_pcert_import_x509_list: only sort the lists it can sort

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 27 16:12:33 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 27 16:10:44 2014 +0100

    simplified windows URLs

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 27 16:08:46 2014 +0100

    system-keys-win: include urls.h

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 27 16:06:46 2014 +0100

    tests: added mini-chain-unsorted

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 27 15:06:11 2014 +0100

    Added flag GNUTLS_X509_CRT_LIST_SORT for gnutls_x509_crt_list_import*
    
    That also allows automatically sorting input chains to the
    gnutls_certificate_credentials_t structure.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Nov 25 21:53:03 2014 +0100

    tests: Added check for memory leaks when a file cannot be loaded.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Nov 25 21:52:23 2014 +0100

    gnutls_certificate_set_x509_key_*: eliminated memory leak when certificate could not be parsed
    
    Reported by Georg Richter.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue Nov 25 20:33:15 2014 +0100

    libdane: undef gnutls_assert() before redefining it

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 24 22:39:23 2014 +0100

    gnutls-cli-debug: do not print error on unknown protocols

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 24 20:22:35 2014 +0100

    tests: added leak check for gnutls_set_x509_key_mem2()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 24 19:16:42 2014 +0100

    documented the limitations of the loading functions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 24 18:54:28 2014 +0100

    corrected memleak in read_key_mem()
    
    Patch by Georg Richter.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 24 13:27:09 2014 +0100

    gnutls-cli-debug: Added check for sorted certificate chain

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 24 10:40:24 2014 +0100

    do not allow the resumption of a session which switches the state of ext_master_secret

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 22:23:55 2014 +0100

    tests: run rfc2253-escape-test under valgrind

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 19:43:44 2014 +0100

    tests: enhanced custom-url check

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 19:43:01 2014 +0100

    sanitize URLs at the proper place

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 19:42:43 2014 +0100

    corrected freeing of custom URL

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 13:03:50 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 12:43:27 2014 +0100

    Added memxor_different_alignment into suppressions

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 12:36:22 2014 +0100

    Allow the construction of chains with custom URLs

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 11:04:47 2014 +0100

    updated ignored files

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 11:04:15 2014 +0100

    renamed systemkey-tool to systemkey, and don't install it by default

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 10:51:30 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 10:49:59 2014 +0100

    tests: added check for registration of custom URLs

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 10:49:32 2014 +0100

    export gnutls_register_custom_url

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 10:48:56 2014 +0100

    correctly handle non-pkcs11 URLs in read_cert_url

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 09:30:29 2014 +0100

    more files to ignore

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 09:11:38 2014 +0100

    Added the ability to register application specific URLs for keys and certs

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 23 08:47:41 2014 +0100

    system-keys-win: use macros for the URL

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 22 10:49:52 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 21 20:42:21 2014 +0100

    tests: added test for GNUTLS_E_GOT_APPLICATION_DATA on rehandshake

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 21 20:18:08 2014 +0100

    treat GNUTLS_E_GOT_APPLICATION_DATA as non-fatal if initial negotiation is complete
    
    This corrects a regression introduced in b5a0de2e6da98866cafb770c3141b7353d030ab2
    Reported by Dan Winship. https://savannah.gnu.org/support/?108690

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 21 16:48:45 2014 +0100

    removed old news

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 21 16:10:33 2014 +0100

    The record version in the client Hello will be set to the lowest supported protocol
    
    There should have been no harm in keeping it SSL 3.0 but
    unfortunately in draft-thomson-sslv3-diediedie-00
    it has been marked as MUST NOT do that. That will be fixed in a later
    revision but since then there are servers not accepting SSL 3.0
    as a valid record version (note that this is about the record
    version, which describes the format of the packet, nothing to
    do with the negotiated version).

