NEWS

We have realized that the symbols TLS_MASTER_SIZE and TLS_RANDOM_SIZE
does not use the normal namespace.  We have added GNUTLS_MASTER_SIZE
and GNUTLS_RANDOM_SIZE, but the old symbols are still defined.

The following functions have been added to libgnutls:

GNUTLS_MASTER_SIZE
GNUTLS_RANDOM_SIZE
gnutls_crypto_bigint_register2
gnutls_crypto_cipher_register2
gnutls_crypto_digest_register2
gnutls_crypto_mac_register2
gnutls_crypto_pk_register2
gnutls_crypto_rnd_register2
gnutls_crypto_single_cipher_register2
gnutls_crypto_single_digest_register2
gnutls_crypto_single_mac_register2
gnutls_ext_register
gnutls_pk_get_id
gnutls_pk_get_name
gnutls_pk_list
gnutls_session_set_finished_function
gnutls_sign_get_id
gnutls_sign_get_name
gnutls_sign_list
gnutls_srp_set_prime_bits:
gnutls_strerror_name
gnutls_x509_crq_set_key_rsa_raw
gnutls_x509_crt_set_crl_dist_points2
gnutls_x509_crt_set_subject_alt_name

The following functions have been added to libgnutls-extra:

gnutls_register_md5_handler

** API and ABI modifications:
No changes since last version.

* Version 2.5.9 (released 2008-09-29)

** libgnutls: Fix several memory leaks.
Reported by Sam Varshavchik <mrsam@courier-mta.com>.

** libgnutls: Fix buffer overrun in gnutls_x509_crt_list_import.
Report and patch by Jonathan Manktelow.

** libgnutls: crypto.h gnutls_pk_params_st changes allocation strategy.
The parameters are now allocated in the structure itself.

** doc: Texinfo HTML manual uses a stylesheet to improve readability.

** tests: Scripts now use EXEEXT properly.
Modern libtool doesn't create wrapper script, so the self tests need
to invoke certtool.exe under MinGW32+Wine.

** Uses autoconf 2.63, automake 1.10.1, libtool 2.2.6a.
Automake warnings are now also enabled.

** API and ABI modifications:
gnutls_pk_params_st: MODIFIED

* Version 2.5.8 (released 2008-09-21)

** certtool: updated so it can add several subject alternative names using
the template file.

** libgnutls: gnutls_x509_crt_set_subject_alt_name() was added that can
either set or append alternative names. It can also handle binary structures
such as IP addresses.

** libgnutls: Fix crash in hashing code when using non-libgcrypt handlers.

** libgnutls: New function to set minimum acceptable SRP bits.
The function is gnutls_srp_set_prime_bits.  Tiny patch by Kevin Quick
<quick@sparq.org> in <https://savannah.gnu.org/support/index.php?106454>.

** libgnutls: Check for overflows in gnutls_calloc and gnutls_secure_calloc.
Also fix overflows in calls to those functions.  Reported by Werner
Koch <wk@gnupg.org>.

** libgnutls-extra: Add function to work with Libgcrypt in FIPS mode.
The function is gnutls_register_md5_handler.  When libgcrypt is in
FIPS mode, MD5 is disabled, but TLS normally requires use of MD5 in
the PRF.

** Opencdk: Add calls to gnutls_assert to ease debugging.

** Indent code.

** API and ABI modifications:
gnutls_srp_set_prime_bits: ADDED
gnutls_register_md5_handler: ADDED
gnutls_x509_crt_set_crl_dist_points2: ADDED
gnutls_x509_crt_set_subject_alt_name: ADDED

* Version 2.5.7 (released 2008-09-16)

** libgnutls: New interfaces to get name of public key and signing algorithms.
The functions are gnutls_sign_get_name and gnutls_pk_get_name.

** libgnutls: Don't crash when gnutls_credentials_set is called twice.

** libgnutls: Fix libgnutls shared library version.
It wasn't properly incremented after adding symbols in the last
release.

** manual: Now mention supported public key and public key signing algorithms.

** tests/openssl: initialize gnutls before use.

** tests/setcredcrash: New test to catch regressions of gnutls_credentials_set.

** GTK-DOC manual: mention new symbols in 2.6.x.  Mention crypto.h functions.

** API and ABI modifications:
gnutls_sign_get_name: ADDED
gnutls_pk_get_name: ADDED

* Version 2.5.6 (released 2008-09-08)

** libgnutls: Add interface to deal with public key and signature algorithms.
The functions are called gnutls_pk_list, gnutls_pk_get_id,
gnutls_sign_list, and gnutls_sign_get_id.  Suggested by Sam
Varshavchik <mrsam@courier-mta.com>.

** libgnutls: Refactor and clean up some code.

** libgnutls: Fix compile error with Sun CC.

** gnutls-cli: Improve --list output to include public key and signature algs.

** gnutls-cli, gnutls-serv: Remove --copyright parameter.
Use standard --version to get license info.

** gnutls-cli.1: Document all new parameters.
Thanks to James Westby <jw+debian@jameswestby.net>.

** tests: New self-test pgps2kgnu to test parsing of encrypted secrets.
Contributed by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.

