ABI
Tracker

(GnuTLS)




Changelog for 3.1.20 version



2014-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/rnd.c: use RUSAGE_THREAD when available

2014-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.20

2014-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: corrected typo

2014-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-27  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_db.c: correctly read the magic number and timestamp;
	report and patch by Jonathan Roudiere

2014-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2014-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/libgnutls.map: exported missing functions

2014-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c: fixed null pointer derefence when printing a
	name and an LDAP description isn't present for the OID Conflicts: 	lib/x509/common.c

2014-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/libgnutls.map: exported gnutls_x509_policy_release

2014-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-ocsptool.texi, doc/invoke-p11tool.texi,
	doc/invoke-psktool.texi, doc/invoke-srptool.texi,
	doc/invoke-tpmtool.texi: doc update

2014-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2014-01-20  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_handshake.c: correctly address cookie

2014-01-20  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_pubkey.c: always set subkey status

2014-01-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_priority.c: when freeing priority_cache make sure it is
	set to NULL

2014-01-07  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2014-01-06  Nils Maier <maierman@web.de>

	* lib/ext/status_request.c: Fix CERTIFICATE STATUS processing when
	using non-blocking I/O _gnutls_recv_server_certificate_status() must wait for the first
	full packet before setting priv->expect_cstatus = 0, or else
	CERTIFCATE STATUS packets won't be processed in subsequent calls at
	all, leaving them in the buffer and therefore causing later
	connection aborts.

2013-12-26  Gustavo Zacarias <gustavo@zacarias.com.ar>

	* src/crywrap/Makefile.am: Add LIB_CLOCK_GETTIME to crywrap It's used indirectly thus causing build breakage on versions of
	glibc where it's defined in librt rather than libc directly.  Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

2013-12-23  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/cli.c: corrected key ID size check

2013-12-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, m4/hooks.m4: bumped version

2013-12-18  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-12  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/auth/dh_common.c: Enforce the DEFAULT_MAX_VERIFY_BITS for DH
	prime size as well.  Conflicts: 	lib/auth/dh_common.c Conflicts: 	lib/auth/dh_common.c

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi: doc update

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* doc/Makefile.am: backported makefile for doc generation

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* configure.ac, lib/system.c: Added configure option
	--with-default-blacklist-file This option allows to specify a file containing blacklisted
	certificates.  Conflicts: 	lib/system.c

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/x509/verify-high.c, lib/x509/verify-high2.c: 
	gnutls_x509_trust_list_remove_cas() and derivatives will utilize a
	black list.  When a CA or certificate is removed from the trusted list, it is
	also added in a blacklist to ensure that it will not be accepted due
	to interdependency (e.g., it is a subordinate CA), or because it is
	not a CA.  Conflicts: 	lib/x509/verify-high.c

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/x509/verify-high2.c: Corrected documentation for
	gnutls_x509_trust_list_add_trust_*

2013-11-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.h: Detect the presence of posix locks even without
	linked to libpthread.

2013-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/coff/appro-aes-gcm-x86-64-coff.s,
	lib/accelerated/x86/coff/appro-aes-x86-64-coff.s,
	lib/accelerated/x86/coff/padlock-x86-64-coff.s,
	lib/accelerated/x86/coff/padlock-x86-coff.s,
	lib/accelerated/x86/elf/appro-aes-gcm-x86-64.s,
	lib/accelerated/x86/elf/appro-aes-x86-64.s,
	lib/accelerated/x86/elf/padlock-x86-64.s,
	lib/accelerated/x86/elf/padlock-x86.s,
	lib/accelerated/x86/macosx/appro-aes-gcm-x86-64-macosx.s,
	lib/accelerated/x86/macosx/appro-aes-x86-64-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-64-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-macosx.s: updated
	auto-generated asm files. This fixes a valgrind complaint when
	AES-NI is in use.

2013-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* devel/perlasm/aesni-x86.pl, devel/perlasm/aesni-x86_64.pl,
	devel/perlasm/cbc.pl, devel/perlasm/e_padlock-x86.pl,
	devel/perlasm/e_padlock-x86_64.pl, devel/perlasm/ghash-x86.pl,
	devel/perlasm/ghash-x86_64.pl, devel/perlasm/ppc-xlate.pl,
	devel/perlasm/x86_64-xlate.pl, devel/perlasm/x86asm.pl,
	devel/perlasm/x86gas.pl, devel/perlasm/x86masm.pl,
	devel/perlasm/x86nasm.pl: updated perlasm files

2013-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: updated e-mail address

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/Makefile.am, src/libopts/Makefile.am: compile
	libopts as a libtool library

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi,
	doc/manpages/tpmtool.1: updated autogenerated files.

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: corrected libopts check

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: corrected path

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Corrected check of usage of local libopts when
	autogen isn't present

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.17

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_compress.c: disallow any compression in DTLS

2013-11-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/session_ticket.c: generate separate IV for session
	tickets.

2013-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/aes-x86.c, lib/gnutls_global.h,
	lib/gnutls_priority.c: GCM modes are always preferred to CBC

2013-07-16  Matt Whitlock <matt@whitlock.name>

	* lib/gnutls_buffers.c: avoid leaking a buffer element when
	_gnutls_stream_read returns 0

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi, src/args-std.def: 
	doc update

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.def, src/certtool-cfg.c, src/certtool.c: Check
	for overflows when setting time and allow a time of -1.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c: Dates and time that would overflow the
	GeneralTime are also truncated.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c, lib/x509/x509_write.c: An expiration time of
	(time_t)-1 will set to the no well-defined expiration date value.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/base64.c, gl/intprops.h, gl/isnan.c,
	gl/m4/extern-inline.m4, gl/m4/gnulib-cache.m4, maint.mk: updated
	gnulib

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/testcompat, tests/suite/testcompat-main: backported
	testsuite

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: correctly set the ciphersuite when the
	set_premaster interface is used.

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Report the inclusion of libopts and libtasn1.

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-11-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-13  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/udp-serv.c: corrected bug in gnutls-cli when used on IPv6
	addresses.

2013-11-12  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_global.c: doc update

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-handshake-timeout.c: Ignore SIGPIPE.  Diagnosed by Petr Salinger and Steven Chamberlain. Reported by
	Andreas Metzler.

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-p11tool.texi: doc update

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: updated for new libopts

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/Makefile.am, src/libopts/ag-char-map.h,
	src/libopts/alias.c, src/libopts/ao-strs.c, src/libopts/ao-strs.h,
	src/libopts/autoopts.c, src/libopts/autoopts.h,
	src/libopts/autoopts/options.h, src/libopts/autoopts/project.h,
	src/libopts/autoopts/usage-txt.h, src/libopts/compat/compat.h,
	src/libopts/compat/pathfind.c, src/libopts/compat/strchr.c,
	src/libopts/configfile.c, src/libopts/enum.c, src/libopts/find.c,
	src/libopts/genshell.c, src/libopts/genshell.h,
	src/libopts/gettext.h, src/libopts/init.c, src/libopts/load.c,
	src/libopts/m4/libopts.m4, src/libopts/makeshell.c,
	src/libopts/option-value-type.c, src/libopts/option-value-type.h,
	src/libopts/option-xat-attribute.c,
	src/libopts/option-xat-attribute.h, src/libopts/pgusage.c,
	src/libopts/proto.h, src/libopts/putshell.c, src/libopts/restore.c,
	src/libopts/save.c, src/libopts/stack.c, src/libopts/streqvcmp.c,
	src/libopts/text_mmap.c, src/libopts/usage.c, src/libopts/version.c: 
	updated libopts

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, NEWS, configure.ac, src/certtool-args.c,
	src/certtool-args.h, src/cli-args.c, src/cli-args.h,
	src/cli-debug-args.c, src/cli-debug-args.h, src/danetool-args.c,
	src/danetool-args.h, src/ocsptool-args.c, src/ocsptool-args.h,
	src/p11tool-args.c, src/p11tool-args.h, src/psk-args.c,
	src/psk-args.h, src/serv-args.c, src/serv-args.h,
	src/srptool-args.c, src/srptool-args.h, src/tpmtool-args.c,
	src/tpmtool-args.h: Distribute the autogen'erated files as .bak and
	enable them only if local libopts is being used

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/p11tool-args.def: doc update

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c: Read GNUTLS_PKCS11_PIN environment variable.

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pkcs11.c: removed unused variable

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509_dn.c: bug fix in gnutls_x509_crt_set_dn() at DN
	parsing.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509_dn.c: removed debugging info

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11_write.c: write the proper key ID in the token

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: do not traverse PKCS #11 tokens that were not
	requested.

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_errors.c: doc update

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: do not set any default level

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: Assign very weak level to priority string
	NONE only.

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: Corrected the naming of several PSK
	ciphersuites

2013-10-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: Ciphersuites with ARCFOUR in name
	were renamed to ARCFOUR_128

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-10-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, doc/cha-tokens.texi: Support for TPM modules
	via trousers is now enabled by default.

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/sign.c: Added additional ISO OIDs for RSA-MD5 and
	DSA-SHA1.

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: Do not print private key parameters when exporting
	an encrypted private key.

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.16

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/config.rpath, build-aux/gendocs.sh,
	build-aux/pmccabe2html, build-aux/test-driver, gl/Makefile.am,
	gl/argp-fmtstream.h, gl/argp-help.c, gl/argp.h, gl/c-ctype.h,
	gl/dup2.c, gl/error.c, gl/fseeko.c, gl/intprops.h, gl/m4/dup2.m4,
	gl/m4/extensions.m4, gl/m4/extern-inline.m4, gl/m4/frexp.m4,
	gl/m4/fseeko.m4, gl/m4/getdtablesize.m4, gl/m4/gnulib-comp.m4,
	gl/m4/intl.m4, gl/m4/inttypes.m4, gl/m4/lock.m4,
	gl/m4/manywarnings.m4, gl/m4/po.m4, gl/m4/putenv.m4,
	gl/m4/stdalign.m4, gl/m4/sys_types_h.m4, gl/m4/unistd_h.m4,
	gl/m4/warnings.m4, gl/math.in.h, gl/msvc-inval.c, gl/signal.in.h,
	gl/stdalign.in.h, gl/stdio-impl.h, gl/stdio.in.h,
	gl/strerror-override.h, gl/sys_select.in.h, gl/sys_socket.in.h,
	gl/sys_time.in.h, gl/tests/Makefile.am, gl/tests/binary-io.h,
	gl/tests/getcwd-lgpl.c, gl/tests/getdtablesize.c,
	gl/tests/ignore-value.h, gl/tests/inttypes.in.h, gl/tests/macros.h,
	gl/tests/malloca.c, gl/tests/malloca.h, gl/tests/putenv.c,
	gl/tests/test-dup2.c, gl/tests/test-getaddrinfo.c,
	gl/tests/test-getdtablesize.c, gl/tests/test-snprintf.c,
	gl/tests/test-sys_select.c, gl/tests/test-sys_socket.c,
	gl/tests/test-sys_time.c, gl/tests/test-vasnprintf.c,
	gl/tests/test-vsnprintf.c, gl/timespec.h, gl/u64.h, gl/unistd.in.h,
	gl/vasnprintf.c, gl/verify.h, gl/xsize.h, maint.mk: Updated gnulib

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: reindented code

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: removed unused parameter

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: Reorganized main loop in dane_raw_tlsa

2013-10-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am: changes before release

2013-07-16  Adam Sampson <ats@offog.org>

	* doc/scripts/gdoc: Avoid depending on hash order in gdoc.  Previously, gdoc had a hash of regexp replacements for each output
	format, and applied the replacements in the order that "keys"
	returned for the hash. However, not all orders are safe -- and now
	that Perl 5.18 randomises hash order per-process, it only worked
	sometimes! For example, this order is OK: 'is a #gnutls_session_t structure.' '\@([A-Za-z0-9_]+)\s*' -> 'is a
	#gnutls_session_t structure.' '\%([A-Za-z0-9_]+)' -> 'is a
	#gnutls_session_t structure.' '\#([A-Za-z0-9_]+)' -> 'is a
	@code{gnutls_session_t}  structure.' '([A-Za-z0-9_]+\(\))' -> 'is a
	@code{gnutls_session_t}  structure.' This one, however, winds up producing invalid texinfo: 'is a #gnutls_session_t structure.' '\%([A-Za-z0-9_]+)' -> 'is a
	#gnutls_session_t structure.' '([A-Za-z0-9_]+\(\))' -> 'is a
	#gnutls_session_t structure.' '\#([A-Za-z0-9_]+)' -> 'is a
	@code{gnutls_session_t}  structure.' '\@([A-Za-z0-9_]+)\s*' -> 'is a
	@code{code} {gnutls_session_t}  structure.' This patch turns the hash into a list, so the replacements will
	always be done in the intended order.  Signed-off-by: Adam Sampson <ats@offog.org>

2013-10-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, libdane/dane.c: corrected dane doc

2013-10-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-cfg.c: corrected type of path_len

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/libdane.map: exported symbols

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-21  Christian Grothoff <christian@grothoff.org>

	* libdane/dane.c, libdane/includes/gnutls/dane.h: Adding
	dane_verify_crt_raw to allow direct verification of a certificate
	chain against a dane_query_t (for example, as provided by the new
	dane_raw_tlsa).  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, m4/hooks.m4: bumped dane library version

2013-10-21  Christian Grothoff <christian@grothoff.org>

	* libdane/dane.c, libdane/includes/gnutls/dane.h: Adding
	dane_raw_tlsa to allow initialization of dane_query_t from DANE
	records based on external DNS resolutions. Also fixing a buffer
	overflow.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-srptool.texi, src/srptool-args.c, src/srptool-args.h: 
	autogen'ed files update

2013-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-04  Attila Molnar <attilamolnar@hush.com>

	* src/srptool.c: Fix srptool issues From dc3a0d6d8d4aa98ccb19641e6668a03d77f381f1 Mon Sep 17 00:00:00
	2001 From: Attila Molnar <attilamolnar@hush.com> Date: Tue, 1 Oct
	2013 13:42:10 +0200 Subject: [PATCH 2/2] srptool: Fix segfault when
	 an invalid group parameter index is given If no group with the given index was found in the password conf file
	srptool crashed instead of reporting the error because the return
	value of fgets() wasn't validated before it was passed to atoi().  Signed-off-by: Attila Molnar <attilamolnar@hush.com>

2013-10-04  Attila Molnar <attilamolnar@hush.com>

	* src/srptool-args.def, src/srptool.c: Fix srptool issues From 1fac0e5352e88addb8bf57dcac126918f19d7303 Mon Sep 17 00:00:00
	2001 From: Attila Molnar <attilamolnar@hush.com> Date: Tue, 1 Oct
	2013 13:40:01 +0200 Subject: [PATCH 1/2] srptool: Fix inability to
	 add users to tpasswd and broken -i switch Signed-off-by: Attila Molnar <attilamolnar@hush.com>

2013-10-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/tpm.c: include config.h in tpm.c

2013-09-15  Ludovic Courtès <ludo@gnu.org>

	* guile/src/Makefile.am: guile: Make builds parallel-safe.  Reported by Andreas Metzler <ametzler@bebt.de>.

2013-08-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/iconv_open-aix.h, gl/iconv_open-hpux.h, gl/iconv_open-irix.h,
	gl/iconv_open-osf.h, gl/iconv_open-solaris.h: updated

2013-08-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/libgnutls.map, m4/hooks.m4: exported
	gnutls_record_set_timeout

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: corrected typo

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: avoid documentation rebuild

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: fixed guile-site-dir

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-08-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-08-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: only register current session when not
	resuming

2013-08-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pkcs11.c: removed unused code

2013-08-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pkcs11.c: Do not try to parse arbitrary objects as
	certificates.

2013-07-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-gtls-app.texi, lib/gnutls_priority.c: Added the PFS
	priority string option.

2013-08-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2013-07-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: allow empty fragments with padding.

2013-07-17  Stefan Bühler <stbuehler@web.de>

	* lib/gnutls_priority.c: gnutls priority string parsing bug fix Fix priority string parsing (example: "NONE:+MAC-ALL:-SHA1:+SHA1"
	misses SHA1 and has MD5 twice) prio_remove doesn't zero the removed element, prio_add (and perhaps
	other functions) assumes the list to be zero terminated.  Make prio_remove zero the element at the end, and use the actual
	length of the list in prio_add.  Relying on the trailing zero will fail if the list is full, and
	might lead to invalid memory accesses as the loop won't stop until
	it finds either the algorithm identifier or 0.

2013-07-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: when removing a cipher priority, make sure
	the order is kept

2013-06-06  Ludovic Courtès <ludo@gnu.org>

	* guile/tests/Makefile.am: guile: Use `LOG_COMPILER', as required by
	Automake 1.12+.

2013-06-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* guile/tests/priorities.scm: corrected priority strings

2013-07-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, build-aux/ar-lib, build-aux/config.rpath: bumped version

2013-07-04  Stef Walter <stefw@redhat.com>

	* lib/pkcs11.c: pkcs11: Use the correct attribute length for
	CKA_TRUSTED CKA_TRUSTED is a CK_BBOOL value in PKCS#11. Since object searches
	are done with the attribute byte values, we need to get the length
	exactly right.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-07-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c: corrected typo

2013-07-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: depend on newer automake

2013-07-10  Gustavo Zacarias <gustavo@zacarias.com.ar>

	* lib/accelerated/cryptodev.c: Eliminate reset from cryptodev hashes
	and mac It wasn't done in 73ec74c2 and 6f0ecbf4 for cryptodev causing build
	failures.  Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: When resuming a session send only the
	mandatory extensions.  That will make server behavior to conform to TLS RFC. Reported by
	Peter Dettman.

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c: Include MKI size in size calculations for the
	extension.  This prevents a parsing error when MKI is being used.  Reported by
	Gábor Tatárka.

2013-06-28  Ludovic Courtès <ludo@gnu.org>

	* guile/tests/anonymous-auth.scm, guile/tests/openpgp-auth.scm,
	guile/tests/x509-auth.scm: guile: tests: Use `port->fdes' rather
	than `fileno'.  This has no practical impact, but it's a better way to express that
	we don't want the file descriptors closed behind our back.

2013-06-28  Ludovic Courtès <ludo@gnu.org>

	* guile/src/core.c: guile: Keep a weak reference on objects
	aggregated by other objects.  Before, in cases such as `set-anonymous-server-dh-parameters!' where
	the C object beneath CRED keeps a pointer to the C object beneath
	DH_PARAMS, DH_PARAMS could be garbage-collected before CRED, leading
	to the destruction of the underlying C object.  Reported by Nikos Mavrogiannopoulos <nmav@gnutls.org>.

2013-06-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-06-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: enforce the maximum TLS size when setting MTU

2013-06-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* po/pl.po.in: Updated polish translation. Submitted by Jakub
	Bogusz.

2013-06-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am, lib/gnutls.pc.in, lib/nettle/Makefile.am,
	m4/hooks.m4: Directly link to gmp library. Based on original patch
	by Alon Bar-Lev.

2013-06-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.12

2013-06-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool-args.c, src/tpmtool-args.h: updated autogen generated
	files

2013-06-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: check for suse's CA bundle file

2013-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/openpgp/privkey.c: call cleanup and deinit on the correct
	number of parameters

2013-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pk.c: avoid calling clear on null values

2013-05-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-xssl.c: ignore sigpipe

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* po/LINGUAS, po/eo.po.in: Sync with TP.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: allow ciphersuites with elliptic
	curves even when using SSL 3.0.  This works around a bug on openssl in certain Debian systems.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-xssl.c: updated xssl.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi,
	doc/manpages/tpmtool.1, src/certtool-args.c, src/certtool-args.h,
	src/cli-args.c, src/cli-args.h, src/cli-debug-args.c,
	src/cli-debug-args.h, src/danetool-args.c, src/danetool-args.h,
	src/ocsptool-args.c, src/ocsptool-args.h, src/p11tool-args.c,
	src/p11tool-args.h, src/psk-args.c, src/psk-args.h,
	src/serv-args.c, src/serv-args.h, src/srptool-args.c,
	src/srptool-args.h: updated libopts' generated files

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/COPYING.gplv3, src/libopts/COPYING.lgplv3,
	src/libopts/Makefile.am, src/libopts/README,
	src/libopts/ag-char-map.h, src/libopts/alias.c,
	src/libopts/ao-strs.c, src/libopts/ao-strs.h,
	src/libopts/autoopts.c, src/libopts/autoopts.h,
	src/libopts/autoopts/options.h, src/libopts/autoopts/project.h,
	src/libopts/autoopts/usage-txt.h, src/libopts/boolean.c,
	src/libopts/check.c, src/libopts/compat/compat.h,
	src/libopts/compat/pathfind.c, src/libopts/compat/snprintf.c,
	src/libopts/compat/strchr.c, src/libopts/compat/strdup.c,
	src/libopts/compat/windows-config.h, src/libopts/configfile.c,
	src/libopts/cook.c, src/libopts/enum.c, src/libopts/env.c,
	src/libopts/file.c, src/libopts/find.c, src/libopts/genshell.c,
	src/libopts/genshell.h, src/libopts/gettext.h, src/libopts/init.c,
	src/libopts/libopts.c, src/libopts/load.c,
	src/libopts/m4/libopts.m4, src/libopts/m4/liboptschk.m4,
	src/libopts/makeshell.c, src/libopts/nested.c,
	src/libopts/numeric.c, src/libopts/option-value-type.c,
	src/libopts/option-value-type.h,
	src/libopts/option-xat-attribute.c,
	src/libopts/option-xat-attribute.h, src/libopts/parse-duration.c,
	src/libopts/parse-duration.h, src/libopts/pgusage.c,
	src/libopts/proto.h, src/libopts/putshell.c, src/libopts/reset.c,
	src/libopts/restore.c, src/libopts/save.c, src/libopts/sort.c,
	src/libopts/stack.c, src/libopts/streqvcmp.c,
	src/libopts/text_mmap.c, src/libopts/time.c,
	src/libopts/tokenize.c, src/libopts/usage.c, src/libopts/version.c: 
	updated libopts

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms.h, lib/gnutls_dtls.c: corrected AEAD tag size

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-overhead.c: removed unsupported ciphersuites

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/mini-overhead.c: Check overhead in DTLS.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: more precise calculation of DTLS overhead

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c: doc update

2013-05-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-05-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: revive gnutls_handshake_get_last_in().
	Report by Mann Ern Kang.

2013-05-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: use sigaction instead of signal in gnutls-cli

2013-05-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: Revert "break the loop when a SIGALRM has been
	received" This reverts commit f46c6c38c1136eef770189aa21915423f5df4985.

2013-05-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: break the loop when a SIGALRM has been received

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_str.c: documented function behavior

2013-05-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_str.c, lib/opencdk/keydb.c, lib/opencdk/sig-check.c,
	lib/x509/common.c, lib/x509/verify-high2.c, lib/x509/verify.c,
	lib/x509/x509.c, lib/xssl.c, libdane/dane.c: several updates

2013-05-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/danetool.c: print message on certificate verification

2013-05-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/mini-eagain2.c, tests/suite/mini-record-timing.c: 
	corrected include paths

2013-05-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-05-10  Tim Kosse <tim.kosse@filezilla-project.org>

	* tests/eagain-common.h: When retrying gnutls_record_send due to
	GNUTLS_E_AGAIN, also try passing null data and length. Tests will
	fail after this patch until next patch is applied that fixes a bug
	in gnutls_record_send.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-05-10  Tim Kosse <tim.kosse@filezilla-project.org>

	* lib/gnutls_record.c: If gnutls_record_send fails with
	GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED, the documentation allows
	passing null for the data and size on retry.  Commit 2ec84d6 broke this usage of gnutls_record_send. This patch
	fixes the problem.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-05-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-internals.texi, lib/gnutls_ui.c: typo fixes by Andreas
	Metzler

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls-stress.c: updated path

2013-05-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.11

2013-05-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/utils.h: Do not call gnutls_pkcs11_init() when pkcs11 is
	disabled. Reported by Linus Nordberg.

2013-05-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/anonself.c, tests/certder.c,
	tests/certificate_set_x509_crl.c, tests/certuniqueid.c,
	tests/chainverify-unsorted.c, tests/chainverify.c,
	tests/crq_apis.c, tests/crq_key_id.c, tests/cve-2008-4989.c,
	tests/cve-2009-1415.c, tests/cve-2009-1416.c, tests/dhepskself.c,
	tests/dn.c, tests/dn2.c, tests/dtls/dtls-stress.c, tests/gc.c,
	tests/hostname-check.c, tests/infoaccess.c, tests/init_roundtrip.c,
	tests/key-openssl.c, tests/mini-deflate.c,
	tests/mini-dtls-heartbeat.c, tests/mini-dtls-record.c,
	tests/mini-dtls-rehandshake.c, tests/mini-dtls-srtp.c,
	tests/mini-eagain-dtls.c, tests/mini-eagain.c,
	tests/mini-emsgsize-dtls.c, tests/mini-handshake-timeout.c,
	tests/mini-loss-time.c, tests/mini-record-range.c,
	tests/mini-record.c, tests/mini-rehandshake.c, tests/mini-tdb.c,
	tests/mini-termination.c, tests/mini-x509-2.c,
	tests/mini-x509-callbacks.c, tests/mini-x509-cas.c,
	tests/mini-x509.c, tests/mini-xssl.c, tests/mini.c, tests/moredn.c,
	tests/mpi.c, tests/nul-in-x509-names.c, tests/ocsp.c,
	tests/openpgp-auth.c, tests/openpgp-auth2.c,
	tests/openpgp-keyring.c, tests/openpgpself.c, tests/openssl.c,
	tests/parse_ca.c, tests/pgps2kgnu.c, tests/pkcs12_encode.c,
	tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c, tests/pkcs12_simple.c,
	tests/pskself.c, tests/resume-dtls.c, tests/resume.c,
	tests/rng-fork.c, tests/rsa-encrypt-decrypt.c,
	tests/safe-renegotiation/srn0.c, tests/safe-renegotiation/srn1.c,
	tests/safe-renegotiation/srn2.c, tests/safe-renegotiation/srn3.c,
	tests/safe-renegotiation/srn4.c, tests/safe-renegotiation/srn5.c,
	tests/set_pkcs12_cred.c, tests/setcredcrash.c,
	tests/slow/cipher-test.c, tests/slow/gendh.c, tests/slow/keygen.c,
	tests/srp/mini-srp.c, tests/suite/mini-eagain2.c,
	tests/suite/mini-record-timing.c, tests/utils.h,
	tests/x509_altname.c, tests/x509cert-tl.c, tests/x509cert.c,
	tests/x509dn.c, tests/x509self.c, tests/x509sign-verify.c: When
	running tests disable PKCS #11 support to avoid detecting memory
	leaks from PKCS #11 libraries.

2013-05-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/invoke-certtool.texi,
	doc/invoke-danetool.texi, doc/invoke-gnutls-cli-debug.texi,
	doc/invoke-gnutls-cli.texi, doc/invoke-gnutls-serv.texi,
	doc/invoke-ocsptool.texi, doc/invoke-p11tool.texi,
	doc/invoke-psktool.texi, doc/invoke-srptool.texi,
	doc/invoke-tpmtool.texi, doc/manpages/Makefile.am,
	doc/manpages/tpmtool.1: doc update

2013-05-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk, lib/accelerated/x86/macosx/appro-aes-gcm-x86-64-macosx.s,
	lib/accelerated/x86/macosx/appro-aes-x86-64-macosx.s,
	lib/accelerated/x86/macosx/appro-aes-x86-macosx.s,
	lib/accelerated/x86/macosx/cpuid-x86-64-macosx.s,
	lib/accelerated/x86/macosx/cpuid-x86-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-64-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-macosx.s: use C's style
	comments to compile in old MacOSX systems. Reported by Ryan Schmidt.

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-auth.texi: doc update

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c: removed unneeded variable

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, doc/cha-intro-tls.texi, lib/ext/Makefile.am,
	lib/ext/alpn.c, lib/ext/alpn.h, lib/gnutls_extensions.c,
	lib/gnutls_int.h, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, m4/hooks.m4, tests/Makefile.am,
	tests/mini-alpn.c: Revert "Added support for the ALPN extension." This reverts commit eb51efe375781115473320e64e73c440d6d1ff3c.

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi: Revert "mention about experimental
	protocols" This reverts commit 28e42466ed279efda120f59b9340f7758885e48b.

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: Revert "documented update" This reverts commit 85564d9b3775058935939029a49d182343b70665.

2013-05-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-05-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-cfg.c, src/certtool-cfg.h, src/certtool.c: set the
	key purpose in certificate requests

2013-05-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c, libdane/includes/gnutls/dane.h: corrected typo.
	reported by Etan Reisner.

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated doc

2013-04-27  Stef Walter <stefw@redhat.com>

	* tests/suite/mini-record-timing.c: test suite: Add missing header Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-04-27  Stef Walter <stefw@redhat.com>

	* lib/x509/common.c: Add the standard description OID to those
	recognized for DNs Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c, lib/x509/dn.c: Always escape printable strings
	the LDAP way, and avoid escaping hex encoded values. Report and
	initial patch from Stef Walter.

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c, lib/x509/common.h: Do not include null
	terminator in DN string.  When printing an unknown DN string as hex do not include the null
	terminator.  Reported by Stef Walter.

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/sha-padlock.c: initialize the digest after
	output on padlock.

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/certtool-cfg.c, src/certtool-cfg.h, src/certtool.c,
	src/pkcs11.c: read_yesno() accepts a default value. By default
	certificates are marked as ok for signing and encryption.

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/hmac-padlock.c,
	lib/accelerated/x86/sha-padlock.c, lib/crypto-backend.h,
	lib/gnutls_cipher_int.c, lib/gnutls_hash_int.c,
	lib/gnutls_hash_int.h, lib/nettle/mac.c: Do not handle MAC and hash
	reset separately. It is implied by nettle's output functions.

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/crypto-api.c: updated documentation

2013-04-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.h, lib/gnutls_cert.c, lib/gnutls_x509.c: use the
	pass argument on PKCS #11 keys.

2013-04-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/hmac-padlock.c,
	lib/accelerated/x86/sha-padlock.c: corrected memory leak in
	padlock_hash_fast()

2013-04-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2013-04-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi: mention about experimental protocols

2013-04-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, doc/cha-intro-tls.texi, lib/ext/Makefile.am,
	lib/ext/alpn.c, lib/ext/alpn.h, lib/gnutls_extensions.c,
	lib/gnutls_int.h, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, m4/hooks.m4, tests/Makefile.am,
	tests/mini-alpn.c: Added support for the ALPN extension.

2013-04-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-crypto.texi: doc update

2013-04-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-crypto.texi: Added documentation on public key API.

2013-04-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-gtls-app.texi, lib/gnutls_priority.c: Added priority
	string VERS-DTLS-ALL

2013-04-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: added note about LGPLv3

2013-04-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system_override.c: doc update

2013-04-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c: use unlikely

2013-04-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: updated

2013-04-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-cert-auth2.texi, doc/cha-gtls-app.texi,
	doc/cha-tokens.texi, lib/gnutls_x509.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
	gnutls_certificate_set_x509_key_mem2() and
	gnutls_certificate_set_x509_key_file2()

2013-04-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, doc/cha-gtls-examples.texi,
	lib/gnutls_privkey.c, lib/x509/pkcs12.c, lib/x509/privkey.c: doc
	updates

2013-04-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_range.c: updates in range handling code.

2013-04-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/mini-record-range.c: Added test for
	record ranges.

2013-04-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-04-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c: print the signatures used.

2013-04-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/signature.c, lib/ext/signature.h, lib/gnutls_int.h,
	lib/gnutls_session_pack.c, lib/gnutls_sig.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
	gnutls_sign_algorithm_get_client()

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c, m4/hooks.m4: Changed license of heartbeat
	implementation to match the rest of the library

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-internals.texi: updated text

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c: gnutls_pong() returns zero on success.

2013-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-dtls-heartbeat.c: Check all error conditions.

2013-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c: Corrected bug in heartbeat send (reported by
	Joke de Buhr).

2013-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: make a short list of the available PK
	algorithms

2013-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: corrected issue in ecccertfile option

2013-03-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c, lib/gnutls_pubkey.c,
	lib/includes/gnutls/abstract.h, tests/x509sign-verify.c: Added sign
	and verification flags to operate in RSA raw mode (as used in TLS).

2013-03-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/rsa.c, lib/gnutls_int.h: When in compatibility mode allow
	for a wrong version in the RSA PMS.

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* devel/perlasm/license-gnutls.txt,
	lib/accelerated/x86/coff/cpuid-x86-64-coff.s,
	lib/accelerated/x86/coff/cpuid-x86-coff.s,
	lib/accelerated/x86/elf/cpuid-x86-64.s,
	lib/accelerated/x86/elf/cpuid-x86.s,
	lib/accelerated/x86/macosx/cpuid-x86-64-macosx.s,
	lib/accelerated/x86/macosx/cpuid-x86-macosx.s,
	lib/ext/status_request.h, lib/gnutlsxx.cpp,
	lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/ocsp.h,
	lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/x509/verify-high.h: changed license headers to 2.1. Reported by
	Andreas Metzler.

2013-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/invoke-certtool.texi,
	doc/invoke-danetool.texi, doc/invoke-gnutls-cli-debug.texi,
	doc/invoke-gnutls-cli.texi, doc/invoke-gnutls-serv.texi,
	doc/invoke-ocsptool.texi, doc/invoke-p11tool.texi,
	doc/invoke-psktool.texi, doc/invoke-srptool.texi,
	doc/invoke-tpmtool.texi, doc/manpages/Makefile.am,
	doc/manpages/tpmtool.1: updated auto-generated files

2013-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: set release date

2013-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-internals.texi: corrected file location

2013-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/openpgp-auth.c: use return instead of exit

2013-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c: use the proper defines

2013-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/abstract_int.h, lib/auth/cert.c, lib/gnutls_pubkey.c,
	lib/includes/gnutls/abstract.h, lib/includes/gnutls/openpgp.h,
	lib/openpgp/gnutls_openpgp.c: Fixes in openpgp handshake with
	fingerprints. Reported by Joke de Buhr.

2013-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/openpgp-auth.c: openpgp-auth tests
	gnutls_openpgp_set_recv_key_function() as well.

2013-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_sig.c: correct issue with the (deprecated)
	external key signing and TLS 1.2

2013-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: search only for slots with tokens and avoid caching
	to prevent issues with multiple threads.

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi, lib/gnutls_privkey.c,
	lib/includes/gnutls/abstract.h, lib/libgnutls.map: Added
	gnutls_privkey_status()

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: avoid internal error

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: use correct type for rv

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: scan slots on PKCS #11 providers only when needed,
	not on initialization.

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c: doc update

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-library.texi: documented the new configure options

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/crypto-backend.h, lib/gnutls_mpi.h, lib/gnutls_pk.c,
	lib/nettle/mpi.c, lib/openpgp/privkey.c, lib/x509/privkey.c: Private
	key parameters are overwritten with zeros on deinitialization.

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-library.texi, doc/latex/cover.tex, doc/latex/gnutls.bib: 
	doc updates

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi: simplified text

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	lib/gnutls_privkey.c, lib/gnutls_sig.c, lib/gnutls_sig.h,
	lib/includes/gnutls/abstract.h, lib/libgnutls.map: Added
	gnutls_privkey_sign_raw_data()

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pcert.c: simplified code

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: gnutls-serv may run without certificate, but will
	issue a warning

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: gnutls-serv issues an error if no certificate and key
	pair was set.

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* COPYING.LESSER, README: gnutls 3.1.10 is LGPLv2.1

2013-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/kx.c, lib/auth/anon.c, lib/auth/anon_ecdh.c,
	lib/gnutlsxx.cpp, src/cli-debug.c, src/serv.c, src/tests.c: Added
	several ifdefs to avoid using disabled code.

2013-03-12  Daniel Kahn Gillmor <dkg@fifthhorseman.net>

	* doc/cha-bib.texi, doc/cha-tokens.texi: Document mechanism used for
	*_key_id() creation.  For the rationale behind this, see the gnutls-devl thread 'X.509
	"Key Identifiers" in GnuTLS' found either at

	http://lists.gnutls.org/pipermail/gnutls-devel/2013-March/006182.htmland
	http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/6674

2013-03-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/examples/ex-cert-select-pkcs11.c,
	doc/examples/ex-cert-select.c, doc/examples/ex-client-anon.c,
	doc/examples/ex-client-dtls.c, doc/examples/ex-client-psk.c,
	doc/examples/ex-client-srp.c, doc/examples/ex-client-x509.c,
	lib/gnutls_int.h, lib/gnutls_ui.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, src/common.c: Added gnutls_session_get_desc()

2013-03-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, lib/algorithms/ciphersuites.c, lib/algorithms/kx.c,
	lib/auth/Makefile.am, lib/auth/anon_ecdh.c, lib/auth/cert.c,
	lib/auth/cert.h, lib/auth/dh_common.c, lib/auth/dhe.c,
	lib/auth/dhe_psk.c, lib/auth/ecdh_common.c, lib/auth/ecdh_common.h,
	lib/auth/ecdhe.c, lib/auth/ecdhe.h, lib/auth/rsa_export.c,
	lib/gnutls_handshake.c, lib/gnutls_kx.c, lib/gnutls_priority.c,
	lib/gnutls_rsa_export.c, lib/gnutls_state.c, lib/gnutls_ui.c,
	m4/hooks.m4: Added options to disable more key exchange mechanisms.  In that DHE was separated from ECDHE.

2013-03-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: removed unneeded code

2013-03-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: When requesting DANE data resolve a service name into a
	port number. Reported by James Cloos.

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: removed

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi: doc update

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/dn.c: avoid duplicate memory allocation in
	_gnutls_x509_get_dn()

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/dane-test.rr: The default dane output is type 03
	now.

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c: simplified

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_ui.c, lib/gnutls_x509.c, lib/gnutls_x509.h: Return
	proper also when loading a private key.

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/tpm.h, lib/tpm.c: GNUTLS_TPMKEY_FMT_DER ->
	GNUTLS_TPMKEY_FMT_RAW

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/gnutls_x509.c: 
	return unimplemented feature on encounter of a known but unsupported
	url

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	src/danetool-args.c, src/danetool-args.def, src/danetool-args.h,
	src/danetool.c: updates in danetool

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, configure.ac: Added configure option to disable the
	build of tests.

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, src/certtool-args.c,
	src/certtool-args.def, src/certtool-args.h: updated example
	template.

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/ecore/src/lib/Ecore.h: updated

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509_b64.c: corrected allocation size

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_ui.c: simplified text

2013-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Fixes in cpu and cross-compilation detection

2013-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/dn.c, lib/x509/verify.c, lib/x509/x509.c,
	lib/x509/x509_int.h: Placed back _gnutls_x509_compare_raw_dn().

2013-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: check revocation prior to reading local certs.

2013-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c: deinitialize the certificate

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: When cross compiling do not check for ca
	certificates.

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: auto-detect CA certificates only if
	with-default-trust-store-file is not provided.

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: corrected parameters.

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/system.c, lib/x509/verify-high.c, lib/x509/verify-high2.c,
	tests/x509cert-tl.c: Added functions that remove certificates from a
	trust list.

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/includes/gnutls/dane.h: updated doc

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: Check for revoked certs in android and do not add.
	Suggested by David Woodhouse.

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: corrected add_system_trust() in the unsupported
	system case.

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c, lib/x509/common.h, lib/x509/crl.c,
	lib/x509/dn.c, lib/x509/ocsp.c, lib/x509/verify-high.c,
	lib/x509/verify.c, lib/x509/x509.c, lib/x509/x509_int.h: Several
	optimizations on certificate comparisons including DN. This speeds
	up CA certificate loading, and certificate verification.

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c: Revert "When making the hash list of the
	CAs avoid calling get_raw_*_dn() which is very costly." This reverts commit 1b7d66354e9b4d174b58233f4dd8ab46a1d45f14.

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c: When making the hash list of the CAs avoid
	calling get_raw_*_dn() which is very costly.

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/x509/crl.c, lib/x509/crq.c, lib/x509/dn.c, lib/x509/x509.c,
	lib/x509/x509_int.h: Added new functions to get the LDAP DN in an
	allocated buffer.

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: Removed unused code.

2013-03-05  Daniel Kahn Gillmor <dkg@fifthhorseman.net>

	* lib/x509/x509_write.c: fix description of id_size parameter

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: handle the interesting variance between directories

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: test for ANDROID or __ANDROID__

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/ar-lib: updated

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: call gl_EARLY earlier, and add AM_PROG_AR.

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls.pc.in: corrected link

2013-03-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: removed Werror from automake rules

2013-03-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: Added flag

2013-03-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, ChangeLog: removed

2013-03-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c, src/Makefile.am: changes to avoid compilation
	of programs that cannot be.

2013-03-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: more simplifications to
	gnutls_x509_trust_list_add_system_trust()

2013-03-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: corrected reading from directory.

2013-03-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: gnutls_x509_trust_list_add_system_trust() was made
	to work in android 4.x.

2013-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: More cleanups in
	gnutls_x509_trust_list_add_system_trust()

2013-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Select CPU optimizations based on target cpu rather
	than the host.

2013-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am, lib/system.c: some simplifications in
	gnutls_x509_trust_list_add_system_trust()

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/certtool.c: Use ARCFOUR cipher by default to be
	compatible with devices like android that don't support AES

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-danetool.texi, libdane/dane.c,
	libdane/includes/gnutls/dane.h, src/danetool-args.c,
	src/danetool-args.def, src/danetool-args.h, src/danetool.c,
	tests/suite/Makefile.am, tests/suite/testdane: Added verify flags
	for DANE to enforce verification and restrict it to a field.

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, ChangeLog: added empty ChangeLog

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* GNUmakefile, build-aux/config.rpath, build-aux/gendocs.sh,
	build-aux/pmccabe2html, build-aux/snippet/arg-nonnull.h,
	build-aux/snippet/c++defs.h, build-aux/snippet/unused-parameter.h,
	build-aux/snippet/warn-on-use.h, build-aux/useless-if-before-free,
	build-aux/vc-list-files, doc/gendocs_template, gl/Makefile.am,
	gl/accept.c, gl/alloca.in.h, gl/alphasort.c, gl/argp-ba.c,
	gl/argp-eexst.c, gl/argp-fmtstream.c, gl/argp-fmtstream.h,
	gl/argp-fs-xinl.c, gl/argp-help.c, gl/argp-namefrob.h,
	gl/argp-parse.c, gl/argp-pin.c, gl/argp-pv.c, gl/argp-pvh.c,
	gl/argp-xinl.c, gl/argp.h, gl/arpa_inet.in.h, gl/asnprintf.c,
	gl/asprintf.c, gl/base64.c, gl/base64.h, gl/basename-lgpl.c,
	gl/bind.c, gl/byteswap.in.h, gl/c-ctype.c, gl/c-ctype.h,
	gl/c-strcase.h, gl/c-strcasecmp.c, gl/c-strncasecmp.c, gl/close.c,
	gl/closedir.c, gl/connect.c, gl/dirent-private.h, gl/dirent.in.h,
	gl/dirname-lgpl.c, gl/dirname.h, gl/dosname.h, gl/dup2.c,
	gl/errno.in.h, gl/error.c, gl/error.h, gl/fd-hook.c, gl/fd-hook.h,
	gl/filename.h, gl/float+.h, gl/float.c, gl/float.in.h, gl/fpucw.h,
	gl/frexp.c, gl/frexpl.c, gl/fseek.c, gl/fseeko.c, gl/fseterr.c,
	gl/fseterr.h, gl/fstat.c, gl/ftell.c, gl/ftello.c,
	gl/gai_strerror.c, gl/getaddrinfo.c, gl/getdelim.c, gl/getline.c,
	gl/getopt.c, gl/getopt.in.h, gl/getopt1.c, gl/getopt_int.h,
	gl/getpass.c, gl/getpass.h, gl/getpeername.c, gl/getsubopt.c,
	gl/gettext.h, gl/gettime.c, gl/gettimeofday.c,
	gl/glthread/threadlib.c, gl/hash-pjw-bare.c, gl/hash-pjw-bare.h,
	gl/iconv.c, gl/iconv.in.h, gl/iconv_close.c, gl/iconv_open.c,
	gl/inet_ntop.c, gl/inet_pton.c, gl/intprops.h, gl/isnan.c,
	gl/isnand-nolibm.h, gl/isnand.c, gl/isnanf-nolibm.h, gl/isnanf.c,
	gl/isnanl-nolibm.h, gl/isnanl.c, gl/itold.c, gl/listen.c,
	gl/lseek.c, gl/m4/00gnulib.m4, gl/m4/alloca.m4, gl/m4/alphasort.m4,
	gl/m4/argp.m4, gl/m4/arpa_inet_h.m4, gl/m4/base64.m4,
	gl/m4/byteswap.m4, gl/m4/clock_time.m4, gl/m4/close.m4,
	gl/m4/closedir.m4, gl/m4/codeset.m4, gl/m4/dirent_h.m4,
	gl/m4/dirname.m4, gl/m4/double-slash-root.m4, gl/m4/dup2.m4,
	gl/m4/eealloc.m4, gl/m4/environ.m4, gl/m4/errno_h.m4,
	gl/m4/error.m4, gl/m4/exponentd.m4, gl/m4/exponentf.m4,
	gl/m4/exponentl.m4, gl/m4/extensions.m4, gl/m4/extern-inline.m4,
	gl/m4/fcntl-o.m4, gl/m4/fcntl_h.m4, gl/m4/fdopen.m4,
	gl/m4/float_h.m4, gl/m4/fpieee.m4, gl/m4/frexp.m4, gl/m4/frexpl.m4,
	gl/m4/fseek.m4, gl/m4/fseeko.m4, gl/m4/fseterr.m4, gl/m4/fstat.m4,
	gl/m4/ftell.m4, gl/m4/ftello.m4, gl/m4/ftruncate.m4, gl/m4/func.m4,
	gl/m4/getaddrinfo.m4, gl/m4/getcwd.m4, gl/m4/getdelim.m4,
	gl/m4/getline.m4, gl/m4/getopt.m4, gl/m4/getpagesize.m4,
	gl/m4/getpass.m4, gl/m4/getsubopt.m4, gl/m4/gettext.m4,
	gl/m4/gettime.m4, gl/m4/gettimeofday.m4, gl/m4/glibc2.m4,
	gl/m4/glibc21.m4, gl/m4/gnulib-cache.m4, gl/m4/gnulib-common.m4,
	gl/m4/gnulib-comp.m4, gl/m4/gnulib-tool.m4, gl/m4/hostent.m4,
	gl/m4/iconv.m4, gl/m4/iconv_h.m4, gl/m4/iconv_open-utf.m4,
	gl/m4/iconv_open.m4, gl/m4/include_next.m4, gl/m4/inet_ntop.m4,
	gl/m4/inet_pton.m4, gl/m4/inline.m4, gl/m4/intdiv0.m4,
	gl/m4/intl.m4, gl/m4/intldir.m4, gl/m4/intlmacosx.m4,
	gl/m4/intmax.m4, gl/m4/intmax_t.m4, gl/m4/inttypes-pri.m4,
	gl/m4/inttypes.m4, gl/m4/inttypes_h.m4, gl/m4/ioctl.m4,
	gl/m4/isnand.m4, gl/m4/isnanf.m4, gl/m4/isnanl.m4,
	gl/m4/largefile.m4, gl/m4/lcmessage.m4, gl/m4/ld-output-def.m4,
	gl/m4/ld-version-script.m4, gl/m4/ldexpl.m4, gl/m4/lib-ld.m4,
	gl/m4/lib-link.m4, gl/m4/lib-prefix.m4, gl/m4/libunistring-base.m4,
	gl/m4/locale-fr.m4, gl/m4/locale-ja.m4, gl/m4/locale-tr.m4,
	gl/m4/locale-zh.m4, gl/m4/locale_h.m4, gl/m4/localename.m4,
	gl/m4/lock.m4, gl/m4/longlong.m4, gl/m4/lseek.m4, gl/m4/lstat.m4,
	gl/m4/malloc.m4, gl/m4/malloca.m4, gl/m4/manywarnings.m4,
	gl/m4/math_h.m4, gl/m4/memchr.m4, gl/m4/memmem.m4,
	gl/m4/mempcpy.m4, gl/m4/minmax.m4, gl/m4/mmap-anon.m4,
	gl/m4/mode_t.m4, gl/m4/msvc-inval.m4, gl/m4/msvc-nothrow.m4,
	gl/m4/multiarch.m4, gl/m4/netdb_h.m4, gl/m4/netinet_in_h.m4,
	gl/m4/nls.m4, gl/m4/nocrash.m4, gl/m4/off_t.m4, gl/m4/open.m4,
	gl/m4/opendir.m4, gl/m4/pathmax.m4, gl/m4/perror.m4, gl/m4/pipe.m4,
	gl/m4/po.m4, gl/m4/printf-frexp.m4, gl/m4/printf-frexpl.m4,
	gl/m4/printf-posix.m4, gl/m4/printf.m4, gl/m4/progtest.m4,
	gl/m4/putenv.m4, gl/m4/rawmemchr.m4, gl/m4/read-file.m4,
	gl/m4/readdir.m4, gl/m4/realloc.m4, gl/m4/scandir.m4,
	gl/m4/select.m4, gl/m4/servent.m4, gl/m4/setenv.m4,
	gl/m4/setlocale.m4, gl/m4/signal_h.m4, gl/m4/signbit.m4,
	gl/m4/size_max.m4, gl/m4/sleep.m4, gl/m4/snprintf.m4,
	gl/m4/socketlib.m4, gl/m4/sockets.m4, gl/m4/socklen.m4,
	gl/m4/sockpfaf.m4, gl/m4/ssize_t.m4, gl/m4/stat.m4,
	gl/m4/stdalign.m4, gl/m4/stdarg.m4, gl/m4/stdbool.m4,
	gl/m4/stddef_h.m4, gl/m4/stdint.m4, gl/m4/stdint_h.m4,
	gl/m4/stdio_h.m4, gl/m4/stdlib_h.m4, gl/m4/strcase.m4,
	gl/m4/strchrnul.m4, gl/m4/strdup.m4, gl/m4/strerror.m4,
	gl/m4/strerror_r.m4, gl/m4/string_h.m4, gl/m4/strings_h.m4,
	gl/m4/strndup.m4, gl/m4/strnlen.m4, gl/m4/strtok_r.m4,
	gl/m4/strverscmp.m4, gl/m4/symlink.m4, gl/m4/sys_ioctl_h.m4,
	gl/m4/sys_select_h.m4, gl/m4/sys_socket_h.m4, gl/m4/sys_stat_h.m4,
	gl/m4/sys_time_h.m4, gl/m4/sys_types_h.m4, gl/m4/sys_uio_h.m4,
	gl/m4/sysexits.m4, gl/m4/threadlib.m4, gl/m4/time_h.m4,
	gl/m4/time_r.m4, gl/m4/timer_time.m4, gl/m4/timespec.m4,
	gl/m4/uintmax_t.m4, gl/m4/ungetc.m4, gl/m4/unistd_h.m4,
	gl/m4/valgrind-tests.m4, gl/m4/vasnprintf.m4, gl/m4/vasprintf.m4,
	gl/m4/version-etc.m4, gl/m4/vfprintf-posix.m4, gl/m4/visibility.m4,
	gl/m4/vprintf-posix.m4, gl/m4/vsnprintf.m4, gl/m4/warn-on-use.m4,
	gl/m4/warnings.m4, gl/m4/wchar_h.m4, gl/m4/wchar_t.m4,
	gl/m4/wint_t.m4, gl/m4/xsize.m4, gl/malloc.c, gl/math.in.h,
	gl/memchr.c, gl/memmem.c, gl/mempcpy.c, gl/minmax.h,
	gl/msvc-inval.c, gl/msvc-inval.h, gl/msvc-nothrow.c,
	gl/msvc-nothrow.h, gl/netdb.in.h, gl/netinet_in.in.h, gl/opendir.c,
	gl/printf-args.c, gl/printf-args.h, gl/printf-frexp.c,
	gl/printf-frexp.h, gl/printf-frexpl.c, gl/printf-frexpl.h,
	gl/printf-parse.c, gl/printf-parse.h, gl/progname.c, gl/progname.h,
	gl/rawmemchr.c, gl/read-file.c, gl/read-file.h, gl/readdir.c,
	gl/realloc.c, gl/recv.c, gl/recvfrom.c, gl/scandir.c, gl/select.c,
	gl/send.c, gl/sendto.c, gl/setsockopt.c, gl/shutdown.c,
	gl/signal.in.h, gl/signbitd.c, gl/signbitf.c, gl/signbitl.c,
	gl/size_max.h, gl/sleep.c, gl/snprintf.c, gl/socket.c,
	gl/sockets.c, gl/sockets.h, gl/stdalign.in.h, gl/stdarg.in.h,
	gl/stdbool.in.h, gl/stddef.in.h, gl/stdint.in.h, gl/stdio-impl.h,
	gl/stdio.c, gl/stdio.in.h, gl/stdlib.in.h, gl/str-two-way.h,
	gl/strcasecmp.c, gl/strchrnul.c, gl/strdup.c,
	gl/strerror-override.c, gl/strerror-override.h, gl/strerror.c,
	gl/string.in.h, gl/strings.in.h, gl/stripslash.c, gl/strncasecmp.c,
	gl/strndup.c, gl/strnlen.c, gl/strtok_r.c, gl/strverscmp.c,
	gl/sys_select.in.h, gl/sys_socket.in.h, gl/sys_stat.in.h,
	gl/sys_time.in.h, gl/sys_types.in.h, gl/sys_uio.in.h,
	gl/sysexits.in.h, gl/tests/Makefile.am, gl/tests/binary-io.h,
	gl/tests/fcntl.in.h, gl/tests/fdopen.c, gl/tests/ftruncate.c,
	gl/tests/getcwd-lgpl.c, gl/tests/getpagesize.c,
	gl/tests/glthread/lock.c, gl/tests/glthread/lock.h,
	gl/tests/ignore-value.h, gl/tests/infinity.h, gl/tests/init.sh,
	gl/tests/inttypes.in.h, gl/tests/ioctl.c, gl/tests/locale.in.h,
	gl/tests/localename.c, gl/tests/localename.h, gl/tests/lstat.c,
	gl/tests/macros.h, gl/tests/malloca.c, gl/tests/malloca.h,
	gl/tests/minus-zero.h, gl/tests/nan.h, gl/tests/open.c,
	gl/tests/pathmax.h, gl/tests/perror.c, gl/tests/pipe.c,
	gl/tests/putenv.c, gl/tests/randomd.c, gl/tests/randoml.c,
	gl/tests/same-inode.h, gl/tests/setenv.c, gl/tests/setlocale.c,
	gl/tests/signature.h, gl/tests/stat.c, gl/tests/strerror_r.c,
	gl/tests/symlink.c, gl/tests/sys_ioctl.in.h,
	gl/tests/test-accept.c, gl/tests/test-alloca-opt.c,
	gl/tests/test-argp-2.sh, gl/tests/test-argp.c,
	gl/tests/test-arpa_inet.c, gl/tests/test-base64.c,
	gl/tests/test-binary-io.c, gl/tests/test-bind.c,
	gl/tests/test-byteswap.c, gl/tests/test-c-ctype.c,
	gl/tests/test-c-strcasecmp.c, gl/tests/test-c-strncasecmp.c,
	gl/tests/test-close.c, gl/tests/test-connect.c,
	gl/tests/test-dirent.c, gl/tests/test-dup2.c,
	gl/tests/test-environ.c, gl/tests/test-errno.c,
	gl/tests/test-fcntl-h.c, gl/tests/test-fdopen.c,
	gl/tests/test-fgetc.c, gl/tests/test-float.c,
	gl/tests/test-fprintf-posix.h, gl/tests/test-fputc.c,
	gl/tests/test-fread.c, gl/tests/test-frexp.c,
	gl/tests/test-frexp.h, gl/tests/test-frexpl.c,
	gl/tests/test-fseek.c, gl/tests/test-fseeko.c,
	gl/tests/test-fseeko3.c, gl/tests/test-fseeko4.c,
	gl/tests/test-fseterr.c, gl/tests/test-fstat.c,
	gl/tests/test-ftell.c, gl/tests/test-ftell3.c,
	gl/tests/test-ftello.c, gl/tests/test-ftello3.c,
	gl/tests/test-ftello4.c, gl/tests/test-ftruncate.c,
	gl/tests/test-func.c, gl/tests/test-fwrite.c,
	gl/tests/test-getaddrinfo.c, gl/tests/test-getcwd-lgpl.c,
	gl/tests/test-getdelim.c, gl/tests/test-getline.c,
	gl/tests/test-getopt.c, gl/tests/test-getopt.h,
	gl/tests/test-getopt_long.h, gl/tests/test-getpeername.c,
	gl/tests/test-gettimeofday.c, gl/tests/test-iconv-h.c,
	gl/tests/test-iconv-utf.c, gl/tests/test-iconv.c,
	gl/tests/test-ignore-value.c, gl/tests/test-inet_ntop.c,
	gl/tests/test-inet_pton.c, gl/tests/test-init.sh,
	gl/tests/test-intprops.c, gl/tests/test-inttypes.c,
	gl/tests/test-ioctl.c, gl/tests/test-isnand-nolibm.c,
	gl/tests/test-isnand.h, gl/tests/test-isnanf-nolibm.c,
	gl/tests/test-isnanf.h, gl/tests/test-isnanl-nolibm.c,
	gl/tests/test-isnanl.h, gl/tests/test-listen.c,
	gl/tests/test-locale.c, gl/tests/test-localename.c,
	gl/tests/test-lstat.c, gl/tests/test-lstat.h,
	gl/tests/test-malloc-gnu.c, gl/tests/test-malloca.c,
	gl/tests/test-math.c, gl/tests/test-memchr.c,
	gl/tests/test-netdb.c, gl/tests/test-netinet_in.c,
	gl/tests/test-open.c, gl/tests/test-open.h,
	gl/tests/test-pathmax.c, gl/tests/test-perror.c,
	gl/tests/test-perror2.c, gl/tests/test-pipe.c,
	gl/tests/test-printf-frexp.c, gl/tests/test-printf-frexpl.c,
	gl/tests/test-printf-posix.h, gl/tests/test-rawmemchr.c,
	gl/tests/test-read-file.c, gl/tests/test-recv.c,
	gl/tests/test-recvfrom.c, gl/tests/test-select-fd.c,
	gl/tests/test-select-stdin.c, gl/tests/test-select.c,
	gl/tests/test-select.h, gl/tests/test-send.c,
	gl/tests/test-sendto.c, gl/tests/test-setenv.c,
	gl/tests/test-setlocale1.c, gl/tests/test-setlocale2.c,
	gl/tests/test-setsockopt.c, gl/tests/test-shutdown.c,
	gl/tests/test-signal-h.c, gl/tests/test-signbit.c,
	gl/tests/test-sleep.c, gl/tests/test-snprintf.c,
	gl/tests/test-sockets.c, gl/tests/test-stat.c,
	gl/tests/test-stat.h, gl/tests/test-stdalign.c,
	gl/tests/test-stdbool.c, gl/tests/test-stddef.c,
	gl/tests/test-stdint.c, gl/tests/test-stdio.c,
	gl/tests/test-stdlib.c, gl/tests/test-strchrnul.c,
	gl/tests/test-strerror.c, gl/tests/test-strerror_r.c,
	gl/tests/test-string.c, gl/tests/test-strings.c,
	gl/tests/test-strnlen.c, gl/tests/test-strverscmp.c,
	gl/tests/test-symlink.c, gl/tests/test-symlink.h,
	gl/tests/test-sys_ioctl.c, gl/tests/test-sys_select.c,
	gl/tests/test-sys_socket.c, gl/tests/test-sys_stat.c,
	gl/tests/test-sys_time.c, gl/tests/test-sys_types.c,
	gl/tests/test-sys_uio.c, gl/tests/test-sys_wait.h,
	gl/tests/test-sysexits.c, gl/tests/test-time.c,
	gl/tests/test-u64.c, gl/tests/test-unistd.c,
	gl/tests/test-unsetenv.c, gl/tests/test-vasnprintf.c,
	gl/tests/test-vasprintf.c, gl/tests/test-vc-list-files-cvs.sh,
	gl/tests/test-vc-list-files-git.sh, gl/tests/test-verify.c,
	gl/tests/test-version-etc.c, gl/tests/test-version-etc.sh,
	gl/tests/test-vfprintf-posix.c, gl/tests/test-vprintf-posix.c,
	gl/tests/test-vsnprintf.c, gl/tests/test-wchar.c,
	gl/tests/unistr/test-u8-mbtoucr.c,
	gl/tests/unistr/test-u8-uctomb.c, gl/tests/unsetenv.c,
	gl/tests/w32sock.h, gl/tests/zerosize-ptr.h, gl/time.in.h,
	gl/time_r.c, gl/timespec.h, gl/u64.h, gl/unistd.in.h,
	gl/unistr.in.h, gl/unistr/u8-mbtoucr.c, gl/unistr/u8-uctomb-aux.c,
	gl/unistr/u8-uctomb.c, gl/unitypes.in.h, gl/vasnprintf.c,
	gl/vasnprintf.h, gl/vasprintf.c, gl/verify.h, gl/version-etc-fsf.c,
	gl/version-etc.c, gl/version-etc.h, gl/vfprintf.c, gl/vprintf.c,
	gl/vsnprintf.c, gl/w32sock.h, gl/wchar.in.h, gl/xsize.h, maint.mk: 
	updated gnulib

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/libgnutls.map: Added gnutls_pkcs11_privkey_status

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/invoke-certtool.texi,
	doc/manpages/Makefile.am: updated

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, m4/hooks.m4: bumped version

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_db.h, lib/gnutls_int.h, lib/gnutls_record.c,
	lib/gnutls_session_pack.c: small optimizations in session storage

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_state.c: no need to memset during session deinit.