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 21 15:41:25 2014 +0100

    Revert "The priority modifier %LATEST_RECORD_VERSION is now the default"
    
    This reverts commit 66c419cc6336ea9a2747574588ffee77458b838f.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 21 15:02:40 2014 +0100

    deinitialize the OCSP response der data
    
    That also makes sure that reinitialization of ASN1 structures
    are done when it is required only.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 21 14:48:50 2014 +0100

    gnutls_priority_string_list: allow printing the special keywords as well.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 21 14:18:15 2014 +0100

    simplified code involving getrandom() and getentropy()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 20 10:36:23 2014 +0100

    configure: detect android system and define a variable

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 20 10:35:26 2014 +0100

    separated system-keys implementations

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Nov 20 22:52:43 2014 +0100

    removed redundant local

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Nov 20 00:15:02 2014 +0100

    tests: added check for the abbreviated URLs which don't contain object information

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Nov 20 00:13:45 2014 +0100

    prior to importing objects with URLs sanitize them
    
    That allows to use out of band information to complete missing
    parts in URLs (e.g., object-type=cert, when there is a certificate).

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Nov 19 23:53:50 2014 +0100

    compilation fixes

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 19 11:28:38 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 7 16:14:08 2014 +0100

    Added API to read/write/delete key-cert pairs (limited to windows for now)

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 17 20:26:26 2014 +0100

    NORMAL priority: prioritize the less than 256-bits curves at the lowest level

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 17 18:21:48 2014 +0100

    certtool: Allow to set the nonRepudiation, keyAgreement and dataEncipherment flags

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon Nov 17 18:09:36 2014 +0100

    list the OIDs in the certtool cfg file documentation

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Nov 16 18:27:01 2014 +0100

    properly reset the zombie mode in FIPS mode
    
    This amends 9158f590f4a18c84fc9eb41877b29d73b30af879

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 15 10:06:12 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 14 22:17:42 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 14 22:16:09 2014 +0100

    partially reverted 999d221fd2241ff73f884bf33d8cbe6eb8299184
    
    That change allows to use the intermediate certificates in chains
    as OCSP anchors.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 14 21:21:53 2014 +0100

    certtool: print message when the system trust is used

Author: David Weber <dave@veryflatcat.com>
Date:   Fri Nov 14 14:49:24 2014 +0200

    Fixed SRTP profile configuration in cli.c and serv.c.
    
    I have tested the fix in 3.3.10. This commit is UNTESTED as i am unable
    to compile gnutls (./configure complains about gl_INIT and ggl_INIT).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 14 20:13:36 2014 +0100

    tests: ocsp: added the signature in check

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 14 20:10:06 2014 +0100

    only print about additional certificates if they are present

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 14 17:22:07 2014 +0100

    ocsp: fix DN decoding in gnutls_ocsp_resp_get_responder_raw_id

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 14 11:42:42 2014 +0100

    tests: ocsp: added check with a long response

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 14 16:17:58 2014 +0100

    use the original DER/BER data when verifying an OCSP response

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 14 11:55:21 2014 +0100

    _pkcs1_rsa_verify_sig() simplify hashing

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 14 11:42:15 2014 +0100

    ocsp: eliminated duplicate code

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 14 11:05:18 2014 +0100

    clarified the multiple paths printing of the verify options

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 14 10:53:31 2014 +0100

    gnutls-cli: allow printing the certificates in OCSP responses when --print-cert is specified

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 14 10:47:55 2014 +0100

    updated OCSP verification code to better use the trust list, and the KeyHash

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 14 09:34:13 2014 +0100

    OCSP printing: Add header in front of certificates

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 14 09:32:40 2014 +0100

    added gnutls_pkcs11_get_raw_issuer_by_dn and gnutls_x509_trust_list_get_issuer_by_dn

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 14 07:57:19 2014 +0100

    gnutls-cli-debug: check for OCSP status response

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 14 07:45:49 2014 +0100

    corrected crq test case; reported by Andreas Metzler

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu Nov 13 20:56:27 2014 +0100

    set the GNUTLS_PIN_CONTEXT_SPECIFIC flag on PIN callback

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 16:31:21 2014 +0100

    replaced gnutls_ocsp_resp_get_responder_by_key with gnutls_ocsp_resp_get_responder_raw_id
    
