2014-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/verify-high.c: check the blacklist for certificates
	provided in gnutls_x509_trust_list_verify_named_crt().

2014-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: added release date

2014-02-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-02-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: Allow all ciphersuites in SSL3.0
	when they are available in TLS1.0

2014-02-19  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/x509/verify.c: corrected return codes.

2014-02-28  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/x509/extensions.c: Corrected error checking in
	_gnutls_x509_ext_gen_proxyCertInfo Conflicts: 	lib/x509/extensions.c

2014-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2014-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-02-26  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_cert.c: removed not trusted message; reported by Michel
	Briand.  Conflicts: 	lib/gnutls_cert.c

2014-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: combine initializations

2014-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c, lib/gnutls_state.c: reinitialize the
	handshake timers when gnutls_handshake() is called.  Conflicts: 	lib/gnutls_handshake.c 	lib/gnutls_state.c

2014-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pcert.c: Corrected bug in
	gnutls_pcert_list_import_x509_raw().  The bug caused gnutls_pcert_list_import_x509_raw() to crash if
	gnutls_x509_crt_list_import() would fail with the provided data.
	Reported by Dmitriy Anisimkov.  Conflicts: 	lib/gnutls_pcert.c

2014-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.21

2014-02-13  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/libopts/m4/libopts.m4: removed conditional generation of
	libopts makefile

2014-02-13  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* configure.ac, m4/hooks.m4: bumped version

2014-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-02-12  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2014-02-12  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/x509/verify.c: Fixed bug that prevented the rejection of v1
	intermediate CA certificates.

2014-02-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* maint.mk: updated indent cmd

2014-02-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* cfg.mk: corrected indent parameters

2014-02-03  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_priority.c: When setting multiple initial keywords in a
	priority string, the security level set is the one of the lowest
	security.  Conflicts: 	lib/gnutls_priority.c

2014-02-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-02-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: When two initial keywords are specified
	then treat the second as having the '+' modifier.  This will handle SECURE256:SECURE128 the same way as
	SECURE256:+SECURE128.

2014-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/ecc.c: tolerate servers that included the SUPPORTED ECC
	extension.  This is an extension that is defined to be sent by the client but
	there are servers that include it as well. Most other
	implementations tolerate this behavior so we do.  Conflicts: 	lib/ext/ecc.c

2014-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: reduced the TLS version
	requirements for all ciphersuites that are not GCM.

2014-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/nettle/rnd.c: use RUSAGE_THREAD when available

2014-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.20

2014-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: corrected typo

2014-01-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-27  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_db.c: correctly read the magic number and timestamp;
	report and patch by Jonathan Roudiere

2014-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2014-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/libgnutls.map: exported missing functions

2014-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c: fixed null pointer derefence when printing a
	name and an LDAP description isn't present for the OID Conflicts: 	lib/x509/common.c

2014-01-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/libgnutls.map: exported gnutls_x509_policy_release

2014-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-ocsptool.texi, doc/invoke-p11tool.texi,
	doc/invoke-psktool.texi, doc/invoke-srptool.texi,
	doc/invoke-tpmtool.texi: doc update

2014-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2014-01-20  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_handshake.c: correctly address cookie

2014-01-20  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_pubkey.c: always set subkey status

2014-01-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_priority.c: when freeing priority_cache make sure it is
	set to NULL

2014-01-07  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2014-01-06  Nils Maier <maierman@web.de>

	* lib/ext/status_request.c: Fix CERTIFICATE STATUS processing when
	using non-blocking I/O _gnutls_recv_server_certificate_status() must wait for the first
	full packet before setting priv->expect_cstatus = 0, or else
	CERTIFCATE STATUS packets won't be processed in subsequent calls at
	all, leaving them in the buffer and therefore causing later
	connection aborts.