2013-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/nettle/rnd.c, tests/rng-fork.c: fixed nonce generation
	after fork().

2013-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_db.c, lib/gnutls_handshake.c,
	lib/gnutls_session_pack.c: Small fixes.

2013-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/includes/gnutls/pkcs11.h, lib/pkcs11_privkey.c: Added
	gnutls_pkcs11_privkey_status().

2013-02-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify.c: doc update

2013-02-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c, libdane/errors.c, libdane/includes/gnutls/dane.h: 
	when verifying a DANE CA constraint make sure that the provided
	chain is actually a chain.

2013-02-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: doc update

2013-02-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi: mention enable-in in p11-kit config.

2013-02-20  Jaak Ristioja <jaak.ristioja@cyber.ee>

	* lib/gnutls_psk.c, lib/gnutls_str.c: Moved gnutls_hex_(en|de)code
	functions from lib/gnutls_psk.c to lib/gnutls_str.c to fix
	compilation of certtool when PSK is disabled.  These are rather generic functions by nature, so it would be
	reasonable to include them in GnuTLS even if PSK support is
	disabled.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: print info on reinitializor error.

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi: Documented the DANE situation in gnutls.
	Suggested by Gabor Toth.

2013-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/pkcs11.c: Fixed gnutls_pkcs11_reinit() to reinitialize
	all modules.

2013-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: return proper error

2013-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: use set_int when needed

2013-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/session_ticket.c, lib/gnutls_datum.c,
	lib/gnutls_extensions.c, lib/gnutls_str.c, lib/gnutls_x509.c,
	lib/x509/ocsp.c, lib/x509/pkcs12.c, lib/xssl_getline.c: Use
	gnutls_realloc_fast everywhere. Suggested by David Woodhouse.

2013-02-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/rsa.c: better cleanup on error on export case

2013-02-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509.c: corrected parsing issue in XMPP data when in a
	subject alternative name

2013-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi, lib/gnutls_record.c,
	lib/includes/gnutls/gnutls.h.in, lib/tpm.c, src/common.c: cleaned up
	the PIN calling in TPM

2013-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-gtls-app.texi,
	doc/examples/ex-cert-select-pkcs11.c,
	doc/examples/ex-cert-select.c, doc/examples/ex-client-anon.c,
	doc/examples/ex-client-dtls.c, doc/examples/ex-client-psk.c,
	doc/examples/ex-client-resume.c, doc/examples/ex-client-srp.c,
	doc/examples/ex-client-x509.c, doc/examples/ex-serv-anon.c,
	doc/examples/ex-serv-pgp.c, doc/examples/ex-serv-psk.c,
	doc/examples/ex-serv-srp.c, doc/examples/ex-serv-x509.c,
	lib/gnutls_record.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, src/cli.c, src/serv.c: Added convenience
	functions to avoid ugly casting in simple programs.

2013-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-client-dtls.c, doc/examples/ex-serv-dtls.c: be
	more explicit in DTLS examples to account for LARGE_PACKET error

2013-02-16  Daniel Kahn Gillmor <dkg@fifthhorseman.net>

	* lib/pkcs11.c: fix two minor memory leaks when PKCS#11 is in use

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/libgnutls.map: corrected export of functions

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pubkey.c: corrected gnutls_pubkey_verify_data()

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c: reduced hash table size

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pubkey.c: doc update

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in: Added const

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_handshake.c, lib/gnutls_handshake.h,
	lib/gnutls_int.h, lib/gnutls_state.c, lib/gnutls_v2_compat.c,
	lib/includes/gnutls/gnutls.h.in: gnutls_handshake_set_server_random
	-> gnutls_handshake_set_random

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_int.h: timespec_sub_ms -> _gnutls_timespec_sub_ms

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_state.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
	gnutls_handshake_set_server_random

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/rnd.c: properly set close-on-exec.

2013-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-serv-anon.c: avoid ptrdiff_t

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/certtool-extras.c: certtool's --to-p12 will now ask for
	a password to generate PKCS #12 files.  That is when provided an encrypted key file. Reported by Yan Fiz.

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: prefer plain RSA to DHE-RSA and DHE-DSS

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am: removed duplicate

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/invoke-gnutls-cli.texi: small updates

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am: slow tests moved at the end of the suite

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c: simplified cleaning-up in
	_gnutls_stream_read and _gnutls_dgram_read

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/pk.c: corrected extract_digest_info

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c, tests/mini-x509-callbacks.c: In client
	side the verify callback is always being called.

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: further relaxed security levels

2013-01-29  Jaak Ristioja <jaak.ristioja@cyber.ee>

	* Makefile.am, configure.ac: Add option to disable generation of any
	documentation for GnuTLS.

2013-01-29  Jaak Ristioja <jaak.ristioja@cyber.ee>

	* Makefile.am, libdane/Makefile.am, libdane/includes/Makefile.am: 
	Prevent libdane pkgconfig stuff from being installed if libdane
	support is disabled.

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, cross.mk, m4/hooks.m4: updates for 3.1.8

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/algorithms/secparams.c: Restored 3.1.6 defaults and
	documented fix.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/secparams.c: reduced the very weak DH level to 768
	bits to not reject popular sites that operate on that level.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/dh_common.c: added debugging message to indicate the
	number of bits.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: Do not call the certificate verification
	callback if certificates are ignored.

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: avoid memset on the whole record header
	length

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/x509/privkey.c: fixed issue in
	gnutls_x509_privkey_import2()

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-bib.texi, doc/cha-tokens.texi, doc/latex/gnutls.bib,
	lib/tpm.c: reference TPMURI

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pubkey.c, lib/x509/x509.c: updated doc

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/pk.c: corrected typo

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/pk.c: corrected wrap_nettle_hash_algorithm() to work
	with arbitrary key sizes.

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_db.c, lib/gnutls_db.h, lib/gnutls_session_pack.c: Added
	a magic number in front session DB data.

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/rnd.c: Corrected typo. Reported by Mark Brand.

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_cipher.c: update

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/ca-no-pathlen.pem: test update

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-functions.texi, doc/manpages/Makefile.am: update

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-gtls-app.texi, lib/gnutls_record.c: 
	updated doc

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-gnutls-cli.texi: doc update

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_range.c: document limitation

2013-01-24  Alfredo Pironti <alfredo@pironti.eu>

	* lib/gnutls_range.c: Make sure we don't fail if writing gets
	interrupted

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-dtls-heartbeat.c: disable heartbeat test if it isn't
	included.

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: postpone the change

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* COPYING.LESSER: Revert "license is again LGPLv2.1" This reverts commit b7eea829d4b1db58c49bf5c3e31e4be5b61fb2e8.

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/mini-record-timing.c: updated test

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c, lib/gnutls_hash_int.h: Fixes to avoid a
	timing attack in TLS CBC record parsing.

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_extensions.c, lib/gnutls_record.c: only register
	heartbeat if it is enabled.

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* COPYING.LESSER: license is again LGPLv2.1

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, lib/ext/heartbeat.c, lib/ext/heartbeat.h,
	m4/hooks.m4: updated heartbeat code, and made it optional.

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/pkcs11.h, lib/pkcs11.c: corrected typo

2013-02-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/status_request.c, lib/gnutls_db.c, lib/gnutls_str.c,
	lib/pkcs11_write.c, lib/x509/ocsp.c, lib/x509/ocsp_output.c,
	lib/x509/output.c, lib/x509/verify-high.c, lib/x509/x509.c: Use
	LGPLv2.1 in the files their author's agreed to.

2013-02-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c, lib/includes/gnutls/pkcs11.h, lib/pkcs11.c,
	lib/x509/verify-high2.c: Added GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED_CA
	to specify trusted CA certificates.

2013-02-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: added new func

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_session_pack.c: corrected session resumption

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_db.c: simplified DB storing

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli-args.c, src/cli-args.def, src/cli-args.h, src/cli.c: 
	Applied disable SNI patch from Daniel.

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_db.c: remove function is not required to add or
	retrieve from db.

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/abstract_int.h, lib/accelerated/accelerated.c,
	lib/accelerated/cryptodev-gcm.c, lib/accelerated/cryptodev.c,
	lib/accelerated/x86/aes-gcm-padlock.c,
	lib/accelerated/x86/aes-gcm-x86.c,
	lib/accelerated/x86/aes-padlock.c, lib/accelerated/x86/aes-x86.c,
	lib/accelerated/x86/hmac-padlock.c,
	lib/accelerated/x86/sha-padlock.c, lib/accelerated/x86/x86.h,
	lib/algorithms.h, lib/algorithms/cert_types.c,
	lib/algorithms/ciphers.c, lib/algorithms/ciphersuites.c,
	lib/algorithms/ecc.c, lib/algorithms/kx.c, lib/algorithms/mac.c,
	lib/algorithms/protocols.c, lib/algorithms/publickey.c,
	lib/algorithms/secparams.c, lib/algorithms/sign.c, lib/auth/anon.c,
	lib/auth/anon.h, lib/auth/anon_ecdh.c, lib/auth/cert.c,
	lib/auth/cert.h, lib/auth/dh_common.c, lib/auth/dh_common.h,
	lib/auth/dhe.c, lib/auth/dhe_psk.c, lib/auth/ecdh_common.c,
	lib/auth/ecdh_common.h, lib/auth/psk.c, lib/auth/psk.h,
	lib/auth/psk_passwd.c, lib/auth/psk_passwd.h, lib/auth/rsa.c,
	lib/auth/rsa_export.c, lib/auth/srp.c, lib/auth/srp.h,
	lib/auth/srp_passwd.c, lib/auth/srp_passwd.h, lib/auth/srp_rsa.c,
	lib/auth/srp_sb64.c, lib/crypto-api.c, lib/crypto-backend.c,
	lib/crypto-backend.h, lib/crypto.h, lib/debug.c, lib/debug.h,
	lib/ext/cert_type.c, lib/ext/cert_type.h, lib/ext/ecc.c,
	lib/ext/ecc.h, lib/ext/max_record.c, lib/ext/max_record.h,
	lib/ext/new_record_padding.c, lib/ext/new_record_padding.h,
	lib/ext/safe_renegotiation.c, lib/ext/safe_renegotiation.h,
	lib/ext/server_name.c, lib/ext/server_name.h,
	lib/ext/session_ticket.c, lib/ext/session_ticket.h,
	lib/ext/signature.c, lib/ext/signature.h, lib/ext/srp.c,
	lib/ext/srp.h, lib/ext/srtp.c, lib/ext/srtp.h, lib/gnutls_alert.c,
	lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_auth.h,
	lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_cert.c,
	lib/gnutls_cipher.c, lib/gnutls_cipher.h, lib/gnutls_cipher_int.c,
	lib/gnutls_cipher_int.h, lib/gnutls_compress.c,
	lib/gnutls_compress.h, lib/gnutls_constate.c,
	lib/gnutls_constate.h, lib/gnutls_datum.c, lib/gnutls_datum.h,
	lib/gnutls_db.h, lib/gnutls_dh.c, lib/gnutls_dh.h,
	lib/gnutls_dh_primes.c, lib/gnutls_dtls.c, lib/gnutls_dtls.h,
	lib/gnutls_ecc.c, lib/gnutls_ecc.h, lib/gnutls_errors.c,
	lib/gnutls_errors.h, lib/gnutls_extensions.c,
	lib/gnutls_extensions.h, lib/gnutls_global.c, lib/gnutls_global.h,
	lib/gnutls_handshake.c, lib/gnutls_handshake.h,
	lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_helper.c,
	lib/gnutls_helper.h, lib/gnutls_int.h, lib/gnutls_kx.c,
	lib/gnutls_kx.h, lib/gnutls_mbuffers.c, lib/gnutls_mbuffers.h,
	lib/gnutls_mem.c, lib/gnutls_mem.h, lib/gnutls_mpi.c,
	lib/gnutls_mpi.h, lib/gnutls_num.c, lib/gnutls_num.h,
	lib/gnutls_pcert.c, lib/gnutls_pk.c, lib/gnutls_pk.h,
	lib/gnutls_priority.c, lib/gnutls_privkey.c, lib/gnutls_psk.c,
	lib/gnutls_pubkey.c, lib/gnutls_record.c, lib/gnutls_record.h,
	lib/gnutls_rsa_export.c, lib/gnutls_rsa_export.h,
	lib/gnutls_session.c, lib/gnutls_session_pack.c,
	lib/gnutls_session_pack.h, lib/gnutls_sig.c, lib/gnutls_sig.h,
	lib/gnutls_srp.c, lib/gnutls_srp.h, lib/gnutls_state.c,
	lib/gnutls_state.h, lib/gnutls_str.h, lib/gnutls_str_array.h,
	lib/gnutls_supplemental.c, lib/gnutls_supplemental.h,
	lib/gnutls_ui.c, lib/gnutls_v2_compat.c, lib/gnutls_v2_compat.h,
	lib/gnutls_x509.c, lib/gnutls_x509.h,
	lib/includes/gnutls/abstract.h, lib/includes/gnutls/compat.h,
	lib/includes/gnutls/crypto.h, lib/includes/gnutls/dtls.h,
	lib/includes/gnutls/gnutlsxx.h, lib/includes/gnutls/openpgp.h,
	lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/pkcs12.h,
	lib/includes/gnutls/tpm.h, lib/locks.c, lib/locks.h,
	lib/nettle/cipher.c, lib/nettle/ecc.h, lib/nettle/ecc_free.c,
	lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
	lib/nettle/ecc_mulmod.c, lib/nettle/ecc_mulmod_cached.c,
	lib/nettle/ecc_points.c, lib/nettle/ecc_projective_add_point_ng.c,
	lib/nettle/ecc_projective_check_point.c,
	lib/nettle/ecc_projective_dbl_point_3.c,
	lib/nettle/ecc_projective_isneutral.c,
	lib/nettle/ecc_projective_negate_point.c,
	lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
	lib/nettle/ecc_verify_hash.c, lib/nettle/egd.c, lib/nettle/egd.h,
	lib/nettle/init.c, lib/nettle/mac.c, lib/nettle/mpi.c,
	lib/nettle/pk.c, lib/nettle/rnd.c, lib/nettle/wmnaf.c,
	lib/opencdk/armor.c, lib/opencdk/context.h, lib/opencdk/filters.h,
	lib/opencdk/hash.c, lib/opencdk/kbnode.c, lib/opencdk/keydb.c,
	lib/opencdk/keydb.h, lib/opencdk/literal.c, lib/opencdk/main.h,
	lib/opencdk/misc.c, lib/opencdk/new-packet.c,
	lib/opencdk/opencdk.h, lib/opencdk/packet.h, lib/opencdk/pubkey.c,
	lib/opencdk/read-packet.c, lib/opencdk/seskey.c,
	lib/opencdk/sig-check.c, lib/opencdk/stream.c,
	lib/opencdk/stream.h, lib/opencdk/types.h,
	lib/opencdk/write-packet.c, lib/openpgp/compat.c,
	lib/openpgp/extras.c, lib/openpgp/gnutls_openpgp.c,
	lib/openpgp/gnutls_openpgp.h, lib/openpgp/openpgp_int.h,
	lib/openpgp/output.c, lib/openpgp/pgp.c, lib/openpgp/pgpverify.c,
	lib/openpgp/privkey.c, lib/pin.c, lib/pkcs11.c, lib/pkcs11_int.h,
	lib/pkcs11_privkey.c, lib/pkcs11_secret.c, lib/random.c,
	lib/random.h, lib/system.c, lib/system.h, lib/system_override.c,
	lib/tpm.c, lib/verify-tofu.c, lib/x509/common.c, lib/x509/common.h,
	lib/x509/crl.c, lib/x509/crl_write.c, lib/x509/crq.c,
	lib/x509/dn.c, lib/x509/extensions.c, lib/x509/key_decode.c,
	lib/x509/key_encode.c, lib/x509/mpi.c, lib/x509/pbkdf2-sha1.c,
	lib/x509/pbkdf2-sha1.h, lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c,
	lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c, lib/x509/privkey.c,
	lib/x509/privkey_openssl.c, lib/x509/privkey_pkcs8.c,
	lib/x509/rfc2818_hostname.c, lib/x509/sign.c,
	lib/x509/verify-high2.c, lib/x509/verify.c, lib/x509/x509_int.h,
	lib/x509/x509_write.c, lib/x509_b64.c, lib/x509_b64.h: Use LGPLv2.1
	in the files their author's agreed to.

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_db.c, lib/gnutls_session_pack.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
	gnutls_db_check_entry_time().

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_db.c: deprecated problematic function

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_db.c, lib/gnutls_handshake.c,
	lib/gnutls_session_pack.c: Fixes in server side of DTLS-0.9.

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/xssl.h: corrected typo

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: uncork doesn't do anything when the session
	is already in flush mode

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, doc/.gitignore: more files to ignore

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-examples.texi, lib/includes/gnutls/xssl.h: doc update

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, m4/hooks.m4: bumped version

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/cover.tex: Added Alfredo

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-examples.texi, doc/gnutls.texi, doc/latex/cover.tex: 
	updated doc for XSSL

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/Makefile.am, doc/examples/ex-client-xssl1.c,
	doc/examples/ex-client-xssl2.c: Added XSSL client examples.

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am, lib/libgnutls.map, tests/Makefile.am: Fixed
	compilation of mini-xssl.

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_range.c, lib/includes/gnutls/gnutls.h.in: small fixes

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/Makefile.am, m4/hooks.m4: xssl API moved to xssl library

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated text

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: Comment out new padding until it is
	standardized or at least approved by the WG.

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/doc.mk: fix xssl

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli-debug.c: Corrected issue in gnutls-cli-debug which tried
	connections to multiple hosts.  gnutls-cli-debug was trying to connect to all possible IP addresses
	of the host and failed if any was unavailable. Now it tries
	sequentially and accepts the first that is working. Reported by
	Daniel Kahn Gillmor.

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS: updated NEWS

2013-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/crypto-api.c: Fix AEAD out-of-place decryption

2013-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/mini-record-timing.c: updated test

2013-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/Makefile.am, lib/gnutls_cert.c, lib/gnutls_errors.c,
	lib/includes/Makefile.am, lib/includes/gnutls/gnutls.h.in,
	lib/includes/gnutls/sbuf.h, lib/includes/gnutls/xssl.h,
	lib/libgnutls.map, lib/sbuf.c, lib/sbuf.h, lib/sbuf_getline.c,
	lib/xssl.c, lib/xssl.h, lib/xssl_getline.c, tests/Makefile.am,
	tests/mini-sbuf.c, tests/mini-xssl.c: Added new interface.

2013-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: propagate the error of the verify
	callback.

2013-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/sbuf.h, lib/libgnutls.map, lib/sbuf.c: updates
	in the sbuf API.

2013-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/crypto-backend.h, lib/gnutls_state.c,
	lib/includes/gnutls/crypto.h, lib/nettle/rnd.c, lib/random.c,
	lib/random.h: Added gnutls_rnd_refresh().

2013-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_int.h, lib/gnutls_priority.c, lib/gnutls_state.h,
	lib/gnutls_ui.c: Keep the legacy dh_prime_bits.

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_int.h, lib/includes/gnutls/sbuf.h, lib/sbuf.c,
	lib/sbuf.h, lib/verify-tofu.c: updated sbuf interface.

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated news

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/nettle/rnd.c: No need to cache events with the current
	behavior.

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c: use nonces instead of random data

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-sbuf.c: free all resources

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/rnd.c: nonces update the internal rng state much
	slower.

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/algorithms/secparams.c, lib/gnutls_int.h,
	lib/gnutls_priority.c, lib/gnutls_state.h, lib/gnutls_ui.c,
	lib/includes/gnutls/gnutls.h.in: Instead of setting directly the
	number of DH bits, set a security parameter per session.

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/auth/dh_common.c, lib/gnutls_int.h,
	lib/gnutls_priority.c, lib/gnutls_state.c, lib/gnutls_state.h,
	lib/gnutls_ui.c: The minimum DH prime bits are now set by the
	priority strings (that means they are increased for the SECURE
	strings).

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: warnings doesn't imply Werror

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: updated

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_ui.c: disable gnutls_certificate_get_peers_subkey_id()
	if not openpgp.

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/rnd.c: optimized random generator.

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: check for getpid().

2013-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c, lib/gnutls_buffers.c, lib/gnutls_dtls.c,
	lib/gnutls_dtls.h, lib/gnutls_int.h, lib/gnutls_state.c: 
	_dtls_timespec_sub_ms -> timespec_sub_ms

2013-01-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms.h, lib/algorithms/mac.c: Avoid many indirect calls.

2013-01-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/rnd.c: reduced calls to getpid

2013-01-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/rnd.c: use the more precise gettime() instead of
	gettimeofday().

2013-01-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_range.c, lib/includes/gnutls/gnutls.h.in: 
	gnutls_range_split accepts pointers as arguments.

2013-01-24  Alfredo Pironti <alfredo@pironti.eu>

	* NEWS, doc/Makefile.am, lib/gnutls_range.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Make
	gnutls_range_split available from the GnuTLS API

2013-01-24  Alfredo Pironti <alfredo@pironti.eu>

	* .gitignore, NEWS, lib/libgnutls.map: - Remove references to the (now renamed) gnutls_range_send_message -
	Ignore sbuf-api generated documentation Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-01-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/psk.h: Some fix when disable-psk-authentication is
	specified. Based on patch by Jaak Ristioja.

2013-01-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509_dn.c: rewritten DN parsing code.

2013-01-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/Makefile.am, tests/cert-tests/template-dn.pem,
	tests/cert-tests/template-dn.tmpl, tests/cert-tests/template-test: 
	test the DN functionality of certtool.

2013-01-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/dane: dane test no longer fails if danetool isn't
	compiled

2013-01-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c, lib/tpm.c, lib/x509/common.c,
	lib/x509/pkcs12_encr.c, lib/x509/x509_dn.c: use the non-locale
	dependent versions of isxxx functions.

2013-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/sbuf.c: allow writes of more than the maximum record data.

2013-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_int.h, lib/gnutls_record.c, lib/gnutls_state.c,
	lib/includes/gnutls/gnutls.h.in: introduced gnutls_cork() and
	gnutls_uncork().

2013-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/Makefile.am, lib/includes/gnutls/sbuf.h,
	lib/libgnutls.map, lib/sbuf.c, lib/sbuf.h, lib/sbuf_getline.c,
	tests/mini-sbuf.c: Added gnutls_sbuf_getdelim() and getline().

2013-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-gnutls-cli.texi: doc updates

2013-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c, lib/gnutls_range.c, lib/gnutls_record.c,
	lib/gnutls_record.h: Small changes and a sanity check

2013-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/ocsp_output.c, lib/x509/output.c: print static strings
	without a printf-like function.

2013-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
	lib/gnutls_range.c, lib/gnutls_record.c, lib/gnutls_record.h,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli-args.c,
	src/cli-args.def, src/cli-args.h, src/cli.c, src/socket.c,
	src/socket.h: Updated ranges patch.

2013-01-22  Alfredo Pironti <alfredo@pironti.eu>

	* doc/Makefile.am, doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
	doc/invoke-gnutls-cli.texi, lib/Makefile.am,
	lib/ext/new_record_padding.c, lib/gnutls_cipher.c,
	lib/gnutls_cipher.h, lib/gnutls_int.h, lib/gnutls_priority.c,
	lib/gnutls_range.c, lib/gnutls_record.c, lib/gnutls_record.h,
	lib/includes/gnutls/gnutls.h.in, src/cli-args.c, src/cli-args.def,
	src/cli-args.h, src/cli.c, src/socket.c, src/socket.h,
	tests/mini-record.c: GnuTLS Length Hiding patch.  - Remove random padding; use minimal padding with legacy interface - With new interface, use LH when possible, that is in CBC mode or
	with the new padding extension - Rename priority to "NEW_PADDING" - gnutls-cli: add command line switch --ranges using LH when
	possible.  - Update documentation Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_session.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map: changed function name to
	gnutls_session_force_valid.

2013-01-22  Martin Storsjo <martin@martin.st>

	* lib/gnutls.pc.in: Update Libs.private with @LIB_CLOCK_GETTIME@ as
	well This is required when linking as static libraries on linux, for
	-lrt.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: set a default error position.

2013-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_session.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map: Added gnutls_session_clear_invalid

2013-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-functions.texi, doc/doc.mk: updated docs
	for sbuf API.

2013-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_handshake.c, lib/gnutls_int.h,
	lib/gnutls_record.c, lib/includes/gnutls/gnutls.h.in: Added
	gnutls_record_set_timeout().

2013-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/Makefile.am, lib/includes/gnutls/gnutls.h.in,
	lib/includes/gnutls/sbuf.h, lib/sbuf.c: updated sbuf layer.

2013-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi: Updated doc

2013-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-common.c: corrected C parameter generation.

2013-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, lib/Makefile.am, lib/gnutls.pc.in: Updated
	Libs.private with all the required libraries

2013-01-21  Martin Storsjo <martin@martin.st>

	* lib/gnutls.pc.in: Include libiconv in Libs.private This makes static linking succeed if the library is configured to
	use libiconv.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-01-21  Martin Storsjo <martin@martin.st>

	* lib/gnutls_global.c, lib/verify-tofu.c: Define _gnutls_file_mutex
	in gnutls_global.c instead of in verify-tofu.c This fixes issues with linking the tools on OS X if not building
	shared libraries.  Currently, if building with --disable-shared on OS X, the build
	fails with:   CCLD   gnutls-serv Undefined symbols for architecture x86_64:   "__gnutls_file_mutex", referenced from:       _gnutls_global_deinit in libgnutls.a(gnutls_global.o)       _gnutls_global_init in libgnutls.a(gnutls_global.o) ld:
	symbol(s) not found for architecture x86_64 It seems that the linker fails to pull in verify-tofu.o to satisfy
	the undefined reference to _gnutls_file_mutex.o in gnutls_global.o
	unless gnutls_global.o (or any other object file in the link) also
	calls functions that pulls in verify-tofu.o. Since gnutls_global.o
	always is linked in, but verify-tofu.o can be left out unless
	someone calls the functions in it, defining the mutex in
	gnutls_global.c makes sense and simplifies the dependencies.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/certtool-args.c, src/certtool-args.def,
	src/certtool-args.h, src/certtool-common.c, src/certtool-common.h,
	src/certtool.c, src/dh.c: Added --cprint option to certtool

2013-01-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/README.CODING_STYLE: updated coding style

2013-01-20  Alon Bar-Lev <alon.barlev@gmail.com>

	* src/Makefile.am: build: add danetool-args.c to BUILT_SOURCES Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Signed-off-by:
	Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-01-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, tests/suite/Makefile.am,
	tests/suite/mini-record-timing.c: Added program to estimate the
	timings in different record paddings.

2013-01-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-danetool.texi, libdane/dane.c,
	libdane/includes/gnutls/dane.h, src/danetool-args.c,
	src/danetool-args.def, src/danetool-args.h, src/danetool.c: Added
	--insecure flag to danetool.

2013-01-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c, tests/cert-tests/template-test.pem,
	tests/cert-tests/template-utf8.pem: modified certtool order of DN
	elements.

2013-01-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-sbuf.c: properly deinitialized sbuf

2013-01-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-dtls-record.c: initialize buffer before sending.

2013-01-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, tests/dn2.c: corrected test for new names and updated news.

2013-01-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, libdane/dane.c, libdane/errors.c,
	libdane/includes/gnutls/dane.h, libdane/libdane.map, m4/hooks.m4,
	src/danetool-args.c, src/danetool-args.def, src/danetool-args.h,
	src/danetool.c: Added options to specify a DLV file. Suggested by
	Paul Wouters.

2013-01-17  Nikos Mavrogiannopoulos <nikos@esat.kuleuven.be>

	* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/x509/x509_dn.c: Added gnutls_x509_crt_set_issuer_dn().

2013-01-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi: updated certtool doc

2013-01-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/TODO, doc/cha-cert-auth2.texi,
	lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/x509/Makefile.am, lib/x509/common.c, lib/x509/common.h,
	lib/x509/x509_dn.c, src/certtool-args.c, src/certtool-args.def,
	src/certtool-args.h, src/certtool-cfg.c, src/certtool-cfg.h,
	src/certtool.c: Added functions to directly set the DN in a
	certificate or request from an RFC4514 string.

2013-01-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-01-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-gtls-app.texi, lib/Makefile.am,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, lib/sbuf.c,
	tests/Makefile.am, tests/mini-sbuf.c: Added functions to assist
	buffering during transmission.  Added the gnutls_sbuf_t structure and accompanying functions to
	enable buffering in sending application data.

2013-01-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane-params.c: corrected copyright.

2013-01-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_errors.c, lib/includes/gnutls/gnutls.h.in,
	lib/nettle/rnd.c: Added new error code GNUTLS_E_RANDOM_DEVICE_ERROR.

2013-01-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/egd.c: Corrected issue when an EGD device was not
	found. Reported by Joshua Phillips.

2013-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk: Added config rule

2013-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-client-x509.c: doc fix

2013-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/pkcs12.c: doc fix

2013-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: small updates

2013-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/reference/gnutls-docs.sgml: update

2013-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/crq.c: simplified naming

2013-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/reference/gnutls-docs.sgml: update

2013-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/status_request.c, lib/gnutls_dh_primes.c,
	lib/gnutls_ui.c, lib/openpgp/pgp.c, lib/openpgp/privkey.c,
	lib/pkcs11.c, lib/x509/dn.c, lib/x509/ocsp.c, lib/x509/pkcs12.c,
	lib/x509/pkcs7.c, lib/x509/x509.c: Added correct since

2013-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/gnutls.tex: added babel (not sure why)

2013-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/reference/gnutls-docs.sgml: updated for 3.1

2013-01-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/pk.c: corrected error code

2013-01-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: updated makefile

2013-01-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: use AC_CONFIG_HEADER. Reported by Marko Lindqvist

2013-01-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented updates

2013-01-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: corrected typo

2013-01-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/libgnutls.map: updated exported function name

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, lib/ext/new_record_padding.c,
	lib/gnutls_priority.c, lib/includes/gnutls/gnutls.h.in,
	tests/mini-record.c: NEW_RECORD_PADDING priority string was renamed
	to RANDOM_PADDING

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c: corrected compression.

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/x509.h: removed utf8 chars

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/gnutls.tex: updates in output

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-record.c: Added checks for new record padding format.

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c, lib/gnutls_record.c: better checks in new
	record packets.

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c, lib/gnutls_int.h, lib/gnutls_record.c: use
	padding also if in DTLS.

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c, lib/gnutls_cipher.h, lib/gnutls_record.c: 
	some simplifications

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: use new_record_padding in DTLS data mtu
	calculation

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c, lib/gnutls_cipher.h, lib/gnutls_record.c: 
	simplified decryption

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/new_record_padding.c: removed debugging

2012-12-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/debug.c, lib/debug.h, lib/ext/Makefile.am,
	lib/ext/new_record_padding.c, lib/ext/new_record_padding.h,
	lib/gnutls_cipher.c, lib/gnutls_extensions.c,
	lib/gnutls_extensions.h, lib/gnutls_handshake.c, lib/gnutls_int.h,
	lib/gnutls_priority.c, lib/gnutls_record.c,
	lib/gnutls_session_pack.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map: Added a new record padding mechanism.  It is negotiated via an extension and record data are now formatted
	as: ciphered-struct {   opaque pad<0..2^16-1>   opaque content[TLSCompressed.length];   opaque MAC[CipherSpec.hash_size]; } The ciphered-struct size is
	always 0 modulo the block size in block ciphers to avoid any need
	for additional padding.  Added extension to negotiate new record padding.

2012-12-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, tests/Makefile.am, tests/mini-dtls-record.c: Added
	test for duplicate packet detection in DTLS.

2012-12-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c, lib/gnutls_int.h: Simplified DTLS sliding
	window implementation.

2012-12-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: Termination when expecting an alert is
	handled gracefully in DTLS.

2013-01-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: living in the past

2013-01-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, m4/hooks.m4: bumped library version

2013-01-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated news

2013-01-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-library.texi, doc/cha-tokens.texi, lib/Makefile.am,
	lib/tpm.c: If trousers is not present define the TPM functions but
	have them return GNUTLS_E_UNIMPLEMENTED_FEATURE.

2013-01-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: tpm support is disabled by default

2013-01-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: updated

2013-01-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi,
	doc/manpages/tpmtool.1: updated autogen'ed files.

2012-12-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-auth.texi, doc/cha-tokens.texi, doc/latex/Makefile.am,
	doc/latex/gnutls.tex: doc updates

2012-12-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane-params.c, libdane/dane.c: KU Leuven copyright stuff
	is LGPL version 2.1 or later

2012-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* THANKS: updated thanks file

2012-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README-alpha: updated git2cl link

2012-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-auth.texi: corrected typos

2012-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-auth.texi: updated in auth chapter

2012-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-auth.texi, doc/cha-cert-auth.texi,
	doc/cha-cert-auth2.texi, doc/cha-shared-key.texi, doc/gnutls.texi,
	doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi: Reorganization of
	the authentication chapter.

2012-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-auth.texi, doc/gnutls.texi: Added authentication methods
	chapter

2012-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-client-anon.c, doc/examples/ex-client-dtls.c,
	doc/examples/ex-client-psk.c, doc/examples/ex-client-resume.c,
	doc/examples/ex-client-x509.c, doc/examples/ex-serv-anon.c,
	doc/examples/ex-serv-dtls.c, doc/examples/ex-serv-pgp.c,
	doc/examples/ex-serv-psk.c, doc/examples/ex-serv-srp.c,
	doc/examples/ex-serv-x509.c: better code in client and server
	examples

2012-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/nettle/pk.c: made PKCS#1 1.5 encoding and decoding
	stricter. Reported by Kikuchi Masashi.

2012-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: corrected typo

2012-12-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: Termination when expecting an alert is
	handled gracefully in DTLS.

2012-12-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/ext/heartbeat.c: Improvements in heartbeat handling.

2012-12-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-serv-anon.c, doc/examples/ex-serv-dtls.c,
	doc/examples/ex-serv-pgp.c, doc/examples/ex-serv-psk.c,
	doc/examples/ex-serv-srp.c, doc/examples/ex-serv-x509.c: drop
	unecessary function in examples

2012-12-20  Martin Storsjo <martin@martin.st>

	* lib/ext/srtp.c: Don't match further SRTP profiles after one match
	has been found This makes SRTP profile matching more straightforward and intuitive,
	when the first matching SRTP profile will be the one selected, not
	the last one as before.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-12-20  Martin Storsjo <martin@martin.st>

	* lib/crypto-api.c: Fix the parameter name to gnutls_key_generate Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: updated

2012-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/testcompat: corrected datefudge test

2012-12-18  Martin Storsjo <martin@martin.st>

	* lib/system_override.c: Fix docs for
	gnutls_transport_set_pull_timeout_function The timeout function returns int, not ssize_t.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-12-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509_write.c: doc update

2012-12-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2012-12-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/mini-eagain2.c: added config.h

2012-12-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: corrected wording

2012-12-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/snippet/warn-on-use.h, gl/Makefile.am, gl/base64.c,
	gl/error.c, gl/fstat.c, gl/getaddrinfo.c, gl/m4/base64.m4,
	gl/m4/error.m4, gl/m4/extern-inline.m4, gl/m4/fstat.m4,
	gl/m4/ftruncate.m4, gl/m4/getaddrinfo.m4, gl/m4/gnulib-comp.m4,
	gl/m4/lock.m4, gl/m4/lstat.m4, gl/m4/math_h.m4, gl/m4/open.m4,
	gl/m4/stat.m4, gl/m4/stdio_h.m4, gl/m4/sys_socket_h.m4,
	gl/m4/sys_stat_h.m4, gl/m4/unistd_h.m4, gl/m4/vasnprintf.m4,
	gl/math.c, gl/math.in.h, gl/stdio.c, gl/stdio.in.h,
	gl/sys_socket.c, gl/sys_socket.in.h, gl/sys_stat.in.h,
	gl/tests/ftruncate.c, gl/tests/glthread/lock.c, gl/tests/lstat.c,
	gl/tests/open.c, gl/tests/stat.c, gl/unistd.c, gl/unistd.in.h,
	gl/vasnprintf.c, maint.mk: updated gnulib

2012-12-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/Makefile.am: corrected test

2012-12-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, src/certtool-args.c,
	src/certtool-args.def, src/certtool-args.h: certtool
	--generate-request option conflicts with --infile. Suggested by
	Daniel Black.

2012-12-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc fix

2012-12-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-psktool.texi, doc/invoke-srptool.texi,
	doc/invoke-tpmtool.texi, doc/manpages/Makefile.am,
	doc/manpages/tpmtool.1: use ECHO_N

2012-12-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/Makefile.am: do not build ecore in macosx

2012-12-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README, README-alpha: updated urls

2012-12-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/gnutls.texi, doc/latex/cover-epub.tex, doc/latex/cover.tex,
	lib/gnutls_privkey.c, lib/x509/crq.c, lib/x509/pkcs12.c,
	tests/pkcs12_simple.c: corrected copyright notices

2012-11-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, src/certtool-args.c,
	src/certtool-args.def, src/certtool-args.h: updated documentation.

2012-11-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c: _gnutls_strdatum_to_buf() will account for NULL
	input.

2012-11-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/output.c: allow GNUTLS_E_SHORT_MEMORY_BUFFER in
	gnutls_x509_crq_get_challenge_password

2012-12-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/crq.c: doc update

2012-11-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-p11tool.texi, src/p11tool-args.c,
	src/p11tool-args.def, src/p11tool-args.h: updated documentation

2012-12-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c, lib/x509/pkcs12.c, lib/x509/privkey.c,
	tests/key-openssl.c, tests/pkcs12_simple.c: Import PKCS #12 keys

2012-12-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: document fix

2012-12-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c: Corrected bugs in record parsing.  Corrected bugs in record padding parsing. Reported by Kenny
	Patterson and Nadhem Alfardan.

2012-12-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fixes

2012-11-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c, lib/ext/srtp.h: corrected copyright

2012-12-01  Ludovic Courtès <ludo@gnu.org>

	* guile/src/Makefile.am: guile: Fix dependencies to be
	parallel-safe.

2012-11-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi: Revert "do not document low-level
	functions" This reverts commit 7b334d581007ba4a91837edb1e0081959f32e363.

2012-11-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: mention dependencies in readme

2012-11-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk: update @VERSION@ -> actual version on the web manual

2012-11-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi: doc update

2012-11-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk: simplified generation of documentation

2012-11-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: mention gnutls_sec_param_get_name

2012-11-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-crypto.texi, lib/gnutls_ui.c: doc updates

2012-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/socket.c: corrected socket loop. Based on patch by Mantas
	Mikulenas.

2012-11-26  Simon Josefsson <simon@josefsson.org>

	* lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
	lib/minitasn1/element.c, lib/minitasn1/int.h,
	lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
	lib/minitasn1/parser_aux.h, lib/minitasn1/structure.c: Update
	minitasn1 to version 3.1.

2012-11-26  Simon Josefsson <simon@josefsson.org>

	* .gitignore, build-aux/snippet/unused-parameter.h,
	doc/gendocs_template, maint.mk: Update gnulib tools.  Add missing
	unused-parameter.h template.

2012-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c, src/ocsptool-common.c, src/socket.c, src/socket.h: 
	gnutls-cli will try to cannot to all possible returned addresses.

2012-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: updated todo list

2012-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/x509/x509.c: gnutls_x509_crt_get_policy() allows for a
	list of zero policy qualifiers.

2012-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/usage.c: Added hack to print the parameters correctly
	in windows.

2012-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509.c: updated

2012-11-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/template-test: repeat the tests to avoid
	accidental failures

2012-11-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/dn.c: LDAP string escaping was made stricter (rfc4514
	conforming)

2012-11-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkix.asn, lib/pkix_asn1_tab.c: removed unneeded types.

2012-11-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c: UniversalString (UTF-32) is handled as
	non-printable for now.

2012-11-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: updated todo list

2012-11-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c: Allow for bit strings that are not a multiple
	of 8.

2012-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, cross.mk: updated

2012-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* m4/hooks.m4: require libtasn1 3.1 or later

2012-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_asn1_tab.c, lib/pkix_asn1_tab.c, lib/tpm.c,
	lib/x509/common.c, lib/x509/common.h, lib/x509/crl.c,
	lib/x509/crq.c, lib/x509/dn.c, lib/x509/extensions.c,
	lib/x509/mpi.c, lib/x509/ocsp.c, lib/x509/pkcs12.c,
	lib/x509/pkcs12_bag.c, lib/x509/privkey.c, lib/x509/x509.c,
	lib/x509/x509_int.h, lib/x509/x509_write.c, tests/crq_apis.c,
	tests/set_pkcs12_cred.c: rewritten ASN.1 handling string subsystems
	to use the new libtasn1 APIs.

2012-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.5

2012-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2012-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c: corrected placeOfBirth DN parsing.

2012-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_global.c: no need to release struct

2012-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi: do not document low-level functions

2012-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/ecc_mulmod_cached.c: set cache to null after
	deinitialization

2012-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/template-test: fixed test

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, gl/Makefile.am, gl/c-strcase.h, gl/c-strcasecmp.c,
	gl/c-strncasecmp.c, gl/iconv.c, gl/iconv.in.h, gl/iconv_close.c,
	gl/iconv_open-aix.gperf, gl/iconv_open-aix.h,
	gl/iconv_open-hpux.gperf, gl/iconv_open-hpux.h,
	gl/iconv_open-irix.gperf, gl/iconv_open-irix.h,
	gl/iconv_open-osf.gperf, gl/iconv_open-osf.h,
	gl/iconv_open-solaris.gperf, gl/iconv_open-solaris.h,
	gl/iconv_open.c, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/m4/iconv_h.m4, gl/m4/iconv_open-utf.m4, gl/m4/iconv_open.m4,
	gl/m4/inline.m4, gl/m4/libunistring-base.m4, gl/m4/locale-fr.m4,
	gl/m4/locale-ja.m4, gl/m4/locale-tr.m4, gl/m4/locale-zh.m4,
	gl/m4/locale_h.m4, gl/m4/localename.m4, gl/m4/setlocale.m4,
	gl/tests/Makefile.am, gl/tests/locale.in.h, gl/tests/localename.c,
	gl/tests/localename.h, gl/tests/setlocale.c,
	gl/tests/test-c-strcase.sh, gl/tests/test-c-strcasecmp.c,
	gl/tests/test-c-strncasecmp.c, gl/tests/test-iconv-h.c,
	gl/tests/test-iconv-utf.c, gl/tests/test-locale.c,
	gl/tests/test-localename.c, gl/tests/test-setlocale1.c,
	gl/tests/test-setlocale1.sh, gl/tests/test-setlocale2.c,
	gl/tests/test-setlocale2.sh, gl/tests/unistr/test-u8-mbtoucr.c,
	gl/tests/unistr/test-u8-uctomb.c, gl/unistr.in.h,
	gl/unistr/u8-mbtoucr.c, gl/unistr/u8-uctomb-aux.c,
	gl/unistr/u8-uctomb.c, gl/unitypes.in.h: iconv() will include the
	UCS2->UTF8 convertion in systems that is not provided.

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkix_asn1_tab.c: use the old type for compatibility

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/minitasn1/libtasn1.h, lib/minitasn1/structure.c: updated
	libtasn1 version

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: simplified UTF-8 encoding.

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-danetool.texi, src/Makefile.am,
	src/danetool-args.c, src/danetool-args.def, src/danetool-args.h,
	src/danetool.c: danetool is being built even without libgnutls-dane.  The --check functionality is not operational though. It can only
	generate tlsa records.

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/Makefile.am, tests/cert-tests/template-test,
	tests/cert-tests/template-utf8.pem,
	tests/cert-tests/template-utf8.tmpl: Added test on UTF-8 certificate
	generation.

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/dn.c: removed redundant check

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-certtool.texi, src/certtool-args.c,
	src/certtool-args.def, src/certtool-args.h, src/certtool.c: updated
	parameters

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509.c: update

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, lib/x509/x509.c: doc update

2012-11-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, lib/pkcs11_privkey.c, lib/x509/output.c,
	lib/x509/x509.c, lib/x509/x509_write.c: doc update

2012-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509_write.c: enforce the 200 character limit.

2012-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/system.c: improved iconv support.

2012-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/aki, tests/cert-tests/aki-cert.pem,
	tests/cert-tests/bmpstring.pem, tests/cert-tests/ca-no-pathlen.pem,
	tests/cert-tests/no-ca-or-pathlen.pem, tests/cert-tests/pathlen: 
	updated for new output

2012-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: news update

2012-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, doc/cha-gtls-app.texi,
	doc/invoke-certtool.texi, doc/manpages/Makefile.am,
	lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
	lib/x509/output.c, src/certtool-args.c, src/certtool-args.def,
	src/certtool-args.h, src/certtool-common.c, src/certtool-common.h,
	src/certtool.c, src/tpmtool.c: Several updates in certificate/public
	key printing.  * Added GNUTLS_CRT_PRINT_FULL_NUMBERS to print bignumbers in an
	easier to parse format.  * Added gnutls_pubkey_import_x509_crq() to convert a certificate
	request to a public key.  * Added gnutls_pubkey_print() to simplify public key printing.  * certtool's pubkey-info can be combined with --load-request.  * Added --numbers option to certtool which prints big numbers in an
	easier to parser format.

2012-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/gendocs.sh, configure.ac, gl/Makefile.am, gl/dup2.c,
	gl/errno.in.h, gl/m4/errno_h.m4, gl/m4/gnulib-cache.m4,
	gl/m4/gnulib-comp.m4, gl/m4/select.m4, gl/m4/stdlib_h.m4,
	gl/select.c, gl/stdlib.in.h, gl/strerror-override.c,
	gl/strerror-override.h, gl/tests/Makefile.am, gl/tests/dup2.c,
	gl/tests/fcntl.in.h, gl/tests/test-fcntl-h.c,
	gl/tests/test-iconv.c, gl/tests/test-select.h, lib/system.c,
	m4/hooks.m4, maint.mk: use gnulib to detect iconv.

2012-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, lib/Makefile.am, lib/system.c: check for
	either iconv or libiconv.

2012-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.c, src/certtool-args.def, src/certtool-args.h,
	src/certtool-cfg.c: simplified parsing

2012-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/output.c: print header only on the first policy

2012-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-certtool.texi, src/certtool-args.c,
	src/certtool-args.def, src/certtool-args.h, src/certtool-cfg.c,
	src/certtool-cfg.h, src/certtool.c: certtool is able to set
	certificate policies via a template

2012-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/x509/dn.c, lib/x509/output.c, lib/x509/x509.c,
	lib/x509/x509_write.c: Added gnutls_x509_crt_set_policy()

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/crl.c, lib/x509/crq.c, lib/x509/dn.c, lib/x509/pkcs12.c,
	lib/x509/x509.c: doc update

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, doc/manpages/Makefile.am,
	lib/includes/gnutls/x509.h, lib/x509/output.c, lib/x509/x509.c: 
	another rename

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: corrected win32 UCS2 conversion.

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, doc/manpages/Makefile.am,
	lib/includes/gnutls/x509.h, lib/system.c, lib/x509/output.c,
	lib/x509/x509.c: simplified naming

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509.c: mention the extension OID

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/aki-cert.pem,
	tests/cert-tests/no-ca-or-pathlen.pem: updated certificates to parse
	2.5.29.32.

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkix.asn, lib/pkix_asn1_tab.c, lib/x509/x509.c: handle
	visiblestring.

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/Makefile.am, tests/cert-tests/bmpstring.pem,
	tests/cert-tests/pem-decoding: Added simple check for bmpstring
	decoding.

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: Added _gnutls_ucs2_to_utf8() for windows (untested)

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c: If _gnutls_ucs2_to_utf8() handle the data as
	non-printable (fallback to previous behavior).

2012-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509.c: doc update

2012-11-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented updates

2012-11-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: check for iconv

2012-11-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c, lib/x509/common.c: map the whole ascii set

2012-11-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c: Handle BMPString in DNs.

2012-11-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/x509.h, lib/libgnutls.map, lib/pkix.asn,
	lib/pkix_asn1_tab.c, lib/system.c, lib/system.h, lib/tpm.c,
	lib/x509/common.c, lib/x509/common.h, lib/x509/crl.c,
	lib/x509/dn.c, lib/x509/extensions.c, lib/x509/mpi.c,
	lib/x509/ocsp.c, lib/x509/output.c, lib/x509/pkcs12.c,
	lib/x509/pkcs12_bag.c, lib/x509/privkey.c,
	lib/x509/privkey_pkcs8.c, lib/x509/x509.c: Added functions to parse
	the certificate policies extention.  Added gnutls_x509_crt_get_policy() etc. In addition several updated
	in the handling of strings in X.509 structures.

2012-11-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-cert-auth2.texi, doc/cha-crypto.texi,
	doc/cha-gtls-app.texi, doc/gnutls.texi, lib/x509/privkey.c: doc
	updates

2012-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c: updated doc

2012-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2012-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/template-test: Added small text

2012-11-15  Tim Kosse <tim.kosse@filezilla-project.org>

	* doc/examples/Makefile.am: print-ciphersuites was a very useful too
	for debugging this. Now it is even built.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-11-15  Tim Kosse <tim.kosse@filezilla-project.org>

	* lib/gnutls_priority.c: Don't read past the last list entry in
	_add_priority, doing so adds algorithms that shouldn't be added and
	can even lead to a segfault.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-11-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/danetool.c: tried to beautify output of danetool

2012-11-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c: corrected description.

2012-11-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c: corrected typo

2012-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2012-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pkcs11.c: optimizations in list import

2012-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: When listing all objects of a type, restrict their
	class to the specified.

