2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/config.rpath, build-aux/gendocs.sh,
	build-aux/pmccabe2html, build-aux/test-driver, gl/Makefile.am,
	gl/argp-fmtstream.h, gl/argp-help.c, gl/argp.h, gl/c-ctype.h,
	gl/dup2.c, gl/error.c, gl/fseeko.c, gl/intprops.h, gl/m4/dup2.m4,
	gl/m4/extensions.m4, gl/m4/extern-inline.m4, gl/m4/frexp.m4,
	gl/m4/fseeko.m4, gl/m4/getdtablesize.m4, gl/m4/gnulib-comp.m4,
	gl/m4/intl.m4, gl/m4/inttypes.m4, gl/m4/lock.m4,
	gl/m4/manywarnings.m4, gl/m4/po.m4, gl/m4/putenv.m4,
	gl/m4/stdalign.m4, gl/m4/sys_types_h.m4, gl/m4/unistd_h.m4,
	gl/m4/warnings.m4, gl/math.in.h, gl/msvc-inval.c, gl/signal.in.h,
	gl/stdalign.in.h, gl/stdio-impl.h, gl/stdio.in.h,
	gl/strerror-override.h, gl/sys_select.in.h, gl/sys_socket.in.h,
	gl/sys_time.in.h, gl/tests/Makefile.am, gl/tests/binary-io.h,
	gl/tests/getcwd-lgpl.c, gl/tests/getdtablesize.c,
	gl/tests/ignore-value.h, gl/tests/inttypes.in.h, gl/tests/macros.h,
	gl/tests/malloca.c, gl/tests/malloca.h, gl/tests/putenv.c,
	gl/tests/test-dup2.c, gl/tests/test-getaddrinfo.c,
	gl/tests/test-getdtablesize.c, gl/tests/test-snprintf.c,
	gl/tests/test-sys_select.c, gl/tests/test-sys_socket.c,
	gl/tests/test-sys_time.c, gl/tests/test-vasnprintf.c,
	gl/tests/test-vsnprintf.c, gl/timespec.h, gl/u64.h, gl/unistd.in.h,
	gl/vasnprintf.c, gl/verify.h, gl/xsize.h, maint.mk: Updated gnulib

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: reindented code

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: removed unused parameter

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c: Reorganized main loop in dane_raw_tlsa

2013-10-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/Makefile.am: changes before release

2013-07-16  Adam Sampson <ats@offog.org>

	* doc/scripts/gdoc: Avoid depending on hash order in gdoc.  Previously, gdoc had a hash of regexp replacements for each output
	format, and applied the replacements in the order that "keys"
	returned for the hash. However, not all orders are safe -- and now
	that Perl 5.18 randomises hash order per-process, it only worked
	sometimes! For example, this order is OK: 'is a #gnutls_session_t structure.' '\@([A-Za-z0-9_]+)\s*' -> 'is a
	#gnutls_session_t structure.' '\%([A-Za-z0-9_]+)' -> 'is a
	#gnutls_session_t structure.' '\#([A-Za-z0-9_]+)' -> 'is a
	@code{gnutls_session_t}  structure.' '([A-Za-z0-9_]+\(\))' -> 'is a
	@code{gnutls_session_t}  structure.' This one, however, winds up producing invalid texinfo: 'is a #gnutls_session_t structure.' '\%([A-Za-z0-9_]+)' -> 'is a
	#gnutls_session_t structure.' '([A-Za-z0-9_]+\(\))' -> 'is a
	#gnutls_session_t structure.' '\#([A-Za-z0-9_]+)' -> 'is a
	@code{gnutls_session_t}  structure.' '\@([A-Za-z0-9_]+)\s*' -> 'is a
	@code{code} {gnutls_session_t}  structure.' This patch turns the hash into a list, so the replacements will
	always be done in the intended order.  Signed-off-by: Adam Sampson <ats@offog.org>

2013-10-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, libdane/dane.c: corrected dane doc