** API and ABI modifications:
gnutls_pk_list: ADDED
gnutls_pk_get_id: ADDED
gnutls_sign_list: ADDED
gnutls_sign_get_id: ADDED

* Version 2.5.5 (released 2008-08-29)

** libgnutls: New API to get a string corresponding to a error symbol.
The function is gnutls_strerror_name.

** libgnutls: Fix include paths so that building with internal libtasn1 works.
Reported by "jth.net ApS" <info@jth.net>.

** libgnutls: Fix segmentation fault when generating private keys.
Reported by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.

** libgnutls: Remove code to import certificate chains in PKCS#7 format.
The code has not worked since v0.9.0 and apparently nobody has missed
it, so we decided to remove the code rather than fix it.  If you have
old certificate chains stored in PKCS#7 format, you can convert them
to a list of PEM certificates by using 'certtool --p7-info'.  Reported
by Christian Grothoff <christian@grothoff.org>.

** opencdk: Parse (but not decrypt) encrypted secret keys.
Contributed by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.

** libgnutls: Fix many warnings.

** Included copy of libtasn1 is upgraded to version 1.5.

** Add French translation, thanks to Nicolas Provost.

** API and ABI modifications:
gnutls_strerror_name: ADDED

* Version 2.5.4 (released 2008-08-19)

** Fix secure memory initialization of libgcrypt.
Reported by Joe Orton <joe@manyfish.co.uk> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2992>.

** Doc fixes.
Reference to NIST SP 800-57 in the manual on key size recommendations.
Added 'Since:' tags to new APIs for gtk-doc.

** API and ABI modifications:
No changes since last version.

* Version 2.5.3 (released 2008-08-14)

** libgnutls: New API to set the public parameters in a certificate request
** from a private key.
The function is gnutls_x509_crq_set_key_rsa_raw.  Inspired by
discussion with "Zach C." <fxchip@gmail.com>.

** libgnutls: New API to set a callback to extract TLS Finished data.
The function to register is gnutls_session_set_finished_function and
it takes a callback of the gnutls_finished_callback_func type.

** libgnutls: Drop final comma after GNUTLS_CRT_PRINT_UNSIGNED_FULL in enum.
Reported in <https://savannah.gnu.org/support/?106453>.

** libgnutls: Fix namespace problem with TLS_MASTER_SIZE and TLS_RANDOM_SIZE.
The new names are GNUTLS_MASTER_SIZE and GNUTLS_RANDOM_SIZE.  The old
names are mapped to the new names in compat.h.  These mappings will
likely be removed more quickly than other mappings in that file due to
the namespace violation.

** libgnutlsxx: Make it build when SRP is disabled.

** doc: Add doxygen files in doc/doxygen/.

** API and ABI modifications:
gnutls_x509_crq_set_key_rsa_raw: ADDED
gnutls_session_set_finished_function: ADDED
gnutls_finished_callback_func: ADDED
GNUTLS_MASTER_SIZE: ADDED
GNUTLS_RANDOM_SIZE: ADDED
TLS_MASTER_SIZE: DEPRECATED
TLS_RANDOM_SIZE: DEPRECATED

* Version 2.5.2 (released 2008-07-08)

** libgnutls: Fix bug in gnutls_dh_params_generate2.
The prime and generator was swapped.

** libgnutls: New interface to register a new TLS extension handler.
The new function gnutls_ext_register can be used to register handlers
for specific TLS extension types.  The callback functions have the new
types gnutls_ext_recv_func and gnutls_ext_send_func.  A type to
classify TLS extensions, gnutls_ext_parse_type_t, has been added as
well.

** Move more code for TLS/IA extension from libgnutls to libgnutls-extra.
This was made possible by using the new gnutls_ext_register interface.
The TLS/IA functionality has only been supported through the
libgnutls-extra library, so it makes sense for the code to belong
there too.

** API and ABI modifications:
gnutls_ext_recv_func: ADDED
gnutls_ext_send_func: ADDED
gnutls_ext_parse_type_t: ADDED
gnutls_ext_register: ADDED

* Version 2.5.1 (released 2008-07-02)

** Indent code.

** API and ABI modifications:
No changes since last version.

* Version 2.5.0 (released 2008-07-02)

** Port fixes from v2.4.1 release, see below.

** Added API to replace and update the crypto backend.
The header gnutls/crypto.h is now officially supported, and declares
the symbols below.

** Rewritten opencdk crypto backend, to use the gnutls internal one.

** Update gnulib and translations.
The gnulib gc crypto code has been removed since it was never finished
and is no longer even used.  An internal non-libgcrypt crypto
implementation may be added in the future, but we'll decide that later
on.

