[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_2-41-gd68a625
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_2-41-gd68a625 |
Date: |
Tue, 13 Sep 2011 20:03:26 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=d68a6257d5a4bf6b58d2561e111ce0726f38cfec
The branch, master has been updated
via d68a6257d5a4bf6b58d2561e111ce0726f38cfec (commit)
via 1276c744354f8947acac4fec236cf268980c0bee (commit)
via abd1428facbdaec84524c1c7e73faf26d268a707 (commit)
via 4f70bcdfc7dcf0d010d270c4d62b33303ba77697 (commit)
from 5e67665e11afbafdc72b8f5d1542494f7a9c7f64 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d68a6257d5a4bf6b58d2561e111ce0726f38cfec
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Sep 13 22:03:36 2011 +0200
clarified format of sequence number in gnutls_record_recv_seq.
commit 1276c744354f8947acac4fec236cf268980c0bee
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Sep 13 21:56:45 2011 +0200
Added a paragraph on opensc and trousers PKCS #11 modules.
commit abd1428facbdaec84524c1c7e73faf26d268a707
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Sep 13 21:43:24 2011 +0200
added license
commit 4f70bcdfc7dcf0d010d270c4d62b33303ba77697
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Sep 13 16:32:49 2011 +0200
updated documentation. The function descriptions were converted to floats.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 3 +
doc/cha-auth.texi | 17 ++++----
doc/cha-cert-auth.texi | 83 ++++++++++++++-------------------------
doc/cha-gtls-app.texi | 22 ++--------
doc/cha-intro-tls.texi | 19 ++-------
doc/latex/gnutls.tex | 7 +++
doc/latex/macros.tex | 45 ++++++++++++++-------
doc/scripts/mytexi2latex | 2 +-
lib/accelerated/x86.h | 22 ++++++++++
lib/gnutls_buffers.c | 5 +-
lib/gnutls_record.c | 5 +-
lib/includes/gnutls/gnutls.h.in | 4 +-
12 files changed, 119 insertions(+), 115 deletions(-)
diff --git a/NEWS b/NEWS
index c506b75..45234ec 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,9 @@ See the end for copying conditions.
* Version 3.0.3 (unreleased)
+** libgnutls: All functions related to RSA-EXPORT were deprecated.
+Support for RSA-EXPORT ciphersuites will be ceased in future versions.
+
** libgnutls: Memory leak fixes in ECC ciphersuites.
** libgnutls: Do not send an empty extension structure in server
diff --git a/doc/cha-auth.texi b/doc/cha-auth.texi
index 873db91..a42854a 100644
--- a/doc/cha-auth.texi
+++ b/doc/cha-auth.texi
@@ -130,11 +130,12 @@ available in certificate authentication.
@showfuncdesc{gnutls_certificate_set_verify_function}
Note that the DHE key exchange methods are generally
address@hidden really depends on the group used. Primes with
address@hidden depends on the group used. Primes with
lesser bits are always faster, but also easier to break. See @ref{Selecting
cryptographic key sizes}
-for the acceptable security levels.}
-and require Diffie-Hellman parameters to be generated and associated with a
credentials
-structure, by the server (see @ref{Parameter generation}).
+for the acceptable security levels.} than the elliptic curves counterpart
+(ECDHE). Moreover the plain Diffie-Hellman key exchange
+requires parameters to be generated and associated with a credentials
+structure by the server (see @ref{Parameter generation}).
@float Table,tab:key-exchange
@multitable @columnfractions .2 .7
@@ -363,12 +364,10 @@ the hint, for example in the callback function, using
@showfuncC{gnutls_psk_set_server_credentials_function,gnutls_psk_set_server_credentials_hint,gnutls_psk_client_get_hint}
-Helper functions are included in @acronym{GnuTLS}, and may be used to generate
and
-maintain @acronym{PSK} keys.