2013-12-26  Gustavo Zacarias <gustavo@zacarias.com.ar>

	* src/crywrap/Makefile.am: Add LIB_CLOCK_GETTIME to crywrap It's used indirectly thus causing build breakage on versions of
	glibc where it's defined in librt rather than libc directly.  Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

2013-12-23  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/cli.c: corrected key ID size check

2013-12-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, m4/hooks.m4: bumped version

2013-12-18  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-12  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/auth/dh_common.c: Enforce the DEFAULT_MAX_VERIFY_BITS for DH
	prime size as well.  Conflicts: 	lib/auth/dh_common.c Conflicts: 	lib/auth/dh_common.c

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi: doc update

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* doc/Makefile.am: backported makefile for doc generation

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* configure.ac, lib/system.c: Added configure option
	--with-default-blacklist-file This option allows to specify a file containing blacklisted
	certificates.  Conflicts: 	lib/system.c

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/x509/verify-high.c, lib/x509/verify-high2.c: 
	gnutls_x509_trust_list_remove_cas() and derivatives will utilize a
	black list.  When a CA or certificate is removed from the trusted list, it is
	also added in a blacklist to ensure that it will not be accepted due
	to interdependency (e.g., it is a subordinate CA), or because it is
	not a CA.  Conflicts: 	lib/x509/verify-high.c

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/x509/verify-high2.c: Corrected documentation for
	gnutls_x509_trust_list_add_trust_*

2013-11-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system.h: Detect the presence of posix locks even without
	linked to libpthread.

2013-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/coff/appro-aes-gcm-x86-64-coff.s,
	lib/accelerated/x86/coff/appro-aes-x86-64-coff.s,
	lib/accelerated/x86/coff/padlock-x86-64-coff.s,
	lib/accelerated/x86/coff/padlock-x86-coff.s,
	lib/accelerated/x86/elf/appro-aes-gcm-x86-64.s,
	lib/accelerated/x86/elf/appro-aes-x86-64.s,
	lib/accelerated/x86/elf/padlock-x86-64.s,
	lib/accelerated/x86/elf/padlock-x86.s,
	lib/accelerated/x86/macosx/appro-aes-gcm-x86-64-macosx.s,
	lib/accelerated/x86/macosx/appro-aes-x86-64-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-64-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-macosx.s: updated
	auto-generated asm files. This fixes a valgrind complaint when
	AES-NI is in use.

2013-11-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* devel/perlasm/aesni-x86.pl, devel/perlasm/aesni-x86_64.pl,
	devel/perlasm/cbc.pl, devel/perlasm/e_padlock-x86.pl,
	devel/perlasm/e_padlock-x86_64.pl, devel/perlasm/ghash-x86.pl,
	devel/perlasm/ghash-x86_64.pl, devel/perlasm/ppc-xlate.pl,
	devel/perlasm/x86_64-xlate.pl, devel/perlasm/x86asm.pl,
	devel/perlasm/x86gas.pl, devel/perlasm/x86masm.pl,
	devel/perlasm/x86nasm.pl: updated perlasm files

2013-11-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: updated e-mail address

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/Makefile.am, src/libopts/Makefile.am: compile
	libopts as a libtool library

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi,
	doc/manpages/tpmtool.1: updated autogenerated files.

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: corrected libopts check

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: corrected path

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Corrected check of usage of local libopts when
	autogen isn't present

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.17

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_compress.c: disallow any compression in DTLS

2013-11-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/session_ticket.c: generate separate IV for session
	tickets.

2013-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/aes-x86.c, lib/gnutls_global.h,
	lib/gnutls_priority.c: GCM modes are always preferred to CBC

2013-07-16  Matt Whitlock <matt@whitlock.name>

	* lib/gnutls_buffers.c: avoid leaking a buffer element when
	_gnutls_stream_read returns 0

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi, src/args-std.def: 
	doc update

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-args.def, src/certtool-cfg.c, src/certtool.c: Check
	for overflows when setting time and allow a time of -1.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c: Dates and time that would overflow the
	GeneralTime are also truncated.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c, lib/x509/x509_write.c: An expiration time of
	(time_t)-1 will set to the no well-defined expiration date value.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/base64.c, gl/intprops.h, gl/isnan.c,
	gl/m4/extern-inline.m4, gl/m4/gnulib-cache.m4, maint.mk: updated
	gnulib

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/testcompat, tests/suite/testcompat-main: backported
	testsuite

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: correctly set the ciphersuite when the
	set_premaster interface is used.

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Report the inclusion of libopts and libtasn1.

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-11-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-13  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/udp-serv.c: corrected bug in gnutls-cli when used on IPv6
	addresses.