** API and ABI modifications:
gnutls_crypto_bigint_register2: ADDED.
gnutls_crypto_cipher_register2: ADDED.
gnutls_crypto_digest_register2: ADDED.
gnutls_crypto_mac_register2: ADDED.
gnutls_crypto_pk_register2: ADDED.
gnutls_crypto_rnd_register2: ADDED.
gnutls_crypto_single_cipher_register2: ADDED.
gnutls_crypto_single_digest_register2: ADDED.
gnutls_crypto_single_mac_register2: ADDED.

* Version 2.4.3 (released 2009-02-06)

** libgnutls: Accept chains where intermediary certs are trusted.
Before GnuTLS needed to validate the entire chain back to a
self-signed certificate.  GnuTLS will now stop looking when it has
found an intermediary trusted certificate.  The new behaviour is
useful when chains, for example, contains a top-level CA, an
intermediary CA signed using RSA-MD5, and an end-entity certificate.
To avoid chain validation errors due to the RSA-MD5 cert, you can
explicitly add the intermediary RSA-MD5 cert to your trusted certs.
The signature on trusted certificates are not checked, so the chain
has a chance to validate correctly.  Reported by "Douglas E. Engert"
<deengert@anl.gov> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.

** libgnutls: Permit V1 Certificate Authorities properly.
Before they were mistakenly rejected even though
GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT and/or
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT were supplied.  Reported by
"Douglas E. Engert" <deengert@anl.gov> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3351>.

** libgnutls: deprecate X.509 validation chains using MD5 and MD2 signatures.
This is a bugfix -- the previous attempt to do this from internal x509
certificate verification procedures did not return the correct value
for certificates using a weak hash.  Reported by Daniel Kahn Gillmor
<dkg@fifthhorseman.net> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3332>,
debugged and patch by Tomas Mraz <tmraz@redhat.com> and Daniel Kahn
Gillmor <dkg@fifthhorseman.net>.

** libgnutls: Fix chain verification for chains that ends with RSA-MD2 CAs.
Reported by Michael Kiefer <Michael-Kiefer@web.de> in
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507633> forwarded by
Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3309>.

** libgnutls: Fix crash in X.509 validation code for self-signed certificates.
The patch to fix the security problem GNUTLS-SA-2008-3 introduced a
problem for certificate chains that contained just one self-signed
certificate.  Reported by Michael Meskes <meskes@debian.org> in
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505279>.

** libgnutls: Fix X.509 certificate chain validation error. [GNUTLS-SA-2008-3]
The flaw makes it possible for man in the middle attackers (i.e.,
active attackers) to assume any name and trick GnuTLS clients into
trusting that name.  Thanks for report and analysis from Martin von
Gagern <Martin.vGagern@gmx.net>.  [CVE-2008-4989]

Any updates with more details about this vulnerability will be added
to <https://www.gnu.org/software/gnutls/security.html>

** libgnutls: Fix buffer overrun in gnutls_x509_crt_list_import.
Report and patch by Jonathan Manktelow.

** libgnutls: Avoid use of non-thread safe strerror.

** API and ABI modifications:
No changes since last version.

* Version 2.4.2 (released 2008-09-15)

** libgnutls: Don't crash when gnutls_credentials_set is called twice.

** libgnutls: Corrected memory leak in X.509 functions.
Thanks to Colin Leroy <colin@colino.net>.

** libgnutls: Fix compile error with Sun CC.

** gnutls-cli.1: Document all new parameters.
Thanks to James Westby <jw+debian@jameswestby.net>.

** tests/openssl: initialize gnutls before use.
Fixes crash with libgcrypt 1.4.2.  Reported by Ludovic Courtes
<ludovic.courtes@laas.fr>.

** doc/: Fix texinfo markup for old texinfo versions.

** Included copy of libtasn1 is upgraded to version 1.5.

** API and ABI modifications:
No changes since last version.

* Version 2.4.1 (released 2008-06-30)

** libgnutls: Fix local crash in gnutls_handshake.  [GNUTLS-SA-2008-2]
If the gnutls_handshake function is called for a normal session, which
can happen for re-handshakes, the library would crash because it tried
to hash some data using a libgcrypt handle that had been deallocated.
Report and tiny patch from Tomas Mraz <tmraz@redhat.com>.  Any updates
with more details about this vulnerability will be added to
<https://www.gnu.org/software/gnutls/security.html>

** libgnutls: Fix memory leaks when doing a re-handshake.
Reported by Sam Varshavchik <mrsam@courier-mta.com> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2928>.

** Fix compiler warnings.
Reported by Massimo Gaspari <massimo.gaspari@alice.it> in
<http://thread.gmane.org/gmane.network.gnutls.general/1281>.

** Fix ordering of -I's to avoid opencdk.h conflict with system headers.
Reported by Roman Bogorodskiy <novel@FreeBSD.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2930>.

** srptool: Fix a problem where --verify check does not succeed.
Report and tiny patch by Matthias Koenig <mkoenig@suse.de> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2944>.

