[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, ocsp, updated. gnutls_3_0_9-37-g59199a0
From: |
Simon Josefsson |
Subject: |
[SCM] GNU gnutls branch, ocsp, updated. gnutls_3_0_9-37-g59199a0 |
Date: |
Mon, 19 Dec 2011 14:19:46 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=59199a02d215a09aa13220e6621986fb76a53c92
The branch, ocsp has been updated
via 59199a02d215a09aa13220e6621986fb76a53c92 (commit)
via 3d61d42b4bd7b1114af2fef07b4970aa1833d741 (commit)
via a829710f34e7008fa912e6388fb80bfcd6413053 (commit)
via e943839de12ca459e298136af445f697de07d300 (commit)
via 8ae1c77186010f4b3c6fc298cf6843c640413e88 (commit)
via 3f5986af3abc524198e18687e865131a6cde57e9 (commit)
via 8c8d6ba2e49031944005ed7ca166be160b8e60dd (commit)
via 2bf710631b1a53d9b224823e85da8079511850b0 (commit)
via 969ab94a8baca977a6cb8a49dbfe339a11fce52c (commit)
via 6719f6f962142344623216f8e7a52452b542ad7d (commit)
via 7daf2300d81dbeeee870299ba3bf7d1ebe3a0d12 (commit)
via a2c6a106b63a3846358d1e2cd5638504000194ec (commit)
via ac69913558b8beec381ef8f2a7a4df493e108480 (commit)
via d896a3fdeb1cf03ab8d453902b2fa7913149cbe0 (commit)
via d9e7ed8e10c56983575930f927f2022ea57e1d45 (commit)
via 97aa82f178dbed11deb3046e127700f91cd1874d (commit)
via 9a7543f23b18907f37efbf8bf1f05560c902402f (commit)
via 070113ec2142111ee741e47b7c76aea20c9ceb38 (commit)
via a4ab0c85b253719905fae036f96a9441da60aa86 (commit)
via 09ee8cd3271eae5509ea6db6581091ef0211a446 (commit)
via 3360065611857d43b7619684755f262e8cc9c0e4 (commit)
via 55968012dcefc50590925b4ddcf556f8ca67a8b5 (commit)
via 4b0c8268003bc16a374f7ab567bea29d93e2d081 (commit)
via bd617810e4338294aa0c6b74da81274bae045f10 (commit)
via 09ec28b2d701d7b27a1a2171988b98ff08690257 (commit)
via 912eda8b0468647dafe9ba91d218adf02f0907a9 (commit)
via 272149db43bd82cbcde5ba366295e9810e5b7701 (commit)
via 1b813beb75f93f7a43d649e9085f03c4762a62a0 (commit)
via ba1524da92c8569dd1dbe909dc9365ae9b4c8396 (commit)
via 5ade634c5acfacb1db8a56907ba1c5a45c930ed3 (commit)
via b5f4b99345ffa9e284738828e81eb17ec6aafc29 (commit)
via 076851da27bc5590a9156505a2fcd54a344a4b9a (commit)
via ae3f137e0b619217236f5899c2dd9668a3a73898 (commit)
via bcca2891e7404e395f224ea019eb5375ae080505 (commit)
via 730a3462665dea6101b7a0a6b2ba655b604ab04c (commit)
via 7682403b52c818f11e5bdc391e8ff34043dba67b (commit)
via 1754cc47ac4b474796a262ce5a5645626b2b4252 (commit)
via 4b39d65406cdca6b0323bf5d8b42819a31c16b73 (commit)
via 2a8cf749ad2e5bcc99f7e3283aea066dbf92bf2a (commit)
via d373c54e0a3b56e629fd2601a0e031e022e88c71 (commit)
via 49b17e461a1c3c9c17555c97b60217569a1906a6 (commit)
via 5f4cd8317cad1146043ec2f64ec0974732bf3882 (commit)
via 5cc97db938c2c9a8862c27799ef8411f4892e025 (commit)
via b81cee49452ad2ad546719a2093eb62cc8b0ffd4 (commit)
via 0f8554e34b96c55616ee9639fa9f0546fc424430 (commit)
via 5f1ef036975e8b433cf69e8f826a5519ada317df (commit)
via 4c48af2b9b6a39f292518462fcf740ab569f39a8 (commit)
via 91c26bd24cdd04d1f69119bebe050ee78932b5d1 (commit)
via 68f11b09d00d2a8ef9142bbe9a051fa678f79b53 (commit)
from 5bf513de19808079537ba49e90d534e99974f3de (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 59199a02d215a09aa13220e6621986fb76a53c92
Author: Simon Josefsson <address@hidden>
Date: Mon Dec 19 15:19:33 2011 +0100
Fix warning.
