ABI
Tracker

(GnuTLS)



Headers diff: 3.4.5 vs 3.4.6



 gnutls.h (3.4.5)   gnutls.h (3.4.6) 
skipping to change at line 56 skipping to change at line 56
#endif #endif
/* Get time_t. */ /* Get time_t. */
#include <time.h> #include <time.h>
/* *INDENT-OFF* */ /* *INDENT-OFF* */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/* *INDENT-ON* */ /* *INDENT-ON* */
#define GNUTLS_VERSION "3.4.5" #define GNUTLS_VERSION "3.4.6"
#define GNUTLS_VERSION_MAJOR 3 #define GNUTLS_VERSION_MAJOR 3
#define GNUTLS_VERSION_MINOR 4 #define GNUTLS_VERSION_MINOR 4
#define GNUTLS_VERSION_PATCH 5 #define GNUTLS_VERSION_PATCH 6
#define GNUTLS_VERSION_NUMBER 0x030405 #define GNUTLS_VERSION_NUMBER 0x030406
#define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC #define GNUTLS_CIPHER_RIJNDAEL_128_CBC GNUTLS_CIPHER_AES_128_CBC
#define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC #define GNUTLS_CIPHER_RIJNDAEL_256_CBC GNUTLS_CIPHER_AES_256_CBC
#define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC
#define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128
#if !defined(GNUTLS_INTERNAL_BUILD) && defined(_WIN32) #if !defined(GNUTLS_INTERNAL_BUILD) && defined(_WIN32)
# define _SYM_EXPORT __declspec(dllimport) # define _SYM_EXPORT __declspec(dllimport)
#else #else
# define _SYM_EXPORT # define _SYM_EXPORT
skipping to change at line 738 skipping to change at line 738
* @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known * @GNUTLS_SEC_PARAM_UNKNOWN: Cannot be known
* @GNUTLS_SEC_PARAM_INSECURE: Less than 42 bits of security * @GNUTLS_SEC_PARAM_INSECURE: Less than 42 bits of security
* @GNUTLS_SEC_PARAM_EXPORT: 42 bits of security * @GNUTLS_SEC_PARAM_EXPORT: 42 bits of security
* @GNUTLS_SEC_PARAM_VERY_WEAK: 64 bits of security * @GNUTLS_SEC_PARAM_VERY_WEAK: 64 bits of security
* @GNUTLS_SEC_PARAM_WEAK: 72 bits of security * @GNUTLS_SEC_PARAM_WEAK: 72 bits of security
* @GNUTLS_SEC_PARAM_LOW: 80 bits of security * @GNUTLS_SEC_PARAM_LOW: 80 bits of security
* @GNUTLS_SEC_PARAM_LEGACY: 96 bits of security * @GNUTLS_SEC_PARAM_LEGACY: 96 bits of security
* @GNUTLS_SEC_PARAM_MEDIUM: 112 bits of security (used to be %GNUTLS_SEC_P ARAM_NORMAL) * @GNUTLS_SEC_PARAM_MEDIUM: 112 bits of security (used to be %GNUTLS_SEC_P ARAM_NORMAL)
* @GNUTLS_SEC_PARAM_HIGH: 128 bits of security * @GNUTLS_SEC_PARAM_HIGH: 128 bits of security
* @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security * @GNUTLS_SEC_PARAM_ULTRA: 192 bits of security
* @GNUTLS_SEC_PARAM_FUTURE: 256 bits of security
* *
* Enumeration of security parameters for passive attacks. * Enumeration of security parameters for passive attacks.