2013-11-12  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* lib/gnutls_global.c: doc update

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-handshake-timeout.c: Ignore SIGPIPE.  Diagnosed by Petr Salinger and Steven Chamberlain. Reported by
	Andreas Metzler.

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-p11tool.texi: doc update

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: updated for new libopts

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/Makefile.am, src/libopts/ag-char-map.h,
	src/libopts/alias.c, src/libopts/ao-strs.c, src/libopts/ao-strs.h,
	src/libopts/autoopts.c, src/libopts/autoopts.h,
	src/libopts/autoopts/options.h, src/libopts/autoopts/project.h,
	src/libopts/autoopts/usage-txt.h, src/libopts/compat/compat.h,
	src/libopts/compat/pathfind.c, src/libopts/compat/strchr.c,
	src/libopts/configfile.c, src/libopts/enum.c, src/libopts/find.c,
	src/libopts/genshell.c, src/libopts/genshell.h,
	src/libopts/gettext.h, src/libopts/init.c, src/libopts/load.c,
	src/libopts/m4/libopts.m4, src/libopts/makeshell.c,
	src/libopts/option-value-type.c, src/libopts/option-value-type.h,
	src/libopts/option-xat-attribute.c,
	src/libopts/option-xat-attribute.h, src/libopts/pgusage.c,
	src/libopts/proto.h, src/libopts/putshell.c, src/libopts/restore.c,
	src/libopts/save.c, src/libopts/stack.c, src/libopts/streqvcmp.c,
	src/libopts/text_mmap.c, src/libopts/usage.c, src/libopts/version.c: 
	updated libopts

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, NEWS, configure.ac, src/certtool-args.c,
	src/certtool-args.h, src/cli-args.c, src/cli-args.h,
	src/cli-debug-args.c, src/cli-debug-args.h, src/danetool-args.c,
	src/danetool-args.h, src/ocsptool-args.c, src/ocsptool-args.h,
	src/p11tool-args.c, src/p11tool-args.h, src/psk-args.c,
	src/psk-args.h, src/serv-args.c, src/serv-args.h,
	src/srptool-args.c, src/srptool-args.h, src/tpmtool-args.c,
	src/tpmtool-args.h: Distribute the autogen'erated files as .bak and
	enable them only if local libopts is being used

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/p11tool-args.def: doc update

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c: Read GNUTLS_PKCS11_PIN environment variable.

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pkcs11.c: removed unused variable

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509_dn.c: bug fix in gnutls_x509_crt_set_dn() at DN
	parsing.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/x509_dn.c: removed debugging info

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11_write.c: write the proper key ID in the token

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: do not traverse PKCS #11 tokens that were not
	requested.

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_errors.c: doc update

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: do not set any default level

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: Assign very weak level to priority string
	NONE only.

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: Corrected the naming of several PSK
	ciphersuites

2013-10-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: Ciphersuites with ARCFOUR in name
	were renamed to ARCFOUR_128

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-10-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, doc/cha-tokens.texi: Support for TPM modules
	via trousers is now enabled by default.

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/sign.c: Added additional ISO OIDs for RSA-MD5 and
	DSA-SHA1.

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool.c: Do not print private key parameters when exporting
	an encrypted private key.

