[SCM] GNU gnutls branch, master, updated. gnutls_3_0

gnutls-commit
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_2-57-gc8c99c5

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, master, updated. gnutls_3_0_2-57-gc8c99c5
Date:	Sat, 17 Sep 2011 08:07:55 +0000
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=c8c99c59b4a09f8ade727bfb3276807d72961108

The branch, master has been updated
       via  c8c99c59b4a09f8ade727bfb3276807d72961108 (commit)
       via  10779454f169ab4616bb247cc6d141d56c16979c (commit)
       via  cc0d0efd8cab2b1a8c2bbabf648f36f972d5f79e (commit)
       via  1a39551b8b7e9409ff735ad3e633c060253412f7 (commit)
       via  9148f8f5f218067d18f00b53dd454a4a24759e3a (commit)
      from  8611e7fdee152313e53229ab97526561a3aa3ab7 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c8c99c59b4a09f8ade727bfb3276807d72961108
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Fri Sep 16 22:46:13 2011 +0200

    Added better detection of capabilities in 386. If cpuid doesn't exist don't 
try to execute it.

commit 10779454f169ab4616bb247cc6d141d56c16979c
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Thu Sep 15 13:36:27 2011 +0200

    updates on SRP description

commit cc0d0efd8cab2b1a8c2bbabf648f36f972d5f79e
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed Sep 14 20:31:50 2011 +0200

    stress that values are bytes and not bits

commit 1a39551b8b7e9409ff735ad3e633c060253412f7
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed Sep 14 20:30:14 2011 +0200

    new gaa

commit 9148f8f5f218067d18f00b53dd454a4a24759e3a
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed Sep 14 20:29:59 2011 +0200

    removed unused macro

-----------------------------------------------------------------------

Summary of changes:
 configure.ac                  |    2 +-
 doc/cha-auth.texi             |   41 +++++++++++++++++++--------------------
 doc/latex/macros.tex          |    2 -
 doc/scripts/mytexi2latex      |    1 +
 lib/accelerated/Makefile.am   |   10 +++++++-
 lib/accelerated/accelerated.c |   12 +++++++---
 lib/accelerated/x86.h         |   43 +++++++++++++++++++++++++++++++---------
 src/benchmark.c               |    6 ++--
 src/serv-gaa.c                |    2 +-
 9 files changed, 75 insertions(+), 44 deletions(-)

diff --git a/configure.ac b/configure.ac
index 85916ef..a3ccb2c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -94,8 +94,8 @@ esac
 
 fi
 
-AM_CONDITIONAL(TRY_X86_OPTIMIZATIONS, test x"$hw_accel" = x"x86" || test 
x"$hw_accel" = x"x86-64")
 AM_CONDITIONAL(ASM_X86_64, test x"$hw_accel" = x"x86-64")
+AM_CONDITIONAL(ASM_X86_32, test x"$hw_accel" = x"x86")
 AM_CONDITIONAL(HAVE_GCC_GNU89_INLINE_OPTION, test "$gnu89_inline" = "yes"])
 AM_CONDITIONAL(HAVE_GCC, test "$GCC" = "yes")
 
diff --git a/doc/cha-auth.texi b/doc/cha-auth.texi
index a42854a..1cfa08d 100644
--- a/doc/cha-auth.texi
+++ b/doc/cha-auth.texi
@@ -8,13 +8,13 @@ are:
 
 @itemize
 
address@hidden Certificate authentication
address@hidden Certificate authentication: Authenticated key exchange using 
public key infrastructure and certificates (X.509 or OpenPGP).
 
address@hidden Anonymous authentication
address@hidden @acronym{SRP} authentication: Authenticated key exchange using a 
password.
 
address@hidden @acronym{SRP} authentication
address@hidden @acronym{PSK} authentication: Authenticated key exchange using a 
pre-shared key.
 
address@hidden @acronym{PSK} authentication
address@hidden Anonymous authentication: Key exchange without peer 
authentication.
 
 @end itemize
 
@@ -222,32 +222,31 @@ efficient than ANON_DH on equivalent security levels.
 @section Authentication using @acronym{SRP}
 @cindex SRP authentication
 
-Authentication via the Secure Remote Password protocol,
address@hidden (see @xcite{RFC2945} for a description of SRP),
-is supported.  The @acronym{SRP} key exchange is an extension to the
address@hidden protocol, and it is a password based authentication
-(unlike @acronym{X.509} or @acronym{OpenPGP} that use certificates).
-The two peers can be identified using a single password, or there can
-be combinations where the client is authenticated using @acronym{SRP}
address@hidden supported authentication via the Secure Remote Password 
+or @acronym{SRP} protocol (see @xcite{RFC2945,TOMSRP} for a description).
+The @acronym{SRP} key exchange is an extension to the
address@hidden protocol, and it provided an authenticated with a 
+password key exchange. The peers can be identified using a single password, 
+or there can be combinations where the client is authenticated using 
@acronym{SRP}
 and the server using a certificate.
 