2013-10-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-cfg.c: corrected type of path_len

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/libdane.map: exported symbols

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-21  Christian Grothoff <christian@grothoff.org>

	* libdane/dane.c, libdane/includes/gnutls/dane.h: Adding
	dane_verify_crt_raw to allow direct verification of a certificate
	chain against a dane_query_t (for example, as provided by the new
	dane_raw_tlsa).  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-10-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, m4/hooks.m4: bumped dane library version

2013-10-21  Christian Grothoff <christian@grothoff.org>

	* libdane/dane.c, libdane/includes/gnutls/dane.h: Adding
	dane_raw_tlsa to allow initialization of dane_query_t from DANE
	records based on external DNS resolutions. Also fixing a buffer
	overflow.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-srptool.texi, src/srptool-args.c, src/srptool-args.h: 
	autogen'ed files update

2013-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-04  Attila Molnar <attilamolnar@hush.com>

	* src/srptool.c: Fix srptool issues From dc3a0d6d8d4aa98ccb19641e6668a03d77f381f1 Mon Sep 17 00:00:00
	2001 From: Attila Molnar <attilamolnar@hush.com> Date: Tue, 1 Oct
	2013 13:42:10 +0200 Subject: [PATCH 2/2] srptool: Fix segfault when
	 an invalid group parameter index is given If no group with the given index was found in the password conf file
	srptool crashed instead of reporting the error because the return
	value of fgets() wasn't validated before it was passed to atoi().  Signed-off-by: Attila Molnar <attilamolnar@hush.com>

2013-10-04  Attila Molnar <attilamolnar@hush.com>

	* src/srptool-args.def, src/srptool.c: Fix srptool issues From 1fac0e5352e88addb8bf57dcac126918f19d7303 Mon Sep 17 00:00:00
	2001 From: Attila Molnar <attilamolnar@hush.com> Date: Tue, 1 Oct
	2013 13:40:01 +0200 Subject: [PATCH 1/2] srptool: Fix inability to
	 add users to tpasswd and broken -i switch Signed-off-by: Attila Molnar <attilamolnar@hush.com>

2013-10-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/tpm.c: include config.h in tpm.c

2013-09-15  Ludovic Courtès <ludo@gnu.org>

	* guile/src/Makefile.am: guile: Make builds parallel-safe.  Reported by Andreas Metzler <ametzler@bebt.de>.

2013-08-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/iconv_open-aix.h, gl/iconv_open-hpux.h, gl/iconv_open-irix.h,
	gl/iconv_open-osf.h, gl/iconv_open-solaris.h: updated

2013-08-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/libgnutls.map, m4/hooks.m4: exported
	gnutls_record_set_timeout

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: corrected typo

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: avoid documentation rebuild

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: fixed guile-site-dir

2013-08-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-08-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-08-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: only register current session when not
	resuming

2013-08-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pkcs11.c: removed unused code

2013-08-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pkcs11.c: Do not try to parse arbitrary objects as
	certificates.

2013-07-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-gtls-app.texi, lib/gnutls_priority.c: Added the PFS
	priority string option.

2013-08-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2013-07-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_record.c: allow empty fragments with padding.

2013-07-17  Stefan Bühler <stbuehler@web.de>

	* lib/gnutls_priority.c: gnutls priority string parsing bug fix Fix priority string parsing (example: "NONE:+MAC-ALL:-SHA1:+SHA1"
	misses SHA1 and has MD5 twice) prio_remove doesn't zero the removed element, prio_add (and perhaps
	other functions) assumes the list to be zero terminated.  Make prio_remove zero the element at the end, and use the actual
	length of the list in prio_add.  Relying on the trailing zero will fail if the list is full, and
	might lead to invalid memory accesses as the loop won't stop until
	it finds either the algorithm identifier or 0.

2013-07-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_priority.c: when removing a cipher priority, make sure
	the order is kept

2013-06-06  Ludovic Courtès <ludo@gnu.org>

	* guile/tests/Makefile.am: guile: Use `LOG_COMPILER', as required by
	Automake 1.12+.

