Re: [gnutls-dev] Preparing for the next stable release

[Ludovic Courtès]

Hi,

Simon Josefsson <address@hidden> writes:

> I solved this by removing internals.texi and moving the contents inside
> gnutls.texi.

Works perfectly here.

I just noticed I had forgotten to capitalize all subsections.  Attached
is an additional patch.

Thanks,
Ludovic.

>From 7b3b8986de3f0d1ed281e8a93f1db74edd3cf118 Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Ludovic=20Court=C3=A8s?= <address@hidden>
Date: Mon, 9 Jul 2007 17:58:17 +0200
Subject: [PATCH] Capitalized subsection titles.

* doc/gnutls.texi: Capitalized subsection titles.

* doc/signatures.texi: Likewise.
---
 doc/gnutls.texi     |   82 +++++++++++++++++++++++++-------------------------
 doc/signatures.texi |    4 +-
 2 files changed, 43 insertions(+), 43 deletions(-)

diff --git a/doc/gnutls.texi b/doc/gnutls.texi
index 05a9a3f..415b8ff 100644
--- a/doc/gnutls.texi
+++ b/doc/gnutls.texi
@@ -677,7 +677,7 @@ just after the handshake protocol has finished.
 @end menu
 
 @node Encryption algorithms used in the record layer
address@hidden Encryption algorithms used in the record layer
address@hidden Encryption Algorithms Used in the Record Layer
 @cindex Symmetric encryption algorithms
 
 Confidentiality in the record layer is achieved by using symmetric
@@ -727,7 +727,7 @@ bits of data.
 @end table
 
 @node Compression algorithms used in the record layer
address@hidden Compression algorithms used in the record layer
address@hidden Compression Algorithms Used in the Record Layer
 @cindex Compression algorithms
 
 The TLS record layer also supports compression.  The algorithms
@@ -762,7 +762,7 @@ and the private extensions are enabled.
 @end table
 
 @node Weaknesses and countermeasures
address@hidden Weaknesses and countermeasures
address@hidden Weaknesses and Countermeasures
 
 Some weaknesses that may affect the security of the Record layer have
 been found in @acronym{TLS} 1.0 protocol. These weaknesses can be
@@ -870,7 +870,7 @@ To set whether client certificate is required or not.
 To initiate the handshake.
 @end table
 
address@hidden TLS cipher suites
address@hidden TLS Cipher Suites
 
 The Handshake Protocol of @acronym{TLS} negotiates cipher suites of
 the form @code{TLS_DHE_RSA_WITH_3DES_CBC_SHA}.  The usual cipher
@@ -902,7 +902,7 @@ true. For several reasons, not discussed here, some 
combinations were
 not defined in the @acronym{TLS} protocol.  The supported ciphersuites
 are shown in @ref{ciphersuites}.
 
address@hidden Client authentication
address@hidden Client Authentication
 @cindex Client Certificate authentication
 
 In the case of ciphersuites that use certificate authentication, the
@@ -942,7 +942,7 @@ reasons, thus it may be normal for a server not to resume a 
session
 even if you requested that.  Also note that you must enable, using the
 priority functions, at least the algorithms used in the last session.
 
address@hidden Resuming internals
address@hidden Resuming Internals
 
 The resuming capability, mostly in the server side, is one of the
 problems of a thread-safe TLS implementations. The problem is that all
@@ -996,7 +996,7 @@ in @acronym{GnuTLS} are:
 
 and they will be discussed in the subsections that follow.
 
address@hidden Maximum fragment length negotiation
address@hidden Maximum Fragment Length Negotiation
 @cindex TLS Extensions
 @cindex Maximum fragment length
 
@@ -1006,7 +1006,7 @@ useful to clients with constrained capabilities. See the
 @ref{gnutls_record_set_max_size} and the
 @ref{gnutls_record_get_max_size} functions.
 
address@hidden Server name indication
address@hidden Server Name Indication
 @anchor{serverind}
 @cindex TLS Extensions
 @cindex Server name indication
@@ -1102,7 +1102,7 @@ are:
 @node Certificate authentication
 @section Certificate Authentication
 
address@hidden Authentication using @acronym{X.509} certificates
address@hidden Authentication Using @acronym{X.509} Certificates
 @cindex @acronym{X.509} certificates
 
