[SCM] GNU gnutls annotated tag, gnutls_2_99_3, created. gnutls_2_99_3

[Nikos Mavrogiannopoulos]

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=5e509953809b2e9fe2d91831e08a1642e3280046

The annotated tag, gnutls_2_99_3 has been created
        at  5e509953809b2e9fe2d91831e08a1642e3280046 (tag)
   tagging  06eaa93dc23fdb92113420cd4dd473636d12f21e (commit)
  replaces  gnutls_2_99_2
 tagged by  Nikos Mavrogiannopoulos
        on  Sat Jun 18 21:23:59 2011 +0200

- Log -----------------------------------------------------------------
released 2.99.3
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJN/PtUAAoJEJ1eqvaQE7hCtAkIALMB9o78sqmyFKScSwR7levp
I2+msNRhyL/rwhOM2EUlUShRdmm5Azgt7NBlBq2Jl0+HAU6cNYxa+c328Nor6bOz
wSPCrD4k4Hi/rBMbKgBXOsMWWQnxJLH+8rd6BfqV0c1+Apr/XU42txZVcuYaijPR
VXrzmx9wo0TTfcggx/CGMAgDVZ71EPC8d4e9AtFxfB3gvJ5nqSfpttBaRm48EZPW
HD3RfXPVGseoin0AKuPVAzup4a9mRjsEn9hmdc+JoseOJMH+qu/pGOcryul4zl5Y
FZQPtrS8WmQBJJFqR7+3YPZfUTcABfwh0qcN6zbswdo2iZZft5i1G6gAXcbJeD8=
=TsXh
-----END PGP SIGNATURE-----

Nikos Mavrogiannopoulos (97):
      reorganization and added section on parameter generation.
      reorganization. Removed guile bindings.
      guile bindings added as a separate document.
      Do not list all licenses in the manual of gnutls. Just the license of the 
manual is enough.
      ignore tex files.
      Corrections.
      Added ECDHE-PSK ciphersuites for TLS (RFC 5489).
      explicitly request for client key in server side.
      deinitialize PSK key memory.
      gnutls_secure_malloc() is no longer used.
      ECDHE and ECDSA were added to deafult priorities.
      Laxed verification checks for DSA to allow SHA256 in place of SHA224.
      Corrected ECC ciphersuite detection.
      Added feature to specify ecc private keys and certificates.
      Take into account each and every advertized public key algorithm when 
selecting a certificate. Previously we were assuming only RSA or DSA, or ANY.
      updated keys.
      Corrected EXTRA_DIST
      digest_length() uses int as input.
      Correctly set compression method when resuming sessions.
      simplified _gnutls_supported_compression_methods().
      Added Dash.
      Use cpuid.h if it exists, to use the x86 CPUID instruction.
      Added FSF copyright to public domain files.
      more files to ignore
      Added missing file.
      Added new AES code by Andy.
      Compatibility text updated.
      updates.
      documented usage of gnutls_cipher_add_auth().
      Added AES-GCM optimizations using the PCLMULQDQ instruction. Uses Andy 
Polyakov's assembly code.
      Use nettle's memxor or gnulib's if it doesn't exist.
      Corrections in encryption and decryption of incomplete blocks.
      bumped version.
      properly initialize benchmarks.
      indented code
      corrected typo.
      Added benchmark on GCM ciphersuites and arcfour for comparison.
      typos and date fix in license.
      updated
      gnutls/crypto.h no longer includes functions to register ciphers.
      Added refint macro to refer to internal -non exported- functions. Used it 
to reference to the gnutls_*_register() functions.
      updated
      Hash algorithms used for DSA and ECDSA correspond to 
draft-mavrogiannopoulos-tls-dss-00.txt.
      Simplified the handling of handshake messages to be hashed.
      Truncation of ECDSA and DSA signatures moved to _wrap_nettle_pk_sign()
      simplified _gnutls_selected_cert_supported_kx().
      fixes for http://tools.ietf.org/html/draft-mavrogiannopoulos-tls-dss-00
      Allow all SHA algorithms for DSA signatures.
      Split pubkey_verify_sig() to pubkey_verify_hashed_data() and 
pubkey_verify_data().
      Print information on elliptic curve sessions.
      The PRF is now read from the ciphersuite table.
      gnutls_ecc_curve_get() was added.
      Added SuiteB ciphersuites. Added SUITEB128 and SUITEB192 priority strings.
      Added gnutls_x509_trust_list_add_named_crt() and
      store the ECC curve in the session resumption parameters.
      more files to ignore.
      reinstated MAC-ALL semantics.
      removed completed items from todo list
      Added new TODO items.
      more cleanup.
      Added debugging ability to cipher-test.
      more verbose if the PCLMUL instruction is detected.
      Avoid memory allocations when requesting the supported ciphersuites.
      Updated documentation.
      improved benchmark.
      do not use NETTLE_LIBS to include hogweed and gmp.
      prevent compilation of gcrypt support since it is incomplete.
      When AES and GCM acceleration is available increase the priority of 
AES-GCM ciphersuites in performance and normal cases.
      pclmul is not used on intel 32-bit systems.
      documentation fix.
      regenerated makefile.
      Corrected typo. Reported by Andreas Metzler.
      Corrected fail() shell function. Reported by Andreas Metzler.
      use gnutls_assert_val() in EGD errors.
      Depend on automake 1.11.
      Return error code when an object is not found.
      updated
      document new config file format and path.
      Added missing file
      ignore more warnings.
      define ck_bool_t to be compatible with PKCS #11 bool type.
      write label in PKCS #11 privkey.
      When setting the TRUSTED flag login as security officer.
      corrected uninitialized variable warning.
      eliminated wipemem().
      removed unreachable code warning
      Moved null check before initialization.
      bit fields changed to unsigned.
      Use common code for PKCS #11 callbacks across clients.
      Enforce the GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO even if 
GNUTLS_PKCS11_OBJ_FLAG_LOGIN is specified.
      removed unneeded test.
      updated
      When writing an object with CKA_TRUSTED set CKA_PRIVATE explicitly to 
FALSE, to allow the SO to write it. Reported by Rickard Bellgrim.
      Limit the number of attempts with the same PIN, to avoid attempting again 
and again with a wrong PIN.
      Added new PKCS #11 flags to force an object being private or not.
      bumped version.
      added missing file.

Rickard Bellgrim (1):
      The CKA_SUBJECT must be specified for a certificate.

Roman Bogorodskiy (2):
      Add missing <netinet/in.h> to get sockaddr_in.
      Prevent including installed gnutls' headers.

Stef Walter (8):
      Fix warnings with GCC 4.5.2
      Remove unused variables
      pkcs11: Accept CKR_USER_ALREADY_LOGGED_IN as successful result for PAP 
Login
      gnutls-cli: Fix uninitialized variable when PKCS#11 uris in use.
      tests: Build eagain-cli with correct libraries
      The attached patch ports gnutls to p11-kit.
      Fix up compiler warnings.
      Use pkcs11.h specification file from p11-kit.

-----------------------------------------------------------------------


hooks/post-receive
-- 
GNU gnutls