commit 3d61d42b4bd7b1114af2fef07b4970aa1833d741
Author: Simon Josefsson <address@hidden>
Date: Mon Dec 19 15:10:11 2011 +0100
Fix merge garbage.
commit a829710f34e7008fa912e6388fb80bfcd6413053
Merge: 5bf513d e943839
Author: Simon Josefsson <address@hidden>
Date: Mon Dec 19 15:06:48 2011 +0100
Merge branch 'master' into ocsp
Conflicts:
NEWS
doc/Makefile.am
doc/cha-cert-auth2.texi
doc/manpages/Makefile.am
lib/algorithms/ciphersuites.c
-----------------------------------------------------------------------
Summary of changes:
NEWS | 8 ++++
lib/algorithms/ciphersuites.c | 85 +++++++++++++++++++++++++---------------
lib/algorithms/protocols.c | 14 +++++--
lib/gnutls_int.h | 17 +++++++-
lib/gnutls_record.c | 22 -----------
lib/gnutls_state.c | 15 +++++++
lib/nettle/mpi.c | 4 +-
src/ocsptool.gaa | 2 +-
src/serv.c | 2 +-
9 files changed, 105 insertions(+), 64 deletions(-)
diff --git a/NEWS b/NEWS
index 80009d2..3c284cc 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,11 @@ See the end for copying conditions.
* Version 3.0.10 (unreleased)
+** libgnutls: Corrected ciphersuite GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384
+
+** libgnutls: Added ciphersuites: GNUTLS_PSK_WITH_AES_256_GCM_SHA384
+and GNUTLS_DHE_PSK_WITH_AES_256_GCM_SHA384.
+
** libgnutls: Added OCSP support.
There is a new header file gnutls/ocsp.h and a set of new functions
under the gnutls_ocsp namespace. Currently the functionality provided
@@ -54,6 +59,9 @@ gnutls_ocsp_req_set_nonce: Added.
gnutls_ocsp_resp_verify: Added.
gnutls_ocsp_req_randomize_nonce: Added.
+** API and ABI modifications:
+No changes since last version.
+
* Version 3.0.9 (released 2011-12-13)
** certtool: Added new parameter --dh-info.
diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c
index 88ce7ad..8924d4c 100644
--- a/lib/algorithms/ciphersuites.c
+++ b/lib/algorithms/ciphersuites.c
@@ -167,6 +167,8 @@ typedef struct
/* GCM-PSK */
#define GNUTLS_PSK_AES_128_GCM_SHA256 { 0x00, 0xA8 }
#define GNUTLS_DHE_PSK_AES_128_GCM_SHA256 { 0x00, 0xAA }
+#define GNUTLS_PSK_WITH_AES_256_GCM_SHA384 { 0x00, 0xA9 }
+#define GNUTLS_DHE_PSK_WITH_AES_256_GCM_SHA384 { 0x00, 0xAB }
/* PSK - SHA256 HMAC */
#define GNUTLS_PSK_AES_128_CBC_SHA256 { 0x00, 0xAE }
@@ -176,22 +178,22 @@ typedef struct
#define GNUTLS_DHE_PSK_NULL_SHA256 { 0x00, 0xB4 }
/* ECC */
-#define GNUTLS_ECDH_ANON_NULL_SHA { 0xC0, 0x15 }
-#define GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA { 0xC0, 0x17 }
-#define GNUTLS_ECDH_ANON_AES_128_CBC_SHA { 0xC0, 0x18 }
-#define GNUTLS_ECDH_ANON_AES_256_CBC_SHA { 0xC0, 0x19 }
+#define GNUTLS_ECDH_ANON_NULL_SHA1 { 0xC0, 0x15 }
+#define GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA1 { 0xC0, 0x17 }
+#define GNUTLS_ECDH_ANON_AES_128_CBC_SHA1 { 0xC0, 0x18 }
+#define GNUTLS_ECDH_ANON_AES_256_CBC_SHA1 { 0xC0, 0x19 }
/* ECC-RSA */
-#define GNUTLS_ECDHE_RSA_NULL_SHA { 0xC0, 0x10 }
-#define GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA { 0xC0, 0x12 }
-#define GNUTLS_ECDHE_RSA_AES_128_CBC_SHA { 0xC0, 0x13 }
-#define GNUTLS_ECDHE_RSA_AES_256_CBC_SHA { 0xC0, 0x14 }
+#define GNUTLS_ECDHE_RSA_NULL_SHA1 { 0xC0, 0x10 }
+#define GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 { 0xC0, 0x12 }
+#define GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 { 0xC0, 0x13 }