2013-06-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* guile/tests/priorities.scm: corrected priority strings

2013-07-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, build-aux/ar-lib, build-aux/config.rpath: bumped version

2013-07-04  Stef Walter <stefw@redhat.com>

	* lib/pkcs11.c: pkcs11: Use the correct attribute length for
	CKA_TRUSTED CKA_TRUSTED is a CK_BBOOL value in PKCS#11. Since object searches
	are done with the attribute byte values, we need to get the length
	exactly right.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-07-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c: corrected typo

2013-07-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: depend on newer automake

2013-07-10  Gustavo Zacarias <gustavo@zacarias.com.ar>

	* lib/accelerated/cryptodev.c: Eliminate reset from cryptodev hashes
	and mac It wasn't done in 73ec74c2 and 6f0ecbf4 for cryptodev causing build
	failures.  Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: When resuming a session send only the
	mandatory extensions.  That will make server behavior to conform to TLS RFC. Reported by
	Peter Dettman.

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/srtp.c: Include MKI size in size calculations for the
	extension.  This prevents a parsing error when MKI is being used.  Reported by
	Gábor Tatárka.

2013-06-28  Ludovic Courtès <ludo@gnu.org>

	* guile/tests/anonymous-auth.scm, guile/tests/openpgp-auth.scm,
	guile/tests/x509-auth.scm: guile: tests: Use `port->fdes' rather
	than `fileno'.  This has no practical impact, but it's a better way to express that
	we don't want the file descriptors closed behind our back.

2013-06-28  Ludovic Courtès <ludo@gnu.org>

	* guile/src/core.c: guile: Keep a weak reference on objects
	aggregated by other objects.  Before, in cases such as `set-anonymous-server-dh-parameters!' where
	the C object beneath CRED keeps a pointer to the C object beneath
	DH_PARAMS, DH_PARAMS could be garbage-collected before CRED, leading
	to the destruction of the underlying C object.  Reported by Nikos Mavrogiannopoulos <nmav@gnutls.org>.

2013-06-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-06-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: enforce the maximum TLS size when setting MTU

2013-06-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* po/pl.po.in: Updated polish translation. Submitted by Jakub
	Bogusz.

2013-06-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/Makefile.am, lib/gnutls.pc.in, lib/nettle/Makefile.am,
	m4/hooks.m4: Directly link to gmp library. Based on original patch
	by Alon Bar-Lev.

2013-06-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.12

2013-06-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tpmtool-args.c, src/tpmtool-args.h: updated autogen generated
	files

2013-06-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: check for suse's CA bundle file

2013-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/openpgp/privkey.c: call cleanup and deinit on the correct
	number of parameters

2013-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pk.c: avoid calling clear on null values

2013-05-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-xssl.c: ignore sigpipe

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* po/LINGUAS, po/eo.po.in: Sync with TP.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/ciphersuites.c: allow ciphersuites with elliptic
	curves even when using SSL 3.0.  This works around a bug on openssl in certain Debian systems.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-xssl.c: updated xssl.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	doc/invoke-gnutls-cli-debug.texi, doc/invoke-gnutls-cli.texi,
	doc/invoke-gnutls-serv.texi, doc/invoke-ocsptool.texi,
	doc/invoke-p11tool.texi, doc/invoke-psktool.texi,
	doc/invoke-srptool.texi, doc/invoke-tpmtool.texi,
	doc/manpages/tpmtool.1, src/certtool-args.c, src/certtool-args.h,
	src/cli-args.c, src/cli-args.h, src/cli-debug-args.c,
	src/cli-debug-args.h, src/danetool-args.c, src/danetool-args.h,
	src/ocsptool-args.c, src/ocsptool-args.h, src/p11tool-args.c,
	src/p11tool-args.h, src/psk-args.c, src/psk-args.h,
	src/serv-args.c, src/serv-args.h, src/srptool-args.c,
	src/srptool-args.h: updated libopts' generated files