** API and ABI modifications:
No changes since last version.

* Version 2.4.0 (released 2008-06-19)

** Major changes compared to the v2.2 branch:

*** The OpenPGP sub-system has been improved and now supports subkeys.

*** The PSK sub-system has been improved and now supports password
*** derivation and PSK identity hints.
The password derivation algorithms support is documented in
draft-ietf-netconf-tls-02.txt.

*** The certtool --inder and --outder has been replaced by --inraw and --outraw.
This aligns terminology with OpenPGP, which doesn't use DER encoding.
The old parameters will continue to work for some time.

*** Certtool now confirm passwords and changes permissions of private key files.

*** The default handshake size limit has been increased to 48kb.
It appears as if some valid handshakes are large due to sending many
CA certificates.  (The earlier limit was 16kb.)

*** LZO compression is now disabled by default.
The main reason is that LZO compression in TLS is not standardized,
but license compatiblity issues with minilzo triggered us to make this
decision now.

*** Improvements for cross-compilation to Windows and OpenWRT.

*** The look of the GTK-DOC manual has been improved.
Major developer visible changes compared to the v2.2 branch:

*** Full OpenPGP support is part of libgnutls, licensed under the LGPL.

*** New APIs to access the raw X.509 Subject and Issuer DN's and
*** elements from the certificate credentials structure.
Thanks to Joe Orton.

*** New APIs to improve working with username/passwords and PSK.

*** Names of constants to affect certificate printing changed.
The constants are used for OpenPGP too, which the names didn't
reflect, so the following name change has been made:

            Old name                         New name
     GNUTLS_X509_CRT_FULL            GNUTLS_CRT_PRINT_FULL
     GNUTLS_X509_CRT_ONELINE         GNUTLS_CRT_PRINT_ONELINE
     GNUTLS_X509_CRT_UNSIGNED_FULL   GNUTLS_CRT_PRINT_UNSIGNED_FULL

The old names will be mapped to the new names for some time.

*** The function gnutls_openpgp_privkey_get_id has been renamed to
*** gnutls_openpgp_privkey_get_key_id.
A compatibility mapping exists to avoid breaking API backwards
compatibility.

*** Replaced all uses of alloca with malloc and free.

*** We no longer build with -D_REENTRANT -D_THREAD_SAFE.
We have been unable to find a documented rationale for this practice.

*** Of course, many smaller fixes have been made, see the ChangeLog file.

*** API/ABI changes in GnuTLS 2.4
All OpenPGP related functions have been moved from libgnutls-extra to
libgnutls, and several new functions have been added (see below).
Before making the release, we discussed whether moving functions from
libgnutls-extra to libgnutls would require us to increment the ABI
version, but the general opinion was that this would not be required.
All older functions continue to work the same.  We are open to the
possibility that this decision will lead to problem on some platform,
and if it turns out that the Right Thing should have been to increment
the shared library version, we would need to release an update within
the 2.4.x branch that increments the shared library version.

This release adds the following functions:

  gnutls_psk_client_get_hint
  gnutls_psk_set_server_credentials_hint
  gnutls_psk_netconf_derive_key

    Used to get/set the PSK identity hint, and derive PSK keys from
    passwords a'la netconf.

  gnutls_x509_dn_deinit
  gnutls_x509_dn_export
  gnutls_x509_dn_import
  gnutls_x509_dn_init

    Used to handle X.509 Certificate DN's directly.

  gnutls_hex2bin

    Converts a data buffer to hex.  Useful for handling PSK/SRP shared
    secrets.

  gnutls_certificate_get_x509_cas
  gnutls_certificate_get_x509_crls
  gnutls_certificate_get_openpgp_keyring

    Functions for direct access to credential elements.

