[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-248-gbc9d8d4
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-248-gbc9d8d4 |
|
Date: |
Thu, 16 Feb 2012 15:14:45 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=bc9d8d467861bf1f49dc0789f2e02d1a78c7d6f8
The branch, master has been updated
via bc9d8d467861bf1f49dc0789f2e02d1a78c7d6f8 (commit)
via 670d9d5f83d72769f252923eb5ce49660672ab45 (commit)
via 39b4dbd5decd49dfa8a8bbb1d7ae9e8ebdfb57de (commit)
via 4a7d0ec7a82b50d395d4215b3d84d55651a3f9fa (commit)
via 784f5810c8b9cb2de2f12627b2fc7e048fcc3e79 (commit)
via 2cae6c75d47f486bc4a337df76908b72789a720d (commit)
from 26b3553b83f44c1f74123f8f0ea4b73d71878910 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bc9d8d467861bf1f49dc0789f2e02d1a78c7d6f8
Author: Giuseppe Scrivano <address@hidden>
Date: Wed Feb 15 11:21:02 2012 +0100
Fix file leak in an example application.
Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>
commit 670d9d5f83d72769f252923eb5ce49660672ab45
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Feb 16 16:17:23 2012 +0100
Added more tests.
commit 39b4dbd5decd49dfa8a8bbb1d7ae9e8ebdfb57de
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Feb 16 16:05:43 2012 +0100
Modified the trust_db API to avoid dependendance on a structure.
commit 4a7d0ec7a82b50d395d4215b3d84d55651a3f9fa
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Feb 16 14:49:33 2012 +0100
Prevent any handshake packet except client hello to trigger a rehandshake
error. Patch by Sean Buckheister.
commit 784f5810c8b9cb2de2f12627b2fc7e048fcc3e79
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Feb 15 23:16:20 2012 +0100
doc updates
commit 2cae6c75d47f486bc4a337df76908b72789a720d
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Feb 15 21:15:17 2012 +0100
make the default storage backend thread safe.
-----------------------------------------------------------------------
Summary of changes:
doc/cha-cert-auth.texi | 53 ++++++++++++---------------
doc/cha-internals.texi | 14 ++++----
doc/examples/ex-cert-select.c | 2 +
lib/gnutls_global.c | 9 +++++
lib/gnutls_record.c | 6 ++-
lib/includes/gnutls/gnutls.h.in | 17 +++------
lib/verify-tofu.c | 75 ++++++++++++++++++++------------------
tests/dtls/dtls | 1 +
tests/dtls/dtls-nb | 1 +
9 files changed, 93 insertions(+), 85 deletions(-)
diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi
index 2068f5c..56bc7f7 100644
--- a/doc/cha-cert-auth.texi
+++ b/doc/cha-cert-auth.texi
@@ -286,53 +286,48 @@ consult @xcite{RFC2818} and section @ref{ex:verify} for
an example.
@tindex gnutls_certificate_verify_flags
It is possible to use a trust on first use (similar to SSH) authentication
-method in GnuTLS. That means that having seen and associated a public key
-with a host is enough to trust it on the subsequent connections. Such
-a system in combination with the normal CA verification, and OCSP verification,
+method in GnuTLS. That is the concept used by the SSH programs, where the
+public key of the peer is not verified, or verified in an out-of-bound way,
+but subsequent connections to the same peer require the public key to
+remain the same. Such a system in combination with the typical CA
+verification of a certificate, and OCSP revocation checks,
can help to provide multiple factor verification, where a single point of
failure is not enough to compromise the system. For example a server compromise
may be detected using OCSP, and a CA compromise can be detected using
the trust on first use method.
-Such a hybrid system with X.509 and SSH authentication is
+Such a hybrid system with X.509 and trust on first use authentication is
shown in @ref{Simple client example with SSH-style certificate verification}.