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/libopts/COPYING.gplv3, src/libopts/COPYING.lgplv3,
	src/libopts/Makefile.am, src/libopts/README,
	src/libopts/ag-char-map.h, src/libopts/alias.c,
	src/libopts/ao-strs.c, src/libopts/ao-strs.h,
	src/libopts/autoopts.c, src/libopts/autoopts.h,
	src/libopts/autoopts/options.h, src/libopts/autoopts/project.h,
	src/libopts/autoopts/usage-txt.h, src/libopts/boolean.c,
	src/libopts/check.c, src/libopts/compat/compat.h,
	src/libopts/compat/pathfind.c, src/libopts/compat/snprintf.c,
	src/libopts/compat/strchr.c, src/libopts/compat/strdup.c,
	src/libopts/compat/windows-config.h, src/libopts/configfile.c,
	src/libopts/cook.c, src/libopts/enum.c, src/libopts/env.c,
	src/libopts/file.c, src/libopts/find.c, src/libopts/genshell.c,
	src/libopts/genshell.h, src/libopts/gettext.h, src/libopts/init.c,
	src/libopts/libopts.c, src/libopts/load.c,
	src/libopts/m4/libopts.m4, src/libopts/m4/liboptschk.m4,
	src/libopts/makeshell.c, src/libopts/nested.c,
	src/libopts/numeric.c, src/libopts/option-value-type.c,
	src/libopts/option-value-type.h,
	src/libopts/option-xat-attribute.c,
	src/libopts/option-xat-attribute.h, src/libopts/parse-duration.c,
	src/libopts/parse-duration.h, src/libopts/pgusage.c,
	src/libopts/proto.h, src/libopts/putshell.c, src/libopts/reset.c,
	src/libopts/restore.c, src/libopts/save.c, src/libopts/sort.c,
	src/libopts/stack.c, src/libopts/streqvcmp.c,
	src/libopts/text_mmap.c, src/libopts/time.c,
	src/libopts/tokenize.c, src/libopts/usage.c, src/libopts/version.c: 
	updated libopts

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms.h, lib/gnutls_dtls.c: corrected AEAD tag size

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-overhead.c: removed unsupported ciphersuites

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/mini-overhead.c: Check overhead in DTLS.

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_dtls.c: more precise calculation of DTLS overhead

2013-05-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c: doc update

2013-05-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-05-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: revive gnutls_handshake_get_last_in().
	Report by Mann Ern Kang.

2013-05-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: use sigaction instead of signal in gnutls-cli

2013-05-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: Revert "break the loop when a SIGALRM has been
	received" This reverts commit f46c6c38c1136eef770189aa21915423f5df4985.

2013-05-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: break the loop when a SIGALRM has been received

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_str.c: documented function behavior

2013-05-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_str.c, lib/opencdk/keydb.c, lib/opencdk/sig-check.c,
	lib/x509/common.c, lib/x509/verify-high2.c, lib/x509/verify.c,
	lib/x509/x509.c, lib/xssl.c, libdane/dane.c: several updates

2013-05-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/danetool.c: print message on certificate verification

2013-05-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/suite/mini-eagain2.c, tests/suite/mini-record-timing.c: 
	corrected include paths

2013-05-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-05-10  Tim Kosse <tim.kosse@filezilla-project.org>

	* tests/eagain-common.h: When retrying gnutls_record_send due to
	GNUTLS_E_AGAIN, also try passing null data and length. Tests will
	fail after this patch until next patch is applied that fixes a bug
	in gnutls_record_send.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-05-10  Tim Kosse <tim.kosse@filezilla-project.org>

	* lib/gnutls_record.c: If gnutls_record_send fails with
	GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED, the documentation allows
	passing null for the data and size on retry.  Commit 2ec84d6 broke this usage of gnutls_record_send. This patch
	fixes the problem.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-05-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-internals.texi, lib/gnutls_ui.c: typo fixes by Andreas
	Metzler

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/dtls/dtls-stress.c: updated path

2013-05-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 3.1.11

2013-05-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/utils.h: Do not call gnutls_pkcs11_init() when pkcs11 is
	disabled. Reported by Linus Nordberg.