  gnutls_openpgp_crt_get_auth_subkey
  gnutls_openpgp_crt_get_key_id
  gnutls_openpgp_crt_get_pk_dsa_raw
  gnutls_openpgp_crt_get_pk_rsa_raw
  gnutls_openpgp_crt_get_preferred_key_id
  gnutls_openpgp_crt_get_revoked_status
  gnutls_openpgp_crt_get_subkey_count
  gnutls_openpgp_crt_get_subkey_creation_time
  gnutls_openpgp_crt_get_subkey_expiration_time
  gnutls_openpgp_crt_get_subkey_fingerprint
  gnutls_openpgp_crt_get_subkey_id
  gnutls_openpgp_crt_get_subkey_idx
  gnutls_openpgp_crt_get_subkey_pk_algorithm
  gnutls_openpgp_crt_get_subkey_pk_dsa_raw
  gnutls_openpgp_crt_get_subkey_pk_rsa_raw
  gnutls_openpgp_crt_get_subkey_revoked_status
  gnutls_openpgp_crt_get_subkey_usage
  gnutls_openpgp_crt_print
  gnutls_openpgp_crt_set_preferred_key_id
  gnutls_openpgp_keyring_get_crt
  gnutls_openpgp_keyring_get_crt_count
  gnutls_openpgp_privkey_export
  gnutls_openpgp_privkey_export_dsa_raw
  gnutls_openpgp_privkey_export_rsa_raw
  gnutls_openpgp_privkey_export_subkey_dsa_raw
  gnutls_openpgp_privkey_export_subkey_rsa_raw
  gnutls_openpgp_privkey_get_fingerprint
  gnutls_openpgp_privkey_get_key_id
  gnutls_openpgp_privkey_get_pk_algorithm
  gnutls_openpgp_privkey_get_preferred_key_id
  gnutls_openpgp_privkey_get_revoked_status
  gnutls_openpgp_privkey_get_subkey_count
  gnutls_openpgp_privkey_get_subkey_creation_time
  gnutls_openpgp_privkey_get_subkey_expiration_time
  gnutls_openpgp_privkey_get_subkey_fingerprint
  gnutls_openpgp_privkey_get_subkey_id
  gnutls_openpgp_privkey_get_subkey_idx
  gnutls_openpgp_privkey_get_subkey_pk_algorithm
  gnutls_openpgp_privkey_get_subkey_revoked_status
  gnutls_openpgp_privkey_set_preferred_key_id

    New OpenPGP related functions.

    The function gnutls_openpgp_crt_get_key_id is the same as the old
    from gnutls_openpgp_crt_get_id, see above.

The release also adds a new header file 'gnutls/crypto.h', however it
is currently not used.

** libgnutls [OpenPGP]: New APIs to retrieve fingerprint from OpenPGP subkeys.
Contributed by Daniel Kahn Gillmor <dkg-debian.org@fifthhorseman.net>.

** API and ABI modifications:
gnutls_openpgp_crt_get_subkey_fingerprint: ADDED.
gnutls_openpgp_privkey_get_subkey_fingerprint: ADDED.

* Version 2.3.15 (released 2008-06-15)

** Disable the openpgp-certs self-tests.
It results in failure under Wine and doesn't work on Debian buildds.

** API and ABI modifications:
No changes since last version.

* Version 2.3.14 (released 2008-06-11)

** libgnutls [OpenPGP]: Changed OpenPGP verification behaviour.
An OpenPGP certificate is now only considered verified if all the user
IDs are verified.

** Examples: Make C++ example compile.
Earlier it may have failed with an unresolved reference to strlen.

** Documentation: Doc fix for gnutls_x509_crt_get_extension_oid.
Reported by Sam Varshavchik <mrsam@courier-mta.com>.

** API and ABI modifications:
No changes since last version.

* Version 2.3.13 (released 2008-06-07)

** libgnutls [OpenPGP]: Make OpenPGP handshakes work again.

** doc/: Add psktool to info index.  Some minor cleanups.

** tests/: Added non-forking TLS handshake test, see tests/mini.c.

** tests/: Added libgcrypt.supp which can be used with valgrind.
The file suppresses the known libgcrypt memory leaks, so they aren't
printed when you run valgrind on the gnutls self-tests.  Use it as
follows: valgrind --suppressions=libgcrypt.supp ./x509self or add
'--suppressions=/home/you/src/gnutls/tests/libgcrypt.supp' to your
~/.valgrindrc file.

** tests/: Reduce amount of debugging output by default.
Use --verbose for each test to get the full output.

** tests/: Fix memory leaks in several self-tests.
None of the self tests should be leaking memory when running valgrind
or similar tools.  (Known exceptions are dhepskself, pskself, and
set_pkcs12_cred, which appear likely to be due to memory leaks in the
library.)

** API and ABI modifications:
No changes since last version.

* Version 2.3.12 (released 2008-06-04)

** Merge gnutls_with_netconf branch.

*** libgnutls [PSK]: New API to retrieve PSK identity hint in client.
The function is gnutls_psk_client_get_hint.

*** libgnutls [PSK]: New API to set PSK identity hint in server.
The function is gnutls_psk_set_server_credentials_hint.

*** libgnutls [PSK]: Support server key exchange with PSK identity hint.
In the client, the message is parsed and the application can use
gnutls_psk_client_get_hint to retrieve the hint.  In the server, the
message is sent if the application has specified a PSK identity hint
using gnutls_psk_set_server_credentials_hint.

*** libgnutls [PSK]: Support Netconf PSK key derivation.
The function gnutls_psk_netconf_derive_key supports the PSK key
derivation as specified in draft-ietf-netconf-tls-02.txt.  New self
test netconf-psk.c.

*** psktool: Support new --netconf-hint to generate PSK key from password.
Uses the Netconf algorithm to derive PSK key from password.

*** gnutls-serv: Support new --pskhint parameter to set PSK identity hint.

*** gnutls-cli: Always support PSK modes, through a callback.
The callback will derive a PSK key using Netconf algorithm.  It will
print the PSK identity hint to help the user.

