Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 28 07:05:46 2019 +0200

    doc: do not distribute pdf files
    
    It compicates the 'make dist' phase and does not add much
    value as the files are available from the web site.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 28 06:45:56 2019 +0200

    released 3.6.8
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 27 22:34:42 2019 +0200

    minor updates in the latex version of the manual [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 27 21:29:44 2019 +0200

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Fri May 24 12:59:13 2019 +0200

    .gitlab-ci.yml: ensure that the LIBS variable is empty after a configure run
    
    We do not use this variable as it is global and applies to all of
    tests, applications and library, and when it is set it is usually due to
    bugs in configure.ac.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu May 23 21:20:49 2019 +0200

    Do not add libraries in the global LIBS in configure
    
    This ensures that libraries are linked with the programs
    requiring them.
    
    Resolves: #735
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 23 11:41:45 2019 +0200

    bumped version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 24 05:46:18 2019 +0200

    tests: prf-early fixes the global version
    
    This allows having fixed data in the hello message involved.
    That required exposing the variable holding the global gnutls
    version number for testing.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu May 23 21:32:58 2019 +0200

    certtool: corrected typo in manual [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Thu May 23 21:11:58 2019 +0200

    Revert "bumped version"
    
    In order to make the CI functional again. The version number update
    seems to conflict with tests/tls13/prf-early.sh
    
    This reverts commit d34d93b8713cf10235ce7016fd69b6932b0752c0.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 23 15:29:23 2019 +0200

    tests: prf-early.sh: use the static flag of datefudge
    
    This eliminates unexpected failures of the test in slower systems.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 23 15:41:19 2019 +0200

    tlsfuzzer: reverted accidental move to incorrect version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 23 11:44:12 2019 +0200

    NEWS: doc update
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Thu May 23 11:41:45 2019 +0200

    bumped version
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Wed May 22 15:08:45 2019 -0400

    Pass down Q for FFDHE in al pre TLS1.3 as well
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Tue May 21 09:40:01 2019 -0400

    Check Q for FFDHE primes in prime-check
    
    These are mersenne primes so q = (p - 1) / 2
    We check that p = (q * 2) + 1
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Mon May 20 17:13:12 2019 -0400

    Always pass in and check Q in TLS 1.3
    
    In FIPS mode do an extra check that we did have Q, but it is always
    passed into the tls13 derive function from the callers.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri May 17 14:05:37 2019 -0400

    Add plumbing to handle Q parameter in DH exchanges
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Tue May 14 18:38:33 2019 -0400

    Add test to ensure ECDH exchange behaves correctly
    
    This test ensures that public keys are properly tested for validity
    before a ECDH exchange is computed.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri May 10 14:49:05 2019 -0400

    Add test to ensure DH exchange behaves correctly
    
    This test ensures that public keys are properly tested for validity
    before a DH exchange is computed.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri May 3 12:32:56 2019 -0400

    Add Full Public Key Check for DH
    
    This is for NIST SP800-56A requirements and FIPS CAVS testing.
    GnuTLS never passes in a non-empty Q for normal operations, but tests will
    and if Q is passed in it needs to be checked.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Wed May 1 10:57:51 2019 -0400

    Fix Copy&Paste error
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed May 22 10:39:27 2019 +0200

    tls13/key_update: increase handling limit from 1 to 8
    
    The limit was too small when testing the capability of handling
    multiple KeyUpdate messages with tlsfuzzer.
    
    This requires a change in the rate limit logic, as previously it
    doesn't count the KeyUpdate messages despite the name of
    KEY_UPDATES_PER_SEC.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed May 22 11:51:57 2019 +0200

    tlsfuzzer: use %ALLOW_SMALL_RECORDS for testing
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Wed May 22 11:16:03 2019 +0200

    priority: add new option to allow small records (>= 64)
    
    There is a mismatch in the lower limit of record sizes in RFC
    8449 (64) and our default (512).  If the server advertises a smaller
    limit than our default, the client has no way to keep communicating
    with the server.
    