2013-05-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/anonself.c, tests/certder.c,
	tests/certificate_set_x509_crl.c, tests/certuniqueid.c,
	tests/chainverify-unsorted.c, tests/chainverify.c,
	tests/crq_apis.c, tests/crq_key_id.c, tests/cve-2008-4989.c,
	tests/cve-2009-1415.c, tests/cve-2009-1416.c, tests/dhepskself.c,
	tests/dn.c, tests/dn2.c, tests/dtls/dtls-stress.c, tests/gc.c,
	tests/hostname-check.c, tests/infoaccess.c, tests/init_roundtrip.c,
	tests/key-openssl.c, tests/mini-deflate.c,
	tests/mini-dtls-heartbeat.c, tests/mini-dtls-record.c,
	tests/mini-dtls-rehandshake.c, tests/mini-dtls-srtp.c,
	tests/mini-eagain-dtls.c, tests/mini-eagain.c,
	tests/mini-emsgsize-dtls.c, tests/mini-handshake-timeout.c,
	tests/mini-loss-time.c, tests/mini-record-range.c,
	tests/mini-record.c, tests/mini-rehandshake.c, tests/mini-tdb.c,
	tests/mini-termination.c, tests/mini-x509-2.c,
	tests/mini-x509-callbacks.c, tests/mini-x509-cas.c,
	tests/mini-x509.c, tests/mini-xssl.c, tests/mini.c, tests/moredn.c,
	tests/mpi.c, tests/nul-in-x509-names.c, tests/ocsp.c,
	tests/openpgp-auth.c, tests/openpgp-auth2.c,
	tests/openpgp-keyring.c, tests/openpgpself.c, tests/openssl.c,
	tests/parse_ca.c, tests/pgps2kgnu.c, tests/pkcs12_encode.c,
	tests/pkcs12_s2k.c, tests/pkcs12_s2k_pem.c, tests/pkcs12_simple.c,
	tests/pskself.c, tests/resume-dtls.c, tests/resume.c,
	tests/rng-fork.c, tests/rsa-encrypt-decrypt.c,
	tests/safe-renegotiation/srn0.c, tests/safe-renegotiation/srn1.c,
	tests/safe-renegotiation/srn2.c, tests/safe-renegotiation/srn3.c,
	tests/safe-renegotiation/srn4.c, tests/safe-renegotiation/srn5.c,
	tests/set_pkcs12_cred.c, tests/setcredcrash.c,
	tests/slow/cipher-test.c, tests/slow/gendh.c, tests/slow/keygen.c,
	tests/srp/mini-srp.c, tests/suite/mini-eagain2.c,
	tests/suite/mini-record-timing.c, tests/utils.h,
	tests/x509_altname.c, tests/x509cert-tl.c, tests/x509cert.c,
	tests/x509dn.c, tests/x509self.c, tests/x509sign-verify.c: When
	running tests disable PKCS #11 support to avoid detecting memory
	leaks from PKCS #11 libraries.

2013-05-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/invoke-certtool.texi,
	doc/invoke-danetool.texi, doc/invoke-gnutls-cli-debug.texi,
	doc/invoke-gnutls-cli.texi, doc/invoke-gnutls-serv.texi,
	doc/invoke-ocsptool.texi, doc/invoke-p11tool.texi,
	doc/invoke-psktool.texi, doc/invoke-srptool.texi,
	doc/invoke-tpmtool.texi, doc/manpages/Makefile.am,
	doc/manpages/tpmtool.1: doc update

2013-05-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* cfg.mk, lib/accelerated/x86/macosx/appro-aes-gcm-x86-64-macosx.s,
	lib/accelerated/x86/macosx/appro-aes-x86-64-macosx.s,
	lib/accelerated/x86/macosx/appro-aes-x86-macosx.s,
	lib/accelerated/x86/macosx/cpuid-x86-64-macosx.s,
	lib/accelerated/x86/macosx/cpuid-x86-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-64-macosx.s,
	lib/accelerated/x86/macosx/padlock-x86-macosx.s: use C's style
	comments to compile in old MacOSX systems. Reported by Ryan Schmidt.

