Newer
Older
10001
10002
10003
10004
10005
10006
10007
10008
10009
10010
10011
10012
10013
10014
10015
10016
10017
10018
10019
10020
10021
10022
10023
10024
10025
10026
10027
10028
10029
10030
10031
10032
10033
10034
10035
10036
10037
10038
10039
10040
10041
10042
10043
10044
10045
10046
10047
10048
10049
10050
10051
10052
10053
10054
10055
10056
10057
10058
10059
10060
10061
10062
10063
10064
10065
10066
10067
10068
10069
10070
10071
10072
10073
10074
10075
10076
10077
10078
10079
10080
10081
10082
10083
10084
10085
10086
10087
10088
10089
10090
10091
10092
10093
10094
10095
10096
10097
10098
10099
10100
10101
10102
10103
10104
10105
10106
10107
10108
10109
10110
10111
10112
10113
10114
10115
10116
10117
10118
10119
10120
10121
10122
10123
10124
10125
10126
10127
10128
10129
10130
10131
10132
10133
10134
10135
10136
10137
10138
10139
10140
10141
10142
10143
10144
10145
10146
10147
10148
10149
10150
10151
10152
10153
10154
10155
10156
10157
10158
10159
10160
10161
10162
10163
10164
10165
10166
10167
10168
10169
10170
10171
10172
10173
10174
10175
10176
10177
10178
10179
10180
10181
10182
10183
10184
10185
10186
10187
10188
10189
10190
10191
10192
10193
10194
10195
10196
10197
10198
10199
10200
10201
10202
10203
10204
10205
10206
10207
10208
10209
10210
10211
10212
10213
10214
10215
10216
10217
10218
10219
10220
10221
10222
10223
10224
10225
10226
10227
10228
10229
10230
10231
10232
10233
10234
10235
10236
10237
10238
10239
10240
10241
10242
10243
10244
10245
10246
10247
- Added the new libtasn1 library.
- Removed the gdbm backend. Applications are now responsible for the
session resuming backend. The gnutls-serv application contains an
simple example on how to use gdbm for resuming.
- Headers for the gnutls library are now installed in $(includedir)/gnutls
- Added an OpenSSL compatible interface (with some limitations).
- Added functions to convert DER encoded certificates to XML format.
* Version 0.4.4 (2002-06-24)
- Corrected bug in PKCS-1 RSA encryption which prevented gnutls to encrypt
using keys of some specific size.
* Version 0.4.3 (2002-05-23)
- The gnutls-extra library now compiles fine, if the opencdk library is
not present.
- Several bug fixes.
- Added gnutls_global_set_mem_func() function, to set the memory allocation
functions, if other than the defaults are to be used.
- The default memory allocation functions are now the ones in libc.
* Version 0.4.2 (2002-05-21)
- Separated ASN.1 structures parser documentation and TLS library
documentation.
- Added gnutls_handshake_set_rsa_pms() function, which disables the
version check in RSA premaster secret.
- Added gnutls_session_is_resumed() function, which reports if a session
is a resumed one.
- Added gnutls_state_set_ptr() and gnutls_state_get_ptr() functions, to
assist in callback functions.
- Replaced the included 1024 bit prime for Diffie Hellman, with a new
random one.
- Relicensed the library under the GNU Lesser General Public License
- Added gnutls-extra library which contains the GPL covered code of gnutls.
* Version 0.4.1 (2002-04-07)
- Now uses alloca() for temporary variables
- Optimized RSA signing
- Added functions to return the peer's certificate activation and
expiration time.
- Corrected time function's behaviour (the time value returned no longer
relate to local timezone).
* Version 0.4.0 (2002-04-01)
- Added support for RFC2630 (PKCS7) X.509 certificate sets
- Added new functions: gnutls_x509_extract_certificate_pk_algorithm(),
gnutls_openpgp_extract_key_pk_algorithm().