    This patch adds a new priority string option %ALLOW_SMALL_RECORDS to
    set the limit to 64.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue May 21 08:32:21 2019 +0200

    record_add_to_buffers: check if there is an incomplete handshake header
    
    The function checks if a Handshake message is interleaved with an
    Application Data, but the check was insuffient because it assumed that
    a complete header is received in the buffer.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri May 17 11:51:00 2019 +0200

    algorithms: eliminate the FFDHE alert desc requirement
    
    This implements the errata for RFC 7919 eliminating the requirement to
    reply with an insufficient_security alert when we have negotiated an
    FFDHE group, but cannot find common ciphersuite:
    https://www.rfc-editor.org/errata/eid4908
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Aleksei Nikiforov <darktemplar@basealt.ru>
Date:   Fri May 17 14:44:06 2019 +0300

    Mark second argument of function gnutls_x509_crt_equals2 as const
    
    This will allow using this function with certificates
    returned by function gnutls_certificate_get_peers
    without casts dropping const qualifier or
    making temporary copies out of retrieved data.
    
    Signed-off-by: Aleksei Nikiforov <darktemplar@basealt.ru>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Tue May 21 08:22:08 2019 +0200

    tests: verify functionality of GNUTLS_VERIFY_DISABLE_CA_SIGN flag
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Kenneth J. Miller <ken@miller.ec>
Date:   Mon Apr 15 17:56:13 2019 +0200

    pubkey: remove deprecated TLS1_RSA flag check
    
    The gnutls_certificate_verify_flags comparisons against
    OLD_PUBKEY_VERIFY_FLAG_TLS1_RSA conflicts with
    GNUTLS_VERIFY_DISABLE_CA_SIGN and no longer seems to be used in calls to
    both gnutls_pubkey_verify_data2 and gnutls_pubkey_verify_hash2 as it
    seems to have been fully replaced by GNUTLS_VERIFY_USE_TLS1_RSA.
    
    Resolves: #754
    
    Signed-off-by: Kenneth J. Miller <ken@miller.ec>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 21 05:54:35 2019 +0200

    x509.h: corrected typo in newly introduced definition
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Mon May 20 21:34:30 2019 +0200

    x509.h: removed stray '%'
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 20 16:13:12 2019 +0200

    certtool: CA certificates will contain the digital signature key usage flag
    
    This change ensures that all certificates will contain the digital
    signature key usage flag if that's specified in the template.
    
    Resolves: #767
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 20 14:40:31 2019 +0200

    Added profile to correspond to the future security parameter
    
    It seems that the FUTURE security level parameter was added
    without a corresponding verification profile. This patch address
    the issue by introducing it.
    
    Resolves: #770
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 20 15:47:41 2019 +0200

    tests: added unit tests of utc and generalTime convertor
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Apr 29 19:03:55 2019 +0200

    server auth: disable TLS 1.3 if no signature algorithm is usable
    
    This is a server side counterpart of
    005a4d04145707daad9588acedfdb5f6cd97c80c.
    
    Instead of signalling an error when no algorithm is usable in TLS 1.3,
    it downgrades the session to TLS 1.2 with a warning.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat May 18 21:13:10 2019 +0200

    algorithms/secparams.c: fixed indentation
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon May 20 14:34:56 2019 +0200

    gnutls-serv: GERR macro will output in stderr
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Mon May 20 11:10:11 2019 +0200

    Apply STD3 ASCII rules in gnutls_idna_map()
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri May 10 11:42:46 2019 +0200

    Fix _Thread_local for C99 installed in C11 environments
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri May 10 11:27:32 2019 +0200

    Remove redundant typedef of Tspi_Context_GetTpmObject_func()
    
    Gcc 4.4 errors out on this.
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed May 15 09:47:24 2019 +0200

    Update gnulib for gcc-9 manywarnings
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Tue May 14 21:39:46 2019 +0200

    Check all memory allocation in examples and certtool
    
    Resolves: #739
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 25 17:08:43 2019 +0200

    ext/record_size_limit: distinguish sending and receiving limits
    
    The previous behavior was that both sending and receiving limits are
    negotiated to be the same value.  It was problematic when:
    
    - client sends a record_size_limit with a large value in CH
    - server sends a record_size_limit with a smaller value in EE
    - client updates the limit for both sending and receiving, upon
      receiving EE
    - server sends a Certificate message larger than the limit
    
    With this patch, each peer maintains the sending / receiving limits
    separately so not to confuse with the contradicting settings.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Date:   Tue May 7 14:49:05 2019 +0300

    lib/nettle: fix carry flag in Streebog code
    
    Fix carry flag being calculated incorrectly in Streebog code.
    
    Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Fri May 10 13:31:23 2019 +0200

    Fix endless looping GETPORT in tests/scripts/common.sh
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 10 06:30:12 2019 +0200

    _gnutls_srp_entry_free: follow consistent behavior in freeing data
    
    _gnutls_srp_entry_free would previously not free any parameters that
    were known to gnutls to account for documented behavior of
    gnutls_srp_set_server_credentials_function(). This was not updated
    when the newly added 8192 parameter was added to the library.
    
    This introduces a safety check for generator parameters, even though
    in practice they are the same pointer.
    
    Resolves: #761
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed May 8 22:08:18 2019 +0200

    dane.h: added multiple inclusion header guard
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed May 8 21:52:54 2019 +0200

    tools: suppress ctime() error from static analysers
    
    This function is not thread safe and can be easily misused
    even in single threaded scenarios (one such minor bug fixed).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Wed May 8 22:05:10 2019 +0200

    accelerated: added header guards
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed May 1 20:33:28 2019 +0200

    Add or clean header guards in lib/nettle
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:22:59 2019 +0200

    Add or clean header guards in tests/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:19:01 2019 +0200

    Add or clean header guards in src/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:11:13 2019 +0200

    Add or clean header guards in lib/x509/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:08:27 2019 +0200

    Add or clean header guards in lib/tls13/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:05:32 2019 +0200

    Add or clean header guards in lib/extras/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 12:03:07 2019 +0200

    Add or clean header guards in lib/ext/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Sun Apr 28 11:55:37 2019 +0200

    Add or clean header guards in lib/auth/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Mar 14 21:21:50 2019 +0100

    Add or clean header guards in lib/
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Wed Apr 24 21:21:12 2019 +0200

    Add 'Header guards' section in CONTRIBUTING.md
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Daniel Schaefer <git@danielschaefer.me>
Date:   Sun May 5 14:35:02 2019 +0200

    guile: Properly format guile configure options
    
    Without the square brackets autoconf turns hyphens into underscores,
    which is not what we want or what the help says.
    
    Signed-off-by: Daniel Schaefer <git@danielschaefer.me>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Fri May 3 19:10:03 2019 +0200

    gnutls_sign_list: document the non-thread-safeness
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Apr 30 14:42:51 2019 +0200

    crypto: add private API to retrieve internal IV
    
    For FIPS validation purposes, this adds a new function
    _gnutls_cipher_get_iv() that exposes internal IV after encryption and
    decryption.  The function is not generally useful because the IV value
    can be easily calculated from the initial IV and the subsequent
    ciphertext but for FIPS validation purposes.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Apr 29 13:15:33 2019 +0200

    abi-check: supply --hd2 to abi-check-latest target
    
    To suppress changes in internal structures.
    Suggested by Nikos Mavrogiannopoulos.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 20 18:46:23 2019 +0200

    certtool: refuse to accept an incompatible key type
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Mon Apr 15 14:32:55 2019 +0200

    certtool: generate RSA-PSS certificates from RSA keys
    
    When generating certificates it was not possible to generate
    an RSA-PSS certificate from an RSA key (common scenario). This
    fixes the certificate generation to include such a method.
    
    Ironically there was a test for this scenario but the test
    was limited to checking that the combination of certtool parameters
    succeeded; modified the test to check the textual expression of
    the certificate for the RSA-PSS indicators.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Apr 19 22:04:24 2019 +0200

    tls13/session_ticket: use the same ticket_age_add regardless of endianness
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Apr 19 16:59:31 2019 +0200

    tls13/session_ticket: avoid UB regarding 64-bit time encoding
    
    On 32-bit platform, struct timespec.tv_sec can be signed 32-bit and
    thus right shifting 32 could be an undefined behavior.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Fri Apr 19 08:12:56 2019 +0200

    tests: make datefudge check robuster
    
    When checking datefudge availability under cross-compiling environment
    with a binfmt wrapper, it is not sufficient to check against the host
    executable.  This instead uses a test executable compiled for the
    target architecture.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 14:35:32 2019 +0200

    serv, cli: add --keymatexport option
    
    This adds --keymatexport and --keymatexportsize options to both
    gnutls-serv and gnutls-cli.  Those would be useful for testing
    interoperability with other implementations.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 12:11:00 2019 +0200

    prf: add function to retrieve early keying material
    
    This adds a new function gnutls_prf_early, which shall be called in a
    handshake hook waiting for GNUTLS_HANDSHAKE_CLIENT_HELLO.  The test
    needs to be run in a datefudge wrapper as the early secrets depend on
    the current time (through PSK).
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 12:07:00 2019 +0200