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.16

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/config.rpath, build-aux/gendocs.sh,
	build-aux/pmccabe2html, build-aux/test-driver, gl/Makefile.am,
	gl/argp-fmtstream.h, gl/argp-help.c, gl/argp.h, gl/c-ctype.h,
	gl/dup2.c, gl/error.c, gl/fseeko.c, gl/intprops.h, gl/m4/dup2.m4,
	gl/m4/extensions.m4, gl/m4/extern-inline.m4, gl/m4/frexp.m4,
	gl/m4/fseeko.m4, gl/m4/getdtablesize.m4, gl/m4/gnulib-comp.m4,
	gl/m4/intl.m4, gl/m4/inttypes.m4, gl/m4/lock.m4,
	gl/m4/manywarnings.m4, gl/m4/po.m4, gl/m4/putenv.m4,
	gl/m4/stdalign.m4, gl/m4/sys_types_h.m4, gl/m4/unistd_h.m4,
	gl/m4/warnings.m4, gl/math.in.h, gl/msvc-inval.c, gl/signal.in.h,
	gl/stdalign.in.h, gl/stdio-impl.h, gl/stdio.in.h,
	gl/strerror-override.h, gl/sys_select.in.h, gl/sys_socket.in.h,
	gl/sys_time.in.h, gl/tests/Makefile.am, gl/tests/binary-io.h,
	gl/tests/getcwd-lgpl.c, gl/tests/getdtablesize.c,
	gl/tests/ignore-value.h, gl/tests/inttypes.in.h, gl/tests/macros.h,
	gl/tests/malloca.c, gl/tests/malloca.h, gl/tests/putenv.c,
	gl/tests/test-dup2.c, gl/tests/test-getaddrinfo.c,
	gl/tests/test-getdtablesize.c, gl/tests/test-snprintf.c,
	gl/tests/test-sys_select.c, gl/tests/test-sys_socket.c,
	gl/tests/test-sys_time.c, gl/tests/test-vasnprintf.c,
	gl/tests/test-vsnprintf.c, gl/timespec.h, gl/u64.h, gl/unistd.in.h,
	gl/vasnprintf.c, gl/verify.h, gl/xsize.h, maint.mk: Updated gnulib

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: reindented code

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: removed unused parameter

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: Reorganized main loop in dane_raw_tlsa

2013-10-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am: changes before release

2013-07-16  Adam Sampson <ats@offog.org>

	* doc/scripts/gdoc: Avoid depending on hash order in gdoc.  Previously, gdoc had a hash of regexp replacements for each output
	format, and applied the replacements in the order that "keys"
	returned for the hash. However, not all orders are safe -- and now
	that Perl 5.18 randomises hash order per-process, it only worked
	sometimes! For example, this order is OK: 'is a #gnutls_session_t structure.' '\@([A-Za-z0-9_]+)\s*' -> 'is a
	#gnutls_session_t structure.' '\%([A-Za-z0-9_]+)' -> 'is a
	#gnutls_session_t structure.' '\#([A-Za-z0-9_]+)' -> 'is a
	@code{gnutls_session_t}  structure.' '([A-Za-z0-9_]+\(\))' -> 'is a
	@code{gnutls_session_t}  structure.' This one, however, winds up producing invalid texinfo: 'is a #gnutls_session_t structure.' '\%([A-Za-z0-9_]+)' -> 'is a
	#gnutls_session_t structure.' '([A-Za-z0-9_]+\(\))' -> 'is a
	#gnutls_session_t structure.' '\#([A-Za-z0-9_]+)' -> 'is a
	@code{gnutls_session_t}  structure.' '\@([A-Za-z0-9_]+)\s*' -> 'is a
	@code{code} {gnutls_session_t}  structure.' This patch turns the hash into a list, so the replacements will
	always be done in the intended order.  Signed-off-by: Adam Sampson <ats@offog.org>

2013-10-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, libdane/dane.c: corrected dane doc

2013-10-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-cfg.c: corrected type of path_len

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/libdane.map: exported symbols

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-21  Christian Grothoff <christian@grothoff.org>

	* libdane/dane.c, libdane/includes/gnutls/dane.h: Adding
	dane_verify_crt_raw to allow direct verification of a certificate
	chain against a dane_query_t (for example, as provided by the new
	dane_raw_tlsa).  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, m4/hooks.m4: bumped dane library version

2013-10-21  Christian Grothoff <christian@grothoff.org>

	* libdane/dane.c, libdane/includes/gnutls/dane.h: Adding
	dane_raw_tlsa to allow initialization of dane_query_t from DANE
	records based on external DNS resolutions. Also fixing a buffer
	overflow.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-srptool.texi, src/srptool-args.c, src/srptool-args.h: 
	autogen'ed files update

2013-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-04  Attila Molnar <attilamolnar@hush.com>

	* src/srptool.c: Fix srptool issues From dc3a0d6d8d4aa98ccb19641e6668a03d77f381f1 Mon Sep 17 00:00:00
	2001 From: Attila Molnar <attilamolnar@hush.com> Date: Tue, 1 Oct
	2013 13:42:10 +0200 Subject: [PATCH 2/2] srptool: Fix segfault when
	 an invalid group parameter index is given If no group with the given index was found in the password conf file
	srptool crashed instead of reporting the error because the return
	value of fgets() wasn't validated before it was passed to atoi().  Signed-off-by: Attila Molnar <attilamolnar@hush.com>