@showfuncdesc{gnutls_verify_stored_pubkey}
@showfuncdesc{gnutls_store_pubkey}
address@hidden
-The @funcref{gnutls_store_commitment} may be used to implement a
-key-pinning architecture as in @xcite{KEYPIN}.
-http://tools.ietf.org/html/draft-ietf-websec-key-pinning-01
+In addition to the above the @funcref{gnutls_store_commitment} can be
+used to implement a key-pinning architecture as in @xcite{KEYPIN}.
+This provides a way for web server to commit on a public key that is
+not yet active.
+
address@hidden
The storage and verification functions may be used with the default
-text file based backend, or another backend may be specified. Such
-backend should contain a storage and a retrieval function. The format
-of those functions is shown below.
+text file based back-end, or another back-end may be specified. That
+should contain storage and retrieval functions as shown below.
@example
- typedef int (*gnutls_trust_db_store_func) (const char* db_name,
- const char* host,
- const char* service,
- time_t expiration,
- const gnutls_datum_t* pubkey);
- typedef int (*gnutls_trust_db_store_commitment_func) (const char* db_name,
+ typedef int (*gnutls_tdb_store_func) (const char* db_name,
+ const char* host,
+ const char* service,
+ time_t expiration,
+ const gnutls_datum_t* pubkey);
+ typedef int (*gnutls_tdb_store_commitment_func) (const char* db_name,
const char* host,
const char* service,
time_t expiration,
gnutls_digest_algorithm_t halgo,
const gnutls_datum_t* hash);
- typedef int (*gnutls_trust_db_retr_func) (const char* db_name,
- const char* host,
- const char* service,
- const gnutls_datum_t *pubkey);
-
- typedef struct
- @{
- gnutls_trust_db_store_func store;
- gnutls_trust_db_store_commitment_func cstore;
- gnutls_trust_db_retr_func retrieve;
- @}
- trust_storage_st;
+ typedef int (*gnutls_tdb_retr_func) (const char* db_name,
+ const char* host,
+ const char* service,
+ const gnutls_datum_t *pubkey);
@end example
@node OpenPGP certificates
diff --git a/doc/cha-internals.texi b/doc/cha-internals.texi
index bb8b420..0f05935 100644
--- a/doc/cha-internals.texi
+++ b/doc/cha-internals.texi
@@ -372,7 +372,7 @@ instructions set, using the kernel interface will introduce
an
unneeded layer. For this reason GnuTLS includes such optimizations
found in popular processors such as the AES-NI or VIA PADLOCK instruction sets.
This is achieved using a mechanism that detects CPU capabilities and
-overrides parts of crypto backend at runtime.
+overrides parts of crypto back-end at runtime.
The next section discusses the registration of a detected algorithm
optimization. For more information please consult the @acronym{GnuTLS}
source code in @code{lib/accelerated/}.
@@ -398,25 +398,25 @@ and leave the rest of subsystem intact.
@subsubheading Overriding the cryptographic library
In some systems, that might contain a broad acceleration engine, it
-might be desirable to override big parts of the cryptographic backend,
+might be desirable to override big parts of the cryptographic back-end,
or even all of them. The following functions are provided for this reason.
@itemize
@item @code{gnutls_crypto_cipher_register}:
-To override the cryptographic algorithms backend.
+To override the cryptographic algorithms back-end.
@item @code{gnutls_crypto_digest_register}:
-To override the digest algorithms backend.
+To override the digest algorithms back-end.
@item @code{gnutls_crypto_rnd_register}:
-To override the random number generator backend.
+To override the random number generator back-end.
@item @code{gnutls_crypto_bigint_register}:
-To override the big number number operations backend.
+To override the big number number operations back-end.
@item @code{gnutls_crypto_pk_register}:
-To override the public key encryption backend. This is tied to the
+To override the public key encryption back-end. This is tied to the
big number operations so either none or both of them should be overriden.