 @acronym{X.509} certificates contain the public parameters, of a
@@ -1110,7 +1110,7 @@ public key algorithm, and an authority's signature, which 
proves the
 authenticity of the parameters.  @xref{The X.509 trust model}, for
 more information on @acronym{X.509} protocols.
 
address@hidden Authentication using @acronym{OpenPGP} keys
address@hidden Authentication Using @acronym{OpenPGP} Keys
 @cindex @acronym{OpenPGP} Keys
 
 @acronym{OpenPGP} keys also contain public parameters of a public key
@@ -1123,7 +1123,7 @@ based on the @xcite{TLSPGP} proposal.
 @acronym{OpenPGP} trust model.  For a more detailed introduction to
 @acronym{OpenPGP} and @acronym{GnuPG} see @xcite{GPGH}.
 
address@hidden Using certificate authentication
address@hidden Using Certificate Authentication
 
 In @acronym{GnuTLS} both the @acronym{OpenPGP} and @acronym{X.509}
 certificates are part of the certificate authentication and thus are
@@ -1550,7 +1550,7 @@ handling @acronym{X.509} certificates is described at 
section
 @end menu
 
 @node X.509 certificates
address@hidden @acronym{X.509} certificates
address@hidden @acronym{X.509} Certificates
 
 An @acronym{X.509} certificate usually contains information about the
 certificate holder, the signer, a unique serial number, expiration
@@ -1640,7 +1640,7 @@ functions for @acronym{X.509} certificate handling have 
their prototypes in
 parsing capabilities can be found at section @ref{ex:x509-info}.
 
 @node Verifying X.509 certificate paths
address@hidden Verifying @acronym{X.509} certificate paths
address@hidden Verifying @acronym{X.509} Certificate Paths
 @cindex Verifying certificate paths
 
 Verifying certificate paths is important in @acronym{X.509} authentication. For
@@ -1723,7 +1723,7 @@ certificate's owner is the one you expect. For more 
information consult @xcite{R
 and section @ref{ex:verify} for an example.
 
 @node PKCS #10 certificate requests
address@hidden @acronym{PKCS} #10 certificate requests
address@hidden @acronym{PKCS} #10 Certificate Requests
 @cindex Certificate requests
 @cindex @acronym{PKCS} #10
 
@@ -1739,7 +1739,7 @@ using the @code{gnutls_x509_crq_t} type.  An example of a 
certificate
 request generation can be found at section @ref{ex:crq}.
 
 @node PKCS #12 structures
address@hidden @acronym{PKCS} #12 structures
address@hidden @acronym{PKCS} #12 Structures
 @cindex @acronym{PKCS} #12
 
 A @acronym{PKCS} #12 structure @xcite{PKCS12} usually contains a user's
@@ -1786,7 +1786,7 @@ only Kevin, for some reason. A reason could be that Bob 
is lazy
 enough, and signs other people's keys without being sure that they
 belong to the actual owner.
 
address@hidden @acronym{OpenPGP} keys
address@hidden @acronym{OpenPGP} Keys
 
 In @acronym{GnuTLS} the @acronym{OpenPGP} key structures
 @xcite{RFC2440} are handled using the @code{gnutls_openpgp_key_t} type
@@ -1794,7 +1794,7 @@ and the corresponding private keys with the
 @code{gnutls_openpgp_privkey_t} type. All the prototypes for the key
 handling functions can be found at @file{gnutls/openpgp.h}.
 
address@hidden Verifying an @acronym{OpenPGP} key
address@hidden Verifying an @acronym{OpenPGP} Key
 
 The verification functions of @acronym{OpenPGP} keys, included in
 @acronym{GnuTLS}, are simple ones, and do not use the features of the
@@ -2011,7 +2011,7 @@ available by including the header file 
@file{gnutls/extra.h} in your
 programs.
 
 @node Version check
address@hidden Version check
address@hidden Version Check
 
 It is often desirable to check that the version of `gnutls' used is
 indeed one which fits all requirements.  Even with binary
@@ -2021,7 +2021,7 @@ want to check that the version is okay right after 
program startup.
 See the function @ref{gnutls_check_version}.
 