+Helper functions to generate and maintain @acronym{PSK} keys are also included
+in @acronym{GnuTLS}.
address@hidden
-
address@hidden
address@hidden,gnutls_hex_encode,gnutls_hex_decode}
@node Authentication and credentials
diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi
index 6ee340d..f1309bd 100644
--- a/doc/cha-cert-auth.texi
+++ b/doc/cha-cert-auth.texi
@@ -225,9 +225,9 @@ possession of the private key.
@showfuncdesc{gnutls_x509_crq_set_key_purpose_oid}
@showfuncdesc{gnutls_x509_crq_set_basic_constraints}
-The following two functions associate the request with
-a private key and sign it. If a request is to be signed
-with a key residing in a token it is recommended to use
+The @funcref{gnutls_x509_crq_set_key} and @funcref{gnutls_x509_crq_sign2}
+functions associate the request with a private key and sign it. If a
+request is to be signed with a key residing in a PKCS #11 token it is
recommended to use
the signing functions shown in @ref{Abstract key types}.
@showfuncdesc{gnutls_x509_crq_set_key}
@@ -265,11 +265,10 @@ structure.
@showfuncdesc{gnutls_pkcs12_verify_mac}
@showfuncdesc{gnutls_pkcs12_bag_decrypt}
address@hidden,gnutls_pkcs12_bag_deinit}
address@hidden,gnutls_pkcs12_bag_deinit,gnutls_pkcs12_bag_get_count,gnutls_pkcs12_bag_get_data,gnutls_pkcs12_bag_get_key_id,gnutls_pkcs12_bag_get_friendly_name}
address@hidden,gnutls_pkcs12_bag_get_data,gnutls_pkcs12_bag_get_key_id,gnutls_pkcs12_bag_get_friendly_name}
-
-To generate a structure the functions below may be used.
+The functions below are used to generate a PKCS #12 structure. An example
+of their usage is also shown.
@showfuncdesc{gnutls_pkcs12_set_bag}
@showfuncdesc{gnutls_pkcs12_bag_encrypt}
@@ -277,9 +276,6 @@ To generate a structure the functions below may be used.
@showfuncdesc{gnutls_pkcs12_export}
@showfuncE{gnutls_pkcs12_bag_set_data,gnutls_pkcs12_bag_set_crl,gnutls_pkcs12_bag_set_crt,gnutls_pkcs12_bag_set_key_id,gnutls_pkcs12_bag_set_friendly_name}
-An example of a @acronym{PKCS} #12 structure generation can be found
-below.
-
@verbatiminclude examples/ex-pkcs12.c
@node OpenPGP certificates
@@ -338,30 +334,13 @@ returns the key status. The key verification status is
the same as in
@acronym{X.509} certificates, although the meaning and interpretation
are different. For example an @acronym{OpenPGP} key may be valid, if
the self signature is ok, even if no signers were found. The meaning
-of verification status is shown in the figure below.
+of verification status flags is the same as in the @acronym{X.509} certificates
+(see @ref{gnutls_certificate_verify_flags}).
@showfuncdesc{gnutls_openpgp_crt_verify_ring}
@showfuncdesc{gnutls_openpgp_crt_verify_self}
address@hidden @code
-
address@hidden CERT_INVALID:
-A signature on the key is invalid. That means that the key was
-modified by somebody, or corrupted during transport.
-
address@hidden CERT_REVOKED:
-The key has been revoked by its owner.
-
address@hidden CERT_SIGNER_NOT_FOUND:
-The key was not signed by a known signer.
-
address@hidden GNUTLS_CERT_INSECURE_ALGORITHM:
-The certificate was signed using an insecure algorithm such as MD2 or
-MD5. These algorithms have been broken and should not be trusted.
-
address@hidden table
-
@subsection Verifying a certificate in the context of a TLS session
Similarly with X.509 certificates, one needs to specify
@@ -383,15 +362,24 @@ This section copes with hardware token support in
@acronym{GnuTLS} using
@acronym{PKCS} #11 @xcite{PKCS11}.