*** New PSK example client and server.
See doc/examples/ex-client-psk.c and doc/examples/ex-serv-psk.c.

** libgnutls: Fix gnutls_x509_crl_set_version on arm platforms.
The code didn't work properly on platforms where 'char' is unsigned,
when you set version 0.  Reported by Laurence Withers
<l@lwithers.me.uk> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2825>.

** libgnutls-openssl: added RAND_pseudo_bytes API.
Patch from Robert Millan <rmh@aybabtu.com>.

** API and ABI modifications:
RAND_pseudo_bytes: ADDED to libgnutls-openssl.
gnutls_psk_client_get_hint: ADDED.
gnutls_psk_set_server_credentials_hint: ADDED.
gnutls_psk_netconf_derive_key: ADDED

* Version 2.3.11 (released 2008-05-20)

** Fix flaw in fix for GNUTLS-SA-2008-1-3.
The flaw would result in incorrectly terminated sessions with the
error "Decryption has failed" when the server sends a small packet
(typically when the session is closed).  Reported by Andreas Metzler
<ametzler@downhill.at.eu.org> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2807>.

** Don't use gnulib headers when building C++ library.
Fixes builds under Windows.

** Make umask a requirement.
We don't know of any system that lacks it, even GNU CoreUtils use it
unconditionally.

** Update gnulib files.
Fixes a problem where it pulled in a replacement for memcmp under
MinGW, which caused the C++ example to fail to build.

** API and ABI modifications:
No changes since last version.

* Version 2.3.10 (released 2008-05-19)

** Added wide wildcard hostname matching.
Tiny patch by Jean-Philippe Garcia Ballester.

** Fix three security vulnerabilities.  [GNUTLS-SA-2008-1]
Thanks to CERT-FI for finding the bugs and providing detailed reports,
which allowed the bugs to be reproduced and fixed easily.  Patches
developed by Simon Josefsson and Nikos Mavrogiannopoulos.  Any updates
with more details about these vulnerabilities will be added to
<https://www.gnu.org/software/gnutls/security.html>

*** [GNUTLS-SA-2008-1-1]
*** libgnutls: Fix crash when sending invalid server name.
The crash can be triggered remotely before authentication, which can
lead to a Daniel of Service attack to disable the server.  The bug
cause gnutls to store more session resumption data than what was
allocated for, thus overwriting unallocated memory.

*** [GNUTLS-SA-2008-1-2]
*** libgnutls: Fix crash when sending repeated client hellos.
The crash can be triggered remotely before authentication, which can
lead to a Daniel of Service attack to disable the server.  The bug
triggers a null-pointer dereference.

*** [GNUTLS-SA-2008-1-3]
*** libgnutls: Fix crash in cipher padding decoding for invalid record lengths.
The crash can be triggered remotely before authentication, which can
lead to a Daniel of Service attack to disable the server.  The bug
cause gnutls to read memory beyond the end of the received record.

** libgnutlsxx: Updated API according to patches from Eduardo
Villanueva Che (discussion at
<http://lists.gnu.org/archive/html/gnutls-devel/2007-02/msg00017.html>)

** Use umask to restrict permissions to owner before creating a file.

** API and ABI modifications:
No changes since last version.

* Version 2.3.9 (released 2008-05-16)

** libgnutls: Fix build failures if SRP/OpenPGP is disabled.
Based on report and tiny patches from
<jared.jennings.ctr@eglin.af.mil>, see
<https://savannah.gnu.org/support/index.php?106342>.

** libgnutls: Translation fixes.

** gnutls-cli: Fix so that PSK authentication works.
Also improve manual to give example for gnutls-cli PSK authentication.

** certtool: Encrypting a private key now require a confirmed password.
Before './certtool -k -8' would merely ask for a password once.
Reported by Daniel 'NebuchadnezzaR' Dehennin
<nebuchadnezzar@asgardr.info> see
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=364287>.

** certtool: When writing private keys to files, change permissions of file.
Now the file which the private key is saved to is chmod'ed 0600.
Reported by martin f krafft <madduck@debian.org> see
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=373169>.

** guile: Fix -fgnu89-inline test.

** Removed --enable-profile-mode.
The code linked gnutls with the libfc project (Function Check) which
appears to have been stalled since around 2002.

** Clean up header file checks by ./configure.

** Update of gnulib files.

** API and ABI modifications:
No changes since last version.

* Version 2.3.8 (released 2008-04-29)

** libgnutls: Increase default handshake packet size limit to 48kb.
The old limit was 16kb and some servers send huge list of trusted CAs,
thus running into the limit.  FYI, applications can further increase
this limit using gnutls_handshake_set_max_packet_length.  Thanks to
Marc Haber <mh+debian-bugs@zugschlus.de> and "Marc F. Clemente"
<marc@mclemente.net> for reporting and providing test servers.

** libgnutls: Add new error code: GNUTLS_E_HANDSHAKE_TOO_LARGE
Returned when the handshake data size is too large.  Before
GNUTLS_E_MEMORY_ERROR was used, which could be confused with other
error situations.

