[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-41-g4aeea36
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-41-g4aeea36 |
|
Date: |
Sun, 22 Jan 2012 11:27:26 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=4aeea362549ccd153f1d367828158201cfa8327a
The branch, master has been updated
via 4aeea362549ccd153f1d367828158201cfa8327a (commit)
via 567f3dccef08e245749aacd7b6a0722f0963b615 (commit)
via 7a6943199b1d0aef1287ffe983db16a3502a9ad8 (commit)
from 7408ef9793c38bbef2f4118e8312b991432db612 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4aeea362549ccd153f1d367828158201cfa8327a
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Jan 22 12:29:15 2012 +0100
enums.texi is not run multiple times. Suggested by Eli Zaretskii.
commit 567f3dccef08e245749aacd7b6a0722f0963b615
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Jan 22 12:26:19 2012 +0100
updated docs
commit 7a6943199b1d0aef1287ffe983db16a3502a9ad8
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Jan 22 10:20:06 2012 +0100
p11tool parses arguments are before (with gaa).
-----------------------------------------------------------------------
Summary of changes:
doc/Makefile.am | 7 ++++---
src/Makefile.am | 12 ++++++------
src/cli-args.def.in | 45 ++++++++++++++++++++++++++++++++++++++++++---
src/cli-debug-args.def.in | 4 +++-
src/p11tool-args.def.in | 32 +++++++-------------------------
src/p11tool.c | 18 ++++++++++--------
src/psk-args.def.in | 1 +
src/serv-args.def.in | 1 +
src/srptool-args.def.in | 1 +
9 files changed, 75 insertions(+), 46 deletions(-)
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 4189b9e..e0aa141 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -297,12 +297,13 @@ ENUMS += enums/gnutls_x509_subject_alt_name_t
gnutls_TEXINFOS += $(ENUMS)
DISTCLEANFILES += $(ENUMS)
-.NOTPARALLEL: $(ENUMS) enums.texi
-
-$(ENUMS): enums.texi
+stamp_enums: enums.texi
$(MAKE) compare-makefile
-mkdir enums
$(srcdir)/scripts/split-texi.pl enums enum < enums.texi
+ echo $@ > $@
+
+$(ENUMS): stamp_enums
compare-makefile:
ENUMS=`grep 'address@hidden ' enums.texi | sed 's/@c //g' | sort`; \
diff --git a/src/Makefile.am b/src/Makefile.am
index 748468c..7586d11 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -163,15 +163,15 @@ p11tool-gaa.c: $(srcdir)/p11tool.gaa
endif
certtool-gaa.c: $(srcdir)/certtool.gaa
-$(GAA) $< -o certtool-gaa.c -i certtool-gaa.h
-psk-args.c psk-args.h: $(srcdir)/psk-args.def
+psk-args.c: $(srcdir)/psk-args.def
-autogen $<
-cli-debug-args.c cli-debug-args.h: $(srcdir)/cli-debug-args.def
+cli-debug-args.c: $(srcdir)/cli-debug-args.def
-autogen $<
-cli-args.c cli-args.h: $(srcdir)/cli-args.def
+cli-args.c: $(srcdir)/cli-args.def
-autogen $<
-serv-args.c serv-args.h: $(srcdir)/serv-args.def
+serv-args.c: $(srcdir)/serv-args.def
-autogen $<
-srptool-args.c srptool-args.h: $(srcdir)/srptool-args.def
+srptool-args.c: $(srcdir)/srptool-args.def
-autogen $<
-p11tool-args.c p11tool-args.h: $(srcdir)/p11tool-args.def
+p11tool-args.c: $(srcdir)/p11tool-args.def
-autogen $<
diff --git a/src/cli-args.def.in b/src/cli-args.def.in
index 8f73cd3..83d65db 100644
--- a/src/cli-args.def.in
+++ b/src/cli-args.def.in
@@ -4,6 +4,7 @@ prog-title = "GnuTLS client";
prog-desc = "Simple client program to set up a TLS connection.";
short-usage = "Usage: gnutls-cli [options] hostname\ngnutls-cli --help for
usage instructions.\n";
prog-group = "GnuTLS";
+explain = "";
detail = "Simple client program to set up a TLS connection to some
other computer.
It sets up a TLS connection and forwards data from the standard input to the
secured socket and vice versa.";
gnu-usage;
@@ -266,8 +267,46 @@ flag = {
doc-section = {
ds-type = 'SEE ALSO'; // or anything else
- ds-format = 'man'; // or texi or mdoc format
- ds-text = <<-_EOText_
+ ds-format = 'texi'; // or texi or mdoc format
+ ds-text = <<-_EOF_
gnutls-cli-debug(1), gnutls-serv(1)
-_EOText_;
+_EOF_;
};
+
+doc-section = {
+ ds-type = 'EXAMPLES';
+ ds-format = 'texi';
+ ds-text = <<-_EOF_
+To connect to a server using PSK authentication, you need to enable the choice
of PSK by using a cipher priority parameter such as in the example below.
address@hidden
+$ ./gnutls-cli -p 5556 localhost --pskusername psk_identity \
+ --pskkey 88f3824b3e5659f52d00e959bacab954b6540344 \
+ --priority NORMAL:-KX-ALL:+ECDHE-PSK:+DHE-PSK:+PSK
+Resolving 'localhost'...