- Several optimizations in the Handshake protocol
- Several optimizations in RSA algorithm
- Unified the return values because of small buffers.
* Version 0.3.92 (2002-03-23)
- Updated documentation
- Combined error codes of ASN.1 parser and gnutls
- Removed GNUTLS_CERT_TRUSTED from the CertificateStatus enumeration
- Added protection against CBC chosen plaintext attack (disabled by default)
- Improved and optimized compression support
* Version 0.3.91 (2002-03-03)
- Added gnutls-cli-debug program
- Corrections in session resumption
- Rehandshake can now handle negotiation of different authentication
type.
- gnutls-cli, gnutls-serv, gnutls-srpcrypt and gnutls-cli-debug are
now being installed.
* Version 0.3.90 (2002-02-24)
- Handshake messages are not kept in memory any more. Now we use
less memory during a handshake
- Added support for certificates with DSA parameters
- Added DHE_DSS cipher suites
- Key exchange methods changed so they do not depend on the
certificate type. Added certificate type negotiation TLS extension.
- Added openpgp key support (EXPERIMENTAL)
- Improved Diffie Hellman key exchange support.
- Bug fixes in the RSA key exchange.
- Added check for the requested TLS extensions
- TLS extensions now use a 16 bit type field.
- Added a minimal string library to assist in ASN.1 parsing
- Changes in ASN.1 parser to work with the new bison
- Added gnutls_x509_extract_subject_alt_name(), which deprecates
gnutls_x509_extract_subject_dns_name()
- gnutls_x509_set_trust_(file/mem) can now be called multiple times
- gnutls_srp_server_set_cred_file() can now be called multiple times
* Version 0.3.5 (2002-01-25)
- Corrected the RSA key exchange method, to avoid attacks against
PKCS-1 formating.
* Version 0.3.4 (2002-01-20)
- Corrected bugs in DHE_RSA key exchange method
* Version 0.3.3 (2002-01-19)
- Added gnutls_x509pki_verify_certificate()
- Added gnutls_x509pki_set_trust_mem() and gnutls_x509pki_set_key_mem()
- Bug fixes in srpcrypt (based on patch by Marc Huber)
- Bug fixes in the Handshake protocol (based on patch by Guillaume Morin)
- Corrected library versioning
* Version 0.3.2 (2002-01-05)
- Corrected bug which did not allow a client to accept multiple CA names
- Added gnutls_fingerprint()
- Added gnutls_x509pki_extract_certificate_serial()
- Added gnutls_b64_encode_fmt() and gnutls_b64_decode_fmt()
- Corrected behaviour in version advertizing
- Updated documentation
- Prefixed all types in gnutls.h with 'GNUTLS_' to avoid namespace collisions
* Version 0.3.1 (2001-12-21)
- Corrections in the configuration files
- Fixes a bug in anonymous authentication
* Version 0.3.0 (2001-12-17)
- Corrected bug in new integer formatting (now we use the old format again)
- Several corrections and usual cleanups
* Version 0.2.91 (2001-12-10)
- Fixes in MPI handling (fixes possible bug with signed integers)
- Removed name indication extension
- Added gnutls_transport_get_ptr() and gnutls_db_get_ptr()
- Optimizations in server certificate callback.
- Fixes in anonymous authentication
- Corrections in client ciphersuite selection
* Version 0.2.90 (2001-12-07)
- gnutls_handshake(), gnutls_read() etc. functions no longer require
the 'SOCKET cd' argument. This argument is set using the function
gnutls_set_transport_ptr().
- introduced gnutls_x509pki_get_peer_certificate_list(). This function returns
a list containing peer's certificate and issuers DER encoded.
- Updated X.509 certificate handling API
- Added callback to select the server certificate
- More consistent function naming (changes in several function names)
- Buffer overflow checking in ASN.1 structures parser
- Updated documentation
* Version 0.2.11 (2001-11-16)
- Changed the meaning of GNUTLS_E_REHANDSHAKE value. If this value
is returned, then the caller should perform a handshake or send
an alert to the peer.