@end itemize
diff --git a/doc/examples/ex-cert-select.c b/doc/examples/ex-cert-select.c
index d45e8e5..e99baf4 100644
--- a/doc/examples/ex-cert-select.c
+++ b/doc/examples/ex-cert-select.c
@@ -59,6 +59,8 @@ load_file (const char *file)
|| !(ptr = malloc ((size_t) filelen))
|| fread (ptr, 1, (size_t) filelen, f) < (size_t) filelen)
{
+ if (f)
+ fclose (f);
return loaded_file;
}
diff --git a/lib/gnutls_global.c b/lib/gnutls_global.c
index 112d2b6..606d5ba 100644
--- a/lib/gnutls_global.c
+++ b/lib/gnutls_global.c
@@ -42,6 +42,7 @@
/* created by asn1c */
extern const ASN1_ARRAY_TYPE gnutls_asn1_tab[];
extern const ASN1_ARRAY_TYPE pkix_asn1_tab[];
+extern void *_gnutls_file_mutex;
ASN1_TYPE _gnutls_pkix1_asn;
ASN1_TYPE _gnutls_gnutls_asn;
@@ -262,6 +263,13 @@ gnutls_global_init (void)
goto out;
}
+ result = gnutls_mutex_init(&_gnutls_file_mutex);
+ if (result < 0)
+ {
+ gnutls_assert();
+ goto out;
+ }
+
#ifdef ENABLE_PKCS11
gnutls_pkcs11_init (GNUTLS_PKCS11_FLAG_AUTO, NULL);
#endif
@@ -296,6 +304,7 @@ gnutls_global_deinit (void)
#ifdef ENABLE_PKCS11
gnutls_pkcs11_deinit ();
#endif
+ gnutls_mutex_deinit(&_gnutls_file_mutex);
}
_gnutls_init--;
}
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 6e4406a..acd44ae 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -697,7 +697,8 @@ record_add_to_buffers (gnutls_session_t session,
/* This is legal if HELLO_REQUEST is received - and we are a client.
* If we are a server, a client may initiate a renegotiation at any
time.
*/
- if (session->security_parameters.entity == GNUTLS_SERVER)
+ if (session->security_parameters.entity == GNUTLS_SERVER &&
+ bufel->htype == GNUTLS_HANDSHAKE_CLIENT_HELLO)
{
gnutls_assert ();
ret =
@@ -715,7 +716,8 @@ record_add_to_buffers (gnutls_session_t session,
* since this message will never make it up here.
*/
- /* So we accept it */
+ /* So we accept it, if it is a Hello. If not, this will
+ * fail and trigger flight retransmissions after some time. */
ret = _gnutls_recv_hello_request (session, bufel->msg.data,
bufel->msg.size);
goto unexpected_packet;
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index dc4d716..b9f89a5 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -1660,13 +1660,13 @@ gnutls_ecc_curve_t
gnutls_ecc_curve_get(gnutls_session_t session);
/* stores the provided information to a database
*/
- typedef int (*gnutls_trust_db_store_func) (const char* db_name,
+ typedef int (*gnutls_tdb_store_func) (const char* db_name,
const char* host,
const char* service,
time_t expiration,
const gnutls_datum_t* pubkey);
- typedef int (*gnutls_trust_db_store_commitment_func) (const char* db_name,
+ typedef int (*gnutls_tdb_store_commitment_func) (const char* db_name,
const char* host,
const char* service,
time_t expiration,
@@ -1675,26 +1675,21 @@ gnutls_ecc_curve_t
gnutls_ecc_curve_get(gnutls_session_t session);
/* searches for the provided host/service pair that match the
* provided public key in the database. */