** libgnutls: Hide definitions in crypto.h.
We have decided that the APIs defined in crypto.h are not stable
enough for v2.4, so don't use any of those functions.

** gnutls-cli: exit when hostname doesn't match certificate.
Use --insecure to avoid hostname comparison.

** certtool: --inder and --outder replaced by --inraw and --outraw.
The reason is to align terminology with OpenPGP, which doesn't use
DER.  The old parameters will continue to work for some time.

** doc: Add section 'Index of new symbols in 2.4.0' to the GTK-DOC manual.

** doc: Many cosmetic fixes, to silence (most) gtk-doc warnings.

** Mingw32: Revert libgcrypt vasprintf work-around added in last release.
Use libgcrypt 1.4.1 or later when building on MinGW32, it removes the
vasprintf symbol from the libgcrypt library which caused problems.

** Update of gnulib files.

** tests: New self-test of crypto.h RNG code tests/crypto_rng.

** API and ABI modifications:
GNUTLS_E_HANDSHAKE_TOO_LARGE: ADDED.

* Version 2.3.7 (released 2008-04-21)

** opencdk now properly sets the key usage bits into openpgp keys.

** gnutls-cli: Fix crash on TLS handshake failures.
Reported by "Marc F. Clemente" <marc@mclemente.net> in Debian BTS #466477.
This is similar to <http://bugs.debian.org/429183>.

** certtool: with --generate-request and newly generated keys, print the key.

** Build fixes for MinGW.
Missing rpl_fseeko symbol in lib/opencdk/.  Better checks for linking
with -lws2_32 when needed.  Use ASCII only isprint() when printing
X.509 certificate information, to avoid non-ASCII but printable
characters.  Thanks to Massimo Gaspari <massimo.gaspari@alice.it> for
reports.

** Update internal copy of libtasn1 to version 1.4.

** API and ABI modifications:
No changes since last version.

* Version 2.3.6 (released 2008-04-17)

** Make gnutls_x509_crq_sign2 set certificate request version if not set.
** Improve documentation for gnutls_x509_crq_sign2.
Based on report from "John Brooks" <aspecialj@gmail.com> in
<http://permalink.gmane.org/gmane.network.gnutls.general/1154>.

** tests/pathlen: run diff without parameters to improve portability.
Based on HPUX build hints in
<http://hpux.cs.utah.edu/hppd/cgi-bin/wwwtar?/hpux/Gnu/gnutls-2.3.4/gnutls-2.3.4-src-11.11.tar.gz+gnutls-2.3.4/HPUX.Install+text>.

** Don't use %e specifier with strftime, it doesn't work under Windows.
Reported by Massimo Gaspari <massimo.gaspari@alice.it> in
<http://permalink.gmane.org/gmane.network.gnutls.general/1170>.

** Remove all uses of gnutls_alloca/gnutls_afree.
Use normal gnutls_malloc instead.  One reason is increased portability
to Windows, the other is that several of the uses may be unsafe
because the size of data allocated could be large.  Reported by
Massimo Gaspari <massimo.gaspari@alice.it> in
<http://permalink.gmane.org/gmane.network.gnutls.general/1170>.

** Build Guile code with -fgnu89-inline only when supported.
Reported by Kris Karas <ktk@enterprise.bidmc.harvard.edu> in
<http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2708>.

** Several GTK-DOC related fixes.

** Clean up OpenCDK related code.
GnuTLS now requires its internal OpenCDK code rather than the external
GPL library OpenCDK.  Unfortunately, we don't have resources to
maintain an external library (help welcome).

** API and ABI modifications:
No changes since last version.

* Version 2.3.5 (released 2008-04-14)

** Build fix for MinGW and --disable-shared.
Reported by Massimo Gaspari <massimo.gaspari@alice.it> in
<http://permalink.gmane.org/gmane.network.gnutls.general/1145>.

** Document how to generate CRLs.
Suggested by "Rainer Gerhards" <rgerhards@gmail.com>.

** Documented the --priority option to gnutls-cli and gnutls-serv.

** Several minor fixes in the OpenPGP interface.
Thanks to Daniel Kahn Gillmor.

** Fix fopen file descriptor leak in PSK server code.
Thanks to Laurence Withers <l@lwithers.me.uk>, see
<http://lists.gnu.org/archive/html/gnutls-devel/2008-04/msg00002.html>.