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-auth.texi: doc update

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c: removed unneeded variable

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, doc/cha-intro-tls.texi, lib/ext/Makefile.am,
	lib/ext/alpn.c, lib/ext/alpn.h, lib/gnutls_extensions.c,
	lib/gnutls_int.h, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, m4/hooks.m4, tests/Makefile.am,
	tests/mini-alpn.c: Revert "Added support for the ALPN extension." This reverts commit eb51efe375781115473320e64e73c440d6d1ff3c.

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi: Revert "mention about experimental
	protocols" This reverts commit 28e42466ed279efda120f59b9340f7758885e48b.

2013-05-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: Revert "documented update" This reverts commit 85564d9b3775058935939029a49d182343b70665.

2013-05-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-05-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/certtool-cfg.c, src/certtool-cfg.h, src/certtool.c: set the
	key purpose in certificate requests

2013-05-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libdane/dane.c, libdane/includes/gnutls/dane.h: corrected typo.
	reported by Etan Reisner.

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated doc

2013-04-27  Stef Walter <stefw@redhat.com>

	* tests/suite/mini-record-timing.c: test suite: Add missing header Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-04-27  Stef Walter <stefw@redhat.com>

	* lib/x509/common.c: Add the standard description OID to those
	recognized for DNs Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c, lib/x509/dn.c: Always escape printable strings
	the LDAP way, and avoid escaping hex encoded values. Report and
	initial patch from Stef Walter.

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/common.c, lib/x509/common.h: Do not include null
	terminator in DN string.  When printing an unknown DN string as hex do not include the null
	terminator.  Reported by Stef Walter.

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/sha-padlock.c: initialize the digest after
	output on padlock.

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/certtool-cfg.c, src/certtool-cfg.h, src/certtool.c,
	src/pkcs11.c: read_yesno() accepts a default value. By default
	certificates are marked as ok for signing and encryption.

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/hmac-padlock.c,
	lib/accelerated/x86/sha-padlock.c, lib/crypto-backend.h,
	lib/gnutls_cipher_int.c, lib/gnutls_hash_int.c,
	lib/gnutls_hash_int.h, lib/nettle/mac.c: Do not handle MAC and hash
	reset separately. It is implied by nettle's output functions.

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/crypto-api.c: updated documentation

2013-04-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.h, lib/gnutls_cert.c, lib/gnutls_x509.c: use the
	pass argument on PKCS #11 keys.

2013-04-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/accelerated/x86/hmac-padlock.c,
	lib/accelerated/x86/sha-padlock.c: corrected memory leak in
	padlock_hash_fast()

2013-04-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2013-04-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-intro-tls.texi: mention about experimental protocols

2013-04-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, doc/cha-intro-tls.texi, lib/ext/Makefile.am,
	lib/ext/alpn.c, lib/ext/alpn.h, lib/gnutls_extensions.c,
	lib/gnutls_int.h, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, m4/hooks.m4, tests/Makefile.am,
	tests/mini-alpn.c: Added support for the ALPN extension.

2013-04-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-crypto.texi: doc update

2013-04-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-crypto.texi: Added documentation on public key API.