- Made receive buffer dynamic. Normally if no large chunks are received
it occupies less space.
- Added max_record_size extension
- Bugfixes in session handling
- Improved non blocking IO support in the Handshake Protocol
- Usual bugfixes and cleanups
- Documentation updated (includes ASN.1 documentation)
* Version 0.2.10 (2001-11-05)
- Corrected bugs and improved non blocking IO
- Added hooks to use external database to store sessions
- Usual cleanups
* Version 0.2.9 (2001-10-27)
- AUTH_INFO types and structures were moved to library internals
- AUTH_FAILED is no longer returned in SRP authentication
(any fatal error in SRP means auth failed)
- Introduced GNUTLS_E_INTERRUPTED
- Added support for non blocking IO
- gnutls_recv() and gnutls_send() are now obsolete
- Changed semantics of gnutls_rehandshake()
* Version 0.2.4 (2001-10-12)
- Better handling of X.509 certificate extensions
- Added DHE_RSA ciphersuites
- Updated the Name Indication (dnsname) extension
- Improvements in Diffie Hellman primes handling
* Version 0.2.3 (2001-09-19)
- Memory optimizations in gnutls_recv()
- Fixed several memory leaks
- Added ability to specify callback for x509 client certificate selection
- Better documentation
* Version 0.2.2 (2001-08-21)
- Several bugfixes (library and documentation)
* Version 0.2.1 (2001-08-07)
- SRP fixes
* Version 0.2.0 (2001-08-07)
- Partial support for X.509v3 Certificate extensions.
- Added Internal memory handlers
- Removed gnutls_x509_set_cn()
- Added X.509 client authentication
- Several bug fixes and protocol fixes
* Version 0.1.9 (2001-07-30)
- Corrected bug(s) in ChangeCipherSpec packet (fixes renegotiate)
- SRP is updated to conform to the newest draft.
- Added support for DNSNAME extension.
- Reentracy fixes in ASN.1 Parsing.
- Optimizations in hash/hmac functions
- (Error) message handling has changed
- Better Protocol Version handling
- Added X.509 Certificate Verification
- gnutls_read() semantics are now closer to read(2) - added EOF
- Documented some part of gnutls in doc/tex/ using Latex
* Version 0.1.4 (2001-06-22)
- Corrected (srp) base64 encoding.
- Changed bcrypt algorithm to include username.
- Added RSA Ciphersuites (no certificate checking).
- Fixes in SSL 2.0 client hello parsing.
- Added ASN.1 and DER parsers.
- Bugfixes in session resuming
- Updated Ciphersuite selection algorithm
- Added internal representation of X.509 structures.
- Added global state
* Version 0.1.3 (2001-06-01)
- Updated API (and the way it is documented - we use inline documentation)
- Added function to access alert messages.
- Added support for renegotiating parameters.
- Better and Faster Resume Database handling.
- Several bugfixes
* Version 0.1.2 (2001-05-14)
- Updated API
- Fixes in extension handling
* Version 0.1.1 (2001-05-13)
- Added compatibility with Stanford's libsrp library
* Version 0.1.0 (2001-05-09)
- Added SSL 2.0 client hello support
- GNUTLS is a gnu library
- Added support for TLS extensions.
- Added support for SRP
* Version 0.0.7 (2001-01-11)
- Added server side session resuming (using gdbm)
- Added twofish algorithm
* Version 0.0.6 (2000-12-20)
- Added client side session resuming
- Better documentation (check doc/API)
- Better socket handling (gnutls can be used with select())
- Some primitive support for non blocking IO and socket options has been added.
* Version 0.0.5 (2000-12-07)
- Added Compression (using ZLIB)
- Added SSL 3.0 support
----------------------------------------------------------------------
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.