@acronym{PKCS} #11 is plugin API allowing applications to access cryptographic
operations on a token, as well as to objects residing on the token. A token
can
-be a real hardware token such as a smart card, or it can be a software
component
-such as @acronym{Gnome Keyring}. The objects residing on such token can be
+be a real hardware token such as a smart card and a trusted platform module
(TPM),
+or it can be a software component such as @acronym{Gnome Keyring}. The objects
residing
+on such token can be
certificates, public keys, private keys or even plain data or secret keys. Of
those
certificates and public/private key pairs can be used with @acronym{GnuTLS}.
Its
main advantage is that it allows operations on private key objects such as
decryption
and signing without exposing the key.
-Moreover it can be used to allow all applications in the same operating system
to access
+A @acronym{PKCS} #11 module to access smart cards is provided by the
address@hidden@url{http://www.opensc-project.org}} project, and a
+module to access the TPM chip on a PC is available from the
address@hidden@url{http://trousers.sourceforge.net/}}
+project.
+
+Moreover @acronym{PKCS} #11 can be (ab)used to allow all applications in the
same operating system to access
shared cryptographic keys and certificates in a uniform way, as in
@ref{fig:pkcs11-vision}.
+That way applications could load their trusted certificate list, as well as
user
+certificates from a common PKCS #11 module. Such a provider exists in the
@acronym{Gnome}
+system, being the @acronym{Gnome Keyring}.
@float Figure,fig:pkcs11-vision
@image{pkcs11-vision,9cm}
@@ -468,13 +456,13 @@ are shown below.
Properties of the physical token can also be accessed and altered with
@acronym{GnuTLS}.
For example data in a token can be erased (initialized), PIN can be altered,
etc.
address@hidden
address@hidden,gnutls_pkcs11_token_get_url,gnutls_pkcs11_token_get_info,gnutls_pkcs11_token_get_flags}
@showfuncdesc{gnutls_pkcs11_token_set_pin}
address@hidden
address@hidden
address@hidden
-The following example will list all available PKCS #11 tokens in a system.
+The following examples demonstrate the usage of the API. The first example
+will list all available PKCS #11 tokens in a system and the latter will
+list all certificates in a token that have a corresponding private key.
+
@example
int i;
char* url;
@@ -496,9 +484,6 @@ for (i=0;;i++)
gnutls_global_deinit();
@end example
-
-That example will only list all certificates in a token that have a
corresponding
-private key.
@verbatiminclude examples/ex-pkcs11-list.c
@subsection Writing objects
@@ -534,8 +519,9 @@ Since there are many forms of a public or private keys
supported by @acronym{Gnu
@acronym{X.509}, @acronym{OpenPGP}, or @acronym{PKCS} #11 it is desirable to
allow common operations
on them. For these reasons the abstract @code{gnutls_privkey_t} and
@code{gnutls_pubkey_t} were
introduced in @code{gnutls/abstract.h} header. Those types are initialized
using a specific type of
-key and then can be used to perform operations in an abstract way. For example
in order for someone
-to sign an X.509 certificate with a key that resides in a smart he has to
follow the steps below:
+key and then can be used to perform operations in an abstract way. For example
in order
+to sign an X.509 certificate with a key that resides in a token the following
steps must be
+used.
@example
#inlude <gnutls/abstract.h>
@@ -602,12 +588,7 @@ are not extractable.
@showfuncdesc{gnutls_privkey_import_x509}
address@hidden
address@hidden
-
-Other information on the private key can be accessed using
-the following functions.
-
address@hidden,gnutls_privkey_import_pkcs11}
@showfuncdesc{gnutls_privkey_get_pk_algorithm}
@showfuncdesc{gnutls_privkey_get_type}
@@ -616,7 +597,6 @@ The abstract key types can be used to access signing and
signature verification operations with the underlying keys.
@showfuncdesc{gnutls_pubkey_verify_data2}
-
@showfuncdesc{gnutls_pubkey_verify_hash}
@showfuncdesc{gnutls_privkey_sign_data}
@showfuncdesc{gnutls_privkey_sign_hash}
@@ -627,11 +607,8 @@ keys with structures is also possible using the
key abstractions.