2013-04-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-gtls-app.texi, lib/gnutls_priority.c: Added priority
	string VERS-DTLS-ALL

2013-04-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: added note about LGPLv3

2013-04-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/system_override.c: doc update

2013-04-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_buffers.c: use unlikely

2013-04-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: updated

2013-04-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/cha-cert-auth2.texi, doc/cha-gtls-app.texi,
	doc/cha-tokens.texi, lib/gnutls_x509.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
	gnutls_certificate_set_x509_key_mem2() and
	gnutls_certificate_set_x509_key_file2()

2013-04-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth2.texi, doc/cha-gtls-examples.texi,
	lib/gnutls_privkey.c, lib/x509/pkcs12.c, lib/x509/privkey.c: doc
	updates

2013-04-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_range.c: updates in range handling code.

2013-04-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/mini-record-range.c: Added test for
	record ranges.

2013-04-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-04-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c: print the signatures used.

2013-04-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/signature.c, lib/ext/signature.h, lib/gnutls_int.h,
	lib/gnutls_session_pack.c, lib/gnutls_sig.c,
	lib/includes/gnutls/gnutls.h.in, lib/libgnutls.map: Added
	gnutls_sign_algorithm_get_client()

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c, m4/hooks.m4: Changed license of heartbeat
	implementation to match the rest of the library

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-internals.texi: updated text

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c: gnutls_pong() returns zero on success.

2013-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/mini-dtls-heartbeat.c: Check all error conditions.

2013-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/ext/heartbeat.c: Corrected bug in heartbeat send (reported by
	Joke de Buhr).

2013-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_handshake.c: make a short list of the available PK
	algorithms

2013-04-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: corrected issue in ecccertfile option

2013-03-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c, lib/gnutls_pubkey.c,
	lib/includes/gnutls/abstract.h, tests/x509sign-verify.c: Added sign
	and verification flags to operate in RSA raw mode (as used in TLS).

2013-03-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/rsa.c, lib/gnutls_int.h: When in compatibility mode allow
	for a wrong version in the RSA PMS.

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* devel/perlasm/license-gnutls.txt,
	lib/accelerated/x86/coff/cpuid-x86-64-coff.s,
	lib/accelerated/x86/coff/cpuid-x86-coff.s,
	lib/accelerated/x86/elf/cpuid-x86-64.s,
	lib/accelerated/x86/elf/cpuid-x86.s,
	lib/accelerated/x86/macosx/cpuid-x86-64-macosx.s,
	lib/accelerated/x86/macosx/cpuid-x86-macosx.s,
	lib/ext/status_request.h, lib/gnutlsxx.cpp,
	lib/includes/gnutls/gnutls.h.in, lib/includes/gnutls/ocsp.h,
	lib/includes/gnutls/x509.h, lib/libgnutls.map,
	lib/x509/verify-high.h: changed license headers to 2.1. Reported by
	Andreas Metzler.

2013-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/invoke-certtool.texi,
	doc/invoke-danetool.texi, doc/invoke-gnutls-cli-debug.texi,
	doc/invoke-gnutls-cli.texi, doc/invoke-gnutls-serv.texi,
	doc/invoke-ocsptool.texi, doc/invoke-p11tool.texi,
	doc/invoke-psktool.texi, doc/invoke-srptool.texi,
	doc/invoke-tpmtool.texi, doc/manpages/Makefile.am,
	doc/manpages/tpmtool.1: updated auto-generated files

2013-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: set release date

2013-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-internals.texi: corrected file location

2013-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/openpgp-auth.c: use return instead of exit

2013-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/auth/cert.c: use the proper defines

2013-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/abstract_int.h, lib/auth/cert.c, lib/gnutls_pubkey.c,
	lib/includes/gnutls/abstract.h, lib/includes/gnutls/openpgp.h,
	lib/openpgp/gnutls_openpgp.c: Fixes in openpgp handshake with
	fingerprints. Reported by Joke de Buhr.

2013-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/openpgp-auth.c: openpgp-auth tests
	gnutls_openpgp_set_recv_key_function() as well.

2013-03-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/gnutls_sig.c: correct issue with the (deprecated)
	external key signing and TLS 1.2

2013-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: search only for slots with tokens and avoid caching
	to prevent issues with multiple threads.