- typedef int (*gnutls_trust_db_retr_func) (const char* db_name,
+ typedef int (*gnutls_tdb_retr_func) (const char* db_name,
const char* host,
const char* service,
const gnutls_datum_t *pubkey);
- typedef struct {
- gnutls_trust_db_store_func store;
- gnutls_trust_db_store_commitment_func cstore;
- gnutls_trust_db_retr_func retrieve;
- } trust_storage_st;
int gnutls_verify_stored_pubkey(const char* db_name,
- const trust_storage_st * tdb,
+ gnutls_tdb_retr_func retrieve,
const char* host,
const char* service,
gnutls_certificate_type_t cert_type,
const gnutls_datum_t * cert, unsigned int flags);
int gnutls_store_commitment(const char* db_name,
- const trust_storage_st * tdb,
+ gnutls_tdb_store_commitment_func ctore,
const char* host,
const char* service,
gnutls_digest_algorithm_t hash_algo,
@@ -1703,7 +1698,7 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t
session);
unsigned int flags);
int gnutls_store_pubkey(const char* db_name,
- const trust_storage_st * tdb,
+ gnutls_tdb_store_func store,
const char* host,
const char* service,
gnutls_certificate_type_t cert_type,
diff --git a/lib/verify-tofu.c b/lib/verify-tofu.c
index d4461ee..3881e55 100644
--- a/lib/verify-tofu.c
+++ b/lib/verify-tofu.c
@@ -34,11 +34,12 @@
#include <base64.h>
#include <gnutls/abstract.h>
#include <system.h>
+#include <locks.h>
static int raw_pubkey_to_base64(const gnutls_datum_t* raw, gnutls_datum_t *
b64);
static int x509_crt_to_raw_pubkey(const gnutls_datum_t * cert, gnutls_datum_t
*rpubkey);
static int pgp_crt_to_raw_pubkey(const gnutls_datum_t * cert, gnutls_datum_t
*rpubkey);
-static int find_stored_pubkey(const char* file,
+static int retrieve_pubkey(const char* file,
const char* host, const char* service,
const gnutls_datum_t* skey);
@@ -54,17 +55,12 @@ int store_pubkey(const char* db_name, const char* host,
static int find_config_file(char* file, size_t max_size);
#define MAX_FILENAME 512
-static const trust_storage_st default_storage =
-{
- store_pubkey,
- store_commitment,
- find_stored_pubkey
-};
+void *_gnutls_file_mutex;
/**
* gnutls_verify_stored_pubkey:
* @db_name: A file specifying the stored keys (use NULL for the default)
- * @tdb: A database structure or NULL to use the default
+ * @retrieve: A retrieval function or NULL to use the default
* @host: The peer's name
* @service: non-NULL if this key is specific to a service (e.g. http)
* @cert_type: The type of the certificate
@@ -75,8 +71,8 @@ static const trust_storage_st default_storage =
* a list of stored public keys. The @service field if non-NULL should
* be a port number.
*
- * The @tdb variable if non-null specifies a custom backend for
- * the storage and retrieval of entries. If it is NULL then the
+ * The @retrieve variable if non-null specifies a custom backend for
+ * the retrieval of entries. If it is NULL then the
* default file backend will be used. In POSIX-like systems the
* file backend uses the $HOME/.gnutls/known_hosts file.