2012-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pkcs11.c: Added some help on failure.

2012-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c, lib/pkcs11_int.h, lib/pkcs11_privkey.c: 
	pkcs11_find_object made static.

2012-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-common.c, src/certtool-common.h, src/certtool.c,
	src/dh.c, src/p11tool.c, src/pkcs11.c, src/tpmtool.c: get_bits()
	does not always warn.

2012-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/pkcs11.h, lib/libgnutls.map, lib/pkcs11.c,
	lib/pkcs11_int.h, lib/pkcs11_privkey.c, src/pkcs11.c: when
	generating a PKCS #11 private key print the public key.

2012-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-certtool.texi, src/certtool-args.c,
	src/certtool-args.def, src/certtool-args.h, src/certtool.c: The
	pubkey-info option can be combined with the load-privkey to extract
	the public key of a private key.

2012-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-client-x509.c, doc/examples/ex-verify-ssh.c,
	doc/examples/verify.c: corrected verification examples

2012-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: removed OCSP extension from TODO

2012-11-09  Diego Elio Pettenò <flameeyes@flameeyes.eu>

	* tests/cert-tests/Makefile.am: build: only run the dane cert test
	if dane is enabled.  This fixes a test failure when disabling dane support.  Signed-off-by: Diego Elio Pettenò <flameeyes@flameeyes.eu>
	Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, NEWS, cfg.mk, doc/manpages/Makefile.am,
	tests/cert-tests/Makefile.am, tests/cert-tests/cert-ecc256.pem,
	tests/cert-tests/dane: last changes for release.

2012-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/invoke-gnutls-cli.texi,
	doc/manpages/Makefile.am, src/common.c: updated

2012-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c: Corrected indication of OCSP check failure.

2012-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli-args.c, src/cli-args.def, src/cli-args.h, src/cli.c: The
	status-request option was eliminated. Check OCSP only when the
	status response in the handshake was invalid.

2012-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* AUTHORS, NEWS: Added Martin

2012-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.c, src/certtool-args.h, src/cli-args.c,
	src/cli-args.h, src/cli-debug-args.c, src/cli-debug-args.h,
	src/danetool-args.c, src/danetool-args.h, src/ocsptool-args.c,
	src/ocsptool-args.h, src/p11tool-args.c, src/p11tool-args.h,
	src/psk-args.c, src/psk-args.h, src/serv-args.c, src/serv-args.h,
	src/srptool-args.c, src/srptool-args.h, src/tpmtool-args.c,
	src/tpmtool-args.h: updated

2012-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi,
	doc/manpages/tpmtool.1, doc/scripts/cleanup-autogen.pl: remove
	@cindex from the invoke-* files.

2012-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
	doc/latex/gnutls.bib: doc updates

2012-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi: doc update

2012-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/algorithms.h, lib/algorithms/mac.c,
	lib/algorithms/sign.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, lib/verify-tofu.c, lib/x509/ocsp_output.c,
	lib/x509/output.c, lib/x509/verify.c, tests/chainverify.c: Allow
	easier marking of insecure algorithms.

2012-11-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_compress.c: removed debugging

2012-11-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_int.h, lib/gnutls_sig.c: key usage violations are
	tolerated.

2012-11-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_cert.c, lib/gnutls_x509.c,
	lib/includes/gnutls/gnutls.h.in: Removed
	GNUTLS_CERT_REVOCATION_DATA_INVALID and no longer fail on OCSP
	parsing errors.

2012-11-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-tokens.texi: doc update

2012-11-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/cli-debug.c, src/tls_test.c: gnutls-cli-debug
	uses server name indication.

2012-11-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c, lib/ext/srtp.h: Do not succeed if no MKI was
	received.  The gnutls_srtp_get_mki() function succeeds only when the MKI was
	received by the peer.  Also store the received MKI -if any- in the
	session resumption data.

2012-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-intro-tls.texi, lib/gnutls_int.h, lib/gnutls_ui.c,
	lib/gnutls_x509.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map: Added gnutls_ocsp_status_request_is_checked().

2012-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c, lib/gnutls_x509.c,
	lib/includes/gnutls/gnutls.h.in, lib/x509/verify.c: When verifying
	an OCSP response included in TLS don't fail if the response is old.  That is to avoid creating more problems for a server that included
	an old response, from a server that included none.  Also renamed:
	Too old -> Superseded.

2012-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2012-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c: updated doc

2012-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/ext/srtp.c, lib/ext/srtp.h,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
	gnutls_srtp_get_mki() and gnutls_srtp_set_mki().

2012-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c: set an upper limit to SRTP profiles in hello
	message.

2012-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, doc/cha-library.texi, lib/ext/Makefile.am,
	lib/gnutls_extensions.c, m4/hooks.m4, src/cli.c, src/common.c,
	src/serv.c, tests/mini-dtls-srtp.c: Added conditional to disable
	DTLS-SRTP support.

2012-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-danetool.texi: updated

2012-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-dtls-srtp.c: corrected SRTP profile names

2012-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c: simplified profile selection

2012-11-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/danetool.c: better printing

2012-11-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/danetool.c: verify all possible entries

2012-11-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/danetool-args.c, src/danetool-args.def, src/danetool-args.h: 
	danetool doc fix

2012-11-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi, lib/ext/srtp.c,
	lib/includes/gnutls/gnutls.h.in: Added HMAC prefix to SRTP profiles
	and updated documentation.

2012-11-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/danetool.c: separate entries.

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.h: undefine macro from win32 headers which clashes
	autogened macros.

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: bumped version and removed unused dependency

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/manpages/Makefile.am: added new functions

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: disable libdane when cross-building.

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c: gnutls_srtp_get_keys() returns the size of the key
	material

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane-params.c, libdane/errors.c: corrected copyright

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, lib/libgnutls.map: removed
	gnutls_certificate_update_verify_flags

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_cert.c, lib/gnutls_int.h, lib/x509/verify.c,
	tests/suite/chain, tests/suite/x509paths/README: check pathlen
	constraints.

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/rsa-md5-collision/rsa-md5-collision: updated test

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: files to ignore

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_cert.c, lib/gnutls_ui.c,
	lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/x509.h,
	lib/x509/verify-high.c, tests/chainverify-unsorted.c: Added
	verification flag GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN The default is now GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN, and removed
	gnutls_certificate_update_verify_flags().

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify.c: small optimization in CRL check

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/includes/gnutls/gnutls.h.in, lib/x509/verify.c,
	src/certtool.c, tests/suite/chain, tests/suite/x509paths/README: 
	Check the key usage bits during certificate verification.

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_cert.c, lib/includes/gnutls/gnutls.h.in,
	lib/x509/verify.c, src/certtool.c: CRL verification includes the
	time checks.

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, doc/cha-gtls-app.texi,
	doc/cha-intro-tls.texi: doc update

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2012-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, tests/mini-dtls-srtp.c: Added
	gnutls_srtp_get_keys().

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_state.c: corrected typos

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-intro-tls.texi, lib/ext/srtp.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: 
	gnutls_srtp_get_profile_by_name -> gnutls_srtp_get_profile_id

2012-11-01  Martin Storsjo <martin@martin.st>

	* src/cli.c, src/serv.c: Fix typos in error messages Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: better verification messages.

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/danetool.c: optimized printing

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-danetool.texi, lib/libgnutls.map,
	libdane/Makefile.am, libdane/dane.c,
	libdane/includes/gnutls/dane.h, libdane/libdane.map, src/cli.c,
	src/common.c, src/danetool-args.c, src/danetool-args.def,
	src/danetool-args.h, src/danetool.c: Added
	dane_verification_status_print() and danetool can verify a DANE
	entry.

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c: avoid unnecessary newline

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_str.h, lib/openpgp/output.c, lib/x509/output.c: 
	gettext.h was moved to gnutls_str.h

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/Makefile.am, src/danetool-args.c,
	src/danetool-args.def, src/danetool-args.h, src/danetool.c: Added
	--check option to danetool.

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, libdane/Makefile.am, libdane/dane-params.c, libdane/dane.c,
	libdane/includes/gnutls/dane.h, libdane/libdane.map: Added new
	functions to convert types to strings.

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/mini-dtls-srtp.c: Added test on DTLS SRTP
	functions.

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-gnutls-cli.texi, doc/invoke-gnutls-serv.texi,
	src/cli-args.c, src/cli-args.h, src/serv-args.c, src/serv-args.h: 
	updated auto-generated files.

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/ext/srtp.c, lib/ext/srtp.h: documented update and set
	the copyright to Martin until the formal papers are received.

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c: signed-unsigned comparison fixes and removed
	unused parameter.

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c, src/serv.c: Check for errors while setting an SRTP
	profile.

2012-11-01  Martin Storsjo <martin@martin.st>

	* src/cli-args.def, src/cli.c, src/common.c, src/serv-args.def,
	src/serv.c: Support SRTP profile negotiation in the client and
	server tools The cli/serv-args files haven't been regenerated in the patch, to
	avoid the extra stray changes due to differing autogen versions.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c, lib/gnutls_session.c, lib/gnutls_ui.c: Added
	"Since" field to new functions.

2012-11-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c: Made error code consistent with the other text
	parsing functions.

2012-11-01  Martin Storsjo <martin@martin.st>

	* NEWS, doc/Makefile.am, doc/protocol/rfc5764.txt,
	lib/ext/Makefile.am, lib/ext/srtp.c, lib/ext/srtp.h,
	lib/gnutls_extensions.c, lib/gnutls_int.h,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Add support for
	DTLS-SRTP profile negotiation (RFC 5764) Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c: better doc

2012-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/gnutls.h.in: mention that GNUTLS_CERT_INVALID
	flag is deprecated by GNUTLS_CERT_SIGNER_NOT_FOUND and
	GNUTLS_CERT_SIGNATURE_FAILURE.

2012-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c, src/common.c: updated
	gnutls_certificate_verification_status_print() presentation

2012-10-31  Martin Storsjo <martin@martin.st>

	* lib/ext/server_name.c: server_name: Store the actual number of
	server names Earlier, if the number of set server names exceeded the maximum, the
	server_names field wasn't bounded to the maximum, which could lead
	to reading out of bounds in _gnutls_server_name_send_params.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-10-31  Martin Storsjo <martin@martin.st>

	* lib/ext/server_name.c: server_name: Return the actual required
	buffer size if the buffer is too small Since we require space for the null termination, include this in the
	info returned if the caller provided a too small buffer.  Otherwise,
	if the caller allocated a buffer of exactly the suggested size, it
	would still be too small.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, doc/cha-gtls-app.texi: Documented
	gnutls_certificate_verification_status_print().

2012-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/examples/ex-client-x509.c,
	doc/examples/ex-verify-ssh.c, doc/examples/verify.c,
	lib/gnutls_cert.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, lib/x509/output.c, src/common.c: Added
	gnutls_certificate_verification_status_print().  This function simplifies printing the certificate verification
	status.

2012-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi,
	doc/cha-gtls-app.texi, doc/examples/ex-client-x509.c,
	doc/examples/ex-verify-ssh.c, doc/examples/verify.c,
	lib/gnutls_cert.c, lib/gnutls_x509.c, lib/gnutls_x509.h,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
	lib/openpgp/compat.c, lib/openpgp/gnutls_openpgp.h,
	lib/openpgp/pgp.c, lib/x509/rfc2818_hostname.c, src/common.c: 
	Simplified certificate verification by adding
	gnutls_certificate_verify_peers3().  This function combines the RFC2818 hostname check and chain
	verification check.

2012-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: fix compilation when DANE is disabled.

2012-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-gtls-app.texi: updated
	documentation.

2012-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-cert-auth.texi, lib/gnutls_ui.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
	gnutls_certificate_update_verify_flags() to allow setting new flags
	without overriding any defaults.

2012-10-29  Martin Storsjo <martin@martin.st>

	* doc/examples/Makefile.am: examples: Build an executable of
	ex-serv-dtls like the other examples Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-10-29  Martin Storsjo <martin@martin.st>

	* doc/examples/ex-serv-dtls.c: examples: Make sure the timeout
	parameter to select is valid This makes the example work properly on Mac OS X (tested on 10.8).  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS, doc/cha-cert-auth.texi,
	doc/invoke-danetool.texi: Added documentation on detecting
	libgnutls-dane.

2012-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, libdane/Makefile.am, libdane/gnutls-dane.pc.in: 
	Added gnutls-dane.pc.

2012-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/Makefile.am, tests/cert-tests/dane,
	tests/cert-tests/dane-test.rr: Added a test on danetool.

2012-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/danetool-args.c, src/danetool-args.def, src/danetool-args.h,
	src/danetool.c: removed unused variables.

2012-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
	lib/minitasn1/element.c, lib/minitasn1/element.h,
	lib/minitasn1/errors.c, lib/minitasn1/int.h,
	lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
	lib/minitasn1/parser_aux.h, lib/minitasn1/structure.c,
	lib/minitasn1/structure.h: updated libtasn1

2012-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-tls.c: better benchmark printing.

2012-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, lib/gnutls_session.c: doc update

2012-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-tls.c: corrections in benchmark measured average
	time.

2012-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi: corrected typo

2012-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: mention new function

2012-10-14  Elias Pipping <pipping@exherbo.org>

	* tests/Makefile.am, tests/pkcs12-decode/pkcs12: Fix out-of-source
	tests

2012-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, lib/gnutls_session.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
	gnutls_session_get_id2().

2012-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c: updated doc

2012-10-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-10-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-gtls-app.texi, lib/gnutls_priority.c,
	lib/gnutls_x509.c, lib/includes/gnutls/x509.h: Added priority string
	%VERIFY_DISABLE_CRL_CHECKS.

2012-10-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_x509.c, lib/includes/gnutls/gnutls.h.in,
	src/common.c: If OCSP revocation data are invalid or too old set
	appropriate verification flags.

2012-10-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, doc/cha-intro-tls.texi: doc updates

2012-10-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	src/certtool-args.c, src/certtool-args.def, src/certtool-args.h,
	src/danetool-args.c, src/danetool-args.def, src/danetool-args.h: 
	removed incorrect description

2012-10-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/danetool.c: correctly set the format of the certificate

2012-10-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-gnutls-cli.texi, src/cli-args.c,
	src/cli-args.def, src/cli-args.h, src/cli.c: Added --local-dns
	option to gnutls-cli.

2012-10-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-gnutls-cli.texi, src/cli-args.c, src/cli-args.def,
	src/cli-args.h, src/cli.c: disable default extensions on
	--disable-extensions.

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-danetool.texi, src/danetool-args.c,
	src/danetool-args.def, src/danetool-args.h: corrected typo

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/privkey.c: call gnutls_x509_privkey_import_openssl() even
	with not a password.

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/Makefile.am: updated makefile

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c, lib/openpgp/privkey.c: Added debugging.

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pubkey.c, lib/x509/crq.c, lib/x509/privkey.c,
	lib/x509/x509.c: doc fixes

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: Added debugging

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-danetool.texi, doc/manpages/Makefile.am,
	src/danetool-args.c, src/danetool-args.def, src/danetool-args.h: 
	Added danetool manpage

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.3

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_global.c, lib/x509/privkey_openssl.c: doc updates

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/reference/gnutls-docs.sgml: remove files that are not
	generated

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/doc.mk, doc/manpages/Makefile.am,
	doc/reference/Makefile.am, doc/reference/gnutls-docs.sgml: use
	common definitions for generating docs.

2012-10-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS, doc/Makefile.am, doc/cha-cert-auth.texi,
	doc/cha-cert-auth2.texi, doc/invoke-certtool.texi,
	doc/invoke-danetool.texi, src/Makefile.am, src/certtool-args.c,
	src/certtool-args.def, src/certtool-args.h, src/certtool.c,
	src/danetool-args.c, src/danetool-args.def, src/danetool-args.h,
	src/danetool.c: Separated DANE functionality from certtool and added
	danetool.

2012-10-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/auth/cert.c, lib/gnutls_pcert.c, lib/openpgp/pgp.c,
	lib/openpgp/privkey.c: Added (back) RFC5081 support in client mode.

2012-10-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/auth/cert.c, lib/auth/cert.h, lib/gnutls_pcert.c,
	lib/gnutls_pubkey.c, lib/gnutls_ui.c,
	lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
	lib/libgnutls.map, lib/openpgp/pgp.c, lib/openpgp/privkey.c: Several
	OpenPGP updates.  Exported gnutls_certificate_get_peers_subkey_id().  Removed
	compatibility code with RFC5081.  The
	gnutls_openpgp_*_get_subkey_*() functions return the master key
	parameters if provided with GNUTLS_OPENPGP_MASTER_KEYID_IDX.

2012-10-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fixes

2012-10-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/pkcs12_encr.c: Increased maximum password len in PKCS
	#12.

2012-10-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/privkey_openssl.c, tests/Makefile.am,
	tests/key-openssl.c: Bug fixes in the openssl encrypted PEM key
	parsing.

2012-10-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/anon.c, lib/auth/anon_ecdh.c, lib/auth/cert.c,
	lib/auth/dh_common.c, lib/auth/dhe.c, lib/auth/dhe_psk.c,
	lib/auth/ecdh_common.c, lib/auth/psk.c, lib/auth/psk_passwd.c,
	lib/auth/rsa.c, lib/auth/rsa_export.c, lib/auth/srp.c,
	lib/auth/srp_passwd.c, lib/auth/srp_rsa.c, lib/ext/srp.c,
	lib/ext/status_request.c, lib/gnutls_auth.c, lib/gnutls_auth.h,
	lib/gnutls_cert.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
	lib/gnutls_kx.c, lib/gnutls_state.c, lib/gnutls_ui.c,
	lib/gnutls_x509.c: session->key no longer needs to be an allocated
	structure.

2012-10-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c, libdane/includes/gnutls/dane.h, src/cli.c: The
	high level functions accept sflags and vflags as separate options.

2012-10-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS, doc/cha-cert-auth.texi,
	doc/invoke-certtool.texi, libdane/dane.c,
	libdane/includes/gnutls/dane.h, libdane/libdane.map,
	src/Makefile.am, src/cli.c: Updates in DANE support. Allow caching
	of queries.

2012-10-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/certtool-args.c, src/certtool-args.def,
	src/certtool-args.h, src/certtool.c: dane-rr -> dane-tlsa-rr

2012-10-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi,
	doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
	doc/cha-library.texi, doc/invoke-certtool.texi,
	doc/scripts/mytexi2latex, src/certtool-args.c,
	src/certtool-args.def, src/certtool-args.h: Documentation updates

2012-10-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped versions

2012-10-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/Makefile.am: inlude DANE in manual

2012-10-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: define Loaded_CertEnumCRLsInStore to
	CertEnumCRLsInStore when it exists.

2012-10-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented updates

2012-10-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.c, src/certtool-args.def, src/certtool-args.h,
	src/certtool-common.c, src/certtool-common.h, src/certtool.c: 
	Certtool updates.  By default generate public key TLSA RR entries. Added --verbose
	option.

2012-10-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-cert-auth.texi, doc/cha-functions.texi,
	libdane/Makefile.am: libdane -> libgnutls-dane

2012-10-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.c, src/certtool-args.h, src/certtool.c: use hex
	for single byte entries

2012-10-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/certtool-args.def: DANE RR -> DANE TLSA RR

2012-10-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: Certtool generates DANE entries with selector 0
	(X.509 certificate).

2012-10-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-certtool.texi, src/certtool-args.c,
	src/certtool-args.def, src/certtool-args.h, src/certtool.c: Certtool
	can generate a DANE RR entry.

2012-10-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkix_asn1_tab.c: use the old libtasn1 type

2012-10-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/minitasn1/Makefile.am: removed old file

2012-10-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/examples/ex-client-resume.c,
	doc/examples/ex-client-x509.c, lib/gnutls_state.c,
	lib/includes/gnutls/gnutls.h.in, src/cli-args.c, src/cli-args.h,
	src/tls_test.c, tests/resume-dtls.c, tests/resume.c: The session
	ticket and OCSP certificate status extensions are enabled by
	default.  In client side gnutls_init() enables the session ticket and OCSP
	certificate status request extensions by default. The flag
	GNUTLS_NO_EXTENSIONS can be used to prevent that.

2012-10-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkix.asn, lib/pkix_asn1_tab.c: save some memory by removed
	unused ASN.1 structures.

2012-10-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pubkey.c: corrected version number

2012-10-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c, libdane/includes/gnutls/dane.h, src/cli.c: Bug
	fixes in DANE.  Corrected packet length parsing and removed the verify options
	DANE_VERIFY_DNSSEC_DATA_INVALID and DANE_VERIFY_NO_DNSSEC_DATA.
	There is longer use for them since using the DANE API requires
	DNSSEC.

2012-10-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/crl.c, lib/x509/crq.c, lib/x509/privkey.c,
	lib/x509/privkey_pkcs8.c: corrected versions

2012-10-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-tokens.texi, lib/gnutls_privkey.c,
	lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
	lib/libgnutls.map: Added helper functions
	gnutls_pubkey_import_openpgp_raw() and
	gnutls_pubkey_import_x509_raw().

2012-10-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-cert-auth2.texi, doc/cha-tokens.texi,
	doc/invoke-gnutls-cli.texi, lib/gnutls_dh_primes.c,
	lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
	lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/openpgp.h,
	lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/pkcs12.h,
	lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/openpgp/openpgp_int.h, lib/openpgp/pgp.c,
	lib/openpgp/privkey.c, lib/pkcs11.c, lib/x509/common.c,
	lib/x509/common.h, lib/x509/crl.c, lib/x509/crq.c, lib/x509/dn.c,
	lib/x509/pkcs12.c, lib/x509/pkcs7.c, lib/x509/privkey.c,
	lib/x509/privkey_pkcs8.c, lib/x509/x509.c, libdane/dane.c: Added
	functions to export structures in an allocated buffer.

2012-10-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli-args.c, src/cli-args.def, src/cli-args.h, src/cli.c: Added
	command-line option to disable CA verification.

2012-10-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: removed old flag

2012-10-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c, libdane/includes/gnutls/dane.h: Always require
	DNSSEC.

2012-10-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: some reorganization of the configure script.

2012-10-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi: some more text for TPMs

2012-10-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c, src/common.c, src/common.h: In gnutls-cli the server
	certificate is printed prior to verification

2012-10-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, Makefile.am, NEWS, configure.ac, doc/Makefile.am,
	doc/cha-cert-auth.texi, doc/cha-functions.texi,
	doc/invoke-gnutls-cli.texi, doc/manpages/Makefile.am,
	doc/scripts/getfuncs.pl, libdane/Makefile.am, libdane/dane.c,
	libdane/errors.c, libdane/includes/Makefile.am,
	libdane/includes/gnutls/dane.h, libdane/libdane.map, m4/hooks.m4,
	src/Makefile.am, src/cli-args.c, src/cli-args.def, src/cli-args.h,
	src/cli.c: Added a DANE library.

2012-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-client-resume.c, doc/examples/ex-client-x509.c: 
	enable useful extensions in the examples.

2012-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/wmnaf.c: included config.h to avoid issue with gnulib

2012-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi, doc/invoke-gnutls-cli.texi,
	lib/gnutls_cert.c, lib/gnutls_x509.c, src/cli-args.c,
	src/cli-args.def, src/cli-args.h, src/cli.c: 
	gnutls_certificate_verify_peers2() checks ocsp status response if
	available.

2012-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: do not set verify_flags

2012-10-04  Nikos Mavrogiannopoulos <nikos@esat.kuleuven.be>

	* lib/x509/verify-high.c: doc update.

2012-10-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/ocsp.c: If revocation reason cannot be read set it to
	GNUTLS_X509_CRLREASON_UNSPECIFIED.

2012-10-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, doc/manpages/Makefile.am: changed generation of
	manpages.

2012-10-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk: upload -> upload-tarballs

2012-10-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am, lib/hash.c, lib/hash.h, lib/minitasn1/hash.c,
	lib/minitasn1/int.h, lib/minitasn1/parser_aux.c, lib/verify-tofu.c,
	lib/x509/ocsp.c, lib/x509/verify-high.c, lib/x509/verify-high2.c: 
	Use hash-pjw-bare instead of asn1_bhash().

2012-10-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/config.rpath, build-aux/gendocs.sh, gl/Makefile.am,
	gl/base64.h, gl/getpass.h, gl/hash-pjw-bare.c, gl/hash-pjw-bare.h,
	gl/m4/eealloc.m4, gl/m4/extern-inline.m4, gl/m4/fcntl-o.m4,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/lib-ld.m4,
	gl/m4/manywarnings.m4, gl/m4/timer_time.m4, gl/m4/timespec.m4,
	gl/m4/xsize.m4, gl/stdbool.in.h, gl/sys_select.in.h,
	gl/tests/Makefile.am, gl/tests/binary-io.c, gl/tests/binary-io.h,
	gl/tests/ioctl.c, gl/tests/malloca.h, gl/tests/test-select.h,
	gl/timespec.c, gl/timespec.h, gl/u64.c, gl/u64.h, gl/verify.h,
	gl/xsize.c, gl/xsize.h, maint.mk: Updated gnulib and added
	hash-pjw-bare

2012-10-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, tests/Makefile.am, tests/mini-x509-callbacks.c: Added
	test to verify that callbacks are being actually called.

2012-10-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-ocsp-client.c, src/ocsptool-common.c: check the
	first response.

2012-10-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/ocsp.h, lib/x509/ocsp.c: 
	gnutls_ocsp_resp_check_crt() accepts the response index.

2012-10-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, lib/includes/gnutls/gnutls.h.in,
	lib/includes/gnutls/ocsp.h: doc update

2012-10-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/x509.h, lib/x509/x509.c: Added
	gnutls_x509_crl_reason_flags_t.

2012-10-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/ocsp.c: read revocation reason

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/ocsp.c: simplified doc

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/libgnutls.map: gnutls_ocsp_resp_check_crt was moved to
	3.0 symbols and documented update.

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, doc/examples/ex-ocsp-client.c,
	doc/invoke-gnutls-cli.texi, doc/invoke-gnutls-serv.texi: documented
	gnutls_ocsp_resp_check_crt().

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/auth/cert.h, lib/ext/status_request.c,
	lib/gnutls_cert.c, lib/gnutls_errors.c,
	lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/ocsp.h,
	lib/libgnutls.map, lib/x509/ocsp.c, src/cli-args.c,
	src/cli-args.def, src/cli-args.h, src/cli.c, src/ocsptool-common.c,
	src/ocsptool-common.h, src/serv-args.c, src/serv-args.def,
	src/serv-args.h, src/serv.c: The OCSP response file is now set on
	the credentials and other additions.  Changed OCSP function prototypes for almost all status_request
	functions to move the response file and callback to the certificate
	credentials structure.  Added gnutls_ocsp_resp_check_crt() to check
	whether a response corresponds to a given certificate.

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_extensions.c: Print debugging information even when an
	extension is not parsed.

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/session_ticket.c, lib/gnutls_handshake.c: Fixed the
	receipt of session tickets during session resumption.  Reported by danblack http://savannah.gnu.org/support/?108146

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/resume.c: better output in resume

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c, lib/gnutls_handshake.h, lib/gnutls_int.h: 
	simplified handshake states.

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/status_request.c, lib/gnutls_handshake.c: Verify callback
	is run in either side.

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/psk.c, lib/gnutls_datum.c, lib/gnutls_datum.h,
	lib/gnutls_x509.c: removed unused functions.

2012-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/status_request.c: Pack and unpack the status request
	extension data on resumption.

2012-09-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c, src/ocsptool-common.c: Use the server's OCSP provided
	data when verifying a certificate's validity.

2012-09-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c, lib/ext/status_request.c,
	lib/gnutls_handshake.c, lib/gnutls_int.h: The certificate
	verification callback is being run after the certificate status
	response is received.

2012-09-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented updates

2012-09-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/debug.c, lib/ext/status_request.c, lib/ext/status_request.h,
	lib/gnutls_buffers.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli-args.c,
	src/cli-args.h, src/serv-args.c, src/serv-args.h: updated OCSP
	status request.

2012-09-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: Session ID is correctly read.

2012-09-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/max_record.c, lib/gnutls_buffers.c, lib/gnutls_int.h,
	lib/nettle/wmnaf.c: Corrected signed-to-unsigned comparisons

2012-04-17  Simon Josefsson <simon@josefsson.org>

	* doc/Makefile.am, doc/manpages/Makefile.am, lib/ext/Makefile.am,
	lib/ext/status_request.c, lib/ext/status_request.h,
	lib/gnutls_extensions.c, lib/gnutls_int.h,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
	src/cli-args.def, src/cli.c, src/serv-args.def, src/serv.c: 
	Implement status_request OCSP extension.

2012-09-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* AUTHORS: Added Olga and Ilya to authors.

2012-09-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2012-09-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-bib.texi, doc/cha-intro-tls.texi, doc/latex/gnutls.bib: 
	updated heartbeat text

2012-09-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2012-09-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.2

2012-09-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c: Handle heartbeat packets with zero payload,
	and account for the payload length when sending a heartbeat of fixed
	size.

2012-09-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark.c: benchmark time was increased.

2012-09-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/minitasn1/Makefile.am, lib/minitasn1/coding.c,
	lib/minitasn1/decoding.c, lib/minitasn1/element.c,
	lib/minitasn1/errors.c, lib/minitasn1/gstr.c, lib/minitasn1/gstr.h,
	lib/minitasn1/hash.c, lib/minitasn1/int.h,
	lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
	lib/minitasn1/parser_aux.h, lib/minitasn1/structure.c,
	lib/minitasn1/structure.h: Updated to minitasn1 3.0

2012-09-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: updated cross.mk

2012-09-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: added missing tpm.h header

2012-09-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/Makefile.am, extra/Makefile.am, lib/Makefile.am,
	src/Makefile.am, tests/Makefile.am, tests/suite/Makefile.am: All
	external libraries that were in LDFLAGS are moved into LIBADD/LDADD.  It also fixes order within LIBADD/LDADD so that libtool objects go
	first.  Patch by Bartosz Brachaczek.

2012-09-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/asn1random.pl, tests/suite/x509random.pl: updated
	copyright

2012-09-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, lib/openpgp/pgp.c: openpgp doc update

2012-09-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/asn1random.pl, tests/suite/x509random.pl: Added
	boilerplate.

2012-09-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/write-packet.c: simplified calculations

2012-09-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-09-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/kbnode.c, lib/opencdk/main.h, lib/opencdk/misc.c,
	lib/opencdk/read-packet.c, lib/opencdk/stream.c,
	lib/opencdk/write-packet.c: reduced verbosity and better debugging.

2012-09-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/new-packet.c: Corrected bug in PGP subpacket encoding

2012-09-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/Makefile.am, tests/suite/asn1random.pl,
	tests/suite/testrandom, tests/suite/x509random.pl: Added script to
	check against randomly generated certificates.

2012-09-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-dtls-heartbeat.c: removed unused label

2012-09-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/x509/verify-high.c: doc updates

2012-09-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/mini-dtls-heartbeat.c: Added a test of
	heartbeat ping exchange.

2012-09-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c, lib/auth/dh_common.c, lib/auth/rsa.c,
	lib/auth/rsa_export.c, lib/auth/srp_passwd.c, lib/crypto-backend.c,
	lib/ext/heartbeat.c, lib/ext/safe_renegotiation.c,
	lib/gnutls_constate.c, lib/gnutls_handshake.c, lib/gnutls_pubkey.c,
	lib/gnutls_session_pack.c, lib/gnutls_str.c, lib/gnutls_x509.c,
	lib/nettle/pk.c, lib/opencdk/armor.c, lib/opencdk/keydb.c,
	lib/opencdk/literal.c, lib/opencdk/stream.c,
	lib/opencdk/write-packet.c, lib/pkcs11.c, lib/x509/ocsp_output.c,
	lib/x509/pkcs12.c: several cleanups

2012-09-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/privkey.c: corrected bug in gnutls_x509_privkey_sign_data

2012-09-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c: All openpgp code moved within ENABLE_OPENPGP

2012-09-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/manpages/Makefile.am: updated makefiles

2012-09-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-gtls-app.texi, lib/gnutls_dtls.c,
	lib/gnutls_dtls.h, lib/gnutls_int.h, lib/gnutls_record.c: Correctly
	restore gnutls_record_recv() in DTLS mode if interrupted during the
	retrasmition of handshake data.

2012-09-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c: Allow for pinging until timeout.

2012-09-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c: corrected time

2012-09-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2012-09-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c: fixed copyright

2012-09-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi, lib/ext/heartbeat.c, lib/ext/heartbeat.h,
	lib/gnutls_int.h, lib/gnutls_state.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Better handling
	of timeouts.

2012-09-21  Simon Josefsson <simon@josefsson.org>

	* lib/ext/heartbeat.c, lib/gnutls_psk.c, lib/tpm.c: GTK-DOC fixes.

2012-09-21  Simon Josefsson <simon@josefsson.org>

	* lib/algorithms/cert_types.c, lib/tpm.c, lib/x509/common.c,
	lib/x509/ocsp_output.c: More GTK-DOC warning fixes.

2012-09-21  Simon Josefsson <simon@josefsson.org>

	* doc/reference/gnutls-docs.sgml: Also include tpm.h in GTK-DOC
	manual.

2012-09-21  Simon Josefsson <simon@josefsson.org>

	* doc/reference/Makefile.am, lib/gnutls_ui.c,
	lib/includes/gnutls/abstract.h, lib/includes/gnutls/gnutls.h.in,
	lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/tpm.h,
	lib/pkcs11.c, lib/pkcs11_privkey.c, lib/tpm.c: Fix GTK-DOC warnings.

2012-09-21  Simon Josefsson <simon@josefsson.org>

	* configure.ac: Cleanup warning flags.

2012-09-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped versions

2012-09-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi: doc update

2012-09-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-09-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c, lib/gnutls_record.c, src/common.c,
	src/serv.c, src/socket.c, src/udp-serv.c: updates in heartbeat
	support

2012-09-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi: updated documentation

2012-09-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/ca-no-pathlen.pem,
	tests/cert-tests/no-ca-or-pathlen.pem: updated tests for new
	security levels

2012-09-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c, lib/ext/heartbeat.h, lib/gnutls_buffers.c,
	lib/gnutls_buffers.h, lib/gnutls_dtls.c, lib/gnutls_errors.c,
	lib/gnutls_handshake.c, lib/gnutls_handshake.h, lib/gnutls_int.h,
	lib/gnutls_record.c, lib/gnutls_record.h, lib/gnutls_state.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: several updates
	in the heartbeat handling code.

2012-09-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c, lib/x509/dn.c: Corrected issues

2012-09-20  Simon Josefsson <simon@josefsson.org>

	* configure.ac: Drop -Winline.

2012-09-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c: corrected usage of defines

2012-09-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, doc/manpages/Makefile.am: doc/manpages is handled the
	same as doc/

2012-09-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, doc/Makefile.am: compare-makefile is only executed
	during make dist.

2012-09-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c, lib/gnutls_int.h: DEFAULT_* -> DEFAULT_MAX_*

2012-09-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_int.h, lib/x509/verify-high.c: MAX_CERTS_TO_SORT ->
	DEFAULT_VERIFY_DEPTH

2012-09-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/secparams.c: corrected default

2012-09-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/secparams.c, lib/gnutls_x509.c,
	lib/includes/gnutls/gnutls.h.in: Increased security levels by adding
	insecure.

2012-09-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/gdoc: Allow negatives in enumerations.

2012-09-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: do not complain on overlength strings

2012-09-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_int.h, lib/gnutls_priority.c, lib/gnutls_state.c,
	lib/gnutls_state.h: gnutls_session_enable_compatibility_mode() is
	equivalent to %COMPAT priority string.

2012-09-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/secparams.c, lib/gnutls_int.h,
	lib/gnutls_priority.c, lib/gnutls_x509.c,
	lib/includes/gnutls/gnutls.h.in: Warn on certificate with weak
	security levels. (re)introduces GNUTLS_SEC_PARAM_WEAK.

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c, lib/gnutls_ui.c, lib/includes/gnutls/x509.h,
	lib/x509/verify-high.c, tests/chainverify-unsorted.c: Added
	verification flags GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN, which is
	enabled by default for verifying TLS sessions.

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c: removed a now redundant chain check

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c, tests/Makefile.am,
	tests/chainverify-unsorted.c: Added function to sort the provided
	certificate chain prior to verification.

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509.c, lib/x509/x509_int.h: avoid duplicate asn1
	structure initialization.

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/minitasn1/element.c, lib/minitasn1/int.h,
	lib/minitasn1/libtasn1.h: updated minitasn1

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am, m4/hooks.m4: Use the pkg-config macro to find
	libtasn1.

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/x509cert-tl.c: corrected typo

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/x509cert-tl.c: small updates

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/mpi.c, lib/x509/x509_int.h: removed old libtasn1
	requirements

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c: MAX_NAME_SIZE -> MAX_SERVER_NAME_SIZE

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: corrected sign

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.h: corrected prototypes

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
	lib/gnutls_cipher.c, lib/gnutls_int.h, lib/gnutls_priority.c,
	lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in: use a
	%STATELESS_COMPRESSION priority string instead of gnutls_init()
	flag.

2012-09-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_sig.c: corrected missing parameter

2012-09-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_int.h, lib/gnutls_priority.c, lib/gnutls_sig.c: Key
	usage violations are allowed when the COMPAT keyword is specified.  I've noticed in the SSL observatory data that most key usage bits in
	a certificate are set randomly (e.g., there are DSA certificates
	marked for encryption, and most RSA certificates marked for
	signature only are used for encryption anyway). There is no point of
	being strict in such environment.

2012-09-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: Do not ask unnecessary questions when signing a
	certificate (request).

2012-09-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_global.c, lib/system.c, lib/system.h: mingw32 support.
	Based on patch by LRN.

2012-09-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi, lib/gnutls_cipher.c,
	lib/gnutls_compress.c, lib/gnutls_compress.h, lib/gnutls_int.h,
	lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in: Added
	GNUTLS_STATELESS_COMPRESSION flag to gnutls_init().

2012-09-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/x509/privkey.c, src/certtool.c: Added
	gnutls_x509_privkey_get_pk_algorithm2(). Certtool prints the number
	of bits in a private key.

2012-09-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, lib/Makefile.am: Refer to files with explicit
	path. Patch by LRN.

2012-09-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/tests/ioctl.c: win32 fix. Patch by LRN.

2012-09-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/Makefile.am: libopts depends on libintl. Patch by LRN.

2012-09-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls.asn, lib/gnutls_asn1_tab.c, lib/pkix.asn,
	lib/pkix_asn1_tab.c: small optimizations in ASN.1 to save memory

2012-09-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi: Added a note on compression

2012-09-11  Ilya Tumaykin <itumaykin@gmail.com>

	* lib/nettle/wmnaf.c: Fix mpz_unitstbit compilation with GMP
	versions < 5.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-09-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c, tests/x509cert-tl.c: When requested
	gnutls_x509_trust_list_deinit() will deinitialized all certs
	(including the named)

2012-09-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509.c: Use the new asn1_read_node_value()

2012-09-03  Marti Raudsepp <marti@juffo.org>

	* lib/x509/verify-high2.c, tests/x509cert-tl.c: Fix
	gnutls_x509_trust_list_add_trust_mem with DER-format certificates.  The function took a "type" argument and then happily proceeded to
	ignore it and try PEM format anyway.  Most importantly, this makes gnutls_x509_trust_list_add_system_trust
	work on Windows, which loads DER certificates using this function.
	I'll be damned if that actually ever worked properly -- certainly
	not in any git version. :) Also added test for gnutls_x509_trust_list_add_trust_mem.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-09-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: added upload directive

2012-09-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/makeshell.c, src/serv.c: mingw64 compilation fixes

2012-09-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: updated libs

2012-09-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c, lib/system.c: The default
	system_recv_timeout() doesn't include a call to recv() to avoid
	issue in few systems.

2012-09-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-handshake-timeout.c: increased timeouts

2012-09-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c: dump the errno received by select

2012-09-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c: removed unused code

2012-09-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c: use errno_to_gerr() in
	_gnutls_io_check_recv().

2012-09-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c, lib/gnutls_state.c: Do not repeatedly set
	timeout

2012-09-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-09-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/abstract_int.h, lib/ext/signature.c, lib/gnutls_pubkey.c,
	lib/gnutls_sig.c: Be tolerant is ECDSA-violating signatures.

2012-09-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/testcompat-main: Added server mode tests for the
	various EC curves.

2012-09-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-intro-tls.texi,
	doc/invoke-gnutls-cli.texi, doc/invoke-gnutls-serv.texi,
	doc/manpages/Makefile.am: Added heartbeat functions

2012-09-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/certs/cert-ecc256.pem, tests/certs/cert-ecc384.pem,
	tests/certs/cert-ecc521.pem, tests/certs/ecc256.pem,
	tests/certs/ecc384.pem, tests/certs/ecc521.pem,
	tests/suite/testcompat-main: Added suite for ECDSA under various
	curves

2012-09-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-08-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/Makefile.am, lib/nettle/ecc.h,
	lib/nettle/ecc_make_key.c, lib/nettle/ecc_mulmod.c,
	lib/nettle/ecc_mulmod_cached.c, lib/nettle/ecc_mulmod_timing.c,
	lib/nettle/ecc_mulmod_wmnaf.c,
	lib/nettle/ecc_mulmod_wmnaf_cached.c,
	lib/nettle/ecc_projective_add_point.c,
	lib/nettle/ecc_projective_add_point_ng.c,
	lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_verify_hash.c,
	lib/nettle/pk.c: Removed unused ECC code.  Renamed ecc_mulmod_wmnaf -> ecc_mulmod Renamed
	ecc_projective_add_point_ng -> ecc_projective_add_point

2012-08-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c, lib/ext/heartbeat.h, lib/gnutls_int.h,
	lib/gnutls_record.c, lib/gnutls_state.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli-args.c,
	src/cli-args.h, src/cli.c, src/serv-args.c, src/serv-args.h,
	src/serv.c, src/tests.c: Some small optimizations in heartbeat
	handling and regeneration of src/ args files.

2012-08-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_state.c: removed unneeded test

2012-08-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tests.c, src/tests.h, src/tls_test.c: removed unneeded test.

2012-08-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/server_name.c, lib/ext/session_ticket.c, lib/ext/srp.c,
	lib/gnutls_session_pack.c, lib/gnutls_str.h: BUFFER_APPEND_PFX is no
	more. Replaced with BUFFER_APPEND_PFX4

2012-08-28  Olga <olyasib12@gmail.com>

	* doc/cha-internals.texi, doc/cha-intro-tls.texi,
	doc/manpages/Makefile.am, doc/protocol/rfc6520.txt, lib/debug.c,
	lib/ext/Makefile.am, lib/ext/heartbeat.c, lib/ext/heartbeat.h,
	lib/gnutls_buffers.c, lib/gnutls_errors.c, lib/gnutls_extensions.c,
	lib/gnutls_int.h, lib/gnutls_record.c, lib/gnutls_record.h,
	lib/gnutls_state.c, lib/gnutls_str.h,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
	src/cli-args.def, src/cli.c, src/common.c, src/serv-args.def,
	src/serv.c, src/socket.c, src/tests.c, src/tests.h, src/tls_test.c: 
	Added Heartbeat extension support.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-08-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/ecc_mulmod_wmnaf_cached.c: corrected deinitialization
	of wmnaf cache.

2012-08-30  Ilya Tumaykin <itumaykin@gmail.com>

	* lib/gnutls_global.c, lib/gnutls_global.h, lib/nettle/Makefile.am,
	lib/nettle/ecc.h, lib/nettle/ecc_make_key.c,
	lib/nettle/ecc_mulmod_wmnaf.c,
	lib/nettle/ecc_mulmod_wmnaf_cached.c,
	lib/nettle/ecc_projective_add_point.c,
	lib/nettle/ecc_projective_add_point_ng.c,
	lib/nettle/ecc_projective_dbl_point_3.c,
	lib/nettle/ecc_projective_isneutral.c,
	lib/nettle/ecc_projective_negate_point.c,
	lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
	lib/nettle/ecc_verify_hash.c, lib/nettle/init.c, lib/nettle/pk.c,
	lib/nettle/wmnaf.c: wMNAF-based multiplication Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-08-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: Added extension in TODO list

2012-08-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: On Linux with /proc/sys/net/ipv6/bindv6only == 0
	(which is now the default), gnutls-serv cannot listen on ipv6. Patch
	by Bernhard R. Link.

2012-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pk.c, lib/gnutls_pk.h, lib/pkcs11_privkey.c: simplified
	ECDSA/DSA signature generation in tokens.

2012-08-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-08-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/pk.c: Revert "Use _gnutls_dsa_q_to_hash() only for
	warning reasons." This reverts commit 8bb82a3d386abc1c59cb16d3a6d8c68fb66a2170.

2012-08-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11_privkey.c: fix DSA and ECDSA signing in smart cards.

2012-08-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c: null terminate the certificate being print

2012-08-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/pk.c: Use _gnutls_dsa_q_to_hash() only for warning
	reasons.

2012-08-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-08-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-common.c, src/certtool-common.h, src/certtool.c: 
	Changes in password handling of certtool.  Ask password when required and only if the '--password' option is
	not given.  If the '--password' option is given during key
	generation then assume the PKCS #8 format.

2012-08-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/privkey_pkcs8.c: Prevent the usage of strlen() on null
	values.

2012-08-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c: doc update

2012-08-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: added new items

2012-08-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: updated

2012-08-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: heartbeat support is no longer in the todo

2012-08-24  Simon Josefsson <simon@josefsson.org>

	* tests/suppressions.valgrind: Fix suppression rules.

2012-08-24  Simon Josefsson <simon@josefsson.org>

	* .gitignore: Sort and add doc/tpm-api.texi.

2012-08-24  Simon Josefsson <simon@josefsson.org>

	* configure.ac: Silence automake warning.

2012-08-24  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/Makefile.am: Generate manpages for tpm.h.

2012-08-19  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/Makefile.am: Generated.

2012-08-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, lib/gnutls_cert.c: doc fix

2012-08-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c: remove debugging

2012-08-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_sig.c: When signing use the private key's algorithm.

2012-08-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.h, lib/gnutls_cert.c, lib/gnutls_x509.c,
	lib/openpgp/gnutls_openpgp.c, lib/openpgp/pgp.c,
	lib/openpgp/privkey.c: Use the preferred key ID when reading the
	pk_algorithm in openpgp keys.  gnutls_openpgp_*_get_pk_algorithm() returns the algorithm of the
	preferred key ID if set.

2012-08-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: Added missing functions

2012-08-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/ext/signature.c, lib/ext/signature.h, lib/gnutls_int.h,
	lib/gnutls_sig.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map: Added gnutls_sign_algorithm_get().

2012-08-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-handshake-timeout.c: removed unused variable

2012-08-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms.h, lib/algorithms/sign.c, lib/ext/signature.c,
	lib/gnutls_pubkey.c, lib/gnutls_sig.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, lib/x509/crq.c,
	lib/x509/verify.c: gnutls_sign_get_pk_algorithm and
	gnutls_sign_get_hash_algorithm were exported.

2012-08-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/signature.c: When selecting a session signature algorithm
	consider the enabled.

2012-08-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool.c: No need to ask for key password on registered keys.

2012-08-16  Mark Brand <mabrand@mabrand.nl>

	* lib/system.c: fix case of include file Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-08-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c, lib/gnutls_priority.c, lib/gnutls_record.c: 
	fix warnings

2012-08-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: Avoid stray return when compiling without trousers.

2012-08-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-handshake-timeout.c: avoid memory leak

2012-08-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, NEWS: updates

2012-08-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: No need to require the private key to be present
	when generating a certificate.

2012-08-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: Link srptool with libintl. Suggested by B. Scott
	Michel.

2012-08-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated news

2012-08-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, lib/gnutls_priority.c: Security levels can
	be combined as priority strings.

2012-08-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-08-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-handshake-timeout.c: small updates in
	mini-handshake-timeout

2012-08-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi: document gnutls_random_art

2012-08-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/mini-handshake-timeout.c: Added test that
	checks the handshake timeout.

2012-08-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated news

2012-08-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: doc update

2012-08-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk, doc/Makefile.am: the new makeinfo sets the FLOAT_NAME by
	default.

2012-08-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk: corrected html generation

2012-08-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk: updated html doc

2012-08-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: doc update

2012-08-09  Simon Josefsson <simon@josefsson.org>

	* guile/src/Makefile.am: Add gnulib -I's to guile-snarf command.

2012-08-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/gnutls.texi: use  FLOAT_NAME_IN_XREF

2012-08-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, doc/cha-gtls-app.texi,
	doc/examples/ex-client-anon.c, doc/examples/ex-client-dtls.c,
	doc/examples/ex-client-psk.c, doc/examples/ex-client-resume.c,
	doc/examples/ex-client-srp.c, doc/examples/ex-client-x509.c,
	lib/gnutls_handshake.c, lib/gnutls_int.h,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli.c: 
	gnutls_handshake_timeout() -> gnutls_handshake_set_timeout()

2012-08-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, doc/cha-gtls-app.texi,
	doc/examples/ex-client-anon.c, doc/examples/ex-client-dtls.c,
	doc/examples/ex-client-psk.c, doc/examples/ex-client-resume.c,
	doc/examples/ex-client-srp.c, doc/examples/ex-client-x509.c,
	lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_handshake.c,
	lib/gnutls_int.h, lib/gnutls_record.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli.c: Added
	gnutls_handshake_timeout().

2012-08-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-upgrade.texi: document the deprecated functions in 3.1.x

2012-08-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-shared-key.texi: document the alloc functions

2012-08-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, build-aux/config.rpath, configure.ac: released

2012-08-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/gnutls.texi: distribute all generated files

2012-08-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented TPM support

2012-08-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_rsa_export.c: corrected typo

2012-08-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2012-08-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c, lib/pkcs11_privkey.c, lib/tpm.c: documentation
	fixes.

2012-08-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/gnutls.texi: better doc output

2012-08-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am: no need for libgnutlsxx.map

2012-08-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-cert-select.c, doc/invoke-certtool.texi,
	tests/pkcs12-decode/Makefile.am: corrected example and added missing
	files.

2012-08-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: confirm password on key generation.

2012-08-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_privkey.c, lib/gnutls_x509.c,
	lib/includes/gnutls/abstract.h, lib/includes/gnutls/x509.h,
	lib/x509/pkcs12_encr.c, lib/x509/privkey.c,
	lib/x509/privkey_pkcs8.c, src/certtool-args.c,
	src/certtool-args.def, src/certtool-args.h, src/certtool-common.h,
	src/certtool.c, src/cli.c, tests/pkcs12-decode/pkcs12: Restored
	ability to decrypt PKCS #8 and #12 keys with a NULL password.
	Certtool now accepts the option --null-password.

2012-08-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: Exit with an error code if a PKCS #12 structure
	cannot be decrypted.

2012-07-26  Petr Písař <petr.pisar@atlas.cz>

	* src/certtool.c: Respect certtool --hash when signing request and
	CRL The certtool hard-codes the digest algorithm despite '--hash' option
	exists.  This patch allows user to choose the algorithm when signing
	certificate request or certificate revocation list.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-07-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am, lib/pin.c, lib/pin.h, lib/pkcs11.c,
	lib/pkcs11_int.h, lib/tpm.c: PIN-related functions common to TPM and
	PKCS #11 moved to pin.c.

2012-07-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-tpmtool.texi, doc/manpages/tpmtool.1,
	lib/includes/gnutls/tpm.h, lib/tpm.c, src/tpmtool.c: 
	GNUTLS_TPMKEY_FMT_PEM renamed to GNUTLS_TPMKEY_FMT_CTK_PEM

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool-args.c, src/tpmtool-args.def, src/tpmtool-args.h,
	src/tpmtool.c: tpmtool now accepts the --inder and --outder options.

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/abstract.h, lib/includes/gnutls/tpm.h,
	lib/tpm.c: Separated TPM key encodings from the X.509 certificates.  Added two TPM-specific encodings the DER and PEM. Even though they
	look to be related the are not. The DER encoding is the one provided
	using Tspi_EncodeDER_TssBlob, and the PEM is the compatibility
	encoding used by create_tpm_key.

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/gnutls.h.in: doc fixes

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/mytexi2latex: handle noindent

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-tokens.texi: more elaborate PIN
	documentation

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/gdoc: handle more complex enums

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi: discussed the generic and openssl privkey
	import functions.

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-library.texi: added tpm flag

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi, doc/latex/macros.tex: more doc fixes

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c, lib/x509/pkcs12.c: doc fix

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/Makefile.am, doc/latex/gnutls.tex: doc updates

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi: more set_pin functions.

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c: set PIN function when reading a certificate

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-cert-select-pkcs11.c,
	lib/includes/gnutls/gnutls.h.in, lib/pkcs11.c, lib/pkcs11_write.c,
	lib/tpm.c, src/common.c, src/pkcs11.c: GNUTLS_PKCS11_PIN ->
	GNUTLS_PIN

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/openpgp-auth.c, tests/openpgp-auth2.c: use stack for file
	paths

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/invoke-tpmtool.texi, doc/manpages/tpmtool.1: 
	doc updates

2012-07-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/tpm.c: Increate the entropy of TPM when generating keys.  When generating a key in TPM provide it with some randomness using
	Tspi_TPM_StirRandom(). Suggested by Carolin Latze.

2012-07-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* m4/hooks.m4: Force dependency on nettle 2.5.

2012-07-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/Makefile.am, doc/manpages/tpmtool.1: Added tpmtool
	manpage.

2012-07-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool-args.c, src/tpmtool-args.def, src/tpmtool-args.h: 
	updated TPM doc

2012-07-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/certtool-common.c, src/certtool-common.h,
	src/certtool.c, src/cli.c, src/common.c, src/common.h,
	src/p11common.c, src/p11common.h, src/pkcs11.c, src/serv.c: 
	Eliminated p11common.c.

2012-07-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/x509.h,
	lib/libgnutls.map, lib/pkcs11.c, lib/x509/x509.c,
	lib/x509/x509_int.h: PKCS #11 PIN handling fixes.  Added gnutls_x509_crt_set_pin_function() and set the PIN handling
	function in gnutls_privkey_import_pkcs11_url().

2012-07-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Check for /etc/ssl/cert.pem in OpenBSD. Reported by
	David Woodhouse and Mike Miller.

2012-07-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/openpgp-auth.c, tests/openpgp-auth2.c: Avoid the usage of
	alloca(). Reported by Rob McMahon.

2012-07-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/cipher.c: Avoid returning from void function. Patch by
	Rob McMahon.

2012-07-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi: better title

2012-07-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi: mention the context specific PIN functions.

2012-07-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, doc/cha-cert-auth2.texi,
	doc/cha-functions.texi, doc/cha-gtls-app.texi,
	doc/cha-library.texi, doc/cha-tokens.texi, doc/gnutls.texi,
	doc/invoke-tpmtool.texi, lib/gnutls_ui.c, lib/gnutls_x509.c: Added
	documentation for TPM keys.