+Connecting to '127.0.0.1:5556'...
+- PSK authentication.
+- Version: TLS1.1
+- Key Exchange: PSK
+- Cipher: AES-128-CBC
+- MAC: SHA1
+- Compression: NULL
+- Handshake was completed
+
+- Simple Client Mode:
address@hidden example
+By keeping the --pskusername parameter and removing the --pskkey parameter, it
will query only for the password during the handshake.
+
+To list the ciphersuites in a priority string:
address@hidden
+$ ./gnutls-cli --priority SECURE192 -l
+Cipher suites for SECURE192
+TLS_ECDHE_ECDSA_AES_256_CBC_SHA384 0xc0, 0x24 TLS1.2
+TLS_ECDHE_ECDSA_AES_256_GCM_SHA384 0xc0, 0x2e TLS1.2
+TLS_ECDHE_RSA_AES_256_GCM_SHA384 0xc0, 0x30 TLS1.2
+TLS_DHE_RSA_AES_256_CBC_SHA256 0x00, 0x6b TLS1.2
+TLS_DHE_DSS_AES_256_CBC_SHA256 0x00, 0x6a TLS1.2
+TLS_RSA_AES_256_CBC_SHA256 0x00, 0x3d TLS1.2
address@hidden example
+_EOF_;
+};
+
diff --git a/src/cli-debug-args.def.in b/src/cli-debug-args.def.in
index d058c69..9a1e2d8 100644
--- a/src/cli-debug-args.def.in
+++ b/src/cli-debug-args.def.in
@@ -4,6 +4,7 @@ prog-title = "GnuTLS debug client";
prog-desc = "Simple client program to check TLS server capabilities.";
short-usage = "Usage: gnutls-cli-debug [options] hostname\ngnutls-cli --help
for usage instructions.\n";
prog-group = "GnuTLS";
+explain = "";
detail = "TLS debug client. It sets up multiple TLS connections to
a server and queries its capabilities. Can be used to check for servers with
special needs or bugs.";
@@ -54,8 +55,9 @@ flag = {
doc-section = {
ds-type = 'SEE ALSO'; // or anything else
- ds-format = 'man'; // or texi or mdoc format
+ ds-format = 'texi'; // or texi or mdoc format
ds-text = <<-_EOText_
gnutls-cli(1), gnutls-serv(1)
_EOText_;
};
+
diff --git a/src/p11tool-args.def.in b/src/p11tool-args.def.in
index 9cb7202..b1cbabe 100644
--- a/src/p11tool-args.def.in
+++ b/src/p11tool-args.def.in
@@ -9,10 +9,13 @@ To use PKCS #11 tokens with gnutls the configuration file
/etc/gnutls/pkcs11.conf has to exist and contain a number of lines of the form
'load=/usr/lib/opensc-pkcs11.so'.
";
-short-usage = "p11tool [options]\np11tool --help for usage instructions.\n";
+short-usage = "p11tool [options] [url]\np11tool --help for usage
instructions.\n";
prog-group = "GnuTLS";
+explain = "";
gnu-usage;
+reorder-args;
no-xlate = opt;
+argument = "[url]";
no-misuse-usage;
disable-save;
long-opts;
@@ -45,98 +48,77 @@ flag = {
flag = {
name = export;
- flags-must= url;
descrip = "Export the object specified by the URL";
doc = "";
};
flag = {
- name = url;
- arg-type = string;
- arg-name = "PKCS #11 URL";
- descrip = "Specify the PKCS #11 URL for the operation";
- doc = "";
-};
-
-flag = {
name = list-mechanisms;
- flags-must= url;
descrip = "List all available mechanisms in a token";
doc = "";
};
flag = {
name = list-all;
- flags-must= url;
descrip = "List all available objects in a token";
doc = "";
};
flag = {
name = list-all-certs;
- flags-must= url;
descrip = "List all available certificates in a token";
doc = "";
};
flag = {
name = list-certs;
- flags-must= url;
descrip = "List all certificates that are associated with a private key
present in the token";
doc = "";
};
flag = {
name = list-all-privkeys;
- flags-must= url;
descrip = "List all available private keys in a token";
doc = "";
};
flag = {
name = list-all-trusted;
- flags-must= url;
descrip = "List all available certificates marked as trusted";
doc = "";
};
flag = {
name = initialize;
- flags-must= url;
descrip = "Initializes a PKCS #11 token";
doc = "";
};
flag = {
name = write;
- flags-must= url;
descrip = "Writes the loaded objects to a PKCS #11 token";
doc = "It can be used to write private keys, certificates or secret keys