*/ */
typedef enum { typedef enum {
GNUTLS_SEC_PARAM_UNKNOWN = 0, GNUTLS_SEC_PARAM_UNKNOWN = 0,
GNUTLS_SEC_PARAM_INSECURE = 5, GNUTLS_SEC_PARAM_INSECURE = 5,
GNUTLS_SEC_PARAM_EXPORT = 10, GNUTLS_SEC_PARAM_EXPORT = 10,
GNUTLS_SEC_PARAM_VERY_WEAK = 15, GNUTLS_SEC_PARAM_VERY_WEAK = 15,
GNUTLS_SEC_PARAM_WEAK = 20, GNUTLS_SEC_PARAM_WEAK = 20,
GNUTLS_SEC_PARAM_LOW = 25, GNUTLS_SEC_PARAM_LOW = 25,
GNUTLS_SEC_PARAM_LEGACY = 30, GNUTLS_SEC_PARAM_LEGACY = 30,
GNUTLS_SEC_PARAM_MEDIUM = 35, GNUTLS_SEC_PARAM_MEDIUM = 35,
GNUTLS_SEC_PARAM_HIGH = 40, GNUTLS_SEC_PARAM_HIGH = 40,
GNUTLS_SEC_PARAM_ULTRA = 45 GNUTLS_SEC_PARAM_ULTRA = 45,
GNUTLS_SEC_PARAM_FUTURE = 50
} gnutls_sec_param_t; } gnutls_sec_param_t;
/* old name */ /* old name */
#define GNUTLS_SEC_PARAM_NORMAL GNUTLS_SEC_PARAM_MEDIUM #define GNUTLS_SEC_PARAM_NORMAL GNUTLS_SEC_PARAM_MEDIUM
/** /**
* gnutls_channel_binding_t: * gnutls_channel_binding_t:
* @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding * @GNUTLS_CB_TLS_UNIQUE: "tls-unique" (RFC 5929) channel binding
* *
* Enumeration of support channel binding types. * Enumeration of support channel binding types.
skipping to change at line 1218 skipping to change at line 1220
size_t session_data_size); size_t session_data_size);
int gnutls_session_get_data(gnutls_session_t session, void *session_data, int gnutls_session_get_data(gnutls_session_t session, void *session_data,
size_t * session_data_size); size_t * session_data_size);
int gnutls_session_get_data2(gnutls_session_t session, int gnutls_session_get_data2(gnutls_session_t session,
gnutls_datum_t * data); gnutls_datum_t * data);
void gnutls_session_get_random(gnutls_session_t session, void gnutls_session_get_random(gnutls_session_t session,
gnutls_datum_t * client, gnutls_datum_t * client,
gnutls_datum_t * server); gnutls_datum_t * server);
char *gnutls_session_get_desc(gnutls_session_t session); char *gnutls_session_get_desc(gnutls_session_t session);
typedef int gnutls_certificate_verify_function(gnutls_session_t);
void gnutls_session_set_verify_function(gnutls_session_t session, gnutls_ce
rtificate_verify_function * func);
/**
* gnutls_vdata_types_t:
* @GNUTLS_DT_UNKNOWN: Unknown data type.
* @GNUTLS_DT_DNS_HOSTNAME: The data contain a null-terminated DNS hostname
; the hostname will be
* matched using the RFC6125 rules.
* @GNUTLS_DT_RFC822NAME: The data contain a null-terminated email address;
the email will be
* matched against the RFC822Name field of the certificate, or the EMAIL
DN component if the
* former isn't available. Prior to matching the email address will be co
nverted to ACE
* (ASCII-compatible-encoding).
* @GNUTLS_DT_KEY_PURPOSE_OID: The data contain a null-terminated key purpo
se OID. It will be matched
* against the certificate's Extended Key Usage extension.
*
* Enumeration of different typed-data options. They are used as input to c
ertificate
* verification functions to provide information about the name and purpose
of the
* certificate. Only a single option of a type can be provided to the relev
ant functions.