2012-07-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/snippet/_Noreturn.h, gl/Makefile.am, gl/alloca.in.h,
	gl/argp-ba.c, gl/argp-help.c, gl/argp-parse.c, gl/argp-pv.c,
	gl/fseeko.c, gl/fseterr.c, gl/fseterr.h, gl/fstat.c, gl/gettext.h,
	gl/m4/argp.m4, gl/m4/extensions.m4, gl/m4/fdopen.m4,
	gl/m4/frexp.m4, gl/m4/frexpl.m4, gl/m4/fseterr.m4, gl/m4/getopt.m4,
	gl/m4/gettext.m4, gl/m4/gnulib-common.m4, gl/m4/gnulib-comp.m4,
	gl/m4/intdiv0.m4, gl/m4/intlmacosx.m4, gl/m4/largefile.m4,
	gl/m4/ldexpl.m4, gl/m4/lock.m4, gl/m4/mmap-anon.m4,
	gl/m4/multiarch.m4, gl/m4/nocrash.m4, gl/m4/printf-frexpl.m4,
	gl/m4/printf.m4, gl/m4/signbit.m4, gl/m4/stdio_h.m4,
	gl/m4/strerror_r.m4, gl/m4/strndup.m4, gl/m4/sys_time_h.m4,
	gl/m4/threadlib.m4, gl/m4/time_h.m4, gl/m4/time_r.m4,
	gl/m4/visibility.m4, gl/printf-parse.c, gl/signal.in.h,
	gl/stdint.in.h, gl/stdio-impl.h, gl/stdlib.in.h,
	gl/sys_select.in.h, gl/tests/init.sh, gl/tests/minus-zero.h,
	gl/tests/stat.c, gl/tests/test-alloca-opt.c,
	gl/tests/test-malloca.c, gl/tests/test-select.h,
	gl/tests/test-time.c, gl/timespec.h, gl/unistd.in.h,
	gl/vasnprintf.c, maint.mk: Updated gnulib.

2012-07-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-cipher.c, src/benchmark-tls.c, src/benchmark.c,
	src/benchmark.h: print average time per transaction and sample
	variance.

2012-07-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-tls.c: Client credentials initialization moved
	outside benchmark

2012-07-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c, lib/tpm.c: Callbacks are being called even if a
	global PIN functions is not set.

2012-07-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, lib/auth/cert.h, lib/gnutls_x509.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Allow
	association of a PIN function with a credentials structure.  This function will be used to override any globally set ones.

2012-07-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: return value fix

2012-07-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented updates

2012-07-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, doc/cha-cert-auth2.texi,
	lib/includes/gnutls/pkcs11.h, lib/libgnutls.map, lib/pkcs11.c: 
	Removed newly added functions and added
	gnutls_pkcs11_get_pin_function().

2012-07-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/abstract_int.h, lib/gnutls_int.h, lib/gnutls_privkey.c,
	lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
	lib/includes/gnutls/pkcs11.h, lib/libgnutls.map, lib/pkcs11.c,
	lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/pkcs11_secret.c,
	lib/pkcs11_write.c, lib/tpm.c: Added PIN callbacks in structures
	that may require PIN access to override the global callbacks.

2012-07-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/pkcs11.h,
	lib/pkcs11.c, lib/pkcs11_int.h, lib/pkcs11_privkey.c,
	lib/pkcs11_write.c: PIN callback function was made more generic than
	PKCS #11.

2012-07-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: added missing functions

2012-07-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool.c: signing keys are generated by default

2012-07-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/tpm.c: random uuids are marked as such

2012-07-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/gnutls_ui.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
	src/certtool-common.c, src/cli.c: Added gnutls_url_is_supported()

2012-07-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/tpm.c: doc fix

2012-07-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool-args.c, src/tpmtool-args.def, src/tpmtool-args.h,
	src/tpmtool.c: Allow generation of system and user keys.

2012-07-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/tpm.h, lib/tpm.c: Allow handling of user and
	system keys.

2012-07-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c, lib/includes/gnutls/abstract.h, lib/tpm.c: 
	minor fixes in TPM code

2012-07-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool-args.c, src/tpmtool-args.def, src/tpmtool-args.h,
	src/tpmtool.c: Enabled the generation of signing keys.

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, doc/cha-cert-auth2.texi,
	lib/gnutls_privkey.c, lib/gnutls_pubkey.c,
	lib/includes/gnutls/abstract.h, lib/libgnutls.map, src/cli.c: Added
	functions that import any kind of URL into abstract public and
	private keys.  Added:  gnutls_pubkey_import_url()  gnutls_privkey_import_url()

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c: When verifying a certificate chain make
	sure it is chain.  If the chain is interrupted (wrong) at some point then truncate,
	only try to verify the correct part. Patch by David Woodhouse.

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-common.c, src/cli.c: Allow gnutls-cli to be used with
	tpmkey urls

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/abstract.h, lib/tpm.c: Added flag to disable
	the use of callbacks in TPM keys.

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c, lib/gnutls_x509.c,
	lib/includes/gnutls/abstract.h, lib/libgnutls.map, lib/tpm.c,
	src/certtool-common.c, src/tpmtool.c: Added ability to request PIN
	from a TPM URL. It uses the PKCS11 PIN function.

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool.c: corrected function call

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS, doc/cha-cert-auth2.texi,
	lib/includes/gnutls/pkcs11.h, lib/libgnutls.map, lib/pkcs11.c: Added
	gnutls_pkcs11_advset_pin_function and
	gnutls_pkcs11_advset_token_function

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/tpm.h, lib/tpm.c: doc fix

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/tpm.c: do not list parent in URL.

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c: Allow tpmkey: urls in set_key_file()

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-common.c, src/tpmtool.c: Added support for legacy key

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am: documented updates

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool-args.c, src/tpmtool-args.def, src/tpmtool-args.h,
	src/tpmtool.c: pubkey option can now accept a url

2012-07-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_errors.c, lib/gnutls_str.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, lib/tpm.c: small
	fixes in TPM support

2012-07-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c, lib/gnutls_handshake.h: internal functions
	marked as static

2012-07-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/includes/gnutls/tpm.h, lib/libgnutls.map, lib/tpm.c,
	src/tpmtool-args.c, src/tpmtool-args.def, src/tpmtool-args.h,
	src/tpmtool.c: Added functions to handle TPM stored keys.  Not everything is on working state.

2012-07-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/abstract.h, lib/tpm.c: Allow importing a
	public key from UUID

2012-07-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/tpm.h, lib/tpm.c: Added the option to register
	a key

2012-07-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/abstract.h, lib/tpm.c: Added option to load a
	TPM key from an UUID (untested)

2012-07-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/tpm.c: Common handling of error codes.

2012-07-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_errors.c, lib/includes/gnutls/gnutls.h.in, lib/tpm.c: 
	combined TPM initialization.

2012-07-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/tpm.c, src/tpmtool-args.c, src/tpmtool-args.def,
	src/tpmtool-args.h, src/tpmtool.c: TPM key generation allows for
	arbitrary RSA key bits, but quantizes them to the minimum allowed
	value that is larger than input.

2012-07-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, lib/includes/gnutls/abstract.h,
	lib/libgnutls.map, lib/tpm.c, src/certtool-common.c,
	src/certtool-common.h, src/certtool.c, src/tpmtool-args.c,
	src/tpmtool-args.def, src/tpmtool-args.h, src/tpmtool.c: Added
	functionality to extract the pubkey key from a TPM key.  Added new function gnutls_pubkey_import_tpm_raw(). tpmtool can now
	print the pubkey key from a TPM key.

2012-07-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dh_primes.c, lib/gnutls_pubkey.c, lib/tpm.c,
	lib/x509/common.c, lib/x509/crl.c, lib/x509/crq.c,
	lib/x509/pkcs12.c, lib/x509/pkcs7.c, lib/x509/privkey.c,
	lib/x509/privkey_pkcs8.c, lib/x509/x509.c, lib/x509_b64.c,
	lib/x509_b64.h: simplified base64 encoding/decoding functions by
	using a datum.

2012-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool-args.c, src/tpmtool-args.def, src/tpmtool-args.h: no
	url in tpmtool

2012-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_errors.c, lib/includes/Makefile.am,
	lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/tpm.h,
	lib/libgnutls.map, lib/pkcs11_privkey.c, lib/tpm.c,
	lib/x509/common.c, lib/x509/common.h, src/Makefile.am,
	src/tpmtool-args.c, src/tpmtool-args.def, src/tpmtool-args.h,
	src/tpmtool.c: Added tpmtool.  It is a tool to generate TPM private keys. In addition
	gnutls_tpm_privkey_generate() was added.

2012-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am: no tpm test

2012-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_errors.c, lib/includes/gnutls/abstract.h,
	lib/includes/gnutls/gnutls.h.in, lib/tpm.c, tests/Makefile.am: 
	distinguish password errors and use the internal octet string
	decoding functions.

2012-07-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, doc/Makefile.am, lib/Makefile.am,
	lib/gnutls_errors.c, lib/includes/gnutls/abstract.h,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, lib/pkcs11.c,
	lib/pkcs11_int.h, lib/pkcs11_privkey.c, lib/tpm.c: Added initial
	support for TPM keys.

2012-07-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c: A deinit function implies
	GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE. Based on patch by David
	Woodhouse.

2012-07-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_privkey.c, lib/includes/gnutls/abstract.h,
	lib/libgnutls.map: Added gnutls_privkey_import_ext2() This function allows to specify a deinitialization function.

2012-07-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/x509.h, lib/x509/privkey.c,
	lib/x509/privkey_openssl.c: gnutls_x509_privkey_import_openssl()
	works only with PEM files.

2012-07-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/privkey_openssl.c: comment put in context

2012-07-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/privkey_openssl.c: Check for PEM headers before DEK-Info.

2012-07-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/privkey.c: Handle EC DER keys.

2012-07-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, tests/Makefile.am, tests/eagain-common.h,
	tests/mini-emsgsize-dtls.c: Added test application that tests
	GNUTLS_E_LARGE_PACKET and modifies the MTU size during handshake.

2012-06-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: added missing function

2012-06-30  David Woodhouse <David.Woodhouse@intel.com>

	* lib/gnutls_record.c: Return GNUTLS_E_LARGE_PACKET instead of
	truncating when sending DTLS record Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-06-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: fix

2012-06-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: no need to check for DTLS

2012-06-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: no need for _gnutls prefix.

2012-06-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: only block ciphers need 1 byte padding.

2012-06-29  David Woodhouse <David.Woodhouse@intel.com>

	* lib/gnutls_dtls.c: Fix documentation for gnutls_dtls_set_mtu() It *isn't* the interface MTU, it's the transport MTU.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-06-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: sign fixes

2012-06-29  David Woodhouse <David.Woodhouse@intel.com>

	* lib/gnutls_dtls.c, lib/includes/gnutls/dtls.h, lib/libgnutls.map: 
	Add gnutls_dtls_set_data_mtu() Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-06-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c, lib/gnutls_int.h, lib/gnutls_state.c,
	lib/gnutls_state.h: gnutls_dtls_get_data_mtu() is more precise.
	Based on patch by David Woodhouse.

2012-06-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c: cleaned up errno handling.

2012-06-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/accelerated/cryptodev.c, lib/algorithms/ciphers.c,
	lib/includes/gnutls/gnutls.h.in, lib/nettle/cipher.c,
	lib/x509/privkey_openssl.c: Added Camellia-192-CBC algorithm
	identifier.  Based on patch by David Woodhouse.

2012-06-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/privkey_openssl.c: Included more algorithms in openssl
	privkey decryption.

2012-06-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, lib/gnutls_privkey.c,
	lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/x509/Makefile.am, lib/x509/privkey.c,
	lib/x509/privkey_openssl.c, lib/x509_b64.c, lib/x509_b64.h,
	src/certtool.c: Added functions gnutls_x509_privkey_import2 and
	gnutls_x509_privkey_import_openssl.  The former imports keys in arbitrary formats and the latter imports
	openssl keys (unfinished).

2012-06-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: doc fixes

2012-06-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: document the gnutls_pcert_st

2012-06-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-cert-select.c: use new functions.

2012-06-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-cert-auth2.texi,
	doc/invoke-certtool.texi: doc fix

2012-06-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, lib/gnutls_buffers.c, lib/gnutls_errors.c,
	lib/gnutls_record.c, lib/system.c: Return GNUTLS_E_LARGE_PACKET when
	errno is EMSGSIZE

2012-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-extras.c: added missing file

2012-06-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/certtool-common.c, src/certtool-common.h: 
	Splitted Lucas' contribution to allow incorporation.

2012-06-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.c, src/certtool-args.def, src/certtool-args.h: 
	Dot require load-privkey for to-p12

2012-06-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c: document limitations

2012-06-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, THANKS, src/certtool-common.c: Updated Lucas' patch

2012-06-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_ui.c: updated doc

2012-06-23  Lucas Fisher <lucas.fisher@gmail.com>

	* src/certtool-common.c, src/certtool-common.h, src/certtool.c: 
	Certtool exports multiple keys in PKCS12 file Update certtool to export multiple keys in a PKCS12 file so multiple
	certificate/key pairs may be included in one file.  - Add load_privkey_list() so that --load-privkey loads multiple keys - Change generate_pkcs12() to add multiple keys to the PKCS12 file Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-06-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c, lib/gnutls_ui.c, lib/pkcs11.c: updated
	versions

2012-06-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-cert-auth2.texi, lib/gnutls_privkey.c,
	lib/gnutls_ui.c, lib/includes/gnutls/abstract.h, lib/libgnutls.map,
	src/cli.c: Added functions to directly load a private key.  They allow loading a data buffer into a gnutls_privkey_t without
	going through cumbersome convertions.

2012-06-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_ui.c, lib/includes/gnutls/gnutls.h.in: Added
	gnutls_load_file().

2012-06-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c, lib/pkcs11_privkey.c: Use the label when looking for
	a certificate or private key in PKCS #11.  Patch by David Woodhouse.

2012-06-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/libgnutls.map: moved symbol

2012-06-15  Diego Elio Pettenò <flameeyes@flameeyes.eu>

	* src/Makefile.am: build: make sure to declare the generated source
	files as BUILT_SOURCES This allows proper building when using parallel make on a multi-core
	system.  Signed-off-by: Diego Elio Pettenò <flameeyes@flameeyes.eu>
	Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-06-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls-stress.c: correct comparison of sent data in
	dtls-stress.

2012-06-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c: small fix

2012-06-11  Simon Josefsson <simon@josefsson.org>

	* NEWS, lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
	lib/minitasn1/errors.c, lib/minitasn1/gstr.c, lib/minitasn1/int.h,
	lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
	lib/minitasn1/version.c: Update to libtasn1 2.13.

2012-06-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: removed old news entry

2012-06-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: updated TODO

2012-06-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/pkcs12.h, lib/x509/pkcs12.c: Added flag
	GNUTLS_PKCS12_SP_INCLUDE_SELF_SIGNED for
	gnutls_pkcs12_simple_parse().

2012-06-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/pkcs12.c: deinitialize extra certs if they are empty.

2012-06-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-cert-select-pkcs11.c: Revert "documented
	pin_callback expectations." This reverts commit 2576a9d933e4f29f69a7182faa9c4210eeec8fee.

2012-06-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* AUTHORS, NEWS: added author of code.

2012-06-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2012-06-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c, lib/pkcs11_int.h, lib/pkcs11_privkey.c,
	lib/pkcs11_secret.c, lib/pkcs11_write.c: In tokens that allow
	multiple sessions make the private key session persistent.  This
	prevents asking for PIN on every private key operation.

2012-06-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: When generating a pkcs12 structure with multiple
	certificates set a friendly name only on the first one.

2012-06-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: removed entry which was included in 3.0.20

2012-06-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/privkey_pkcs8.c: Fixed leaks in PKCS #8 decoding

2012-06-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c, lib/includes/gnutls/pkcs12.h,
	lib/x509/pkcs12.c, tests/Makefile.am,
	tests/pkcs12-decode/Makefile.am, tests/pkcs12_simple.c: Changed
	prototype for gnutls_pkcs12_simple_parse() to simplify chain
	building.

2012-06-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-cert-select-pkcs11.c: documented pin_callback
	expectations.

2012-06-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c, src/cli.c, src/psk.c, src/serv.c, src/srptool.c,
	src/tls_test.c: removed unused functions.

2012-06-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c, src/cli.c: simplified check for win32

2012-06-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c: Print the fingerprint only in the first certificate
	in the chain.

2012-06-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: GNUTLS_E_ENCRYPTED_STRUCTURE is no more.

2012-06-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, lib/algorithms.h,
	lib/algorithms/ciphersuites.c, lib/algorithms/protocols.c,
	lib/gnutls_constate.c, lib/gnutls_handshake.c, lib/gnutls_int.h,
	lib/gnutls_kx.c, lib/gnutls_session_pack.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added support
	for an old version of the DTLS protocol used by openconnect vpn
	client for compatibility with Cisco's AnyConnect SSL VPN. It is
	marked as GNUTLS_DTLS0_9. Do not use it for newer protocols as it
	has issues.

2012-06-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: corrected function name

2012-06-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-gnutls-cli.texi, src/benchmark-tls.c,
	src/benchmark.h, src/cli-args.c, src/cli-args.def, src/cli-args.h,
	src/cli.c: Options --benchmark-tls was split to --benchmark-tls-kx

2012-06-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-tls.c: Added keys of equivalent security levels.

2012-06-06  Mark Brand <mabrand@mabrand.nl>

	* lib/gnutls_x509.c: add missing include wincrypt.h Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-06-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: mention retrieve_function2

2012-06-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/gnutls.h.in: corrected invalid char

2012-06-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-upgrade.texi, doc/latex/Makefile.am: updates in latex
	build

2012-06-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/gnutls.tex: no need for eurosans

2012-06-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/scripts/mytexi2latex: do not use
	@euro{}

2012-06-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/ar-lib, gl/Makefile.am, gl/errno.in.h, gl/fseeko.c,
	gl/fstat.c, gl/ftello.c, gl/lseek.c, gl/m4/dup2.m4,
	gl/m4/errno_h.m4, gl/m4/fseeko.m4, gl/m4/fstat.m4, gl/m4/ftello.m4,
	gl/m4/ftruncate.m4, gl/m4/getcwd.m4, gl/m4/getdelim.m4,
	gl/m4/getline.m4, gl/m4/gettimeofday.m4, gl/m4/gnulib-common.m4,
	gl/m4/gnulib-comp.m4, gl/m4/largefile.m4, gl/m4/lseek.m4,
	gl/m4/lstat.m4, gl/m4/malloc.m4, gl/m4/manywarnings.m4,
	gl/m4/memmem.m4, gl/m4/mmap-anon.m4, gl/m4/off_t.m4,
	gl/m4/putenv.m4, gl/m4/realloc.m4, gl/m4/setenv.m4,
	gl/m4/signbit.m4, gl/m4/sleep.m4, gl/m4/stat.m4, gl/m4/strerror.m4,
	gl/m4/symlink.m4, gl/m4/sys_stat_h.m4, gl/m4/sys_types_h.m4,
	gl/m4/ungetc.m4, gl/m4/unistd_h.m4, gl/m4/warnings.m4, gl/select.c,
	gl/stdint.in.h, gl/stdio.in.h, gl/strerror-override.c,
	gl/strerror-override.h, gl/sys_stat.in.h, gl/sys_types.in.h,
	gl/tests/binary-io.h, gl/tests/fcntl.in.h, gl/tests/ftruncate.c,
	gl/tests/ignore-value.h, gl/tests/init.sh, gl/tests/stat.c,
	gl/tests/test-binary-io.c, gl/tests/test-binary-io.sh,
	gl/tests/test-errno.c, gl/u64.h, gl/unistd.in.h, ltmain.sh,
	maint.mk: updated gnulib

2012-06-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/cert-tests/Makefile.am,
	tests/cert-tests/ca-certs.pem, tests/certs/ca-certs.pem: moved
	ca-certs.

2012-06-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* : updated

2012-06-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/abstract.h: stdarg.h is not needed

2012-06-05  Nikos Mavrogiannopoulos <nikos@esat.kuleuven.be>

	* NEWS, lib/gnutls_errors.c, lib/includes/gnutls/gnutls.h.in,
	lib/x509/pkcs12.c, lib/x509/privkey_pkcs8.c: Re-use
	GNUTLS_E_DECRYPTION_FAILED for encrypted structures.

2012-06-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c: small doc fix

2012-06-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, tests/Makefile.am, tests/mini-x509-2.c: Added new test
	program.

2012-06-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-cfg.c: print warning to stderr

2012-06-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi: doc updates

2012-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_errors.c, lib/includes/gnutls/gnutls.h.in,
	lib/x509/pkcs12.c, lib/x509/privkey_pkcs8.c, src/certtool.c: 
	Introduced GNUTLS_E_ENCRYPTED_STRUCTURE error code.  This error code
	is returned by encrypted key import functions such as
	gnutls_x509_privkey_import_pkcs8() and gnutls_pkcs12_simple_parse()
	when an encrypted structure is provided but no password is given.

2012-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/libgnutls.map: fixed symbol

2012-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, doc/manpages/Makefile.am: updated news
	entries

2012-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/openpgp/pgpverify.c: Verification in openpgp changed to
	ressemble the X.509 behavior.

2012-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/gnutls.h.in, lib/x509/verify-high.c,
	lib/x509/verify.c: Differentiate between signature failure and
	generic errors, by introducing the verification flag
	GNUTLS_CERT_SIGNATURE_FAILURE. Suggested by David Woodhouse.

2012-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/libgnutls.map: Removed duplicate entries and added an explicit
	local.

2012-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am, lib/libgnutlsxx.map: No need for version script
	for CPP programs.

2012-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: better function naming.

2012-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c, lib/includes/gnutls/pkcs12.h, lib/nettle/pk.c,
	lib/x509/pkcs12.c: gnutls_certificate_set_x509_simple_pkcs12_file()
	now imports certificate chain if it is present.
	gnutls_pkcs12_parse() was renamed to gnutls_pkcs12_simple_parse()

2012-06-01  David Woodhouse <David.Woodhouse@intel.com>

	* lib/gnutls_x509.c, lib/includes/gnutls/pkcs12.h,
	lib/libgnutls.map: Export parse_pkcs12() as gnutls_pkcs12_parse() Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-06-01  David Woodhouse <David.Woodhouse@intel.com>

	* lib/gnutls_x509.c: Make parse_pkcs12() return extra certificates
	too Optionally create a separate list, and return them for the caller to
	use as appropriate.  This also cleans up the error handling a little. There seemed to be
	a potential memory leak (of *key, for example) when returning errors
	after some information had already been extracted.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-06-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_str.h: minor documentation updates

2012-06-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509.c: doc updates

2012-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/gnutls.h.in: corrected text.

2012-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify.c: corrected typo

2012-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_ui.c: typo fix

2012-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c: Do not document old functions.

2012-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/privkey.c: documented behavior.

2012-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/privkey_pkcs8.c: Do not crash if password is null and
	GNUTLS_PKCS_PLAIN is not specified.

2012-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c: improved comments and added unlikely().

2012-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, lib/gnutls_buffers.c, tests/Makefile.am,
	tests/certs/ca-certs.pem, tests/mini-x509-cas.c: Corrected handling
	of handshake packets that span multiple records.

2012-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/Makefile.am: updated Makefile

2012-05-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: documentation update

2012-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* : updated

2012-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c: corrected typo

2012-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_session_pack.c: corrected data copy

2012-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-cfg.c: MAX_ENTRIES increased to 128.

2012-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: Updated documentation on DTLS.

2012-05-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-examples.texi: updated documentation

2012-05-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am: updated Makefile.

2012-05-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk, win32/.gitignore: updated cross compilation makefile.

2012-05-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am, lib/gnutls_x509.c, lib/system.c,
	lib/x509/verify-high2.c: Added support for windows trusted
	certificate store

2012-05-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: updated cross compilation makefile

2012-05-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2012-05-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: no need to distribute postscript

2012-05-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, lib/gnutls_x509.c, lib/x509/verify-high2.c: Added
	the notion of a default CRL file.

2012-05-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
	doc/cha-shared-key.texi, doc/examples/ex-client-x509.c: updated doc

2012-05-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-gnutls-cli.texi: updated

2012-05-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: Added DevPak package.

2012-05-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c: corrected doc.

2012-05-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: document nettle requirement

2012-05-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.h: no need for netinet/ip.h

2012-05-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify.c: When checking for an issuer check for a match
	in the key identifiers.

2012-05-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli-args.c, src/cli-args.def, src/cli-args.h, src/cli.c: Added
	the --dh-bits option to gnutls-cli.

2012-05-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-client-dtls.c, doc/examples/ex-client-resume.c,
	doc/examples/ex-client-srp.c, doc/examples/ex-client-x509.c,
	doc/examples/ex-serv-x509.c, lib/gnutls_x509.c: Be more conservative
	with examples and changed semantics of
	gnutls_certificate_set_x509_system_trust().
	gnutls_certificate_set_x509_system_trust() returns
	GNUTLS_E_UNIMPLEMENTED_FEATURE on systems that do not have a (known)
	default trust store.

2012-05-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/pk.c: documented function.

2012-05-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c: updated

2012-05-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am, lib/gnutls_pubkey.c,
	lib/includes/gnutls/abstract.h, lib/nettle/pk.c: updates

2012-05-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/libgnutls.map, lib/x509/x509.c: align with 3.0.x

2012-05-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-cert-auth2.texi, lib/abstract_int.h,
	lib/algorithms.h, lib/algorithms/sign.c, lib/auth/rsa.c,
	lib/auth/rsa_export.c, lib/crypto-backend.h, lib/ext/signature.c,
	lib/gnutls_pk.c, lib/gnutls_pk.h, lib/gnutls_privkey.c,
	lib/gnutls_pubkey.c, lib/gnutls_sig.c, lib/gnutls_sig.h,
	lib/includes/gnutls/abstract.h, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, lib/nettle/pk.c, lib/opencdk/main.h,
	lib/opencdk/pubkey.c, lib/opencdk/seskey.c, lib/openpgp/privkey.c,
	lib/x509/privkey.c, lib/x509/verify.c, lib/x509/x509.c,
	lib/x509/x509_int.h, tests/x509sign-verify.c: Use the PKCS #1 1.5
	encoding provided by nettle (2.5) for encryption and signatures.

2012-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: Added text for gnutls_dh_set_prime_bits and
	gnutls_srp_set_prime_bits

2012-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_ui.c: Document the effect of lowering the DH bits.

2012-05-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c, src/common.c: Print certificate if --print-cert is
	given, even on verification failure.

2012-05-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Revert "This patch fixes following kind of issue
	with automake 1.12" It was suggested that this need not to be solved
	by gnutls.  This reverts commit 30ad4976249aa9e402eb27081ade06928f3066f0.

2012-05-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/.gitignore, doc/invoke-certtool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi: Auto-generated texi files were added.

2012-05-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.c, src/certtool-args.def, src/certtool-args.h: 
	Added URI to the example.

2012-05-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-cfg.c, src/certtool-cfg.h, src/certtool.c,
	tests/cert-tests/template-test.pem: Added support for the URI type
	of subject alternative name in certtool.

2012-05-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, src/certtool-args.c, src/certtool-args.h,
	src/cli-args.c, src/cli-args.h, src/cli-debug-args.c,
	src/cli-debug-args.h, src/ocsptool-args.c, src/ocsptool-args.h,
	src/p11tool-args.c, src/p11tool-args.h, src/psk-args.c,
	src/psk-args.h, src/serv-args.c, src/serv-args.h,
	src/srptool-args.c, src/srptool-args.h: Added the autogen files to
	git.

2012-05-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am: Added new functions

2012-05-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README-alpha, src/libopts/Makefile.am, src/libopts/ag-char-map.h,
	src/libopts/ao-strs.c, src/libopts/ao-strs.h,
	src/libopts/autoopts.c, src/libopts/autoopts.h,
	src/libopts/autoopts/options.h, src/libopts/autoopts/project.h,
	src/libopts/autoopts/usage-txt.h, src/libopts/boolean.c,
	src/libopts/check.c, src/libopts/compat/compat.h,
	src/libopts/compat/pathfind.c, src/libopts/configfile.c,
	src/libopts/cook.c, src/libopts/enum.c, src/libopts/env.c,
	src/libopts/find.c, src/libopts/genshell.c, src/libopts/genshell.h,
	src/libopts/libopts.c, src/libopts/load.c,
	src/libopts/m4/libopts.m4, src/libopts/makeshell.c,
	src/libopts/nested.c, src/libopts/parse-duration.c,
	src/libopts/pgusage.c, src/libopts/proto.h, src/libopts/putshell.c,
	src/libopts/reset.c, src/libopts/save.c, src/libopts/stack.c,
	src/libopts/streqvcmp.c, src/libopts/tokenize.c,
	src/libopts/usage.c, src/libopts/value-type.h,
	src/libopts/xat-attribute.h: Updated libopts

2012-05-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: added new functions

2012-05-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi,
	doc/examples/ex-client-dtls.c, doc/examples/ex-client-resume.c,
	doc/examples/ex-client-srp.c, doc/examples/ex-client-x509.c,
	doc/manpages/Makefile.am, lib/gnutls_x509.c,
	lib/includes/gnutls/pkcs11.h, lib/includes/gnutls/x509.h,
	lib/libgnutls.map, lib/pkcs11.c, lib/x509/Makefile.am,
	lib/x509/verify-high2.c, lib/x509/x509.c, src/cli.c: Added
	convenience functions to load a trust list from a file or a memory
	buffer.  New functions: gnutls_certificate_set_x509_system_trust,
	gnutls_pkcs11_obj_list_import_url2,
	gnutls_x509_trust_list_add_system_trust,
	gnutls_x509_trust_list_add_trust_file,
	gnutls_x509_trust_list_add_trust_mem.

2012-05-08  Ludwig Nussel <ludwig.nussel@suse.de>

	* configure.ac, doc/Makefile.am, doc/manpages/Makefile.am,
	lib/gnutls_x509.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, src/cli.c: introduce
	gnutls_certificate_set_x509_system_trust gnutls_certificate_set_x509_system_trust() imports the trusted root
	CA's from a compile time defined location. That way applications
	don't need to know.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-05-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: This patch fixes following kind of issue with
	automake 1.12 | automake: warnings are treated as errors |
	/.../automake-1.12/am/ltlibrary.am: warning: 'libgnutls.la': linking
	libtool libraries using a non-POSIX |
	/.../automake-1.12/am/ltlibrary.am: archiver requires 'AM_PROG_AR'
	in 'configure.ac' Patch by: Nitin A Kamble <nitin.a.kamble@intel.com>

2012-04-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/autoopts/options.h: removed redundant declaration.

2012-04-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* devel/perlasm/cpuid-x86_64.pl,
	lib/accelerated/x86/coff/cpuid-x86-64-coff.s: Corrected win64
	cpuid() code. Report and patch by Mann Ern Kang.

2012-04-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_mpi.c: corrected bug in scan_nz()

2012-04-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README-alpha: removed old dependency

2012-04-21  Patrick Pelletier <code@funwithsoftware.org>

	* NEWS, README-alpha, doc/cha-intro-tls.texi,
	lib/accelerated/x86/README, lib/auth/dh_common.c, lib/auth/dhe.c,
	lib/auth/srp.c, lib/auth/srp_sb64.c, lib/gnutls_state.c,
	lib/nettle/mpi.c: documentation and comment fixes Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-04-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dh.c, lib/gnutls_dh.h: corrected typo

2012-04-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/srp.c: simplified checks.

2012-04-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/dh_common.c, lib/gnutls_dh.c, lib/gnutls_dh.h: Return
	proper error code if parameter check fails.

2012-04-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/srp.c: Added complete check in SRP parameters.

2012-04-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented updated

2012-04-18  Alexandre Bique <bique.alexandre@gmail.com>

	* lib/gnutlsxx.cpp, lib/includes/gnutls/gnutlsxx.h: Add
	gnutls::session::set_transport_vec_push().  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-04-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dh.c: Added better sanity checks in Diffie-Hellman key
	exchange.

2012-04-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Added option to unconditionally disable crywrap.
	Patch by Daniel Mierswa.

2012-04-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/verify-tofu.c: Use openpgp if enabled.

2012-04-17  Simon Josefsson <simon@josefsson.org>

	* README-alpha: Doc fix.

2012-04-17  Simon Josefsson <simon@josefsson.org>

	* configure.ac: Require automake >= 1.11.3 because of dist-lzip.

2012-04-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/pkcs11.c: If a callback fails try the other.

2012-04-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/pkcs11.c: by default register a file callback in p11-kit
	to read a file from the pin-source pkcs11url field.

2012-04-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* po/cs.po.in, po/de.po.in, po/fi.po.in, po/it.po.in, po/nl.po.in,
	po/pl.po.in, po/sv.po.in, po/uk.po.in, po/vi.po.in: Sync with TP.

2012-04-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/cli.c, src/srptool.c: No need to include
	gettext.h. Link against libintl when needed.

2012-04-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: no abi change in 3.0.19

2012-04-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: text for 3.1.0

2012-04-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_buffers.c, lib/gnutls_buffers.h,
	lib/gnutls_handshake.c, lib/includes/gnutls/gnutls.h.in: 
	gnutls_record_check_unprocessed is now inline function.

2012-04-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c: optimized usage of gnutls_rnd()

2012-04-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/rnd.c: Update random state on all cases.

2012-04-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/tests/ioctl.c: updated gnulib

2012-04-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/testcompat-main: Added TLS 1.2 interop tests.

2012-04-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_pubkey.c, lib/gnutls_state.c: Relax strict
	DSA/ECDSA checks to allow broader interoperability. Stronger hash
	algorithms are now allowed even if DSA might only allow SHA1.

2012-04-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dh.c: Add sanity checks in Diffie-Hellman key exchange
	values.

2012-04-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/mpi.c: corrected DH generation check.

2012-04-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: updated

2012-04-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_buffers.c, lib/gnutls_handshake.c,
	lib/includes/gnutls/gnutls.h.in: gnutls_record_check_pending
	functionality was divided to gnutls_record_check_pending and
	gnutls_record_check_unprocessed.

2012-04-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_int.h: doc updates

2012-04-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/mpi.c: refuse to generate small group sizes.

2012-04-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: do not check for fchmod

2012-04-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi: updated
	documentation for dtls.

2012-04-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.def: updated documentation

2012-04-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-loss-time.c: Revert "avoid killing child" This reverts commit 4965c2fbfd3405e2dfe7f7d747d03185d155c2a1.

2012-04-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fixes

2012-04-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: do not print Key ID in a pkcs12 structure if it is
	null.

2012-04-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c: raw_to_string no longer returns NULL.

2012-04-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/pkcs12-decode/pkcs12: improved test and added debugging

2012-04-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_sig.c: corrected comparison

2012-04-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/dirent.in.h, gl/m4/math_h.m4,
	gl/m4/stdio_h.m4, gl/m4/warn-on-use.m4, gl/m4/warnings.m4,
	gl/math.in.h, gl/stdio.in.h, gl/stdlib.in.h, gl/string.in.h,
	gl/tests/strerror_r.c, gl/tests/test-float.c, gl/tests/test-math.c,
	gl/wchar.in.h, maint.mk: updated gnulib

2012-04-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-upgrade.texi: Added more deprecated functions

2012-04-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/override/tests/test-float.c.diff: avoid the floating point
	test.

2012-04-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-dtls-rehandshake.c, tests/mini-loss-time.c,
	tests/mini-record.c, tests/mini-termination.c,
	tests/openpgp-auth.c, tests/openpgp-auth2.c: use AF_UNIX for
	socketpair.

2012-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: updated

2012-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: make dist will also make lzip compressed tarball

2012-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/hmac-padlock.c, lib/algorithms.h,
	lib/algorithms/kx.c, lib/algorithms/mac.c, lib/crypto-api.c,
	lib/gnutls_cipher_int.c, lib/gnutls_constate.c,
	lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_pk.c,
	lib/gnutls_pubkey.c, lib/gnutls_sig.c, lib/gnutls_sig.h,
	lib/includes/gnutls/crypto.h, lib/opencdk/armor.c,
	lib/opencdk/misc.c, lib/opencdk/new-packet.c, lib/x509/ocsp.c,
	lib/x509/verify.c, lib/x509/x509.c, lib/x509/x509_int.h: several
	type changes to please clang

2012-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: set release date

2012-04-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/minitasn1/decoding.c: updated libtasn1

2012-04-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: removed old function.

2012-04-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped versions

2012-04-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/gnutls.h.in: removed function that didn't
	exist

2012-03-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-termination.c: initialize value

2012-03-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-loss-time.c: avoid killing child

2012-03-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-dtls-rehandshake.c: avoid closing fd[1] on server. For
	some reason it makes connection fail.

2012-03-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: Add FUNCS to distribution

2012-03-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS, lib/gnutls_record.c, tests/Makefile.am,
	tests/mini-dtls-rehandshake.c, tests/mini-record.c,
	tests/mini-termination.c: Make sure that
	GNUTLS_E_PREMATURE_TERMINATION is returned if there is premature
	termination.

2012-03-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls-stress.c: do not build test with timers when posix
	timers are not present.

2012-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/keydb.c, lib/opencdk/literal.c: corrected types

2012-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/ocsp.c: use correct type in snprintf.

2012-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/compat.h: added prototypes for inline
	functions (some gcc versions couldn't compile without)

2012-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c, lib/gnutls_auth.h, lib/gnutls_handshake.c,
	lib/gnutls_int.h, lib/gnutls_kx.c, lib/gnutls_kx.h,
	lib/gnutls_sig.c, lib/gnutls_sig.h, lib/gnutls_ui.c: even more
	cleanups

2012-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c, lib/auth/cert.h, lib/auth/dhe.c, lib/auth/rsa.c,
	lib/auth/rsa_export.c, lib/auth/srp_rsa.c: more cleanups

2012-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: updated

2012-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/ocsp.c, tests/openpgp-auth2.c, tests/resume-dtls.c: Fixes
	for win32 and time. OCSP test now sets a fixed time to avoid
	expiration errors.

2012-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c, lib/auth/cert.h, lib/auth/dhe.c, lib/auth/rsa.c,
	lib/auth/rsa_export.c, lib/auth/srp_rsa.c: simplified internal
	function names.

2012-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* m4/hooks.m4: improvements in long long usage

2012-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: corrected probing of cryptodev
	digests.

2012-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/accelerated/x86/aes-x86.h, m4/hooks.m4: Do not assume
	sizeof(unsigned long)==sizeof(void*).  Based on patch by B. Scott
	Michel.

2012-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/genshell.h: include libintl. Patch by B. Scott Michel

2012-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/Makefile.am, src/libopts/genshell.h: Revert "use
	header files from gl/ and include gettext.h" This reverts commit 6b3d7b6e31ddab337e185922910262d68f1fc6fa.

2012-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/Makefile.am, src/libopts/genshell.h: use header files
	from gl/ and include gettext.h

2012-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-cxx.cpp: more warnings to silence.

2012-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-serv-anon.c: silence warnings. Patch by B. Scott
	Michel.

2012-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/getfuncs.pl, lib/includes/gnutls/compat.h: Added
	doc-skip to skip certain functions from documentation.

2012-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/compat.h: remove brackets.

2012-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/compat.h: Cleaned up deprecated types and
	added a deprecation warning on them.

2012-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/compat.h: Provide compatibility inline
	functions for gnutls_session_get_server_random() and
	gnutls_session_get_client_random().

2012-03-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/accelerated/x86/aes-padlock.c: Only call
	check_phe_partial() if PHE has been detected.

2012-03-21  Simon Josefsson <simon@josefsson.org>

	* README-alpha: Update bootstrapping instructions.

2012-03-21  Simon Josefsson <simon@josefsson.org>

	* .gitignore, doc/Makefile.am: Tell automake about all filenames to
	fix 'make distcheck'.

2012-03-21  Simon Josefsson <simon@josefsson.org>

	* README-alpha: Clarify bootstrapping.

2012-03-21  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/Makefile.am: Generated.

2012-03-21  Simon Josefsson <simon@josefsson.org>

	* doc/Makefile.am: Build functions/ files (this should be done by
	listing all files instead).

2012-03-21  Simon Josefsson <simon@josefsson.org>

	* gl/Makefile.am, gl/fpucw.h, gl/glthread/threadlib.c,
	gl/isnanf-nolibm.h, gl/m4/frexpl.m4, gl/m4/gnulib-comp.m4,
	gl/m4/ldexpl.m4, gl/m4/math_h.m4, gl/m4/timer_time.m4,
	gl/math.in.h, gl/tests/Makefile.am, gl/tests/glthread/threadlib.c,
	gl/tests/macros.h, gl/tests/randomd.c, gl/tests/randoml.c,
	gl/tests/test-frexp.c, gl/tests/test-frexp.h,
	gl/tests/test-frexpl.c, gl/tests/test-math.c, maint.mk: Update
	gnulib files.

2012-03-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, devel/perlasm/e_padlock-x86.pl,
	devel/perlasm/e_padlock-x86_64.pl, devel/perlasm/ghash-x86.pl,
	lib/accelerated/x86/README,
	lib/accelerated/x86/coff/padlock-x86-64-coff.s,
	lib/accelerated/x86/coff/padlock-x86-coff.s,
	lib/accelerated/x86/elf/padlock-x86-64.s,
	lib/accelerated/x86/license.txt,
	lib/accelerated/x86/macosx/padlock-x86-64-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-macosx.s: updated openssl
	code

2012-03-19  Simon Josefsson <simon@josefsson.org>

	* lib/includes/gnutls/compat.h: Remove TLS_RANDOM_SIZE and
	TLS_MASTER_SIZE compat mappings.

2012-03-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS, doc/cha-upgrade.texi, lib/gnutls_state.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
	gnutls_session_get_random()

2012-03-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/libgnutls.map: added missing function

2012-03-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* m4/hooks.m4: better error message

2012-03-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/mytexi2latex: updated

2012-03-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-upgrade.texi, doc/gnutls.texi,
	doc/latex/Makefile.am, doc/latex/gnutls.tex: Added chapter to
	describe changes needed when upgrading.

2012-03-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-library.texi: doc update

2012-03-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/pkix.asn, lib/pkix_asn1_tab.c, lib/x509/common.c,
	lib/x509/common.h, lib/x509/crl.c, lib/x509/crl_write.c,
	lib/x509/crq.c, lib/x509/output.c, lib/x509/x509.c,
	lib/x509/x509_write.c, tests/cert-tests/template-test.pem: Added
	gnutls_x509_crt_set_private_key_usage_period() and
	gnutls_x509_crt_get_private_key_usage_period(). The time stored in
	generated certificates is now GeneralizedTime.

2012-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: changed debugging level for message

2012-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: corrected ciphersuite number

2012-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: Added debugging message when encounter an
	invalid ciphersuite.

2012-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/certtool.c: Applied patch to cast days to (time_t)
	before converting it to seconds to prevent a Y2K38 bug. Patch by
	Robert Millan.

2012-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/gnutls.texi, doc/scripts/split-texi.pl: 
	texinfo documentation is similar to the printed manual.

2012-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, cross.mk, m4/hooks.m4: bumped version

2012-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pubkey.c, lib/x509/crq.c, lib/x509/x509.c: corrected
	the documentation of the verification functions.

2012-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.0.16

2012-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: enable_local_libopts is by default no

2012-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* m4/hooks.m4: bumped shared lib version

2012-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/x509/x509_write.c, src/certtool-args.def, src/certtool-cfg.c,
	src/certtool-cfg.h, src/certtool.c: Added
	gnutls_x509_crt_set_authority_info_access.

2012-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/README: updated

2012-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* devel/perlasm/license-gnutls.txt, devel/perlasm/license.txt,
	lib/accelerated/x86/coff/appro-aes-gcm-x86-64-coff.s,
	lib/accelerated/x86/coff/appro-aes-x86-64-coff.s,
	lib/accelerated/x86/coff/appro-aes-x86-coff.s,
	lib/accelerated/x86/coff/cpuid-x86-64-coff.s,
	lib/accelerated/x86/coff/cpuid-x86-coff.s,
	lib/accelerated/x86/coff/padlock-x86-64-coff.s,
	lib/accelerated/x86/coff/padlock-x86-coff.s,
	lib/accelerated/x86/elf/appro-aes-gcm-x86-64.s,
	lib/accelerated/x86/elf/appro-aes-x86-64.s,
	lib/accelerated/x86/elf/appro-aes-x86.s,
	lib/accelerated/x86/elf/cpuid-x86-64.s,
	lib/accelerated/x86/elf/cpuid-x86.s,
	lib/accelerated/x86/elf/padlock-x86-64.s,
	lib/accelerated/x86/elf/padlock-x86.s,
	lib/accelerated/x86/macosx/appro-aes-gcm-x86-64-macosx.s,
	lib/accelerated/x86/macosx/appro-aes-x86-64-macosx.s,
	lib/accelerated/x86/macosx/appro-aes-x86-macosx.s,
	lib/accelerated/x86/macosx/cpuid-x86-64-macosx.s,
	lib/accelerated/x86/macosx/cpuid-x86-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-64-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-macosx.s: updated licenses

2012-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk, lib/accelerated/x86/Makefile.am,
	lib/accelerated/x86/asm-coff/appro-aes-gcm-x86-64-coff.s,
	lib/accelerated/x86/asm-coff/appro-aes-x86-64-coff.s,
	lib/accelerated/x86/asm-coff/appro-aes-x86-coff.s,
	lib/accelerated/x86/asm-coff/cpuid-x86-64-coff.s,
	lib/accelerated/x86/asm-coff/cpuid-x86-coff.s,
	lib/accelerated/x86/asm-coff/padlock-x86-64-coff.s,
	lib/accelerated/x86/asm-coff/padlock-x86-coff.s,
	lib/accelerated/x86/asm-macosx/appro-aes-gcm-x86-64-macosx.s,
	lib/accelerated/x86/asm-macosx/appro-aes-x86-64-macosx.s,
	lib/accelerated/x86/asm-macosx/appro-aes-x86-macosx.s,
	lib/accelerated/x86/asm-macosx/cpuid-x86-64-macosx.s,
	lib/accelerated/x86/asm-macosx/cpuid-x86-macosx.s,
	lib/accelerated/x86/asm-macosx/padlock-x86-64-macosx.s,
	lib/accelerated/x86/asm-macosx/padlock-x86-macosx.s,
	lib/accelerated/x86/asm/appro-aes-gcm-x86-64.s,
	lib/accelerated/x86/asm/appro-aes-x86-64.s,
	lib/accelerated/x86/asm/appro-aes-x86.s,
	lib/accelerated/x86/asm/cpuid-x86-64.s,
	lib/accelerated/x86/asm/cpuid-x86.s,
	lib/accelerated/x86/asm/padlock-x86-64.s,
	lib/accelerated/x86/asm/padlock-x86.s,
	lib/accelerated/x86/coff/appro-aes-gcm-x86-64-coff.s,
	lib/accelerated/x86/coff/appro-aes-x86-64-coff.s,
	lib/accelerated/x86/coff/appro-aes-x86-coff.s,
	lib/accelerated/x86/coff/cpuid-x86-64-coff.s,
	lib/accelerated/x86/coff/cpuid-x86-coff.s,
	lib/accelerated/x86/coff/padlock-x86-64-coff.s,
	lib/accelerated/x86/coff/padlock-x86-coff.s,
	lib/accelerated/x86/elf/appro-aes-gcm-x86-64.s,
	lib/accelerated/x86/elf/appro-aes-x86-64.s,
	lib/accelerated/x86/elf/appro-aes-x86.s,
	lib/accelerated/x86/elf/cpuid-x86-64.s,
	lib/accelerated/x86/elf/cpuid-x86.s,
	lib/accelerated/x86/elf/padlock-x86-64.s,
	lib/accelerated/x86/elf/padlock-x86.s,
	lib/accelerated/x86/macosx/appro-aes-gcm-x86-64-macosx.s,
	lib/accelerated/x86/macosx/appro-aes-x86-64-macosx.s,
	lib/accelerated/x86/macosx/appro-aes-x86-macosx.s,
	lib/accelerated/x86/macosx/cpuid-x86-64-macosx.s,
	lib/accelerated/x86/macosx/cpuid-x86-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-64-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-macosx.s: renamed asm
	directories.

2012-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2012-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/Makefile.am: corrected makefile

2012-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Added missing elf part.

2012-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk, configure.ac, lib/accelerated/x86/Makefile.am,
	lib/accelerated/x86/asm-macosx/appro-aes-gcm-x86-64-macosx.s,
	lib/accelerated/x86/asm-macosx/appro-aes-x86-64-macosx.s,
	lib/accelerated/x86/asm-macosx/appro-aes-x86-macosx.s,
	lib/accelerated/x86/asm-macosx/cpuid-x86-64-macosx.s,
	lib/accelerated/x86/asm-macosx/cpuid-x86-macosx.s,
	lib/accelerated/x86/asm-macosx/padlock-x86-64-macosx.s,
	lib/accelerated/x86/asm-macosx/padlock-x86-macosx.s: Added assembly
	for macosx

2012-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: corrected typo

2012-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-verify-ssh.c: reduced lines

2012-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.def, src/p11tool-args.def: doc updates

2012-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.def: added spacing

2012-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/srp/Makefile.am, tests/srp/mini-srp.c, tests/srp/tpasswd,
	tests/srp/tpasswd.conf: generate tpasswd files on the spot.

2012-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/ca.pem, tests/enc3pkcs8.pem, tests/test1.pem,
	tests/test10.pem, tests/test13.pem, tests/test2.pem,
	tests/test20.pem, tests/test21.pem, tests/test22.pem,
	tests/test23.pem, tests/test24.pem, tests/test25.pem,
	tests/test26.pem, tests/test3.pem, tests/x509_test.c: removed unused
	files.

2012-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: stamp_enums is shipped to avoid regenerating
	parts of doc

2012-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: corrected urls

2012-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version.

2012-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: corrected call to gnutls_error_is_fatal().

2012-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated description

2012-03-14  Simon Josefsson <simon@josefsson.org>

	* lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
	lib/minitasn1/libtasn1.h: Update minitasn1.

2012-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/Makefile.am, tests/suite/invalid-cert: Added test on
	an invalid certificate.

2012-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/minitasn1/decoding.c: updated.

2012-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
	lib/minitasn1/libtasn1.h: more recent libtasn1

2012-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/minitasn1/coding.c, lib/minitasn1/decoding.c,
	lib/minitasn1/element.c, lib/minitasn1/element.h,
	lib/minitasn1/errors.c, lib/minitasn1/gstr.c, lib/minitasn1/gstr.h,
	lib/minitasn1/int.h, lib/minitasn1/libtasn1.h,
	lib/minitasn1/parser_aux.c, lib/minitasn1/parser_aux.h,
	lib/minitasn1/structure.c, lib/minitasn1/structure.h,
	lib/minitasn1/version.c: updated included libtasn1

2012-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: gnutls-cli honours the --x509fmtder.

2012-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: only set the server name if we do not have an IP
	address.

2012-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: Do not use fixed versions

2012-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi,
	lib/includes/gnutls/gnutls.h.in: Documentation updates

2012-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: when using cryptodev do not set all
	the digest function since they are not always faster.

2012-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/aes-gcm-padlock.c,
	lib/accelerated/x86/aes-gcm-x86.c: corrected comments.

2012-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: reset the siop structure on every
	loop

2012-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-cipher.c: add more space to dst to allow GCM mode
	tests in cryptodev.

2012-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/certtool-args.def, src/certtool-cfg.c,
	src/certtool-cfg.h, src/certtool.c: certtool may explicitly set the
	domain component (DC) field of a DN.

2012-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/x509.h, src/certtool-args.def: Added a real
	key purpose OID as example

2012-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/p11tool-args.def: updated p11tool documentation.

2012-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/p11tool.c: Only set the private status if it has been
	explicitly specified. That is because some tokens don't want it set.

2012-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: The default cipher when encrypting with PKCS12 is
	AES.

2012-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.def: to-p12 requires the load-certificate and
	load-privkey.

2012-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/cover.tex: updated front-page to include all
	contributors.

2012-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-bib.texi, doc/cha-internals.texi, doc/latex/gnutls.bib: 
	Some updates on supplemental data handling.

2012-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/safe-renegotiation/Makefile.am: safe renegotiation tests
	only run under valgrind in the devel environment.

2012-03-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/gnutls.tex: updated

2012-03-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, doc/scripts/mytexi2latex: changes in
	asynchronous documentation

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/makeshell.c: Added ifdef HAVE_FCHMOD

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-shared-key.texi: More documentation on SRP

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/srp/mini-srp.c: Test SRP-RSA and plain SRP.

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/srp_rsa.c: Corrected SRP-RSA in TLS 1.2

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-internals.texi: break line on long string.

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk, cross.mk: small updates

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-client-psk.c: Corrected PSK client example.

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/srp/Makefile.am: Added missing files.

2012-03-02  Carolin Latze <latze@angry-red-pla.net>

	* doc/cha-internals.texi: supp data doc added Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.0.15

2012-03-02  Simon Josefsson <simon@josefsson.org>

	* doc/reference/gnutls-docs.sgml: Fix index with new 3.0.x symbols.

2012-03-02  Simon Josefsson <simon@josefsson.org>

	* lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/ocsp.h,
	lib/verify-tofu.c: Doc fixes for GTK-DOC.

2012-03-02  Simon Josefsson <simon@josefsson.org>

	* lib/gnutls_dtls.c, lib/gnutls_dtls.h: De-inline some dtls
	functions.  Avoids compiler error on gcc 4.4.5 (Debian Squeeze) that complains
	about "call is unlikely and code size would grow".

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, configure.ac, tests/Makefile.am,
	tests/srp/Makefile.am, tests/srp/mini-srp.c, tests/srp/tpasswd,
	tests/srp/tpasswd.conf: Added SRP test.

2012-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/srp_passwd.c, lib/ext/srp.c, lib/gnutls_errors.c: Fixes
	and memory leak elimination in SRP authentication.

2012-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/auth/srp.c: Eliminate double free during SRP
	authentication.

2012-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: corrected version replacement in .texi.

2012-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2012-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: avoid regeneration of header files

2012-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/pkcs11.c: No longer crash on a pkcs11 object without an
	ID.

2012-02-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-02-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-record.c: eliminated memory leaks in new test.

2012-02-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-02-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, tests/Makefile.am, tests/mini-record.c: Added test for
	invalid record packet sizes.

2012-02-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c, lib/gnutls_mbuffers.c, lib/gnutls_record.c: 
	artistic changes.

2012-02-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_mbuffers.c: corrected copying of buffers.

2012-02-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: corrected check_command() input

2012-02-29  Simon Josefsson <simon@josefsson.org>

	* gl/Makefile.am, gl/m4/fpieee.m4, gl/m4/math_h.m4, gl/math.in.h: 
	Update gnulib files.

2012-02-29  Simon Josefsson <simon@josefsson.org>

	* src/libopts/Makefile.am, src/libopts/ag-char-map.h,
	src/libopts/ao-strs.c, src/libopts/ao-strs.h,
	src/libopts/autoopts/options.h, src/libopts/autoopts/usage-txt.h,
	src/libopts/genshell.c, src/libopts/genshell.h,
	src/libopts/m4/libopts.m4, src/libopts/makeshell.c,
	src/libopts/proto.h, src/libopts/value-type.h,
	src/libopts/xat-attribute.h: Update to autogen 5.15.

2012-02-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c: changes in packet parsing.

2012-02-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* THANKS, src/common.c: Do not call gnutls_x509_crt_check_hostname()
	if hostname eq NULL. Reported by Matthew Hall.

2012-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, lib/gnutls_state.c: Updated documentation
	on gnutls_prf()

2012-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: re-updated

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Revert "always link against the distributed libopts" This reverts commit ae3033fee01f058a028406648ebc32294774e282.

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: replace @VERSION@ in the program documentation.

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README-alpha: document autogen minimum version

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/accelerated/cryptodev.c: Updated cryptodev code.  Hash
	reset is being performed in a single ioctl() with update and TLS
	versions (<1.1) that do not have explicit IV are correctly handled.

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-dtls-rehandshake.c: added all cases.

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev-gcm.c: removed debugging

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev-gcm.c, lib/accelerated/cryptodev.c: 
	simplified gcm registration in cryptodev.

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli-args.def: doc updates

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented updates

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: If a client hello is received immediately
	after a completed handshake delete the async_timer to rehandshake.

