From d1922841f4226039c9eaf402d2c426dc25b8c8cc Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 8 Oct 2012 21:16:21 +0200 Subject: [PATCH] libdane -> libgnutls-dane --- NEWS | 4 ++-- doc/cha-cert-auth.texi | 4 +++- doc/cha-functions.texi | 2 +- libdane/Makefile.am | 24 ++++++++++++------------ 4 files changed, 18 insertions(+), 16 deletions(-) diff --git a/NEWS b/NEWS index 648dea49c..6c9d24443 100644 --- a/NEWS +++ b/NEWS @@ -22,8 +22,8 @@ response corresponds to the given certificate. OCSP certificate status request extensions by default. The flag GNUTLS_NO_EXTENSIONS can be used to prevent that. -** libdane: Added. It is a library to provide DANE with DNSSEC certificate -verification. +** libgnutls-dane: Added. It is a library to provide DANE with DNSSEC +certificate verification. ** certtool: The --dane-rr option generates DANE TLSA Resource Records (RR). diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi index 05246e14a..bea622562 100644 --- a/doc/cha-cert-auth.texi +++ b/doc/cha-cert-auth.texi @@ -499,7 +499,7 @@ of the DNSSEC infrastructure to verify TLS certificates. This can be in addition to the verification by commercial CA infrastructure or could even replace it where DNSSEC is deployed. -The DANE functionality is provided by the @code{libdane} library that is shipped +The DANE functionality is provided by the @code{libgnutls-dane} library that is shipped with GnuTLS and the function prototypes are in @code{gnutls/dane.h}. The high level verification functions are shown below. @@ -516,6 +516,8 @@ indicate the status of the verification. @showenumdesc{dane_verify_status_t,The DANE verification status flags.} +In order to generate a DANE TLSA entry to use in a DNS server +you may use certtool's DANE commands (see @ref{certtool Invocation}). @node Digital signatures @section Digital signatures diff --git a/doc/cha-functions.texi b/doc/cha-functions.texi index 549767c84..da86cc4b2 100644 --- a/doc/cha-functions.texi +++ b/doc/cha-functions.texi @@ -98,7 +98,7 @@ Their prototypes lie in @file{gnutls/abstract.h}. The following functions are to be used for DANE certificate verification. Their prototypes lie in @file{gnutls/dane.h}. Note that you need to link -with the @code{libdane} library to use them. +with the @code{libgnutls-dane} library to use them. @include dane-api.texi diff --git a/libdane/Makefile.am b/libdane/Makefile.am index 87a9413da..65a5d5f55 100644 --- a/libdane/Makefile.am +++ b/libdane/Makefile.am @@ -35,31 +35,31 @@ defexecdir = $(bindir) defexec_DATA = -libdane_la_LDFLAGS = -no-undefined +libgnutls_dane_la_LDFLAGS = -no-undefined if ENABLE_DANE -lib_LTLIBRARIES = libdane.la +lib_LTLIBRARIES = libgnutls-dane.la -libdane_la_SOURCES = dane.c errors.c libdane.map +libgnutls_dane_la_SOURCES = dane.c errors.c libdane.map -libdane_la_LIBADD = ../gl/libgnu.la \ +libgnutls_dane_la_LIBADD = ../gl/libgnu.la \ ../lib/libgnutls.la -libdane_la_LDFLAGS += -version-info $(LT_DANE_CURRENT):$(LT_DANE_REVISION):$(LT_DANE_AGE) +libgnutls_dane_la_LDFLAGS += -version-info $(LT_DANE_CURRENT):$(LT_DANE_REVISION):$(LT_DANE_AGE) -libdane_la_LIBADD += $(LIBSOCKET) $(UNBOUND_LIBS) +libgnutls_dane_la_LIBADD += $(LIBSOCKET) $(UNBOUND_LIBS) if HAVE_LD_VERSION_SCRIPT -libdane_la_LDFLAGS += -Wl,--version-script=$(srcdir)/libdane.map +libgnutls_dane_la_LDFLAGS += -Wl,--version-script=$(srcdir)/libdane.map else -libdane_la_LDFLAGS += -export-symbols-regex '^(dane).*' +libgnutls_dane_la_LDFLAGS += -export-symbols-regex '^(dane).*' endif if HAVE_LD_OUTPUT_DEF -libdane_la_LDFLAGS += \ - -Wl,--output-def,libdane-$(DLL_VERSION).def -libdane-$(DLL_VERSION).def: libdane.la -defexec_DATA += libdane-$(DLL_VERSION).def +libgnutls_dane_la_LDFLAGS += \ + -Wl,--output-def,libgnutls-dane-$(DLL_VERSION).def +libgnutls_dane-$(DLL_VERSION).def: libgnutls-dane.la +defexec_DATA += libgnutls-dane-$(DLL_VERSION).def endif endif -- 2.11.4.GIT