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi, lib/gnutls_privkey.c,
	lib/includes/gnutls/abstract.h, lib/libgnutls.map: Added
	gnutls_privkey_status()

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: avoid internal error

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: use correct type for rv

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/pkcs11.c: scan slots on PKCS #11 providers only when needed,
	not on initialization.

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_privkey.c: doc update

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-library.texi: documented the new configure options

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, lib/crypto-backend.h, lib/gnutls_mpi.h, lib/gnutls_pk.c,
	lib/nettle/mpi.c, lib/openpgp/privkey.c, lib/x509/privkey.c: Private
	key parameters are overwritten with zeros on deinitialization.

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-library.texi, doc/latex/cover.tex, doc/latex/gnutls.bib: 
	doc updates

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-tokens.texi: simplified text

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, m4/hooks.m4: bumped version

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/invoke-certtool.texi, doc/invoke-danetool.texi,
	lib/gnutls_privkey.c, lib/gnutls_sig.c, lib/gnutls_sig.h,
	lib/includes/gnutls/abstract.h, lib/libgnutls.map: Added
	gnutls_privkey_sign_raw_data()

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/gnutls_pcert.c: simplified code

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: gnutls-serv may run without certificate, but will
	issue a warning

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: gnutls-serv issues an error if no certificate and key
	pair was set.

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* COPYING.LESSER, README: gnutls 3.1.10 is LGPLv2.1

2013-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/algorithms/kx.c, lib/auth/anon.c, lib/auth/anon_ecdh.c,
	lib/gnutlsxx.cpp, src/cli-debug.c, src/serv.c, src/tests.c: Added
	several ifdefs to avoid using disabled code.

2013-03-12  Daniel Kahn Gillmor <dkg@fifthhorseman.net>

	* doc/cha-bib.texi, doc/cha-tokens.texi: Document mechanism used for
	*_key_id() creation.  For the rationale behind this, see the gnutls-devl thread 'X.509
	"Key Identifiers" in GnuTLS' found either at

	http://lists.gnutls.org/pipermail/gnutls-devel/2013-March/006182.htmland
	http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/6674

2013-03-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/examples/ex-cert-select-pkcs11.c,
	doc/examples/ex-cert-select.c, doc/examples/ex-client-anon.c,
	doc/examples/ex-client-dtls.c, doc/examples/ex-client-psk.c,
	doc/examples/ex-client-srp.c, doc/examples/ex-client-x509.c,
	lib/gnutls_int.h, lib/gnutls_ui.c, lib/includes/gnutls/gnutls.h.in,
	lib/libgnutls.map, src/common.c: Added gnutls_session_get_desc()

2013-03-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, lib/algorithms/ciphersuites.c, lib/algorithms/kx.c,
	lib/auth/Makefile.am, lib/auth/anon_ecdh.c, lib/auth/cert.c,
	lib/auth/cert.h, lib/auth/dh_common.c, lib/auth/dhe.c,
	lib/auth/dhe_psk.c, lib/auth/ecdh_common.c, lib/auth/ecdh_common.h,
	lib/auth/ecdhe.c, lib/auth/ecdhe.h, lib/auth/rsa_export.c,
	lib/gnutls_handshake.c, lib/gnutls_kx.c, lib/gnutls_priority.c,
	lib/gnutls_rsa_export.c, lib/gnutls_state.c, lib/gnutls_ui.c,
	m4/hooks.m4: Added options to disable more key exchange mechanisms.  In that DHE was separated from ECDHE.

2013-03-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/serv.c: removed unneeded code

2013-03-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cli.c: When requesting DANE data resolve a service name into a
	port number. Reported by James Cloos.

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: removed

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/cha-cert-auth.texi, doc/cha-cert-auth2.texi: doc update

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* lib/x509/dn.c: avoid duplicate memory allocation in
	_gnutls_x509_get_dn()

2013-03-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/cert-tests/dane-test.rr: The default dane output is type 03
	now.
[--snip--]