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.h, lib/gnutls_handshake.c: When rehandshake is
	requested by server force the cleanup of the previous handshake
	state.

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, tests/Makefile.am, tests/mini-dtls-rehandshake.c,
	tests/mini-rehandshake.c, tests/mini-x509-rehandshake.c,
	tests/resume-dtls.c: Added mini-dtls-rehandshake.c to test
	rehandshake in DTLS.

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: Corrected session resumption for DTLS

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/mini-loss.c: removed redundant test.

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c, lib/gnutls_constate.c, lib/gnutls_dtls.c,
	lib/gnutls_dtls.h, lib/gnutls_handshake.c, lib/gnutls_record.c: 
	fixes in DTLS rehandshake and epoch cleanup.

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c, src/common.h, src/serv.c, src/udp-serv.c: 
	rehandshake command works in udp mode as well.

2012-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, src/ocsptool-args.def,
	src/p11tool-args.def: properly break lines.

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/cleanup-autogen.pl: updated

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/Makefile.am, src/libopts/ag-char-map.h,
	src/libopts/alias.c, src/libopts/ao-strs.c, src/libopts/ao-strs.h,
	src/libopts/autoopts.h, src/libopts/autoopts/options.h,
	src/libopts/autoopts/usage-txt.h, src/libopts/compat/compat.h,
	src/libopts/configfile.c, src/libopts/cook.c,
	src/libopts/genshell.c, src/libopts/genshell.h,
	src/libopts/m4/libopts.m4, src/libopts/numeric.c,
	src/libopts/proto.h, src/libopts/putshell.c,
	src/libopts/value-type.h, src/libopts/xat-attribute.h: Updated
	libopts.

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: always link against the distributed libopts

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am, src/Makefile.am, tests/dtls/Makefile.am: Link to
	correct libraries.

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls-stress.c: updated headers.

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* GNUmakefile, gl/Makefile.am, gl/alloca.in.h, gl/alphasort.c,
	gl/arpa_inet.in.h, gl/asnprintf.c, gl/asprintf.c, gl/base64.c,
	gl/base64.h, gl/c-ctype.c, gl/c-ctype.h, gl/errno.in.h,
	gl/float+.h, gl/fseeko.c, gl/gai_strerror.c, gl/getaddrinfo.c,
	gl/getdelim.c, gl/getline.c, gl/getpass.c, gl/getpass.h,
	gl/gettext.h, gl/gettimeofday.c, gl/inet_ntop.c, gl/lseek.c,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/math_h.m4,
	gl/m4/timer_time.m4, gl/malloc.c, gl/math.in.h, gl/memmem.c,
	gl/mempcpy.c, gl/minmax.h, gl/msvc-inval.c, gl/msvc-inval.h,
	gl/msvc-nothrow.c, gl/msvc-nothrow.h, gl/netdb.in.h,
	gl/netinet_in.in.h, gl/printf-args.c, gl/printf-args.h,
	gl/printf-parse.c, gl/printf-parse.h, gl/read-file.c,
	gl/read-file.h, gl/scandir.c, gl/select.c, gl/size_max.h,
	gl/snprintf.c, gl/stdalign.in.h, gl/stdarg.in.h, gl/stdbool.in.h,
	gl/stddef.in.h, gl/stdint.in.h, gl/stdio.in.h, gl/str-two-way.h,
	gl/strcasecmp.c, gl/strdup.c, gl/string.in.h, gl/strings.in.h,
	gl/strncasecmp.c, gl/strndup.c, gl/strnlen.c, gl/strverscmp.c,
	gl/sys_select.in.h, gl/sys_socket.in.h, gl/sys_stat.in.h,
	gl/sys_time.in.h, gl/sys_types.in.h, gl/sys_uio.in.h,
	gl/tests/glthread/lock.c, gl/tests/glthread/lock.h,
	gl/tests/glthread/threadlib.c, gl/tests/malloca.c,
	gl/tests/malloca.h, gl/tests/pathmax.h, gl/tests/pipe.c,
	gl/tests/sys_ioctl.in.h, gl/tests/test-base64.c,
	gl/tests/test-fgetc.c, gl/tests/test-fputc.c,
	gl/tests/test-fread.c, gl/tests/test-fwrite.c,
	gl/tests/test-getdelim.c, gl/tests/test-getline.c,
	gl/tests/test-perror.c, gl/tests/test-perror2.c,
	gl/tests/test-pipe.c, gl/tests/test-strerror.c,
	gl/tests/test-strerror_r.c, gl/tests/test-strverscmp.c,
	gl/time.in.h, gl/time_r.c, gl/unistd.in.h, gl/vasnprintf.c,
	gl/vasnprintf.h, gl/vasprintf.c, gl/vsnprintf.c, gl/wchar.in.h,
	gl/xsize.h, maint.mk: Added timer_time.

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/udp-serv.c: provide accurate value to select

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: make sure that the microseconds field does not
	overflow

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am: use valgrind only on development environment.

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: updated libopts check

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: updated

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac: Link with local libopts if the installed is an
	old one.

2012-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/Makefile.am: Added getfuncs.pl to distribution.

2012-02-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated NEWS

2012-02-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev-gcm.c, lib/accelerated/cryptodev.c,
	lib/accelerated/cryptodev.h: compilation fixes.

2012-02-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/accelerated/Makefile.am,
	lib/accelerated/cryptodev-gcm.c, lib/accelerated/cryptodev.c,
	lib/accelerated/cryptodev.h, lib/gnutls_cipher.c,
	lib/gnutls_cipher_int.h, lib/gnutls_record.c,
	tests/slow/cipher-test.c: Added GCM mode using cryptodev. This is
	mostly a hack due to how GCM mode is exported from kernel.

2012-02-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/pkcs11.c: free allocated module name. Reported by Sam
	Varshavchik.

2012-02-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: updated documentation

2012-02-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/pkcs7.c: added newline at end of file.

2012-02-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, src/Makefile.am: account args-std.def in make dist

2012-02-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c: check errno in pull_timeout_func.

2012-02-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: updates for cryptodev. Require the
	COP_FLAG_RESET.

2012-02-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/gc.c, tests/pskself.c: added error reporting

2012-02-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-loss-time.c: properly deinitialize session.

2012-02-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/slow/cipher-test.c: added (dead) code to test the
	_hmac_fast.

2012-02-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: Always deinitialize.

2012-02-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c: check _gnutls_auth_cipher_add_auth for error
	codes.

2012-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: added reset

2012-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/sha-padlock.c, lib/crypto-backend.h,
	lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/nettle/mac.c: hash
	copy no longer needed.

2012-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: initialize memory for siop

2012-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_constate.c, lib/gnutls_datum.c, lib/gnutls_datum.h,
	lib/openpgp/gnutls_openpgp.c: simplified the _datum functions.

2012-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped versions

2012-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: properly deinitialize cryptodev
	resources, and only register ciphers if they are hw accelerated.

2012-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: benchmark-ciphers re-enabled

2012-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: fixes in cryptodev support. Added
	support for digest algorithms.

2012-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: fixes in cryptodev support. Added
	support for digest algorithms.

2012-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, src/Makefile.am, src/args-std.def,
	src/certtool-args.def, src/cli-args.def, src/cli-debug-args.def,
	src/ocsptool-args.def, src/p11tool-args.def, src/psk-args.def,
	src/serv-args.def, src/srptool-args.def: Optimizations in command
	line argument handling. Patch by Bruce Korb.

2012-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2012-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2012-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c, lib/gnutls_pcert.c: Deinitialize the correct
	number of certificates. Reported by Remi Gacogne.

2012-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-loss-time.c: force kill of child process.

2012-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: update in cryptodev

2012-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/cryptodev.c: register the .fast function for
	cryptodev

2012-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls, tests/dtls/dtls-nb: Added more tests.

2012-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls-stress.c: Added new dtls-stress.c by Sean

2012-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/m4/libopts.m4: Included libopts is not installed by
	default.

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-loss-time.c: updated description

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/gdoc: corrected latex output

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: added date

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ecc.c, lib/crypto-api.c, lib/gnutls_alert.c,
	lib/gnutls_cert.c, lib/gnutls_dtls.c, lib/gnutls_global.c,
	lib/gnutls_pcert.c, lib/gnutls_priority.c, lib/gnutls_privkey.c,
	lib/gnutls_pubkey.c, lib/gnutls_record.c, lib/gnutls_state.c,
	lib/gnutls_x509.c, lib/pkcs11.c, lib/pkcs11_privkey.c,
	lib/system_override.c, lib/verify-tofu.c, lib/x509/common.c,
	lib/x509/crl.c, lib/x509/privkey.c, lib/x509/verify-high.c,
	lib/x509/x509.c: Since: 3.0.0 -> Since 3.0 to reflect that it might
	be on a later version than 3.0.0.

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/Makefile.am: Added new functions

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-tdb.c: verify that the correct error code is returned

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/gdoc: do not stick parameters to the next word.

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/verify-tofu.c: return the documented error code

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk: copy gnutls.epub to webdir

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README-alpha: gaa is no longer needed

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: Set the handshake type when calling
	record_add_to_buffers().

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: do not try to verify certificates when not needed.

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_errors.c, lib/gnutls_record.c,
	lib/includes/gnutls/gnutls.h.in: properly report unexpected EOF.

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls-stress.c: increase the total timeout in the tests
	since they seem to exceed the default DTLS maximum timeout.

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: Do not update twice the DTLS retransmission
	timer on finished messages. Report and patch by Sean Buckheister.

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: Cleanups in DTLS timers usage.

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/verify-tofu.c: corrected memory leak

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS, doc/cha-cert-auth.texi,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
	lib/verify-tofu.c, tests/Makefile.am, tests/mini-deflate.c,
	tests/mini-tdb.c: The public key storage backend was made
	extendable.  Added self test for the pubkey  trust default backend.

2012-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dn.c, tests/dn2.c: corrected var names

2012-02-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocsptool-args.def: updated doc

2012-02-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/Makefile.am: Added missing functions.

2012-02-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: corrected typo

2012-02-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-gtls-app.texi, lib/gnutls_dtls.c,
	lib/includes/gnutls/dtls.h, lib/libgnutls.map: Added
	gnutls_dtls_get_timeout()

2012-02-15  Giuseppe Scrivano <giuseppe@southpole.se>

	* doc/examples/ex-cert-select.c: Fix file leak in an example
	application.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls, tests/dtls/dtls-nb: Added more tests.

2012-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, lib/includes/gnutls/gnutls.h.in,
	lib/verify-tofu.c: Modified the trust_db API to avoid dependendance
	on a structure.

2012-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: Prevent any handshake packet except client
	hello to trigger a rehandshake error. Patch by Sean Buckheister.

2012-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-internals.texi: doc updates

2012-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_global.c, lib/verify-tofu.c: make the default storage
	backend thread safe.

2012-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls, tests/dtls/dtls-nb: added more test cases

2012-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: Corrected DTLS retransmission in non-blocking
	mode. Based on patch by Sean Buckheister.

2012-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, lib/Makefile.am,
	lib/includes/gnutls/gnutls.h.in, lib/verify-ssh.c,
	lib/verify-tofu.c: The hash in gnutls_store_commitment() is
	specified in raw format.

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-intro-tls.texi: doc updates

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* ChangeLog.1: removed unneeded file.

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/alert-printlist.c, doc/common.c,
	doc/common.h, doc/errcodes.c, doc/printlist.c: break long strings.

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/libgnutls.map: documented added function

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/Makefile.am, tests/dtls/dtls, tests/dtls/dtls-nb,
	tests/dtls/dtls-stress.c: Added tests for non-blocking DTLS

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-bib.texi, doc/cha-cert-auth.texi, doc/latex/gnutls.bib,
	lib/includes/gnutls/gnutls.h.in, lib/verify-ssh.c: Added ability to
	store commitments (hashes) of public keys.

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: Avoid generation of invoke-* in platforms other
	than the development

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls: more tests

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/Makefile.am, doc/scripts/cleanup-autogen.pl: added
	cleanup-autogen.pl

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_constate.c: reset sliding window size on new epochs

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls, tests/dtls/dtls-stress.c: added more tests and
	updated to compile with gnutls' options

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, tests/Makefile.am, tests/dtls/Makefile.am,
	tests/dtls/dtls, tests/dtls/dtls-stress.c: Added DTLS-stress test.
	Contributed by Sean Buckheister.

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, doc/Makefile.am, doc/epub.texi: Added rules to build
	epub version.

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c, lib/gnutls_record.c: discard unexpected
	buffered changecipherspec

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c, lib/gnutls_dtls.h, lib/gnutls_int.h,
	lib/gnutls_record.c, lib/gnutls_state.c: simplified sliding window.
	Now a different window is kept per epoch.

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi: documentation update

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/gnutls.texi, doc/scripts/cleanup-autogen.pl: 
	updated documentation for included programs.

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c, lib/gnutls_dtls.c, lib/gnutls_dtls.h,
	lib/gnutls_record.c: handle GNUTLS_E_INTERRUPTED when in DTLS mode.

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/key-id/key-id: added a valid template

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/session_ticket.c, lib/gnutls_buffers.c,
	lib/gnutls_buffers.h, lib/gnutls_dtls.c, lib/gnutls_handshake.c,
	lib/gnutls_handshake.h, lib/gnutls_int.h, lib/gnutls_kx.c: Do not
	treat any message from the peer as an indication that the last
	flight was correctly received.  Verify instead that the received
	handshake message has an expected sequence number.

2012-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: changecipherspec is correctly added into
	buffers.

2012-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/libopts/m4/libopts.m4: use NEED_LIBOPTS_DIR=true
	instead of modifying libopts.m4

2012-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c, lib/gnutls_dtls.h: update and reset timers on
	final flight and print timeout value in debugging mode.

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-loss-time.c, tests/mini-loss.c: tests with fork are
	disabled in windows

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: updated

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c, lib/gnutls_dtls.h, lib/gnutls_int.h,
	lib/gnutls_state.c: use subsecond granularity for DTLS packet
	retransmissions.

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/mini-loss-time.c: added test to check
	whether the DTLS timeout is within a reasonable time.

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tests.c, src/tests.h, src/tls_test.c: Added more tests to
	check whether various TLS versions need to be disabled.

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: be more silent

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: do not generate .texi on make dist.

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: cross building updates

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi: updated

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/m4/libopts.m4, src/libopts/makeshell.c: corrections

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/COPYING.gplv3, src/libopts/COPYING.lgplv3,
	src/libopts/Makefile.am, src/libopts/README,
	src/libopts/ag-char-map.h, src/libopts/alias.c,
	src/libopts/ao-strs.c, src/libopts/ao-strs.h,
	src/libopts/autoopts.c, src/libopts/autoopts.h,
	src/libopts/autoopts/options.h, src/libopts/autoopts/usage-txt.h,
	src/libopts/boolean.c, src/libopts/check.c,
	src/libopts/compat/compat.h, src/libopts/compat/windows-config.h,
	src/libopts/configfile.c, src/libopts/cook.c, src/libopts/enum.c,
	src/libopts/env.c, src/libopts/file.c, src/libopts/find.c,
	src/libopts/genshell.c, src/libopts/genshell.h,
	src/libopts/libopts.c, src/libopts/load.c,
	src/libopts/m4/libopts.m4, src/libopts/m4/liboptschk.m4,
	src/libopts/makeshell.c, src/libopts/nested.c,
	src/libopts/numeric.c, src/libopts/parse-duration.c,
	src/libopts/parse-duration.h, src/libopts/pgusage.c,
	src/libopts/proto.h, src/libopts/putshell.c, src/libopts/reset.c,
	src/libopts/restore.c, src/libopts/save.c, src/libopts/sort.c,
	src/libopts/stack.c, src/libopts/streqvcmp.c,
	src/libopts/text_mmap.c, src/libopts/time.c,
	src/libopts/tokenize.c, src/libopts/usage.c,
	src/libopts/value-type.h, src/libopts/version.c,
	src/libopts/xat-attribute.h: updated libopts

2012-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: corrected move of files

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi: escaped brackets

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: depend on p11-kit 0.11

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c: disabled dead code when PKCS11 is not there

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac: depend on p11-kit 0.11

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, lib/includes/gnutls/gnutls.h.in,
	lib/verify-ssh.c: updated documentation for back-end.

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/gnutls.tex: index after bibliography

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, doc/latex/.gitignore: more files to ignore

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/alert-printlist.c, doc/errcodes.c, doc/printlist.c: avoid
	headers in tables

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli-args.def: documentation update

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/verify-ssh.c: documentation update

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/latex/Makefile.am, doc/scripts/gdoc,
	doc/scripts/mytexi2latex: updated doc generation

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.def, src/p11tool-args.def, src/srptool-args.def: 
	doc fixes

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated NEWS

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/Makefile.am: added missing files

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: resolve port only when needed to.

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: updated makefile

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: fix in non-blocking case.

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: small correction

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, src/Makefile.am: corrected subdirs for libopts

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c, lib/x509/crl.c, lib/x509/crl_write.c,
	lib/x509/crq.c, lib/x509/extensions.c, lib/x509/mpi.c,
	lib/x509/output.c, lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c,
	lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c, lib/x509/privkey.c,
	lib/x509/privkey_pkcs8.c, lib/x509/sign.c, lib/x509/verify.c,
	lib/x509/x509.c, lib/x509/x509_write.c, src/cli.c, src/dh.c,
	src/serv.c: ENABLE_PKI is no more

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* m4/hooks.m4, src/Makefile.am: fix

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/Makefile.am, src/Makefile.am, src/socket.c: fix
	compilation

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: fixed leak

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: cleanup enable/disable options stuff.

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/libopts/compat/compat.h, src/libopts/cook.c,
	src/libopts/makeshell.c, src/libopts/text_mmap.c: fixes to allow
	libopts to compile in windows

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c: corrected typo

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/examples/ex-verify-ssh.c,
	lib/includes/gnutls/gnutls.h.in, lib/verify-ssh.c,
	src/cli-args.def, src/cli.c: gnutls_verify_stored_pubkey() and
	gnutls_store_pubkey() allow for alternative storage back-end.

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c, src/socket.c, src/socket.h: use getservbyport() to
	obtain the service name.

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/m4/gnulib-cache.m4: added servent

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-verify-ssh.c, src/cli.c: use updated api

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-tls.c: updated for new eagain-common.h

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-gtls-examples.texi,
	doc/examples/ex-verify-ssh.c, lib/includes/gnutls/gnutls.h.in,
	lib/verify-ssh.c: Removed the application field and added an
	expiration field.

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-client-x509.c: updated example

2012-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c, lib/gnutls_record.c: More robust behavior
	against packet loss

2012-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.c, lib/system.h: removed unneeded function.

2012-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-client-srp.c: updated example

2012-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: updated

2012-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: prevent sending EOF to caller.

2012-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/safe-renegotiation/srn0.c, tests/safe-renegotiation/srn1.c,
	tests/safe-renegotiation/srn2.c, tests/safe-renegotiation/srn3.c,
	tests/safe-renegotiation/srn4.c, tests/safe-renegotiation/srn5.c: 
	print client/server when in debugging

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, THANKS, tests/mini-loss.c: Added Sean.

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/eagain-common.h, tests/mini-deflate.c,
	tests/mini-eagain-dtls.c, tests/mini-eagain.c,
	tests/mini-x509-rehandshake.c, tests/mini-x509.c, tests/mini.c: 
	tests print server or client side in debugging output.

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c, lib/gnutls_buffers.h, lib/gnutls_dtls.c,
	lib/gnutls_handshake.c, lib/gnutls_int.h, lib/gnutls_record.c: 
	gnutls_record_check_pending() accounts data not yet processed.  DTLS
	layer avoids multiple retransmissions in non-blocking mode.

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: avoid many allocations for transmitting DTLS
	packets.

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/loss-common.h, tests/mini-loss.c,
	tests/mini-loss2.c: mini-loss2 is more robust.

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c, lib/gnutls_dtls.h, lib/gnutls_handshake.c,
	lib/gnutls_record.c: DTLS is more tolerant in packet loss during
	last flight.

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, tests/Makefile.am, tests/mini-loss2.c: Added test
	program mini-loss2.

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-client-anon.c, doc/examples/ex-client-dtls.c,
	doc/examples/ex-client-psk.c, doc/examples/ex-client-resume.c,
	doc/examples/ex-client-srp.c, doc/examples/ex-serv-anon.c,
	doc/examples/ex-serv-dtls.c, doc/examples/ex-serv-srp.c,
	doc/examples/ex-serv-x509.c: updated examples

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: enable crywrap only if function daemon exists.

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c, lib/gnutls_dtls.c, lib/gnutls_dtls.h: Be
	conservative when sending GNUTLS_E_AGAIN and check for a DTLS
	timeout before.

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, gl/Makefile.am, gl/argp-help.c, gl/argp-parse.c,
	gl/argp.h, gl/base64.c, gl/fseeko.c, gl/fseterr.c,
	gl/gettimeofday.c, gl/m4/exponentd.m4, gl/m4/gettimeofday.m4,
	gl/m4/gnulib-cache.m4, gl/m4/po.m4, gl/m4/stdalign.m4,
	gl/m4/sys_time_h.m4, gl/m4/vasnprintf.m4, gl/select.c, gl/sleep.c,
	gl/stdio-impl.h, gl/stdio.in.h, gl/sys_select.in.h,
	gl/sys_socket.in.h, gl/sys_stat.in.h, gl/sys_time.in.h,
	gl/tests/init.sh, gl/tests/ioctl.c, gl/tests/test-base64.c,
	gl/tests/test-init.sh, gl/tests/test-strerror.c,
	gl/tests/test-sys_select.c, gl/tests/test-sys_time.c,
	gl/tests/w32sock.h, gl/vasnprintf.c, gl/version-etc.h,
	gl/w32sock.h, maint.mk: added strndup and updated gnulib.

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, tests/Makefile.am, tests/loss-common.h,
	tests/mini-loss.c: Added test to simulate loss of packets in DTLS.

2012-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/debug.c, lib/gnutls_buffers.c, lib/gnutls_dtls.c,
	lib/gnutls_record.c: DTLS fixes.  Corrected bugs in DTLS sliding
	window code to account for lost packets arriving after an epoch
	change. The last handshake flight is now being kept by both parties
	in order to be used as a lost packet indication.

2012-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: Discard unexpected handshake or other packets
	in DTLS

2012-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_int.h: initial_negotiation_completed type changed to
	unsigned

2012-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/Makefile.am: Included missing file in windows
	builds.

2012-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c: Corrected check for the callback for
	gnutls_certificate_set_retrieve_function(). Reported by Dan Winship.

2012-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cert.c: updated documentation for
	gnutls_certificate_set_retrieve_function2.

2012-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/abstract.h: include
	gnutls_certificate_set_retrieve_function2() to documentation.
	Reported by Dan Winship.

2012-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_buffers.c, lib/gnutls_dtls.c, lib/gnutls_dtls.h,
	lib/gnutls_int.h, lib/gnutls_state.c: Corrected DTLS retransmission
	timeouts. Added the _ms suffix to the time variables in
	milliseconds. Report and patch by Sean Buckheister.

2012-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/gdoc: updated information in manpages.

2012-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/Makefile.am: updated manpages

2012-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: corrected added function

2012-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_global.c: text update

2012-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, lib/gnutls_pubkey.c: Updated
	documentation for gnutls_pubkey.

2012-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, doc/Makefile.am, doc/manpages/Makefile.am: replacing
	the version is not enough. Regenerate all files depending on .dep on
	dist-hook.

2012-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, Makefile.am, configure.ac, src/certtool-args.def,
	src/certtool-args.def.in, src/cli-args.def, src/cli-args.def.in,
	src/cli-debug-args.def, src/cli-debug-args.def.in,
	src/ocsptool-args.def, src/ocsptool-args.def.in,
	src/p11tool-args.def, src/p11tool-args.def.in, src/psk-args.def,
	src/psk-args.def.in, src/serv-args.def, src/serv-args.def.in,
	src/srptool-args.def, src/srptool-args.def.in: No need for .def.in
	files.  The @VERSION@ is now being replaced on dist-hook.  Also
	corrected the dist-hook for ChangeLog.

2012-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: updates

2012-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: make configure detect valgrind.  This is by creating
	the suppressions.valgrind file.

2012-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509_b64.c: use gnulib's base64 code

2012-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/Makefile.am, tests/cert-tests/funny-spacing.pem,
	tests/cert-tests/pem-decoding: Added test to ensure we can decode
	PEM encoded certificates with carriage returns, spaces and tabs.

2012-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/armor.c: use gnulib's base64 encoding/decoding code

2012-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/openpgp-certs/testcerts: silence test

2012-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/armor.c: align crc32 table

2012-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/armor.c: __MINGW32__ -> _WIN32

2012-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/armor.c, lib/opencdk/main.h: removed dummy function

2012-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/write-packet.c: corrected spacing

2012-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/write-packet.c: Correct export of openpgp packets that
	have no private keying material in it's primary key.  Patch by Sean
	Buckheister.

2012-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c, src/common.c, src/common.h: added
	print_cert_info_compact().

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocsptool-common.c: send_ocsp_request is more tolerant on
	errors.

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated doc

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/m4/valgrind-tests.m4: valgrind with suppressions.

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/Makefile.am: until autogen supports subheading tag
	live with a workaround.

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli-args.def.in, src/psk-args.def.in: updated manpages

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/Makefile.am: autogen required for building.

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: Revert "autogen failure is not fatal." This reverts commit 175e021fd8d0c195690b2d8806bd3a07e84415ce.

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: autogen failure is not fatal.

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/override/m4/valgrind-tests.m4.diff: Added --leak-check=full to
	valgrind options.

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/ocsp.c: updated for new gnutls_ocsp_resp_verify_direct
	semantics.

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, doc/.gitignore: more files to ignore

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.h, lib/includes/gnutls/ocsp.h,
	lib/openpgp/openpgp_int.h, lib/x509/ocsp.c, lib/x509/ocsp_output.c: 
	small fixes

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.h, lib/includes/gnutls/ocsp.h, lib/libgnutls.map,
	lib/openpgp/openpgp_int.h, lib/x509/ocsp.c, lib/x509/ocsp_output.c: 
	Revert "Added gnutls_ocsp_resp_verify() and some sign fixes." This reverts commit efaa2ee176568fcd009ff2ca9daa1b7fdac4c491.  Conflicts: 	lib/x509/ocsp.c

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/m4/valgrind-tests.m4, gl/override/m4/valgrind-tests.m4.diff: 
	Revert "Enable valgrind again." This commit disabled the
	suppressions which is required for tests to succeed.  This reverts commit 82498bad27645c47222fa932a7caa2e95747980a.

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/ocsptool-args.def.in: updated text

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocsptool.c: removed debugging code

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/ocsp.c: gnutls_ocsp_resp_verify_direct() will use the
	intermediate certificates in the response in order to verify the
	validity, thus aligning its functionality with
	gnutls_ocsp_resp_verify().

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c, src/common.c, src/common.h, src/ocsptool-common.c,
	src/ocsptool-common.h, src/ocsptool.c, src/serv.c, src/tests.c: 
	cleanup a bit the printing information stuff.

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: corrected dependencies

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-cert-auth2.texi, doc/cha-gtls-app.texi,
	doc/cha-programs.texi, doc/cha-shared-key.texi,
	src/certtool-args.def.in, src/cli-args.def.in,
	src/cli-debug-args.def.in, src/ocsptool-args.def.in,
	src/p11tool-args.def.in, src/psk-args.def.in, src/serv-args.def.in,
	src/srptool-args.def.in: Manual pages for included programs are
	auto-generated using the autoopts definitions.

2012-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/Makefile.am: corrected dependencies

2012-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/cli-args.def.in, src/cli.c, src/common.c,
	src/common.h, src/ocsptool-common.c, src/ocsptool-common.h,
	src/ocsptool.c, src/serv.c: gnutls-cli will try to verify ocsp
	responses if --ocsp is given.

2012-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.h, lib/includes/gnutls/ocsp.h, lib/libgnutls.map,
	lib/openpgp/openpgp_int.h, lib/x509/ocsp.c, lib/x509/ocsp_output.c: 
	Added gnutls_ocsp_resp_verify() and some sign fixes.

2012-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: updated todo

2012-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated text.

2012-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-verify-ssh.c, src/cli.c: Do not store a key when
	it already exists.

2012-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/cli-args.def.in, src/cli.c: ssh flag is has the option
	to be disabled/enabled.

2012-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, doc/cha-cert-auth.texi,
	doc/cha-gtls-examples.texi, doc/examples/Makefile.am,
	doc/examples/ex-cert-select-pkcs11.c,
	doc/examples/ex-cert-select.c, doc/examples/ex-client-dtls.c,
	doc/examples/ex-client-resume.c, doc/examples/ex-client-srp.c,
	doc/examples/ex-client-x509.c, doc/examples/ex-serv-dtls.c,
	doc/examples/ex-serv-psk.c, doc/examples/ex-serv-srp.c,
	doc/examples/ex-serv-x509.c, doc/examples/ex-verify-ssh.c,
	doc/examples/examples.h, lib/Makefile.am,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
	lib/openpgp/output.c, lib/system.c, lib/system.h, lib/verify-ssh.c,
	lib/x509/output.c, src/cli-args.def.in, src/cli.c, src/common.c,
	src/common.h, src/tests.c: Added gnutls_verify_stored_pubkey() and
	gnutls_store_pubkey().  This enables using ssh-like authentication
	for TLS sessions.

2012-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocsptool.c: allow the usage of --load-trust with --ask

2012-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/m4/strtok_r.m4, gl/strtok_r.c: Added strtok_r.

2012-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/base64.c, gl/base64.h, gl/m4/base64.m4,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/stdalign.m4,
	gl/tests/Makefile.am, gl/tests/malloca.c, gl/tests/test-base64.c: 
	added base64 module

2012-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509_b64.c: added fixme

2012-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocsptool-args.def.in: updated description

2012-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-gtls-examples.texi, doc/examples/Makefile.am,
	doc/examples/ex-ocsp-client.c, doc/examples/ex-ocsp-verify.c: 
	Combined ocsp apps to 1 using libcurl.

2012-01-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/ocsp.h, lib/x509/ocsp_output.c,
	src/Makefile.am, src/cli.c, src/common.c, src/common.h,
	src/ocsptool-args.def.in, src/ocsptool.c, src/serv.c, src/socket.c,
	src/socket.h, src/tls_test.c: Added --ask option to ocsptool.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/Makefile.am, src/Makefile.am: Fix builddir != srcdir
	builds.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* lib/extras/randomart.c: Revert template fix.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* tests/infoaccess.c, tests/mpi.c, tests/openpgp-auth.c,
	tests/openpgp-auth2.c, tests/openssl.c, tests/pkcs12_encode.c,
	tests/rng-fork.c: Fix mem leaks.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* gl/m4/valgrind-tests.m4, gl/override/m4/valgrind-tests.m4.diff: 
	Enable valgrind again.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* lib/abstract_int.h, lib/crypto-api.c, lib/crypto-backend.c,
	lib/crypto.h, lib/debug.c, lib/ext/max_record.c,
	lib/ext/max_record.h, lib/ext/safe_renegotiation.c,
	lib/ext/server_name.c, lib/ext/server_name.h,
	lib/ext/session_ticket.c, lib/ext/signature.c, lib/ext/signature.h,
	lib/ext/srp.c, lib/ext/srp.h, lib/gnutls.pc.in, lib/gnutls_alert.c,
	lib/gnutls_anon_cred.c, lib/gnutls_auth.c, lib/gnutls_buffers.c,
	lib/gnutls_cipher.c, lib/gnutls_cipher_int.c,
	lib/gnutls_compress.c, lib/gnutls_constate.c, lib/gnutls_datum.c,
	lib/gnutls_dh.c, lib/gnutls_dh_primes.c, lib/gnutls_ecc.h,
	lib/gnutls_errors.c, lib/gnutls_extensions.c, lib/gnutls_global.c,
	lib/gnutls_hash_int.c, lib/gnutls_helper.c, lib/gnutls_helper.h,
	lib/gnutls_kx.c, lib/gnutls_mem.c, lib/gnutls_mpi.c,
	lib/gnutls_num.c, lib/gnutls_priority.c, lib/gnutls_psk.c,
	lib/gnutls_rsa_export.c, lib/gnutls_session.c,
	lib/gnutls_session_pack.c, lib/gnutls_sig.c, lib/gnutls_srp.c,
	lib/gnutls_supplemental.c, lib/gnutls_ui.c, lib/gnutls_v2_compat.c,
	lib/gnutlsxx.cpp, lib/hash.h, lib/locks.h, lib/nettle/cipher.c,
	lib/nettle/ecc.h, lib/nettle/egd.c, lib/nettle/egd.h,
	lib/nettle/init.c, lib/nettle/mac.c, lib/nettle/mpi.c,
	lib/nettle/pk.c, lib/nettle/rnd.c, lib/opencdk/armor.c,
	lib/opencdk/context.h, lib/opencdk/filters.h, lib/opencdk/hash.c,
	lib/opencdk/kbnode.c, lib/opencdk/keydb.c, lib/opencdk/keydb.h,
	lib/opencdk/literal.c, lib/opencdk/main.h, lib/opencdk/misc.c,
	lib/opencdk/new-packet.c, lib/opencdk/opencdk.h,
	lib/opencdk/packet.h, lib/opencdk/pubkey.c,
	lib/opencdk/read-packet.c, lib/opencdk/seskey.c,
	lib/opencdk/sig-check.c, lib/opencdk/stream.c,
	lib/opencdk/stream.h, lib/opencdk/types.h,
	lib/opencdk/write-packet.c, lib/openpgp/compat.c,
	lib/openpgp/extras.c, lib/openpgp/gnutls_openpgp.h,
	lib/openpgp/openpgp_int.h, lib/openpgp/output.c,
	lib/openpgp/pgpverify.c, lib/pkcs11_int.h, lib/random.c,
	lib/system.c, lib/system.h, lib/x509/crl.c, lib/x509/crl_write.c,
	lib/x509/crq.c, lib/x509/dn.c, lib/x509/mpi.c,
	lib/x509/pbkdf2-sha1.c, lib/x509/pbkdf2-sha1.h, lib/x509/pkcs12.c,
	lib/x509/pkcs12_bag.c, lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c,
	lib/x509/privkey.c, lib/x509/privkey_pkcs8.c,
	lib/x509/rfc2818_hostname.c, lib/x509/sign.c,
	lib/x509/x509_write.c, src/benchmark.h, src/certtool-cfg.h,
	src/certtool-common.h, src/common.h, src/p11common.h,
	src/p11tool.h, src/pkcs11.c, src/serv.c, src/tests.h,
	src/udp-serv.h, tests/anonself.c, tests/certder.c,
	tests/certificate_set_x509_crl.c, tests/certuniqueid.c,
	tests/chainverify.c, tests/crq_apis.c, tests/cve-2008-4989.c,
	tests/cve-2009-1415.c, tests/dhepskself.c, tests/dn.c, tests/dn2.c,
	tests/gc.c, tests/hostname-check.c, tests/init_roundtrip.c,
	tests/mini-deflate.c, tests/mini-eagain-dtls.c,
	tests/mini-eagain.c, tests/mini-x509-rehandshake.c,
	tests/mini-x509.c, tests/mini.c, tests/moredn.c, tests/mpi.c,
	tests/nul-in-x509-names.c, tests/openpgp-keyring.c,
	tests/openpgpself.c, tests/openssl.c, tests/parse_ca.c,
	tests/pgps2kgnu.c, tests/pkcs12_encode.c, tests/pkcs12_s2k.c,
	tests/pskself.c, tests/resume.c, tests/rfc2253-escape-test,
	tests/rng-fork.c, tests/set_pkcs12_cred.c, tests/setcredcrash.c,
	tests/simple.c, tests/utils.h, tests/x509_altname.c,
	tests/x509_test.c, tests/x509dn.c, tests/x509self.c: Cleanup
	copyright headers.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* cfg.mk, lib/extras/randomart.c: Silence update-copyright.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* cfg.mk, doc/cha-programs.texi, src/cli-args.def.in: Fix
	syntax-check nits.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* .gitignore: Add ChangeLog.  Sort.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* build-aux/config.rpath, build-aux/pmccabe.css, gl/Makefile.am,
	gl/argp-pin.c, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/m4/thread.m4, gl/m4/yield.m4, gl/stdint.in.h,
	gl/tests/Makefile.am, gl/tests/glthread/thread.c,
	gl/tests/glthread/thread.h, gl/tests/glthread/yield.h,
	gl/tests/test-accept.c, gl/tests/test-bind.c,
	gl/tests/test-connect.c, gl/tests/test-getpeername.c,
	gl/tests/test-isnand-nolibm.c, gl/tests/test-listen.c,
	gl/tests/test-lock.c, gl/tests/test-recv.c,
	gl/tests/test-recvfrom.c, gl/tests/test-send.c,
	gl/tests/test-sendto.c, gl/tests/test-setsockopt.c,
	gl/tests/test-shutdown.c, gl/tests/test-thread_create.c,
	gl/tests/test-thread_self.c, maint.mk: Update gnulib files.  Drop
	slow test-lock check.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* cfg.mk: Silence autoreconf with a dummy ChangeLog file.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* ChangeLog, ChangeLog.1: Don't store generated ChangeLog in git.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* tests/cert-tests/template-test, tests/pkcs1-padding/pkcs1-pad: Fix
	datefudge checks, for when datefudge is missing.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* src/Makefile.am: Only rebuild autogen sources if the real input
	file is modified.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* doc/Makefile.am, doc/manpages/Makefile.am,
	tests/cert-tests/Makefile.am: Fix distcheck.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* tests/pkcs1-padding/pkcs1-pad, tests/suite/testcompat: Fix
	datefudge checks.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/Makefile.am: Generated.

2012-01-25  Simon Josefsson <simon@josefsson.org>

	* tests/cert-tests/template-test: Improve datefudge check.  Fix
	builddir != srcdir.

2012-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2012-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/gnutls.h.in: corrected prototypes.

2012-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/m4/libopts.m4: generate libopts makefile outside the
	conditional.

2012-01-24  Patrick Pelletier <code@funwithsoftware.org>

	* doc/cha-internals.texi, extra/includes/gnutls/openssl.h,
	lib/accelerated/x86/hmac-padlock.c, lib/crypto-backend.h,
	lib/gnutls_int.h, lib/includes/gnutls/gnutls.h.in,
	lib/nettle/cipher.c, lib/nettle/init.c, lib/nettle/mac.c: Fix up
	some typos and obsolete comments Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2012-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-programs.texi, lib/gnutls_priority.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/common.c: 
	Added functions to allow quering a priority structure.  That is to
	allow more information being extracted than only the ciphersuites.  gnutls_priority_certificate_type_list: Added
	gnutls_priority_sign_list: Added gnutls_priority_protocol_list:
	Added gnutls_priority_compression_list: Added
	gnutls_priority_ecc_curve_list: Added

2012-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/printlist.c, lib/algorithms/ecc.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/common.c: 
	Allow quering available elliptic curves by adding
	gnutls_ecc_curve_list().

2012-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: updated

2012-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/key-id/key-id: it seems libopts does not want completely
	empty templates.

2012-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi: correct typo

2012-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c, src/common.c: Do not print the same things twice.

2012-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: libcfg is no longer required.

2012-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi: updated
	interoperability and priority strings sections.

2012-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: Added more text on interoperability

2012-01-24  Simon Josefsson <simon@josefsson.org>

	* Makefile.am, src/Makefile.am: Fix make dist.

2012-01-24  Simon Josefsson <simon@josefsson.org>

	* Makefile.am, configure.ac, libopts/COPYING.gplv3,
	libopts/COPYING.lgplv3, libopts/COPYING.mbsd, libopts/MakeDefs.inc,
	libopts/Makefile.am, libopts/README, libopts/ag-char-map.h,
	libopts/autoopts.c, libopts/autoopts.h, libopts/autoopts/options.h,
	libopts/autoopts/project.h, libopts/autoopts/usage-txt.h,
	libopts/boolean.c, libopts/check.c, libopts/compat/compat.h,
	libopts/compat/pathfind.c, libopts/compat/snprintf.c,
	libopts/compat/strchr.c, libopts/compat/strdup.c,
	libopts/compat/windows-config.h, libopts/configfile.c,
	libopts/cook.c, libopts/enum.c, libopts/env.c, libopts/file.c,
	libopts/find.c, libopts/genshell.c, libopts/genshell.h,
	libopts/libopts.c, libopts/load.c, libopts/makeshell.c,
	libopts/nested.c, libopts/numeric.c, libopts/parse-duration.c,
	libopts/parse-duration.h, libopts/pgusage.c, libopts/proto.h,
	libopts/putshell.c, libopts/reset.c, libopts/restore.c,
	libopts/save.c, libopts/sort.c, libopts/stack.c,
	libopts/streqvcmp.c, libopts/text_mmap.c, libopts/time.c,
	libopts/tokenize.c, libopts/usage.c, libopts/value-type.c,
	libopts/value-type.h, libopts/version.c, libopts/xat-attribute.c,
	libopts/xat-attribute.h, m4/libopts.m4, m4/liboptschk.m4,
	src/Makefile.am, src/cli-gaa.c, src/cli-gaa.h,
	src/libopts/COPYING.gplv3, src/libopts/COPYING.lgplv3,
	src/libopts/COPYING.mbsd, src/libopts/MakeDefs.inc,
	src/libopts/Makefile.am, src/libopts/README,
	src/libopts/ag-char-map.h, src/libopts/autoopts.c,
	src/libopts/autoopts.h, src/libopts/autoopts/options.h,
	src/libopts/autoopts/project.h, src/libopts/autoopts/usage-txt.h,
	src/libopts/boolean.c, src/libopts/check.c,
	src/libopts/compat/compat.h, src/libopts/compat/pathfind.c,
	src/libopts/compat/snprintf.c, src/libopts/compat/strchr.c,
	src/libopts/compat/strdup.c, src/libopts/compat/windows-config.h,
	src/libopts/configfile.c, src/libopts/cook.c, src/libopts/enum.c,
	src/libopts/env.c, src/libopts/file.c, src/libopts/find.c,
	src/libopts/genshell.c, src/libopts/genshell.h,
	src/libopts/libopts.c, src/libopts/load.c,
	src/libopts/m4/libopts.m4, src/libopts/m4/liboptschk.m4,
	src/libopts/makeshell.c, src/libopts/nested.c,
	src/libopts/numeric.c, src/libopts/parse-duration.c,
	src/libopts/parse-duration.h, src/libopts/pgusage.c,
	src/libopts/proto.h, src/libopts/putshell.c, src/libopts/reset.c,
	src/libopts/restore.c, src/libopts/save.c, src/libopts/sort.c,
	src/libopts/stack.c, src/libopts/streqvcmp.c,
	src/libopts/text_mmap.c, src/libopts/time.c,
	src/libopts/tokenize.c, src/libopts/usage.c,
	src/libopts/value-type.c, src/libopts/value-type.h,
	src/libopts/version.c, src/libopts/xat-attribute.c,
	src/libopts/xat-attribute.h, src/srptool-gaa.c, src/srptool-gaa.h: 
	Move libopts/ to src/libopts/.  Drop gaa remains.

2012-01-24  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/Makefile.am, lib/includes/gnutls/gnutls.h.in,
	lib/includes/gnutls/x509.h, lib/x509/crl.c: Doc fixes.

2012-01-24  Simon Josefsson <simon@josefsson.org>

	* configure.ac: Drop src/cfg/ stuff.

2012-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/psk-args.def.in: corrected typo

2012-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, configure.ac, doc/manpages/Makefile.am,
	src/Makefile.am, src/ocsptool-args.def.in, src/ocsptool.c,
	src/ocsptool.gaa: ocsptool uses libopts

2012-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/p11tool-args.def.in, src/p11tool.c: updated inder and inraw
	commands.

2012-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.def.in, src/cli-args.def.in,
	src/cli-debug-args.def.in, src/p11tool-args.def.in,
	src/psk-args.def.in, src/serv-args.def.in, src/srptool-args.def.in: 
	the short version of --help is -h.

2012-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-cert-auth2.texi, lib/includes/gnutls/pkcs11.h,
	lib/libgnutls.map, lib/pkcs11.c: Added gnutls_pkcs11_reinit().

2012-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-cfg.c: corrected token parsing.

2012-01-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-cfg.c: READ_MULTI_LINE_TOKENIZED was corrected to
	account the whole string.

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/TODO: updated

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_priority.c: Updated SUITEB requirements according
	to rfc6460.

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, src/Makefile.am, src/certtool-cfg.c,
	src/cfg/Makefile.am, src/cfg/README, src/cfg/cfg+.c,
	src/cfg/cfg+.h, src/cfg/cfgfile.c, src/cfg/cfgfile.h,
	src/cfg/cmdline.c, src/cfg/cmdline.h, src/cfg/parse.c,
	src/cfg/platon/Makefile.am, src/cfg/platon/str/Makefile.am,
	src/cfg/platon/str/dynfgets.c, src/cfg/platon/str/dynfgets.h,
	src/cfg/platon/str/strctype.c, src/cfg/platon/str/strctype.h,
	src/cfg/platon/str/strdyn.c, src/cfg/platon/str/strdyn.h,
	src/cfg/platon/str/strplus.c, src/cfg/platon/str/strplus.h,
	src/cfg/props.c, src/cfg/shared.c, src/cfg/shared.h,
	tests/cert-tests/Makefile.am, tests/cert-tests/template-test,
	tests/cert-tests/template-test.key,
	tests/cert-tests/template-test.pem,
	tests/cert-tests/template-test.tmpl: Certtool completely relies on
	libopts. As a side-effect the syntax of dn_oid and key_purpose_oids
	has changed.

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: check for --inraw  and --outraw.

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/certtool.1: removed certtool.1.

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/p11tool.c, src/p11tool.h: No need for action enumerations.

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, doc/manpages/Makefile.am, src/Makefile.am,
	src/certtool-args.def.in, src/certtool-common.h,
	src/certtool-gaa.c, src/certtool-gaa.h, src/certtool.c,
	src/certtool.gaa, src/p11tool-args.def.in: certtool uses libopts for
	command line parsing.

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: enums.texi is not run multiple times. Suggested
	by Eli Zaretskii.

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/cli-args.def.in, src/cli-debug-args.def.in,
	src/p11tool-args.def.in, src/psk-args.def.in, src/serv-args.def.in,
	src/srptool-args.def.in: updated docs

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/p11tool-args.def.in, src/p11tool.c: p11tool parses arguments
	are before (with gaa).

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/cli-args.def.in, src/cli-debug-args.def.in,
	src/cli.c, src/p11tool-args.def.in, src/p11tool.c,
	src/psk-args.def.in, src/serv-args.def.in, src/serv.c,
	src/srptool-args.def.in: corrected command line parsing issues.

2012-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/crl.c, lib/x509/x509.c: Added Since

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: disable parallel builds.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/gdoc: Do not allow space between section name and ':'.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/gnutls.bib, doc/latex/gnutls.tex: updated bibliography
	and changed style.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/p11tool-gaa.c, src/p11tool-gaa.h, src/p11tool.gaa: removed old
	files.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/gnutls-guile.texi: removed references to IA

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/p11tool-args.def.in, src/p11tool.c: updated p11tool def.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, configure.ac, doc/manpages/Makefile.am,
	doc/manpages/p11tool.1, src/Makefile.am, src/cli-args.def.in,
	src/cli-debug-args.def.in, src/p11tool-args.def.in, src/p11tool.c,
	src/psk-args.def.in, src/serv-args.def.in, src/srptool-args.def.in: 
	p11tool uses libopts

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli-args.def.in, src/serv-args.def.in: keyfile and certfile
	types were changed to string, to allow for PKCS #11 urls

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, doc/fdl-1.3.texi: replaced smallexample
	with example.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, src/cli-args.c, src/cli-args.h, src/cli-debug-args.c,
	src/cli-debug-args.h, src/psk-args.c, src/psk-args.h,
	src/serv-args.c, src/serv-args.h, src/srptool-args.c,
	src/srptool-args.h: Removed all auto-generated files.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/output.c, tests/cert-tests/aki-cert.pem: corrected AKI
	test.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: corrected typo

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, README-alpha, doc/manpages/gnutls-cli-debug.1,
	doc/manpages/gnutls-serv.1, doc/manpages/psktool.1,
	doc/manpages/srptool.1: Do not store auto-generated manpages to git.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/ca-no-pathlen.pem,
	tests/cert-tests/no-ca-or-pathlen.pem: uploaded for new legacy sec
	level

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, doc/manpages/gnutls-cli-debug.1,
	doc/manpages/gnutls-serv.1, doc/manpages/psktool.1,
	doc/manpages/srptool.1, src/cli-args.c, src/cli-args.h,
	src/cli-debug-args.c, src/cli-debug-args.h, src/psk-args.c,
	src/psk-args.h, src/serv-args.c, src/serv-args.h,
	src/srptool-args.c, src/srptool-args.h: Added missing files.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, lib/gnutls_errors.c,
	lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/x509.h,
	lib/x509/crl.c, lib/x509/output.c, lib/x509/x509.c,
	tests/Makefile.am, tests/cert-tests/Makefile.am,
	tests/cert-tests/aki, tests/cert-tests/aki-cert.pem,
	tests/cert-tests/ca-no-pathlen.pem,
	tests/cert-tests/no-ca-or-pathlen.pem, tests/cert-tests/pathlen,
	tests/pathlen/Makefile.am, tests/pathlen/ca-no-pathlen.pem,
	tests/pathlen/no-ca-or-pathlen.pem, tests/pathlen/pathlen: Added
	functions to parse authority key identifiers when stored as a
	'general name' and serial combo.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509.c: Corrected bug in _gnutls_parse_aia()

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli-args.c, src/cli-args.def.in, src/cli-args.h,
	src/serv-args.c, src/serv-args.def.in, src/serv-args.h, src/serv.c,
	src/srptool-args.c, src/srptool-args.def.in, src/srptool-args.h: 
	updated parameter parsing.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv-gaa.c, src/serv-gaa.h, src/serv.gaa: removed serv gaa
	files

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/gnutls-cli-debug.1, doc/manpages/psktool.1,
	doc/manpages/srptool.1, src/cli-args.c, src/cli-args.h,
	src/srptool-args.c, src/srptool-args.h: updates.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, configure.ac, doc/manpages/Makefile.am,
	doc/manpages/gnutls-serv.1, src/Makefile.am, src/serv-args.c,
	src/serv-args.def.in, src/serv-args.h, src/serv.c: gnutls-serv uses
	libopts.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-ocsp-client.c, doc/examples/ex-ocsp-verify.c,
	lib/x509/ocsp.c, lib/x509/ocsp_output.c, src/ocsptool.c: sign fixes.

2012-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/includes/gnutls/gnutls.h.in: Documented updates.

2012-01-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, lib/algorithms/secparams.c,
	lib/includes/gnutls/gnutls.h.in, tests/slow/keygen.c: Added new
	security level "legacy" for 96-bit security.

2012-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, configure.ac, doc/manpages/Makefile.am,
	doc/manpages/gnutls-cli-debug.1, doc/manpages/psktool.1,
	doc/manpages/srptool.1, src/Makefile.am, src/cli-args.c,
	src/cli-args.h, src/psk-args.def.in, src/psk-gaa.c, src/psk-gaa.h,
	src/psk.c, src/psk.gaa, src/srptool-args.c, src/srptool-args.h: 
	psktool also uses libopt.

2012-01-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, Makefile.am, configure.ac, doc/manpages/Makefile.am,
	doc/manpages/gnutls-cli.1, doc/manpages/srptool.1,
	libopts/COPYING.gplv3, libopts/COPYING.lgplv3,
	libopts/COPYING.mbsd, libopts/MakeDefs.inc, libopts/Makefile.am,
	libopts/README, libopts/ag-char-map.h, libopts/autoopts.c,
	libopts/autoopts.h, libopts/autoopts/options.h,
	libopts/autoopts/project.h, libopts/autoopts/usage-txt.h,
	libopts/boolean.c, libopts/check.c, libopts/compat/compat.h,
	libopts/compat/pathfind.c, libopts/compat/snprintf.c,
	libopts/compat/strchr.c, libopts/compat/strdup.c,
	libopts/compat/windows-config.h, libopts/configfile.c,
	libopts/cook.c, libopts/enum.c, libopts/env.c, libopts/file.c,
	libopts/find.c, libopts/genshell.c, libopts/genshell.h,
	libopts/libopts.c, libopts/load.c, libopts/makeshell.c,
	libopts/nested.c, libopts/numeric.c, libopts/parse-duration.c,
	libopts/parse-duration.h, libopts/pgusage.c, libopts/proto.h,
	libopts/putshell.c, libopts/reset.c, libopts/restore.c,
	libopts/save.c, libopts/sort.c, libopts/stack.c,
	libopts/streqvcmp.c, libopts/text_mmap.c, libopts/time.c,
	libopts/tokenize.c, libopts/usage.c, libopts/value-type.c,
	libopts/value-type.h, libopts/version.c, libopts/xat-attribute.c,
	libopts/xat-attribute.h, m4/libopts.m4, m4/liboptschk.m4,
	src/Makefile.am, src/cli-args.c, src/cli-args.def.in,
	src/cli-args.h, src/cli-debug-args.def.in, src/cli.c, src/cli.gaa,
	src/common.h, src/srptool-args.c, src/srptool-args.def.in,
	src/srptool-args.h, src/srptool.c, src/srptool.gaa,
	src/tls_test-gaa.c, src/tls_test-gaa.h, src/tls_test.c,
	src/tls_test.gaa: gnutls-cli, gnutls-cli-debug and srptool use
	libopts.

2012-01-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c: If peer doesn't send any issuers and we have a
	single certificate then send that one.