*/
typedef enum {
GNUTLS_DT_UNKNOWN = 0,
GNUTLS_DT_DNS_HOSTNAME = 1,
GNUTLS_DT_KEY_PURPOSE_OID = 2,
GNUTLS_DT_RFC822NAME = 3
} gnutls_vdata_types_t;
typedef struct {
gnutls_vdata_types_t type;
unsigned char *data;
unsigned int size;
} gnutls_typed_vdata_st;
void gnutls_session_set_verify_cert(gnutls_session_t session,
const char *hostname, unsigned flags);
void
gnutls_session_set_verify_cert2(gnutls_session_t session,
gnutls_typed_vdata_st * data,
unsigned elements, unsigned flags);
unsigned int gnutls_session_get_verify_cert_status(gnutls_session_t);
int gnutls_session_set_premaster(gnutls_session_t session, int gnutls_session_set_premaster(gnutls_session_t session,
unsigned int entity, unsigned int entity,
gnutls_protocol_t version, gnutls_protocol_t version,
gnutls_kx_algorithm_t kx, gnutls_kx_algorithm_t kx,
gnutls_cipher_algorithm_t cipher, gnutls_cipher_algorithm_t cipher,
gnutls_mac_algorithm_t mac, gnutls_mac_algorithm_t mac,
gnutls_compression_method_t comp, gnutls_compression_method_t comp,
const gnutls_datum_t * master, const gnutls_datum_t * master,
const gnutls_datum_t * session_id); const gnutls_datum_t * session_id);
skipping to change at line 1999 skipping to change at line 2043
int int
pk_algos_length, pk_algos_length,
gnutls_retr2_st *); gnutls_retr2_st *);
void void
gnutls_certificate_set_retrieve_function(gnutls_certificate_credentials_t gnutls_certificate_set_retrieve_function(gnutls_certificate_credentials_t
cred, cred,
gnutls_certificate_retrieve_functio n gnutls_certificate_retrieve_functio n
* func); * func);
typedef int gnutls_certificate_verify_function(gnutls_session_t);
void void
gnutls_certificate_set_verify_function(gnutls_certificate_credentials_t gnutls_certificate_set_verify_function(gnutls_certificate_credentials_t
cred, cred,
gnutls_certificate_verify_function gnutls_certificate_verify_function
* func); * func);
void void
gnutls_certificate_server_set_request(gnutls_session_t session, gnutls_certificate_server_set_request(gnutls_session_t session,
gnutls_certificate_request_t req); gnutls_certificate_request_t req);
skipping to change at line 2031 skipping to change at line 2074
time_t gnutls_certificate_activation_time_peers(gnutls_session_t session); time_t gnutls_certificate_activation_time_peers(gnutls_session_t session);
time_t gnutls_certificate_expiration_time_peers(gnutls_session_t session); time_t gnutls_certificate_expiration_time_peers(gnutls_session_t session);
int gnutls_certificate_client_get_request_status(gnutls_session_t session); int gnutls_certificate_client_get_request_status(gnutls_session_t session);
int gnutls_certificate_verify_peers2(gnutls_session_t session, int gnutls_certificate_verify_peers2(gnutls_session_t session,
unsigned int *status); unsigned int *status);
int gnutls_certificate_verify_peers3(gnutls_session_t session, int gnutls_certificate_verify_peers3(gnutls_session_t session,
const char *hostname, const char *hostname,
unsigned int *status); unsigned int *status);
/**
* gnutls_vdata_types_t:
* @GNUTLS_DT_UNKNOWN: Unknown data type.
* @GNUTLS_DT_DNS_HOSTNAME: The data contain a null-terminated DNS hostname
.
* @GNUTLS_DT_RFC822NAME: The data contain a null-terminated email address.
* @GNUTLS_DT_KEY_PURPOSE_OID: The data contain a null-terminated key purpo
se OID.
*
* Enumeration of different key exchange algorithms.
*/
typedef enum {
GNUTLS_DT_UNKNOWN = 0,
GNUTLS_DT_DNS_HOSTNAME = 1,
GNUTLS_DT_KEY_PURPOSE_OID = 2,
GNUTLS_DT_RFC822NAME = 3
} gnutls_vdata_types_t;
typedef struct {
gnutls_vdata_types_t type;
unsigned char *data;
unsigned int size;
} gnutls_typed_vdata_st;
int int
gnutls_certificate_verify_peers(gnutls_session_t session, gnutls_certificate_verify_peers(gnutls_session_t session,