@showfuncdesc{gnutls_x509_crq_set_pubkey}
-
@showfuncdesc{gnutls_x509_crt_set_pubkey}
address@hidden
address@hidden
address@hidden
address@hidden,gnutls_x509_crl_privkey_sign,gnutls_x509_crq_privkey_sign}
@node Digital signatures
@section Digital signatures
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi
index 64fbdc6..6c28b83 100644
--- a/doc/cha-gtls-app.texi
+++ b/doc/cha-gtls-app.texi
@@ -179,7 +179,7 @@ In the case of DTLS it is also desirable to override the
generic
transport functions with functions that emulate the operation
of @code{recvfrom} and @code{sendto}. In addition
@acronym{DTLS} requires timers during the receive of a handshake
-message. This requires the following function to be used.
+message. This requires the
@funcref{gnutls_transport_set_pull_timeout_function} function to be used.
@showfuncdesc{gnutls_transport_set_pull_timeout_function}
@@ -196,7 +196,7 @@ The handshake process doesn't ensure the verification
of the peer's identity. When certificates are in use,
this can be done, either after the handshake is complete, or during
the handshake if @funcref{gnutls_certificate_set_verify_function}
-has been used. In both cases the following function can be
+has been used. In both cases the @funcref{gnutls_certificate_verify_peers2}
function can be
used to verify the peer's certificate (see @ref{Certificate authentication}
for more information).
@@ -231,11 +231,9 @@ recommended to use @funcref{gnutls_bye} to terminate the
session. That way the peer is notified securely about the
intention of termination, which allows distinguishing it
from a malicious connection termination.
+A session can be deinitialized with the @funcref{gnutls_deinit} function.
@showfuncdesc{gnutls_bye}
-
-A session can be deinitialized using the following function.
-
@showfuncdesc{gnutls_deinit}
@subsection Asynchronous operation
@@ -279,14 +277,7 @@ should verify the initial message sent by client using
@funcref{gnutls_dtls_cook
If successful a the session should be initialization and associated with
the cookie using @funcref{gnutls_dtls_prestate_set}.
address@hidden
-
address@hidden
-
address@hidden
-
address@hidden
-
address@hidden,gnutls_dtls_cookie_send,gnutls_dtls_cookie_verify,gnutls_dtls_prestate_set}
Note that the above apply to server side only and they are not mandatory to be
used. Not using them, however, allows denial of service attacks.
@@ -299,10 +290,7 @@ of DTLS messages and prevent messages from being silently
discarded by the
transport layer. The ``correct'' maximum transfer unit can be obtained through
a path MTU discovery mechanism @xcite{RFC4821}.
address@hidden
-
address@hidden
address@hidden
address@hidden,gnutls_dtls_get_mtu,gnutls_dtls_get_data_mtu}
@node Priority Strings
@section Priority strings
diff --git a/doc/cha-intro-tls.texi b/doc/cha-intro-tls.texi
index 8380c6c..7ede515 100644
--- a/doc/cha-intro-tls.texi
+++ b/doc/cha-intro-tls.texi
@@ -75,9 +75,6 @@ by providing callbacks for @acronym{GnuTLS} to access the
transport layer
The record protocol is the secure communications provider. Its purpose
is to encrypt, authenticate and ---optionally--- compress packets.
-
address@hidden
-
The record layer functions can be called at any time after
the handshake process is finished, when there is need to receive
or send data. In @acronym{DTLS} however, due to re-transmission
@@ -92,12 +89,12 @@ As you may have already noticed, the functions which access
the record
protocol, are quite limited, given the importance of this protocol in
@acronym{TLS}. This is because the record protocol's parameters are
all set by the handshake protocol.