    handshake: generate early exporter secret
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 12:00:46 2019 +0200

    handshake: move early secrets calculation to pre_shared_key
    
    TLS 1.3 Early Secret and the derived keys are calculated upon a PSK
    being selected, thus the code fits better in ext/pre_shared_key.c.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 12:10:00 2019 +0200

    tests/tls13/prf: check if the exported material matches on server
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 11 11:23:26 2019 +0200

    prf: centrally define "exporter" label in handshake.h
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Andreas Metzler <ametzler@bebt.de>
Date:   Thu Apr 18 18:43:30 2019 +0200

    doc: Add documentation for GNUTLS_CERT_IGNORE
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Apr 16 14:27:10 2019 +0200

    p11tool: copy vendor query attributes when listing privkeys
    
    When listing private keys on a specified token, "pin-value" is
    ignored and the tool looks for GNUTLS_PIN, because it internally
    strips out vendor query attributes from the original URL.
    
    This also replaces the global uses of GNUTLS_PIN envvar in
    testpkcs11.sh to check the case where the envvar is not in effect.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 7 13:22:21 2019 +0200

    abi-check: simplify ABI comparison using libabigail tools
    
    These have output ABI format compatibility and that means we can
    take snapshots to test ABI against. We also hard-code explicitly
    the SONAME version to ensure no accidental SONAME bumps happen.
    
    This patch also moves symbols.last in the devel/ subdirectory
    and no internal files are shipped.
    
    Relates: #292
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 7 18:29:02 2019 +0200

    .gitignore: ignore tests/libpkcs11mock2.la
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 7 14:30:30 2019 +0200

    gnutls.h: re-define GNUTLS_CRT_RAWPK
    
    This was available before 3.6.4, and was incorrectly removed.
    It was found using libabigail tools.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Bernhard M. Wiedemann <bwiedemann@suse.de>
Date:   Sun Apr 14 16:53:52 2019 +0200

    Extend test cert to 2049-05-27
    
    instead of expiring in 2024-02-29
    This update did not trigger y2038 bugs on 32-bit systems.
    
    Without this patch, one test fails after 2024:
     doit:124: rsa pss key: gnutls_x509_crt_verify_data2                    |
     FAIL x509sign-verify (exit status: 1)
    
    Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>

Author: Andreas Metzler <gitlab@bebt.de>
Date:   Sun Apr 14 15:25:31 2019 +0000

    Fix link error with gcc-9
    
    Use LDADD instead of LDFLAGS to link test cipher-openssl-compat against
    libcrypto. This fixes a build error with gcc9 which passes the linker
    option --as-needed by default.
    
    Signed-off-by: Andreas Metzler <ametzler@bebt.de>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 14 16:15:23 2019 +0200

    doc: mark TLS1.2 functions as such [ci skip]
    
    gnutls_cipher_suite_get_name and gnutls_session_get_master_secret
    are marked as TLS1.2 or earlier-only as they cannot be used with
    TLS 1.3.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 13 08:37:50 2019 +0200

    gnutlsxx.h: removed fixme comments [ci skip]
    
    They served no purpose.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 13 08:33:57 2019 +0200

    gnutls-cli: renamed global variable name
    
    That is because the same variable name is used by local
    variables as well.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Thu Apr 11 09:46:21 2019 +0200

    Fix WIN32 custom push/pull functions
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
    Reported-by: J. Ali Harlow (@j_ali on Gitlab.com)

Author: Daiki Ueno <dueno@redhat.com>
Date:   Tue Apr 9 18:20:15 2019 +0200

    tests: fix race condition in tls13/post-handshake-with-cert-pkcs11
    
    The test had a strange setup of server/client processes: the server
    runs in a child process and the client runs in a parent process.  The
    intention behind this was to detect softhsm availability in the parent
    process and exit with 77 if missing.  However, there was a potential
    race when the server exits and proceeds to the next call of start().
    
    This fixes the process setup and moves the softhsm detection at the
    program startup.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Tue Apr 9 19:01:46 2019 +0300

    build: rename guile variables to match upstream names
    
    Reduce confusion between the upstream terms and the gnutls terms.
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Wed Apr 3 18:42:26 2019 +0300

    build: allow override guile system location
    
    guile has three settings acquired from system:
    * GUILE_SITE
    * GUILE_SITE_CCACHE
    * GUILE_EXTENSION
    
    The <guile-2.2 m4 macro exposed only GUILE_SITE while build tried to guess the
    other variables based on the $libdir of the gnutls which may be different.
    