+#define GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 { 0xC0, 0x14 }
/* ECC-ECDSA */
-#define GNUTLS_ECDHE_ECDSA_NULL_SHA { 0xC0, 0x06 }
-#define GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA { 0xC0, 0x08 }
-#define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA { 0xC0, 0x09 }
-#define GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA { 0xC0, 0x0A }
+#define GNUTLS_ECDHE_ECDSA_NULL_SHA1 { 0xC0, 0x06 }
+#define GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1 { 0xC0, 0x08 }
+#define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1 { 0xC0, 0x09 }
+#define GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1 { 0xC0, 0x0A }
/* ECC with SHA2 */
#define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256 {0xC0,0x23}
@@ -208,9 +210,9 @@ typedef struct
/* ECC with PSK */
-#define GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA { 0xC0, 0x34 }
-#define GNUTLS_ECDHE_PSK_AES_128_CBC_SHA { 0xC0, 0x35 }
-#define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA { 0xC0, 0x36 }
+#define GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA1 { 0xC0, 0x34 }
+#define GNUTLS_ECDHE_PSK_AES_128_CBC_SHA1 { 0xC0, 0x35 }
+#define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA1 { 0xC0, 0x36 }
#define GNUTLS_ECDHE_PSK_AES_128_CBC_SHA256 { 0xC0, 0x37 }
#define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384 { 0xC0, 0x38 }
#define GNUTLS_ECDHE_PSK_NULL_SHA256 { 0xC0, 0x3A }
@@ -500,53 +502,53 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
/* ECC-ANON */
- ENTRY (GNUTLS_ECDH_ANON_NULL_SHA,
+ ENTRY (GNUTLS_ECDH_ANON_NULL_SHA1,
GNUTLS_CIPHER_NULL, GNUTLS_KX_ANON_ECDH,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- ENTRY (GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA,
+ ENTRY (GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_ECDH,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- ENTRY (GNUTLS_ECDH_ANON_AES_128_CBC_SHA,
+ ENTRY (GNUTLS_ECDH_ANON_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_ECDH,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- ENTRY (GNUTLS_ECDH_ANON_AES_256_CBC_SHA,
+ ENTRY (GNUTLS_ECDH_ANON_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_ECDH,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
/* ECC-RSA */
- ENTRY (GNUTLS_ECDHE_RSA_NULL_SHA,
+ ENTRY (GNUTLS_ECDHE_RSA_NULL_SHA1,
GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- ENTRY (GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- ENTRY (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- ENTRY (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
/* ECDHE-ECDSA */
- ENTRY (GNUTLS_ECDHE_ECDSA_NULL_SHA,
+ ENTRY (GNUTLS_ECDHE_ECDSA_NULL_SHA1,
GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- ENTRY (GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- ENTRY (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
@@ -569,15 +571,15 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1),
/* ECC - PSK */
- ENTRY (GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA1,
GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- ENTRY (GNUTLS_ECDHE_PSK_AES_128_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_PSK_AES_128_CBC_SHA1,
GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
- ENTRY (GNUTLS_ECDHE_PSK_AES_256_CBC_SHA,
+ ENTRY (GNUTLS_ECDHE_PSK_AES_256_CBC_SHA1,