 @node Building the source
address@hidden Building the source
address@hidden Building the Source
 
 If you want to compile a source file including the `gnutls/gnutls.h'
 header file, you must make sure that the compiler can find it in the
@@ -2067,7 +2067,7 @@ gcc -o foo foo.c `libgnutls-config --cflags --libs`
 @end example
 
 @node Multi-threaded applications
address@hidden Multi-threaded applications
address@hidden Multi-Threaded Applications
 
 Although the @acronym{GnuTLS} library is thread safe by design, some
 parts of the crypto backend, such as the random generator, are
@@ -2152,7 +2152,7 @@ implemented by another example.
 @end menu
 
 @node Simple client example with anonymous authentication
address@hidden Simple client example with anonymous authentication
address@hidden Simple Client Example with Anonymous Authentication
 
 The simplest client using TLS is the one that doesn't do any
 authentication.  This means no external certificates or passwords are
@@ -2163,7 +2163,7 @@ However, the data is integrity and privacy protected.
 @verbatiminclude examples/ex-client1.c
 
 @node Simple client example with X.509 certificate support
address@hidden Simple client example with @acronym{X.509} certificate support
address@hidden Simple Client Example with @acronym{X.509} Certificate Support
 
 Let's assume now that we want to create a TCP client which
 communicates with servers that use @acronym{X.509} or
@@ -2176,7 +2176,7 @@ redefining them.
 @verbatiminclude examples/ex-client2.c
 
 @node Obtaining session information
address@hidden Obtaining session information
address@hidden Obtaining Session Information
 
 Most of the times it is desirable to know the security properties of
 the current established session.  This includes the underlying ciphers
@@ -2187,7 +2187,7 @@ if called after a successful @ref{gnutls_handshake}.
 @verbatiminclude examples/ex-session-info.c
 
 @node Verifying peer's certificate
address@hidden Verifying peer's certificate
address@hidden Verifying Peer's Certificate
 @anchor{ex:verify}
 
 A @acronym{TLS} session is not secure just after the handshake
@@ -2205,7 +2205,7 @@ verification output.
 @verbatiminclude examples/ex-verify.c
 
 @node Using a callback to select the certificate to use
address@hidden Using a callback to select the certificate to use
address@hidden Using a Callback to Select the Certificate to Use
 
 There are cases where a client holds several certificate and key
 pairs, and may not want to load all of them in the credentials
@@ -2215,7 +2215,7 @@ certificate selection callback.
 @verbatiminclude examples/ex-cert-select.c
 
 @node Client with Resume capability example
address@hidden Client with Resume capability example
address@hidden Client with Resume Capability Example
 @anchor{ex:resume-client}
 
 This is a modification of the simple client example. Here we
@@ -2226,7 +2226,7 @@ establish a new connection using the previously 
negotiated data.
 @verbatiminclude examples/ex-client-resume.c
 
 @node Simple client example with SRP authentication
address@hidden Simple client example with @acronym{SRP} authentication
address@hidden Simple Client Example with @acronym{SRP} Authentication
 
 The following client is a very simple @acronym{SRP} @acronym{TLS}
 client which connects to a server and authenticates using a
@@ -2236,7 +2236,7 @@ itself using a certificate, and in that case it has to be 
verified.
 @verbatiminclude examples/ex-client-srp.c
 
 @node Simple client example with TLS/IA support
address@hidden Simple client example with @acronym{TLS/IA} support
address@hidden Simple Client Example with @acronym{TLS/IA} Support
 
 The following client is a simple client which uses the
 @acronym{TLS/IA} extension to authenticate with the server.
@@ -2244,7 +2244,7 @@ The following client is a simple client which uses the
 @verbatiminclude examples/ex-client-tlsia.c
 
 @node Simple client example with authorization support
address@hidden Simple client example with authorization support
address@hidden Simple Client Example with Authorization Support
 
 The following client require that the server sends authorization data,
 and the client will send authorization data to the server as well.
@@ -2253,7 +2253,7 @@ For authentication, X.509 is used.
 @verbatiminclude examples/ex-client-authz.c
 
 @node Helper function for TCP connections
address@hidden Helper function for TCP connections
address@hidden Helper Function for TCP Connections
 
 This helper function abstracts away TCP connection handling from the
 other examples.  It is required to build some examples.
@@ -2276,7 +2276,7 @@ servers, using @acronym{GnuTLS}.
 @end menu
 
 @node Echo Server with X.509 authentication
address@hidden Echo Server with @acronym{X.509} authentication
address@hidden Echo Server with @acronym{X.509} Authentication
 
 This example is a very simple echo server which supports
 @acronym{X.509} authentication, using the RSA ciphersuites.
@@ -2284,7 +2284,7 @@ This example is a very simple echo server which supports
 @verbatiminclude examples/ex-serv1.c
 