2013-10-04  Attila Molnar <attilamolnar@hush.com>

	* src/srptool-args.def, src/srptool.c: Fix srptool issues From 1fac0e5352e88addb8bf57dcac126918f19d7303 Mon Sep 17 00:00:00
	2001 From: Attila Molnar <attilamolnar@hush.com> Date: Tue, 1 Oct
	2013 13:40:01 +0200 Subject: [PATCH 1/2] srptool: Fix inability to
	 add users to tpasswd and broken -i switch Signed-off-by: Attila Molnar <attilamolnar@hush.com>

2013-10-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/tpm.c: include config.h in tpm.c

2013-09-15  Ludovic Courtès <ludo@gnu.org>

	* guile/src/Makefile.am: guile: Make builds parallel-safe.  Reported by Andreas Metzler <ametzler@bebt.de>.

2013-08-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/iconv_open-aix.h, gl/iconv_open-hpux.h, gl/iconv_open-irix.h,
	gl/iconv_open-osf.h, gl/iconv_open-solaris.h: updated

2013-08-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/libgnutls.map, m4/hooks.m4: exported
	gnutls_record_set_timeout

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: corrected typo

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: avoid documentation rebuild

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: fixed guile-site-dir

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-08-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-08-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: only register current session when not
	resuming

2013-08-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pkcs11.c: removed unused code

2013-08-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pkcs11.c: Do not try to parse arbitrary objects as
	certificates.

2013-07-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-gtls-app.texi, lib/gnutls_priority.c: Added the PFS
	priority string option.

2013-08-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2013-07-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: allow empty fragments with padding.

2013-07-17  Stefan Bühler <stbuehler@web.de>

	* lib/gnutls_priority.c: gnutls priority string parsing bug fix Fix priority string parsing (example: "NONE:+MAC-ALL:-SHA1:+SHA1"
	misses SHA1 and has MD5 twice) prio_remove doesn't zero the removed element, prio_add (and perhaps
	other functions) assumes the list to be zero terminated.  Make prio_remove zero the element at the end, and use the actual
	length of the list in prio_add.  Relying on the trailing zero will fail if the list is full, and
	might lead to invalid memory accesses as the loop won't stop until
	it finds either the algorithm identifier or 0.

2013-07-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: when removing a cipher priority, make sure
	the order is kept

2013-06-06  Ludovic Courtès <ludo@gnu.org>

	* guile/tests/Makefile.am: guile: Use `LOG_COMPILER', as required by
	Automake 1.12+.

2013-06-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* guile/tests/priorities.scm: corrected priority strings

2013-07-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, build-aux/ar-lib, build-aux/config.rpath: bumped version

2013-07-04  Stef Walter <stefw@redhat.com>

	* lib/pkcs11.c: pkcs11: Use the correct attribute length for
	CKA_TRUSTED CKA_TRUSTED is a CK_BBOOL value in PKCS#11. Since object searches
	are done with the attribute byte values, we need to get the length
	exactly right.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-07-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c: corrected typo

2013-07-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: depend on newer automake

2013-07-10  Gustavo Zacarias <gustavo@zacarias.com.ar>

	* lib/accelerated/cryptodev.c: Eliminate reset from cryptodev hashes
	and mac It wasn't done in 73ec74c2 and 6f0ecbf4 for cryptodev causing build
	failures.  Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: When resuming a session send only the
	mandatory extensions.  That will make server behavior to conform to TLS RFC. Reported by
	Peter Dettman.

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c: Include MKI size in size calculations for the
	extension.  This prevents a parsing error when MKI is being used.  Reported by
	Gábor Tatárka.

2013-06-28  Ludovic Courtès <ludo@gnu.org>

	* guile/tests/anonymous-auth.scm, guile/tests/openpgp-auth.scm,
	guile/tests/x509-auth.scm: guile: tests: Use `port->fdes' rather
	than `fileno'.  This has no practical impact, but it's a better way to express that
	we don't want the file descriptors closed behind our back.