*
@@ -97,7 +93,7 @@ static const trust_storage_st default_storage =
**/
int
gnutls_verify_stored_pubkey(const char* db_name,
- const trust_storage_st *tdb,
+ gnutls_tdb_retr_func retrieve,
const char* host,
const char* service,
gnutls_certificate_type_t cert_type,
@@ -110,7 +106,7 @@ char local_file[MAX_FILENAME];
if (cert_type != GNUTLS_CRT_X509 && cert_type != GNUTLS_CRT_OPENPGP)
return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
- if (db_name == NULL && tdb == NULL)
+ if (db_name == NULL && retrieve == NULL)
{
ret = find_config_file(local_file, sizeof(local_file));
if (ret < 0)
@@ -118,8 +114,8 @@ char local_file[MAX_FILENAME];
db_name = local_file;
}
- if (tdb == NULL)
- tdb = &default_storage;
+ if (retrieve == NULL)
+ retrieve = retrieve_pubkey;
if (cert_type == GNUTLS_CRT_X509)
ret = x509_crt_to_raw_pubkey(cert, &pubkey);
@@ -132,7 +128,7 @@ char local_file[MAX_FILENAME];
goto cleanup;
}
- ret = tdb->retrieve(db_name, host, service, &pubkey);
+ ret = retrieve(db_name, host, service, &pubkey);
if (ret < 0)
return gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND);
@@ -291,7 +287,7 @@ time_t expiration;
/* Returns the base64 key if found
*/
-static int find_stored_pubkey(const char* file,
+static int retrieve_pubkey(const char* file,
const char* host, const char* service,
const gnutls_datum_t* pubkey)
{
@@ -502,12 +498,19 @@ int store_pubkey(const char* db_name, const char* host,
const gnutls_datum_t* pubkey)
{
FILE* fd = NULL;
-gnutls_datum_t b64key;
+gnutls_datum_t b64key = { NULL, 0 };
int ret;
+ ret = gnutls_mutex_lock(&_gnutls_file_mutex);
+ if (ret != 0)
+ return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+
ret = raw_pubkey_to_base64(pubkey, &b64key);
if (ret < 0)
- return gnutls_assert_val(ret);
+ {
+ gnutls_assert();
+ goto cleanup;
+ }
fd = fopen(db_name, "ab+");
if (fd == NULL)
@@ -527,6 +530,8 @@ int ret;
cleanup:
if (fd != NULL)
fclose(fd);
+
+ gnutls_mutex_unlock(&_gnutls_file_mutex);
gnutls_free(b64key.data);
return ret;
@@ -559,7 +564,7 @@ char buffer[MAX_HASH_SIZE*2+1];
/**
* gnutls_store_pubkey:
* @db_name: A file specifying the stored keys (use NULL for the default)
- * @tdb: A database structure or NULL to use the default
+ * @store: A storage function or NULL to use the default
* @host: The peer's name
* @service: non-NULL if this key is specific to a service (e.g. http)
* @cert_type: The type of the certificate
@@ -571,12 +576,10 @@ char buffer[MAX_HASH_SIZE*2+1];
* the list of stored public keys. The key will be considered valid until
* the provided expiration time.
*
- * The @tdb variable if non-null specifies a custom backend for
- * the storage and retrieval of entries. If it is NULL then the
+ * The @store variable if non-null specifies a custom backend for
+ * the storage of entries. If it is NULL then the
* default file backend will be used.
*
- * Note that this function is not thread safe with the default backend.
- *
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
@@ -584,7 +587,7 @@ char buffer[MAX_HASH_SIZE*2+1];
**/
int
gnutls_store_pubkey(const char* db_name,
- const trust_storage_st* tdb,
+ gnutls_tdb_store_func store,
const char* host,
const char* service,
gnutls_certificate_type_t cert_type,
@@ -600,7 +603,7 @@ char local_file[MAX_FILENAME];
if (cert_type != GNUTLS_CRT_X509 && cert_type != GNUTLS_CRT_OPENPGP)
return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE);
- if (db_name == NULL && tdb == NULL)
+ if (db_name == NULL && store == NULL)
{
ret = _gnutls_find_config_path(local_file, sizeof(local_file));
if (ret < 0)
@@ -615,8 +618,8 @@ char local_file[MAX_FILENAME];
db_name = local_file;
}
- if (tdb == NULL)
- tdb = &default_storage;
+ if (store == NULL)
+ store = store_pubkey;
if (cert_type == GNUTLS_CRT_X509)
ret = x509_crt_to_raw_pubkey(cert, &pubkey);
@@ -630,7 +633,7 @@ char local_file[MAX_FILENAME];
_gnutls_debug_log("Configuration file: %s\n", db_name);
- tdb->store(db_name, host, service, expiration, &pubkey);
+ store(db_name, host, service, expiration, &pubkey);
ret = 0;
@@ -644,7 +647,7 @@ cleanup:
/**
* gnutls_store_commitment:
* @db_name: A file specifying the stored keys (use NULL for the default)
- * @tdb: A database structure or NULL to use the default
+ * @cstore: A storage function or NULL to use the default
* @host: The peer's name
* @service: non-NULL if this key is specific to a service (e.g. http)
* @hash_algo: The hash algorithm type
@@ -656,8 +659,8 @@ cleanup:
* the list of stored public keys. The key with the given
* hash will be considered valid until the provided expiration time.