2012-01-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, doc/examples/ex-client-psk.c,
	doc/examples/ex-pkcs11-list.c, doc/examples/ex-pkcs12.c,
	doc/examples/ex-serv-anon.c, doc/examples/ex-serv-pgp.c,
	doc/examples/ex-serv-psk.c, doc/examples/ex-serv-srp.c,
	doc/examples/ex-serv-x509.c, doc/examples/tcp.c,
	lib/abstract_int.h, lib/accelerated/cryptodev.c, lib/algorithms.h,
	lib/algorithms/ciphersuites.c, lib/algorithms/secparams.c,
	lib/auth/anon.c, lib/auth/anon_ecdh.c, lib/auth/cert.c,
	lib/auth/cert.h, lib/auth/dh_common.c, lib/auth/dh_common.h,
	lib/auth/dhe.c, lib/auth/dhe_psk.c, lib/auth/ecdh_common.c,
	lib/auth/ecdh_common.h, lib/auth/psk.c, lib/auth/psk_passwd.c,
	lib/auth/rsa.c, lib/auth/rsa_export.c, lib/auth/srp.c,
	lib/auth/srp.h, lib/auth/srp_passwd.c, lib/auth/srp_passwd.h,
	lib/auth/srp_rsa.c, lib/auth/srp_sb64.c, lib/ext/cert_type.c,
	lib/ext/ecc.c, lib/ext/ecc.h, lib/ext/max_record.c,
	lib/ext/safe_renegotiation.c, lib/ext/server_name.c,
	lib/ext/server_name.h, lib/ext/session_ticket.c,
	lib/ext/signature.c, lib/ext/signature.h, lib/ext/srp.c,
	lib/extras/randomart.c, lib/gnutls_auth.h, lib/gnutls_buffers.c,
	lib/gnutls_buffers.h, lib/gnutls_cipher.c, lib/gnutls_cipher.h,
	lib/gnutls_cipher_int.h, lib/gnutls_compress.c,
	lib/gnutls_compress.h, lib/gnutls_constate.c, lib/gnutls_datum.c,
	lib/gnutls_datum.h, lib/gnutls_dh_primes.c, lib/gnutls_dtls.c,
	lib/gnutls_ecc.c, lib/gnutls_ecc.h, lib/gnutls_extensions.c,
	lib/gnutls_extensions.h, lib/gnutls_handshake.c,
	lib/gnutls_handshake.h, lib/gnutls_hash_int.c,
	lib/gnutls_hash_int.h, lib/gnutls_int.h, lib/gnutls_kx.c,
	lib/gnutls_mbuffers.c, lib/gnutls_mpi.c, lib/gnutls_num.c,
	lib/gnutls_num.h, lib/gnutls_pcert.c, lib/gnutls_pk.c,
	lib/gnutls_psk.c, lib/gnutls_pubkey.c, lib/gnutls_record.c,
	lib/gnutls_record.h, lib/gnutls_session.c,
	lib/gnutls_session_pack.c, lib/gnutls_sig.c, lib/gnutls_sig.h,
	lib/gnutls_srp.c, lib/gnutls_srp.h, lib/gnutls_state.c,
	lib/gnutls_state.h, lib/gnutls_str.c, lib/gnutls_str.h,
	lib/gnutls_str_array.h, lib/gnutls_supplemental.c, lib/gnutls_ui.c,
	lib/gnutls_v2_compat.c, lib/gnutls_v2_compat.h, lib/gnutls_x509.c,
	lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/pkcs11.h,
	lib/includes/gnutls/x509.h, lib/nettle/cipher.c, lib/nettle/egd.c,
	lib/nettle/mpi.c, lib/nettle/pk.c, lib/nettle/rnd.c,
	lib/opencdk/context.h, lib/opencdk/filters.h, lib/opencdk/kbnode.c,
	lib/opencdk/main.h, lib/opencdk/stream.c, lib/opencdk/stream.h,
	lib/opencdk/write-packet.c, lib/openpgp/extras.c,
	lib/openpgp/gnutls_openpgp.c, lib/openpgp/gnutls_openpgp.h,
	lib/openpgp/output.c, lib/openpgp/pgp.c, lib/openpgp/privkey.c,
	lib/pkcs11.c, lib/pkcs11_int.h, lib/pkcs11_secret.c,
	lib/pkcs11_write.c, lib/x509/common.c, lib/x509/common.h,
	lib/x509/crl.c, lib/x509/crl_write.c, lib/x509/crq.c,
	lib/x509/dn.c, lib/x509/extensions.c, lib/x509/key_decode.c,
	lib/x509/key_encode.c, lib/x509/mpi.c, lib/x509/output.c,
	lib/x509/pbkdf2-sha1.c, lib/x509/pbkdf2-sha1.h, lib/x509/pkcs12.c,
	lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c, lib/x509/privkey.c,
	lib/x509/privkey_pkcs8.c, lib/x509/sign.c, lib/x509/verify-high.c,
	lib/x509/verify.c, lib/x509/x509.c, lib/x509/x509_int.h,
	lib/x509/x509_write.c, lib/x509_b64.c, lib/x509_b64.h,
	src/benchmark-tls.c, src/certtool-common.c, src/certtool.c,
	src/cli.c, src/common.c, src/crywrap/crywrap.c, src/dh.c,
	src/pkcs11.c, src/serv.c, src/srptool.c, tests/anonself.c,
	tests/certificate_set_x509_crl.c, tests/chainverify.c,
	tests/cve-2008-4989.c, tests/cve-2009-1415.c, tests/dhepskself.c,
	tests/dn.c, tests/dn2.c, tests/gc.c, tests/hostname-check.c,
	tests/infoaccess.c, tests/mini-deflate.c, tests/mini-eagain-dtls.c,
	tests/mini-eagain.c, tests/mini.c, tests/moredn.c,
	tests/nul-in-x509-names.c, tests/openpgp-auth.c,
	tests/openpgp-auth2.c, tests/openpgpself.c, tests/parse_ca.c,
	tests/pkcs12_encode.c, tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c,
	tests/pskself.c, tests/resume.c, tests/rsa-encrypt-decrypt.c,
	tests/slow/cipher-test.c, tests/utils.c, tests/utils.h,
	tests/x509_altname.c, tests/x509cert.c, tests/x509dn.c,
	tests/x509self.c, tests/x509sign-verify.c: Fixed signed/unsigned
	warnings.  Dropped opaque type (replaced with uint8_t)

2012-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c, lib/gnutls_handshake.c,
	lib/gnutls_handshake.h, lib/gnutls_int.h, lib/gnutls_state.c,
	lib/gnutls_state.h, lib/gnutls_v2_compat.c, lib/gnutls_v2_compat.h,
	lib/opencdk/misc.c, lib/x509/common.c, lib/x509/crl.c,
	lib/x509/privkey_pkcs8.c, lib/x509/x509.c, lib/x509_b64.c: Modulo
	operations are only occuring on unsigned integers.

2012-01-20  Ludovic Courtès <ludo@gnu.org>

	* cfg.mk, guile/modules/gnutls/build/priorities.scm,
	guile/src/core.c: guile: Don't cast return value of `alloca'.

2012-01-20  Ludovic Courtès <ludo@gnu.org>

	* guile/modules/gnutls.in, guile/modules/gnutls/build/enums.scm: 
	guile: Update the list of error codes.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* po/cs.po.in, po/de.po.in, po/fr.po.in, po/it.po.in, po/ms.po.in,
	po/nl.po.in, po/pl.po.in, po/sv.po.in, po/uk.po.in, po/zh_CN.po.in: 
	Sync with TP.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* cfg.mk: Ignore assembler code.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* doc/latex/cover-epub.tex, doc/latex/cover.tex,
	doc/scripts/Makefile.am, doc/scripts/getfuncs.pl,
	doc/scripts/mytexi2latex, doc/scripts/sort1.pl,
	doc/scripts/sort2.pl, doc/scripts/split-texi.pl,
	doc/scripts/split.pl, lib/gnutls_dtls.c, lib/gnutls_mbuffers.c,
	lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/pkcs11.c,
	lib/pkcs11_privkey.c, lib/pkcs11_secret.c, lib/pkcs11_write.c,
	lib/x509/verify.c, tests/openpgp-auth.c, tests/openpgp-auth2.c,
	tests/scripts/common.sh: Add/fix copyright headers.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* cfg.mk: Add rules to generate clang analysis.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* build-aux/gendocs.sh, doc/gendocs_template, gl/Makefile.am,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/stdlib_h.m4,
	gl/stdlib.in.h, gl/sys_stat.in.h, gl/tests/fcntl.in.h,
	gl/unistd.in.h: Update gnulib files.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* ChangeLog: Generated.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* NEWS, configure.ac: Version 3.0.12.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* cfg.mk, po/POTFILES.in: Fix syntax-check rules.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* .gitignore, NEWS, configure.ac, doc/Makefile.am,
	doc/cha-bib.texi, doc/cha-cert-auth2.texi, doc/cha-functions.texi,
	doc/cha-gtls-examples.texi, doc/examples/Makefile.am,
	doc/examples/ex-ocsp-client.c, doc/examples/ex-ocsp-verify.c,
	doc/manpages/Makefile.am, doc/reference/gnutls-docs.sgml,
	lib/includes/Makefile.am, lib/includes/gnutls/ocsp.h,
	lib/libgnutls.map, lib/pkix.asn, lib/pkix_asn1_tab.c,
	lib/x509/Makefile.am, lib/x509/ocsp.c, lib/x509/ocsp_output.c,
	m4/hooks.m4, src/Makefile.am, src/ocsptool-common.h,
	src/ocsptool.c, src/ocsptool.gaa, tests/Makefile.am, tests/ocsp.c: 
	Add OCSP functionality.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* lib/x509/verify-high.c, lib/x509/verify-high.h: Fix semantics of
	(unused) _gnutls_trustlist_inlist.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/Makefile.am: Bump copyright year on manpages.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* lib/x509/x509.c: Fix mem leak.

2012-01-20  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/Makefile.am: Cosmetic improvement of build output.

2012-01-19  Simon Josefsson <simon@josefsson.org>

	* guile/tests/Makefile.am: Print detailed guile warnings (for
	obsolete functions).

2012-01-18  Simon Josefsson <simon@josefsson.org>

	* doc/Makefile.am: Fix doc/enums/ generation to work with 'make
	distcheck'.

2012-01-18  Simon Josefsson <simon@josefsson.org>

	* guile/pre-inst-guile.in: Fix builddir != srcdir builds.

2012-01-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: doc fix

2012-01-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_errors.c, lib/gnutls_priority.c, src/cli.c: 
	GNUTLS_E_NO_PRIORITIES_WERE_SET is also returned by
	gnutls_priority_set_* This allows to warn when an incomplete set of
	priorities is specified.  Reported by Yaroslav Stavnichiy.

2012-01-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_errors.c, lib/gnutls_handshake.c,
	lib/includes/gnutls/gnutls.h.in: introduced
	GNUTLS_E_NO_PRIORITIES_WERE_SET.

2012-01-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, doc/texinfo.css: more documentation
	updates.

2012-01-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-internals.texi: added more information to internals''

2012-01-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/printlist.c: better print supported algorithms.

2012-01-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-client-x509.c: Added
	gnutls_certificate_set_x509_key_file in a comment.

2012-01-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-pkcs11-list.c, doc/examples/print-ciphersuites.c: 
	added boilerplate

2012-01-17  Ludovic Courtès <ludo@gnu.org>

	* guile/pre-inst-guile.in: Fix $(srcdir) != $(builddir) for Guile.  Now that modules/gnutls.scm is generated, $(builddir) must be in the
	search path.

2012-01-16  Simon Josefsson <simon@josefsson.org>

	* tests/ecdsa/ecdsa: Fix srcdir != builddir builds.  Tiny patch from Elias Pipping <pipping@lavabit.com>.

2012-01-16  Simon Josefsson <simon@josefsson.org>

	* lib/includes/gnutls/gnutls.h.in, lib/nettle/ecc_mulmod.c: GTK-DOC
	fixes.

2012-01-16  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/Makefile.am: Generated.

2012-01-16  Simon Josefsson <simon@josefsson.org>

	* doc/cha-programs.texi: Fix sc_space_tab syntax-check nit.

2012-01-16  Simon Josefsson <simon@josefsson.org>

	* .clcopying, AUTHORS, cfg.mk, doc/Makefile.am,
	doc/alert-printlist.c, doc/credentials/Makefile.am, doc/errcodes.c,
	doc/examples/Makefile.am, doc/extract-guile-c-doc.scm,
	doc/fdl-1.3.texi, doc/gpl-3.0.texi, doc/lgpl-2.1.texi,
	doc/printlist.c, extra/Makefile.am, extra/gnutls_openssl.c,
	extra/includes/Makefile.am, extra/includes/gnutls/openssl.h,
	extra/openssl_compat.c, extra/openssl_compat.h, guile/Makefile.am,
	guile/modules/Makefile.am, guile/modules/gnutls.in,
	guile/modules/gnutls/build/enums.scm,
	guile/modules/gnutls/build/priorities.scm,
	guile/modules/gnutls/build/smobs.scm,
	guile/modules/gnutls/build/utils.scm,
	guile/modules/gnutls/extra.scm,
	guile/modules/system/documentation/c-snarf.scm,
	guile/modules/system/documentation/output.scm,
	guile/pre-inst-guile.in, guile/src/errors.c, guile/src/utils.c,
	guile/tests/anonymous-auth.scm, guile/tests/errors.scm,
	guile/tests/openpgp-auth.scm, guile/tests/openpgp-keyring.scm,
	guile/tests/openpgp-keys.scm, guile/tests/pkcs-import-export.scm,
	guile/tests/session-record-port.scm, guile/tests/srp-base64.scm,
	guile/tests/x509-auth.scm, guile/tests/x509-certificates.scm,
	lib/auth/anon.c, lib/auth/anon_ecdh.c, lib/auth/dh_common.c,
	lib/auth/dhe.c, lib/auth/dhe_psk.c, lib/auth/psk.c,
	lib/auth/psk_passwd.c, lib/auth/rsa.c, lib/auth/rsa_export.c,
	lib/auth/srp_passwd.c, lib/auth/srp_rsa.c, lib/auth/srp_sb64.c: 
	Collapse and cleanup copyright information.

2012-01-16  Simon Josefsson <simon@josefsson.org>

	* .clcopying, AUTHORS, ChangeLog, ChangeLog.1, Makefile.am, NEWS,
	README, README-alpha, THANKS, configure.ac, doc/Makefile.am,
	doc/alert-printlist.c, doc/credentials/Makefile.am,
	doc/cyclo/Makefile.am, doc/errcodes.c, doc/examples/Makefile.am,
	doc/extract-guile-c-doc.scm, doc/fdl-1.3.texi,
	doc/gnutls-guile.texi, doc/gnutls.texi, doc/gpl-3.0.texi,
	doc/lgpl-2.1.texi, doc/manpages/Makefile.am, doc/printlist.c,
	extra/Makefile.am, extra/gnutls_openssl.c,
	extra/includes/Makefile.am, extra/includes/gnutls/openssl.h,
	extra/openssl_compat.c, extra/openssl_compat.h, guile/Makefile.am,
	guile/modules/Makefile.am, guile/modules/gnutls.in,
	guile/modules/gnutls/build/enums.scm,
	guile/modules/gnutls/build/priorities.scm,
	guile/modules/gnutls/build/smobs.scm,
	guile/modules/gnutls/build/tests.scm,
	guile/modules/gnutls/build/utils.scm,
	guile/modules/gnutls/extra.scm,
	guile/modules/system/documentation/c-snarf.scm,
	guile/modules/system/documentation/output.scm,
	guile/pre-inst-guile.in, guile/src/Makefile.am, guile/src/core.c,
	guile/src/errors.c, guile/src/errors.h,
	guile/src/make-enum-header.scm, guile/src/make-enum-map.scm,
	guile/src/make-session-priorities.scm,
	guile/src/make-smob-header.scm, guile/src/make-smob-types.scm,
	guile/src/utils.c, guile/src/utils.h, guile/tests/Makefile.am,
	guile/tests/anonymous-auth.scm, guile/tests/errors.scm,
	guile/tests/openpgp-auth.scm, guile/tests/openpgp-keyring.scm,
	guile/tests/openpgp-keys.scm, guile/tests/pkcs-import-export.scm,
	guile/tests/priorities.scm, guile/tests/session-record-port.scm,
	guile/tests/srp-base64.scm, guile/tests/x509-auth.scm,
	guile/tests/x509-certificates.scm, lib/Makefile.am,
	lib/accelerated/Makefile.am, lib/accelerated/accelerated.c,
	lib/accelerated/cryptodev.c, lib/accelerated/x86/Makefile.am,
	lib/accelerated/x86/aes-gcm-padlock.c,
	lib/accelerated/x86/aes-gcm-x86.c,
	lib/accelerated/x86/aes-padlock.c, lib/accelerated/x86/aes-x86.c,
	lib/accelerated/x86/asm-coff/cpuid-x86-64-coff.s,
	lib/accelerated/x86/asm-coff/cpuid-x86-coff.s,
	lib/accelerated/x86/asm/cpuid-x86-64.s,
	lib/accelerated/x86/asm/cpuid-x86.s,
	lib/accelerated/x86/hmac-padlock.c,
	lib/accelerated/x86/sha-padlock.c, lib/accelerated/x86/x86.h,
	lib/algorithms.h, lib/algorithms/Makefile.am,
	lib/algorithms/cert_types.c, lib/algorithms/ciphers.c,
	lib/algorithms/ciphersuites.c, lib/algorithms/ecc.c,
	lib/algorithms/kx.c, lib/algorithms/mac.c,
	lib/algorithms/protocols.c, lib/algorithms/publickey.c,
	lib/algorithms/secparams.c, lib/algorithms/sign.c,
	lib/auth/Makefile.am, lib/auth/anon.c, lib/auth/anon.h,
	lib/auth/anon_ecdh.c, lib/auth/cert.c, lib/auth/cert.h,
	lib/auth/dh_common.c, lib/auth/dh_common.h, lib/auth/dhe.c,
	lib/auth/dhe_psk.c, lib/auth/ecdh_common.c, lib/auth/ecdh_common.h,
	lib/auth/psk.c, lib/auth/psk.h, lib/auth/psk_passwd.c,
	lib/auth/psk_passwd.h, lib/auth/rsa.c, lib/auth/rsa_export.c,
	lib/auth/srp.c, lib/auth/srp.h, lib/auth/srp_passwd.c,
	lib/auth/srp_passwd.h, lib/auth/srp_rsa.c, lib/auth/srp_sb64.c,
	lib/crypto-api.c, lib/crypto-backend.c, lib/crypto-backend.h,
	lib/crypto.h, lib/debug.c, lib/debug.h, lib/ext/Makefile.am,
	lib/ext/cert_type.c, lib/ext/cert_type.h, lib/ext/ecc.c,
	lib/ext/ecc.h, lib/ext/max_record.c, lib/ext/max_record.h,
	lib/ext/safe_renegotiation.c, lib/ext/safe_renegotiation.h,
	lib/ext/server_name.c, lib/ext/server_name.h,
	lib/ext/session_ticket.c, lib/ext/session_ticket.h,
	lib/ext/signature.c, lib/ext/signature.h, lib/ext/srp.c,
	lib/ext/srp.h, lib/extras/Makefile.am, lib/gnutls.pc.in,
	lib/gnutls_alert.c, lib/gnutls_anon_cred.c, lib/gnutls_auth.c,
	lib/gnutls_auth.h, lib/gnutls_buffers.c, lib/gnutls_buffers.h,
	lib/gnutls_cert.c, lib/gnutls_cipher.c, lib/gnutls_cipher.h,
	lib/gnutls_cipher_int.c, lib/gnutls_cipher_int.h,
	lib/gnutls_compress.c, lib/gnutls_compress.h,
	lib/gnutls_constate.c, lib/gnutls_constate.h, lib/gnutls_datum.c,
	lib/gnutls_datum.h, lib/gnutls_db.c, lib/gnutls_db.h,
	lib/gnutls_dh.c, lib/gnutls_dh.h, lib/gnutls_dh_primes.c,
	lib/gnutls_dtls.h, lib/gnutls_ecc.c, lib/gnutls_errors.c,
	lib/gnutls_errors.h, lib/gnutls_extensions.c,
	lib/gnutls_extensions.h, lib/gnutls_global.c, lib/gnutls_global.h,
	lib/gnutls_handshake.c, lib/gnutls_handshake.h,
	lib/gnutls_hash_int.c, lib/gnutls_hash_int.h, lib/gnutls_helper.c,
	lib/gnutls_int.h, lib/gnutls_kx.c, lib/gnutls_kx.h,
	lib/gnutls_mbuffers.h, lib/gnutls_mem.c, lib/gnutls_mem.h,
	lib/gnutls_mpi.c, lib/gnutls_mpi.h, lib/gnutls_num.c,
	lib/gnutls_num.h, lib/gnutls_pcert.c, lib/gnutls_pk.h,
	lib/gnutls_priority.c, lib/gnutls_psk.c, lib/gnutls_record.c,
	lib/gnutls_record.h, lib/gnutls_rsa_export.c,
	lib/gnutls_rsa_export.h, lib/gnutls_session.c,
	lib/gnutls_session_pack.c, lib/gnutls_session_pack.h,
	lib/gnutls_sig.c, lib/gnutls_sig.h, lib/gnutls_srp.c,
	lib/gnutls_srp.h, lib/gnutls_state.h, lib/gnutls_str.c,
	lib/gnutls_str.h, lib/gnutls_str_array.h,
	lib/gnutls_supplemental.c, lib/gnutls_supplemental.h,
	lib/gnutls_ui.c, lib/gnutls_v2_compat.c, lib/gnutls_v2_compat.h,
	lib/gnutls_x509.c, lib/gnutls_x509.h, lib/hash.c,
	lib/includes/Makefile.am, lib/includes/gnutls/abstract.h,
	lib/includes/gnutls/compat.h, lib/includes/gnutls/crypto.h,
	lib/includes/gnutls/dtls.h, lib/includes/gnutls/gnutlsxx.h,
	lib/includes/gnutls/openpgp.h, lib/includes/gnutls/pkcs11.h,
	lib/includes/gnutls/pkcs12.h, lib/includes/gnutls/x509.h,
	lib/libgnutls.map, lib/libgnutlsxx.map, lib/locks.c,
	lib/minitasn1/Makefile.am, lib/minitasn1/coding.c,
	lib/minitasn1/decoding.c, lib/minitasn1/element.c,
	lib/minitasn1/element.h, lib/minitasn1/errors.c,
	lib/minitasn1/gstr.c, lib/minitasn1/gstr.h, lib/minitasn1/int.h,
	lib/minitasn1/libtasn1.h, lib/minitasn1/parser_aux.c,
	lib/minitasn1/parser_aux.h, lib/minitasn1/structure.c,
	lib/minitasn1/structure.h, lib/minitasn1/version.c,
	lib/nettle/Makefile.am, lib/nettle/cipher.c, lib/nettle/ecc_free.c,
	lib/nettle/ecc_make_key.c, lib/nettle/ecc_map.c,
	lib/nettle/ecc_mulmod.c, lib/nettle/ecc_mulmod_timing.c,
	lib/nettle/ecc_points.c, lib/nettle/ecc_projective_add_point.c,
	lib/nettle/ecc_projective_check_point.c,
	lib/nettle/ecc_projective_dbl_point_3.c,
	lib/nettle/ecc_shared_secret.c, lib/nettle/ecc_sign_hash.c,
	lib/nettle/ecc_verify_hash.c, lib/nettle/egd.c, lib/nettle/init.c,
	lib/nettle/mac.c, lib/nettle/mpi.c, lib/nettle/pk.c,
	lib/nettle/rnd.c, lib/opencdk/Makefile.am, lib/opencdk/armor.c,
	lib/opencdk/context.h, lib/opencdk/filters.h, lib/opencdk/hash.c,
	lib/opencdk/kbnode.c, lib/opencdk/keydb.c, lib/opencdk/literal.c,
	lib/opencdk/main.h, lib/opencdk/misc.c, lib/opencdk/new-packet.c,
	lib/opencdk/opencdk.h, lib/opencdk/packet.h, lib/opencdk/pubkey.c,
	lib/opencdk/read-packet.c, lib/opencdk/seskey.c,
	lib/opencdk/sig-check.c, lib/opencdk/stream.c,
	lib/opencdk/stream.h, lib/opencdk/types.h,
	lib/opencdk/write-packet.c, lib/openpgp/Makefile.am,
	lib/openpgp/compat.c, lib/openpgp/extras.c,
	lib/openpgp/gnutls_openpgp.c, lib/openpgp/output.c,
	lib/openpgp/pgp.c, lib/openpgp/pgpverify.c, lib/openpgp/privkey.c,
	lib/random.c, lib/random.h, lib/system.c, lib/system_override.c,
	lib/x509/Makefile.am, lib/x509/common.c, lib/x509/common.h,
	lib/x509/crl.c, lib/x509/crl_write.c, lib/x509/crq.c,
	lib/x509/dn.c, lib/x509/extensions.c, lib/x509/key_decode.c,
	lib/x509/key_encode.c, lib/x509/mpi.c, lib/x509/output.c,
	lib/x509/pbkdf2-sha1.c, lib/x509/pkcs12.c, lib/x509/pkcs12_bag.c,
	lib/x509/pkcs12_encr.c, lib/x509/pkcs7.c, lib/x509/privkey.c,
	lib/x509/privkey_pkcs8.c, lib/x509/rfc2818_hostname.c,
	lib/x509/sign.c, lib/x509/verify-high.c, lib/x509/verify-high.h,
	lib/x509/x509_int.h, lib/x509/x509_write.c, lib/x509_b64.c,
	lib/x509_b64.h, m4/gcc.m4, m4/guile.m4, m4/hooks.m4, po/cs.po.in,
	po/de.po.in, po/fr.po.in, po/it.po.in, po/ms.po.in, po/nl.po.in,
	po/pl.po.in, po/sv.po.in, po/uk.po.in, po/zh_CN.po.in,
	src/Makefile.am, src/benchmark-cipher.c, src/benchmark-tls.c,
	src/benchmark.c, src/certtool-cfg.c, src/certtool-common.c,
	src/certtool.c, src/cli.c, src/common.c, src/crywrap/Makefile.am,
	src/dh.c, src/p11common.c, src/p11tool.c, src/pkcs11.c, src/psk.c,
	src/serv.c, src/srptool.c, src/tests.c, src/tls_test.c,
	src/udp-serv.c, tests/Makefile.am, tests/anonself.c,
	tests/certder.c, tests/certificate_set_x509_crl.c,
	tests/certuniqueid.c, tests/chainverify.c, tests/crq_apis.c,
	tests/crq_key_id.c, tests/cve-2008-4989.c, tests/cve-2009-1415.c,
	tests/cve-2009-1416.c, tests/dhepskself.c, tests/dn.c, tests/dn2.c,
	tests/dsa/Makefile.am, tests/dsa/testdsa, tests/ecdsa/Makefile.am,
	tests/ecdsa/ecdsa, tests/gc.c, tests/hostname-check.c,
	tests/infoaccess.c, tests/init_roundtrip.c,
	tests/key-id/Makefile.am, tests/key-id/README, tests/key-id/key-id,
	tests/mini-deflate.c, tests/mini-eagain-dtls.c,
	tests/mini-eagain.c, tests/mini-x509-rehandshake.c,
	tests/mini-x509.c, tests/mini.c, tests/moredn.c, tests/mpi.c,
	tests/nist-pkits/pkits, tests/nist-pkits/pkits_crl,
	tests/nist-pkits/pkits_crt, tests/nist-pkits/pkits_pkcs12,
	tests/nist-pkits/pkits_smime, tests/nul-in-x509-names.c,
	tests/openpgp-certs/Makefile.am, tests/openpgp-certs/testcerts,
	tests/openpgp-certs/testselfsigs, tests/openpgp-keyring.c,
	tests/openpgpself.c, tests/openssl.c, tests/parse_ca.c,
	tests/pathlen/Makefile.am, tests/pathlen/pathlen,
	tests/pgps2kgnu.c, tests/pkcs1-padding/Makefile.am,
	tests/pkcs1-padding/pkcs1-pad, tests/pkcs12-decode/Makefile.am,
	tests/pkcs12-decode/pkcs12, tests/pkcs12_encode.c,
	tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c,
	tests/pkcs8-decode/Makefile.am, tests/pkcs8-decode/pkcs8,
	tests/pskself.c, tests/resume.c, tests/rfc2253-escape-test,
	tests/rng-fork.c, tests/rsa-encrypt-decrypt.c,
	tests/rsa-md5-collision/Makefile.am,
	tests/rsa-md5-collision/README,
	tests/rsa-md5-collision/rsa-md5-collision,
	tests/safe-renegotiation/Makefile.am,
	tests/safe-renegotiation/srn0.c, tests/safe-renegotiation/srn1.c,
	tests/safe-renegotiation/srn2.c, tests/safe-renegotiation/srn3.c,
	tests/safe-renegotiation/srn4.c, tests/safe-renegotiation/srn5.c,
	tests/scripts/Makefile.am, tests/set_pkcs12_cred.c,
	tests/setcredcrash.c, tests/sha2/Makefile.am, tests/sha2/sha2,
	tests/sha2/sha2-dsa, tests/simple.c, tests/slow/Makefile.am,
	tests/slow/gendh.c, tests/slow/keygen.c, tests/suite/Makefile.am,
	tests/suite/chain, tests/suite/eagain, tests/suite/testcompat,
	tests/suite/testcompat-main, tests/suite/testsrn,
	tests/suppressions.valgrind, tests/userid/Makefile.am,
	tests/userid/userid, tests/userid/userid.pem, tests/utils.c,
	tests/utils.h, tests/x509_altname.c, tests/x509cert-tl.c,
	tests/x509cert.c, tests/x509dn.c, tests/x509self.c,
	tests/x509sign-verify.c: Run 'make update-copyright'.

2012-01-16  Simon Josefsson <simon@josefsson.org>

	* cfg.mk: Ignore pkg.m4.  Copyright fixes.

2012-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_x509.c: improved doc

2012-01-14  Simon Josefsson <simon@josefsson.org>

	* lib/gnutls_pk.c: Fix memory leak.

2012-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-gtls-app.texi,
	doc/cha-intro-tls.texi: properly spread authentication and
	credentials doc.

2012-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: updated text

2012-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk: no longer use texi2html. makeinfo --html has decent
	output.

2012-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/errcodes.c: print numeric error codes everywhere.

2012-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-programs.texi: SECURE256 -> SECURE192

2012-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/alert-printlist.c, doc/scripts/gdoc,
	doc/scripts/split-texi.pl, doc/texinfo.css: updated css for better
	html output.

2012-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/gnutls.h.in: better indent
	gnutls_certificate_set_x509_simple_pkcs12_file to allow them being
	found by doc script.

2012-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/gnutls.texi, doc/scripts/gdoc, doc/scripts/split-texi.pl: 
	caption is set on enumerations in texinfo. Unfortunately they are
	not visible to the pdf output due to a probable bug in texinfo.

2012-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi: Added pkcs12_simple function.

2012-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2012-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/argp-parse.c, gl/inet_ntop.c,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/m4/ld-version-script.m4, gl/m4/printf.m4, gl/m4/stdlib_h.m4,
	gl/m4/usleep.m4, gl/select.c, gl/stdlib.in.h, gl/tests/Makefile.am,
	gl/tests/ignore-value.h, gl/tests/pipe.c, gl/tests/test-init.sh,
	gl/tests/test-usleep.c, gl/usleep.c, maint.mk, src/udp-serv.c: 
	usleep() is no longer used.

2012-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi, doc/errcodes.c: documentation updates

2012-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/gdoc: improved gdoc output for function parameters.

2012-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphers.c, lib/algorithms/mac.c,
	lib/crypto-backend.h, lib/gnutls_cipher_int.c,
	lib/gnutls_cipher_int.h, lib/gnutls_hash_int.c,
	lib/gnutls_hash_int.h, lib/nettle/cipher.c, lib/nettle/mac.c: Only
	list algorithms if they are implemented.

2012-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphers.c: reordered ciphers to place on top the
	most used.

2012-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, doc/cha-gtls-app.texi, doc/cha-gtls-examples.texi,
	doc/cha-programs.texi, doc/examples/Makefile.am,
	doc/examples/print-ciphersuites.c: Documented ways to list the
	enabled ciphersuites.

2012-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: updated

2012-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: documentation update

2012-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_handshake.c, lib/gnutls_int.h,
	lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map: Added gnutls_session_resumption_requested().

2012-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2012-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/ecdh_common.c: avoid allocating a privkey param for the
	public key.

2012-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/ecc_shared_secret.c: corrected issue in ECDH key
	generation.  This issue prevented an ECDH key that was smaller than
	the prime from being correctly aligned.

2012-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_alert.c: better handle alert for
	GNUTLS_E_PREMATURE_TERMINATION

2012-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: do not absorb error message

2012-01-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/nettle/ecc_projective_check_point.c: Eliminated memory
	leak in ecc_projective_check_point().

2012-01-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: updated

2012-01-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/x509.h, lib/x509/common.c, lib/x509/dn.c: 
	gnutls_x509_dn_oid_name() was extended with a flags option that
	accepts currently GNUTLS_X509_DN_OID_RETURN_OID or 0.

2012-01-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-bib.texi, doc/cha-cert-auth.texi, doc/latex/gnutls.bib,
	lib/includes/gnutls/compat.h, lib/x509/crl.c, lib/x509/dn.c,
	lib/x509/x509.c: Added discussion of distinguished names.

2012-01-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi: describe gnutls_privkey_import_ext in
	more detail.

2012-01-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/x509/common.c, lib/x509/common.h, lib/x509/dn.c: Added
	gnutls_x509_dn_oid_name().

2012-01-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, doc/cha-gtls-app.texi: discuss the change
	in Diffie-Hellman parameters.

2012-01-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, lib/gnutls_priority.c: Defined more
	precisely the SECURE levels.

2012-01-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, doc/cha-gtls-app.texi: updated for
	pkg-config autoconf macro and added gnutls_pubkey_encrypt_data.

2012-01-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509.c: updated descriptions

2012-01-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509.c: removed not applicable comments.

2012-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_pubkey.c, lib/includes/gnutls/abstract.h,
	lib/libgnutls.map, tests/Makefile.am, tests/rsa-encrypt-decrypt.c: 
	Added gnutls_pubkey_encrypt_data().

2012-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: more gcc warnings to ignore

2012-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c, src/udp-serv.c, src/udp-serv.h: tcp and udp server are
	now void functions.

2012-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/certtool.c: --outder option works for public keys.

2012-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/certtool.c: certtool --outder option now works for
	private keys as well.

2012-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/Makefile.am: removed trailing slash.

2012-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* THANKS: updated thanks

2012-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/slow/Makefile.am: remove trailing slash.

2012-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* GNUmakefile, build-aux/config.rpath, build-aux/pmccabe2html,
	build-aux/snippet/arg-nonnull.h, build-aux/snippet/c++defs.h,
	build-aux/snippet/warn-on-use.h, build-aux/useless-if-before-free,
	build-aux/vc-list-files, gl/Makefile.am, gl/accept.c, gl/alloca.c,
	gl/alloca.in.h, gl/alphasort.c, gl/argp-ba.c, gl/argp-eexst.c,
	gl/argp-fmtstream.c, gl/argp-fmtstream.h, gl/argp-fs-xinl.c,
	gl/argp-help.c, gl/argp-namefrob.h, gl/argp-parse.c, gl/argp-pin.c,
	gl/argp-pv.c, gl/argp-pvh.c, gl/argp-xinl.c, gl/argp.h,
	gl/arpa_inet.in.h, gl/asnprintf.c, gl/asprintf.c,
	gl/basename-lgpl.c, gl/bind.c, gl/byteswap.in.h, gl/c-ctype.c,
	gl/c-ctype.h, gl/close.c, gl/closedir.c, gl/connect.c,
	gl/dirent-private.h, gl/dirent.in.h, gl/dirname-lgpl.c,
	gl/dirname.h, gl/dosname.h, gl/errno.in.h, gl/error.c, gl/error.h,
	gl/fd-hook.c, gl/fd-hook.h, gl/filename.h, gl/float+.h, gl/float.c,
	gl/float.in.h, gl/fpucw.h, gl/frexp.c, gl/frexpl.c, gl/fseek.c,
	gl/fseeko.c, gl/fseterr.c, gl/fseterr.h, gl/fstat.c, gl/ftell.c,
	gl/ftello.c, gl/gai_strerror.c, gl/getaddrinfo.c, gl/getdelim.c,
	gl/getline.c, gl/getopt.c, gl/getopt.in.h, gl/getopt1.c,
	gl/getopt_int.h, gl/getpass.c, gl/getpass.h, gl/getpeername.c,
	gl/getsubopt.c, gl/gettext.h, gl/gettime.c, gl/gettimeofday.c,
	gl/inet_ntop.c, gl/inet_pton.c, gl/intprops.h, gl/isnan.c,
	gl/isnand-nolibm.h, gl/isnand.c, gl/isnanf-nolibm.h, gl/isnanf.c,
	gl/isnanl-nolibm.h, gl/isnanl.c, gl/itold.c, gl/listen.c,
	gl/lseek.c, gl/m4/00gnulib.m4, gl/m4/alloca.m4, gl/m4/alphasort.m4,
	gl/m4/argp.m4, gl/m4/arpa_inet_h.m4, gl/m4/byteswap.m4,
	gl/m4/clock_time.m4, gl/m4/close.m4, gl/m4/closedir.m4,
	gl/m4/codeset.m4, gl/m4/dirent_h.m4, gl/m4/dirname.m4,
	gl/m4/double-slash-root.m4, gl/m4/dup2.m4, gl/m4/eealloc.m4,
	gl/m4/environ.m4, gl/m4/errno_h.m4, gl/m4/error.m4,
	gl/m4/exponentd.m4, gl/m4/exponentf.m4, gl/m4/exponentl.m4,
	gl/m4/extensions.m4, gl/m4/fcntl-o.m4, gl/m4/fcntl_h.m4,
	gl/m4/fdopen.m4, gl/m4/float_h.m4, gl/m4/fpieee.m4, gl/m4/frexp.m4,
	gl/m4/frexpl.m4, gl/m4/fseek.m4, gl/m4/fseeko.m4, gl/m4/fstat.m4,
	gl/m4/ftell.m4, gl/m4/ftello.m4, gl/m4/ftruncate.m4, gl/m4/func.m4,
	gl/m4/getaddrinfo.m4, gl/m4/getcwd.m4, gl/m4/getdelim.m4,
	gl/m4/getline.m4, gl/m4/getopt.m4, gl/m4/getpagesize.m4,
	gl/m4/getpass.m4, gl/m4/getsubopt.m4, gl/m4/gettext.m4,
	gl/m4/gettime.m4, gl/m4/gettimeofday.m4, gl/m4/glibc2.m4,
	gl/m4/glibc21.m4, gl/m4/gnulib-cache.m4, gl/m4/gnulib-common.m4,
	gl/m4/gnulib-comp.m4, gl/m4/gnulib-tool.m4, gl/m4/hostent.m4,
	gl/m4/iconv.m4, gl/m4/include_next.m4, gl/m4/inet_ntop.m4,
	gl/m4/inet_pton.m4, gl/m4/intdiv0.m4, gl/m4/intl.m4,
	gl/m4/intldir.m4, gl/m4/intlmacosx.m4, gl/m4/intmax.m4,
	gl/m4/intmax_t.m4, gl/m4/inttypes-pri.m4, gl/m4/inttypes.m4,
	gl/m4/inttypes_h.m4, gl/m4/ioctl.m4, gl/m4/isnand.m4,
	gl/m4/isnanf.m4, gl/m4/isnanl.m4, gl/m4/largefile.m4,
	gl/m4/lcmessage.m4, gl/m4/ld-output-def.m4,
	gl/m4/ld-version-script.m4, gl/m4/ldexpl.m4, gl/m4/lib-ld.m4,
	gl/m4/lib-link.m4, gl/m4/lib-prefix.m4, gl/m4/lock.m4,
	gl/m4/longlong.m4, gl/m4/lseek.m4, gl/m4/lstat.m4, gl/m4/malloc.m4,
	gl/m4/malloca.m4, gl/m4/manywarnings.m4, gl/m4/math_h.m4,
	gl/m4/memchr.m4, gl/m4/memmem.m4, gl/m4/mempcpy.m4,
	gl/m4/minmax.m4, gl/m4/mmap-anon.m4, gl/m4/mode_t.m4,
	gl/m4/msvc-inval.m4, gl/m4/msvc-nothrow.m4, gl/m4/multiarch.m4,
	gl/m4/netdb_h.m4, gl/m4/netinet_in_h.m4, gl/m4/nls.m4,
	gl/m4/nocrash.m4, gl/m4/open.m4, gl/m4/opendir.m4,
	gl/m4/pathmax.m4, gl/m4/perror.m4, gl/m4/pipe.m4, gl/m4/po.m4,
	gl/m4/printf-frexp.m4, gl/m4/printf-frexpl.m4,
	gl/m4/printf-posix.m4, gl/m4/printf.m4, gl/m4/progtest.m4,
	gl/m4/putenv.m4, gl/m4/rawmemchr.m4, gl/m4/read-file.m4,
	gl/m4/readdir.m4, gl/m4/realloc.m4, gl/m4/scandir.m4,
	gl/m4/select.m4, gl/m4/servent.m4, gl/m4/setenv.m4,
	gl/m4/signal_h.m4, gl/m4/signbit.m4, gl/m4/size_max.m4,
	gl/m4/sleep.m4, gl/m4/snprintf.m4, gl/m4/socketlib.m4,
	gl/m4/sockets.m4, gl/m4/socklen.m4, gl/m4/sockpfaf.m4,
	gl/m4/ssize_t.m4, gl/m4/stat.m4, gl/m4/stdalign.m4,
	gl/m4/stdarg.m4, gl/m4/stdbool.m4, gl/m4/stddef_h.m4,
	gl/m4/stdint.m4, gl/m4/stdint_h.m4, gl/m4/stdio_h.m4,
	gl/m4/stdlib_h.m4, gl/m4/strcase.m4, gl/m4/strchrnul.m4,
	gl/m4/strdup.m4, gl/m4/strerror.m4, gl/m4/strerror_r.m4,
	gl/m4/string_h.m4, gl/m4/strings_h.m4, gl/m4/strndup.m4,
	gl/m4/strnlen.m4, gl/m4/strverscmp.m4, gl/m4/symlink.m4,
	gl/m4/sys_ioctl_h.m4, gl/m4/sys_select_h.m4, gl/m4/sys_socket_h.m4,
	gl/m4/sys_stat_h.m4, gl/m4/sys_time_h.m4, gl/m4/sys_types_h.m4,
	gl/m4/sys_uio_h.m4, gl/m4/sysexits.m4, gl/m4/thread.m4,
	gl/m4/threadlib.m4, gl/m4/time_h.m4, gl/m4/time_r.m4,
	gl/m4/timespec.m4, gl/m4/uintmax_t.m4, gl/m4/ungetc.m4,
	gl/m4/unistd_h.m4, gl/m4/usleep.m4, gl/m4/valgrind-tests.m4,
	gl/m4/vasnprintf.m4, gl/m4/vasprintf.m4, gl/m4/version-etc.m4,
	gl/m4/vfprintf-posix.m4, gl/m4/visibility.m4,
	gl/m4/vprintf-posix.m4, gl/m4/vsnprintf.m4, gl/m4/warn-on-use.m4,
	gl/m4/warnings.m4, gl/m4/wchar_h.m4, gl/m4/wchar_t.m4,
	gl/m4/wint_t.m4, gl/m4/xsize.m4, gl/m4/yield.m4, gl/malloc.c,
	gl/math.in.h, gl/memchr.c, gl/memmem.c, gl/mempcpy.c, gl/minmax.h,
	gl/msvc-inval.c, gl/msvc-inval.h, gl/msvc-nothrow.c,
	gl/msvc-nothrow.h, gl/netdb.in.h, gl/netinet_in.in.h, gl/opendir.c,
	gl/override/m4/valgrind-tests.m4.diff, gl/printf-args.c,
	gl/printf-args.h, gl/printf-frexp.c, gl/printf-frexp.h,
	gl/printf-frexpl.c, gl/printf-frexpl.h, gl/printf-parse.c,
	gl/printf-parse.h, gl/progname.c, gl/progname.h, gl/rawmemchr.c,
	gl/read-file.c, gl/read-file.h, gl/readdir.c, gl/realloc.c,
	gl/recv.c, gl/recvfrom.c, gl/scandir.c, gl/select.c, gl/send.c,
	gl/sendto.c, gl/setsockopt.c, gl/shutdown.c, gl/signal.in.h,
	gl/signbitd.c, gl/signbitf.c, gl/signbitl.c, gl/size_max.h,
	gl/sleep.c, gl/snprintf.c, gl/socket.c, gl/sockets.c, gl/sockets.h,
	gl/stdalign.in.h, gl/stdarg.in.h, gl/stdbool.in.h, gl/stddef.in.h,
	gl/stdint.in.h, gl/stdio-impl.h, gl/stdio.in.h, gl/stdlib.in.h,
	gl/str-two-way.h, gl/strcasecmp.c, gl/strchrnul.c, gl/strdup.c,
	gl/strerror-override.c, gl/strerror-override.h, gl/strerror.c,
	gl/string.in.h, gl/strings.in.h, gl/stripslash.c, gl/strncasecmp.c,
	gl/strndup.c, gl/strnlen.c, gl/strverscmp.c, gl/sys_select.in.h,
	gl/sys_socket.in.h, gl/sys_stat.in.h, gl/sys_time.in.h,
	gl/sys_types.in.h, gl/sys_uio.in.h, gl/sysexits.in.h,
	gl/tests/Makefile.am, gl/tests/binary-io.h, gl/tests/dup2.c,
	gl/tests/fcntl.in.h, gl/tests/fdopen.c, gl/tests/getcwd-lgpl.c,
	gl/tests/getpagesize.c, gl/tests/glthread/lock.c,
	gl/tests/glthread/lock.h, gl/tests/glthread/thread.c,
	gl/tests/glthread/thread.h, gl/tests/glthread/threadlib.c,
	gl/tests/glthread/yield.h, gl/tests/ignore-value.h,
	gl/tests/infinity.h, gl/tests/init.sh, gl/tests/inttypes.in.h,
	gl/tests/ioctl.c, gl/tests/lstat.c, gl/tests/macros.h,
	gl/tests/malloca.c, gl/tests/malloca.h, gl/tests/minus-zero.h,
	gl/tests/nan.h, gl/tests/open.c, gl/tests/pathmax.h,
	gl/tests/perror.c, gl/tests/pipe.c, gl/tests/putenv.c,
	gl/tests/same-inode.h, gl/tests/setenv.c, gl/tests/signature.h,
	gl/tests/stat.c, gl/tests/strerror_r.c, gl/tests/symlink.c,
	gl/tests/sys_ioctl.in.h, gl/tests/test-accept.c,
	gl/tests/test-alloca-opt.c, gl/tests/test-argp-2.sh,
	gl/tests/test-argp.c, gl/tests/test-arpa_inet.c,
	gl/tests/test-binary-io.c, gl/tests/test-binary-io.sh,
	gl/tests/test-bind.c, gl/tests/test-byteswap.c,
	gl/tests/test-c-ctype.c, gl/tests/test-close.c,
	gl/tests/test-connect.c, gl/tests/test-dirent.c,
	gl/tests/test-dup2.c, gl/tests/test-environ.c,
	gl/tests/test-errno.c, gl/tests/test-fcntl-h.c,
	gl/tests/test-fdopen.c, gl/tests/test-fgetc.c,
	gl/tests/test-float.c, gl/tests/test-fprintf-posix.h,
	gl/tests/test-fputc.c, gl/tests/test-fread.c,
	gl/tests/test-frexp.c, gl/tests/test-frexpl.c,
	gl/tests/test-fseek.c, gl/tests/test-fseeko.c,
	gl/tests/test-fseeko3.c, gl/tests/test-fseeko4.c,
	gl/tests/test-fseterr.c, gl/tests/test-fstat.c,
	gl/tests/test-ftell.c, gl/tests/test-ftell3.c,
	gl/tests/test-ftello.c, gl/tests/test-ftello3.c,
	gl/tests/test-ftello4.c, gl/tests/test-ftruncate.c,
	gl/tests/test-func.c, gl/tests/test-fwrite.c,
	gl/tests/test-getaddrinfo.c, gl/tests/test-getcwd-lgpl.c,
	gl/tests/test-getdelim.c, gl/tests/test-getline.c,
	gl/tests/test-getopt.c, gl/tests/test-getopt.h,
	gl/tests/test-getopt_long.h, gl/tests/test-getpeername.c,
	gl/tests/test-gettimeofday.c, gl/tests/test-ignore-value.c,
	gl/tests/test-inet_ntop.c, gl/tests/test-inet_pton.c,
	gl/tests/test-init.sh, gl/tests/test-intprops.c,
	gl/tests/test-inttypes.c, gl/tests/test-ioctl.c,
	gl/tests/test-isnand-nolibm.c, gl/tests/test-isnand.h,
	gl/tests/test-isnanf-nolibm.c, gl/tests/test-isnanf.h,
	gl/tests/test-isnanl-nolibm.c, gl/tests/test-isnanl.h,
	gl/tests/test-listen.c, gl/tests/test-lock.c,
	gl/tests/test-lstat.c, gl/tests/test-lstat.h,
	gl/tests/test-malloc-gnu.c, gl/tests/test-malloca.c,
	gl/tests/test-math.c, gl/tests/test-memchr.c,
	gl/tests/test-netdb.c, gl/tests/test-netinet_in.c,
	gl/tests/test-open.c, gl/tests/test-open.h,
	gl/tests/test-pathmax.c, gl/tests/test-perror.c,
	gl/tests/test-perror2.c, gl/tests/test-pipe.c,
	gl/tests/test-printf-frexp.c, gl/tests/test-printf-frexpl.c,
	gl/tests/test-printf-posix.h, gl/tests/test-rawmemchr.c,
	gl/tests/test-read-file.c, gl/tests/test-recv.c,
	gl/tests/test-recvfrom.c, gl/tests/test-select-fd.c,
	gl/tests/test-select-stdin.c, gl/tests/test-select.c,
	gl/tests/test-select.h, gl/tests/test-send.c,
	gl/tests/test-sendto.c, gl/tests/test-setenv.c,
	gl/tests/test-setsockopt.c, gl/tests/test-shutdown.c,
	gl/tests/test-signal-h.c, gl/tests/test-signbit.c,
	gl/tests/test-sleep.c, gl/tests/test-snprintf.c,
	gl/tests/test-sockets.c, gl/tests/test-stat.c,
	gl/tests/test-stat.h, gl/tests/test-stdalign.c,
	gl/tests/test-stdbool.c, gl/tests/test-stddef.c,
	gl/tests/test-stdint.c, gl/tests/test-stdio.c,
	gl/tests/test-stdlib.c, gl/tests/test-strchrnul.c,
	gl/tests/test-strerror.c, gl/tests/test-strerror_r.c,
	gl/tests/test-string.c, gl/tests/test-strings.c,
	gl/tests/test-strnlen.c, gl/tests/test-strverscmp.c,
	gl/tests/test-symlink.c, gl/tests/test-symlink.h,
	gl/tests/test-sys_ioctl.c, gl/tests/test-sys_select.c,
	gl/tests/test-sys_socket.c, gl/tests/test-sys_stat.c,
	gl/tests/test-sys_time.c, gl/tests/test-sys_types.c,
	gl/tests/test-sys_uio.c, gl/tests/test-sys_wait.h,
	gl/tests/test-sysexits.c, gl/tests/test-thread_create.c,
	gl/tests/test-thread_self.c, gl/tests/test-time.c,
	gl/tests/test-u64.c, gl/tests/test-unistd.c,
	gl/tests/test-unsetenv.c, gl/tests/test-usleep.c,
	gl/tests/test-vasnprintf.c, gl/tests/test-vasprintf.c,
	gl/tests/test-vc-list-files-cvs.sh,
	gl/tests/test-vc-list-files-git.sh, gl/tests/test-verify.c,
	gl/tests/test-version-etc.c, gl/tests/test-version-etc.sh,
	gl/tests/test-vfprintf-posix.c, gl/tests/test-vprintf-posix.c,
	gl/tests/test-vsnprintf.c, gl/tests/test-wchar.c,
	gl/tests/unsetenv.c, gl/tests/w32sock.h, gl/tests/zerosize-ptr.h,
	gl/time.in.h, gl/time_r.c, gl/timespec.h, gl/u64.h, gl/unistd.in.h,
	gl/usleep.c, gl/vasnprintf.c, gl/vasnprintf.h, gl/vasprintf.c,
	gl/verify.h, gl/version-etc-fsf.c, gl/version-etc.c,
	gl/version-etc.h, gl/vfprintf.c, gl/vprintf.c, gl/vsnprintf.c,
	gl/w32sock.h, gl/wchar.in.h, gl/xsize.h, maint.mk: Updated gnulib
	and added usleep and getaddrinfo modules.

2012-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/output.c: Authority information access information ->
	Authority information access

2012-01-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c, lib/auth/cert.h, lib/auth/dhe.c, lib/auth/rsa.c,
	lib/auth/rsa_export.c, lib/auth/srp_rsa.c: 
	_gnutls_proc_cert_client_certificate and
	_gnutls_proc_cert_server_certificate renamed to
	_gnutls_proc_certificate.

2012-01-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated news

2012-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dh_primes.c: gnutls_dh_params_cpy() copies the
	src->q_bits.

2012-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/slow/gendh.c: properly deinitialize.

2012-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/mpi.c: corrected leak in DH parameter generation.

2012-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* ChangeLog: updated changelog

2012-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/mpi.c: removed old comment

2012-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* ChangeLog, NEWS: updated changelog and news for release

2012-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c: corrected typo

2012-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, m4/hooks.m4: bumped version

2012-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c: Corrected functionality of
	gnutls_record_get_direction(). Reported by Philip Allison.

2012-01-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_cipher.c: provide less timing information when
	decoding packets. Patch by Nadhem Alfardan.

2012-01-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: use AI_ADDRCONFIG if available.

2012-01-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: prevent building of crywrap in windows

2012-01-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: updated

2012-01-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* ChangeLog: updated

2012-01-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/extras/Makefile.am: added missing file

2012-01-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, m4/hooks.m4: bumped version

2012-01-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-gaa.c, src/certtool-gaa.h, src/p11tool-gaa.c: Updated
	auto-generated files

2012-01-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/latex/.gitignore, doc/latex/cover.tex: added missing file

2012-01-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-tls.c: print the RSA and DH bits as well as EC bits
	for comparison.

2012-01-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-tls.c: use 1840 bit DH and RSA to compare with 192
	bits of ECDH

2012-01-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/publickey.c, lib/algorithms/secparams.c,
	lib/algorithms/sign.c, lib/auth/cert.c, lib/auth/ecdh_common.c,
	lib/gnutls_privkey.c, lib/gnutls_pubkey.c, lib/gnutls_sig.c,
	lib/includes/gnutls/gnutls.h.in, lib/nettle/pk.c, lib/pkcs11_int.h,
	lib/pkcs11_privkey.c, lib/pkcs11_write.c, lib/x509/key_decode.c,
	lib/x509/key_encode.c, lib/x509/output.c, lib/x509/privkey.c,
	lib/x509/privkey_pkcs8.c, lib/x509/verify.c, src/certtool.c,
	src/p11tool.gaa, tests/slow/keygen.c: GNUTLS_PK_ECC -> GNUTLS_PK_EC

2011-12-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/openpgp/gnutls_openpgp.c: CDK_EOF error code now returns
	GNUTLS_E_PARSING_ERROR

2011-12-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/armor.c, lib/opencdk/opencdk.h: removed
	cdk_armor_filter_use()

2011-12-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: correctly report 0 keys on a keyring

2011-12-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/kbnode.c, lib/opencdk/opencdk.h,
	lib/openpgp/gnutls_openpgp.c, lib/openpgp/pgp.c,
	lib/openpgp/privkey.c: more opencdk simplifications

2011-12-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/openpgp-certs/testselfsigs: specify key type (raw) to
	certtool

2011-12-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/Makefile.am, lib/opencdk/armor.c,
	lib/opencdk/keydb.c, lib/opencdk/main.c, lib/opencdk/opencdk.h,
	lib/openpgp/extras.c, lib/openpgp/gnutls_openpgp.c: Removed unneeded
	opencdk functionality.

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: verify signatures on download

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_global.c, lib/gnutls_mem.c: _gnutls_is_secure_memory is
	no more.

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/cli.c: gnutls-cli can now read input from win32.

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/openpgp/pgp.c, lib/openpgp/privkey.c: Avoid using base64
	armor auto-detection which causes decoding errors in win32.  For
	some reason reading from the stream modifies the stream and this
	work-around avoids that issue.

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/pgps2kgnu.c: enable debugging in pgps2kgnu

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/openpgp-auth2.c: do not use valgrind in
	windows

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: gmp is compiled with --enable-fat.

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am: link libutils with libgnu.

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/Makefile.am: Added missing function names.

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cross.mk: Added a preliminary win32 compilation makefile.

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: win32 fixes

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: do not build crywrap on win32

2011-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* extra/includes/gnutls/openssl.h: undefine possible system macros.

2011-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-serv-dtls.c: updated DTLS example

2011-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi,
	doc/cha-programs.texi: more updates

2011-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-ciphersuites.texi, doc/cha-copying.texi,
	doc/cha-gtls-app.texi, doc/cha-gtls-examples.texi,
	doc/cha-internals.texi, doc/cha-library.texi,
	doc/cha-shared-key.texi, doc/gnutls.texi: Small improvements in
	documentation.