2013-06-28  Ludovic Courtès <ludo@gnu.org>

	* guile/src/core.c: guile: Keep a weak reference on objects
	aggregated by other objects.  Before, in cases such as `set-anonymous-server-dh-parameters!' where
	the C object beneath CRED keeps a pointer to the C object beneath
	DH_PARAMS, DH_PARAMS could be garbage-collected before CRED, leading
	to the destruction of the underlying C object.  Reported by Nikos Mavrogiannopoulos <nmav@gnutls.org>.

2013-06-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-06-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: enforce the maximum TLS size when setting MTU

2013-06-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* po/pl.po.in: Updated polish translation. Submitted by Jakub
	Bogusz.

2013-06-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am, lib/gnutls.pc.in, lib/nettle/Makefile.am,
	m4/hooks.m4: Directly link to gmp library. Based on original patch
	by Alon Bar-Lev.

2013-06-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.12

2013-06-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool-args.c, src/tpmtool-args.h: updated autogen generated
	files

2013-06-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: check for suse's CA bundle file

2013-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/openpgp/privkey.c: call cleanup and deinit on the correct
	number of parameters

2013-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pk.c: avoid calling clear on null values

2013-05-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-xssl.c: ignore sigpipe

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* po/LINGUAS, po/eo.po.in: Sync with TP.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: allow ciphersuites with elliptic
	curves even when using SSL 3.0.  This works around a bug on openssl in certain Debian systems.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-xssl.c: updated xssl.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi,
	doc/manpages/tpmtool.1, src/certtool-args.c, src/certtool-args.h,
	src/cli-args.c, src/cli-args.h, src/cli-debug-args.c,
	src/cli-debug-args.h, src/danetool-args.c, src/danetool-args.h,
	src/ocsptool-args.c, src/ocsptool-args.h, src/p11tool-args.c,
	src/p11tool-args.h, src/psk-args.c, src/psk-args.h,
	src/serv-args.c, src/serv-args.h, src/srptool-args.c,
	src/srptool-args.h: updated libopts' generated files

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/COPYING.gplv3, src/libopts/COPYING.lgplv3,
	src/libopts/Makefile.am, src/libopts/README,
	src/libopts/ag-char-map.h, src/libopts/alias.c,
	src/libopts/ao-strs.c, src/libopts/ao-strs.h,
	src/libopts/autoopts.c, src/libopts/autoopts.h,
	src/libopts/autoopts/options.h, src/libopts/autoopts/project.h,
	src/libopts/autoopts/usage-txt.h, src/libopts/boolean.c,
	src/libopts/check.c, src/libopts/compat/compat.h,
	src/libopts/compat/pathfind.c, src/libopts/compat/snprintf.c,
	src/libopts/compat/strchr.c, src/libopts/compat/strdup.c,
	src/libopts/compat/windows-config.h, src/libopts/configfile.c,
	src/libopts/cook.c, src/libopts/enum.c, src/libopts/env.c,
	src/libopts/file.c, src/libopts/find.c, src/libopts/genshell.c,
	src/libopts/genshell.h, src/libopts/gettext.h, src/libopts/init.c,
	src/libopts/libopts.c, src/libopts/load.c,
	src/libopts/m4/libopts.m4, src/libopts/m4/liboptschk.m4,
	src/libopts/makeshell.c, src/libopts/nested.c,
	src/libopts/numeric.c, src/libopts/option-value-type.c,
	src/libopts/option-value-type.h,
	src/libopts/option-xat-attribute.c,
	src/libopts/option-xat-attribute.h, src/libopts/parse-duration.c,
	src/libopts/parse-duration.h, src/libopts/pgusage.c,
	src/libopts/proto.h, src/libopts/putshell.c, src/libopts/reset.c,
	src/libopts/restore.c, src/libopts/save.c, src/libopts/sort.c,
	src/libopts/stack.c, src/libopts/streqvcmp.c,
	src/libopts/text_mmap.c, src/libopts/time.c,
	src/libopts/tokenize.c, src/libopts/usage.c, src/libopts/version.c: 
	updated libopts

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms.h, lib/gnutls_dtls.c: corrected AEAD tag size

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-overhead.c: removed unsupported ciphersuites

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/mini-overhead.c: Check overhead in DTLS.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: more precise calculation of DTLS overhead

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c: doc update
[--snip--]