*
- * The @tdb variable if non-null specifies a custom backend for
- * the storage and retrieval of entries. If it is NULL then the
+ * The @store variable if non-null specifies a custom backend for
+ * the storage of entries. If it is NULL then the
* default file backend will be used.
*
* Note that this function is not thread safe with the default backend.
@@ -669,7 +672,7 @@ cleanup:
**/
int
gnutls_store_commitment(const char* db_name,
- const trust_storage_st* tdb,
+ gnutls_tdb_store_commitment_func cstore,
const char* host,
const char* service,
gnutls_digest_algorithm_t hash_algo,
@@ -687,7 +690,7 @@ char local_file[MAX_FILENAME];
if (_gnutls_hash_get_algo_len(hash_algo) != hash->size)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
- if (db_name == NULL && tdb == NULL)
+ if (db_name == NULL && cstore == NULL)
{
ret = _gnutls_find_config_path(local_file, sizeof(local_file));
if (ret < 0)
@@ -702,12 +705,12 @@ char local_file[MAX_FILENAME];
db_name = local_file;
}
- if (tdb == NULL)
- tdb = &default_storage;
+ if (cstore == NULL)
+ cstore = store_commitment;
_gnutls_debug_log("Configuration file: %s\n", db_name);
- tdb->cstore(db_name, host, service, expiration, hash_algo, hash);
+ cstore(db_name, host, service, expiration, hash_algo, hash);
ret = 0;
diff --git a/tests/dtls/dtls b/tests/dtls/dtls
index 696266d..d63979e 100755
--- a/tests/dtls/dtls
+++ b/tests/dtls/dtls
@@ -33,5 +33,6 @@ fi
./dtls-stress -shello 102 -sfinished 01 -cfinished 120 SHello SHelloDone
CKeyExchange CFinished SChangeCipherSpec SFinished
./dtls-stress -shello 210 -sfinished 01 -cfinished 201 CChangeCipherSpec
SChangeCipherSpec SFinished
./dtls-stress -shello 021 -sfinished 10 -cfinished 210 SHello SHelloDone
SChangeCipherSpec CChangeCipherSpec CFinished
+./dtls-stress -shello 210 -sfinished 10 -cfinished 210 SHello SKeyExchange
SHelloDone CKeyExchange CChangeCipherSpec CFinished SChangeCipherSpec SFinished
exit 0
diff --git a/tests/dtls/dtls-nb b/tests/dtls/dtls-nb
index 63f87c1..915a4bc 100755
--- a/tests/dtls/dtls-nb
+++ b/tests/dtls/dtls-nb
@@ -33,5 +33,6 @@ fi
./dtls-stress -nb -shello 102 -sfinished 01 -cfinished 120 SHello SHelloDone
CKeyExchange CFinished SChangeCipherSpec SFinished
./dtls-stress -nb -shello 210 -sfinished 01 -cfinished 201 CChangeCipherSpec
SChangeCipherSpec SFinished
./dtls-stress -nb -shello 021 -sfinished 10 -cfinished 210 SHello SHelloDone
SChangeCipherSpec CChangeCipherSpec CFinished
+./dtls-stress -shello 210 -sfinished 10 -cfinished 210 SHello SKeyExchange
SHelloDone CKeyExchange CChangeCipherSpec CFinished SChangeCipherSpec SFinished
exit 0
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-248-gbc9d8d4,
Nikos Mavrogiannopoulos <=