2011-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/x509/privkey.c: corrected bug in DSA private key
	parsing.

2011-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.gaa: Added --rsa option which is a no-op for now.

2011-12-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/extras/randomart.c, lib/extras/randomart.h, lib/gnutls_ui.c,
	lib/openpgp/output.c, lib/x509/output.c,
	tests/pathlen/ca-no-pathlen.pem, tests/pathlen/no-ca-or-pathlen.pem: 
	Allow the insertion of characters to align the randomart.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: Print the fingerprint of PGP keys and not only the
	key ID.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/pathlen/ca-no-pathlen.pem,
	tests/pathlen/no-ca-or-pathlen.pem: Add random art to keys.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-deflate.c: Skip deflate test if libz is not available.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/openpgp/output.c, lib/x509/output.c, src/certtool.c: updated
	random art's messages.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: Print the pgp key's randomart as well.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/openpgp/output.c, lib/x509/output.c: Print the randomart on
	the key ID and not the fingerprint.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_errors.c: Updated GNUTLS_E_NO_CERTIFICATE_FOUND
	description.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/extras/randomart.c, lib/extras/randomart.h, lib/gnutls_ui.c,
	lib/openpgp/output.c, lib/x509/output.c, src/certtool.c: print
	randomart for private keys as well.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/extras/randomart.c, lib/system.c, lib/system.h,
	lib/x509/output.c: gnutls_atfork was no longer in use.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, lib/Makefile.am, lib/extras/Makefile.am,
	lib/extras/randomart.c, lib/extras/randomart.h, lib/gnutls_ui.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map,
	lib/openpgp/output.c, lib/x509/output.c: Added function
	gnutls_random_art() to convert fingerprints to images (currently
	ascii-art).

2011-12-28  Patrick Pelletier <code@funwithsoftware.org>

	* doc/cha-gtls-app.texi, doc/cha-gtls-examples.texi,
	doc/cha-internals.texi, lib/algorithms/ciphers.c,
	lib/algorithms/protocols.c, lib/algorithms/secparams.c,
	lib/gnutls_cert.c, lib/gnutls_cipher.c, lib/gnutls_db.c,
	lib/gnutls_global.c, lib/gnutls_handshake.c, lib/gnutls_priority.c,
	lib/gnutls_state.c, lib/gnutls_ui.c, lib/nettle/rnd.c: minor doc and
	comment fixes Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-gtls-app.texi,
	doc/cha-gtls-examples.texi, doc/cha-intro-tls.texi,
	doc/examples/Makefile.am, doc/examples/ex-client-anon.c,
	doc/examples/ex-client-dtls.c, doc/examples/ex-client-psk.c,
	doc/examples/ex-client-resume.c, doc/examples/ex-client-srp.c,
	doc/examples/ex-client-udp.c, doc/examples/ex-client-x509.c,
	doc/examples/ex-client1.c, doc/examples/ex-rfc2818.c,
	doc/examples/ex-serv-anon.c, doc/examples/ex-serv-srp.c,
	doc/examples/ex-serv-x509.c, doc/examples/ex-serv1.c: updated
	examples and added new "handling alerts" section.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-examples.texi, doc/examples/udp.c: updated and
	included in the documentation the udp code.

2011-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/cli.c, src/serv.c: Set don't fragment bit in Linux as
	well as in BSD variants.

2011-12-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, doc/examples/ex-serv-dtls.c, doc/examples/ex-serv1.c: 
	updated server examples

2011-12-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi,
	doc/cha-gtls-app.texi, doc/cha-programs.texi,
	doc/cha-shared-key.texi: smallexample is no longer used. It is
	intended only for typesetting with smaller pages and had no relation
	to our usage.

2011-12-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: prepend UDP to server application name when in UDP
	mode.

2011-12-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, doc/cha-gtls-examples.texi,
	doc/examples/Makefile.am, doc/examples/ex-serv-dtls.c,
	doc/examples/ex-serv1.c: Added DTLS server example.

2011-12-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/udp-serv.c: corrected a leak

2011-12-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: Added SECP192R1 curve.

2011-12-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/includes/gnutls/abstract.h, lib/includes/gnutls/pkcs11.h: 
	pkcs11.h and abstract.h use extern C idiom for C++.

2011-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/algorithms/ciphersuites.c: Added ciphersuites:
	GNUTLS_PSK_WITH_AES_256_GCM_SHA384 and
	GNUTLS_DHE_PSK_WITH_AES_256_GCM_SHA384.

2011-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/algorithms/ciphersuites.c: Corrected ciphersuite
	GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384

2011-12-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: Only use configured interfaces. Patch by Pino Toscano.

2011-12-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/protocols.c: better comments.

2011-12-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_int.h, lib/gnutls_record.c, lib/gnutls_state.c: 
	gnutls_protocol_get_version() and _gnutls_set_current_version() are
	now inline functions

2011-12-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: documented
	_gnutls_supported_ciphersuites()

2011-12-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: renamed the _SHA ciphersuites to
	_SHA1.

2011-12-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/mpi.c: correctly set the odd bits.

2011-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* ChangeLog, Makefile.am, cfg.mk: make dist forces regeneration of
	ChangeLog and manpages.

2011-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: Added missing file

2011-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, m4/hooks.m4: bumped version

2011-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: documented new priority strings.

2011-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: server precedence also used in compression
	methods.

2011-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms.h, lib/algorithms/ciphersuites.c,
	lib/auth/dh_common.c, lib/auth/rsa.c, lib/auth/rsa_export.c,
	lib/gnutls_auth.c, lib/gnutls_constate.c, lib/gnutls_constate.h,
	lib/gnutls_handshake.c, lib/gnutls_int.h,
	lib/gnutls_session_pack.c, lib/gnutls_state.c,
	lib/gnutls_v2_compat.c: cipher_suite_st is no longer used
	internally. We only use a point to 2 bytes.

2011-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_handshake.c, lib/gnutls_int.h,
	lib/gnutls_priority.c: Added new priority string %SERVER_PRECEDENCE.

2011-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: Removed 128-bit ciphers from secure192, but
	added SHA256 (or no ciphersuites are there).

2011-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/Makefile.am, src/certtool-common.h, src/certtool-gaa.c,
	src/certtool-gaa.h, src/certtool.c, src/certtool.gaa, src/dh.c,
	src/prime.c: Added the --dh-info parameter to certtool.

2011-12-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/manpages/Makefile.am, lib/algorithms/ciphersuites.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/common.c: 
	gnutls_priority_get_cipher_suite was renamed to
	gnutls_priority_get_cipher_suite_index.  This makes a more
	consistent API at the cost of requiring
	gnutls_get_cipher_suite_info().  An advantage however is that more
	information can now be accessed.

2011-12-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/auth/anon.c, lib/auth/dh_common.c,
	lib/auth/dh_common.h, lib/auth/dhe.c, lib/auth/dhe_psk.c,
	lib/crypto-backend.h, lib/gnutls_dh.c, lib/gnutls_dh.h,
	lib/gnutls_dh_primes.c, lib/gnutls_int.h, lib/nettle/mpi.c,
	src/benchmark-tls.c, src/benchmark.c, src/prime.c: Diffie Hellman
	PKCS #3 parameters now contain the recommended private key size.  By
	using the recommended key size the calculations for the server side
	are reduced, giving a 50% increase in DH calculations.

2011-12-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/mpi.c: small cleanups.

2011-12-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/psk_passwd.c, lib/auth/rsa.c, lib/auth/rsa_export.c,
	lib/auth/srp_passwd.c, lib/crypto-api.c, lib/ext/session_ticket.c,
	lib/gnutls_cipher.c, lib/gnutls_handshake.c, lib/gnutls_mpi.c,
	lib/gnutls_pk.c, lib/nettle/gnettle.h, lib/nettle/mpi.c,
	lib/nettle/pk.c, lib/nettle/rnd.c, lib/opencdk/misc.c,
	lib/pkcs11_secret.c, lib/random.c, lib/random.h, lib/x509/pkcs12.c,
	lib/x509/privkey_pkcs8.c: Optimizations in DH parameter generation.  The larger prime is find first and the big loop needs to find a
	smaller prime, increasing performance.  The _gnutls_rnd() function
	is now inline and GNUTLS_RND_NONCE doesn't update random generator
	state.

2011-12-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2011-12-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/session_ticket.c, lib/gnutls_handshake.c,
	lib/gnutls_int.h: If a ticket is sent to client then don't store the
	session information in the session cache.

2011-12-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/algorithms/ciphersuites.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map, src/cli-gaa.c,
	src/cli.gaa, src/common.c, src/common.h, src/serv-gaa.c,
	src/serv.gaa: Added gnutls_priority_get_cipher_suite().  This allows
	listing the ciphersuites enabled in a priority structure.  The
	certtool -l option was overloaded so if combined with --priority it
	will only list the ciphersuites that are enabled by the given
	priority string.

2011-12-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/ecc_mulmod.c: removed unused variables.

2011-12-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: Added 192-bit curve in normal priorities.

2011-12-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented updates

2011-12-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c: Print ephemeral information after certificate
	information.

2011-12-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms.h, lib/algorithms/ciphersuites.c,
	lib/gnutls_handshake.c: Optimized ciphersuite sorting.

2011-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-tls.c: modified the test to a level of 80bits of
	security.

2011-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ecc.c, lib/includes/gnutls/gnutls.h.in: Added
	SECP192R1 curve.

2011-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/x509cert.c: be less verbose.

2011-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2011-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-tls.c: Added ECDHE-ECDSA test.

2011-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/Makefile.am, lib/nettle/ecc.h,
	lib/nettle/ecc_make_key.c, lib/nettle/ecc_mulmod.c,
	lib/nettle/ecc_mulmod_timing.c, lib/nettle/ecc_sign_hash.c: The
	timing resistant ecc_mulmod() is only used when signing using the
	ECDSA private key. This improves performance in all other cases that
	do not require timing resistance.

2011-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/x86.h: corrected have_cpuid for x86-64.

2011-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-cert-auth2.texi: renamed hardware tokens
	to security modules.

2011-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi: Added section 'Managing encrypted keys'
	to include PKCS 12 structures.

2011-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/benchmark-tls.c: Added RSA key exchange to comparison.

2011-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* devel/perlasm/cpuid-x86.pl, devel/perlasm/cpuid-x86_64.pl,
	lib/accelerated/accelerated.c, lib/accelerated/x86/aes-padlock.c,
	lib/accelerated/x86/aes-x86.c,
	lib/accelerated/x86/asm-coff/cpuid-x86-64-coff.s,
	lib/accelerated/x86/asm-coff/cpuid-x86-coff.s,
	lib/accelerated/x86/asm/cpuid-x86-64.s,
	lib/accelerated/x86/asm/cpuid-x86.s, lib/accelerated/x86/x86.h: 
	Exported gnutls_cpuid() and gnutls_have_cpuid().

2011-12-06  Simon Josefsson <simon@josefsson.org>

	* doc/Makefile.am: Fix descriptive text.

2011-12-06  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/Makefile.am, doc/scripts/getfuncs.pl: Fix getfuncs.pl
	parse bug; require non-empty list of function parameters.  Otherwise it would detect a comment like '* foo()' as another
	function.

2011-12-06  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/gnutls_init.3,
	doc/manpages/gnutls_pk_algorithm_get_name.3: Really remove manpages.

2011-12-06  Simon Josefsson <simon@josefsson.org>

	* .gitignore, doc/manpages/Makefile.am: Fix whitespace in last
	commit.

2011-12-06  Simon Josefsson <simon@josefsson.org>

	* doc/manpages/Makefile.am: Don't rebuild man pages on every 'make'
	invocation.

2011-12-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/manpages/Makefile.am, doc/manpages/gnutls_alert_get.3,
	doc/manpages/gnutls_alert_get_name.3,
	doc/manpages/gnutls_alert_get_strname.3,
	doc/manpages/gnutls_alert_send.3,
	doc/manpages/gnutls_alert_send_appropriate.3,
	doc/manpages/gnutls_anon_allocate_client_credentials.3,
	doc/manpages/gnutls_anon_allocate_server_credentials.3,
	doc/manpages/gnutls_anon_free_client_credentials.3,
	doc/manpages/gnutls_anon_free_server_credentials.3,
	doc/manpages/gnutls_anon_set_params_function.3,
	doc/manpages/gnutls_anon_set_server_dh_params.3,
	doc/manpages/gnutls_anon_set_server_params_function.3,
	doc/manpages/gnutls_auth_client_get_type.3,
	doc/manpages/gnutls_auth_get_type.3,
	doc/manpages/gnutls_auth_server_get_type.3,
	doc/manpages/gnutls_bye.3,
	doc/manpages/gnutls_certificate_activation_time_peers.3,
	doc/manpages/gnutls_certificate_allocate_credentials.3,
	doc/manpages/gnutls_certificate_client_get_request_status.3,
	doc/manpages/gnutls_certificate_expiration_time_peers.3,
	doc/manpages/gnutls_certificate_free_ca_names.3,
	doc/manpages/gnutls_certificate_free_cas.3,
	doc/manpages/gnutls_certificate_free_credentials.3,
	doc/manpages/gnutls_certificate_free_crls.3,
	doc/manpages/gnutls_certificate_free_keys.3,
	doc/manpages/gnutls_certificate_get_issuer.3,
	doc/manpages/gnutls_certificate_get_openpgp_keyring.3,
	doc/manpages/gnutls_certificate_get_ours.3,
	doc/manpages/gnutls_certificate_get_peers.3,
	doc/manpages/gnutls_certificate_send_x509_rdn_sequence.3,
	doc/manpages/gnutls_certificate_server_set_request.3,
	doc/manpages/gnutls_certificate_set_dh_params.3,
	doc/manpages/gnutls_certificate_set_key.3,
	doc/manpages/gnutls_certificate_set_openpgp_key.3,
	doc/manpages/gnutls_certificate_set_openpgp_key_file.3,
	doc/manpages/gnutls_certificate_set_openpgp_key_file2.3,
	doc/manpages/gnutls_certificate_set_openpgp_key_mem.3,
	doc/manpages/gnutls_certificate_set_openpgp_key_mem2.3,
	doc/manpages/gnutls_certificate_set_params_function.3,
	doc/manpages/gnutls_certificate_set_rsa_export_params.3,
	doc/manpages/gnutls_certificate_set_verify_flags.3,
	doc/manpages/gnutls_certificate_set_verify_function.3,
	doc/manpages/gnutls_certificate_set_verify_limits.3,
	doc/manpages/gnutls_certificate_set_x509_crl.3,
	doc/manpages/gnutls_certificate_set_x509_crl_file.3,
	doc/manpages/gnutls_certificate_set_x509_crl_mem.3,
	doc/manpages/gnutls_certificate_set_x509_key.3,
	doc/manpages/gnutls_certificate_set_x509_key_file.3,
	doc/manpages/gnutls_certificate_set_x509_key_mem.3,
	doc/manpages/gnutls_certificate_set_x509_trust.3,
	doc/manpages/gnutls_certificate_set_x509_trust_file.3,
	doc/manpages/gnutls_certificate_set_x509_trust_mem.3,
	doc/manpages/gnutls_certificate_type_get.3,
	doc/manpages/gnutls_certificate_type_get_id.3,
	doc/manpages/gnutls_certificate_type_get_name.3,
	doc/manpages/gnutls_certificate_type_list.3,
	doc/manpages/gnutls_certificate_type_set_priority.3,
	doc/manpages/gnutls_certificate_verify_peers2.3,
	doc/manpages/gnutls_check_version.3,
	doc/manpages/gnutls_cipher_add_auth.3,
	doc/manpages/gnutls_cipher_decrypt.3,
	doc/manpages/gnutls_cipher_decrypt2.3,
	doc/manpages/gnutls_cipher_deinit.3,
	doc/manpages/gnutls_cipher_encrypt.3,
	doc/manpages/gnutls_cipher_encrypt2.3,
	doc/manpages/gnutls_cipher_get.3,
	doc/manpages/gnutls_cipher_get_block_size.3,
	doc/manpages/gnutls_cipher_get_id.3,
	doc/manpages/gnutls_cipher_get_key_size.3,
	doc/manpages/gnutls_cipher_get_name.3,
	doc/manpages/gnutls_cipher_init.3,
	doc/manpages/gnutls_cipher_list.3,
	doc/manpages/gnutls_cipher_set_iv.3,
	doc/manpages/gnutls_cipher_set_priority.3,
	doc/manpages/gnutls_cipher_suite_get_name.3,
	doc/manpages/gnutls_cipher_suite_info.3,
	doc/manpages/gnutls_cipher_tag.3,
	doc/manpages/gnutls_compression_get.3,
	doc/manpages/gnutls_compression_get_id.3,
	doc/manpages/gnutls_compression_get_name.3,
	doc/manpages/gnutls_compression_list.3,
	doc/manpages/gnutls_compression_set_priority.3,
	doc/manpages/gnutls_credentials_clear.3,
	doc/manpages/gnutls_credentials_set.3,
	doc/manpages/gnutls_db_check_entry.3,
	doc/manpages/gnutls_db_get_ptr.3,
	doc/manpages/gnutls_db_remove_session.3,
	doc/manpages/gnutls_db_set_cache_expiration.3,
	doc/manpages/gnutls_db_set_ptr.3,
	doc/manpages/gnutls_db_set_remove_function.3,
	doc/manpages/gnutls_db_set_retrieve_function.3,
	doc/manpages/gnutls_db_set_store_function.3,
	doc/manpages/gnutls_deinit.3, doc/manpages/gnutls_dh_get_group.3,
	doc/manpages/gnutls_dh_get_peers_public_bits.3,
	doc/manpages/gnutls_dh_get_prime_bits.3,
	doc/manpages/gnutls_dh_get_pubkey.3,
	doc/manpages/gnutls_dh_get_secret_bits.3,
	doc/manpages/gnutls_dh_params_cpy.3,
	doc/manpages/gnutls_dh_params_deinit.3,
	doc/manpages/gnutls_dh_params_export_pkcs3.3,
	doc/manpages/gnutls_dh_params_export_raw.3,
	doc/manpages/gnutls_dh_params_generate2.3,
	doc/manpages/gnutls_dh_params_import_pkcs3.3,
	doc/manpages/gnutls_dh_params_import_raw.3,
	doc/manpages/gnutls_dh_params_init.3,
	doc/manpages/gnutls_dh_set_prime_bits.3,
	doc/manpages/gnutls_dtls_cookie_send.3,
	doc/manpages/gnutls_dtls_cookie_verify.3,
	doc/manpages/gnutls_dtls_get_data_mtu.3,
	doc/manpages/gnutls_dtls_get_mtu.3,
	doc/manpages/gnutls_dtls_prestate_set.3,
	doc/manpages/gnutls_dtls_set_mtu.3,
	doc/manpages/gnutls_dtls_set_timeouts.3,
	doc/manpages/gnutls_ecc_curve_get.3,
	doc/manpages/gnutls_ecc_curve_get_name.3,
	doc/manpages/gnutls_ecc_curve_get_size.3,
	doc/manpages/gnutls_error_is_fatal.3,
	doc/manpages/gnutls_error_to_alert.3,
	doc/manpages/gnutls_fingerprint.3,
	doc/manpages/gnutls_global_deinit.3,
	doc/manpages/gnutls_global_init.3,
	doc/manpages/gnutls_global_set_audit_log_function.3,
	doc/manpages/gnutls_global_set_log_function.3,
	doc/manpages/gnutls_global_set_log_level.3,
	doc/manpages/gnutls_global_set_mem_functions.3,
	doc/manpages/gnutls_global_set_mutex.3,
	doc/manpages/gnutls_global_set_time_function.3,
	doc/manpages/gnutls_handshake.3,
	doc/manpages/gnutls_handshake_get_last_in.3,
	doc/manpages/gnutls_handshake_get_last_out.3,
	doc/manpages/gnutls_handshake_set_max_packet_length.3,
	doc/manpages/gnutls_handshake_set_post_client_hello_function.3,
	doc/manpages/gnutls_handshake_set_private_extensions.3,
	doc/manpages/gnutls_hash.3, doc/manpages/gnutls_hash_deinit.3,
	doc/manpages/gnutls_hash_fast.3,
	doc/manpages/gnutls_hash_get_len.3,
	doc/manpages/gnutls_hash_init.3, doc/manpages/gnutls_hash_output.3,
	doc/manpages/gnutls_hex2bin.3, doc/manpages/gnutls_hex_decode.3,
	doc/manpages/gnutls_hex_encode.3, doc/manpages/gnutls_hmac.3,
	doc/manpages/gnutls_hmac_deinit.3, doc/manpages/gnutls_hmac_fast.3,
	doc/manpages/gnutls_hmac_get_len.3,
	doc/manpages/gnutls_hmac_init.3, doc/manpages/gnutls_hmac_output.3,
	doc/manpages/gnutls_init.3, doc/manpages/gnutls_key_generate.3,
	doc/manpages/gnutls_kx_get.3, doc/manpages/gnutls_kx_get_id.3,
	doc/manpages/gnutls_kx_get_name.3, doc/manpages/gnutls_kx_list.3,
	doc/manpages/gnutls_kx_set_priority.3,
	doc/manpages/gnutls_mac_get.3, doc/manpages/gnutls_mac_get_id.3,
	doc/manpages/gnutls_mac_get_key_size.3,
	doc/manpages/gnutls_mac_get_name.3, doc/manpages/gnutls_mac_list.3,
	doc/manpages/gnutls_mac_set_priority.3,
	doc/manpages/gnutls_openpgp_crt_check_hostname.3,
	doc/manpages/gnutls_openpgp_crt_deinit.3,
	doc/manpages/gnutls_openpgp_crt_export.3,
	doc/manpages/gnutls_openpgp_crt_get_auth_subkey.3,
	doc/manpages/gnutls_openpgp_crt_get_creation_time.3,
	doc/manpages/gnutls_openpgp_crt_get_expiration_time.3,
	doc/manpages/gnutls_openpgp_crt_get_fingerprint.3,
	doc/manpages/gnutls_openpgp_crt_get_key_id.3,
	doc/manpages/gnutls_openpgp_crt_get_key_usage.3,
	doc/manpages/gnutls_openpgp_crt_get_name.3,
	doc/manpages/gnutls_openpgp_crt_get_pk_algorithm.3,
	doc/manpages/gnutls_openpgp_crt_get_pk_dsa_raw.3,
	doc/manpages/gnutls_openpgp_crt_get_pk_rsa_raw.3,
	doc/manpages/gnutls_openpgp_crt_get_preferred_key_id.3,
	doc/manpages/gnutls_openpgp_crt_get_revoked_status.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_count.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_creation_time.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_expiration_time.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_fingerprint.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_id.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_idx.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_pk_algorithm.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_pk_dsa_raw.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_pk_rsa_raw.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_revoked_status.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_usage.3,
	doc/manpages/gnutls_openpgp_crt_get_version.3,
	doc/manpages/gnutls_openpgp_crt_import.3,
	doc/manpages/gnutls_openpgp_crt_init.3,
	doc/manpages/gnutls_openpgp_crt_print.3,
	doc/manpages/gnutls_openpgp_crt_set_preferred_key_id.3,
	doc/manpages/gnutls_openpgp_crt_verify_ring.3,
	doc/manpages/gnutls_openpgp_crt_verify_self.3,
	doc/manpages/gnutls_openpgp_keyring_check_id.3,
	doc/manpages/gnutls_openpgp_keyring_deinit.3,
	doc/manpages/gnutls_openpgp_keyring_get_crt.3,
	doc/manpages/gnutls_openpgp_keyring_get_crt_count.3,
	doc/manpages/gnutls_openpgp_keyring_import.3,
	doc/manpages/gnutls_openpgp_keyring_init.3,
	doc/manpages/gnutls_openpgp_privkey_deinit.3,
	doc/manpages/gnutls_openpgp_privkey_export.3,
	doc/manpages/gnutls_openpgp_privkey_export_dsa_raw.3,
	doc/manpages/gnutls_openpgp_privkey_export_rsa_raw.3,
	doc/manpages/gnutls_openpgp_privkey_export_subkey_dsa_raw.3,
	doc/manpages/gnutls_openpgp_privkey_export_subkey_rsa_raw.3,
	doc/manpages/gnutls_openpgp_privkey_get_fingerprint.3,
	doc/manpages/gnutls_openpgp_privkey_get_key_id.3,
	doc/manpages/gnutls_openpgp_privkey_get_pk_algorithm.3,
	doc/manpages/gnutls_openpgp_privkey_get_preferred_key_id.3,
	doc/manpages/gnutls_openpgp_privkey_get_revoked_status.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_count.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_creation_time.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_fingerprint.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_id.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_idx.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_pk_algorithm.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_revoked_status.3,
	doc/manpages/gnutls_openpgp_privkey_import.3,
	doc/manpages/gnutls_openpgp_privkey_init.3,
	doc/manpages/gnutls_openpgp_privkey_sec_param.3,
	doc/manpages/gnutls_openpgp_privkey_set_preferred_key_id.3,
	doc/manpages/gnutls_openpgp_privkey_sign_hash.3,
	doc/manpages/gnutls_openpgp_send_cert.3,
	doc/manpages/gnutls_openpgp_set_recv_key_function.3,
	doc/manpages/gnutls_pcert_deinit.3,
	doc/manpages/gnutls_pcert_import_openpgp.3,
	doc/manpages/gnutls_pcert_import_openpgp_raw.3,
	doc/manpages/gnutls_pcert_import_x509.3,
	doc/manpages/gnutls_pcert_import_x509_raw.3,
	doc/manpages/gnutls_pcert_list_import_x509_raw.3,
	doc/manpages/gnutls_pem_base64_decode.3,
	doc/manpages/gnutls_pem_base64_decode_alloc.3,
	doc/manpages/gnutls_pem_base64_encode.3,
	doc/manpages/gnutls_pem_base64_encode_alloc.3,
	doc/manpages/gnutls_perror.3,
	doc/manpages/gnutls_pk_algorithm_get_name.3,
	doc/manpages/gnutls_pk_bits_to_sec_param.3,
	doc/manpages/gnutls_pk_get_id.3, doc/manpages/gnutls_pk_get_name.3,
	doc/manpages/gnutls_pk_list.3,
	doc/manpages/gnutls_pkcs11_add_provider.3,
	doc/manpages/gnutls_pkcs11_copy_secret_key.3,
	doc/manpages/gnutls_pkcs11_copy_x509_crt.3,
	doc/manpages/gnutls_pkcs11_copy_x509_privkey.3,
	doc/manpages/gnutls_pkcs11_deinit.3,
	doc/manpages/gnutls_pkcs11_delete_url.3,
	doc/manpages/gnutls_pkcs11_init.3,
	doc/manpages/gnutls_pkcs11_obj_deinit.3,
	doc/manpages/gnutls_pkcs11_obj_export.3,
	doc/manpages/gnutls_pkcs11_obj_export_url.3,
	doc/manpages/gnutls_pkcs11_obj_get_info.3,
	doc/manpages/gnutls_pkcs11_obj_get_type.3,
	doc/manpages/gnutls_pkcs11_obj_import_url.3,
	doc/manpages/gnutls_pkcs11_obj_init.3,
	doc/manpages/gnutls_pkcs11_obj_list_import_url.3,
	doc/manpages/gnutls_pkcs11_privkey_deinit.3,
	doc/manpages/gnutls_pkcs11_privkey_export_url.3,
	doc/manpages/gnutls_pkcs11_privkey_generate.3,
	doc/manpages/gnutls_pkcs11_privkey_get_info.3,
	doc/manpages/gnutls_pkcs11_privkey_get_pk_algorithm.3,
	doc/manpages/gnutls_pkcs11_privkey_import_url.3,
	doc/manpages/gnutls_pkcs11_privkey_init.3,
	doc/manpages/gnutls_pkcs11_set_pin_function.3,
	doc/manpages/gnutls_pkcs11_set_token_function.3,
	doc/manpages/gnutls_pkcs11_token_get_flags.3,
	doc/manpages/gnutls_pkcs11_token_get_info.3,
	doc/manpages/gnutls_pkcs11_token_get_mechanism.3,
	doc/manpages/gnutls_pkcs11_token_get_url.3,
	doc/manpages/gnutls_pkcs11_token_init.3,
	doc/manpages/gnutls_pkcs11_token_set_pin.3,
	doc/manpages/gnutls_pkcs11_type_get_name.3,
	doc/manpages/gnutls_pkcs12_bag_decrypt.3,
	doc/manpages/gnutls_pkcs12_bag_deinit.3,
	doc/manpages/gnutls_pkcs12_bag_encrypt.3,
	doc/manpages/gnutls_pkcs12_bag_get_count.3,
	doc/manpages/gnutls_pkcs12_bag_get_data.3,
	doc/manpages/gnutls_pkcs12_bag_get_friendly_name.3,
	doc/manpages/gnutls_pkcs12_bag_get_key_id.3,
	doc/manpages/gnutls_pkcs12_bag_get_type.3,
	doc/manpages/gnutls_pkcs12_bag_init.3,
	doc/manpages/gnutls_pkcs12_bag_set_crl.3,
	doc/manpages/gnutls_pkcs12_bag_set_crt.3,
	doc/manpages/gnutls_pkcs12_bag_set_data.3,
	doc/manpages/gnutls_pkcs12_bag_set_friendly_name.3,
	doc/manpages/gnutls_pkcs12_bag_set_key_id.3,
	doc/manpages/gnutls_pkcs12_deinit.3,
	doc/manpages/gnutls_pkcs12_export.3,
	doc/manpages/gnutls_pkcs12_generate_mac.3,
	doc/manpages/gnutls_pkcs12_get_bag.3,
	doc/manpages/gnutls_pkcs12_import.3,
	doc/manpages/gnutls_pkcs12_init.3,
	doc/manpages/gnutls_pkcs12_set_bag.3,
	doc/manpages/gnutls_pkcs12_verify_mac.3,
	doc/manpages/gnutls_pkcs7_deinit.3,
	doc/manpages/gnutls_pkcs7_delete_crl.3,
	doc/manpages/gnutls_pkcs7_delete_crt.3,
	doc/manpages/gnutls_pkcs7_export.3,
	doc/manpages/gnutls_pkcs7_get_crl_count.3,
	doc/manpages/gnutls_pkcs7_get_crl_raw.3,
	doc/manpages/gnutls_pkcs7_get_crt_count.3,
	doc/manpages/gnutls_pkcs7_get_crt_raw.3,
	doc/manpages/gnutls_pkcs7_import.3,
	doc/manpages/gnutls_pkcs7_init.3,
	doc/manpages/gnutls_pkcs7_set_crl.3,
	doc/manpages/gnutls_pkcs7_set_crl_raw.3,
	doc/manpages/gnutls_pkcs7_set_crt.3,
	doc/manpages/gnutls_pkcs7_set_crt_raw.3, doc/manpages/gnutls_prf.3,
	doc/manpages/gnutls_prf_raw.3,
	doc/manpages/gnutls_priority_deinit.3,
	doc/manpages/gnutls_priority_init.3,
	doc/manpages/gnutls_priority_set.3,
	doc/manpages/gnutls_priority_set_direct.3,
	doc/manpages/gnutls_privkey_decrypt_data.3,
	doc/manpages/gnutls_privkey_deinit.3,
	doc/manpages/gnutls_privkey_get_pk_algorithm.3,
	doc/manpages/gnutls_privkey_get_type.3,
	doc/manpages/gnutls_privkey_import_ext.3,
	doc/manpages/gnutls_privkey_import_openpgp.3,
	doc/manpages/gnutls_privkey_import_pkcs11.3,
	doc/manpages/gnutls_privkey_import_x509.3,
	doc/manpages/gnutls_privkey_init.3,
	doc/manpages/gnutls_privkey_sign_data.3,
	doc/manpages/gnutls_privkey_sign_hash.3,
	doc/manpages/gnutls_protocol_get_id.3,
	doc/manpages/gnutls_protocol_get_name.3,
	doc/manpages/gnutls_protocol_get_version.3,
	doc/manpages/gnutls_protocol_list.3,
	doc/manpages/gnutls_protocol_set_priority.3,
	doc/manpages/gnutls_psk_allocate_client_credentials.3,
	doc/manpages/gnutls_psk_allocate_server_credentials.3,
	doc/manpages/gnutls_psk_client_get_hint.3,
	doc/manpages/gnutls_psk_free_client_credentials.3,
	doc/manpages/gnutls_psk_free_server_credentials.3,
	doc/manpages/gnutls_psk_server_get_username.3,
	doc/manpages/gnutls_psk_set_client_credentials.3,
	doc/manpages/gnutls_psk_set_params_function.3,
	doc/manpages/gnutls_psk_set_server_credentials_file.3,
	doc/manpages/gnutls_psk_set_server_credentials_hint.3,
	doc/manpages/gnutls_psk_set_server_dh_params.3,
	doc/manpages/gnutls_psk_set_server_params_function.3,
	doc/manpages/gnutls_pubkey_deinit.3,
	doc/manpages/gnutls_pubkey_export.3,
	doc/manpages/gnutls_pubkey_get_key_id.3,
	doc/manpages/gnutls_pubkey_get_key_usage.3,
	doc/manpages/gnutls_pubkey_get_openpgp_key_id.3,
	doc/manpages/gnutls_pubkey_get_pk_algorithm.3,
	doc/manpages/gnutls_pubkey_get_pk_dsa_raw.3,
	doc/manpages/gnutls_pubkey_get_pk_ecc_raw.3,
	doc/manpages/gnutls_pubkey_get_pk_ecc_x962.3,
	doc/manpages/gnutls_pubkey_get_pk_rsa_raw.3,
	doc/manpages/gnutls_pubkey_get_preferred_hash_algorithm.3,
	doc/manpages/gnutls_pubkey_get_verify_algorithm.3,
	doc/manpages/gnutls_pubkey_import.3,
	doc/manpages/gnutls_pubkey_import_dsa_raw.3,
	doc/manpages/gnutls_pubkey_import_ecc_raw.3,
	doc/manpages/gnutls_pubkey_import_ecc_x962.3,
	doc/manpages/gnutls_pubkey_import_openpgp.3,
	doc/manpages/gnutls_pubkey_import_pkcs11.3,
	doc/manpages/gnutls_pubkey_import_pkcs11_url.3,
	doc/manpages/gnutls_pubkey_import_privkey.3,
	doc/manpages/gnutls_pubkey_import_rsa_raw.3,
	doc/manpages/gnutls_pubkey_import_x509.3,
	doc/manpages/gnutls_pubkey_init.3,
	doc/manpages/gnutls_pubkey_set_key_usage.3,
	doc/manpages/gnutls_pubkey_verify_data.3,
	doc/manpages/gnutls_pubkey_verify_data2.3,
	doc/manpages/gnutls_pubkey_verify_hash.3,
	doc/manpages/gnutls_record_check_pending.3,
	doc/manpages/gnutls_record_disable_padding.3,
	doc/manpages/gnutls_record_get_direction.3,
	doc/manpages/gnutls_record_get_discarded.3,
	doc/manpages/gnutls_record_get_max_size.3,
	doc/manpages/gnutls_record_recv.3,
	doc/manpages/gnutls_record_recv_seq.3,
	doc/manpages/gnutls_record_send.3,
	doc/manpages/gnutls_record_set_max_size.3,
	doc/manpages/gnutls_rehandshake.3, doc/manpages/gnutls_rnd.3,
	doc/manpages/gnutls_rsa_export_get_modulus_bits.3,
	doc/manpages/gnutls_rsa_export_get_pubkey.3,
	doc/manpages/gnutls_rsa_params_cpy.3,
	doc/manpages/gnutls_rsa_params_deinit.3,
	doc/manpages/gnutls_rsa_params_export_pkcs1.3,
	doc/manpages/gnutls_rsa_params_export_raw.3,
	doc/manpages/gnutls_rsa_params_generate2.3,
	doc/manpages/gnutls_rsa_params_import_pkcs1.3,
	doc/manpages/gnutls_rsa_params_import_raw.3,
	doc/manpages/gnutls_rsa_params_init.3,
	doc/manpages/gnutls_safe_renegotiation_status.3,
	doc/manpages/gnutls_sec_param_get_name.3,
	doc/manpages/gnutls_sec_param_to_pk_bits.3,
	doc/manpages/gnutls_server_name_get.3,
	doc/manpages/gnutls_server_name_set.3,
	doc/manpages/gnutls_session_channel_binding.3,
	doc/manpages/gnutls_session_enable_compatibility_mode.3,
	doc/manpages/gnutls_session_get_data.3,
	doc/manpages/gnutls_session_get_data2.3,
	doc/manpages/gnutls_session_get_id.3,
	doc/manpages/gnutls_session_get_ptr.3,
	doc/manpages/gnutls_session_is_resumed.3,
	doc/manpages/gnutls_session_set_data.3,
	doc/manpages/gnutls_session_set_ptr.3,
	doc/manpages/gnutls_session_ticket_enable_client.3,
	doc/manpages/gnutls_session_ticket_enable_server.3,
	doc/manpages/gnutls_session_ticket_key_generate.3,
	doc/manpages/gnutls_set_default_export_priority.3,
	doc/manpages/gnutls_set_default_priority.3,
	doc/manpages/gnutls_sign_algorithm_get_requested.3,
	doc/manpages/gnutls_sign_callback_get.3,
	doc/manpages/gnutls_sign_callback_set.3,
	doc/manpages/gnutls_sign_get_id.3,
	doc/manpages/gnutls_sign_get_name.3,
	doc/manpages/gnutls_sign_list.3,
	doc/manpages/gnutls_srp_allocate_client_credentials.3,
	doc/manpages/gnutls_srp_allocate_server_credentials.3,
	doc/manpages/gnutls_srp_base64_decode.3,
	doc/manpages/gnutls_srp_base64_decode_alloc.3,
	doc/manpages/gnutls_srp_base64_encode.3,
	doc/manpages/gnutls_srp_base64_encode_alloc.3,
	doc/manpages/gnutls_srp_free_client_credentials.3,
	doc/manpages/gnutls_srp_free_server_credentials.3,
	doc/manpages/gnutls_srp_server_get_username.3,
	doc/manpages/gnutls_srp_set_client_credentials.3,
	doc/manpages/gnutls_srp_set_prime_bits.3,
	doc/manpages/gnutls_srp_set_server_credentials_file.3,
	doc/manpages/gnutls_srp_verifier.3, doc/manpages/gnutls_strerror.3,
	doc/manpages/gnutls_strerror_name.3,
	doc/manpages/gnutls_supplemental_get_name.3,
	doc/manpages/gnutls_transport_get_ptr.3,
	doc/manpages/gnutls_transport_get_ptr2.3,
	doc/manpages/gnutls_transport_set_errno.3,
	doc/manpages/gnutls_transport_set_errno_function.3,
	doc/manpages/gnutls_transport_set_ptr.3,
	doc/manpages/gnutls_transport_set_ptr2.3,
	doc/manpages/gnutls_transport_set_pull_function.3,
	doc/manpages/gnutls_transport_set_pull_timeout_function.3,
	doc/manpages/gnutls_transport_set_push_function.3,
	doc/manpages/gnutls_transport_set_vec_push_function.3,
	doc/manpages/gnutls_x509_crl_check_issuer.3,
	doc/manpages/gnutls_x509_crl_deinit.3,
	doc/manpages/gnutls_x509_crl_export.3,
	doc/manpages/gnutls_x509_crl_get_authority_key_id.3,
	doc/manpages/gnutls_x509_crl_get_crt_count.3,
	doc/manpages/gnutls_x509_crl_get_crt_serial.3,
	doc/manpages/gnutls_x509_crl_get_dn_oid.3,
	doc/manpages/gnutls_x509_crl_get_extension_data.3,
	doc/manpages/gnutls_x509_crl_get_extension_info.3,
	doc/manpages/gnutls_x509_crl_get_extension_oid.3,
	doc/manpages/gnutls_x509_crl_get_issuer_dn.3,
	doc/manpages/gnutls_x509_crl_get_issuer_dn_by_oid.3,
	doc/manpages/gnutls_x509_crl_get_next_update.3,
	doc/manpages/gnutls_x509_crl_get_number.3,
	doc/manpages/gnutls_x509_crl_get_raw_issuer_dn.3,
	doc/manpages/gnutls_x509_crl_get_signature.3,
	doc/manpages/gnutls_x509_crl_get_signature_algorithm.3,
	doc/manpages/gnutls_x509_crl_get_this_update.3,
	doc/manpages/gnutls_x509_crl_get_version.3,
	doc/manpages/gnutls_x509_crl_import.3,
	doc/manpages/gnutls_x509_crl_init.3,
	doc/manpages/gnutls_x509_crl_list_import.3,
	doc/manpages/gnutls_x509_crl_list_import2.3,
	doc/manpages/gnutls_x509_crl_print.3,
	doc/manpages/gnutls_x509_crl_privkey_sign.3,
	doc/manpages/gnutls_x509_crl_set_authority_key_id.3,
	doc/manpages/gnutls_x509_crl_set_crt.3,
	doc/manpages/gnutls_x509_crl_set_crt_serial.3,
	doc/manpages/gnutls_x509_crl_set_next_update.3,
	doc/manpages/gnutls_x509_crl_set_number.3,
	doc/manpages/gnutls_x509_crl_set_this_update.3,
	doc/manpages/gnutls_x509_crl_set_version.3,
	doc/manpages/gnutls_x509_crl_sign.3,
	doc/manpages/gnutls_x509_crl_sign2.3,
	doc/manpages/gnutls_x509_crl_verify.3,
	doc/manpages/gnutls_x509_crq_deinit.3,
	doc/manpages/gnutls_x509_crq_export.3,
	doc/manpages/gnutls_x509_crq_get_attribute_by_oid.3,
	doc/manpages/gnutls_x509_crq_get_attribute_data.3,
	doc/manpages/gnutls_x509_crq_get_attribute_info.3,
	doc/manpages/gnutls_x509_crq_get_basic_constraints.3,
	doc/manpages/gnutls_x509_crq_get_challenge_password.3,
	doc/manpages/gnutls_x509_crq_get_dn.3,
	doc/manpages/gnutls_x509_crq_get_dn_by_oid.3,
	doc/manpages/gnutls_x509_crq_get_dn_oid.3,
	doc/manpages/gnutls_x509_crq_get_extension_by_oid.3,
	doc/manpages/gnutls_x509_crq_get_extension_data.3,
	doc/manpages/gnutls_x509_crq_get_extension_info.3,
	doc/manpages/gnutls_x509_crq_get_key_id.3,
	doc/manpages/gnutls_x509_crq_get_key_purpose_oid.3,
	doc/manpages/gnutls_x509_crq_get_key_rsa_raw.3,
	doc/manpages/gnutls_x509_crq_get_key_usage.3,
	doc/manpages/gnutls_x509_crq_get_pk_algorithm.3,
	doc/manpages/gnutls_x509_crq_get_subject_alt_name.3,
	doc/manpages/gnutls_x509_crq_get_subject_alt_othername_oid.3,
	doc/manpages/gnutls_x509_crq_get_version.3,
	doc/manpages/gnutls_x509_crq_import.3,
	doc/manpages/gnutls_x509_crq_init.3,
	doc/manpages/gnutls_x509_crq_print.3,
	doc/manpages/gnutls_x509_crq_privkey_sign.3,
	doc/manpages/gnutls_x509_crq_set_attribute_by_oid.3,
	doc/manpages/gnutls_x509_crq_set_basic_constraints.3,
	doc/manpages/gnutls_x509_crq_set_challenge_password.3,
	doc/manpages/gnutls_x509_crq_set_dn_by_oid.3,
	doc/manpages/gnutls_x509_crq_set_key.3,
	doc/manpages/gnutls_x509_crq_set_key_purpose_oid.3,
	doc/manpages/gnutls_x509_crq_set_key_rsa_raw.3,
	doc/manpages/gnutls_x509_crq_set_key_usage.3,
	doc/manpages/gnutls_x509_crq_set_pubkey.3,
	doc/manpages/gnutls_x509_crq_set_subject_alt_name.3,
	doc/manpages/gnutls_x509_crq_set_version.3,
	doc/manpages/gnutls_x509_crq_sign.3,
	doc/manpages/gnutls_x509_crq_sign2.3,
	doc/manpages/gnutls_x509_crq_verify.3,
	doc/manpages/gnutls_x509_crt_check_hostname.3,
	doc/manpages/gnutls_x509_crt_check_issuer.3,
	doc/manpages/gnutls_x509_crt_check_revocation.3,
	doc/manpages/gnutls_x509_crt_cpy_crl_dist_points.3,
	doc/manpages/gnutls_x509_crt_deinit.3,
	doc/manpages/gnutls_x509_crt_export.3,
	doc/manpages/gnutls_x509_crt_get_activation_time.3,
	doc/manpages/gnutls_x509_crt_get_authority_info_access.3,
	doc/manpages/gnutls_x509_crt_get_authority_key_id.3,
	doc/manpages/gnutls_x509_crt_get_basic_constraints.3,
	doc/manpages/gnutls_x509_crt_get_ca_status.3,
	doc/manpages/gnutls_x509_crt_get_crl_dist_points.3,
	doc/manpages/gnutls_x509_crt_get_dn.3,
	doc/manpages/gnutls_x509_crt_get_dn_by_oid.3,
	doc/manpages/gnutls_x509_crt_get_dn_oid.3,
	doc/manpages/gnutls_x509_crt_get_expiration_time.3,
	doc/manpages/gnutls_x509_crt_get_extension_by_oid.3,
	doc/manpages/gnutls_x509_crt_get_extension_data.3,
	doc/manpages/gnutls_x509_crt_get_extension_info.3,
	doc/manpages/gnutls_x509_crt_get_extension_oid.3,
	doc/manpages/gnutls_x509_crt_get_fingerprint.3,
	doc/manpages/gnutls_x509_crt_get_issuer.3,
	doc/manpages/gnutls_x509_crt_get_issuer_alt_name.3,
	doc/manpages/gnutls_x509_crt_get_issuer_alt_name2.3,
	doc/manpages/gnutls_x509_crt_get_issuer_alt_othername_oid.3,
	doc/manpages/gnutls_x509_crt_get_issuer_dn.3,
	doc/manpages/gnutls_x509_crt_get_issuer_dn_by_oid.3,
	doc/manpages/gnutls_x509_crt_get_issuer_dn_oid.3,
	doc/manpages/gnutls_x509_crt_get_issuer_unique_id.3,
	doc/manpages/gnutls_x509_crt_get_key_id.3,
	doc/manpages/gnutls_x509_crt_get_key_purpose_oid.3,
	doc/manpages/gnutls_x509_crt_get_key_usage.3,
	doc/manpages/gnutls_x509_crt_get_pk_algorithm.3,
	doc/manpages/gnutls_x509_crt_get_pk_dsa_raw.3,
	doc/manpages/gnutls_x509_crt_get_pk_rsa_raw.3,
	doc/manpages/gnutls_x509_crt_get_preferred_hash_algorithm.3,
	doc/manpages/gnutls_x509_crt_get_proxy.3,
	doc/manpages/gnutls_x509_crt_get_raw_dn.3,
	doc/manpages/gnutls_x509_crt_get_raw_issuer_dn.3,
	doc/manpages/gnutls_x509_crt_get_serial.3,
	doc/manpages/gnutls_x509_crt_get_signature.3,
	doc/manpages/gnutls_x509_crt_get_signature_algorithm.3,
	doc/manpages/gnutls_x509_crt_get_subject.3,
	doc/manpages/gnutls_x509_crt_get_subject_alt_name.3,
	doc/manpages/gnutls_x509_crt_get_subject_alt_name2.3,
	doc/manpages/gnutls_x509_crt_get_subject_alt_othername_oid.3,
	doc/manpages/gnutls_x509_crt_get_subject_key_id.3,
	doc/manpages/gnutls_x509_crt_get_subject_unique_id.3,
	doc/manpages/gnutls_x509_crt_get_verify_algorithm.3,
	doc/manpages/gnutls_x509_crt_get_version.3,
	doc/manpages/gnutls_x509_crt_import.3,
	doc/manpages/gnutls_x509_crt_import_pkcs11.3,
	doc/manpages/gnutls_x509_crt_import_pkcs11_url.3,
	doc/manpages/gnutls_x509_crt_init.3,
	doc/manpages/gnutls_x509_crt_list_import.3,
	doc/manpages/gnutls_x509_crt_list_import2.3,
	doc/manpages/gnutls_x509_crt_list_import_pkcs11.3,
	doc/manpages/gnutls_x509_crt_list_verify.3,
	doc/manpages/gnutls_x509_crt_print.3,
	doc/manpages/gnutls_x509_crt_privkey_sign.3,
	doc/manpages/gnutls_x509_crt_set_activation_time.3,
	doc/manpages/gnutls_x509_crt_set_authority_key_id.3,
	doc/manpages/gnutls_x509_crt_set_basic_constraints.3,
	doc/manpages/gnutls_x509_crt_set_ca_status.3,
	doc/manpages/gnutls_x509_crt_set_crl_dist_points.3,
	doc/manpages/gnutls_x509_crt_set_crl_dist_points2.3,
	doc/manpages/gnutls_x509_crt_set_crq.3,
	doc/manpages/gnutls_x509_crt_set_crq_extensions.3,
	doc/manpages/gnutls_x509_crt_set_dn_by_oid.3,
	doc/manpages/gnutls_x509_crt_set_expiration_time.3,
	doc/manpages/gnutls_x509_crt_set_extension_by_oid.3,
	doc/manpages/gnutls_x509_crt_set_issuer_dn_by_oid.3,
	doc/manpages/gnutls_x509_crt_set_key.3,
	doc/manpages/gnutls_x509_crt_set_key_purpose_oid.3,
	doc/manpages/gnutls_x509_crt_set_key_usage.3,
	doc/manpages/gnutls_x509_crt_set_proxy.3,
	doc/manpages/gnutls_x509_crt_set_proxy_dn.3,
	doc/manpages/gnutls_x509_crt_set_pubkey.3,
	doc/manpages/gnutls_x509_crt_set_serial.3,
	doc/manpages/gnutls_x509_crt_set_subject_alt_name.3,
	doc/manpages/gnutls_x509_crt_set_subject_alternative_name.3,
	doc/manpages/gnutls_x509_crt_set_subject_key_id.3,
	doc/manpages/gnutls_x509_crt_set_version.3,
	doc/manpages/gnutls_x509_crt_sign.3,
	doc/manpages/gnutls_x509_crt_sign2.3,
	doc/manpages/gnutls_x509_crt_verify.3,
	doc/manpages/gnutls_x509_crt_verify_data.3,
	doc/manpages/gnutls_x509_crt_verify_hash.3,
	doc/manpages/gnutls_x509_dn_deinit.3,
	doc/manpages/gnutls_x509_dn_export.3,
	doc/manpages/gnutls_x509_dn_get_rdn_ava.3,
	doc/manpages/gnutls_x509_dn_import.3,
	doc/manpages/gnutls_x509_dn_init.3,
	doc/manpages/gnutls_x509_dn_oid_known.3,
	doc/manpages/gnutls_x509_privkey_cpy.3,
	doc/manpages/gnutls_x509_privkey_deinit.3,
	doc/manpages/gnutls_x509_privkey_export.3,
	doc/manpages/gnutls_x509_privkey_export_dsa_raw.3,
	doc/manpages/gnutls_x509_privkey_export_ecc_raw.3,
	doc/manpages/gnutls_x509_privkey_export_pkcs8.3,
	doc/manpages/gnutls_x509_privkey_export_rsa_raw.3,
	doc/manpages/gnutls_x509_privkey_export_rsa_raw2.3,
	doc/manpages/gnutls_x509_privkey_fix.3,
	doc/manpages/gnutls_x509_privkey_generate.3,
	doc/manpages/gnutls_x509_privkey_get_key_id.3,
	doc/manpages/gnutls_x509_privkey_get_pk_algorithm.3,
	doc/manpages/gnutls_x509_privkey_import.3,
	doc/manpages/gnutls_x509_privkey_import_dsa_raw.3,
	doc/manpages/gnutls_x509_privkey_import_ecc_raw.3,
	doc/manpages/gnutls_x509_privkey_import_pkcs8.3,
	doc/manpages/gnutls_x509_privkey_import_rsa_raw.3,
	doc/manpages/gnutls_x509_privkey_import_rsa_raw2.3,
	doc/manpages/gnutls_x509_privkey_init.3,
	doc/manpages/gnutls_x509_privkey_sec_param.3,
	doc/manpages/gnutls_x509_privkey_sign_data.3,
	doc/manpages/gnutls_x509_privkey_sign_hash.3,
	doc/manpages/gnutls_x509_privkey_verify_params.3,
	doc/manpages/gnutls_x509_rdn_get.3,
	doc/manpages/gnutls_x509_rdn_get_by_oid.3,
	doc/manpages/gnutls_x509_rdn_get_oid.3,
	doc/manpages/gnutls_x509_trust_list_add_cas.3,
	doc/manpages/gnutls_x509_trust_list_add_crls.3,
	doc/manpages/gnutls_x509_trust_list_add_named_crt.3,
	doc/manpages/gnutls_x509_trust_list_deinit.3,
	doc/manpages/gnutls_x509_trust_list_get_issuer.3,
	doc/manpages/gnutls_x509_trust_list_init.3,
	doc/manpages/gnutls_x509_trust_list_verify_crt.3,
	doc/manpages/gnutls_x509_trust_list_verify_named_crt.3: manpages
	don't need to be in the repository.

2011-12-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/cipher-test.c, tests/slow/Makefile.am,
	tests/slow/cipher-test.c: cipher-test is now run without valgrind

2011-11-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_errors.h: removed superfluous check.

2011-11-29  Simon Josefsson <simon@josefsson.org>

	* cfg.mk, tests/suite/chain: Fix syntax-check nits.

2011-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi, doc/cha-intro-tls.texi,
	doc/scripts/mytexi2latex: documentation updates.

2011-11-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/gnutls.texi: use emph instead of cite since cite produces bad
	output in texi2html.

2011-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, doc/scripts/mytexi2latex: updates in
	sectioning. Subheading was used instead of subsection in few cases.

2011-11-25  Ludovic Courtès <ludo@gnu.org>

	* guile/modules/system/documentation/output.scm: guile: Fix the
	(unused) `output-procedure-texi-documentation-from-c-file'.  Reported by Mike Gran <spk121@yahoo.com>.

2011-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk: copy images to html_node

2011-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi: added missing node

2011-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, doc/cha-gtls-app.texi,
	doc/cha-internals.texi, doc/cha-intro-tls.texi,
	doc/cha-library.texi, doc/cha-programs.texi, doc/scripts/gdoc,
	doc/scripts/mytexi2latex: updates in texi and tex documentation.

2011-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/opencdk/Makefile.am, lib/opencdk/dummy.c, lib/opencdk/main.h: 
	dropped unneeded function.

2011-11-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, doc/Makefile.am, doc/cha-functions.texi,
	doc/cha-gtls-app.texi, doc/gnutls.texi, doc/scripts/gdoc,
	lib/gnutls_state.c, lib/includes/gnutls/gnutls.h.in,
	lib/includes/gnutls/openpgp.h: Separated API reference to header
	files in the texi manual.

2011-11-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-examples.texi: removed text for tcp functions.