    In addition reverted gnutls_ocsp_resp_get_responder() to the old
    buggy behavior of returning 0 if the element was missing.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 16:05:44 2014 +0100

    certtool: make sure that GNUTLS_PKCS_PLAIN is set when no password should be asked

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 16:05:21 2014 +0100

    gnutls_x509_privkey_import2: will not use a callback if GNUTLS_PKCS_PLAIN is specified

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 15:55:50 2014 +0100

    the FIPS140-2 testing mode is disabled after self-checks

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 15:50:05 2014 +0100

    updated OCSP tests to account for the new key ID

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 15:43:04 2014 +0100

    doc update and gnutls_ocsp_resp_get_responder() will always initialized output data

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 15:38:34 2014 +0100

    _rnd_get_event: use memset to avoid valgrind complaints

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 15:34:23 2014 +0100

    gnutls-cli: print the OCSP response in verbose mode

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 15:30:55 2014 +0100

    corrected documentation of OCSP response verification

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 14:39:41 2014 +0100

    Added gnutls_ocsp_resp_get_responder_by_key()

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 14:39:07 2014 +0100

    dn parsing: return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when DN is not available

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 14:12:15 2014 +0100

    gnutls-cli: added option to save the OCSP response

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 12:06:32 2014 +0100

    added the notion of preferred sign algorithm in a private key
    
    This can be set for keys imported with gnutls_privkey_import_ext3()
    with the info callback. It is only considered for client side keys
    in TLS sessions.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 10:18:03 2014 +0100

    Added priority string %NO_SESSION_HASH to prevent advertising the extended master secret extension

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 10:06:51 2014 +0100

    certificate status requestion response is optional according to RFC6066

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 09:52:43 2014 +0100

    Added flag GNUTLS_OCSP_SR_IS_AVAIL for gnutls_ocsp_status_request_is_checked

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 09:27:38 2014 +0100

    rnd: removed the packed attribute from event_st
    
    That prevents a SIGBUS on solaris sparc systems.
    Reported by Thomas Thorberger.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 09:18:31 2014 +0100

    The priority modifier %LATEST_RECORD_VERSION is now the default
    
    This works-around issue with servers that forbit the SSL 3.0
    version number from the first packet of the record protocol.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu Nov 13 09:16:29 2014 +0100

    added check for servers that disallow the SSL 3.0 record version

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed Nov 12 19:44:18 2014 +0100

    gnutls-cli: print whether status request has been checked

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 12 16:14:55 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Nov 12 15:44:53 2014 +0100

    Enable PIN support to gnutls_x509_privkey_t

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 11 15:16:12 2014 +0100

    _gnutls_ucs2_to_utf8() can handle little endian strings.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 11 11:25:57 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 11 11:25:44 2014 +0100

    Added gnutls_memcmp() and exported it.

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 11 10:47:56 2014 +0100

    indentation fix

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue Nov 11 10:40:21 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Nov 7 16:05:10 2014 +0100

    added gnutls_pkcs12_bag_set_privkey()
    
    Conflicts:
            lib/libgnutls.map

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 10 12:59:39 2014 +0100

    dropped unused copy_func

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Nov 10 11:38:58 2014 +0100

    silence warning

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 31 10:08:00 2014 +0100

    Added check with the invalid crq sent by Sean Burford

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri Oct 31 10:00:32 2014 +0100

    when exporting curve coordinates to X9.63 format, perform additional sanity checks on input
    
    Reported by Sean Burford.

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 8 09:06:36 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 8 08:38:44 2014 +0100

    doc update

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 8 08:36:16 2014 +0100

    exported gnutls_memset()

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Nov 8 08:35:01 2014 +0100

    doc: updated text on session tickets

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri Nov 7 21:46:58 2014 +0100

    tools: include arpa/inet.h in socket.c