-
The record protocol initially starts with NULL parameters, which means
no encryption, and no MAC is used. Encryption and authentication begin
just after the handshake protocol has finished.
address@hidden,gnutls_record_recv_seq,gnutls_record_check_pending,gnutls_record_get_direction}
address@hidden,gnutls_record_recv,gnutls_record_recv_seq}
address@hidden,gnutls_record_get_direction}
@menu
* Encryption algorithms used in the record layer::
@@ -195,16 +192,10 @@ tunnels, and in cases where network usage has to be
minimized. It
should be noted however that compression increases latency.
The record layer compression in @acronym{GnuTLS} is implemented based
-on the proposal @xcite{RFC3749}. The supported algorithms are:
+on the proposal @xcite{RFC3749}. The supported algorithms are shown in
address@hidden
address@hidden @code
address@hidden DEFLATE:
-Zlib compression, using the deflate algorithm.
-
address@hidden NULL:
-No compression.
-
address@hidden table
address@hidden,Supported compression algorithms}
@node Weaknesses and countermeasures
@subsection Weaknesses and countermeasures
diff --git a/doc/latex/gnutls.tex b/doc/latex/gnutls.tex
index ba4a9d3..edb1e98 100644
--- a/doc/latex/gnutls.tex
+++ b/doc/latex/gnutls.tex
@@ -15,8 +15,15 @@
\usepackage{verbatim}
\usepackage{listings}
\usepackage{xcolor}
+\usepackage{afterpage}
+\usepackage{float}
+\usepackage{morefloats}
\usepackage[greek,english]{babel}%for euro sign
+\renewcommand{\textfraction}{0.00}
+\renewcommand{\floatpagefraction}{0.8}
+\renewcommand{\dblfloatpagefraction}{0.8}
+
\hypersetup{
colorlinks,%
citecolor=blue,%
diff --git a/doc/latex/macros.tex b/doc/latex/macros.tex
index 1b48459..8907c52 100644
--- a/doc/latex/macros.tex
+++ b/doc/latex/macros.tex
@@ -44,6 +44,8 @@
\code{#1}%
}
+\definecolor{light-gray}{gray}{0.95}
+
\newcommand{\showfunc}[1]{%
\let\Oldfd\functionDescription
\let\Oldendfd\endfunctionDescription
@@ -63,15 +65,15 @@
}
\newcommand{\showfuncdesc}[1]{%
+ \begin{figure}[htbp]
\begin{minipage}[l]{\linewidth}
\begin{framed}
\texttt{
\input{functions/#1}
}
\end{framed}
- \vspace{0.10cm}
\end{minipage}
- \par
+ \end{figure}
}
\newcommand{\showenumdesc}[2]{%
@@ -90,78 +92,93 @@
}
\newcommand{\showfuncA}[1]{%
-% \fcolorbox{black}{light-gray}{
+ \begin{figure}[H]
\begin{samepage}
\begin{framed}
\showfunc{#1}
-% }
\end{framed}
\end{samepage}
+ \end{figure}
}
\newcommand{\showfuncB}[2]{%
-% \fcolorbox{black}{light-gray}{
+ \begin{figure}[H]
\begin{samepage}
\begin{framed}
\showfunc{#1}
+ \vspace{0.2cm}
\showfunc{#2}
-% }
\end{framed}
\end{samepage}
+ \end{figure}
}
\newcommand{\showfuncC}[3]{%
-% \fcolorbox{black}{light-gray}{
+ \begin{figure}[H]
\begin{samepage}
\begin{framed}
\showfunc{#1}
+ \vspace{0.2cm}
\showfunc{#2}
+ \vspace{0.2cm}
\showfunc{#3}
-% }
\end{framed}
\end{samepage}
+ \end{figure}
}
\newcommand{\showfuncD}[4]{%
-% \fcolorbox{black}{light-gray}{
+ \begin{figure}[H]
\begin{samepage}
\begin{framed}
\showfunc{#1}
+ \vspace{0.2cm}
\showfunc{#2}
+ \vspace{0.2cm}
\showfunc{#3}
+ \vspace{0.2cm}
\showfunc{#4}
-% }
\end{framed}
\end{samepage}
+ \end{figure}
}
\newcommand{\showfuncE}[5]{%
-% \fcolorbox{black}{light-gray}{
+ \begin{figure}[H]
\begin{samepage}
\begin{framed}
\showfunc{#1}
+ \vspace{0.2cm}