gnutls_typed_vdata_st * data, gnutls_typed_vdata_st * data,
unsigned int elements, unsigned int elements,
unsigned int *status); unsigned int *status);
int gnutls_certificate_verification_status_print(unsigned int status, int gnutls_certificate_verification_status_print(unsigned int status,
gnutls_certificate_type_t gnutls_certificate_type_t
type, type,
gnutls_datum_t * out, gnutls_datum_t * out,
skipping to change at line 2519 skipping to change at line 2540
#define GNUTLS_E_TPM_NO_LIB -335 #define GNUTLS_E_TPM_NO_LIB -335
#define GNUTLS_E_NO_CERTIFICATE_STATUS -340 #define GNUTLS_E_NO_CERTIFICATE_STATUS -340
#define GNUTLS_E_OCSP_RESPONSE_ERROR -341 #define GNUTLS_E_OCSP_RESPONSE_ERROR -341
#define GNUTLS_E_RANDOM_DEVICE_ERROR -342 #define GNUTLS_E_RANDOM_DEVICE_ERROR -342
#define GNUTLS_E_AUTH_ERROR -343 #define GNUTLS_E_AUTH_ERROR -343
#define GNUTLS_E_NO_APPLICATION_PROTOCOL -344 #define GNUTLS_E_NO_APPLICATION_PROTOCOL -344
#define GNUTLS_E_SOCKETS_INIT_ERROR -345 #define GNUTLS_E_SOCKETS_INIT_ERROR -345
#define GNUTLS_E_KEY_IMPORT_FAILED -346 #define GNUTLS_E_KEY_IMPORT_FAILED -346
#define GNUTLS_E_INAPPROPRIATE_FALLBACK -347 /*GNUTLS_A_INAPPROPRIATE_FALLB ACK*/ #define GNUTLS_E_INAPPROPRIATE_FALLBACK -347 /*GNUTLS_A_INAPPROPRIATE_FALLB ACK*/
#define GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR -348
#define GNUTLS_E_SELF_TEST_ERROR -400 #define GNUTLS_E_SELF_TEST_ERROR -400
#define GNUTLS_E_NO_SELF_TEST -401 #define GNUTLS_E_NO_SELF_TEST -401
#define GNUTLS_E_LIB_IN_ERROR_STATE -402 #define GNUTLS_E_LIB_IN_ERROR_STATE -402
#define GNUTLS_E_PK_GENERATION_ERROR -403 #define GNUTLS_E_PK_GENERATION_ERROR -403
#define GNUTLS_E_IDNA_ERROR -404 #define GNUTLS_E_IDNA_ERROR -404
#define GNUTLS_E_NEED_FALLBACK -405 #define GNUTLS_E_NEED_FALLBACK -405
#define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250 #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250
 End of changes. 9 change blocks. 
29 lines changed or deleted 58 lines changed or added


 pkcs11.h (3.4.5)   pkcs11.h (3.4.6) 
skipping to change at line 224 skipping to change at line 224
unsigned int bits, const char *label, unsigned int bits, const char *label,
gnutls_x509_crt_fmt_t fmt, gnutls_x509_crt_fmt_t fmt,
gnutls_datum_t * pubkey, gnutls_datum_t * pubkey,
unsigned int flags); unsigned int flags);
int int
gnutls_pkcs11_privkey_generate(const char *url, gnutls_pk_algorithm_t pk, gnutls_pkcs11_privkey_generate(const char *url, gnutls_pk_algorithm_t pk,
unsigned int bits, const char *label, unsigned int bits, const char *label,
unsigned int flags); unsigned int flags);
#endif #endif
int
gnutls_pkcs11_copy_pubkey(const char *token_url,
gnutls_pubkey_t crt, const char *label,
const gnutls_datum_t *cid,
unsigned int key_usage, unsigned int flags);
#define gnutls_pkcs11_copy_x509_crt(url, crt, label, flags) \ #define gnutls_pkcs11_copy_x509_crt(url, crt, label, flags) \
gnutls_pkcs11_copy_x509_crt2(url, crt, label, NULL, flags) gnutls_pkcs11_copy_x509_crt2(url, crt, label, NULL, flags)
int gnutls_pkcs11_copy_x509_crt2(const char *token_url, int gnutls_pkcs11_copy_x509_crt2(const char *token_url,
gnutls_x509_crt_t crt, gnutls_x509_crt_t crt,
const char *label, const char *label,
const gnutls_datum_t *id, const gnutls_datum_t *id,
unsigned int flags /* GNUTLS_PKCS11_OBJ_FLAG _* */); unsigned int flags /* GNUTLS_PKCS11_OBJ_FLAG _* */);
#define gnutls_pkcs11_copy_x509_privkey(url, key, label, usage, flags) \ #define gnutls_pkcs11_copy_x509_privkey(url, key, label, usage, flags) \
 End of changes. 1 change blocks. 
0 lines changed or deleted 6 lines changed or added

This html diff was produced by rfcdiff 1.41.The latest version is available from http://tools.ietf.org/tools/rfcdiff/