 The advantage of @acronym{SRP} authentication, over other proposed
-secure password authentication schemes, is that @acronym{SRP} does not
-require the server to hold the user's password.  This kind of
-protection is similar to the one used traditionally in the @acronym{UNIX}
+secure password authentication schemes, is that @acronym{SRP} is not
+susceptible to off-line dictionary attacks.
+Moreover, SRP does not require the server to hold the user's password.
+This kind of protection is similar to the one used traditionally in the 
@acronym{UNIX}
 @file{/etc/passwd} file, where the contents of this file did not cause
 harm to the system security if they were revealed.  The @acronym{SRP}
 needs instead of the plain password something called a verifier, which
 is calculated using the user's password, and if stolen cannot be used
-to impersonate the user. Check @xcite{TOMSRP} for a detailed
-description of the @acronym{SRP} protocol and the Stanford
address@hidden libraries, which includes a PAM module that synchronizes
+to impersonate the user. 
+The Stanford @acronym{SRP} libraries, include a PAM module that synchronizes
 the system's users passwords with the @acronym{SRP} password
-files. That way @acronym{SRP} authentication could be used for all the
-system's users.
+files. That way @acronym{SRP} authentication could be used for all users
+of a system.
 
-The implementation in @acronym{GnuTLS} is based on @xcite{TLSSRP} and
-the supported @acronym{SRP} key exchange methods are:
+The implementation in @acronym{GnuTLS} is based on @xcite{TLSSRP}. The
+supported key exchange methods are shown below.
 
 @table @code
 
diff --git a/doc/latex/macros.tex b/doc/latex/macros.tex
index 8907c52..fbfb687 100644
--- a/doc/latex/macros.tex
+++ b/doc/latex/macros.tex
@@ -44,8 +44,6 @@
        \code{#1}%
 }
 
-\definecolor{light-gray}{gray}{0.95}
-
 \newcommand{\showfunc}[1]{%
  \let\Oldfd\functionDescription
  \let\Oldendfd\endfunctionDescription
diff --git a/doc/scripts/mytexi2latex b/doc/scripts/mytexi2latex
index 9fb1cb3..a057726 100755
--- a/doc/scripts/mytexi2latex
+++ b/doc/scripts/mytexi2latex
@@ -319,6 +319,7 @@ multitable:
                $line =~ s/address@hidden($mathmatch+)\}/\$$1\$/g;
                $line =~ s/address@hidden($spacematch+)\}/\\acronym{$1}/g;
                $line =~ s/address@hidden($match+)\}/~\\cite{$1}/g;
+               $line =~ 
s/address@hidden($match+)\,($match+)\}/~\\cite{$1,$2}/g;
                $line =~ s/address@hidden/\\footnote{/g;
                $line =~ s/address@hidden (.+)/\\index{$1}/g;
                if ($line =~ s/address@hidden (.+)/\\input{$1}/g) {
diff --git a/lib/accelerated/Makefile.am b/lib/accelerated/Makefile.am
index 4a23dde..e9426d0 100644
--- a/lib/accelerated/Makefile.am
+++ b/lib/accelerated/Makefile.am
@@ -36,8 +36,14 @@ EXTRA_DIST = x86.h accelerated.h cryptodev.h
 libaccelerated_la_SOURCES = accelerated.c cryptodev.c
 libaccelerated_la_LIBADD =
 
-if TRY_X86_OPTIMIZATIONS
+if ASM_X86_64
 SUBDIRS += intel
-AM_CFLAGS += -DTRY_X86_OPTIMIZATIONS
+AM_CFLAGS += -DASM_X86_64
+libaccelerated_la_LIBADD += intel/libintel.la
+endif
+
+if ASM_X86_32
+SUBDIRS += intel
+AM_CFLAGS += -DASM_X86_32
 libaccelerated_la_LIBADD += intel/libintel.la
 endif
diff --git a/lib/accelerated/accelerated.c b/lib/accelerated/accelerated.c
index ddfdf0c..e2da12f 100644
--- a/lib/accelerated/accelerated.c
+++ b/lib/accelerated/accelerated.c
@@ -21,16 +21,20 @@
  */
 