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_PSK,
GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
@@ -586,7 +588,7 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
GNUTLS_MAC_SHA256, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1),
ENTRY_PRF (GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384,
- GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK,
+ GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_PSK,
GNUTLS_MAC_SHA384, GNUTLS_TLS1_0,
GNUTLS_VERSION_MAX, 1, GNUTLS_MAC_SHA384),
ENTRY (GNUTLS_ECDHE_PSK_NULL_SHA256,
@@ -609,7 +611,14 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
GNUTLS_CIPHER_AES_256_CBC,
GNUTLS_KX_ECDHE_ECDSA,
GNUTLS_MAC_SHA384, GNUTLS_TLS1_2,
GNUTLS_VERSION_MAX, 1, GNUTLS_DIG_SHA384),
-
+ ENTRY_PRF(GNUTLS_PSK_WITH_AES_256_GCM_SHA384,
+ GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_PSK,
+ GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+ GNUTLS_VERSION_MAX, 1, GNUTLS_DIG_SHA384),
+ ENTRY_PRF(GNUTLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
+ GNUTLS_CIPHER_AES_256_GCM, GNUTLS_KX_DHE_PSK,
+ GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
+ GNUTLS_VERSION_MAX, 1, GNUTLS_DIG_SHA384),
{0, {0, 0}, 0, 0, 0, 0, 0, 0}
};
@@ -776,6 +785,18 @@ _gnutls_cipher_suite_is_ok (const uint8_t suite[2])
}
+/*-
+ * _gnutls_supported_ciphersuites:
+ * @session: a TLS session
+ * @cipher_suites: Where the ciphersuites will be stored (2bytes each)
+ * @max_cipher_suite_size: the maximum size of the @cipher_suites buffer.
+ *
+ * Returns the supported ciphersuites by this session (based on priorities)
+ * sorted by order of preference.
+ *
+ * Returns the size of the @cipher_suites buffer, or a negative value on error.
+ *
+ -*/
int
_gnutls_supported_ciphersuites (gnutls_session_t session,
uint8_t *cipher_suites, int
max_cipher_suite_size)
diff --git a/lib/algorithms/protocols.c b/lib/algorithms/protocols.c
index 22c99e8..6d6b04c 100644
--- a/lib/algorithms/protocols.c
+++ b/lib/algorithms/protocols.c
@@ -54,10 +54,10 @@ static const gnutls_version_entry sup_versions[] = {
#define GNUTLS_VERSION_ALG_LOOP(a) \
GNUTLS_VERSION_LOOP( if(p->id == version) { a; break; })
-/* Version */
+/* Return the priority of the provided version number */
int
_gnutls_version_priority (gnutls_session_t session, gnutls_protocol_t version)
-{ /* actually returns the priority */
+{
unsigned int i;
for (i = 0; i < session->internals.priorities.protocol.algorithms; i++)
@@ -68,9 +68,11 @@ _gnutls_version_priority (gnutls_session_t session,
gnutls_protocol_t version)
return -1;
}
+/* Returns the lowest TLS version number in the priorities.
+ */
gnutls_protocol_t
_gnutls_version_lowest (gnutls_session_t session)
-{ /* returns the lowest version supported */
+{
unsigned int i, min = 0xff;
gnutls_protocol_t cur_prot;
@@ -88,9 +90,11 @@ _gnutls_version_lowest (gnutls_session_t session)
return min;
}
+/* Returns the maximum version in the priorities
+ */
gnutls_protocol_t
_gnutls_version_max (gnutls_session_t session)
-{ /* returns the maximum version supported */
+{
unsigned int i, max = 0x00;
gnutls_protocol_t cur_prot;
@@ -189,6 +193,8 @@ _gnutls_version_get_minor (gnutls_protocol_t version)
return ret;
}
+/* Returns a version number given the major and minor numbers.
