This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GNU gsasl".
http://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=a09813e9a258ddb51fa4fff1b093e1d528ebc9c6 The branch, master has been updated via a09813e9a258ddb51fa4fff1b093e1d528ebc9c6 (commit) from 485b2a51b7e73050dad653511640c3cbf1a209e4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a09813e9a258ddb51fa4fff1b093e1d528ebc9c6 Author: Simon Josefsson <[email protected]> Date: Thu Dec 9 19:07:42 2010 +0100 gsasl: Add --no-cb command line parameter. ----------------------------------------------------------------------- Summary of changes: NEWS | 2 ++ doc/gsasl.texi | 1 + src/callbacks.c | 5 +++-- src/gsasl.ggo | 3 ++- 4 files changed, 8 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 4ec4521..1a9318f 100644 --- a/NEWS +++ b/NEWS @@ -8,6 +8,8 @@ SASL. That include the manual, the command line tool, and self tests. * Version 1.5.5 (unreleased) [beta] +** gsasl: Add --no-cb to disable use of TLS channel bindings. + * Version 1.5.4 (released 2010-11-14) [beta] ** Update gnulib files. diff --git a/doc/gsasl.texi b/doc/gsasl.texi index d87e925..b7d1496 100644 --- a/doc/gsasl.texi +++ b/doc/gsasl.texi @@ -2302,6 +2302,7 @@ terminal. STARTTLS when available. (default=off) --no-starttls Unconditionally disable STARTTLS. (default=off) + --no-cb Don't set any channel bindings. (default=off) --x509-ca-file=FILE File containing one or more X.509 Certificate Authorities certificates in PEM format, used to verify the certificate received from the diff --git a/src/callbacks.c b/src/callbacks.c index c21aecd..b299930 100644 --- a/src/callbacks.c +++ b/src/callbacks.c @@ -84,10 +84,11 @@ callback (Gsasl * ctx, Gsasl_session * sctx, Gsasl_property prop) break; case GSASL_CB_TLS_UNIQUE: - if (b64cbtlsunique == NULL && args_info.hostname_arg == NULL) + if (!args_info.no_cb_flag && b64cbtlsunique == NULL + && args_info.hostname_arg == NULL) b64cbtlsunique = readutf8line ("Enter base64 encoded tls-unique channel binding: "); - if (b64cbtlsunique && *b64cbtlsunique) + if (!args_info.no_cb_flag && b64cbtlsunique && *b64cbtlsunique) gsasl_property_set (sctx, prop, b64cbtlsunique); rc = GSASL_OK; break; diff --git a/src/gsasl.ggo b/src/gsasl.ggo index 8c44c57..4842b27 100644 --- a/src/gsasl.ggo +++ b/src/gsasl.ggo @@ -1,4 +1,4 @@ -# Copyright (C) 2002, 2003, 2004, 2005, 2007, 2008, 2009 Simon Josefsson +# Copyright (C) 2002, 2003, 2004, 2005, 2007, 2008, 2009, 2010 Simon Josefsson # # This file is part of GNU SASL. # @@ -53,6 +53,7 @@ option "quality-of-protection" - "How application payload will be protected. 'qo section "STARTTLS options" option "starttls" - "Force use of STARTTLS. The default is to use STARTTLS when available." flag off option "no-starttls" - "Unconditionally disable STARTTLS." flag off +option "no-cb" - "Don't use channel bindings from TLS." flag off option "x509-ca-file" - "File containing one or more X.509 Certificate Authorities certificates in PEM format, used to verify the certificate received from the server. If not specified, no verification of the remote server certificate will be done." string typestr="FILE" no option "x509-cert-file" - "File containing client X.509 certificate in PEM format. Used together with --x509-key-file to specify the certificate/key pair." string typestr="FILE" no option "x509-key-file" - "Private key for the client X.509 certificate in PEM format. Used together with --x509-key-file to specify the certificate/key pair." string typestr="FILE" no hooks/post-receive -- GNU gsasl _______________________________________________ Gsasl-commit mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gsasl-commit