 #include <accelerated.h>
-#ifdef TRY_X86_OPTIMIZATIONS
+#if defined(ASM_X86_32) || defined(ASM_X86_64)
 # include <intel/aes-x86.h>
+# include <x86.h>
 #endif
 
 void _gnutls_register_accel_crypto(void)
 {
 
-#ifdef TRY_X86_OPTIMIZATIONS
-  register_x86_crypto ();
-  register_padlock_crypto ();
+#if defined(ASM_X86_32) || defined(ASM_X86_64)
+  if (have_cpuid() != 0)
+    {
+      register_x86_crypto ();
+      register_padlock_crypto ();
+    }
 #endif
 
   return;
diff --git a/lib/accelerated/x86.h b/lib/accelerated/x86.h
index 2fdb9d6..0b61272 100644
--- a/lib/accelerated/x86.h
+++ b/lib/accelerated/x86.h
@@ -22,19 +22,25 @@
 
 #include <config.h>
 
-#ifdef HAVE_CPUID_H
-# include <cpuid.h>
-# define cpuid __cpuid
+#ifdef ASM_X86_64
 
-#else
-
-# ifdef ASM_X86_64
+# ifdef HAVE_CPUID_H
+#  include <cpuid.h>
+#  define cpuid __cpuid
+# else
 
-#  define cpuid(func,ax,bx,cx,dx)\
+#define cpuid(func,ax,bx,cx,dx)\
   __asm__ __volatile__ ("cpuid":\
   "=a" (ax), "=b" (bx), "=c" (cx), "=d" (dx) : "a" (func));
 
-# else
+# endif
+
+# define have_cpuid() 1
+
+#endif /* ASM_X86_64 */
+
+
+#ifdef ASM_X86_32
 /* some GCC versions complain on the version above */
 #  define cpuid(func, a, b, c, d) g_cpuid(func, &a, &b, &c, &d)
 
@@ -48,6 +54,23 @@ inline static void g_cpuid(uint32_t func, unsigned int *ax, 
unsigned int *bx, un
                   :"a"(func)
                   :"cc");
 }
-# endif
 
-#endif
+inline static unsigned int have_cpuid(void)
+{
+  unsigned int have_id;
+  asm volatile(
+    "pushfl\t\n"
+    "pop %0\t\n"
+    "orl $0x200000, %0\t\n"
+    "push %0\t\n"
+    "popfl\t\n"
+    "pushfl\t\n"
+    "pop %0\t\n"
+    "andl $0x200000, %0\t\n"
+    :"=r" (have_id)
+    ::
+  );
+  
+  return have_id;
+}
+#endif /* ASM_X86_32 */
diff --git a/src/benchmark.c b/src/benchmark.c
index 015110f..134c2a1 100644
--- a/src/benchmark.c
+++ b/src/benchmark.c
@@ -34,21 +34,21 @@ value2human (unsigned long bytes, double time, double 
*data, double *speed,
     {
       *data = ((double) bytes) / 1000;
       *speed = *data / time;
-      strcpy (metric, "Kb");
+      strcpy (metric, "KB");
       return;
     }
   else if (bytes >= 1000 * 1000 && bytes < 1000 * 1000 * 1000)
     {
       *data = ((double) bytes) / (1000 * 1000);
       *speed = *data / time;
-      strcpy (metric, "Mb");
+      strcpy (metric, "MB");
       return;
     }
   else if (bytes >= 1000 * 1000 * 1000)
     {
       *data = ((double) bytes) / (1000 * 1000 * 1000);
       *speed = *data / time;
-      strcpy (metric, "Gb");
+      strcpy (metric, "GB");
       return;
     }
   else
diff --git a/src/serv-gaa.c b/src/serv-gaa.c
index b8b4f3e..2d1baaa 100644
--- a/src/serv-gaa.c
+++ b/src/serv-gaa.c
@@ -1274,7 +1274,7 @@ static int gaa_internal_get_next_str(FILE *file, 
gaa_str_node *tmp_str, int argc
 
         len++;
         a = fgetc( file);
-        if(a==EOF) return 0; //a = ' ';
+        if(a==EOF) return 0;
     }
 
     len += 1;


hooks/post-receive
-- 
GNU gnutls
[Prev in Thread]
Current Thread
[Next in Thread]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_2-57-gc8c99c5, Nikos Mavrogiannopoulos <=
Prev by Date: Hydra job gnu:gnutls-master:build build 1341454: Failed
Next by Date: [SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_10-6-g389e8e8
Previous by thread: Hydra job gnu:gnutls-master:build build 1341454: Failed
Next by thread: [SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_12_10-6-g389e8e8
Index(es):
- Date
- Thread