to a token.";
};
flag = {
name = delete;
- flags-must= url;
descrip = "Deletes the objects matching the PKCS #11 URL";
doc = "";
};
flag = {
name = generate-rsa;
- flags-must= url;
descrip = "Generates an RSA private-public key pair on the specified
token";
doc = "";
};
flag = {
name = generate-dsa;
- flags-must= url;
descrip = "Generates an RSA private-public key pair on the specified
token";
doc = "";
};
flag = {
name = generate-ecc;
- flags-must= url;
descrip = "Generates an RSA private-public key pair on the specified
token";
doc = "";
};
@@ -280,13 +262,13 @@ $ p11tool --list-tokens
To view all objects in a token use:
@example
-$ p11tool --login --list-all --url "pkcs11:TOKEN-URL"
+$ p11tool --login --list-all "pkcs11:TOKEN-URL"
@end example
To store a private key and a certificate in a token run:
@example
-$ p11tool --login --write --url "pkcs11:URL" --load-privkey key.pem --label
"Mykey"
-$ p11tool --login --write --url "pkcs11:URL" --load-certificate cert.pem
--label "MyCert"
+$ p11tool --login --write "pkcs11:URL" --load-privkey key.pem --label "Mykey"
+$ p11tool --login --write "pkcs11:URL" --load-certificate cert.pem --label
"MyCert"
@end example
_EOT_;
};
diff --git a/src/p11tool.c b/src/p11tool.c
index 864db3e..d800e46 100644
--- a/src/p11tool.c
+++ b/src/p11tool.c
@@ -78,12 +78,19 @@ cmd_parser (int argc, char **argv)
common_info_st cinfo;
unsigned int action = 1, pkcs11_type = -1, key_type = GNUTLS_PK_UNKNOWN;
const char* url = NULL;
- unsigned int detailed_url = 0;
+ unsigned int detailed_url = 0, optct;
unsigned int login = 0, bits = 0;
const char* label = NULL, *sec_param = NULL;
- optionProcess( &p11toolOptions, argc, argv);
-
+ optct = optionProcess( &p11toolOptions, argc, argv);
+ argc += optct;
+ argv += optct;
+
+ if (url == NULL && argc > 0)
+ url = argv[0];
+ else
+ url = "pkcs11:";
+
if (HAVE_OPT(DEBUG))
debug = OPT_VALUE_DEBUG;
@@ -209,11 +216,6 @@ cmd_parser (int argc, char **argv)
if (ENABLED_OPT(LOGIN))
login = 1;
- if (HAVE_OPT(URL))
- {
- url = OPT_ARG(URL);
- }
-
if (HAVE_OPT(LABEL))
{
label = OPT_ARG(LABEL);
diff --git a/src/psk-args.def.in b/src/psk-args.def.in
index 96fb92b..dd6e77f 100644
--- a/src/psk-args.def.in
+++ b/src/psk-args.def.in
@@ -6,6 +6,7 @@ detail = "Program that generates random keys for use with
TLS-PSK. The
keys are stored in hexadecimal format in a key file.";
short-usage = "psktool [options]\npsktool --help for usage instructions.\n";
prog-group = "GnuTLS";
+explain = "";
gnu-usage;
no-xlate = opt;
no-misuse-usage;
diff --git a/src/serv-args.def.in b/src/serv-args.def.in
index 1a5d471..9167eaf 100644
--- a/src/serv-args.def.in
+++ b/src/serv-args.def.in
@@ -4,6 +4,7 @@ prog-title = "GnuTLS server";
prog-desc = "Simple server program to act as an HTTPS or TLS echo
service.";
short-usage = "Usage: gnutls-serv [options]\ngnutls-serv --help for usage
instructions.\n";
prog-group = "GnuTLS";
+explain = "";
detail = "Server program that listens to incoming TLS connections.";
gnu-usage;
no-xlate = opt;
diff --git a/src/srptool-args.def.in b/src/srptool-args.def.in
index 7d7fc6c..bfa8fe0 100644
--- a/src/srptool-args.def.in
+++ b/src/srptool-args.def.in
@@ -2,6 +2,7 @@ AutoGen Definitions options;
prog-name = srptool;
prog-title = "GnuTLS SRP tool";
prog-desc = "Simple program to create SRP parameters.\n";
+explain = "";
detail = "Simple program that emulates the programs in the Stanford SRP
(Secure
Remote Password) libraries using GnuTLS. It is intended for use in places
where you don't expect SRP authentication to be the used for system users.
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-41-g4aeea36,
Nikos Mavrogiannopoulos <=