+ */
gnutls_protocol_t
_gnutls_version_get (int major, int minor)
{
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 3767f10..0895491 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -878,8 +878,6 @@ struct gnutls_session_int
/* functions
*/
-void _gnutls_set_current_version (gnutls_session_t session,
- gnutls_protocol_t version);
void _gnutls_free_auth_info (gnutls_session_t session);
/* These two macros return the advertized TLS version of
@@ -900,4 +898,19 @@ gnutls_protocol_t _gnutls_get_adv_version
(gnutls_session_t);
int _gnutls_is_secure_mem_null (const void *);
+inline static gnutls_protocol_t
+_gnutls_protocol_get_version (gnutls_session_t session)
+{
+ return session->security_parameters.version;
+}
+
+#define gnutls_protocol_get_version _gnutls_protocol_get_version
+
+inline static void
+_gnutls_set_current_version (gnutls_session_t session,
+ gnutls_protocol_t version)
+{
+ session->security_parameters.version = version;
+}
+
#endif /* GNUTLS_INT_H */
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 6c2ac56..db9ef2a 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -58,28 +58,6 @@ struct tls_record_st {
/* the data */
};
-
-/**
- * gnutls_protocol_get_version:
- * @session: is a #gnutls_session_t structure.
- *
- * Get TLS version, a #gnutls_protocol_t value.
- *
- * Returns: The version of the currently used protocol.
- **/
-gnutls_protocol_t
-gnutls_protocol_get_version (gnutls_session_t session)
-{
- return session->security_parameters.version;
-}
-
-void
-_gnutls_set_current_version (gnutls_session_t session,
- gnutls_protocol_t version)
-{
- session->security_parameters.version = version;
-}
-
/**
* gnutls_record_disable_padding:
* @session: is a #gnutls_session_t structure.
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index 3e1e3ae..d1b9561 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -1396,3 +1396,18 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t
session)
{
return _gnutls_session_ecc_curve_get(session);
}
+
+#undef gnutls_protocol_get_version
+/**
+ * gnutls_protocol_get_version:
+ * @session: is a #gnutls_session_t structure.
+ *
+ * Get TLS version, a #gnutls_protocol_t value.
+ *
+ * Returns: The version of the currently used protocol.
+ **/
+gnutls_protocol_t
+gnutls_protocol_get_version (gnutls_session_t session)
+{
+ return _gnutls_protocol_get_version(session);
+}
diff --git a/lib/nettle/mpi.c b/lib/nettle/mpi.c
index 0ebdcf4..f1342ec 100644
--- a/lib/nettle/mpi.c
+++ b/lib/nettle/mpi.c
@@ -474,7 +474,7 @@ gen_group (mpz_t * prime, mpz_t * generator, unsigned int
nbits, unsigned int *q
nettle_mpz_set_str_256_u (w, w_bytes, buffer);
/* always odd */
- mpz_setbit (q, 0);
+ mpz_setbit (w, 0);
ret = mpz_probab_prime_p (w, PRIME_CHECK_PARAM);
if (ret > 0)
@@ -500,7 +500,7 @@ gen_group (mpz_t * prime, mpz_t * generator, unsigned int
nbits, unsigned int *q
nettle_mpz_set_str_256_u (q, q_bytes, buffer);
/* always odd */
- mpz_setbit (w, 0);
+ mpz_setbit (q, 0);
ret = mpz_probab_prime_p (q, PRIME_CHECK_PARAM);
if (ret == 0)
diff --git a/src/ocsptool.gaa b/src/ocsptool.gaa
index 185af40..e0b655c 100644
--- a/src/ocsptool.gaa
+++ b/src/ocsptool.gaa
@@ -23,7 +23,7 @@ option (j, response-info) { $action = ACTION_RESP_INFO; }
"Print information on
option (q, generate-request) { $action = ACTION_GEN_REQ; } "Generate a OCSP
request."
-#char *nononce;
+#int nononce;
option (no-nonce) { $nononce = 1 } "don't add nonce to OCSP request."
#char *issuer;
diff --git a/src/serv.c b/src/serv.c
index 9a5c486..8959d7f 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -692,7 +692,7 @@ listen_socket (const char *name, int listen_port, int
socktype)
snprintf (portname, sizeof (portname), "%d", listen_port);
memset (&hints, 0, sizeof (hints));
hints.ai_socktype = socktype;
- hints.ai_flags = AI_PASSIVE;
+ hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG;
if ((s = getaddrinfo (NULL, portname, &hints, &res)) != 0)
{
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, ocsp, updated. gnutls_3_0_9-37-g59199a0,
Simon Josefsson <=