2011-11-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, cfg.mk, doc/manpages/Makefile.am,
	doc/manpages/gnutls_alert_get.3,
	doc/manpages/gnutls_alert_get_name.3,
	doc/manpages/gnutls_alert_get_strname.3,
	doc/manpages/gnutls_alert_send.3,
	doc/manpages/gnutls_alert_send_appropriate.3,
	doc/manpages/gnutls_anon_allocate_client_credentials.3,
	doc/manpages/gnutls_anon_allocate_server_credentials.3,
	doc/manpages/gnutls_anon_free_client_credentials.3,
	doc/manpages/gnutls_anon_free_server_credentials.3,
	doc/manpages/gnutls_anon_set_params_function.3,
	doc/manpages/gnutls_anon_set_server_dh_params.3,
	doc/manpages/gnutls_anon_set_server_params_function.3,
	doc/manpages/gnutls_auth_client_get_type.3,
	doc/manpages/gnutls_auth_get_type.3,
	doc/manpages/gnutls_auth_server_get_type.3,
	doc/manpages/gnutls_bye.3,
	doc/manpages/gnutls_certificate_activation_time_peers.3,
	doc/manpages/gnutls_certificate_allocate_credentials.3,
	doc/manpages/gnutls_certificate_client_get_request_status.3,
	doc/manpages/gnutls_certificate_expiration_time_peers.3,
	doc/manpages/gnutls_certificate_free_ca_names.3,
	doc/manpages/gnutls_certificate_free_cas.3,
	doc/manpages/gnutls_certificate_free_credentials.3,
	doc/manpages/gnutls_certificate_free_crls.3,
	doc/manpages/gnutls_certificate_free_keys.3,
	doc/manpages/gnutls_certificate_get_issuer.3,
	doc/manpages/gnutls_certificate_get_openpgp_keyring.3,
	doc/manpages/gnutls_certificate_get_ours.3,
	doc/manpages/gnutls_certificate_get_peers.3,
	doc/manpages/gnutls_certificate_send_x509_rdn_sequence.3,
	doc/manpages/gnutls_certificate_server_set_request.3,
	doc/manpages/gnutls_certificate_set_dh_params.3,
	doc/manpages/gnutls_certificate_set_key.3,
	doc/manpages/gnutls_certificate_set_openpgp_key.3,
	doc/manpages/gnutls_certificate_set_openpgp_key_file.3,
	doc/manpages/gnutls_certificate_set_openpgp_key_file2.3,
	doc/manpages/gnutls_certificate_set_openpgp_key_mem.3,
	doc/manpages/gnutls_certificate_set_openpgp_key_mem2.3,
	doc/manpages/gnutls_certificate_set_params_function.3,
	doc/manpages/gnutls_certificate_set_rsa_export_params.3,
	doc/manpages/gnutls_certificate_set_verify_flags.3,
	doc/manpages/gnutls_certificate_set_verify_function.3,
	doc/manpages/gnutls_certificate_set_verify_limits.3,
	doc/manpages/gnutls_certificate_set_x509_crl.3,
	doc/manpages/gnutls_certificate_set_x509_crl_file.3,
	doc/manpages/gnutls_certificate_set_x509_crl_mem.3,
	doc/manpages/gnutls_certificate_set_x509_key.3,
	doc/manpages/gnutls_certificate_set_x509_key_file.3,
	doc/manpages/gnutls_certificate_set_x509_key_mem.3,
	doc/manpages/gnutls_certificate_set_x509_trust.3,
	doc/manpages/gnutls_certificate_set_x509_trust_file.3,
	doc/manpages/gnutls_certificate_set_x509_trust_mem.3,
	doc/manpages/gnutls_certificate_type_get.3,
	doc/manpages/gnutls_certificate_type_get_id.3,
	doc/manpages/gnutls_certificate_type_get_name.3,
	doc/manpages/gnutls_certificate_type_list.3,
	doc/manpages/gnutls_certificate_type_set_priority.3,
	doc/manpages/gnutls_certificate_verify_peers2.3,
	doc/manpages/gnutls_check_version.3,
	doc/manpages/gnutls_cipher_add_auth.3,
	doc/manpages/gnutls_cipher_decrypt.3,
	doc/manpages/gnutls_cipher_decrypt2.3,
	doc/manpages/gnutls_cipher_deinit.3,
	doc/manpages/gnutls_cipher_encrypt.3,
	doc/manpages/gnutls_cipher_encrypt2.3,
	doc/manpages/gnutls_cipher_get.3,
	doc/manpages/gnutls_cipher_get_block_size.3,
	doc/manpages/gnutls_cipher_get_id.3,
	doc/manpages/gnutls_cipher_get_key_size.3,
	doc/manpages/gnutls_cipher_get_name.3,
	doc/manpages/gnutls_cipher_init.3,
	doc/manpages/gnutls_cipher_list.3,
	doc/manpages/gnutls_cipher_set_iv.3,
	doc/manpages/gnutls_cipher_set_priority.3,
	doc/manpages/gnutls_cipher_suite_get_name.3,
	doc/manpages/gnutls_cipher_suite_info.3,
	doc/manpages/gnutls_cipher_tag.3,
	doc/manpages/gnutls_compression_get.3,
	doc/manpages/gnutls_compression_get_id.3,
	doc/manpages/gnutls_compression_get_name.3,
	doc/manpages/gnutls_compression_list.3,
	doc/manpages/gnutls_compression_set_priority.3,
	doc/manpages/gnutls_credentials_clear.3,
	doc/manpages/gnutls_credentials_set.3,
	doc/manpages/gnutls_db_check_entry.3,
	doc/manpages/gnutls_db_get_ptr.3,
	doc/manpages/gnutls_db_remove_session.3,
	doc/manpages/gnutls_db_set_cache_expiration.3,
	doc/manpages/gnutls_db_set_ptr.3,
	doc/manpages/gnutls_db_set_remove_function.3,
	doc/manpages/gnutls_db_set_retrieve_function.3,
	doc/manpages/gnutls_db_set_store_function.3,
	doc/manpages/gnutls_deinit.3, doc/manpages/gnutls_dh_get_group.3,
	doc/manpages/gnutls_dh_get_peers_public_bits.3,
	doc/manpages/gnutls_dh_get_prime_bits.3,
	doc/manpages/gnutls_dh_get_pubkey.3,
	doc/manpages/gnutls_dh_get_secret_bits.3,
	doc/manpages/gnutls_dh_params_cpy.3,
	doc/manpages/gnutls_dh_params_deinit.3,
	doc/manpages/gnutls_dh_params_export_pkcs3.3,
	doc/manpages/gnutls_dh_params_export_raw.3,
	doc/manpages/gnutls_dh_params_generate2.3,
	doc/manpages/gnutls_dh_params_import_pkcs3.3,
	doc/manpages/gnutls_dh_params_import_raw.3,
	doc/manpages/gnutls_dh_params_init.3,
	doc/manpages/gnutls_dh_set_prime_bits.3,
	doc/manpages/gnutls_dtls_cookie_send.3,
	doc/manpages/gnutls_dtls_cookie_verify.3,
	doc/manpages/gnutls_dtls_get_data_mtu.3,
	doc/manpages/gnutls_dtls_get_mtu.3,
	doc/manpages/gnutls_dtls_prestate_set.3,
	doc/manpages/gnutls_dtls_set_mtu.3,
	doc/manpages/gnutls_dtls_set_timeouts.3,
	doc/manpages/gnutls_ecc_curve_get.3,
	doc/manpages/gnutls_ecc_curve_get_name.3,
	doc/manpages/gnutls_ecc_curve_get_size.3,
	doc/manpages/gnutls_error_is_fatal.3,
	doc/manpages/gnutls_error_to_alert.3,
	doc/manpages/gnutls_fingerprint.3,
	doc/manpages/gnutls_global_deinit.3,
	doc/manpages/gnutls_global_init.3,
	doc/manpages/gnutls_global_set_audit_log_function.3,
	doc/manpages/gnutls_global_set_log_function.3,
	doc/manpages/gnutls_global_set_log_level.3,
	doc/manpages/gnutls_global_set_mem_functions.3,
	doc/manpages/gnutls_global_set_mutex.3,
	doc/manpages/gnutls_global_set_time_function.3,
	doc/manpages/gnutls_handshake.3,
	doc/manpages/gnutls_handshake_get_last_in.3,
	doc/manpages/gnutls_handshake_get_last_out.3,
	doc/manpages/gnutls_handshake_set_max_packet_length.3,
	doc/manpages/gnutls_handshake_set_post_client_hello_function.3,
	doc/manpages/gnutls_handshake_set_private_extensions.3,
	doc/manpages/gnutls_hash.3, doc/manpages/gnutls_hash_deinit.3,
	doc/manpages/gnutls_hash_fast.3,
	doc/manpages/gnutls_hash_get_len.3,
	doc/manpages/gnutls_hash_init.3, doc/manpages/gnutls_hash_output.3,
	doc/manpages/gnutls_hex2bin.3, doc/manpages/gnutls_hex_decode.3,
	doc/manpages/gnutls_hex_encode.3, doc/manpages/gnutls_hmac.3,
	doc/manpages/gnutls_hmac_deinit.3, doc/manpages/gnutls_hmac_fast.3,
	doc/manpages/gnutls_hmac_get_len.3,
	doc/manpages/gnutls_hmac_init.3, doc/manpages/gnutls_hmac_output.3,
	doc/manpages/gnutls_init.3, doc/manpages/gnutls_key_generate.3,
	doc/manpages/gnutls_kx_get.3, doc/manpages/gnutls_kx_get_id.3,
	doc/manpages/gnutls_kx_get_name.3, doc/manpages/gnutls_kx_list.3,
	doc/manpages/gnutls_kx_set_priority.3,
	doc/manpages/gnutls_mac_get.3, doc/manpages/gnutls_mac_get_id.3,
	doc/manpages/gnutls_mac_get_key_size.3,
	doc/manpages/gnutls_mac_get_name.3, doc/manpages/gnutls_mac_list.3,
	doc/manpages/gnutls_mac_set_priority.3,
	doc/manpages/gnutls_openpgp_crt_check_hostname.3,
	doc/manpages/gnutls_openpgp_crt_deinit.3,
	doc/manpages/gnutls_openpgp_crt_export.3,
	doc/manpages/gnutls_openpgp_crt_get_auth_subkey.3,
	doc/manpages/gnutls_openpgp_crt_get_creation_time.3,
	doc/manpages/gnutls_openpgp_crt_get_expiration_time.3,
	doc/manpages/gnutls_openpgp_crt_get_fingerprint.3,
	doc/manpages/gnutls_openpgp_crt_get_key_id.3,
	doc/manpages/gnutls_openpgp_crt_get_key_usage.3,
	doc/manpages/gnutls_openpgp_crt_get_name.3,
	doc/manpages/gnutls_openpgp_crt_get_pk_algorithm.3,
	doc/manpages/gnutls_openpgp_crt_get_pk_dsa_raw.3,
	doc/manpages/gnutls_openpgp_crt_get_pk_rsa_raw.3,
	doc/manpages/gnutls_openpgp_crt_get_preferred_key_id.3,
	doc/manpages/gnutls_openpgp_crt_get_revoked_status.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_count.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_creation_time.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_expiration_time.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_fingerprint.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_id.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_idx.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_pk_algorithm.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_pk_dsa_raw.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_pk_rsa_raw.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_revoked_status.3,
	doc/manpages/gnutls_openpgp_crt_get_subkey_usage.3,
	doc/manpages/gnutls_openpgp_crt_get_version.3,
	doc/manpages/gnutls_openpgp_crt_import.3,
	doc/manpages/gnutls_openpgp_crt_init.3,
	doc/manpages/gnutls_openpgp_crt_print.3,
	doc/manpages/gnutls_openpgp_crt_set_preferred_key_id.3,
	doc/manpages/gnutls_openpgp_crt_verify_ring.3,
	doc/manpages/gnutls_openpgp_crt_verify_self.3,
	doc/manpages/gnutls_openpgp_keyring_check_id.3,
	doc/manpages/gnutls_openpgp_keyring_deinit.3,
	doc/manpages/gnutls_openpgp_keyring_get_crt.3,
	doc/manpages/gnutls_openpgp_keyring_get_crt_count.3,
	doc/manpages/gnutls_openpgp_keyring_import.3,
	doc/manpages/gnutls_openpgp_keyring_init.3,
	doc/manpages/gnutls_openpgp_privkey_deinit.3,
	doc/manpages/gnutls_openpgp_privkey_export.3,
	doc/manpages/gnutls_openpgp_privkey_export_dsa_raw.3,
	doc/manpages/gnutls_openpgp_privkey_export_rsa_raw.3,
	doc/manpages/gnutls_openpgp_privkey_export_subkey_dsa_raw.3,
	doc/manpages/gnutls_openpgp_privkey_export_subkey_rsa_raw.3,
	doc/manpages/gnutls_openpgp_privkey_get_fingerprint.3,
	doc/manpages/gnutls_openpgp_privkey_get_key_id.3,
	doc/manpages/gnutls_openpgp_privkey_get_pk_algorithm.3,
	doc/manpages/gnutls_openpgp_privkey_get_preferred_key_id.3,
	doc/manpages/gnutls_openpgp_privkey_get_revoked_status.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_count.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_creation_time.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_fingerprint.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_id.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_idx.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_pk_algorithm.3,
	doc/manpages/gnutls_openpgp_privkey_get_subkey_revoked_status.3,
	doc/manpages/gnutls_openpgp_privkey_import.3,
	doc/manpages/gnutls_openpgp_privkey_init.3,
	doc/manpages/gnutls_openpgp_privkey_sec_param.3,
	doc/manpages/gnutls_openpgp_privkey_set_preferred_key_id.3,
	doc/manpages/gnutls_openpgp_privkey_sign_hash.3,
	doc/manpages/gnutls_openpgp_send_cert.3,
	doc/manpages/gnutls_openpgp_set_recv_key_function.3,
	doc/manpages/gnutls_pcert_deinit.3,
	doc/manpages/gnutls_pcert_import_openpgp.3,
	doc/manpages/gnutls_pcert_import_openpgp_raw.3,
	doc/manpages/gnutls_pcert_import_x509.3,
	doc/manpages/gnutls_pcert_import_x509_raw.3,
	doc/manpages/gnutls_pcert_list_import_x509_raw.3,
	doc/manpages/gnutls_pem_base64_decode.3,
	doc/manpages/gnutls_pem_base64_decode_alloc.3,
	doc/manpages/gnutls_pem_base64_encode.3,
	doc/manpages/gnutls_pem_base64_encode_alloc.3,
	doc/manpages/gnutls_perror.3,
	doc/manpages/gnutls_pk_algorithm_get_name.3,
	doc/manpages/gnutls_pk_bits_to_sec_param.3,
	doc/manpages/gnutls_pk_get_id.3, doc/manpages/gnutls_pk_get_name.3,
	doc/manpages/gnutls_pk_list.3,
	doc/manpages/gnutls_pkcs11_add_provider.3,
	doc/manpages/gnutls_pkcs11_copy_secret_key.3,
	doc/manpages/gnutls_pkcs11_copy_x509_crt.3,
	doc/manpages/gnutls_pkcs11_copy_x509_privkey.3,
	doc/manpages/gnutls_pkcs11_deinit.3,
	doc/manpages/gnutls_pkcs11_delete_url.3,
	doc/manpages/gnutls_pkcs11_init.3,
	doc/manpages/gnutls_pkcs11_obj_deinit.3,
	doc/manpages/gnutls_pkcs11_obj_export.3,
	doc/manpages/gnutls_pkcs11_obj_export_url.3,
	doc/manpages/gnutls_pkcs11_obj_get_info.3,
	doc/manpages/gnutls_pkcs11_obj_get_type.3,
	doc/manpages/gnutls_pkcs11_obj_import_url.3,
	doc/manpages/gnutls_pkcs11_obj_init.3,
	doc/manpages/gnutls_pkcs11_obj_list_import_url.3,
	doc/manpages/gnutls_pkcs11_privkey_deinit.3,
	doc/manpages/gnutls_pkcs11_privkey_export_url.3,
	doc/manpages/gnutls_pkcs11_privkey_generate.3,
	doc/manpages/gnutls_pkcs11_privkey_get_info.3,
	doc/manpages/gnutls_pkcs11_privkey_get_pk_algorithm.3,
	doc/manpages/gnutls_pkcs11_privkey_import_url.3,
	doc/manpages/gnutls_pkcs11_privkey_init.3,
	doc/manpages/gnutls_pkcs11_set_pin_function.3,
	doc/manpages/gnutls_pkcs11_set_token_function.3,
	doc/manpages/gnutls_pkcs11_token_get_flags.3,
	doc/manpages/gnutls_pkcs11_token_get_info.3,
	doc/manpages/gnutls_pkcs11_token_get_mechanism.3,
	doc/manpages/gnutls_pkcs11_token_get_url.3,
	doc/manpages/gnutls_pkcs11_token_init.3,
	doc/manpages/gnutls_pkcs11_token_set_pin.3,
	doc/manpages/gnutls_pkcs11_type_get_name.3,
	doc/manpages/gnutls_pkcs12_bag_decrypt.3,
	doc/manpages/gnutls_pkcs12_bag_deinit.3,
	doc/manpages/gnutls_pkcs12_bag_encrypt.3,
	doc/manpages/gnutls_pkcs12_bag_get_count.3,
	doc/manpages/gnutls_pkcs12_bag_get_data.3,
	doc/manpages/gnutls_pkcs12_bag_get_friendly_name.3,
	doc/manpages/gnutls_pkcs12_bag_get_key_id.3,
	doc/manpages/gnutls_pkcs12_bag_get_type.3,
	doc/manpages/gnutls_pkcs12_bag_init.3,
	doc/manpages/gnutls_pkcs12_bag_set_crl.3,
	doc/manpages/gnutls_pkcs12_bag_set_crt.3,
	doc/manpages/gnutls_pkcs12_bag_set_data.3,
	doc/manpages/gnutls_pkcs12_bag_set_friendly_name.3,
	doc/manpages/gnutls_pkcs12_bag_set_key_id.3,
	doc/manpages/gnutls_pkcs12_deinit.3,
	doc/manpages/gnutls_pkcs12_export.3,
	doc/manpages/gnutls_pkcs12_generate_mac.3,
	doc/manpages/gnutls_pkcs12_get_bag.3,
	doc/manpages/gnutls_pkcs12_import.3,
	doc/manpages/gnutls_pkcs12_init.3,
	doc/manpages/gnutls_pkcs12_set_bag.3,
	doc/manpages/gnutls_pkcs12_verify_mac.3,
	doc/manpages/gnutls_pkcs7_deinit.3,
	doc/manpages/gnutls_pkcs7_delete_crl.3,
	doc/manpages/gnutls_pkcs7_delete_crt.3,
	doc/manpages/gnutls_pkcs7_export.3,
	doc/manpages/gnutls_pkcs7_get_crl_count.3,
	doc/manpages/gnutls_pkcs7_get_crl_raw.3,
	doc/manpages/gnutls_pkcs7_get_crt_count.3,
	doc/manpages/gnutls_pkcs7_get_crt_raw.3,
	doc/manpages/gnutls_pkcs7_import.3,
	doc/manpages/gnutls_pkcs7_init.3,
	doc/manpages/gnutls_pkcs7_set_crl.3,
	doc/manpages/gnutls_pkcs7_set_crl_raw.3,
	doc/manpages/gnutls_pkcs7_set_crt.3,
	doc/manpages/gnutls_pkcs7_set_crt_raw.3, doc/manpages/gnutls_prf.3,
	doc/manpages/gnutls_prf_raw.3,
	doc/manpages/gnutls_priority_deinit.3,
	doc/manpages/gnutls_priority_init.3,
	doc/manpages/gnutls_priority_set.3,
	doc/manpages/gnutls_priority_set_direct.3,
	doc/manpages/gnutls_privkey_decrypt_data.3,
	doc/manpages/gnutls_privkey_deinit.3,
	doc/manpages/gnutls_privkey_get_pk_algorithm.3,
	doc/manpages/gnutls_privkey_get_type.3,
	doc/manpages/gnutls_privkey_import_ext.3,
	doc/manpages/gnutls_privkey_import_openpgp.3,
	doc/manpages/gnutls_privkey_import_pkcs11.3,
	doc/manpages/gnutls_privkey_import_x509.3,
	doc/manpages/gnutls_privkey_init.3,
	doc/manpages/gnutls_privkey_sign_data.3,
	doc/manpages/gnutls_privkey_sign_hash.3,
	doc/manpages/gnutls_protocol_get_id.3,
	doc/manpages/gnutls_protocol_get_name.3,
	doc/manpages/gnutls_protocol_get_version.3,
	doc/manpages/gnutls_protocol_list.3,
	doc/manpages/gnutls_protocol_set_priority.3,
	doc/manpages/gnutls_psk_allocate_client_credentials.3,
	doc/manpages/gnutls_psk_allocate_server_credentials.3,
	doc/manpages/gnutls_psk_client_get_hint.3,
	doc/manpages/gnutls_psk_free_client_credentials.3,
	doc/manpages/gnutls_psk_free_server_credentials.3,
	doc/manpages/gnutls_psk_server_get_username.3,
	doc/manpages/gnutls_psk_set_client_credentials.3,
	doc/manpages/gnutls_psk_set_params_function.3,
	doc/manpages/gnutls_psk_set_server_credentials_file.3,
	doc/manpages/gnutls_psk_set_server_credentials_hint.3,
	doc/manpages/gnutls_psk_set_server_dh_params.3,
	doc/manpages/gnutls_psk_set_server_params_function.3,
	doc/manpages/gnutls_pubkey_deinit.3,
	doc/manpages/gnutls_pubkey_export.3,
	doc/manpages/gnutls_pubkey_get_key_id.3,
	doc/manpages/gnutls_pubkey_get_key_usage.3,
	doc/manpages/gnutls_pubkey_get_openpgp_key_id.3,
	doc/manpages/gnutls_pubkey_get_pk_algorithm.3,
	doc/manpages/gnutls_pubkey_get_pk_dsa_raw.3,
	doc/manpages/gnutls_pubkey_get_pk_ecc_raw.3,
	doc/manpages/gnutls_pubkey_get_pk_ecc_x962.3,
	doc/manpages/gnutls_pubkey_get_pk_rsa_raw.3,
	doc/manpages/gnutls_pubkey_get_preferred_hash_algorithm.3,
	doc/manpages/gnutls_pubkey_get_verify_algorithm.3,
	doc/manpages/gnutls_pubkey_import.3,
	doc/manpages/gnutls_pubkey_import_dsa_raw.3,
	doc/manpages/gnutls_pubkey_import_ecc_raw.3,
	doc/manpages/gnutls_pubkey_import_ecc_x962.3,
	doc/manpages/gnutls_pubkey_import_openpgp.3,
	doc/manpages/gnutls_pubkey_import_pkcs11.3,
	doc/manpages/gnutls_pubkey_import_pkcs11_url.3,
	doc/manpages/gnutls_pubkey_import_privkey.3,
	doc/manpages/gnutls_pubkey_import_rsa_raw.3,
	doc/manpages/gnutls_pubkey_import_x509.3,
	doc/manpages/gnutls_pubkey_init.3,
	doc/manpages/gnutls_pubkey_set_key_usage.3,
	doc/manpages/gnutls_pubkey_verify_data.3,
	doc/manpages/gnutls_pubkey_verify_data2.3,
	doc/manpages/gnutls_pubkey_verify_hash.3,
	doc/manpages/gnutls_record_check_pending.3,
	doc/manpages/gnutls_record_disable_padding.3,
	doc/manpages/gnutls_record_get_direction.3,
	doc/manpages/gnutls_record_get_discarded.3,
	doc/manpages/gnutls_record_get_max_size.3,
	doc/manpages/gnutls_record_recv.3,
	doc/manpages/gnutls_record_recv_seq.3,
	doc/manpages/gnutls_record_send.3,
	doc/manpages/gnutls_record_set_max_size.3,
	doc/manpages/gnutls_rehandshake.3, doc/manpages/gnutls_rnd.3,
	doc/manpages/gnutls_rsa_export_get_modulus_bits.3,
	doc/manpages/gnutls_rsa_export_get_pubkey.3,
	doc/manpages/gnutls_rsa_params_cpy.3,
	doc/manpages/gnutls_rsa_params_deinit.3,
	doc/manpages/gnutls_rsa_params_export_pkcs1.3,
	doc/manpages/gnutls_rsa_params_export_raw.3,
	doc/manpages/gnutls_rsa_params_generate2.3,
	doc/manpages/gnutls_rsa_params_import_pkcs1.3,
	doc/manpages/gnutls_rsa_params_import_raw.3,
	doc/manpages/gnutls_rsa_params_init.3,
	doc/manpages/gnutls_safe_renegotiation_status.3,
	doc/manpages/gnutls_sec_param_get_name.3,
	doc/manpages/gnutls_sec_param_to_pk_bits.3,
	doc/manpages/gnutls_server_name_get.3,
	doc/manpages/gnutls_server_name_set.3,
	doc/manpages/gnutls_session_channel_binding.3,
	doc/manpages/gnutls_session_enable_compatibility_mode.3,
	doc/manpages/gnutls_session_get_data.3,
	doc/manpages/gnutls_session_get_data2.3,
	doc/manpages/gnutls_session_get_id.3,
	doc/manpages/gnutls_session_get_ptr.3,
	doc/manpages/gnutls_session_is_resumed.3,
	doc/manpages/gnutls_session_set_data.3,
	doc/manpages/gnutls_session_set_ptr.3,
	doc/manpages/gnutls_session_ticket_enable_client.3,
	doc/manpages/gnutls_session_ticket_enable_server.3,
	doc/manpages/gnutls_session_ticket_key_generate.3,
	doc/manpages/gnutls_set_default_export_priority.3,
	doc/manpages/gnutls_set_default_priority.3,
	doc/manpages/gnutls_sign_algorithm_get_requested.3,
	doc/manpages/gnutls_sign_callback_get.3,
	doc/manpages/gnutls_sign_callback_set.3,
	doc/manpages/gnutls_sign_get_id.3,
	doc/manpages/gnutls_sign_get_name.3,
	doc/manpages/gnutls_sign_list.3,
	doc/manpages/gnutls_srp_allocate_client_credentials.3,
	doc/manpages/gnutls_srp_allocate_server_credentials.3,
	doc/manpages/gnutls_srp_base64_decode.3,
	doc/manpages/gnutls_srp_base64_decode_alloc.3,
	doc/manpages/gnutls_srp_base64_encode.3,
	doc/manpages/gnutls_srp_base64_encode_alloc.3,
	doc/manpages/gnutls_srp_free_client_credentials.3,
	doc/manpages/gnutls_srp_free_server_credentials.3,
	doc/manpages/gnutls_srp_server_get_username.3,
	doc/manpages/gnutls_srp_set_client_credentials.3,
	doc/manpages/gnutls_srp_set_prime_bits.3,
	doc/manpages/gnutls_srp_set_server_credentials_file.3,
	doc/manpages/gnutls_srp_verifier.3, doc/manpages/gnutls_strerror.3,
	doc/manpages/gnutls_strerror_name.3,
	doc/manpages/gnutls_supplemental_get_name.3,
	doc/manpages/gnutls_transport_get_ptr.3,
	doc/manpages/gnutls_transport_get_ptr2.3,
	doc/manpages/gnutls_transport_set_errno.3,
	doc/manpages/gnutls_transport_set_errno_function.3,
	doc/manpages/gnutls_transport_set_ptr.3,
	doc/manpages/gnutls_transport_set_ptr2.3,
	doc/manpages/gnutls_transport_set_pull_function.3,
	doc/manpages/gnutls_transport_set_pull_timeout_function.3,
	doc/manpages/gnutls_transport_set_push_function.3,
	doc/manpages/gnutls_transport_set_vec_push_function.3,
	doc/manpages/gnutls_x509_crl_check_issuer.3,
	doc/manpages/gnutls_x509_crl_deinit.3,
	doc/manpages/gnutls_x509_crl_export.3,
	doc/manpages/gnutls_x509_crl_get_authority_key_id.3,
	doc/manpages/gnutls_x509_crl_get_crt_count.3,
	doc/manpages/gnutls_x509_crl_get_crt_serial.3,
	doc/manpages/gnutls_x509_crl_get_dn_oid.3,
	doc/manpages/gnutls_x509_crl_get_extension_data.3,
	doc/manpages/gnutls_x509_crl_get_extension_info.3,
	doc/manpages/gnutls_x509_crl_get_extension_oid.3,
	doc/manpages/gnutls_x509_crl_get_issuer_dn.3,
	doc/manpages/gnutls_x509_crl_get_issuer_dn_by_oid.3,
	doc/manpages/gnutls_x509_crl_get_next_update.3,
	doc/manpages/gnutls_x509_crl_get_number.3,
	doc/manpages/gnutls_x509_crl_get_raw_issuer_dn.3,
	doc/manpages/gnutls_x509_crl_get_signature.3,
	doc/manpages/gnutls_x509_crl_get_signature_algorithm.3,
	doc/manpages/gnutls_x509_crl_get_this_update.3,
	doc/manpages/gnutls_x509_crl_get_version.3,
	doc/manpages/gnutls_x509_crl_import.3,
	doc/manpages/gnutls_x509_crl_init.3,
	doc/manpages/gnutls_x509_crl_list_import.3,
	doc/manpages/gnutls_x509_crl_list_import2.3,
	doc/manpages/gnutls_x509_crl_print.3,
	doc/manpages/gnutls_x509_crl_privkey_sign.3,
	doc/manpages/gnutls_x509_crl_set_authority_key_id.3,
	doc/manpages/gnutls_x509_crl_set_crt.3,
	doc/manpages/gnutls_x509_crl_set_crt_serial.3,
	doc/manpages/gnutls_x509_crl_set_next_update.3,
	doc/manpages/gnutls_x509_crl_set_number.3,
	doc/manpages/gnutls_x509_crl_set_this_update.3,
	doc/manpages/gnutls_x509_crl_set_version.3,
	doc/manpages/gnutls_x509_crl_sign.3,
	doc/manpages/gnutls_x509_crl_sign2.3,
	doc/manpages/gnutls_x509_crl_verify.3,
	doc/manpages/gnutls_x509_crq_deinit.3,
	doc/manpages/gnutls_x509_crq_export.3,
	doc/manpages/gnutls_x509_crq_get_attribute_by_oid.3,
	doc/manpages/gnutls_x509_crq_get_attribute_data.3,
	doc/manpages/gnutls_x509_crq_get_attribute_info.3,
	doc/manpages/gnutls_x509_crq_get_basic_constraints.3,
	doc/manpages/gnutls_x509_crq_get_challenge_password.3,
	doc/manpages/gnutls_x509_crq_get_dn.3,
	doc/manpages/gnutls_x509_crq_get_dn_by_oid.3,
	doc/manpages/gnutls_x509_crq_get_dn_oid.3,
	doc/manpages/gnutls_x509_crq_get_extension_by_oid.3,
	doc/manpages/gnutls_x509_crq_get_extension_data.3,
	doc/manpages/gnutls_x509_crq_get_extension_info.3,
	doc/manpages/gnutls_x509_crq_get_key_id.3,
	doc/manpages/gnutls_x509_crq_get_key_purpose_oid.3,
	doc/manpages/gnutls_x509_crq_get_key_rsa_raw.3,
	doc/manpages/gnutls_x509_crq_get_key_usage.3,
	doc/manpages/gnutls_x509_crq_get_pk_algorithm.3,
	doc/manpages/gnutls_x509_crq_get_subject_alt_name.3,
	doc/manpages/gnutls_x509_crq_get_subject_alt_othername_oid.3,
	doc/manpages/gnutls_x509_crq_get_version.3,
	doc/manpages/gnutls_x509_crq_import.3,
	doc/manpages/gnutls_x509_crq_init.3,
	doc/manpages/gnutls_x509_crq_print.3,
	doc/manpages/gnutls_x509_crq_privkey_sign.3,
	doc/manpages/gnutls_x509_crq_set_attribute_by_oid.3,
	doc/manpages/gnutls_x509_crq_set_basic_constraints.3,
	doc/manpages/gnutls_x509_crq_set_challenge_password.3,
	doc/manpages/gnutls_x509_crq_set_dn_by_oid.3,
	doc/manpages/gnutls_x509_crq_set_key.3,
	doc/manpages/gnutls_x509_crq_set_key_purpose_oid.3,
	doc/manpages/gnutls_x509_crq_set_key_rsa_raw.3,
	doc/manpages/gnutls_x509_crq_set_key_usage.3,
	doc/manpages/gnutls_x509_crq_set_pubkey.3,
	doc/manpages/gnutls_x509_crq_set_subject_alt_name.3,
	doc/manpages/gnutls_x509_crq_set_version.3,
	doc/manpages/gnutls_x509_crq_sign.3,
	doc/manpages/gnutls_x509_crq_sign2.3,
	doc/manpages/gnutls_x509_crq_verify.3,
	doc/manpages/gnutls_x509_crt_check_hostname.3,
	doc/manpages/gnutls_x509_crt_check_issuer.3,
	doc/manpages/gnutls_x509_crt_check_revocation.3,
	doc/manpages/gnutls_x509_crt_cpy_crl_dist_points.3,
	doc/manpages/gnutls_x509_crt_deinit.3,
	doc/manpages/gnutls_x509_crt_export.3,
	doc/manpages/gnutls_x509_crt_get_activation_time.3,
	doc/manpages/gnutls_x509_crt_get_authority_info_access.3,
	doc/manpages/gnutls_x509_crt_get_authority_key_id.3,
	doc/manpages/gnutls_x509_crt_get_basic_constraints.3,
	doc/manpages/gnutls_x509_crt_get_ca_status.3,
	doc/manpages/gnutls_x509_crt_get_crl_dist_points.3,
	doc/manpages/gnutls_x509_crt_get_dn.3,
	doc/manpages/gnutls_x509_crt_get_dn_by_oid.3,
	doc/manpages/gnutls_x509_crt_get_dn_oid.3,
	doc/manpages/gnutls_x509_crt_get_expiration_time.3,
	doc/manpages/gnutls_x509_crt_get_extension_by_oid.3,
	doc/manpages/gnutls_x509_crt_get_extension_data.3,
	doc/manpages/gnutls_x509_crt_get_extension_info.3,
	doc/manpages/gnutls_x509_crt_get_extension_oid.3,
	doc/manpages/gnutls_x509_crt_get_fingerprint.3,
	doc/manpages/gnutls_x509_crt_get_issuer.3,
	doc/manpages/gnutls_x509_crt_get_issuer_alt_name.3,
	doc/manpages/gnutls_x509_crt_get_issuer_alt_name2.3,
	doc/manpages/gnutls_x509_crt_get_issuer_alt_othername_oid.3,
	doc/manpages/gnutls_x509_crt_get_issuer_dn.3,
	doc/manpages/gnutls_x509_crt_get_issuer_dn_by_oid.3,
	doc/manpages/gnutls_x509_crt_get_issuer_dn_oid.3,
	doc/manpages/gnutls_x509_crt_get_issuer_unique_id.3,
	doc/manpages/gnutls_x509_crt_get_key_id.3,
	doc/manpages/gnutls_x509_crt_get_key_purpose_oid.3,
	doc/manpages/gnutls_x509_crt_get_key_usage.3,
	doc/manpages/gnutls_x509_crt_get_pk_algorithm.3,
	doc/manpages/gnutls_x509_crt_get_pk_dsa_raw.3,
	doc/manpages/gnutls_x509_crt_get_pk_rsa_raw.3,
	doc/manpages/gnutls_x509_crt_get_preferred_hash_algorithm.3,
	doc/manpages/gnutls_x509_crt_get_proxy.3,
	doc/manpages/gnutls_x509_crt_get_raw_dn.3,
	doc/manpages/gnutls_x509_crt_get_raw_issuer_dn.3,
	doc/manpages/gnutls_x509_crt_get_serial.3,
	doc/manpages/gnutls_x509_crt_get_signature.3,
	doc/manpages/gnutls_x509_crt_get_signature_algorithm.3,
	doc/manpages/gnutls_x509_crt_get_subject.3,
	doc/manpages/gnutls_x509_crt_get_subject_alt_name.3,
	doc/manpages/gnutls_x509_crt_get_subject_alt_name2.3,
	doc/manpages/gnutls_x509_crt_get_subject_alt_othername_oid.3,
	doc/manpages/gnutls_x509_crt_get_subject_key_id.3,
	doc/manpages/gnutls_x509_crt_get_subject_unique_id.3,
	doc/manpages/gnutls_x509_crt_get_verify_algorithm.3,
	doc/manpages/gnutls_x509_crt_get_version.3,
	doc/manpages/gnutls_x509_crt_import.3,
	doc/manpages/gnutls_x509_crt_import_pkcs11.3,
	doc/manpages/gnutls_x509_crt_import_pkcs11_url.3,
	doc/manpages/gnutls_x509_crt_init.3,
	doc/manpages/gnutls_x509_crt_list_import.3,
	doc/manpages/gnutls_x509_crt_list_import2.3,
	doc/manpages/gnutls_x509_crt_list_import_pkcs11.3,
	doc/manpages/gnutls_x509_crt_list_verify.3,
	doc/manpages/gnutls_x509_crt_print.3,
	doc/manpages/gnutls_x509_crt_privkey_sign.3,
	doc/manpages/gnutls_x509_crt_set_activation_time.3,
	doc/manpages/gnutls_x509_crt_set_authority_key_id.3,
	doc/manpages/gnutls_x509_crt_set_basic_constraints.3,
	doc/manpages/gnutls_x509_crt_set_ca_status.3,
	doc/manpages/gnutls_x509_crt_set_crl_dist_points.3,
	doc/manpages/gnutls_x509_crt_set_crl_dist_points2.3,
	doc/manpages/gnutls_x509_crt_set_crq.3,
	doc/manpages/gnutls_x509_crt_set_crq_extensions.3,
	doc/manpages/gnutls_x509_crt_set_dn_by_oid.3,
	doc/manpages/gnutls_x509_crt_set_expiration_time.3,
	doc/manpages/gnutls_x509_crt_set_extension_by_oid.3,
	doc/manpages/gnutls_x509_crt_set_issuer_dn_by_oid.3,
	doc/manpages/gnutls_x509_crt_set_key.3,
	doc/manpages/gnutls_x509_crt_set_key_purpose_oid.3,
	doc/manpages/gnutls_x509_crt_set_key_usage.3,
	doc/manpages/gnutls_x509_crt_set_proxy.3,
	doc/manpages/gnutls_x509_crt_set_proxy_dn.3,
	doc/manpages/gnutls_x509_crt_set_pubkey.3,
	doc/manpages/gnutls_x509_crt_set_serial.3,
	doc/manpages/gnutls_x509_crt_set_subject_alt_name.3,
	doc/manpages/gnutls_x509_crt_set_subject_alternative_name.3,
	doc/manpages/gnutls_x509_crt_set_subject_key_id.3,
	doc/manpages/gnutls_x509_crt_set_version.3,
	doc/manpages/gnutls_x509_crt_sign.3,
	doc/manpages/gnutls_x509_crt_sign2.3,
	doc/manpages/gnutls_x509_crt_verify.3,
	doc/manpages/gnutls_x509_crt_verify_data.3,
	doc/manpages/gnutls_x509_crt_verify_hash.3,
	doc/manpages/gnutls_x509_dn_deinit.3,
	doc/manpages/gnutls_x509_dn_export.3,
	doc/manpages/gnutls_x509_dn_get_rdn_ava.3,
	doc/manpages/gnutls_x509_dn_import.3,
	doc/manpages/gnutls_x509_dn_init.3,
	doc/manpages/gnutls_x509_dn_oid_known.3,
	doc/manpages/gnutls_x509_privkey_cpy.3,
	doc/manpages/gnutls_x509_privkey_deinit.3,
	doc/manpages/gnutls_x509_privkey_export.3,
	doc/manpages/gnutls_x509_privkey_export_dsa_raw.3,
	doc/manpages/gnutls_x509_privkey_export_ecc_raw.3,
	doc/manpages/gnutls_x509_privkey_export_pkcs8.3,
	doc/manpages/gnutls_x509_privkey_export_rsa_raw.3,
	doc/manpages/gnutls_x509_privkey_export_rsa_raw2.3,
	doc/manpages/gnutls_x509_privkey_fix.3,
	doc/manpages/gnutls_x509_privkey_generate.3,
	doc/manpages/gnutls_x509_privkey_get_key_id.3,
	doc/manpages/gnutls_x509_privkey_get_pk_algorithm.3,
	doc/manpages/gnutls_x509_privkey_import.3,
	doc/manpages/gnutls_x509_privkey_import_dsa_raw.3,
	doc/manpages/gnutls_x509_privkey_import_ecc_raw.3,
	doc/manpages/gnutls_x509_privkey_import_pkcs8.3,
	doc/manpages/gnutls_x509_privkey_import_rsa_raw.3,
	doc/manpages/gnutls_x509_privkey_import_rsa_raw2.3,
	doc/manpages/gnutls_x509_privkey_init.3,
	doc/manpages/gnutls_x509_privkey_sec_param.3,
	doc/manpages/gnutls_x509_privkey_sign_data.3,
	doc/manpages/gnutls_x509_privkey_sign_hash.3,
	doc/manpages/gnutls_x509_privkey_verify_params.3,
	doc/manpages/gnutls_x509_rdn_get.3,
	doc/manpages/gnutls_x509_rdn_get_by_oid.3,
	doc/manpages/gnutls_x509_rdn_get_oid.3,
	doc/manpages/gnutls_x509_trust_list_add_cas.3,
	doc/manpages/gnutls_x509_trust_list_add_crls.3,
	doc/manpages/gnutls_x509_trust_list_add_named_crt.3,
	doc/manpages/gnutls_x509_trust_list_deinit.3,
	doc/manpages/gnutls_x509_trust_list_get_issuer.3,
	doc/manpages/gnutls_x509_trust_list_init.3,
	doc/manpages/gnutls_x509_trust_list_verify_crt.3,
	doc/manpages/gnutls_x509_trust_list_verify_named_crt.3,
	doc/scripts/getfuncs.pl, lib/gnutls_cert.c, lib/gnutls_str.c: Added
	a more robust manpage generation method.

2011-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/examples/ex-serv-psk.c, doc/examples/ex-serv-srp.c: 
	updated/fixed SRP and PSK examples.

2011-11-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c: updated client certificate signature algorithm
	indication, to allow holding 3 algorithms.

2011-11-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk: use texi2html to generate documentation

2011-11-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/gdoc: corrected texinfo and manpage generation of
	documentation.

2011-11-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: count all discarded packets as dropped.

2011-11-15  Martin Storsjo <martin@martin.st>

	* extra/Makefile.am, lib/Makefile.am: Add dependencies from the def
	files to the libraries that generate them This avoids build failures in parallel builds, where builds could
	fail with this error message: make[2]: *** No rule to make target `libgnutls-26.def', needed by
	`all-am'.  Stop.  There is no direct rules that generate it, but it is generated as a
	byproduct when building libgnutls.la. By marking the la file as a
	dependency, make won't bail out by not finding the file until that
	dependency is built, and at that point, the def file exists.  Signed-off-by: Simon Josefsson <simon@josefsson.org>

2011-11-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/cha-auth.texi, doc/cha-cert-auth.texi,
	doc/cha-cert-auth2.texi, doc/cha-gtls-app.texi,
	doc/cha-gtls-examples.texi, doc/cha-intro-tls.texi,
	doc/cha-library.texi, doc/cha-shared-key.texi, doc/gnutls.texi,
	doc/latex/.gitignore, doc/latex/Makefile.am, doc/latex/gnutls.tex,
	doc/scripts/mytexi2latex: reorganized documentation

2011-11-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/asm-coff/appro-aes-x86-coff.s,
	lib/accelerated/x86/asm-coff/cpuid-x86-64-coff.s,
	lib/accelerated/x86/asm-coff/cpuid-x86-coff.s,
	lib/accelerated/x86/asm-coff/padlock-x86-coff.s,
	lib/accelerated/x86/asm/appro-aes-gcm-x86-64.s,
	lib/accelerated/x86/asm/appro-aes-x86-64.s,
	lib/accelerated/x86/asm/appro-aes-x86.s,
	lib/accelerated/x86/asm/cpuid-x86-64.s,
	lib/accelerated/x86/asm/cpuid-x86.s,
	lib/accelerated/x86/asm/padlock-x86-64.s,
	lib/accelerated/x86/asm/padlock-x86.s: Commited new assembler files.

2011-11-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk, devel/perlasm/aesni-x86.pl,
	devel/perlasm/aesni-x86_64.pl, devel/perlasm/cbc.pl,
	devel/perlasm/cpuid-x86.pl, devel/perlasm/cpuid-x86_64.pl,
	devel/perlasm/e_padlock-x86.pl, devel/perlasm/e_padlock-x86_64.pl,
	devel/perlasm/ghash-x86.pl, devel/perlasm/ghash-x86_64.pl,
	devel/perlasm/license-gnutls.txt, devel/perlasm/license.txt,
	devel/perlasm/ppc-xlate.pl, devel/perlasm/readme,
	devel/perlasm/x86_64-xlate.pl, devel/perlasm/x86asm.pl,
	devel/perlasm/x86gas.pl, devel/perlasm/x86masm.pl,
	devel/perlasm/x86nasm.pl: Added rules to auto-generate the assembler
	files.

2011-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2011-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi: updated

2011-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-auth.texi, doc/cha-cert-auth.texi, doc/cha-programs.texi,
	doc/gnutls.texi: Tools are discussed in the relevant chapters and
	sections.

2011-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.0.8

2011-11-12  Simon Josefsson <simon@josefsson.org>

	* configure.ac: Add tests/slow/Makfile and sort config files.

2011-11-12  Simon Josefsson <simon@josefsson.org>

	* cfg.mk: Fix wordwrap.

2011-11-12  Simon Josefsson <simon@josefsson.org>

	* lib/x509/verify-high.c, lib/x509/verify-high.h: Don't export
	verify-high structs internally.

2011-11-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk: document the gpl modules used by gnulib

2011-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/gendh.c, tests/keygen.c,
	tests/slow/Makefile.am, tests/slow/README, tests/slow/gendh.c,
	tests/slow/keygen.c: slow tests are not being run using valgrind

2011-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/ecdsa/Makefile.am: distribute pem file

2011-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/ecdsa/bad-key.pem, tests/ecdsa/ecdsa: Added test to detect a
	wrong ECDSA key.

2011-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_errors.h, lib/gnutls_int.h: define likely() and
	unlikely() and use them to prevent debugging code from being
	prioritized in branch prediction.

2011-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2011-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, m4/hooks.m4: bumped library version and documented updates.

2011-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/crypto-backend.h, lib/gnutls_errors.c, lib/gnutls_pk.c,
	lib/gnutls_pk.h, lib/includes/gnutls/gnutls.h.in,
	lib/includes/gnutls/x509.h, lib/libgnutls.map, lib/nettle/pk.c,
	lib/x509/privkey.c, src/certtool.c, tests/Makefile.am,
	tests/keygen.c: Added gnutls_x509_privkey_verify_params() which
	verifies the parameters of a private key. Added test case for
	private key generation.

2011-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-cfg.c, src/certtool-common.c, src/certtool.c,
	src/psk.c, src/srptool.c, src/tests.c, src/tls_test.c: simplified
	copyright years.

2011-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped library versions

2011-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/scripts/mytexi2latex,
	lib/x509/crl_write.c: Added documentation on revocation lists.

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/chain: account for error code 1 in certtool.

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: document updates

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c: Reduce pad.

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: added missing dir

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_int.h, lib/gnutls_record.c: Revert "periodically print
	messages that might be used in timing attacks." This reverts commit a333d71762903ff5b716d1e3967017b1baf61bd2.

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_state.c: Revert "dropped packets are also reported on
	gnutls_deinit() to ensure that they are not lost." This reverts commit 41a73fb4a147dc4773d4b546d5d8b5cfdae255d9.

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_cipher.c: provide less timing information during packet
	MAC verification.

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/ecdsa/ecdsa: silence test

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/crypto-backend.h, lib/gnutls_ecc.c, lib/gnutls_pubkey.c,
	lib/nettle/pk.c, lib/pkcs11_write.c, lib/x509/key_decode.c,
	lib/x509/key_encode.c, lib/x509/privkey.c: Corrected ECC key
	generation.

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: fail on certificate verification

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/ecdsa/Makefile.am, tests/ecdsa/ecdsa: 
	Added ECDSA key generation, signing and verification tests.

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: verify the self signature of a CRQ when --crq-info
	parameter is given.

2011-11-10  Simon Josefsson <simon@josefsson.org>

	* lib/x509/verify-high.h: Add verify-high.h, to export some structs
	(for OCSP).

2011-11-10  Simon Josefsson <simon@josefsson.org>

	* lib/algorithms.h, lib/algorithms/mac.c: Add explicit digest
	mapping functions (for OCSP).

2011-11-10  Simon Josefsson <simon@josefsson.org>

	* lib/x509/Makefile.am, lib/x509/verify-high.c: Make verify-high
	structures internally accessible (for OCSP).

2011-11-10  Simon Josefsson <simon@josefsson.org>

	* lib/libgnutls.map: Indent.

2011-11-10  Simon Josefsson <simon@josefsson.org>

	* lib/x509/common.c, lib/x509/common.h, lib/x509/extensions.c: Make
	more functions available internally (for OCSP).

2011-11-10  Simon Josefsson <simon@josefsson.org>

	* lib/gnutls_str.c, lib/gnutls_str.h, lib/x509/output.c: Make
	asciiprint a globally available function.

2011-11-10  Simon Josefsson <simon@josefsson.org>

	* .gitignore: Add.

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_state.c: dropped packets are also reported on
	gnutls_deinit() to ensure that they are not lost.

2011-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_int.h, lib/gnutls_record.c: periodically print messages
	that might be used in timing attacks.

2011-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* COPYING.LESSER, lib/COPYING: LGPLv3 license was moved to root.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* configure.ac, doc/reference/gnutls-docs.sgml,
	doc/reference/version.xml.in: Update gtk-doc template.

2011-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: updated

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* lib/includes/gnutls/pkcs11.h: Remove redundant const keyword in
	(confuses gtk-doc parser).

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* README-alpha: Mention libidn dependency for crywrap.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* lib/gnutls_pubkey.c: Don't crash if gnutls_pubkey_deinit is given
	a NULL key.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* lib/x509_b64.c, lib/x509_b64.h: Remove dead code and use more
	static.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* cfg.mk: Fix code coverage rules.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* .gitignore: Ignore coverage related stuff.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* configure.ac, lib/Makefile.am: Don't add p11-kit to CFLAGS/LIBS
	globally, just where it is needed.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* doc/cyclo/Makefile.am: The build rule didn't really work before,
	now fixed.  Update copyright years.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* .gitignore: Remove unneeded stuff.

2011-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/debug.c: enable _gnutls_dump_mpi() when debugging.

2011-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/debug.c, lib/debug.h: Revert "Remove dead code." This reverts commit e5d8a79fcc429902e8fb9b7cec91d66b965df5bb.

2011-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, lib/Makefile.am, lib/gcrypt/Makefile.am,
	lib/gcrypt/cipher.c, lib/gcrypt/init.c, lib/gcrypt/mac.c,
	lib/gcrypt/mpi.c, lib/gcrypt/pk.c, lib/gcrypt/rnd.c: No need to
	distribute the libgcrypt backend (which cannot even be compiled).

2011-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/README: updated to include padlock.

2011-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/cipher.c, lib/nettle/mac.c: release allocated memory on
	a cipher or mac failure to initialize.

2011-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-gtls-app.texi: clarified usage of
	gnutls_record_check_pending().

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* lib/debug.c, lib/debug.h: Remove dead code.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* .gitignore: Sort and add.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* lib/gnutls_db.c, lib/gnutls_db.h: Remove some redundant prototypes
	and use more static.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* lib/gnutls_db.c, lib/gnutls_db.h: Simplify redundant code.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* build-aux/pmccabe2html, gl/Makefile.am, gl/m4/gnulib-cache.m4,
	gl/m4/gnulib-comp.m4: Add pmccabe2html gnulib module.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* gl/override/lib/hmac-md5.c.diff, gl/override/lib/memxor.c.diff,
	gl/override/lib/memxor.h.diff: Remove obsolete files.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* configure.ac, gl/override/lib/read-file.c.diff,
	gl/override/lib/read-file.h.diff,
	gl/override/tests/test-read-file.c.diff, gl/read-file.c,
	gl/read-file.h, gl/tests/test-read-file.c, lib/gnutls_x509.c,
	lib/openpgp/gnutls_openpgp.c, src/certtool-common.c,
	src/certtool.c, src/cli.c, src/crywrap/crywrap.c: Simplify static
	library renaming hack.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* tests/suite/Makefile.am: Cleanup and fix authorship notice (I
	didn't write this file).

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* tests/dsa/testdsa, tests/openpgp-certs/testcerts,
	tests/suite/testcompat-main, tests/suite/testsrn: Fix
	srcdir!=builddir builds.

2011-11-09  Simon Josefsson <simon@josefsson.org>

	* Makefile.am: Allow distcheck to work, the suppressions.valgrind
	file caused problems.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* doc/Makefile.am: enums.texi: Look in builddir too for gnutls.h.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* NEWS, doc/manpages/Makefile.am: doc: man pages for API functions
	were removed.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* GNUmakefile, gl/Makefile.am, gl/alignof.h, gl/argp-parse.c,
	gl/closedir.c, gl/m4/gnulib-comp.m4, gl/m4/math_h.m4,
	gl/m4/stdalign.m4, gl/math.in.h, gl/stdalign.in.h, gl/stdlib.in.h,
	gl/sys_socket.in.h, gl/tests/Makefile.am, gl/tests/putenv.c,
	gl/tests/test-stdalign.c, maint.mk: Update gnulib files.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* cfg.mk: Improve syntax-check rules.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* tests/Makefile.am: Re-indent.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* doc/Makefile.am: Fix syntax-check whitespace nit.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* configure.ac: Fix portability quirk.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* tests/rsa-md5-collision/README: Fix 'the the' double use.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* lib/accelerated/x86/hmac-padlock.c: Remove unneeded assert.h
	inclusion.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* .gitattributes: Drop unneeded .gitattributes.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* doc/reference/Makefile.am, gtk-doc.make: Update gtk-doc files.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* doc/reference/gnutls-docs.sgml: Drop openssl API from GnuTLS API
	manual to avoid build errors.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* doc/reference/Makefile.am: Drop more extra stuff.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* extra/gnutls-extra.pc.in, extra/libgnutls-extra.map: Remove
	obsolete libgnutls-extra stuff.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* doc/examples/verify.c: Include examples.h to get
	verify_certificate_callback prototype.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* doc/reference/Makefile.am: Improve header ignoring.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* configure.ac: Use gettext 0.18 to avoid build error.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* lib/nettle/ecc_mulmod.c: Fix compile warnings.

2011-11-08  Simon Josefsson <simon@josefsson.org>

	* po/it.po.in: Sync with TP.

2011-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, m4/hooks.m4: released 3.0.7

2011-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: Corrected ciphersuite
	GNUTLS_ECDHE_RSA_AES_128_CBC_SHA256. Reported by Fabrice Gautier.

2011-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_session.c: bug fix in gnutls_session_get_data().

2011-11-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, m4/hooks.m4: bumped version

2011-11-07  Alban Crequy <alban.crequy@collabora.co.uk>

	* gnutls_session_get_data: fix possible buffer overflow The test to avoid the buffer overflow was always false because
	session_data_size was set at the wrong place. This problem has been
	introduced by this commit: |commit ad4ed44c65e753e6d3a00104c049dd81826ccbf3 |Author: Nikos
	Mavrogiannopoulos <nmav@gnutls.org> |Date:   Mon Nov 7 22:24:48 2005
	+0000 | |    This is the initial commit in the 1.3 branch. Ported
	from the PSK branch: |    * PSK ciphersuites have been added.  |
	* The session resumption data are now system independent.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

	-----

	Copyright (C) 2005-2012 Free Software Foundation, Inc.

	Copying and distribution of this file, with or without
	modification, are permitted provided the copyright notice
	and this notice are preserved.