 @node Echo Server with X.509 authentication II
address@hidden Echo Server with @acronym{X.509} authentication II
address@hidden Echo Server with @acronym{X.509} Authentication II
 
 The following example is a server which supports @acronym{X.509}
 authentication.  This server supports the export-grade cipher suites,
@@ -2293,7 +2293,7 @@ the DHE ciphersuites and session resuming.
 @verbatiminclude examples/ex-serv-export.c
 
 @node Echo Server with OpenPGP authentication
address@hidden Echo Server with @acronym{OpenPGP} authentication
address@hidden Echo Server with @acronym{OpenPGP} Authentication
 @cindex @acronym{OpenPGP} Server
 
 The following example is an echo server which supports
@@ -2305,7 +2305,7 @@ them to keep these examples as simple as possible.
 @verbatiminclude examples/ex-serv-pgp.c
 
 @node Echo Server with SRP authentication
address@hidden Echo Server with @acronym{SRP} authentication
address@hidden Echo Server with @acronym{SRP} Authentication
 
 This is a server which supports @acronym{SRP} authentication. It is
 also possible to combine this functionality with a certificate
@@ -2314,7 +2314,7 @@ server. Here it is separate for simplicity.
 @verbatiminclude examples/ex-serv-srp.c
 
 @node Echo Server with anonymous authentication
address@hidden Echo Server with anonymous authentication
address@hidden Echo Server with Anonymous Authentication
 
 This example server support anonymous authentication, and could be
 used to serve the example client for anonymous authentication.
@@ -2322,7 +2322,7 @@ used to serve the example client for anonymous 
authentication.
 @verbatiminclude examples/ex-serv-anon.c
 
 @node Echo Server with authorization support
address@hidden Echo Server with authorization support
address@hidden Echo Server with Authorization Support
 
 This example server support authorization data, and can be used to
 serve the example client with authorization support.
@@ -2340,7 +2340,7 @@ serve the example client with authorization support.
 @end menu
 
 @node Checking for an alert
address@hidden Checking for an alert
address@hidden Checking for an Alert
 
 This is a function that checks if an alert has been received in the
 current session.
@@ -2348,7 +2348,7 @@ current session.
 @verbatiminclude examples/ex-alert.c
 
 @node X.509 certificate parsing example
address@hidden @acronym{X.509} certificate parsing example
address@hidden @acronym{X.509} Certificate Parsing Example
 @anchor{ex:x509-info}
 
 To demonstrate the @acronym{X.509} parsing capabilities an example program is
@@ -2358,7 +2358,7 @@ information about it.
 @verbatiminclude examples/ex-x509-info.c
 
 @node Certificate request generation
address@hidden Certificate request generation
address@hidden Certificate Request Generation
 @anchor{ex:crq}
 
 The following example is about generating a certificate request, and a
@@ -2368,7 +2368,7 @@ which should return a signed certificate.
 @verbatiminclude examples/ex-crq.c
 
 @node PKCS #12 structure generation
address@hidden @acronym{PKCS} #12 structure generation
address@hidden @acronym{PKCS} #12 Structure Generation
 @anchor{ex:pkcs12}
 
 The following example is about generating a @acronym{PKCS} #12
@@ -2615,7 +2615,7 @@ Usage: gnutls-serv [options]
      --copyright              prints the program's license
 @end verbatim
 
address@hidden Setting up a test HTTPS server
address@hidden Setting Up a Test HTTPS Server
 @cindex HTTPS server
 @cindex debug server
 
diff --git a/doc/signatures.texi b/doc/signatures.texi
index 85d17db..7ad761f 100644
--- a/doc/signatures.texi
+++ b/doc/signatures.texi
@@ -56,7 +56,7 @@ sometime in the future, SHA-1 will be disabled as well.  The 
collision
 attacks on SHA-1 may also get better, given the new interest in tools
 for creating them.
 
address@hidden Supported algorithms
address@hidden Supported Algorithms
 The available digital signature algorithms in @acronym{GnuTLS} are
 listed below:
 
@@ -96,7 +96,7 @@ the EU project RIPE. Outputs 160 bits of data.
 @end table
 
 
address@hidden Trading security for interoperability
address@hidden Trading Security for Interoperability
 
 If you connect to a server and use GnuTLS' functions to verify the
 certificate chain, and get a @ref{GNUTLS_CERT_INSECURE_ALGORITHM}
-- 
1.5.2.1