    The >=guile-2.2 m4 macro provides all settings for build to use as default,
    while allowing to override each.
    
    Resolves: #748
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Marius Bakke <mbakke@fastmail.com>
Date:   Tue Apr 9 14:17:09 2019 +0200

    Makefile.am: Don't assume autoopts-config returns a single dash.
    
    On distributions such as Nix or Guix, `autoopts-config libsrc` may
    return something along the lines of
    "/gnu/store/...-autogen-5.18.16/share/autogen/libopts-42.1.17.tar.gz".
    
    * Makefile.am (libopts-check): Print only the last field from
    autoopts-config output.
    
    Signed-off-by: Marius Bakke <mbakke@fastmail.com>

Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Apr 9 12:19:00 2019 +0200

    Pass CI commit check if branches are 'even'
    
    Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Mon Apr 8 20:34:24 2019 +0300

    tests: cert-tests: crl: cleanup files
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Alon Bar-Lev <alon.barlev@gmail.com>
Date:   Tue Apr 9 07:59:53 2019 +0300

    ci: refresh the cache due to failures in debian
    
    Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sun Apr 7 13:03:20 2019 +0200

    CONTRIBUTING.md: document unit testing method of internal functions [ci skip]
    
    Resolves: #749
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 4 16:51:28 2019 +0200

    tests: add post-handshake auth test using PKCS#11 token
    
    This adds a test that exercise the client's auth rejection logic,
    using the RSA-PSS disabled PKCS #11 token.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 4 16:40:11 2019 +0200

    tests: add mock PKCS#11 module disabling RSA-PSS
    
    This adds libpkcs11mock2.so, which wraps SoftHSM but filters out the
    use of the CKM_RSA_PKCS_PSS mechanism.  That way we can simulate the
    situation where the certificate is RSA while the private key cannot be
    used for RSA-PSS.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Apr 6 08:34:43 2019 +0200

    nettle: include config.h before checking for definitions
    
    This makes sure that we don't include the internal backport
    if compiled with a version of nettle that includes that code.
    We also exclude nettle/backport from the static analyzer's list
    as it contains files outside our control (from nettle project).
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

Author: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Date:   Thu Mar 28 23:04:13 2019 +0100

    gnutls_memset(): calling explicit_bzero() is enough to zero-fill a buffer
    
    If we use explicit_bzero() to zero-fill a buffer in gnutls_memset() we
    don't need to zero it again via a volatile trick later in this function.
    
    Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>

Author: Elta Koepp <elta_koepp@gmail.com>
Date:   Fri Apr 5 10:04:12 2019 -0400

    [OSCP] Fix : null pointer resp
    
    Signed-off-by: Elta Koepp <elta_koepp@gmail.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Thu Apr 4 17:01:24 2019 +0200

    cert auth: reject auth if no signature algorithm is usable in TLS 1.3
    
    Previously, when there is no overlap between usable signature
    algorithms and the "signature_algorithms" extension in Certificate
    Request, the client failed in sending Certificate Verify, followed by
    a connection close.  In TLS 1.3, it is possible to keep the connection
    but reject the authentication by not sending Certificate Verify.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Daiki Ueno <dueno@redhat.com>
Date:   Mon Apr 1 14:14:12 2019 +0200

    handshake: remove unnecessary HSK_CRT_SENT flag
    
    Previously, while the flag HSK_CRT_SENT was checked in
    _gnutls13_send_certificate_verify, the flag was never set anywhere.
    
    Signed-off-by: Daiki Ueno <dueno@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date:   Wed Apr 3 11:59:37 2019 +0200

    .gitlab-ci.yml: do not run commit-check on master branch
    
    That is, because there are no diffs to check.
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

Author: Simo Sorce <simo@redhat.com>
Date:   Fri Mar 29 14:01:14 2019 -0400

    Fix check_if_signed
    
    Fix the target branch we check against by adding upstream as remote.
    
    Drop the use of set -e as this causes the shell to immediately exit on
    errors instead of allowing the code to check the failure and report what
    it faled about.
    
    Also print which commits are being checked and what information was found
    so that a CI failure can be better diagnosed.
    
    Signed-off-by: Simo Sorce <simo@redhat.com>

Author: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date:   Sat Mar 30 05:37:02 2019 +0100

    doc update [ci skip]
    
    Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