\showfunc{#2}
+ \vspace{0.2cm}
\showfunc{#3}
+ \vspace{0.2cm}
\showfunc{#4}
+ \vspace{0.2cm}
\showfunc{#5}
-% }
\end{framed}
\end{samepage}
+ \end{figure}
}
\newcommand{\showfuncF}[6]{%
-% \fcolorbox{black}{light-gray}{
+ \begin{figure}[H]
\begin{samepage}
\begin{framed}
\showfunc{#1}
+ \vspace{0.2cm}
\showfunc{#2}
+ \vspace{0.2cm}
\showfunc{#3}
+ \vspace{0.2cm}
\showfunc{#4}
+ \vspace{0.2cm}
\showfunc{#5}
+ \vspace{0.2cm}
\showfunc{#6}
-% }
\end{framed}
\end{samepage}
+ \end{figure}
}
\newenvironment{function}%
diff --git a/doc/scripts/mytexi2latex b/doc/scripts/mytexi2latex
index 70fdcca..9fb1cb3 100755
--- a/doc/scripts/mytexi2latex
+++ b/doc/scripts/mytexi2latex
@@ -262,7 +262,7 @@ multitable:
push(@stack, NORMAL);
$mode = FLOAT;
}
- if ($line =~ s/address@hidden
Table\,(.*)/\\begin{table}[htp]\n\\centering/g) {
+ if ($line =~ s/address@hidden
Table\,(.*)/\\begin{table}[thp]\n\\centering/g) {
$label = $1;
push(@stack, NORMAL);
$mode = FLOAT_TABLE;
diff --git a/lib/accelerated/x86.h b/lib/accelerated/x86.h
index 973624b..2fdb9d6 100644
--- a/lib/accelerated/x86.h
+++ b/lib/accelerated/x86.h
@@ -1,3 +1,25 @@
+/*
+ * Copyright (C) 2011 Free Software Foundation, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 3 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
#include <config.h>
#ifdef HAVE_CPUID_H
diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c
index 4f946f4..b93d4c4 100644
--- a/lib/gnutls_buffers.c
+++ b/lib/gnutls_buffers.c
@@ -21,9 +21,8 @@
*
*/
-/* This is the only file that uses the berkeley sockets API.
- *
- * Also holds all the buffering code used in gnutls.
+/*
+ * This file holds all the buffering code used in gnutls.
* The buffering code works as:
*
* RECORD LAYER:
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 7ef94cc..874099f 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -1247,8 +1247,9 @@ gnutls_record_recv (gnutls_session_t session, void *data,
size_t data_size)
* This function is the same as gnutls_record_recv(), except that
* it returns in addition to data, the sequence number of the data.
* This is useful in DTLS where record packets might be received
- * out-of-order. The returned 8-byte sequence number should be
- * treated as a unique message identification.
+ * out-of-order. The returned 8-byte sequence number is an
+ * integer in big-endian format and should be
+ * treated as a unique message identification.
*
* Returns: The number of bytes received and zero on EOF. A negative
* error code is returned in case of an error. The number of bytes
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index dea88db..5034d80 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -270,8 +270,8 @@ extern "C"
/**
* gnutls_compression_method_t:
* @GNUTLS_COMP_UNKNOWN: Unknown compression method.
- * @GNUTLS_COMP_NULL: The NULL compression method (uncompressed).
- * @GNUTLS_COMP_DEFLATE: The deflate/zlib compression method.
+ * @GNUTLS_COMP_NULL: The NULL compression method (no compression).
+ * @GNUTLS_COMP_DEFLATE: The DEFLATE compression method from zlib.
* @GNUTLS_COMP_ZLIB: Same as %GNUTLS_COMP_DEFLATE.
*
* Enumeration of different TLS compression methods.
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_2-41-gd68a625,
Nikos Mavrogiannopoulos <=