** Translations files not stored directly in git to avoid merge conflicts.

** New APIs to let applications replace the RNG used.
Update all RNG callers in the code to use the new interface.

** Guile code now built with -fgnu89-inline to fix inline semantic problem.

** Update gnulib files.

** API and ABI modifications:
gnutls_crypto_rnd_register: ADDED
gnutls_rnd_level_t: ADDED
GNUTLS_RND_KEY: ADDED, gnutls_rnd_level_t member
GNUTLS_RND_RANDOM: ADDED, gnutls_rnd_level_t member
GNUTLS_RND_NONCE: ADDED, gnutls_rnd_level_t member
gnutls_crypto_rnd_st: ADDED
GNUTLS_DIG_SHA224: ADDED
GNUTLS_SIGN_RSA_SHA224: ADDED
gnutls_openpgp_crt_get_auth_subkey: MODIFIED

* Version 2.3.4 (released 2008-03-19)

** Finish renaming of gnutls_certificate_export_x509_cas etc.
They weren't renamed in the public header file.

** Added functions to register a cipher/mac/digest. This allows to
override the included ones.

** Fix a bunch of compiler warnings.

** API and ABI modifications:
gnutls_crypto_cipher_st: ADDED
gnutls_crypto_mac_st: ADDED
gnutls_crypto_digest_st: ADDED
gnutls_crypto_cipher_register: ADDED
gnutls_crypto_mac_register: ADDED
gnutls_crypto_digest_register: ADDED
GNUTLS_E_CRYPTO_ALREADY_REGISTERED: ADDED

* Version 2.3.3 (released 2008-03-10)

** Fix build failure in libextra/gnutls_extra.c that needed opencdk.h.
Reported by Roman Bogorodskiy <novel@FreeBSD.org>.

** No longer compiled using -D_REENTRANT -D_THREAD_SAFE.
We could not find any modern justification for enabling these flags by
default.  If you know of some platform that needs one of the flags to
work properly, please let us know.  (Actually introduced in v2.3.0 but
not documented until now.)

** Importing many CA certificates are now considerably faster.
This affect gnutls_certificate_set_x509_trust_mem,
gnutls_certificate_set_x509_trust, and
gnutls_certificate_set_x509_trust_file.  The complexity was reduced
from O(2*n^2) to O(n).  When adding 206 files containing 408
certificates, using gnutls_certificate_set_x509_trust_file, the time
dropped from 40 seconds to 0.3 seconds.  Thanks to Edgar Fuß for code
to trigger the problem.  See also
<http://blog.josefsson.org/2008/02/27/real-world-performance-tuning-with-callgrind/>.

** Clarify documentation for gnutls_x509_crt_set_subject_alternative_name
** to be explicit that it takes zero terminated data.

** gnutls-cli --print-cert now print PKCS#3 format Diffie-Hellman parameters.

** Documentation fixes for the GTK-DOC manual.

** Fix compilation error related to __FUNCTION__ on some systems.
Reported by Tim Mooney, see
<https://savannah.gnu.org/support/?106267>.

** Updated translations.

** Update gnulib files.

** API and ABI modifications:
gnutls_hex2bin: MODIFIED, uses size_t instead of int for string length,
		and char* instead of void* for output buffer.

* Version 2.3.2 (released 2008-02-26)

** Fix srcdir!=objdir failure in openpgpself test.

** Improved API documentation output from GTK-DOC.

** Added gnutls_x509_dn_export(). Patch by Joe Orton.

** Renamed gnutls_certificate_export_x509_cas and friends.
See <http://lists.gnu.org/archive/html/gnutls-devel/2008-02/msg00043.html>.

** Internal header files cleanup.

** API and ABI modifications:
gnutls_certificate_export_x509_cas: RENAMED to gnutls_certificate_get_x509_cas
gnutls_certificate_export_x509_crls: RENAMED to gnutls_certificate_get_x509_crls
gnutls_certificate_export_openpgp_keyring: RENAMED to gnutls_certificate_get_openpgp_keyring
gnutls_x509_dn_export: ADDED

* Version 2.3.1 (released 2008-02-21)

** OpenPGP support merged into libgnutls and is now licensed under LGPL.
The included copy of OpenCDK has been stripped down and re-licensed
under the LGPL.

** Cipher priority string handling now handle strings that starts with NULL.
Thanks to Laurence Withers <l@lwithers.me.uk>.

** gnutls-cli: When -d is used, also prints RNG information from libgcrypt.

** Corrected memory leaks in session resuming and DHE ciphersuites. Reported
by Daniel Stenberg.

** Increased the default certificate verification chain limits and allowed
for checks without limitation.

** Corrected the behaviour of gnutls_x509_crt_get_subject_alt_name()
and gnutls_x509_crt_get_subject_alt_name() to not null terminate binary
strings and return the proper size.

** Add section 'On Record Padding' to the manual.
This collects all problems related to record padding with
Nokia/Sony-Ericsson phones that we know about.

** Several improvements in the OpenPGP authentication.
Now subkeys can be used for authentication, according to
draft-mavrogiannopoulos-rfc5081bis-00.txt.

** certtool can print information on OpenPGP certificates and keys.

** Added gnutls_x509_dn_import/init/deinit() to access raw DER DN.
Patch by Joe Orton.

** Added gnutls_certificate_export_x509_cas and other functions to
export elements from the certificate credentials structure.  Based on
suggestion from Joe Orton.

** Doc fixes.